[Cryptography] russian spies using steganography?
Kevin W. Wall
kevin.w.wall at gmail.com
Sun May 8 17:15:12 EDT 2016
On Sun, May 8, 2016 at 8:24 AM, ianG <iang at iang.org> wrote:
> http://www.theguardian.com/world/2016/may/07/discovered-our-parents-were-russian-spies-tim-alex-foley?CMP=share_btn_tw
>
> Bezrukov and Vavilova communicated with the SVR using digital steganography:
> they would post images online that contained messages hidden in the pixels,
> encoded using an algorithm written for them by the SVR. A message the FBI
> believes was sent in 2007 to Bezrukov by SVR headquarters was decoded as
> follows: “Got your note and signal. No info in our files about E.F., BT, DK,
> RR. Agree with your proposal to use ‘Farmer’ to start building network of
[rest of message deleted]
Dumb question....if this was done in 2007, why not encrypt a short message
that is itself a URL shortener (e.g., bit.ly) and embed THAT encrypted URL into
the image and then have the spies retrieve the encrypted URL, decrypt it,
and then use the URL to retrieve the actual message (which could require
authentication or itself be encrypted). That seems like it would be
a lot more secure and could be built into the software that was
allowing them to retrieve the embedded hidden message in the first place.
And if it seems obvious to me, surely I would have thought a spy agency
would have thought of it.
-kevin
--
Blog: http://off-the-wall-security.blogspot.com/ | Twitter: @KevinWWall
NSA: All your crypto bit are belong to us.
More information about the cryptography
mailing list