Lately, there has been some discussion on mailing lists and blogs about the fact that srcabmling the oredr of ltetres in Egnilsh deson't afefct raebditly. I decided to write some code to experiment with it. You can try out the Java applet here: http://www.wayner.org/books/discrypt2/wordsteg.php Source code is available protected by the LGPL. It builds upon an earlier experiment here: http://www.wayner.org/books/discrypt2/sorted.php Please write if you have questions, thoughts, comments, etc. Peter Wayner p3@wayner.org
Please write if you have questions, thoughts, comments, etc.
Could be the l33t sp3ak next generation for the cases when the communication is monitored by automated tools for keywords. Could foil both alerting on keywords and keyword searching on intercepted and stored material (unless the keyword search would look also for all the possible permutations of the words).
On Monday 22 September 2003 18:39, Thomas Shaddack wrote:
Please write if you have questions, thoughts, comments, etc.
Could be the l33t sp3ak next generation for the cases when the communication is monitored by automated tools for keywords. Could foil both alerting on keywords and keyword searching on intercepted and stored material (unless the keyword search would look also for all the possible permutations of the words).
No, the channel is better than that. The true keywords aren't even in the message. Only some stego binary codes that are translated after recovery, so one need not even be as obvious as "Pick up the 2 cases of beer at Simon's on the way home." Srue, it's obvoius if you try to sutff too much itno one cleratxet, but that would be a rookie mistake.
Interesting idea, but it seems like that would be easy enough to foil. Why not just put the "inner" characters in a canonical order when scanning? (searching via google or another strict keyword-based search engine is another matter) Then you can cheaply match on a single form regardless of how they have permuted the word. I think the existing techniques that I've seen on the binaries channels on usenet and some of the spam I've been getting lately are already more effective. They just inject noise characters and use creative phonetic spellings. Maybe reducing the "words" to an improved soundex-like hash would be a more effective technique for dealing with this issue. Anyone know of any work in this area? (spell-checker research would probably yield the most results) Adam Lydick On Mon, 2003-09-22 at 15:39, Thomas Shaddack wrote:
Could be the l33t sp3ak next generation for the cases when the communication is monitored by automated tools for keywords. Could foil both alerting on keywords and keyword searching on intercepted and stored material (unless the keyword search would look also for all the possible permutations of the words).
participants (4)
-
Adam Lydick -
Peter Wayner -
Roy M. Silvernail -
Thomas Shaddack