Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Secret Data: Steganography v Steganalysis

CmdrTaco posted more than 9 years ago | from the fight-of-the-year dept.

Security 280

gManZboy writes "Two researchers in China has taken a look at the steganography vs. steganalysis arms race. Steganography (hiding data) has drawn more attention recently, as those concerned about information security have recognized that illicit use of the technique might become a threat (to companies or even states). Researchers have thus increased study of steganalysis, the detection of embedded information."

cancel ×

280 comments

Sorry! There are no comments related to the filter you selected.

Hmm (5, Interesting)

Sparr0 (451780) | more than 9 years ago | (#11574282)

I think this is the way of the future with regards to encryption. You cant crack what you cant find.

Re:Hmm (3, Interesting)

Anonymous Coward | more than 9 years ago | (#11574301)

You cant crack what you cant find.

Or in the case of "The Bible Codes", you find what you want to find.

Re:Hmm (1)

rindeee (530084) | more than 9 years ago | (#11574353)

Future? Steg. has been used for quite some time. I know that it was actively used during the US Civil War, and I'd imagine that it dates back much further than that.

Re:Hmm (1)

rokzy (687636) | more than 9 years ago | (#11574678)

so what? just because it was a used in the past doesn't mean the original poster didn't have a point.

it may have been used for some time, but it isn't so common now. recently there's been more focus on encrypting the data, not hiding where it is.

the original poster was saying (AFAIK) that he thought it would be popular again, not popular for the fist time ever.

I think he's right with regards to encrypting data in static, passively observed things like photos. transmitted data will probably use quantum techniques.

Re:Hmm (2, Insightful)

Anonymous Coward | more than 9 years ago | (#11574356)

Isn't stenography just more "security through obscurity", like using an odd ip-port to hide a service?
I recall that idea not being very popular with the slashdot crowd.

Re:Hmm (3, Insightful)

dr_dank (472072) | more than 9 years ago | (#11574436)

Who says a steg message has to be plaintext?

Re:Hmm (1)

SlayerofGods (682938) | more than 9 years ago | (#11574620)

I've thought the same thing.
The only way steganography will work is if you keep the way you hide it a secret because if it's public knowledge how your steganography program works it's trivially easily to tell if a message is hidden in something (even if you can't read it) which defeats the purpose of hiding it in the first place.
Seems kind of hypocritical unless someone would care to explained to me why this makes more sense to keep secret then a standard cryptoalgorithm. /shrug

Re:Hmm (4, Insightful)

AndyL (89715) | more than 9 years ago | (#11574883)

It's also security through misdirection. (Ie: If you find someone's secret porn collection, you'll think you know why he's kept it secret. In truth it contains plans for an atom bomb.)

But your point is really what the article is about. A serious Steganography method must be good enough to pass automated searches (steganalysis) because if the enemy knows where your data is, then you almost might as well have not bothered.

And of course, what the other post said is implied.

Re:Hmm (1)

wwest4 (183559) | more than 9 years ago | (#11574401)

I'm not neccessarily commenting on it's practical effectiveness but isn't this really the past in terms of encryption? As in, Caesar-cipher era - i.e. the method is the key.

Re:Hmm (0)

Anonymous Coward | more than 9 years ago | (#11574429)

D'oh - its practical effectiveness, you damn g-nazis.

Re:Hmm (1)

50000BTU_barbecue (588132) | more than 9 years ago | (#11574445)

I guess that extra apostrophe in "its" is really a devious form of steganography? That explains a lot of posts around here!

Layered Implementation (3, Insightful)

Kobun (668169) | more than 9 years ago | (#11574603)

Because an encrypted stream is obviously hiding, it gives the attacker something to focus on. What a person might do instead with Steganography is embed encrypted information, so that the set of information is not only hard to detect in a field of dummy files, but that once the encrypted data is found one still has to decode it.

Re:Hmm (1, Informative)

EasyComputer (797633) | more than 9 years ago | (#11574422)

http://www.jjtc.com/Steganalysis/ [jjtc.com] ----------------------Good Link on Steganalysis, with some examples of information hidden in pictures.

Re:Hmm (2, Interesting)

jamsessionjay (802511) | more than 9 years ago | (#11574424)

Security through obscurity? Look how well it's worked for Microsoft.

Any sufficiently advanced neural net should be able to deterministically find changes in common data communication where information can be hidden. And do you truly think that your data is not being checked by big brother?
[puts on tinfoil hat]

Re:Hmm (4, Interesting)

4of12 (97621) | more than 9 years ago | (#11574772)


Any sufficiently advanced neural net should be able to deterministically find changes in common data communication where information can be hidden. And do you truly think that your data is not being checked by big brother?

I doubt there's enough computational resources for a sufficiently advanced neural net.

If chunks of known ciphertext in something like AES-256 can't be broken in times measured in universe ages, then I can't foresee much success in wholesale scanning of all information, searching for embedded secret strings which, if properly encrypted, should be indistinguishable from random noise.

An old Slashdot story mentioned one of the most fertile fields for laying down stego messages: within spam [spammimic.com] .

Re:Hmm (cracked) (4, Funny)

product byproduct (628318) | more than 9 years ago | (#11574434)

I think thIs iS The way of the FutuRe
with regardS To encryPtiOn.


You've got a nicely steganographed "first post" there.

Utterly wrong. (0)

Anonymous Coward | more than 9 years ago | (#11574472)

This is entirely solving the wrong problem. You can't crack what you can find, either - certainly you can't cryptanalyze it, in a competently designed system.

Ciphers are already strong enough - they need to be made more convenient and efficient, not less so.

Re:Hmm (0, Troll)

Paul Crowley (837) | more than 9 years ago | (#11574504)

As another poster says, it's entirely the way of the past. Using a strong cryptosystem is the way of the future with regards to encryption.

Re:Hmm (5, Insightful)

PDAllen (709106) | more than 9 years ago | (#11574707)

Suppose you == info security guy at $Company. When you see a string of seemingly random bits in a file marked crypto.txt leaving $Company, you may not be able to find out exactly what trade secret your local friendly spy was leaking, but you do know there was a leak and who sent it.

On the other hand, if you see a load of random pictures leaving $Company from lots of employees, then you have to find which picture has hidden data in it before you even know you have a problem.

The point of steganography isn't to pass a message that can't be read, it's to pass a message without alerting anyone to the fact that a message has been passed.

Re:Hmm (3, Insightful)

rokzy (687636) | more than 9 years ago | (#11574747)

people making the point you made totally miss an important point. what if you don't want someone to know the data even exists?

for example, sending a message to someone your government doesn't like:

-you: "ha! it's encrypted really strongly! suck my balls!"
-government: "we don't give a flying fuck - even talking to them is a crime. off to jail for you, numbnuts!"

Re:Hmm (1)

l4m3z0r (799504) | more than 9 years ago | (#11574519)

What you mean to say is that this was the way of the past and now that now we know that security through obscurity is ultimately too risky for crucial data.

It needs to be plainly shown once and for all that this model of "encryption" is too dangerous to be used and thus force the government to encourage open standards that can be tried and found true.

God Exiled From Information Superhighway (-1, Troll)

Yahweh Seba'ot (856211) | more than 9 years ago | (#11574289)

God Exiled From Information Superhighway

MISSOULA, MT (PAN-AMERICAN NEWS SERVICES) - In the ongoing conflict between reason and primitive superstition, God was exiled from the Internet when a combined team of GNAA and ANUS freedom fighters forced Christian scribes to deny His existence by removing His name.

Starting early Thursday morning, insurgents in traditional Muslim garb assaulted the Christian Internet meme-domination fortress wikichristian.com [wikichristian.com] , interrupting a peaceful day of infighting over the exact implications of indefinite religious terminology. After thirty-six hours of combat, Christian forces withdrew, leaving behind a battlefield of ruined scripts and banned IP addresses.

"With God as my witness, I am taking down the site so we may endure this demonic assault," said Bruce Pederasdt, God's ordained champion in the "open source" movement, which believes the soul of a homeless retarded crack addict is equal to all others and thus if sycophantic enough, can become a "valued contributor" to a vital project like porting LaTEX to the iPod.

Wearing tennis shoes, and armed only with AK-47s and Compaq laptops, the rebel forces battled the highly mechanized Christian army until victory. "The crusader-god has fallen before Allah (PBUH)," said GNAA commandant Penisbird, sitting on a pink prayer matt before a captured statue of Crusaders burning books and heretics. He fired a shot to the heavens, coating himself in the sticky white substance that emerged from the rifle barrel.

Pederasdt refused to concede defeat, saying, "The God of Israel is a mighty god, and he will repress these black, gay and probably Muslim infidels so his Order may conquer the chaotic and sinful Internet. The Lord is my rod, and my staff, ...and my rod..." Investigators from Child Protective Services were at Pederasdt's Missoula compound to ascertain the status of the nubile young boy who at this point walked naked from behind a large curtain. The site remains down at the time of this writing.

"God told us to," GNAA-ANUS technology officer Cynical said simply. He added: "Rip the sacred flesh - Sodomize the holy asshole - The king of Jews is dead - and so are the lies - Vomit on the host of Heaven - Masturbate on the throne of God." A passing herd of nuns passed out in shock, their habits flipping upward to reveal large, black strap-ons.

CNN embedded reporter Phil MacOlon reported seeing columns of smoke rising from the back entrance to the server farm where wikichristian.com [wikichristian.com] is hosted, but it was determined to be GNAA spokestroll g0sp-hell lighting up a suspiciously pungent cigarette. "God crashed like a Macintosh running Linux, in a rainbow of failure," he said. "Install reality, problem solved."

The ongoing war between reason and superstition originated in a surprise 1996 attack by ANUS suicide mailbomers on the then-new Vatican web site, knocking it out of commission until additional funding could be found. Recently, the war has heated up with insurgents from GNAA seizing Internet Holy Writ WikiPedia.org [wikipedia.org] , where the Jewish god was linked to usury, niggardliness and unrelenting whining.

When news of the attack reached Washington, the United States immediately declared war on Germany, claiming that as it was allied with both GNAA and ANUS, it constituted an "axis of evil" which "threatens our freedom." At the time of this writing, bombers were headed toward strategic targets in Dresden, Germany, known as "the day care center of Europe" for its high population of inflammable women and children.



About GNAA:
GNAA (GAY NIGGER ASSOCIATION OF AMERICA) is the first organization which gathers GAY NIGGERS from all over America and abroad for one common goal - being GAY NIGGERS.

Are you GAY [klerck.org] ?
Are you a NIGGER [mugshots.org] ?
Are you a GAY NIGGER [gay-sex-access.com] ?

If you answered "Yes" to all of the above questions, then GNAA (GAY NIGGER ASSOCIATION OF AMERICA) might be exactly what you've been looking for!
Join GNAA (GAY NIGGER ASSOCIATION OF AMERICA) today, and enjoy all the benefits of being a full-time GNAA member.
GNAA (GAY NIGGER ASSOCIATION OF AMERICA) is the fastest-growing GAY NIGGER community with THOUSANDS of members all over United States of America and the World! You, too, can be a part of GNAA if you join today!

Why not? It's quick and easy - only 3 simple steps!
  • First, you have to obtain a copy of GAYNIGGERS FROM OUTER SPACE THE MOVIE [imdb.com] and watch it. You can download the movie [idge.net] (~130mb) using BitTorrent.
  • Second, you need to succeed in posting a GNAA First Post [wikipedia.org] on slashdot.org [slashdot.org] , a popular "news for trolls" website.
  • Third, you need to join the official GNAA irc channel #GNAA on irc.gnaa.us, and apply for membership.
Talk to one of the ops or any of the other members in the channel to sign up today! Upon submitting your application, you will be required to submit links to your successful First Post, and you will be tested on your knowledge of GAYNIGGERS FROM OUTER SPACE.

If you are having trouble locating #GNAA, the official GAY NIGGER ASSOCIATION OF AMERICA irc channel, you might be on a wrong irc network. The correct network is NiggerNET, and you can connect to irc.gnaa.us as our official server. Follow this link [irc] if you are using an irc client such as mIRC.

If you have mod points and would like to support GNAA, please moderate this post up.

.________________________________________________.
| ______________________________________._a,____ | Press contact:
| _______a_._______a_______aj#0s_____aWY!400.___ | Gary Niger
| __ad#7!!*P____a.d#0a____#!-_#0i___.#!__W#0#___ | gary_niger@gnaa.us [mailto]
| _j#'_.00#,___4#dP_"#,__j#,__0#Wi___*00P!_"#L,_ | GNAA Corporate Headquarters
| _"#ga#9!01___"#01__40,_"4Lj#!_4#g_________"01_ | 143 Rolloffle Avenue
| ________"#,___*@`__-N#____`___-!^_____________ | Tarzana, California 91356
| _________#1__________?________________________ |
| _________j1___________________________________ | All other inquiries:
| ____a,___jk_GAY_NIGGER_ASSOCIATION_OF_AMERICA_ | Enid Al-Punjabi
| ____!4yaa#l___________________________________ | enid_indian@gnaa.us [mailto]
| ______-"!^____________________________________ | GNAA World Headquarters
` _______________________________________________' 160-0023 Japan Tokyo-to Shinjuku-ku Nishi-Shinjuku 3-20-2

Copyright (c) 2003-2004 Gay Nigger Association of America [www.gnaa.us]

Already was an issue (3, Interesting)

Sierpinski (266120) | more than 9 years ago | (#11574317)

This came out a long time ago with the idea of hiding child pornography in files containing what appeared to be pictures of art, or other benign picture files.

There was even an episode of Law and Order about this. Its nothing new, but I agree it does pose many questions about security. (Security through obscurity is really good if the level of obscurity is paramount.)

Re:Already was an issue (0)

Anonymous Coward | more than 9 years ago | (#11574648)

On the contrary, it showed that laws seeking to ban images were inherently flawed. Creating blacks markets with their grossly-inflated profit margins creates more incentive to create a particular product than any other tehcnique. Kudos to the government for making the problem worse!!

I'm quite certain... (1)

Kjella (173770) | more than 9 years ago | (#11574863)

...that this has already been used, at least to get around free website restrictions. Many of them rejected uploads of zip/rar/.001-.00X etc. types of files, often even with header checks. Make it a picture gallery and well... what can you say, it's a popular gallery ;)

Kjella

Steganalysis has a dim future, IMHO (1, Insightful)

fejikso (567395) | more than 9 years ago | (#11574329)

I believe that information can be arbitrarily well obfuscated and hidden and therefore I find it difficult to imagine that there can be an effective and feasible technique to counter attack stenographic messages.

Re:Steganalysis has a dim future, IMHO (1, Insightful)

Anonymous Coward | more than 9 years ago | (#11574379)

The larger problem is not how to find it but how to know where to find it. You simply have to scan all material, including material which doesn't have anything embedded. Different with cryptography where usually it is quite clear that there is something encrypted to concentrate on.

Re:Steganalysis has a dim future, IMHO (1)

dhasenan (758719) | more than 9 years ago | (#11574667)

But since they often co-occur, you have a *lot* more trouble--you have to determine whether something's encrypted, hidden data or white noise. Is that an MD5 hash in your JPEG, or are you just happy to see me?

Can someone explain to me what is meant by... (4, Insightful)

squarooticus (5092) | more than 9 years ago | (#11574342)

"illicit use [of steganography]"? I didn't realize encrypting stuff was illegal. Land of the free and all that.

Re:Can someone explain to me what is meant by... (3, Insightful)

eln (21727) | more than 9 years ago | (#11574362)

I think they mean the use of steganography to hide illicit materials, like child pornography. At least, I hope that's what they mean.

Re:Can someone explain to me what is meant by... (1)

AndyChrist (161262) | more than 9 years ago | (#11574727)

If I had mod points every one of you in this little line would get Redundant.

GOURANGA!

Re:Can someone explain to me what is meant by... (1)

Danimoth (852665) | more than 9 years ago | (#11574363)

I belive it is refering to the use of steganography for illicit material, child pornography for example.

Re:Can someone explain to me what is meant by... (1)

PDAllen (709106) | more than 9 years ago | (#11574367)

If the stuff you encrypt is illegal, like for example child porn...

Re:Can someone explain to me what is meant by... (0)

Anonymous Coward | more than 9 years ago | (#11574473)

That still doesn't make the encryption illegal...

Re:Can someone explain to me what is meant by... (0)

Anonymous Coward | more than 9 years ago | (#11574554)

never said so. "it is illegal to use steganography to hide child porn." do we understand now?

Re:Can someone explain to me what is meant by... (1)

PDAllen (709106) | more than 9 years ago | (#11574629)

I bet if you were in court on that you'd be done for duplicating the illegal material, as well as possessing it.

In any case, why are you defending a hypothetical child porn distributor?

Re:Can someone explain to me what is meant by... (0)

RevAaron (125240) | more than 9 years ago | (#11574419)

Well, there are times when encrypting something might be illegal- child porn, for instance.

Re:Can someone explain to me what is meant by... (0)

Anonymous Coward | more than 9 years ago | (#11574556)

i wouldnt bother even explaining.

someone will just argue semantics about how the act of encrypting isnt the illegal part blah blah blah.

the point is, encrypting illicit material is illegal (in the fact you posses the material in the first place)

but someone will stillargue since they dont have anything better to do and are lame

Re:Can someone explain to me what is meant by... (0)

Anonymous Coward | more than 9 years ago | (#11574433)

*reads the other responses* Child porn.. child porn.. child porn..

Heh, there's some fuckers with dirty minds posting today...

Re:Can someone explain to me what is meant by... (2, Insightful)

GeorgeMcBay (106610) | more than 9 years ago | (#11574909)


*reads the other responses* Child porn.. child porn.. child porn..

Heh, there's some fuckers with dirty minds posting today...


I'm going to guess they've just had this line beaten into their heads from the "think of the children" PR machine behind funding for things like steganalysis.

Honestly, how many pervs do you think are out there hiding their child porn with methods such as this? I'd guess very close to zero. I'm not saying there aren't weirdos out there who like to collect this sort of thing, I'm just guessing it is a lot more likely to be sitting there unprotected in some directory on their harddrive or at MOST on some encrypted volume... I find it hard to believe they'd set up some fancy steganography system to hide it.

Steganography is an ultimate emperor's new clothes technology to get funding for. There's no solid proof anyone is using it to do anything illegal, but the people who want to be funded to research this bullshit can just say "well, of course there's no proof, because it is hidden in images! Images that TERRORISTS or CHILD PORNOGRAPHERS might be trading as we speak!!!"

Re:Can someone explain to me what is meant by... (3, Interesting)

Bagels (676159) | more than 9 years ago | (#11574717)

*cough* Chinese researchers. Perhaps not illegal in the US, but almost certainly extremely illegal over in our favorite semi-communist autocracy...

Explanation: Espionage (3, Insightful)

Bonhamme Richard (856034) | more than 9 years ago | (#11574789)

Many posters have addressed the idea of child pornography, but it's not just a matter of images hidden inside of images. By going through the 1s and 0s that make up an image a written message can be composed.

Method: An image is built of bytes representing shades of colors. If you go through and change the least significant bit of each byte you can encode a message. Note: this is achieved without substantially changing the image.

Example: 10001000 becomes 10001001

Significance: If two people were to set up a system, like "go to site XYZ on every 3rd Friday and download the pic of the day," it would be nearly impossible to track them. An agent in the field checks the image, noting the value of the last bit of each byte. Stringing these values together he creates a message. Two individuals can communicate from across the world without anyone else suspecting.

This can be used for anything: 1) Terrorists coordinating timed attacks 2) Americans selling national security secrets to foreign powers. 3) Communication between intelligence community agents (ours or theirs).

Land of the free yes, but all three of the above uses are illegal.

Great movie title! (5, Funny)

Guano_Jim (157555) | more than 9 years ago | (#11574349)

Secret Data: Steganography v Steganalysis

Throw in a Stegosaurus [kdsi.net] and we've got a real Destroy All Monsters [imdb.com] vibe going.

Run! It's Steganalysis!

/crushes Tokyo

Re:Great movie title! (0)

Anonymous Coward | more than 9 years ago | (#11574559)

Stego-sore-ass. That's what you get when you sit too long at the decyphering desk.

Re:Great movie title! (1)

damiena (263598) | more than 9 years ago | (#11574913)

Gao!

This reply is funny, inciteful and informative (5, Funny)

Silver Sloth (770927) | more than 9 years ago | (#11574350)

But it's hidden

Re:This reply is funny, inciteful and informative (1)

wondermog (772429) | more than 9 years ago | (#11574536)

Yes but what exactly does it plan to incite [reference.com] ?

Extinct? (4, Funny)

Chappy01 (785030) | more than 9 years ago | (#11574355)

I thought the Steganalysis was extinct...that's public school education for you.

Hiding data ...pfft (5, Funny)

pronobozo (794672) | more than 9 years ago | (#11574386)

As if you can hide information in places that nobody would find, just doesn't seem like a plausible direction for security.

Re:Hiding data ...pfft (4, Funny)

justforaday (560408) | more than 9 years ago | (#11574452)

I don't get it...Could someone please tell me what the secret message is?

Re:Hiding data ...pfft (0)

Anonymous Coward | more than 9 years ago | (#11574490)

Be sure to drink your Ovaltine.

Re:Hiding data ...pfft (0)

Anonymous Coward | more than 9 years ago | (#11574725)

The secret phrase is "I am stupid."

Re:Hiding data ...pfft (0, Flamebait)

ginbot462 (626023) | more than 9 years ago | (#11574531)

Dennis the Mennis comic strips had certain words bolded for emphasis, but as a kid I always read them together thinking they said something. Sadly nothing good came out of it, or from reading the strip period, or from writing this reply for that matter, or reading slashdot ...

ll--a

Re:Hiding data ...pfft (5, Informative)

Darth_brooks (180756) | more than 9 years ago | (#11574820)

There's some truth to the idea of a hidden message in comic strips.

During the 50's and 60's the air force used a particular comic strip ("smokey stover" i think. http://www.toonopedia.com/smokey.htm [toonopedia.com] , also the origin of "foo" and "foo fighter") to train recon. photo interpreters. The artist would hide his wife's name somewhere in every strip, and the new recruits would have to find it.

An easy way to hide information (5, Funny)

Anonymous Coward | more than 9 years ago | (#11574389)

Hide it on slashdot by posting at level 0. No one will think to look, and there's an unlimited storage potential.

Re:An easy way to hide information (0)

Anonymous Coward | more than 9 years ago | (#11574467)

I hide my data in a deep, moist place.

Re:An easy way to hide information (1)

Soporific (595477) | more than 9 years ago | (#11574639)


I hide my data in a deep, moist place.

Your basement? :)

~S

Re:An easy way to hide information (PART 2) (4, Interesting)

zoloto (586738) | more than 9 years ago | (#11574491)

actually this is a really good thing. not just on slashdot, but on other sites where you can search the documents for key words.

Heck, post as ac with a unique subject and post encrypted (gpg) ascii in multiple parts. the data will be here still next year or five (plausible) and you can retrieve it, and decrypt (assuming you have the public key or password if it's symmetric

Re:An easy way to hide information (PART 2) (2, Insightful)

blueg3 (192743) | more than 9 years ago | (#11574656)

That doesn't serve the purpose of steganography, though. If someone is clued in to the possibility that you might be sending messages by posting them on Slashdot, it's fairly easy to check and find out that yes, in fact, you are sending messages. The idea behind steganography is not to make the message unrecoverable from the cover data, but to make it so that nobody detects that any communication is even going on.

Re:An easy way to hide information (PART 2) (0)

Anonymous Coward | more than 9 years ago | (#11574755)

So we hide the information by embedding it into goatse pictures!

Re:An easy way to hide information (0)

Anonymous Coward | more than 9 years ago | (#11574700)

Better yet, hide it in a goatse image, nobody could stand to look at it long enough to decode it.

fun stuff (5, Interesting)

Darth_brooks (180756) | more than 9 years ago | (#11574398)

I tinkered with this for a while. Start up gnucleus, do a search for *.jpg, and grab a bunch of files to scan. Not surprisingly, many of the images were porn (it's for research purposes, I swear!)

The biggest problems were 1. most (actually, all) of the images that came back as good candidates for having embedded images came back as false positives and 2. lack of a brute-force steg break utility.

number 2 is probably a result of poor searching on my part, but I honestly couldn't find a recent, (and free) tool that would do a brute force crack on embedded images. At the time (a few months back) I was using stegbreak and stegdetect.

So, is there anything better? anyone else have any luck?

Re:fun stuff (1)

carlmenezes (204187) | more than 9 years ago | (#11574528)

Well, how do you know that what you found wasn't more hidden information? Double-layer steganography maybe? I mean, what better way to hide info than as a false positive?

Re:fun stuff (2, Funny)

SlayerofGods (682938) | more than 9 years ago | (#11574543)

It's hard to brute force something when you don't know how it was hidden in the first place.
You can only design a brute force attack once you know how it was hidden in the first place. And the amount of different ways to do that right now precludes such an attack.
Maybe once a standard for steganography is agreed on we can get started on ways to crack it ;)

Re:fun stuff (1)

Darth_brooks (180756) | more than 9 years ago | (#11574672)

I should have been a little more clear on that. Steg detect would decide that an image may have had something embedded using one of the programs that it looked for.

But, using stegbreak, you could only do a dictionary attack against the image even though you had an idea of what what used to embed the file.

Re:fun stuff (1)

blueg3 (192743) | more than 9 years ago | (#11574685)

If there was a standard for steganography, it wouldn't be steganography any more.

It's kind of like hiding your key under the doormat. Everyone knows that's where people hide keys, so nobody hides keys there because it's useless now.

Unfortunately, the problem of coming up with such a generic pattern-finding algorithm that it'd be truly useful for trying to detect steganography in general is not an easy problem. It should be quite possible to try a lot of popular methods, though.

Re:fun stuff (1)

shawn(at)fsu (447153) | more than 9 years ago | (#11574682)

speaking of JPG's I once saw a picturew of flowers that if you selected the picture in say a web page (or highlighted it) you could see a hidden image (pr0n. I would love to know how to do this.
Anyone know what I'm talking about.

Re:fun stuff (1)

PDAllen (709106) | more than 9 years ago | (#11574777)

Being as you can encrypt your data before steg'ing it, you're not likely to find a steg-breaking utility, or at least not one that works reliably with any serious attempt to make it hard.

Passwords (4, Interesting)

White Roses (211207) | more than 9 years ago | (#11574411)

I played around with this for a time. Stored all my various passwords in one of my desktop pictures at work. In the end, while it was certainly interesting, I didn't see a personally practical use for it. Perhaps integration with a keyring type of application? A replacement for the DB file that is used to store the passwords? I send so few iamges to my friends that a sudden influx of images being sent back and forth with hidden communications would draw more attention to anyone seriously interested in my boring life. I feel secure because I am obscure.

I can certainly see the use in espionage, hiding the real message in the static, as it were (Didn't a Tom Clancy book use this plot device? I think the message was sent in the connect noises for the modem). And NS's Baroque Cycle had some interesting steganographic bits in it (excessively long and boring letters about the nobility's obsession with fashion hiding an encrypted message for all to see). But on a day to day basis, I doubt this will affect most people.

Re:Passwords (0)

Anonymous Coward | more than 9 years ago | (#11574621)

You just gave me a really good idea. Why not use weak steganography as metadata for images?
It wouldn't be tied to the filesystem like with WinFS or whatever the Mac FS is and things like google desktop search would be more accurate.

Just put a tag in the EXIF data indicating meta-stegdata and web searching pictures could be tons better. And since web searching images relies on context anyways, it should be fairly straightforward to discount images with crap data meant to boost search rankings.

Finding hidden messages? (2, Funny)

wfberg (24378) | more than 9 years ago | (#11574432)

Dear Friend , Your email address has been submitted
to us indicating your interest in our newsletter .
If you no longer wish to receive our publications simply
reply with a Subject: of "REMOVE" and you will immediately
be removed from our mailing list . This mail is being
sent in compliance with Senate bill 2116 , Title 3
; Section 304 ! This is different than anything else
you've seen . Why work for somebody else when you can
become rich within 56 MONTHS . Have you ever noticed
more people than ever are surfing the web and how long
the line-ups are at bank machines ! Well, now is your
chance to capitalize on this . We will help you decrease
perceived waiting time by 110% and SELL MORE . You
can begin at absolutely no cost to you . But don't
believe us ! Ms Simpson of Massachusetts tried us and
says "My only problem now is where to park all my cars"
! We are licensed to operate in all states ! We beseech
you - act now . Sign up a friend and your friend will
be rich too ! Thank-you for your serious consideration
of our offer !

Re:Finding hidden messages? (0)

Anonymous Coward | more than 9 years ago | (#11574635)

Thanks. Good luck to you too.

Re:Finding hidden messages? (1)

Mitchell Mebane (594797) | more than 9 years ago | (#11574790)

-----BEGIN PGP MESSAGE----- Charset: ISO-8859-1 Version: GnuPG v1.2.5 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org VGhhbmtzISBJIG5lZWQgYWxsIHRoZSBsdWNrIEkgY2FuIGdldC 4gOkQ= -----END PGP MESSAGE-----

Let's try that again... (1)

Mitchell Mebane (594797) | more than 9 years ago | (#11574885)

-----BEGIN PGP MESSAGE-----
Charset: ISO-8859-1
Version: GnuPG v1.2.5 (MingW32)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

VGhhbmtzISBJIG5lZWQgYWxsIHRoZSBsdWNrIEkgY2FuIGdl dC 4gOkQ=
-----END PGP MESSAGE-----

Problem with statistical analysis (4, Interesting)

grahamsz (150076) | more than 9 years ago | (#11574488)

The suggestion is that if data is being hidden in the LSB of a photo then you can use statistical analysis to spot this anomoly.

The problem here seems to be that if you were to compress your hidden data prior to hiding it, then the data inserted would appear random and should thwart statistical analysis. You'd need some redundancy there if you intent to jpeg compress the image, but it might work.

I've toyed with the idea of hiding data in the vectors used in a mpeg file. Exploiting the nature of the compression algorithm rather than the source data.

Re:Problem with statistical analysis (2, Interesting)

wirelessbuzzers (552513) | more than 9 years ago | (#11574675)

The suggestion is that if data is being hidden in the LSB of a photo then you can use statistical analysis to spot this anomoly.

The problem here seems to be that if you were to compress your hidden data prior to hiding it, then the data inserted would appear random and should thwart statistical analysis.


The problem is, the LSBs of a photo do not appear to be random; there are many subtle correlations between them, some of them human-visible and some of them computer-visible. A given known machine-visible one can be foiled with enough statistics (see Outguess), but when a new one comes along the steg will be broken (as is Outguess).

In any case, it is assumed that you are compressing the data to save space and protect your cipher, and then encrypting it (stripping any headers added by your encryption program) to give data that would be difficult to prove non-random. The question remains how to find places in the file which appear sufficiently random to hide your data.

You'd need some redundancy there if you intent to jpeg compress the image, but it might work.

No, you'd just fudge the low-order bits (after quantization) of the coefficients of the discrete cosine transform. Of course, these also have correlations that you'd have to watch out for.

Re:Problem with statistical analysis (1)

blueg3 (192743) | more than 9 years ago | (#11574729)

That's only true if the original data in the LSB plane was also random. However, chances are that it isn't exactly random. Data, encrypted or no, may have different statistical characteristics than the original data.

There's a good story on something vaugely related that has to do with the frequency of digits in measured numbers. (That is, it isn't equally probable to see every digit -- earlier digits in a number favor lower digits, like "1".) People who were falsifying accounting records were caught because the numbers they used were "too random". This occurs also in people who are trying to make a string of random ones and zeros -- they'll tend to have much shorter strings of the same digit than a sequence that's actually randomly generated. (Four zeros in a row? That's not very random!)

Re:Problem with statistical analysis (1)

frakir (760204) | more than 9 years ago | (#11574767)

You can always use another picture to encrypt/decrypt your message. Like xor both corresponding LSBs

Re:Problem with statistical analysis (1)

pclminion (145572) | more than 9 years ago | (#11574901)

You're assuming the LSB of each pixel of image data is perfectly random to begin with. In practice there are usually correlations between the subbands in image data (at least, any data which isn't pure noise). Inserting random data changes the degree of correlation between subbands, revealing the hidden message.

Those concerned about information security? (0)

Anonymous Coward | more than 9 years ago | (#11574516)

For those that are really concerned about information security steganography is a great thing. It makes much harder for attacker to get access to the sensitive private, corporate or goverment data.

Use of steganography is a threat only for those who want to wiretap communications and access other's data.

DCT + spread spectrum (3, Interesting)

dangil (167785) | more than 9 years ago | (#11574537)

I have done a small experiment in steganography using DCT coefficients and spread spectrum technique, spreading a 4 bit number in 4 high frequency coeficients in a DCT transformed image

It works pretty well.. but I did it in PHP+GD, so it's pretty slow...

if anyone is interested, I have a paper that describes the methods, the PSNR and everything else... you can reach me at my gmail server, under the dangil alias

stegnography is security through obscurity (2, Interesting)

user317 (656027) | more than 9 years ago | (#11574551)

as soon as a method for stegnography is discovered it basically looses any advantage. the only way it could work is if the number of methods would increase at a exponential or higher rate. otherwise any interested party can just brute force your data for every possible stegnoraphy method. even if one that you use hasn't been discovered yet they can store that data and check it later. in either case if you got something to hide from they you are screwed. a much better way for secure communication is http://www.xelerance.com/mirror/otr/ [xelerance.com]

Secret Stuff (3, Funny)

Anonymous Coward | more than 9 years ago | (#11574585)

I hide all my secret information in fake research papers on steganalysis. They never think to look there.

how is this possible? (2, Interesting)

Anonymous Coward | more than 9 years ago | (#11574588)

If I take a payload -- say a text file. If I compress the file, then encrypt the compressed data then finally hide it.

Excecpt when I hide it I use the least significant bit of every n bytes where n is a 10 digit sequence.

[1,2,3,4,3,2,1,2,6,7]

the first source bit is stored in the lsb of the first image byte.

the second source bit is stored in the lsb of the [1+2] image byte.

the third source bit is stored in the lsb of the [1+2+3] image byte. ... and on and on...

If the end of the image file is reached before the source file is embedded then wrap around and repeat using the second lest significant bit.

Using a unique noisy image source such as a crappy web cam taking a picture of a TV displaying white noise (to thwart a compressability test used for detecting images with hidden data), how could you detect this hidden message much less decode it without know specificaly how the algo works?

Re:how is this possible? (0)

user317 (656027) | more than 9 years ago | (#11574615)

I will try every possible algorithm I know :), and every two years it will take me half as long to do that :)

Re:how is this possible? (1)

B1ackDragon (543470) | more than 9 years ago | (#11574807)

If I compress the file, then encrypt the compressed data then finally hide it.

I will try every possible algorithm I know

Ok, so you've found the data from the noise, not an easy task by itself. Then what? Brute force the encryption?

Steganography isn't "security through obscurity," its just obscurity. Which can be useful when not only do you need security, but you don't want people (easily and obviously) knowing you are needing the security. I know the world shouldn't work this way, but sending an encrypted message out in the open screams "I've got a secret," and sometimes even that is enough to get you noticed and in trouble.

Re:how is this possible? (0)

Anonymous Coward | more than 9 years ago | (#11574750)

1 It's no different to cracking any kind of encryption.

2 It's a standard method to add noise or 'salt' as part of the encryption process. The image supplies this noise in your scheme.

3 It's only a clever method if noone else has the code. Therefore it's weak as it cannot be distributed without compromising it.

4 Unless your data is also encrypted to look as noisy as possible, it would probably be found by fft analysis. (You should make the lsb used as apparently random as possible, any pattern is a no-no.)

Forget about the image, simplify the thought experiment as much as possible, see it as a one dimensional stream of numbers. This is not steganography any more.

Is this really a good article on steganalysis? (2, Informative)

Sara Chan (138144) | more than 9 years ago | (#11574623)

From the conclusion of TFA:
... countermeasures against steganalysis are also emerging [11].
Reference [11] is for the F5 algorithm:
11. Westfeld A. (2001), "F5-Steganographic algorithm: High capacity despite better steganalysis",
Lecture Notes in Computer Science 2137 289-302 (Springer-Verlag).
Yet consider this paper:
Fridrich J., Goljan M., Hogea D. (2002), "
Steganalysis of JPEG Images: Breaking the F5 Algorithm [binghamton.edu] ", 5th Information Hiding Workshop 310-323 (Noordwijkerhout, The Netherlands).
The abstract from Fridrich et al. says "... we present a steganalytic method that can reliably detect messages ... hidden in JPEG images using the steganographic algorithm F5".

So TFA article cites countermeasures from 2001, even though a method of defeating those countermeasures was published in 2002.

The above is just one example. Overall, TFA seems poor and out-of-date. This is a case where the F in "TFA" does not stand for "fine".

Kitchen knives (0, Offtopic)

glgraca (105308) | more than 9 years ago | (#11574630)

I'm more worried about the ilicit use of kitchen knives

v Stegosaurus! (3, Funny)

Mustang Matt (133426) | more than 9 years ago | (#11574636)

I'll put my money on the dinosaur

Googlefight (3, Funny)

Anonymous Coward | more than 9 years ago | (#11574645)

Googlefight! [googlefight.com]

Steganography wins.

Has they? (0, Offtopic)

josh2112 (856384) | more than 9 years ago | (#11574671)

From summary: Two researchers in China has taken a look

Apparently the editors has taken the day off.

Re:Has they? (0)

Anonymous Coward | more than 9 years ago | (#11574714)

Naw, they've just been watching Da Ali G Show.

Possibilities (2, Interesting)

grandmstrofall (811628) | more than 9 years ago | (#11574688)

I think that steg provides the opportunity to increase security of already existing crypto. Wouldn't it be plausable to take already encrypted data, and then hide it? Sure, it's not foolproof, but it's no worse than having the encrypted data sent as is.

At the same time however, it seems like steganography has some inherent flaws in it. That is to say, the more people use is, the quicker people will be able to determine patterns in the method. This would allow people/groups/countries/etc. to find the message faster. Doesn't sound like too reasonable of an idea.

Additionally....I'd be interested to see what DJB [cr.yp.to] has to say about steganography...

Encryption^2 (1)

Lycestra (16353) | more than 9 years ago | (#11574775)

Sounds like an extension of normal encryption/cryptanalysis techniques to me. The only difference is the ciphertext appears to be an unrelated plain text rather than random. To oversimplify, its a matter of finding patterns within other patterns, rather than patterns within pseudo-chaos. Still, seeing deeper than the obvious is not easy to do.

Think I've seen this movie before.... (1)

SoCalEd (842421) | more than 9 years ago | (#11574791)

Steganography vs. Steganalysis

Wasn't this the sequel to Godzilla vs. Mothra [stomptokyo.com] ?

A stego method that actually works (2, Interesting)

Synli (781075) | more than 9 years ago | (#11574867)

Hiding ciphertext within pictures or sounds does not work. They are mathematical methods to detect that a picture or a sound contains encrypted data (unusual noise). There is currently only one steganographic method I am aware of that really works. It is hiding ciphertext within ciphertext. I know only of one open source and free program that realises this scheme: TrueCrypt [sourceforge.net] . And here [sourceforge.net] is how they do it.

Remember the post 9/11 image-messaging concern? (2, Interesting)

ScentCone (795499) | more than 9 years ago | (#11574872)

This reminds me of a concern that surfaced in the immediate wake of 9/11: that the bad guys were shunning traditional net-based communication (e-mail, forum/newsgroup postings, etc.) and might be using codes or signals embedded in images in common places (eBay, for example).

I seem to recall a distributed screen-saver type app that was being used to crunch through millions of hosted images. Not much to find online about this, but there are articles like this one [newscientist.com] at NewScientist.com suggesting that the effort was a washout. here [xtdnet.nl] are some more stats from a study that came up dry, but there always this reference [xtdnet.nl] to "first stenographic image in the wild" as reported by ABC back when.

Remember Tiananmen Square (2, Insightful)

leereyno (32197) | more than 9 years ago | (#11574882)

The fact that this is happening in China suggests to me that this is being done on the behest of the socialist government, which is far more concerned about the threat of grass roots movements for freedom and democracy than anything else.

Make no mistake, the current chinese government may represent a "kindler, gentler" communist regime, but its mere existence is still a crime against humanity.

Lee

I have used this technique for decades! (2, Funny)

museumpeace (735109) | more than 9 years ago | (#11574886)

hidden somewhere "in plain sight" in the code I turn in, is a program that actually works and has no bugs.
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>