Catching up on the thread, the comments about fitting the stego into the
image reminded me of http://www.outguess.org/ by Niels Provos. Looks like
he's a few months ahead of you
Marc Horowitz wrote:
Rick Smith [EMAIL PROTECTED] writes:
Thus, a 'good' stego system must use a crypto
Ben Laurie writes:
If you want a lot of people to see it, you can't keep it secret. If you
can't keep it secret, you may as well just come out with it and publish
the bits without stego.
What did I miss?
It depends on how hostile the regime is. If you want to publish
something but
At 1:34 AM -0500 1/26/2000, Marc Horowitz wrote:
Rick Smith [EMAIL PROTECTED] writes:
The basic notion of stego is that one replaces 'noise' in a document with
the stego'ed information. Thus, a 'good' stego system must use a crypto
strategy whose statistical properties mimic the noise
On Tue, Jan 25, 2000 at 04:51:12PM -0800, Nelson Minar wrote:
Of course, this isn't easy to do - "matching statistical properties"
isn't a simple closed problem. But I bet you could do fairly well in
certain circumstances. For instance, Linux uses a strong random number
when starting a TCP
In message [EMAIL PROTECTED], Marc Horowitz writes:
In short, is steganography the ultimate surveillance tool?
Like most surveillance technologies, this is a game of constant
incremental improvements. You watch me through a window, I put up
curtains. You listen through a hidden
question becomes, without identifying the location of the ciphertext in a
prior agreement or on some outside channel, can a person communicate with
friends without alerting enemies to the existance of secret communications?
In this case you are entering the realm of psychology. There may be a
At 12:12 AM 01/27/2000 +, Ben Laurie wrote:
I can't quite see the point of forward stego.
I'll leave it to Russ to explain his application if he wants to.
Why not publish something
public key encrypted and publish the private key later?
Symmetric cryptography has two advantages in this
I wonder if stego users will have to choose between uncrackable
encryption or undetectable data.
I don't think so. Replacing the low-order bits of a picture with
random noise (or an encrypted message) is silly - like you say, anyone
can find it easily. But there is a certain amount of free
The basic notion of stego is that one replaces 'noise' in a document with
the stego'ed information. Thus, a 'good' stego system must use a crypto
strategy whose statistical properties mimic the noise properties of the
carrying document. Our favorite off the shelf crypto algorithms do *not*
David Honig writes:
At 03:20 PM 1/25/00 -0500, Russell Nelson wrote:
I'm trying to do forward stego -- that is, publish some encrypted
steganographic document, with the idea that, once everyone has a copy,
*then* you reveal the key.
Fascinating, captain. Canna imagine why.
On Tue, 25 Jan 2000, Rick Smith wrote:
. . . .
For example, many stego implementations involve embedding data in the low
order bits of a graphical image. Those low order bits undoubtedly have some
measurably non-random statistical properties. Once we replace those bits
with data, the bits
If the picture was taken by an actual camera, the least significant
bits will be random due to the nature of the way CCDs work in the real
world. They might be biased, but it's not very hard to bias a
"random" data stream. You could have the sender look at the bias in
the
Forgive me if I'm missing the point here but I don't think the original
question was how to make steganography better and hide the message more
effectively (although that's certainly a valuable goal).
Sometimes it's important to hide the fact that a secret message exists. A
good guy in enemy
Rick Smith wrote:
It sounds like there are a number of interesting design questions. For
example, the sender and recipient must obviously share a secret key.
Why is that obvious? What's wrong with encoding with the recipient's
public key?
Cheers,
Ben.
--
SECURE HOSTING AT THE BUNKER!
Rick Smith wrote:
Rick Smith wrote:
It sounds like there are a number of interesting design questions. For
example, the sender and recipient must obviously share a secret key.
At 10:18 PM 01/26/2000 +, Ben Laurie wrote:
Why is that obvious? What's wrong with encoding with the
For example, it's possible that this email was written by a political
prisoner in a 3rd world country and he's used steganography to conceal a
message to his friends and family right here in these 3 paragraphs. My
question is, without prior agreement or access to an outside channel, how
are
The problem with Steganography is that there's basically no way to
clue people in to it's location without clueing everyone into it.
That's not a problem. By definition, successful steganography
is undetectable even when you know where to look. Otherwise the
steaganography has failed
' is not with steganography, but with trying to apply it
outside of a security model that permits it.
On 25 Jan 2000, lcs Mixmaster Remailer wrote:
The problem with Steganography is that there's basically no way to
clue people in to it's location without clueing everyone into it.
That's not a problem
lcs Mixmaster Remailer writes:
The problem with Steganography is that there's basically no way to
clue people in to it's location without clueing everyone into it.
Encryption is successful if the attacker can't find information about the
plaintext without the key. Ideally, he can't
At 03:20 PM 1/25/00 -0500, Russell Nelson wrote:
I'm trying to do forward stego -- that is, publish some encrypted
steganographic document, with the idea that, once everyone has a copy,
*then* you reveal the key.
Fascinating, captain. Canna imagine why.
Problem is, how do you convince them
At 07:20 PM 01/25/2000 -, lcs Mixmaster Remailer wrote:
Steganography is successful if the attacker can't distinguish
message-holding data from ordinary data without the key. Ideally, he
can't guess whether a message is present any better upon inspecting the
cover data than he could without
21 matches
Mail list logo
