Slashdot Mirror

← Back to Stories (view on slashdot.org)

Researchers Calculate Capacity of a Steganographic Channel

Posted by timothy on from the intentionally-not-left-blank dept.

KentuckyFC writes "Steganography is the art of hiding a message in such a way that only the sender and receiver realize it is there. (By contrast, cryptography disguises the content of a message but makes no attempt to hide it.) The central problem for steganographers is how much data can be hidden without being detected. But the complexity of this problem has meant it has been largely ignored. Now two computer scientists (one working for Google) have made a major theoretical breakthrough by tackling the problem in the same way that the electrical engineer Claude Shannon calculated the capacity of an ordinary communications channel in the 1940s. In Shannon's theory, a transmission is considered successful if the decoder properly determines which message the encoder has sent. In the stego-channel, a transmission is successful if the decoder properly determines the sent message without anybody else detecting its presence (abstract). Studying a stego-channel in this way leads to some counter-intuitive results: for example, in certain circumstances, doubling the number of algorithms looking for hidden data can increase the capacity of the steganographic channel"

15 of 114 comments (clear)

  1. counter-intuitive results? by ccguy · · Score: 4, Funny

    The results are interesting and in some cases counter-intuitive (for example, adding noise to channel can increase its steganographic capacity

    How is that counter-intuitive? Many of us regularly backup our stuff here in slashdot, and no one has complained so far (which, being the slashdot crowd what it is, is definite proof that no one has noticed).

    In fact, a port of gmail drive to slashdot is already in beta.

    1. Re:counter-intuitive results? by DarthJohn · · Score: 3, Insightful

      That's not what it says (somebody fixed a typo in the summary?).

      in certain circumstances, doubling the number of algorithms looking for hidden data can increase the capacity of the steganographic channel

      More people looking for hidden data makes it possible to hide more data. I find that counter-intuitive.

  2. Need for steganography by CRCulver · · Score: 4, Interesting

    Around the turn of the millennium steganography became a big topic, the idea being that using PGP would only draw attention from the authorities. In my Amazon review of Schneier's Applied Cryptography I even complained that Bruce didn't talk about how to hide even the use of crypto.

    But now that SSL is everywhere and the use of encrypted VPNs is a typical part of telecommuting, I don't think cryptography suggests the same anti-authoritarian counter-culture rumblings it used to. Do we need to hide crypto anymore?

    1. Re:Need for steganography by zappepcs · · Score: 4, Interesting

      Well, there may not be a pressing public need to hide cryptography usage, but if you want your data secure from prying eyes, additional measures are a good idea. Blue-Ray just got hacked (again) and it was supposed to be valid security for a decade... right?

      If what you encrypt with can be broken by others, then it is not doing the intended job. If you use PGP, and the decrypted message between you and another trusted user is encrypted already, the likelihood of your message being decoded is substantially less.

      In south or terse, I touch in kelp. You are wrought on girls, but it's young urine poor obese ladle mate.

      Encrypting is not hard, but if what you decrypt looks like this above, it may be hard to decipher and not worth the effort. BTW, that is decipherable.

      Both the PGP and this encryption (or another) can be decoded quickly on the fly. It's possible that those pesky 'terrorists' could be using v1 aGr4 spam to send messages.

      --
      Support NYCountryLawyer RIAA vs People
    2. Re:Need for steganography by Ngarrang · · Score: 5, Insightful

      Do we need to hide crypto anymore?

      Yes. There are many places in this world where freedom of information is oppressed. Having a method of communicating in the clear without raising any red flags is a Good Thing(tm).

      For example, let's say you are an evil political dissident in China, trying to spread ideas of democracy and capitalism. If you send an encrypted message to your corrupt imperialist American ally, that seems suspicious. If you have nothing to hide, then why are you hiding it?

      But, if you can send your friend a message about how you are growing corn in relatively poor conditions and how great the local government has been in supporting the effort...with a stego message hidden inside, then that is probably going to slip right through.

      The best way to not get caught is to look like there is nothing to catch.

      --
      Bearded Dragon
    3. Re:Need for steganography by Ironsides · · Score: 3, Insightful

      Bluray is not a good counterpoint. Bluray is not designed to keep the contents from being read by anyone but the 'appropriate person', it is designed to keep anyone from copying it. However, it still meeds to be readable in the player. As such, it is like trying to keep someone from photocopying something while they still need to be able to read/view it. In encryption, you don't care if the 'appropriate person' copy it, you just don't want anyone else to be able to view it.

      --
      Fly me to the moon Let me sing among those stars Let me see what spring is like On jupiter and mars
  3. Google is the perfect example by NotQuiteReal · · Score: 4, Insightful

    hiding a message in such a way that only the sender and receiver realize it is there

    I ignore lots of ads served up by them. They might as well not be there, I can't name one.

    --
    This issue is a bit more complicated than you think.
  4. Already in use by xmarkd400x · · Score: 5, Funny

    In the stego-channel, a transmission is successful if the decoder properly determines the sent message without anybody else detecting its presence (abstract).

    When my girlfriend is talking on the phone, I am almost never aware that a message is being sent. She is so effective, in fact, that often when I am the intended recipient I am not aware that a message is being sent!

    1. Re:Already in use by ceoyoyo · · Score: 3, Insightful

      That's the part about noise increasing the capacity of a cryptographic channel.

  5. Re:Were's Waldo's message? by Anonymous Coward · · Score: 5, Funny

    stegan O graphy i S T he a R t of hiding A message in su C h a way that only the sender and receiver realize it is there. (by contrast, cryptography disg U i S es the content of a message but makes no attempt to h I de it.)

    there' S a secret messa G e in this post. c A n an Y one find it?

  6. Abstract misinterpreted the paper. by argent · · Score: 3, Insightful

    Studying a stego-channel in this way leads to some counter-intuitive results: for example, in certain circumstances, doubling the number of algorithms looking for hidden data can increase the capacity of the steganographic channel"

    That's not what the paper claims. It claims that when there are multiple detectors, adding noise to the channel between the two detectors can increase the available bandwidth. This isn't really all that counter-intuitive when you think about it.

  7. Stenography FTW by yttrstein · · Score: 3, Interesting

    I've always had a warm spot for stenography, and it's actually much handier for certain types of communications than others. For example, in the two nights preceeding the last Democratic National Convention that was held in Chicago (1996), a subversive media organization, armed with clunky digital cameras and a T-1 on the south side donated by the Teamsters photographed and filmed more than a hundred instances of police brutality, uploading them to the web with about a 30 minute delay.

    You had to actually drive downtown to where the T-1 terminated to upload things in those days, see.

    But how did we communicate our plans and schemes to actually be present at "hotspots" when the shit really went down? Stenography. It went like this:

    I have a number, that number is 356-32395510. I tell you that number. Then I take an image file and UUencode it. (for those who don't remember what that does, it's great for turning a binary file into a flat text file without losing any data). Then I take the message that I want to give you and drop it manually into the UUencoded file, like this:

    Every third character on every second line starting from line 910, (the third, fifth and sixth digits of the are decoys) counting whitespace. The numbers always changed and had to be memorized when received as they were never written down. Everything to the left of the dash tells you what digits to the right of the dash are decoys. Use the number to find the characters and you have the message. Pull them out and you can UUdecode your picture again and look at it. Leave them in and the file looks merely corrupt. Email the stenographed file to the recipient who's memorized your number and there you have it.

    The upside to this method is plausible deniability. If the fuzz finds a corrupt file called "FATLADYSEXHAHA.uue" on your computer, they have nothing. However, if they find a PGP file that you refuse to open for them, there can be issues.

    Of course it's possible to break that kind of thing, but the point of stenography is that the man does not know it's a message of any kind, let alone a radical one all about how awesome cuba is.

    1. Re:Stenography FTW by zindorsky · · Score: 4, Informative

      I've always had a warm spot for stenography

      ...

      But how did we communicate our plans and schemes to actually be present at "hotspots" when the shit really went down? Stenography.

      ...

      Of course it's possible to break that kind of thing, but the point of stenography

      So you hid your messages with stenography? The action of process of writing in shorthand or taking dictation? This word you keep using ... I do not think it means what you think it means.

      --
      If the geiger counter does not click, the coffee, she is not thick.
  8. How much info can you hide in a scientific paper? by petes_PoV · · Score: 3, Insightful
    Well, I've read the published paper, and I still don't have a clue what the answer is. I suppose hoping for a cut and dried figure like "1%" was too optimistic, afterall.

    If there's going to be a practical use for this (and the conclusions don't say they've calculated "the answer", just that they've developed a framework, gaaah!) then my gut tells me that the answer is "not very much" - somehwere around the rounding-errors of the encoding mechanism.

    So, does anyone know how much data can be stuffed, undetectably, into a 700MB AVI file?

    --
    politicians are like babies' nappies: they should both be changed regularly and for the same reasons
  9. Steganography?? Whaddya know... by Binge · · Score: 3, Funny

    I always thought Steganography was the act of writing on large, plate-backed dinosaurs. Ya learn something new every day here!

    --
    http://photobombers.com/ Funny pix