The Case Against Steganography In Perceptually Encoded Media

[David E. Weekly]

Cypherpunks,

I had an interesting revelation last night. It's a bad idea to use
perceptually-coded media to embed steganographic data. By definition, it
means making the coder make decisions that it otherwise would not have made.
If the coder is good, then the coder's decisions are not arbitrary but
rather each bit is focused on producing the minimal representation necessary
for adequate presentation to humans. This means that encoding extra "random"
data on top of this will always produce compressed output that is of lower
quality than the original. From an information theory standpoint, if you're
tacking on a data stream to compressed output, the stream that is the sum of
the two contains more information and must be represented with more bits.
For example, to attack steganographically-encoded pictures, the pictures
could be analysed and those with lower-quality encoding than expected would
be flagged for analysis as suspect.

The conclusion is remarkable (to my little mind, at any rate): since most
media transmitted over the Internet is perceptually compressed (JPG, MOV,
AVI, MP3, etc.) the efforts to steganographically encode data within most
Internet media are fundamentally doomed.

Where, then, can one hide information streams? The answer is wherever
*random* information is communicated. (Even just partial randomness is okay;
I've got a paper on this I hope to be presenting soon!)

 David E. Weekly
 Founder & Executive Director
 California Community Colocation Project (an OPG project)
 http://CommunityColo.net/ - the world's first non-profit colo!