At 07:26 PM 9/12/96 -0700, Jim_Miller@bilbo.suite.com wrote:

Most everybody on the list is familiar with the technique of hiding encrypted messages in the LSBs of image files. Personally, I would not use such a technique because don't I believe it's really undetectable. I assume, without proof, that the LSBs of images files have statistical properties that are sufficiently different from encrypted data that a clever person could determine whether or not an image file contained an imbedded encrypted message.

First of all, they should at most be able to tell that there are random-looking-noise bits in there - if they start seeing patterns of ------BEGIN PGP ENCRYPTED SECRET MESSAGE------ you haven't done your job, though there are more subtle patterns that are more annoying to hide, like the slight bias of an RSA-encrypted piece of data; Hal Finney and others have written about this in the past. Hiding Depends substantially on the image source and the compression methods, if any, used on the image. For instance, a 24-bit true-color image or 8-bit grey-scale image from a scanner with 6-bit resolution will be pretty noisy in the LSBs, and if the Bad Guys are clever enough to find the patterns in them, you can be clever enough to find them and encode your initially-pseudorandom cyphertext stegobits in a way that matches the stats of the noise. On the other hand, if you take the LSBs of cartoon data, with large areas of solid colors, and start dithering them with stegobits, it's obvious you're up to something, if not necessarily what it is - be careful. Ron Rivest posted a message on coderpunks mentioning somebody's suggestion of building an internet-phone sort of program that shoves stegobits into the voice compression. I'd be extremely surprised if you could do that with the fancier compression algorithms, such as CELP, LPC, and friends, but it shouldn't be too hard with the looser compression algorithms such as ADPCM and Delta-Modulation, which need 16-32kbps and can run on really dumb processors - you've got more bits per second to hide in, can get away with stealing more of them, and there isn't any real subtle prediction stuff going on that you've got to work around. Given that most of the popular Internet Phone products don't do encryption (sigh...), this would at least be a good cover. (Well, assuming you've got a credible voice conversation going and aren't saying things like "OK, Carlos, let me send you the secret message starting ... NOW".) [tricks #1,2 - picking your cleartext so the RC4/40 cyphertext or MD5s have chunks of the real stego-cyphertext you want - cute.) # Thanks; Bill # Bill Stewart, +1-415-442-2215 stewarts@ix.netcom.com # <A HREF="http://idiom.com/~wcs"> # You can get PGP software outside the US at ftp.ox.ac.uk/pub/crypto