really hiding encrypted data

Eli Brandt ebrandt at jarthur.Claremont.EDU
Mon Nov 29 21:07:18 PST 1993 

> From: jim at bilbo.suite.com (Jim Miller)
> I suspect it is easy to distinguish between the collection of least
> significant bits of a normal picture file and the collection of
> least significant bits of a picture file used to hold some
> encrypted data.

I wrote something about this just a mont or two ago.  Rather than
going through it all again, let me summarize and go off in a
different direction.  Yes, simple-minded LSB steganography should be
detectible.  Its statistical effect is to stomp hard on the lowest
bit with white noise, while doing nothing to higher bits.  This
isn't a very plausible noise source.  I've been hoping to find some
time over winter break to brush up on my statistics and put together
a steganography detector.  This sort of analysis might not hold up
in court, as it's always possible that somebody has a bogus ADC or
something, but it's fine for traffic analysis.  I think the trick
will be avoiding false positives on images that have been dithered
at some point during their life...

> This is probably a stupid question, but...is there anyway to take a
> chuck of encrypted data (presumably with a high degree of
> randomness) and securely munge it so it looks less random, while
> retaining the ability to reverse the munge and decrypt the data.

You could hit only scattered bits, but this sort of noise isn't
realistic either.  What you want is to end up with plausible
statistics.  One possibility is to construct a model for the
less-significant planes of the types of images (or other data) which
you intend to use.  If you leave a parameter or two free, or
partially free, you should be able to fit some data in without being
blatant about it.  Low data rate, though.  Constructing a decent
data model for this purpose is beyond me.

A simple approach: add plenty of Gaussian noise, and maybe introduce
some moire crud to make it look lousy.  Then replace every n'th LSB
with a bit of your choice.  This should be plausible enough to past
most auto-scanners, who probably can't afford to get too many false
positives.

>  Jim_Miller at suite.com

   Eli   ebrandt at jarthur.claremont.edu
	 PGP 2 key by finger or e-mail
"They have written customized software for pseudospoofing and style 
 analysis for cyberspatial warfare across the many lists."  -- L. Detweiler

More information about the cypherpunks-legacy mailing list