Stegdetect 0.4 released and results from USENET search available

Karsten M. Self kmself at
Wed Dec 26 17:40:14 EST 2001

on Tue, Dec 25, 2001 at 11:46:30PM -0500, Arnold G. Reinhold (reinhold at wrote:
> This is an nice piece of work, but I have a couple of comments:
> 1. The paper asserts "Even if the majority of passwords used to hide 
> content were strong, there would be a small percentage of weak 
> passwords ... and we should have been able to find them."  That might 
> be true if there are a large number of stego users independently 
> selecting passwords, but it's not a compelling argument if stego is 
> being employed by a few sophisticated terrorist  organizations, as 
> suggested by the April 1991 Newsday article, 
> . 

Regardless, it's an assertion which may be corroborated by history of
password attacks on other systems.  Does anyone have a reference to an
analysis of dictionary and brute-force password attacks, and typical
patterns of discovery? 

Remaining discussion is interesting, elided.


> 2. The signature graphs you presented for several of the stego 
> methods seemed very strong. I wonder if there is more pattern 
> recognition possible to determine highly likely candidates. I would 
> be interested in seeing what the graphs look like for the putative 
> false alarms you found. It also might be interesting to run the 
> detection program on a corpus of JPEGs known NOT to contain stego, 
> such as a clip art CD.
> 3. If you did succeed in decrypting one of Osama Bin Laden's 
> missives, wouldn't he have a case against you under DMCA?

There are exceptions for law enforcement, national defense, and

I've noted in the past, however, that data aquired through national
monitoring systems such as Carnivore or Echelon, and forwarded to
private industry, as has been alleged by the French against the US, may
not fall under this exemption, and could be actionable.


Karsten M. Self <kmself at>
 What part of "Gestalt" don't you understand?              Home of the brave                    Land of the free
We freed Dmitry! Boycott Adobe! Repeal the DMCA!
Geek for Hire            
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 232 bytes
Desc: not available
URL: <>

More information about the cryptography mailing list