I'm currently looking for a way to get encrypted data via stego to people who live in countries where crypto is illegal, and who may be watched. so just sending them a large graphic would likely arouse suspicion.
the 2 best solutions I've come up with so far are porn and spam. both are readily believable, even in large quantities. the problem with porn is that it may be illegal in itself in the same countries. the problem with spam is that ascii text just doesn't offer much to hide stego in (whitespacing, etc. is both easy to find and can store very little data).
Since the amount of information you need to send and the channel/event capacity for stego'd information are unspecified maybe you're looking for a general solution. Part of a general solution might be a scatter-gather mechanism. XMIT The information you need to send is broken up into multiple pieces and an index. The simplest method would be a flat structure but a tree is acceptable. Redundancy via overlapping segments could be introduced. Redundancy/error correction might be useful if Mallet is inclined for example to mess with whitespace in your e-mail. Anyway, the pieces are stego'd into multiple carriers that are made available via any and all protocols. RCV Once a recipient has the top-level index they can gather the pieces and reconstruct the original. Notes Scattering the information over multiple sites and accessing it via valid sets of linked pages for example might help in disguising the act of retrieving any particular carrier. A typical browse sequence might include many unused files and only one carrier. A single carrier might serve various fragments from multiple original input documents intended for different recipients. If a single carrier is safe and acceptable a webcam might be a nice broadcast for a few channels of text. It does simplify the task of identifying the sender and making a list of possibly recipients. A shifting set of sources would probably be safer. Message fragments could be transmitted over any period of time with the top-level index being the final step. That would help the sender avoid detection of the actual transmission since it could be interleaved with other activities. Likewise reception could be over an arbitrary period of time and interleaved with other activities. *** There's a high bandwidth cost associated with the scatter-gather process but it does allow arbitrarily sized messages and I'm assuming the cost of getting caught is extremely high as is the desire of authorities to view content, locate the sender or other recipients and suppress the information if it is detected. Mike