Re: A revision of my text stego scheme



Am 21.05.2011 20:11, schrieb Jeffrey Goldberg:
On 11-05-21 9:30 AM, Mok-Kong Shen wrote:

Isn't it a general
property of hash functions that it is difficult to predict
what a change of input has on the hash output?

Yes.

If that's
indeed the case, then one might under circumstances have
to do a couple of tries to get the right stego bit in
your scheme IMHO, while in my scheme it is deterministic
in the sense that one knows exactly that a change is right.

That is true, but it shouldn't take more than a few tries with jbriggs'
method. By hiding two bits in each line, you would have quadruple the
number of tries, but it should still be feasible.

It may be my subjectivity, but I still find it difficult to understand
why one wants to try a few times to get one bit right, while, assuming
common competence in language, the modifications are IHMO trivial to do.

An advantage of jbriggs' approach is that every bit in the text line
matters instead of just looking in one place. By spreading the
information out it is less likely to be detected.

One need in most cases only to change one word. If that modificaton
is done not too bluntly, I don't think that's easy to be detected.

Furthermore you could add some encryption by having a shared secret that
is appended or prefixed to each line before hashing. This means that
even if someone suspected you were using such a hashing mechanism they
wouldn't be able able to reconstruct your hashes without your shared secret.

I don't need that. As I wrote in OP, the stego bits should preferrably
be encrypted (by a sufficiently strong algorithm).

I like to take this opportunity to add some tiny remarks.
In case the purpose of the messages is purely for stego, it
doesn't matter that the changes deviates in sense from what
the sender at first types in, e.g. modifying Monday to Tuesday
or under circumstances even reverting the original sense.

Keep in mind that if the text doesn't make sense (say in one place you
talk about something happening on Monday and later refer to it as
happening on Tuesday) suspicions of stegonagraphy will be raised.

That depends on context. I don't mean that "generally" you do that
kind of change. If in a message there is only one mention of Bill's
travel, saying that he is arriving on Monday (or Tuesday), what
harm could there result?

However, as you (MK) pointed out, your method doesn't require software.
If the situation is such that possession of necessary software might be
detected, then a "no special software" solution may be preferable.

What I like to stress is that the scheme could be done by everybody 'on
the street' and that certain agencies should probably from now on, in
addition to automatically screen emails for certain keywords, develop
appropriate methods to automatically screen emails (also usenet posts
and sources of HTML) for stegos.

M. K. Shen


.