Ah, but your assumptions are not quite right. See my Wired News article on steganalysis. -Declan On Wed, Jul 18, 2001 at 09:34:15AM -0700, David Honig wrote:
At 08:07 AM 7/18/01 -0700, Ray Dillinger wrote:
I keep looking at the whole stego thing. But the basic problem remains the same. Stego relies on the *method* being secret, which stands in stark contrast to kerchoff's principle. I mean, sure, you can stego encrypted stuff so nobody who recovers it can read it, but if you use any of the "available" programs, there will always be utilities that can detect your encrypted stuff and, usually, extract it.
1. encrypted data is indisttinguishable from uniformly distributed noise 2. LSBs in digitizations of analog signals are noise 3. ignoring the nuance of different LSB distributions, how can you distinguish a stego'd from unaltered file?
Stego by itself is much less interesting than stego'd encrypted data (with idenntifying headers stripped of course)
That spam, mp3, or image could be merely a transport for more privledged info. Posting /reading to a public newsgroup solves traffic-analysis issues too.