DMCA has pushed me to my limit.
Declan McCullagh
declan at well.com
Wed Jul 18 10:50:43 PDT 2001
Ah, but your assumptions are not quite right. See my Wired News
article on steganalysis.
-Declan
On Wed, Jul 18, 2001 at 09:34:15AM -0700, David Honig wrote:
> At 08:07 AM 7/18/01 -0700, Ray Dillinger wrote:
> >I keep looking at the whole stego thing. But the basic problem
> >remains the same. Stego relies on the *method* being secret,
> >which stands in stark contrast to kerchoff's principle. I mean,
> >sure, you can stego encrypted stuff so nobody who recovers it
> >can read it, but if you use any of the "available" programs,
> >there will always be utilities that can detect your encrypted
> >stuff and, usually, extract it.
>
> 1. encrypted data is indisttinguishable from uniformly distributed noise
> 2. LSBs in digitizations of analog signals are noise
> 3. ignoring the nuance of different LSB distributions, how can you
> distinguish a stego'd from unaltered file?
>
> Stego by itself is much less interesting than stego'd encrypted data
> (with idenntifying headers stripped of course)
>
> That spam, mp3, or image could be merely a transport for more privledged
> info. Posting /reading to a public newsgroup solves traffic-analysis
> issues too.
More information about the cypherpunks-legacy
mailing list