[Cryptography] Steganography and bringing encryption to a piece of paper
John Gilmore
gnu at toad.com
Sat Jul 19 17:40:42 EDT 2014
Spammers have largely mastered the art of pasting together text so that
it passes through filters, looking like human generated conversation or
documents. Whose free software are they using for that, and can we
adapt it to slide in steganographic messages? :-)
But that tactic almost misses the point. In human communication,
steganography has to look like what human would send. But in
technical communication, it just has to look like what a machine would
send.
So for example, how many bits can you communicate in one or more
Received: lines inserted into emails? The emails themselves can be
completely innocuous (or even borrowed from thru-traffic sent by
others). How many bits in cookies made up and sent along with
innocent HTTP requests and replies? How about in the essentially
unused "Type of Service" byte in every IPv4 packet? Or the 2-byte
Identification field, a nonce that is only used when fragmenting
packets, and is uncheckable at the receiving end? Or the huge unused
"flow label" in every IPv6 packet? Even better, there's a naughty
trick that involves noticing how frequently Internet gateways route
Ethernet "frames", rather than the IP packets within them. Large
numbers of IP packets are acks, shorter than the minimum Ethernet
frame size, so the IP packet is padded with many bytes of zeroes or
garbage to fill out the frame. If you put encrypted data into that
padding, rather than random garbage, how many hops will it survive as
it passes through the Internet? Only experimentation will tell you,
but I suspect that for a significant fraction of paths, including WiFi
paths, that padding will make it all the way to the destination host!
The beauty of this is that the steganographic data is completely
*outside* the IP packets, so anybody who is only looking at the IP
packets will miss it. It would take someone looking for high entropy
in the frame padding on particular flows to be able to detect it,
and even then if it's encrypted they will have trouble to determine
its meaning.
John
More information about the cryptography
mailing list