From: Ben Holiday <ncognito@gate.net>
Date: Fri, 8 Mar 1996 01:37:23 +0800
To: cypherpunks@toad.com
Subject: Re: Steganography idea: CU-SeeMe
In-Reply-To: <199603061134.MAA17301@utopia.hacktic.nl>
Message-ID: <Pine.A32.3.91.960306173520.65536B-100000@hopi.gate.net>
MIME-Version: 1.0
Content-Type: text/plain




On Wed, 6 Mar 1996, Anonymous wrote:

> On Wed, 6 Mar 1996, Nelson Minar wrote:
> 
> [Re: data steams to put steno in]
> > So here's one idea I've had as a place to hide a channel: network
> > video, in particular CU-SeeMe video streams. CU-SeeMe is a lowtech
> 
> That's an excellent idea.
> 

[lots of snippage]

Another problem is that in order to get a decent frame-rate CU-SeeMe does 
some image editing of its own: selectively sending only the portions of 
an image that have changed (I.e. the portion of the image that is a 
person who is moving is sent, The bookshelves in the background are not.) 
This could probably be easily gotten around however. 

This seems like a decent idea, however, once the initial obstacles have 
been overcome.. one typical problem with steg is the small number of bits 
that can be hidden.. i beleive a ratio of 1k per 100k is typical. Far too 
small to be useful for most people. Over the course of an hour long 
CU-SeeMe session however you could easily move enough data back and forth 
to provide adequate cover for a reasonablly long bit of cyphertext. 

As long as we're on the subject of stego, has anyone 
discussed/implemented subliminal streams in raw TCP packets? Seems 
possible to do at least on a point to point basis. If you could stash 
your data in the tcp packet itself, it wouldnt matter much what was 
actually being sent across the link. Some possibilities: a telnet client 
with a stegometer that would count the number of hidden bits remaining to 
be sent.. chat clients similarly equiped, etc. Then you could start up 
any client you choose and send data across it until you had gotten enough 
bits to complete transmission of your stego'd file.. just a thought.. ;)



Benji..