Maybe no stego on eBay afterall
John S. Denker
jsd at monmouth.com
Fri Jul 19 18:21:53 EDT 2002
Regarding the farcical wetstone results,
Peter Wayner wrote:
>
> The basic scheme is very simple.
OK.
> Generally the inserted message has
> higher entropy than the raw LSBs of an image.
Says who? See below.
> So the entropy of the
> picture/message combo should be higher than the picture alone. So you
> look at the entropy and choose all images that pass a threshold.
...
> So even though there's some cool science in the process, there's no
> scientific way to draw the line.
It's not "cool" to detect only whatever stego was inserted
by idiots.
a) Consider the following: Suppose I take a picture with
my CCD camera of a scene containing a more-or-less white
area. I choose the f/stop and exposure-time so that N
photons are expected to hit each pixel of the CCD array
in this area. Elementary physics and statistics tell us
that there will be an uncertainty of sqrt(N) in the actual
photon count.
b) I repeat the operation using a brighter light, bigger
aperture, and/or longer exposure, so that the expectation
value is now 10N. Then I divide by 10 to get an image
rather comparable to the first, but with sqrt(10) less
noise. I then add noise back in, using either
b1) an industrial-strength random symbol generator, or
b2) a well-encrypted message
I claim it is impossible for any empirical test to
distinguish case (a) from (b1) or (b2).
Maybe they'll just pass a law making it illegal to
take pictures except in mid-day sunlight.
> >> I bet they're still spending
> >> the Air Force's money to do the study, though.
Our tax dollars at work. Whoopee.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com
More information about the cryptography
mailing list