According to nobody@soda.berkeley.edu:
There are a couple of problems with the idea of sticking encrypted files onto the end of executable files. The first is, to make this easy, you need a program to do it (and to "undo" it). Well, if someone steals your computer and gets access to these files, they will probably also get access to this program. This will tip them off to what you have done.
The technique I advocated was so simple, I could code it on my lunch hour at work. I did. If you didn't want to have such a thing on your machine, you could store it remotely, either on an ftp site or a local bbs. Clean up your hard disk and there is no sign of anything.
This is an example of the general principle that you need to assume that your attackers know or can discover the methods you are using, but they don't know the keys.
If steganography is to work, we must find ways to make this "principle" invalid. Strong encryption will protect our "plain-sight-text." It falls to Data-hiding to protect our cyphertext.
Another problem is that encrypted files look different from executable files. Encrypted files have a uniform histogram (that is, all 256 different possible byte values are equally frequent), but exe files do not. The appending of an encrypted file to an executable file will be very obvious. The exact boundary may not be immediately apparent, but it can probably be narrowed down to ten or twenty words without much effort at all. In any case, exe files which have had this treatment will stick out like a sore thumb.
I was going to suggest, but Phil beet me to it, that we compress our executables
Last, XOR'ing a PGP file with a repeated string is probably not a very good method. PGP has a header at the front whose structure is known and which has some fixed bytes. These can be used to immediately recover some
Well, we could do a lot of things here. We could have the option of xor'ing, adding, or subtracting.... We could add random bytes to the cyphertext, at offsets we specify and memorize.... I still think this could be done, and that it would work. If anyone else shares my enthusiasm, I'll try to get it coded up +-----------------------+-----------------------------+---------+ | J. Michael Diehl ;-) | I thought I was wrong once. | PGP KEY | | mdiehl@triton.unm.edu | But, I was mistaken. |available| | mike.diehl@fido.org | | Ask Me! | | (505) 299-2282 +-----------------------------+---------+ | | +------"I'm just looking for the opportunity to be -------------+ | Politically Incorrect!" <Me> | +-----If codes are outlawed, only criminals wil have codes.-----+ +----Is Big Brother in your phone? If you don't know, ask me---+