Stegdetect 0.4 released and results from USENET search available

Arnold G. Reinhold reinhold at
Tue Dec 25 23:46:30 EST 2001

This is an nice piece of work, but I have a couple of comments:

1. The paper asserts "Even if the majority of passwords used to hide 
content were strong, there would be a small percentage of weak 
passwords ... and we should have been able to find them."  That might 
be true if there are a large number of stego users independently 
selecting passwords, but it's not a compelling argument if stego is 
being employed by a few sophisticated terrorist  organizations, as 
suggested by the April 1991 Newsday article, . It 
is quite likely that such organizations  train users to select strong 
passwords or passphrases. Indeed, since the stego systems use 
symmetric keys, field cells would have to be assigned passwords prior 
to deployment. In all likelihood this would be done by a central 
communications group, with good crypto skills.

Even if some cells did use weak passwords, they are likely to derive 
them from languages and religious quotes  that I suspect are not well 
represented in your dictionary. There is also the possibility that 
the terrorist organizations modified published stego programs or 
built their own from scratch, perhaps to incorporate public key 
methods. In that case, a dictionary attack is hopeless.

I don't think you can conclude much from the failure of your 
dictionary attack to decrypt any messages.

2. The signature graphs you presented for several of the stego 
methods seemed very strong. I wonder if there is more pattern 
recognition possible to determine highly likely candidates. I would 
be interested in seeing what the graphs look like for the putative 
false alarms you found. It also might be interesting to run the 
detection program on a corpus of JPEGs known NOT to contain stego, 
such as a clip art CD.

3. If you did succeed in decrypting one of Osama Bin Laden's 
missives, wouldn't he have a case against you under DMCA?

Arnold Reinhold

At 12:16 PM -0500 12/21/01, Niels Provos wrote:
>I just released Stegdetect 0.4.  It contains the following changes:
> - Improved detection accuracy for JSteg and JPhide.
> - JPEG Header Analysis reduces false positives.
> - JPEG Header Analysis provides rudimentary detection of F5.
> - Stegbreak uses the file magic utility to improve dictionary
>   attack against OutGuess 0.13b.
>You can download the UNIX source code or windows binary from
>The results from analyzing one million images from the Internet Archive's
>USENET archive are available at
>  After scanning two million images from eBay without finding any
>  hidden messages, we extended the scope of our analysis.
>  This page provides details about the analysis of one million images
>  from the Internet Archive's USENET archive.
>  Processing the one million images with stegdetect results in about
>  20,000 suspicious images. We launched a dictionary attack on the
>  JSteg and JPHide positive images.  The dictionary has a size of
>  1,800,000 words and phrases.  The disconcert cluster used to
>  distribute the dictionary attack has a peak performance of roughly
>  87 GFLOPS.
>  However, we have not found a single hidden message.
>Comments and feedback are welcome.  We have an FAQ at
>Regards and a merry Christmas,
>  Niels Provos
>The Cryptography Mailing List
>Unsubscribe by sending "unsubscribe cryptography" to 
>majordomo at

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at

More information about the cryptography mailing list