The recent discussion "Chaff in the Channel" got me thinking about an alternative to hiding random bit streams in picture files. The goal of steganography, as I see it, is to provide plausible deniability. The problem with hiding bit streams is that you can never be sure if the opponent has developed an analysis technique to prove a particular file contains a suspicious bit pattern. The alternative to hiding bit streams is to not hide them. Use them to generate pretty pictures. For example, modify a fractal image generator to accept a bit stream as input. Use the bit settings to influence the values used to iterate the fractal function. You don't have to use fractals, any function that produces pretty pictures would probably work as long as there was a way to extract the bit stream from the final picture. Brute force would probably work fast enough for humans. One possibility is a screen saver that produces an "infinite" variety of pretty pictures by generating a pseudo-random bit stream and using it to help generate the next background picture. Occasionally, the picture might be so cool you will want to send it your friends or post it on the Net or just keep it around to look at. The goal is to create an innocent reason for passing around unique images that contain random bit streams so we don't have to worry if somebody finds the bit stream. If you live in a country that doesn't outlaw abstract art you have plausible deniability. Jim_Miller@suite.com
The thing that bothers me about existing steganography code I've seen is that it all uses uncommon communication channels to hide data. For instance, the "hide data in a picture" programs: useful, up to a point, but how often do I send pictures to other people? I think to be effective, methods need to be employed that exploit existing, well used communication channels. So here's one idea I've had as a place to hide a channel: network video, in particular CU-SeeMe video streams. CU-SeeMe is a lowtech network video application, people running Windows and Macs with a $99 camera and a PPP stack can send about 2fps (160x120) to each other over the Internet. Times I've used it, bandwidth is about 8kbits/sec (I'm on a modem). So here we have a reasonably high bandwidth channel, person to person, that is already being used a lot on the net. How easy would it be to borrow a few bits to hide the secret message? Because the image quality is low (4bpp or 6bpp grey), and definitely nonrandom, you'd need to be more subtle than just borrowing the low bit. I think the answer could be found in image processing algorithms. Spreading a bit out across various pixels would nice, as would some sort of adaptive algorithm that identifies part of the image that's safe to hide data in. It's not good enough that the image with hidden data looks the same to the eye: it has to be statistically identical to undoctored streams. The biggest barrier to this I see is that the CU-SeeMe protocol itself is proprietary, and the only existing free code I know of that does it doesn't work very well (version 3.0 of a Unix reflector: buggy, now very old). Of course you have to emulate the normal software 100% correctly, or the Men in Black will see you're using stego tools. I should remark that the subliminal channel stuff in digital signatures is a really beautiful example of steganography.
On Wed, 6 Mar 1996, Nelson Minar wrote: [Re: data steams to put steno in]
So here's one idea I've had as a place to hide a channel: network video, in particular CU-SeeMe video streams. CU-SeeMe is a lowtech
That's an excellent idea. The only problem with using CU-SeeMe is that, due to the nature of the data being transferred, it is more important to keep up to date than to not lose data. I believe it uses UDP to do this. There would have to be some protection mechanism in the stego patches to tolerate high amounts of data loss - the obvious solution would be to loop the data, but that is easily detectable, and is not a guarantee that the data arrived safely. Setting up a connection outside of Cu-SeeMe attracts attention, especially if there was a correlation between what occurred on that connection and what occurred in the LOBs of the Cu-SeeMe connection. -- Abraham d'Anonymous (No relation to Alice)
On Wed, 6 Mar 1996, Anonymous wrote:
On Wed, 6 Mar 1996, Nelson Minar wrote:
[Re: data steams to put steno in]
So here's one idea I've had as a place to hide a channel: network video, in particular CU-SeeMe video streams. CU-SeeMe is a lowtech
That's an excellent idea.
[lots of snippage] Another problem is that in order to get a decent frame-rate CU-SeeMe does some image editing of its own: selectively sending only the portions of an image that have changed (I.e. the portion of the image that is a person who is moving is sent, The bookshelves in the background are not.) This could probably be easily gotten around however. This seems like a decent idea, however, once the initial obstacles have been overcome.. one typical problem with steg is the small number of bits that can be hidden.. i beleive a ratio of 1k per 100k is typical. Far too small to be useful for most people. Over the course of an hour long CU-SeeMe session however you could easily move enough data back and forth to provide adequate cover for a reasonablly long bit of cyphertext. As long as we're on the subject of stego, has anyone discussed/implemented subliminal streams in raw TCP packets? Seems possible to do at least on a point to point basis. If you could stash your data in the tcp packet itself, it wouldnt matter much what was actually being sent across the link. Some possibilities: a telnet client with a stegometer that would count the number of hidden bits remaining to be sent.. chat clients similarly equiped, etc. Then you could start up any client you choose and send data across it until you had gotten enough bits to complete transmission of your stego'd file.. just a thought.. ;) Benji..
On Wed, 6 Mar 1996, Nelson Minar wrote:
The thing that bothers me about existing steganography code I've seen is that it all uses uncommon communication channels to hide data. For instance, the "hide data in a picture" programs: useful, up to a point, but how often do I send pictures to other people? I think to be effective, methods need to be employed that exploit existing, well used communication channels.
Then he sez:
So here's one idea I've had as a place to hide a channel: network video, in particular CU-SeeMe video streams. CU-SeeMe is a lowtech
I think it likely that people will be sending GIFs and JPEGs to each other far more often than video. Video is far more an "uncommon communications channel" than is a uuencoded picture. -- Ed Carp, N7EKG Ed.Carp@linux.org, ecarp@netcom.com 214/993-3935 voicemail/digital pager 800/558-3408 SkyPager Finger ecarp@netcom.com for PGP 2.5 public key an88744@anon.penet.fi "Past the wounds of childhood, past the fallen dreams and the broken families, through the hurt and the loss and the agony only the night ever hears, is a waiting soul. Patient, permanent, abundant, it opens its infinite heart and asks only one thing of you ... 'Remember who it is you really are.'" -- "Losing Your Mind", Karen Alexander and Rick Boyes The mark of a good conspiracy theory is its untestability. -- Andrew Spring
participants (5)
-
anon-remailer@utopia.hacktic.nl -
Ben Holiday -
Ed Carp -
jim@bilbo.suite.com -
Nelson Minar