New subject: Has this photo been de-stegoed?

10 Dec 2003

      Well, that sounds reasonable on the face of it, but there's got to be a lot 
more discussion before I'm convinced.

Remember that psuedorandom or encrypted data has a certain noise spectrum. 
This noise spectrum is extremely different based on what PRBS one is 
using...PRBS 2^23-1 looks completely different from other 'noise' (and 
remember noise is a relative term).

If you spatially fft a random photo, you'll find that the image detail 
energy largely occupies certain bands. These are not the bands that stego 
uses (or so I assume...it really can't be otherwise). The stego-able 
spectrum will indeed be noise, but this noise will have a certain spectrum.

Stego, done well, will I assume try to mimic this noise, but there may be 
problems. If the message is encrypted, then merely loading that message into 
the photo will, I assume, NOT result in a noise spectrum that looks like 
real noise. So you'll need some kind of chopper or spectrum-spreader I 
guess.

If no chopper's used, however, I'm guessing that stego-ed 'noise' doesn't 
look like true photo noise. If the photo has been de-stegoed stupidly (ie, 
by writing a random message in its place), that noise won't look like photo 
noise. So it seems to me that you'd need a sophisticated agent to make the 
de-steoed photo look like it never had stego. In other words, if the FBI are 
your man-in-the-middle, then you'll be able to detect that the photo was 
de-stegoed. If the NSA is your man-in-the-middle, you might not be able to 
tell.

Any of you TLA lurkers wanna come in on a remailer and set me straight?

-TD
...
From: "A.Melon" <juicy@melontraffickers.com>
To: cypherpunks@minder.net
Subject: Re: Has this photo been de-stegoed?
Date: Wed, 10 Dec 2003 13:28:31 -0800 (PST)
Tyler Durden (camera_lumina@hotmail.com) wrote on 2003-12-08:
...
Is it possible to determine that the photo 'originally' (ie, when it was
sent to me) contained stegoed information, but that it was intercepted 
in
transit and the real message overwritten with noise or whatever?
Hardly, given the simple fact that well-encrypted content is
indistinguishable from noise.
_________________________________________________________________
Dont worry if your Inbox will max out while you are enjoying the holidays.  
Get MSN Extra Storage!  http://join.msn.com/?PAGE=features/es

Re: Has this photo been de-stegoed?

Tyler Durden

Morlock Elloi

Bill Stewart

tags

participants (3)