Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Stego is detectable. They will move on to scanning for and flagging those communications eventually.


Stego is detectable.

Only in the sense that "Crypto is breakable."

The entire point of steganography is that it isn't detectable. If it can be detected, you need a better algorithm.


If you use steganography with plaintext, you're relying on security by obscurity. Governments aren't going to tell you when they've cracked your secret.

If you're encrypting your steganographic messages, you're increasing the entropy of the plaintext message you're concealing it in.


If you use steganography with plaintext, you're relying on security by obscurity.

No. It is perfectly possible to have steganographic keys, in the same way that you have cryptographic keys.

Trivial example: If the key is 7, the hidden message can be extracted by combining the least significant bits of every 7th pixel of an image. (Incidentally, that hidden message could also be, and indeed probably should also be, encrypted.)

For an example that's only slightly more complex but might actually be useful, replace "7" with a seeded CSPRNG.

you're increasing the entropy of the plaintext message you're concealing it in.

Yes. But you should still be able to conceal a low-bitrate secret message inside a high-entropy covertext/envelope/whatever-you-call-it without a significant chance of being detected.

Trivial example: With a good algorithm and a stick full of 1MB JPEGs, it shouldn't be possible for an attacker to determine which files contain a concealed (140-byte) tweet and which don't.


How does this differ significantly from a grille ( http://en.wikipedia.org/wiki/Grille_(cryptography) )?


They are pretty similar.


Solution: don't use it with plain text, but with compressed files such as photos and movies which have high entropy by virtue of their compression (if it is effective, that is).


I believe that blake8086 was referring to the content of the hidden message when he said plain text. He is asserting that if you hide 'hidden message here' in something, you are using security by obscurity, but if you try to hide ENC('hidden message here', 'secret key goes here') you are going to make the detection of the presence of your secret message easier.


I argued against the latter point: if you hide the encrypted message in something which is normally compressed such as JPEG or DivX, the encrypted message blends in with the rest of the data because compressed data has high entropy (the better the compression, the higher the entropy). I don't get your point about security by obscurity, that's pretty much the whole point of steganography I would suppose. Security by obscurity is mostly a slogan to criticize not publishing algorithms etc.


You need to quantify "blends in". If I [an attacker] plot a distribution of the entropy in all your files, and some of them are outliers, even by a small amount, I can focus all my analysis on those files.


outliers, even by a small amount

Looks like you're getting the hang of it: good steganography relies on having better statistical models than the opposition.

Things are weighted in favour of the concealer, however, as (unlike the attacker) he doesn't have to worry about false positives/negatives


Yes, thank you.

Furthermore, hiding even an unencrypted message still adds entropy, since you're encoding more information in the same amount of space.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: