<nettime> "Pirate Utopia," FEED, February 20, 2001
Nomen Nescio
nobody at dizum.com
Mon Sep 24 13:30:35 EDT 2001
Adam Back wrote:
> To elaborate on this slightly. There are inherent reasons why
> steganography is harder than encryption: the arms race of hiding data
> in noise is based on which side (the hider vs the detecter) has the
> best understanding of the characteristics of the host signal. The
> problem is the host signal is not something with clear definition,
> what is known is primarily empirical statistical analysis.
> Manipulating signals with noise in them to replace noise with the
> stego text is not so hard, but knowing and modeling the signal and the
> source noise is not a solvable problem.
If you read the report at
http://www.citi.umich.edu/techreports/reports/citi-tr-01-11.ps.gz you
will find that the authors, Niels Provos and Peter Honeyman, you find
that they actually found a great many images with statistical indication
of steganographic content: "After processing the two million images
with Stegdetect, we find that over 1% of all images seem to contain
hidden content." That is, these images seemed to depart from normal
statistics to a significant degree.
The question is whether these are random variations from the norm or
are they actual embedded content? This is the factor which the analysis
above seems to neglect. Any statistical test is going to have a certain
number of false positives. This provides a background of "noise"
(that is, false positives) in which a true signal (a true positive,
an image with actual steganographic content) can hide.
The Stegdetect paper proceeded to further analyze the 20000+ images by
looking for passwords that would produce meaningful messages from the
hypothesized hidden content, via dictionary attack. No valid passwords
were found, and the authors concluded therefore that these were all
false positives. This does not seem to be a fully supported conclusion.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com
More information about the cryptography
mailing list