×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Encrypt Information In Images Without Distortion

CowboyNeal posted more than 11 years ago | from the practical-steganography dept.

Encryption 236

Nomikos writes "C|Net reports: Researchers have created a new way to encrypt information in a digital image and extract it later without any distortion or loss of information. A team of scientists from Xerox and the University of Rochester said that the technique, called reversible data hiding, could be used in situations that require proof that an image has not been altered."

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

236 comments

I'm an early adopter. (-1, Offtopic)

Anonymous Coward | more than 11 years ago | (#4518841)

Well, that's incredible. I have a good example of what this can do at Image example. [ravenblack.net]

MYSQL buckles under the load again! (-1, Offtopic)

Anonymous Coward | more than 11 years ago | (#4518842)

When, oh when, will Slashdot dump myaql for a higher quality replacement?

With a recent NY Times article saying that OSDN is (barely) profitable, isn't it nearly time to reinvest some of those gains in self-improvement?

Isn't it time to abandon the low-quality opensource mysql, and replace it with a commercial solution? Failing that, how about postgresql?

Re:MYSQL buckles under the load again! (-1, Offtopic)

Anonymous Coward | more than 11 years ago | (#4518850)

OSDN will be gone in less than 2 years.

I'll laugh when it happens.

Slashdot has degraded into microsoft bashing, while hosting microsoft ads. I'm nearly certain a majority of slashdot readers USE microsoft, but the posting tools insist on bashing because the editing tools post pathetic anti-MS stories.

good riddance, OSDN.

Re:MYSQL buckles under the load again! (-1)

Anonymous Coward | more than 11 years ago | (#4518858)

OSDN will live forever because its based on Linux. Linux is here to stay wether you like it or not. Microsoft has no say on free software and can't muscle free things out of the business. What do you say to that?

Re:MYSQL buckles under the load again! (-1, Offtopic)

Anonymous Coward | more than 11 years ago | (#4518868)

I say that mysql sucks, and that Slashdot is only hurting itself by continuing to use it, what with the daily (or more frequent) database server failures.

Re:MYSQL buckles under the load again! (-1, Offtopic)

b0r1s (170449) | more than 11 years ago | (#4518900)

I offer you the following picture.

Here [unixconsults.com] .

Huh? (1, Insightful)

Anonymous Coward | more than 11 years ago | (#4518926)

WTF is this supposed to prove?

Re:Huh? (-1, Offtopic)

Anonymous Coward | more than 11 years ago | (#4518929)

microsoft ads on the front page?

it doesnt prove anything. it's just fucking hilarious.

Re:Huh? (0, Offtopic)

b0r1s (170449) | more than 11 years ago | (#4518956)

It isn't meant to prove anything. I actually LIKE microsoft, I just find it funny that the mass of readership here pretends to hate them for some undefined reason, as do the editors, yet the editors still run their ads in prominent locations.

If the editors/owners of this site had any moral fiber, they'd stand by their comments and not run Microsoft ads at all. It'd be a completely stupid business decision, but that would be the way true "Open source advocates" would handle the situation.

Re:Huh? (-1, Troll)

Anonymous Coward | more than 11 years ago | (#4518982)

The editors are Mac weenies now, remember? This proves that they have no moral fibre, in case you're wondering.

Re:Huh? (-1, Offtopic)

Anonymous Coward | more than 11 years ago | (#4518992)

everyone knows they have no moral fibre. that isnt new at all.

This has been done forever. (4, Funny)

packeteer (566398) | more than 11 years ago | (#4518846)

People have been doing this for some time. You simply print out the data. Take a photo of it. Scanthe photo. Send the photo. No distortion of the image with the data on it.

Re:This has been done forever. (5, Interesting)

Valar (167606) | more than 11 years ago | (#4518864)

This isn't really feasible if you are trying to extract the data losslessly. The original image file will not match with the extracted file. There is loss in the printing (ink smudge, low resolution printer), loss in the photography (ambient light, noise on the film, thumb in front of lens) and loss in the scanning process. As a result, even if the scanned image is in the same format as the original, there is still loss.

Re:This has been done forever. (2, Interesting)

LinuxInDallas (73952) | more than 11 years ago | (#4518996)

I'm assuming that the parent of your message was using a little humor in saying you can simply scan something and retrieve its contents perfectly.

That being said, depending on the type of data you scan you may very well be able to retrieve it all. As a simple example, you can scan a page of plain text and get it all back via OCR with good reliability. I would guess that with a high enough quality scanner you could get pixel-level-accurate scans of a high quality printing. That equipment is probably out of most of our budgets though.

Re:This has been done forever. (-1, Offtopic)

Anonymous Coward | more than 11 years ago | (#4518876)

bash: unmou: command not found
bash: nt: command not found
bash: unmount: command not found

Re:This has been done forever. (0, Offtopic)

packeteer (566398) | more than 11 years ago | (#4518890)

The space in my sig is space in my sig is part of anti-page-widening post screens. I have no control over it.

Also ive heard this same thing a million times. These are not bash shell commands. Not all shells use "umount" to unmount a volume.

Re:This has been done forever. (-1, Offtopic)

Anonymous Coward | more than 11 years ago | (#4518920)

shells control the umount command?

the hell you say?

new to unix, aren't you?

Re:This has been done forever. (0)

Anonymous Coward | more than 11 years ago | (#4518935)

If you've heard it a million times then why don't you do something about it ? Perhaps you feel superior subjecting everyone to your inane and badly spelt BS ? Your post looks like a dog spewed on your keyboard.

No loss of information? (0)

Anonymous Coward | more than 11 years ago | (#4518852)

Store your stuff in the comment area of the gif/jpeg file.

Re:No loss of information? (1)

sashang (608223) | more than 11 years ago | (#4518873)

I think this is different. They're modifying the data at the pixel level, not in some file specific field.

Re:No loss of information? (1)

stellar7 (309788) | more than 11 years ago | (#4518877)

I wonder just how much you would be able to store in an image. I would think there would only be a certain percentage of the total data that you could store per a certain image size. Anybody know any specifics?

Make Distortion Open Source (0, Funny)

Lieutenant_Dan (583843) | more than 11 years ago | (#4518855)

I think the best way to improve the quality of the distortion is to make it Open Source. By providing easy access to vast quantities of distortion can the Open Source community developers reach new heights in the field of encryption.

Only when tapping into the enormous resources contained within the Open Source community of developers can we allow UHF signals to break the strangle-hold that digital television has on the lives of the average Brazilian.

porn (5, Funny)

Transient0 (175617) | more than 11 years ago | (#4518861)

So I'll finally be able to verify whether or not that's a REAL picture of Britney Spears getting it on with a dalmation?

SWEET!

Holy Cow!! This Is Awesome! (0, Troll)

Bowie J. Poag (16898) | more than 11 years ago | (#4518863)



Wow, lossless data encryption!! I'm impressed!

Rumor has it they're going to call it "ROT13".

Sheesh...Is it really that hard to author a post that doesn't insult the intelligence of 80% of your readers?

Cheers,

Re:Holy Cow!! This Is Awesome! (5, Interesting)

packeteer (566398) | more than 11 years ago | (#4518912)

They are refering to water marks. This is not about "encryption" or even "stenography". The problem is proving a document is original. Normally you put and ugly water mark on the image. With this techinque you can put the water mark in but you also put in data "securly encrypted of course" about how to get the water mark out.

Sheesh i feel dirty now that i have summed up the whole article because people post before they read it.

Re:Holy Cow!! This Is Awesome! (2, Funny)

broken_bones (307900) | more than 11 years ago | (#4518960)

Quoting packeteer:

Sheesh i feel dirty now that i have summed up the whole article because people post before they read it.

I find it amusing that you say this when your first post [slashdot.org] to this thread was at 10:29, just three minutes after the article was posted. You sure must read fast...

Re:Holy Cow!! This Is Awesome! (2)

packeteer (566398) | more than 11 years ago | (#4518989)

Actually i do read fast. But i have also read the article already. And i know a fair bit about the subject. And besides my first post to this article was joking around. I just felt i might as well throw it out there at the beggining. Then i waited to maybe share my knowledge but people like you jsut throw around uninformed comments.

Re:Holy Cow!! This Is Awesome! (0)

Anonymous Coward | more than 11 years ago | (#4519146)

you must not know packeteer. this son of a bitch is a babbling fucking cretin who types with his elbows, never makes sense, and will reply endlessly and incoherently to anyone who criticizes him. a true slashdot icon.

Re:Holy Cow!! This Is Awesome! (1)

packeteer (566398) | more than 11 years ago | (#4519192)

Awwww i even have AC's posting my exploits. I feel truly loved.

Mods remember i posted without my bonus so modding is not needed.

Re:Holy Cow!! This Is Awesome! (4, Informative)

wirelessbuzzers (552513) | more than 11 years ago | (#4519109)

Quoth the parent: They are refering to water marks. This is not about "encryption" or even "stenography". The problem is proving a document is original. Actually, it looks like steg to me. Because to prove a document is unaltered without altering it, you just sign it with your private key. This can't be any better: someone could remove the watermark (it's reversible), alter the message, and "authenticate" that, unless there is a digital signature embedded in the image, in which case why not just attach it to the file? Although it would appear that the original paper is not online, so we can't be sure.

misc (-1, Offtopic)

Anonymous Coward | more than 11 years ago | (#4518867)

one time i started thrusting my pelvis at an old lady and yelling "someone take a picture of this and encrypt it!" but then some big guy came and punched me really hard and i woke up in a dumpster without any trousers on.

Re:misc (0, Offtopic)

lacrymology.com (583077) | more than 11 years ago | (#4518948)

Hey! I remember you.

Re:misc (-1, Offtopic)

Anonymous Coward | more than 11 years ago | (#4519003)

well, i got the last laugh on that one because i found a partially uneaten big mac while i was in there.

Encryption? (5, Informative)

heliocentric (74613) | more than 11 years ago | (#4518870)

Isn't it more like steganography? I mean, ok, so we can encrypt the message you store using steg. but are we confusing the two?

Re:Encryption? (4, Informative)

saforrest (184929) | more than 11 years ago | (#4518919)

Basically it is a form of steganography. The only thing unique is that the information isn't an arbitrary message, but just enough to label the image.

This is called digital watermarking.

Yes, it's steganography. (3, Insightful)

wirelessbuzzers (552513) | more than 11 years ago | (#4519037)

Although I don't really see the point. It's not really worth much as steg as far as I can see, and if the data you change are redundant anyway, you might as well compress them out unless you want to do steg. Silly.

Amazing! (-1, Troll)

Skadet (528657) | more than 11 years ago | (#4518882)

Incredible! I've never heard of such a technological breakthrough I care so little about!

Re:Amazing! (0)

Anonymous Coward | more than 11 years ago | (#4519035)

Isn't this technology or something similar to it being used by terrorist groups to send information to one another via websites? I know you can imbed information in an image created by gimp such as your copyright or other authorship information, and that this probably is being used as such by these groups. I would think that advances in this area would need to be kept quiet for a while, anyway. (Don't give 'em any more tools)

Off topic, but speaking of data hiding... (-1, Offtopic)

Anonymous Coward | more than 11 years ago | (#4518883)

Where is slashdot hiding the stories about verisignoff?

Let's see how long this post lasts before it gets scrubbed.

better pr0n (0, Offtopic)

jlechem (613317) | more than 11 years ago | (#4518884)

great, now all the pervs in the world can have super high def porn. Forensic science is great but we all know what this tech's real use is going to be.

Signed Hash (4, Insightful)

notestein (445412) | more than 11 years ago | (#4518887)

How is this better than a signed hash of the image?

It's not. (-1, Offtopic)

Anonymous Coward | more than 11 years ago | (#4518910)

Oh, and mod parent up insightful.

Re:Signed Hash (4, Informative)

jonbrewer (11894) | more than 11 years ago | (#4518913)

"How is this better than a signed hash of the image?"

A signed hash can be separated from an image, while this type of watermarking cannot.

Re:Signed Hash (2, Interesting)

Xenographic (557057) | more than 11 years ago | (#4518952)

A signed hash can be separated from an image, while this type of watermarking cannot.
>>>>>

There must be some way to separate it from the image, as the technique is also supposed to be *reversable*

I'm not sure just what they're up to, though, the article isn't very detailed...

Re:Signed Hash (5, Insightful)

packeteer (566398) | more than 11 years ago | (#4519183)

Thats where the encryption comes in. The watermark can only be reversed on the correct machine. Think like pgp, only the person you want to can read the email you send. They plan to work this into hardware. They would probably give the hardware a unique key and have the picture creator encrypt so only that key can open it. This way if you say wany a secure presentation you can set it so only the one projector in the white house can read it without the watermark.

Re:Signed Hash (2, Interesting)

notestein (445412) | more than 11 years ago | (#4518957)

I'm not sure I believe that. If I wanted an image that is guaranteed to not have been tampered with... A missing signed hash would invalidate the image as much as a changed hash. Now to put the equivalent of a signed hashes data back into an image via an algorithm.... that seems like less security.

Re:Signed Hash (0)

Anonymous Coward | more than 11 years ago | (#4519163)

Then you know it has been altered, don't you?

Re:Signed Hash (2, Insightful)

sharph (171971) | more than 11 years ago | (#4518918)

Of course I could be completely wrong...but...

If you resize the image, you get a different hash, but with this, you still get the authentication. And then when you have portions of the image changed you can tell what portions are changed... From what I can tell this is just a special "image hashing" and not Steganography at all.

Of course, I could be completely wrong.

Re:Signed Hash (2)

Henry V .009 (518000) | more than 11 years ago | (#4519144)

Re-sizing is still alteration. As for telling which portions have been changed--hash 50x50 pixel squares, or whatever you want.

Re:Signed Hash (1)

jsse (254124) | more than 11 years ago | (#4519128)

The key is that the information embedded in an image can be extracted "without any distortion or loss of information".

The extracted information could be digital signature which could faciliate higher level of authentication like PKI that hash function alone cannot offer. Hash function could be used to verify whether a piece of work has be altered, with high confidency; but it can't authenticate the author of this piece of work.

XOR? (0)

Anonymous Coward | more than 11 years ago | (#4518894)

The image *is* changed, but once the data is extracted, it can be changed back to what it was originally.

Sounds like glorified XOR masking.

I don't get it... (5, Interesting)

RomikQ (575227) | more than 11 years ago | (#4518897)

The new technique builds on previous methods but modifies the lowest levels of pixel values using data-embedding algorithms. It allows authorized viewers to extract the embedded authentication message while also removing any distortions created by the embedded information

So while the encrypted data is in the image, the picture is still distorted, it's only when you take the data out, then you get the original. What's the point of that??? I mean that was what it was like before, wasn't it?

By the way, adding plain text to the end of a jpeg file doesn't alter the image in any way, no matter how much you add. So you could encrypt the text you want and add it at the end and there you go, lossless data encryption in images :). Do I get a Nobel prize now?

Re:I don't get it... (2, Informative)

stratjakt (596332) | more than 11 years ago | (#4518976)

Your "James Bond" PDA displays undistorted images, while filtering the secret content somewhere else.

Or you could embed a ton of secret messages in a simple server-to-server mirroring operation, and still wind up with a 1:1 mirror - never tipping anyone off that anything but the visible content was transferred.

That way when the bad guys find it they see no distortions, can find no trace that the image was ever altered, and just think you're looking at porn.

Re:I don't get it... (-1, Offtopic)

Anonymous Coward | more than 11 years ago | (#4519165)

So you're saying the next time I'm caught looking at porn on my iPaq on the subway that it's government business?

Is it really encryption? (5, Informative)

verch (12834) | more than 11 years ago | (#4518901)

Sounds like 'encrypt' isnt exactly the right word here. Maybe 'encode' would have been better. From the very tech light article it seems that this is a watermarking technique which somehow embeds the watermark with no distortion of the image whatsoever. Traditional watermarks distort the image, albeit usually not noticeable to the casual naked eye.

It DOES distort the image!!! (4, Informative)

wirelessbuzzers (552513) | more than 11 years ago | (#4519055)

... just reversably, so you can get the original back later. And it isn't watermarking! They use only the LSB, so it won't survive recompression, printing, whatever. You can't encode anything without the image without distorting it, except by permuting the color tables. But that is easily detected and can't store much data anyway.

Don't let Bin Laden read this... (4, Interesting)

TheGreenGoogler (618700) | more than 11 years ago | (#4518906)

As I recall, the FBI had evidence [wired.com] that Bin Laden was using steganography [jjtc.com] to conceal messages in photos...

Re:Don't let Bin Laden read this... (-1, Troll)

Anonymous Coward | more than 11 years ago | (#4518966)

As I recall, the FBI had evidence [wired.com] that Bin Laden was using steganography [jjtc.com] to conceal messages in photos...

This one [goatse.cx] says 'The USA just fucked us up the ass!', right?

Something doesn't sound right (4, Interesting)

plierhead (570797) | more than 11 years ago | (#4518917)

The article seems utterly light on some key information (about which file formats etc), but simple information theory suggests that this will only work on less-than-optimal image formats.

Any optimal image format will result in a file only just big enough to store the image and no bigger - and therefore it will not be able to store any additional data without reducing the image quality in some way.

Without any further information available, could it be they are just talking about taking advantage of flaws in some given format such as jpeg ?

Re:Something doesn't sound right (2)

Henry V .009 (518000) | more than 11 years ago | (#4519075)

Here's a message that you could send to your girlfriend. Take a picture of yourself standing on a steal I-beam with your hand on your heart, with your university sweater emblazoned with U of whatever. Put that in any file format you want.

But I responded to your comment for another reason. Nobody has ever written an optimal image format. Besides which, optimal for what? Plain-old human vision? You can remove information from an image in such a way that a human couldn't tell the difference (what most optimizing does). But computer processing can tell the difference in a nano-second. Probably, human-optimized images wouldn't even fool all primates.

Wow! Stupid Idea! (2, Insightful)

wahay (12517) | more than 11 years ago | (#4518938)

Ok. so we have a picture, which we then sign with a certificate of some sort. So far, so good. You can verify the picture.

But what do we do next? We corrupt our picture with the signature, tossing it's bits into the picture as noise, and degrading the picure for all the people who open it. Except for the chosen few who have the (proprietary? patented? expensive?) program which chan detect the signiture, read it, and (WOO HOO!) XOR it out of the picture.

This is not an exciting improvement over "gpg -s".

once again all the early posters got it wrong (5, Insightful)

intuition (74209) | more than 11 years ago | (#4518939)

This is steganography with the original image hidden in the steganography as well. Hence the term, "reversible data hiding." That way, not only does the current image hold the data you are sending, but you get a copy of the original image (before steganography) as well.

The fact that every poster so far hasn't seen this fact, is a disturbing reminder of what the average poster on slashdot has become.

does anyone have any suggestions as to where to go next?

New? (0, Offtopic)

csnydermvpsoft (596111) | more than 11 years ago | (#4518941)

Rochester said that the technique, called reversible data hiding, could be used in situations that require proof that an image has not been altered.

I've had that technique for years. It's called a checksum.

Re:New? (4, Insightful)

the eric conspiracy (20178) | more than 11 years ago | (#4519071)


I've had that technique for years. It's called a checksum.

All a checksum does is provide a playground for anyone with a little Linear Algebra background.

Now if you are talking about message digests based on hash function, like SHA or HMAC you are on firmer ground.

hahaha! xerox the innovation company (0)

kraksmoka (561333) | more than 11 years ago | (#4518947)

"The University of Rochester filed a patent application on the methods developed for reversible data hiding and plans to share the rights of the invention with Xerox.

Oh yeah! these guys'll figure out some way to f#$k this one up. Maybe they should just assign the rights to bill gates and steve jobs now . . .

just one word people, GUI

Re:hahaha! xerox the innovation company (0)

Anonymous Coward | more than 11 years ago | (#4519193)

Ummm, the University of Rochester makes quite a bit of money on their patents. One of the top schools in the country in this regard, actually, if not the best outright.

My bullshit detector is on yellow alert (5, Insightful)

Crag (18776) | more than 11 years ago | (#4518951)

"For instance, a digital camera that carries the new algorithms could be used to gather forensic evidence for use later in a courtroom. Any subsequent manipulations of the pictures could be detected, and the area where they occurred could be pinpointed."

Whatever the camera is doing at the scene of the crime could be faked in a lab. Even if each camera has its own PGP/GPG key, the picture is only as reliable as the security of the camera and the key.

What they should do is have the crime scene photographer and his superior digitally sign the images at the crime scene. This would remove the image format from the equation and make the data and the image as secure as the keys of the people involved.

Re:My bullshit detector is on yellow alert (3, Interesting)

ngoy (551435) | more than 11 years ago | (#4519029)

In addition to the comments above, Epson (who hasn't put out a new digital camera in quite awhile) has had something called IAS (Image Authentication System). Per their web site:
Image authentication is provided from the point of capture and thereafter
EPSON IAS-protected images remain standard JPEG images, viewable with all software programs that read JPEG images
Image manipulation can be detected down to the level of a single bit
Verification of image integrity is fast and easy.
IAS images suffer no visible loss of imaqe quality
Compatible with the EPSON PhotoPC 700, 750Z, 800, 850Z, 3000Z, and 3100Z digital cameras
Works with Windows 95, 98, 2000, Me, XP, and Windows NT 4.0 (with Service Pack 3 or higher)

Not a lot of information, but theirs has been out for a LONG time. It has "non-visible" to the human eye detection, so it should have sufficed for any forensic photographer that could use a 3MP image (which I don't think is sufficient for decent crime scene photography, but I am not a CSI).

I personally do not see where a "lossless" type of authentication is useful, even in medical imaging, is one shade off going to make a difference?

ngoy

Re:My bullshit detector is on yellow alert (0)

Anonymous Coward | more than 11 years ago | (#4519161)

Actually, medical images are required to be lossless. That shade difference may be the key to seeing fluid in the lungs or not, etc., etc.

Re:My bullshit detector is on yellow alert (5, Informative)

ChristopherLord (610995) | more than 11 years ago | (#4519045)

Canon does provide support for a "Data Verification Kit" on its latest 1Ds camera. No word on how secure it is, etc.

from here [vividlight.com] :
"Finally with a nod toward law enforcement the EOS-1Ds is the first digital camera that offers the ability to verify that images are unaltered originals using the Data Verification Kit DVK-E1, consisting of a dedicated IC card and card reader, together with software for Windows 2000/XP. This package is available to verify that EOS-1Ds image files are absolutely unaltered. "

My technique... (2)

dsb3 (129585) | more than 11 years ago | (#4518953)

Hmmm ... how to embed/encode/encrypt the image within itself? ... I just XOR the image with itself. I also gain a few extra notches of JPEG compression that way.

Off topic question: about mozilla (0, Offtopic)

Carbon Unit 549 (325547) | more than 11 years ago | (#4518974)

Anybody know why mozzila 1.2 beta can't block the advertisement image on the cnet link?
When I right click on it, it says it is already blocked--but I'm seeing it?

Re:Off topic question: about mozilla (-1, Troll)

Anonymous Coward | more than 11 years ago | (#4519011)

another example of great free software.

Re:Off topic question: about mozilla (0, Offtopic)

no soup for you (607826) | more than 11 years ago | (#4519025)

Anybody know why mozzila 1.2 beta can't block the advertisement image on the cnet link? When I right click on it, it says it is already blocked--but I'm seeing it?

Same thing happened to me (in 1.1). the image was coming from adlog.com.com -- I blocked, refreshed and another ad took its place from adlog.com.com.. Block, refresh, and this time no ads.

Camouflage (3, Interesting)

c.emmertfoster (577356) | more than 11 years ago | (#4518987)

How is this any different from Camouflage [freeserve.co.uk] , which is used by some "Warez" sites to hide files within images?

I've seen this used to keep zip files on free-webservers which do not allow them.

Quote from their website: "you could create a picture file that looks and behaves exactly like any other picture file but contains hidden encrypted files"

Next Xerox... (0, Flamebait)

Cheese Cracker (615402) | more than 11 years ago | (#4518990)

... will introduce sliced bread. Thank goodness we got innovative companies like Xerox and Microsoft...

In other news... (5, Funny)

the_other_one (178565) | more than 11 years ago | (#4518995)

The RIAA and MPAA have sponsored new legislation to make images illegal on the internet in the United States. Images have been known to carry illegal circumvention devices such as DECSS. Thus images in themselves are also potential circumvention devices under the DMCA.

Sounds great, sort of... (2)

wirelessbuzzers (552513) | more than 11 years ago | (#4518997)

... but the real measure of steganography is detectability. It is very difficult to make steganography that cannot be detected statistically. Even Outguess is broken now. And I doubt that this method will be "secure," especially if whoever is spying on you watches the image in transit. Then if you subtract the message out you are SCREWED, because they xor and find it, or at least an encrypted version. In any case, they can prove the message is there. However, if they don't have access to your computer until afterward, just erase the images and you're fine, or JPEG them to remove the steg, or whatever. In fact, if nobody is watching your communications, why the heck would you use steg in the first place?? Looks like a proof of principle, not a real steg scheme.

Covert Channels (3, Informative)

DougJohnson (595893) | more than 11 years ago | (#4519001)

This really isn't that new. There's an example that's a picture of a couple of Zebra's, where they changed from some colour bit depth to a somewhat weaker bit depth, then the bits they saved were used to transmit ascii. Essentially a 32 bit pic was switched to 24 bits, leaving tons of room to include 5 of Shakespeares plays.

Obligatory DMCA Reference (4, Funny)

no soup for you (607826) | more than 11 years ago | (#4519004)

Do not attempt to reverse engineer or theorize about this encryption. They say it's encrypted, that's enough for you.

No fake Brittany or Seven of Nine! (2, Funny)

SunPin (596554) | more than 11 years ago | (#4519012)

Now we can confirm the genuine naked pictures from those photoshopped ones...

Pointless? (2, Insightful)

interiot (50685) | more than 11 years ago | (#4519014)

This seems pointless to me. The image that the common person sees isn't undistorted. To reverse the distortion in the image, you have to run the special program that extracts the hidden data and the original image data as well. If they're planning on everyone having this program that undistorts the image, why don't they just create a new format that's simply {raw image} + {extra data}, and you can run a program that spits out two files from that. If they're planning on having limited usage of the undistorting program to specific people, why don't the authors of the image send two separate files specifically to the intended audience?

Does anyone know of a good use for this?

Careful what you wish for (4, Insightful)

Anonymous Coward | more than 11 years ago | (#4519038)

While this approach has many potentially socially useful applications (e.g., getting data out of censorship regimes without getting caught), it also has a more sinister application.

If you can "watermark" (not sure if that is technically the right term for what these folks are proposing) something in such a way that it is undetectable to the viewer, then that implies that you can attach a unique ID to any given file -- which is exactly what SDMI attempted to do (and failed, thanks to Prof. Felten's work at Princeton).

But didn't Felten's paper essentially demonstrate that this sort of perfect information hiding was essentially impossible theoretically? If so, then the Xerox/Rochester guys are wrong. If not, then Felten's paper is wrong and it is possible to insert permanent SDMI-style watermarks in files. I sure hope it's the former and not the latter.

Perhaps this new approach only has to do with psychovisual tricks and not psychoacoustic stuff -- in which case I suppose they could both be right. Anyone more knowledgeable about this care to comment?

-Garth M.

Re:Careful what you wish for (1)

wirelessbuzzers (552513) | more than 11 years ago | (#4519135)

If you can "watermark" (not sure if that is technically the right term for what these folks are proposing) something in such a way that it is undetectable to the viewer... Of course you can't. If it isn't visible, you can make an image with no watermark at all that looks the same, ie remove it. And this is reversible. So you can remove it by definition.

wow (0, Redundant)

Audity (600754) | more than 11 years ago | (#4519064)

Now i can tell if the chicks on playboy are all real or digitally altered. This is a great leap forward for internet porn, I can't wait until it becomes mainstream.

Court Evidence Verification? No... (2, Interesting)

syphoon (619506) | more than 11 years ago | (#4519072)

"For instance, a digital camera that carries the new algorithms could be used to gather forensic evidence for use later in a courtroom. Any subsequent manipulations of the pictures could be detected, and the area where they occurred could be pinpointed." So if I want to manipulate court evidence, what's stopping me from taking a *screenshot* of the image on screen, manipulating that image, and then re-encoding the hidden data so it appears no editing has taken place?

Hey, if it was hard to write ... (1)

HealYourChurchWebSit (615198) | more than 11 years ago | (#4519100)

What ever happened to the coder's creed [cleversoul.com] that "If it was hard to write, it should be hard to understand and even harder to modify."?

Honestly, I'm sure "clean encryption" is a good idea, but the phrase just has the oxymoron quality as "software reliability."

Detectable? (2, Interesting)

FireMage (110207) | more than 11 years ago | (#4519115)

My main quetion would be if there is any way to discern between a image holding encrypted data and an unmodified "visual only" image file.

This is great! (5, Insightful)

seanadams.com (463190) | more than 11 years ago | (#4519117)

Researchers have created a new way to encrypt information in a digital image and extract it later without any distortion or loss of information.

So, if I can add some information to an image without any loss of information in the original, then I don't see any reason why I couldn't use this technique repeatedly, ad inifinitum, on the resulting image. Therefore, they have created a way to turn any one of my pr0n jpegs into an unlimited storage device.

This really changes everything we thought we knew about computer science and information theory. What an incredible discovery!

Childs play (0, Offtopic)

Anonymous Coward | more than 11 years ago | (#4519119)

Weren't two kids doing this in "Along Came a Spider" in order to pass notes in class?

May be I'm a little bit jumpy but... (2)

jsse (254124) | more than 11 years ago | (#4519150)

what if terrorists embed secrete messages in p0rns with this technique? In view of the fact that 90% of the images in the Internet are p0rns, it's extremely difficult to check them all out.

I know steganography for terrorism is no new news, but used that on p0rns is intolerable!
Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...