integrating GPG with deniable steganography

Bernd Jendrissek berndj@prism.co.za
Thu Mar 22 10:13:01 2001 

On Wed, Mar 21, 2001 at 12:30:25PM +0100, Matthias Urlichs wrote:

> Florian Weimer:

> > This way, you can only defeat an attacker whose noise model is worse

> > than yours.  That's not a big deal, and it's *not* secure.

> > 

> Since you can always conceive of with a better noise model, that would

> be a killer argument against any kind of "conventional" steganography.


Yes, you can conceive of a better noise model.  But that improved noise
model would have to show that the departure from the NEW! Improved! (tm)
model is *statistically significant*.  For the intended recipient to
detect the message requires no statistical significance - the message just
has to be there.


> You obviously need a data model where the original noise is masked in a

> computationally intractable way. My idea of introducing little

> variations in an image or an audio stream so that the result of

> lossy compression, decompression (a step which might not be necessary),

> cryptographic hashing, and selecting single bits from that, ends up

> equal to the message you want to transmit (which would be a cryptogram,

> i.e. random bits, with _exactly_ the same randomness behavior as any

> other sequence of random bits.


"_exactly_" is not necessary.  Beware of being "too random".

Maybe a good way to hide data (at very low bandwidth) is to take photos
of your living room repeatedly, adjusting the skewness of this photo of
Aunt Madge a little, taking that encyclopaedia out of the shelf, etc.
*until* the JPEG just "happens to" carry the desired information.  Then
leave your living room as at the last picture so nobody can say it's not
the same as in the picture.


> I assume here, of course, that there's no good noise model for the

> target domain, i.e. the decompressed MP3 file or JPEG image.


Yes, if your sample size is small, it's difficult to make significant
conclusions.  Whereas pictures of trees in summer might be expected to
have a R/G/B distribution of, say, (10+/-2)% (85+/-10)% (3+/-1)%, pictures
of people's families in their living rooms may have distributions more like
(40+/-20)% (50+/-25)% (30+/-15)%.  It wouldn't be very significant to
say, "Alice's living room is greener than average by 10%", but it would be
significant to say, "Alice's oak is too red by 3%".

So, choose carriers whose characteristics are difficult to compare in a
statistically significant way.

Bernd Jendrissek