see this link for papers on steganalysis: http://ise.gmu.edu/~njohnson/Steganography/ essentially, the papers assert that given our knowledge of how images and music files are encoded, and given information about how some of the popular steg. programs work, it's possible to detect the presence of hidden information and perhaps extract that information. this is very early stage work, so it doesn't provide all of the answers... phillip
-----Original Message----- From: owner-cypherpunks@Algebra.COM [mailto:owner-cypherpunks@Algebra.COM]On Behalf Of David Honig Sent: Wednesday, July 18, 2001 12:34 PM To: Ray Dillinger Cc: cypherpunks@lne.com Subject: RE: DMCA has pushed me to my limit.
At 08:07 AM 7/18/01 -0700, Ray Dillinger wrote:
I keep looking at the whole stego thing. But the basic problem remains the same. Stego relies on the *method* being secret, which stands in stark contrast to kerchoff's principle. I mean, sure, you can stego encrypted stuff so nobody who recovers it can read it, but if you use any of the "available" programs, there will always be utilities that can detect your encrypted stuff and, usually, extract it.
1. encrypted data is indisttinguishable from uniformly distributed noise 2. LSBs in digitizations of analog signals are noise 3. ignoring the nuance of different LSB distributions, how can you distinguish a stego'd from unaltered file?
Stego by itself is much less interesting than stego'd encrypted data (with idenntifying headers stripped of course)
That spam, mp3, or image could be merely a transport for more privledged info. Posting /reading to a public newsgroup solves traffic-analysis issues too.