Kuro5hin.org: technology and culture, from the trenches
create account | help/FAQ | contact | links | search | IRC | site news
[ Everything | Diaries | Technology | Science | Culture | Politics | Media | News | Internet | Op-Ed | Fiction | Meta | MLP ]
We need your support: buy an ad | premium membership

[P]
Everyday Steganography

By pwayner in Technology
Thu Apr 17, 2003 at 09:19:37 PM EST
Tags: Help! (Ask Kuro5hin) (all tags)
Help! (Ask Kuro5hin)

I have a question for the Kuro5hin audience. It looks like steganography is being demonized again. The new law in Michigan seems to make it illegal to conceal your communications, although the powers that be might limit this prohibition to those who intend to defraud. I think this is going to affect a number of unsuspecting people including Hollywood itself.


This is a topic that's near and dear to my heart because I wrote a book ( Disappearing Cryptography) that describes just how to do that. Now the book might even be illegal-- if someone interprets the law especially broadly.

Naturally, broad, sweeping legislation like this will generate plenty of unintended consequences. For instance, are concealed baseball signs made by the Detroit Tigers now illegal? This article looks at some of the more serious potential victims including Hollywood itself. Many of the currently used digital watermarking schemes like Macrovision conceal their "don't copy" message.

I also describe my favorite pro-steganography example. Some researchers are using steganography to embedded a doctor's comments in the digital X-ray-- something that prevents confusion and mistakes. This technique also saves hospitals millions because the new file format with the embedded comments is essentially the same as the old one without comments. They're both JPEGs and that means the new features can be rolled out without buying new machines and software. (Note, this steganography can be lossless and won't hurt the image.)

So Kuro5hin audience: does anyone have any other good examples of how steganography has helped in unexpected ways? (That is, aside from helping you plan dastardly acts of terrorism. :-) Some examples might not be fancy steganography or even be worthy of the name, but still might be affected by the laws banning tools that conceal communication. These rather boring, banal examples might even be more significant because a prosecution would truly be a surprise. After all, Dimitri Sklyarov's company sold some of their tools to the FBI.

Sponsors

Voxel dot net
o Managed Hosting
o VoxCAST Content Delivery
o Raw Infrastructure

Login

Related Links
o Kuro5hin
o new law in Michigan
o Disappearing Cryptography
o article looks at some of the more serious potential victims
o Macrovision
o lossless
o Dimitri Sklyarov's
o Also by pwayner


Display: Sort:
Everyday Steganography | 91 comments (76 topical, 15 editorial, 0 hidden)
Question (2.00 / 3) (#1)
by theNote on Thu Apr 17, 2003 at 02:30:10 PM EST

Do hospitals really use JPEGS to store X-Rays?
If so, shouldn't they be using a lossless format?

I know, its kind of off topic, but that just struck me a weird.

JPEGs can be lossless (5.00 / 2) (#2)
by pwayner on Thu Apr 17, 2003 at 02:48:35 PM EST

Good point. JPEGs can be lossless if you turn up the quality to the max. Plus, you can probably get by with some basic loss because of the noise in the system. It's not like the x-rays are digitized perfectly.

[ Parent ]
Not completely accurate. (5.00 / 2) (#45)
by wumpus on Thu Apr 17, 2003 at 10:07:01 PM EST

Maxing out the quality of JPEG compression should cause the software to leave all DCT coefficients intact. Unfortunately, the DCT is not losslessly reversible, and can change your pixel values.

JPEG does include a lossless algorithm (JBIG), but I wouldn't expect software to change standards due to a slider setting. Even if you did manage to use lossless jpeg, I wouldn't expect to be able to email such an image and expect everyone to be able to view it.

Of course, this ignores the fact that someone else pointed out the medical standard for transmission. I suspect is uses some sort of lossless compression (JPEG approved or otherwise).

Note that this is not nearly as true for JPEG2000. JPEG2000 includes the ability to use integer math in the wavelet transform that allows lossless compression using the typical standard (although lossless compression will use floating point math). Just more fun in the difference between math and reality.

Wumpus

[ Parent ]

Silly me. (none / 0) (#79)
by wumpus on Mon Apr 21, 2003 at 03:17:36 PM EST

(although lossless compression will use floating point math).
Make that lossy compression will use floating point math.

Wumpus

[ Parent ]

Not really, no. (none / 0) (#88)
by rmn on Thu Apr 24, 2003 at 08:06:14 PM EST

No, they can't. Or rather, they can, but it would be a matter of chance. Even at the maximum quality level, JPEG compression algorithms are still allowed to (and do) alter the original image. Nothing you'll notice, but the result will not pass a bit-for-bit comparison with the original.

Originally, there was a specification for lossless JPEG compression, but I don't know a single program that actually implements it, and it certainly wouldn't be compatible with 99% of readers.

RMN
~~~

[ Parent ]

High Precision (5.00 / 1) (#4)
by x3nophil3 on Thu Apr 17, 2003 at 03:06:23 PM EST

Interesting.

I was under the impression that digital X-Rays were very high-precision in terms of both resolution and color-depth.

It would make a lot of sense to use JPEG on this sort of image. You will undoubtedly get better results for your file-size with JPEG, so it could be a question of a uncompressed comparatively lo-res image vs. lossy compression with higer res ... the latter is probably a much better choice.


[ Parent ]

X Rays (none / 0) (#5)
by theNote on Thu Apr 17, 2003 at 03:11:15 PM EST

It seems to me like the stuff doctors are looking for in X Rays are exactly the type of things that would get lost in compression.

Sure, you aren't going to compress a bone out of the image, but everytime I've seen something on an xray a doctor is pointing out some hardly visible fuzzy blob inside some other hardly visible fuzzy blob.


[ Parent ]

Yeah exactly (5.00 / 1) (#6)
by x3nophil3 on Thu Apr 17, 2003 at 03:16:07 PM EST

That's why they need high-precision images.

One thing people often don't realise about lossy compression is it doesn't just make images worse. What it does is improve the ratio of information to size, or the entropy, of the image. So by taking a much higher resolution image and compressing it, you end up with vastly more information capacity than an equivalently sized low resoltuion image.

i.e. take a 1600x1200 image and JPEG it so that the file-size is equivalent to a uncompressed 640x480 version of the same image. What you will end up with is an image that in spite of being a JPEG has much more information (detail) in it than the 640x480 image.

[ Parent ]

Yes, but... (5.00 / 1) (#8)
by theNote on Thu Apr 17, 2003 at 03:20:40 PM EST

.. it doesn't have the same amount of detail that the uncompressed 1600 x 1200 image had.

No big deal I guess.

However, I would hate to have a doctor tell me they missed the spot on my lung because they were trying to save hard drive space.


[ Parent ]

Hmm (3.00 / 2) (#12)
by x3nophil3 on Thu Apr 17, 2003 at 03:39:05 PM EST

Your not understanding me.

No matter what resolution you choose, it's better to use a JPEG captured at a higher resolution.

So the thinking is this. First figure out what filesize you can store, then capture the images at a much higher resolution and JPEG them down to this size.

Your suffering from that JPEG makes images look bad prejudice that exists from applications like the web. It's a very different thing figuring out how to optimally store very detailed images, and figuring out what file format to use in an HTML page ... the requirements are not the same at all.

[ Parent ]

Disk space is cheap (none / 0) (#22)
by CanSpice on Thu Apr 17, 2003 at 04:07:27 PM EST

The one thing you have to consider is that disk space is cheap these days. It's a lot easier to just throw more disks into a storage device than to worry about if your compression algorithm is truly lossy. I imagine that in medical imaging there isn't as much emphasis on what the absolute numbers are in the data, which is why they can get away with compression, but in fields where every number counts (such as mine, astronomy), using a lossy data compression format would be paramount to professional suicide.

[ Parent ]
Again though (none / 0) (#25)
by x3nophil3 on Thu Apr 17, 2003 at 04:14:44 PM EST

No matter how cheap your disk space is, JPEG will let you do more with that disk space. I don't mean store more images, but rather store more information in each image.

Numerical data that's meant for visual analysis does well when JPEGd. If your astronomic data is meant for statistical analysis, then yes, you would be insane to JPEG it.

[ Parent ]

Yes. (none / 0) (#50)
by ambrosen on Fri Apr 18, 2003 at 06:07:43 AM EST

But if your lossless format can store all the information that you can get hold of, then there's no way your lossy one can store more than that.

--
Procrastination does not make you cool. Being cool makes you procrastinate. DesiredUsername.
[ Parent ]
Right (none / 0) (#65)
by x3nophil3 on Fri Apr 18, 2003 at 07:46:51 PM EST

Yeah, exactly.

All these threads have spun off what was just a casual observation. It just seems to me that they can probably use a very, very high-res optical scanner with an x-ray, since they contain an enormous amount of resolution (being analog).

[ Parent ]

No. (1.00 / 3) (#40)
by The Customizer on Thu Apr 17, 2003 at 07:06:47 PM EST

Let 's review.

[ Parent ]
space vs resolution (5.00 / 1) (#43)
by Elendur on Thu Apr 17, 2003 at 08:39:31 PM EST

I agree that at any given resolution it is better to use a jpeg of sufficiently higher resolution.  The problem here is that it assumes disk space as the limiting factor with few restrictions on the resolution available.  My initial assumption would be that resolution is limited while disk space is relatively cheap.  In this case, given that you can ONLY scan at a certain resolution, it would be best to avoid lossy compression.

Of course, I have no idea whether that is the case.  You might be right and space is more of a limitation than resolution.  You have yet to explicitly state any reason for that assumption though.

[ Parent ]

Resolution is often limited (5.00 / 1) (#60)
by hollo on Fri Apr 18, 2003 at 01:31:25 PM EST

It is often the resolution that is limited. For plain xrays then probably not, but with MRI and CT scanners you pick up the image at a resolution that is limited by how expensive/modern the scanner is, and the amount of radiation exposure t the patient. I have seen a picture of the first experimental CT scan, and the resolution was something like 64x64 pixels.

Even if the physical resolution was unlimited then lossy compression would still worry me because it can distort the colour resolution as well in order to make two parts of an image look more like each other. Couldn't this sort of thing remove a subtle area of different shading no matter what the spatial resolution?


[ Parent ]

problem: (none / 0) (#64)
by ethereal on Fri Apr 18, 2003 at 04:43:47 PM EST

The compression isn't guaranteed to compress the same amount for different inputs. So if I pick the storage size first, and then I start using big images that JPEG down to that size, eventually I'm going to get a JPEG that doesn't compress as well, aren't I? Or maybe that's only for lossless compression - I suppose the JPEG in that case would just look more fuzzy than the other JPEGS which compressed better.

--

Stand up for your right to not believe: Americans United for Separation of Church and State
[ Parent ]

Yeah (none / 0) (#80)
by x3nophil3 on Tue Apr 22, 2003 at 01:48:12 PM EST

You can make lossy compression algortihms output a fixed bitrate regardless of the input. This is how MP3 and other 'streamable' formats work.


[ Parent ]
Bandwidth and storage is no object (5.00 / 1) (#48)
by CaptainSuperBoy on Fri Apr 18, 2003 at 01:27:39 AM EST

When we're talking about medical devices, we're not talking about an area where tradeoffs between affordability and quality matter. If it costs more to do it better, you can count on the doctors to pay the extra money and pass the cost on to you (or your insurance). I know a radiologist who had ISDN years ago, when it first came out, so he could check X-rays from home. I doubt he was skimping on image quality to save a few seconds or a few K.

--
jimmysquid.com - I take pictures.
[ Parent ]
Skimping on storage space = negligence (5.00 / 1) (#66)
by FlipFlop on Fri Apr 18, 2003 at 08:16:51 PM EST

so it could be a question of a uncompressed comparatively lo-res image vs. lossy compression with higer res ... the latter is probably a much better choice.

lossy compression changes the image. It can remove crucial details that were in the original. It can create anomalies which were not in the original. I would hate to have my leg amputated because a compression algorithm added an anomaly to my XRay.

Without compression, I can store a picture with 24 bits per pixel, and 15,641 pixels square on a 700MB CD. With lossless compression, I can store about four times as much data, doubling the width and height of the image.

If somebody dies because the hospital is too cheap to spend $0.35 on a CD, the hospital is negligent.

Your argument boils down to: storage space is limited but scanning resolution goes as high as we need. We can't store all the data, so let's just store what we have room for.

The situation is just the opposite. Storage space is cheap. Resolution is limited by technology. If we run out of space, we don't change the data to make it compress better. Instead we get more space.

Finally, it is not a trade off between lo-res without compression versus high-res with lossy compression. It is a matter of very high-res with lossless compression verses impossible-to-obtain high-res with lossy compression. The former is obviously better.

AdTI - The think tank that didn't
[ Parent ]

Not about skimiping on space. (none / 0) (#69)
by vectro on Fri Apr 18, 2003 at 10:45:26 PM EST

Consider the following two alternatives:
  1. Using lossless compression, I fit a 24-bpp image at roughly 5000x5000 resolution.
  2. Using JPEG compression and assuming a 50% compression ratio (not unreasonable), I fit a 24-bpp image at roughly 7500x7500 resolution.
The point being that using JPEG doesn't necessarily mean using less storage; it could just as easily mean having a higher-quality image.

“The problem with that definition is just that it's bullshit.” -- localroger
[ Parent ]
JPG for science/medicine = no good (3.50 / 2) (#10)
by CanSpice on Thu Apr 17, 2003 at 03:28:46 PM EST

I would be surprised if they didn't use something like TIFF (god forbid) or FITS. FITS would would make more sense because then you get FITS headers -- all kinds of metadata -- that would describe the image.

[ Parent ]
DICOM is the standard, but... (5.00 / 3) (#13)
by CanSpice on Thu Apr 17, 2003 at 03:41:18 PM EST

I'm replying to your message instead of my other response, JUST BECAUSE I CAN! :-)

Apparently there's a medical imaging standard  called DICOM, or Digital Imaging and Communications in Medicine that defines how digital images and technology is supposed to be used in medical fields. It appears that they only define a minimum standard for how images should be stored and displayed, so it looks like software providers are free to use whatever format they want as long as they meet these minimum requirements. In fact, JPEG compression is already "in the standard", but I guess you'd have to ask the Compression Working Group on how compressed a JPEG can be, because artifacting at a 90%-compressed image would be simply atrocious and would make the image unusable for medical imaging.

DICOM Homepage
DICOM Strategy Outline - most useful page I could find there.

[ Parent ]

Even better link (3.50 / 2) (#15)
by CanSpice on Thu Apr 17, 2003 at 03:45:21 PM EST

A better link.

I need to learn to click on more links in Google before I submit a comment. :-)

[ Parent ]

JPEG does not *have* to be lossless (3.00 / 2) (#51)
by olethros on Fri Apr 18, 2003 at 07:17:36 AM EST

In jpeg you basically transform the image into a set of DCT coefficients. This already gives some compression. Now, you can get rid of a number of the DCT coefficients to increase the compression. This is what the 'quality' slide bar does in your jpeg-encoder-application. If you set it to 100% there is *no* loss at all!

-- Homepage| Music
I miss my rubber keyboard.
[ Parent ]
Wrong. (none / 0) (#89)
by rmn on Thu Apr 24, 2003 at 08:10:47 PM EST

Wrong. See my post (and others) below. DCT can introduce an error even at maximum precision. The image will be virtually impossible to distinguish (visually), but the binary data will not match. There is a lossless JPEG format, but it's not used by any relevant software.

RMN
~~~

[ Parent ]

People: Analog -> Digital is always lossy. (none / 0) (#56)
by jforan on Fri Apr 18, 2003 at 09:51:35 AM EST

Jeff

I hops to be barley workin'.
[ Parent ]
Nope (none / 0) (#82)
by czolgosz on Tue Apr 22, 2003 at 06:15:46 PM EST

Analog -> Digital is always lossy

Not if the data is bandwidth-limited. Then D/A conversion at Nyquist frequency or above causes no loss. And image data such as an X-ray is bandwidth (OK, spatial frequency, same thing) limited.

There is also some noise introduced by the quantization, but that's not what "lossy" means. Good digital scanning can theoretically keep sampling noise at or below the noise level of the analog process.

The only reason compression is used is that you get some big-ass files otherwise. I'd be interested to know how much compression leaves the data in "good enough" condition to support diagnosis.
Why should I let the toad work squat on my life? --Larkin
[ Parent ]
But you are losing the noise! (none / 0) (#91)
by jforan on Wed May 21, 2003 at 05:09:49 PM EST

A: analog waveform
B: convert to digital waveform.
C: exact analog waveform is not recoverable.

This is what I meant by loss.  Not all of the information is available in the digital signal to recreate the original analog waveform.

Of course, if the analog signal only represents a quantizable amount of information, another analog signal can be created from the digital signal that also represents that exact same information.  Nonetheless, the actual original signal will be unrecoverable.

This has to do with the amount of information stored in the analog signal.  If you consider the analog signal to represent an infinite "amount of information" (each infintesimal point in the wave form must be stored and recovered precicely), there will always be loss when converted to digital, as the digital signal can only hold a finite amount of information per signal length.

This is both a theoretical and practical truth.

Jeff

I hops to be barley workin'.
[ Parent ]

Analog capture is lossy (none / 0) (#83)
by yamla on Wed Apr 23, 2003 at 01:23:55 AM EST

Of course, you are (mostly) right. Analog to digital is generally lossy. However, don't forget that capturing the original source into an analog stream is, itself, lossy. Consider taking a picture. Do you use a digital camera? Do you use an analog camera? In either case, you aren't going to get a perfect representation of the original.

[ Parent ]
Actually it sounds weird to use stega on x-rays (none / 0) (#77)
by lukme on Mon Apr 21, 2003 at 02:58:28 AM EST

Probably you must be careful where to put the annotations.

My understanding is that radiologists use very find gradations in hue in their dianosis (ie, see this shadow on your lung - the radiologist who was pointing out my pneumonia infection). I could just see my luck now, years later it is found that was just the slight differnt the "everything is fine" message put in the x-ray.




-----------------------------------
It's awfully hard to fly with eagles when you're a turkey.
[ Parent ]
Protecting freedom without bombs (4.00 / 2) (#3)
by x3nophil3 on Thu Apr 17, 2003 at 02:52:28 PM EST

Camera/Shy.
six/four (not really steg)


Just the way the Tigers play (3.50 / 2) (#16)
by Coldfire on Thu Apr 17, 2003 at 03:48:33 PM EST

should be illegal.

Seriously though, why is it that every time a law like this is either proposed or passed, something like this happens:

  • People start throwing fits about the "latest blow to freedom" and that "Orwell really meant $current_year is 1984."

  • Next comes "Oh no, $favorite_activity will soon become illegal and if I so much as think about it, $president's goon squads will knock down my door and carry me away, never to be seen again!"

  • "Call the EFF! Write your congresscritters! Don't take this sitting down!" Some people might do so, but most will shrug and start making imaginary plans (or post) about their impending immigration to Canada.

  • A few days pass, and it's mostly forgotten about. Start from the top with the next law.

  • --
    Just pay attention.
    There are good reasons to be worried. (4.00 / 2) (#19)
    by pwayner on Thu Apr 17, 2003 at 04:02:46 PM EST

    Consider Dimitri Sklyrov. His company sold their tools to the FBI. They were on the side of the cops and their tools were used to crack cases. Yet, suddenly he was arrested at the airport and locked away. Why? Well, someone interpretted the DMCA a bit differently than you did.

    I realize that it's unlikely that the law will stand up if it's interpretted by someone with a serious commitment to free expression, but you're not going to be the one making a decision about prosecution. The costs of defending even a trivial and completely misguided prosecution are staggering.

    According to Security Focus, just distributing written instructions can violate the law. That sounds like a book to me. Granted, my book is just an academic examination of an important subject not a toolkit for fraud, but who knows who will be interpretting the laws.

    I understand you're being extremely rational, but I wish the rest of the world would emulate you.

    [ Parent ]
    Yes (none / 0) (#33)
    by Coldfire on Thu Apr 17, 2003 at 05:31:20 PM EST

    There are definitely reasons to be concerned about these laws; my point was more along the lines of "don't panic, but don't forget about it, either." The problem in the language of these laws is in how double-edged encryption/steganography and other data concealment techniques can be. There are obvious lawful and obvious unlawful uses, but the confusion arises on actions in the grey area. Unfortunately, law enforcement seems to err on the side of unlawful in such actions.

    I think that eventually, these particular laws will be toned down, as encryption becomes more commonplace. By then, though, there will be some new useful/dangerous way to use a computer, and draconian laws will be proposed and passed in an effort to contain or eradicate these techniques. The cycle continues.

    --
    Just pay attention.
    [ Parent ]

    Example? (none / 0) (#47)
    by CaptainSuperBoy on Fri Apr 18, 2003 at 01:11:35 AM EST

    When has this happened? I don't think many people have forgotten about the DMCA, Patriot act, or even the CDA, which was defeated years ago in the Supreme Court.

    The problem with your reasoning is, the alarmists have been right! The DMCA unintentionally made a whole bunch of acts illegal, and corporations have used it to launch an assault on free speech and research.

    It doesn't take a great stretch of the imagination to see how the super-DMCA state laws could be exploited to silence otherwise protected speech.

    The proposed CBDTPA would restrict a huge number of devices such as Barbie toys, baby monitors, and sewing machines according to Ed Felten.

    --
    jimmysquid.com - I take pictures.
    [ Parent ]

    The best encryption is asymetric (3.60 / 5) (#24)
    by marcos on Thu Apr 17, 2003 at 04:09:44 PM EST

    I once was asked to make a simple encryption scheme for a friend of mine. Basically, encryption should not be looked at as a processing problem. It should be looked at as an obscuration problem.

    I encrypted in the following way:

    1. Choose a few random little known languages. Write a simply word for word translator for the language to english. The languages I chose do not separate verbs and nouns, but prefix them to the nouns.
    2. Use the whitespace between the signature of the user and his name to indicate what encryption scheme you use on what part of the text.
    3. Encrypt the translated text using different encryption schemes, to be unencrypted using the whitespace identifier.
    4. Use the greeting form to indicatewhat email adress to which the key will be sent
    5. Encode the email as chinese spam, and send it from a spam relay address together with hundreds of other emails.
    The thing is, nobody realises that this test is encrypted, but think it is some chinese spam landing randomly at someones mailbox.

    you probably work for the CIA (none / 0) (#29)
    by scatbubba on Thu Apr 17, 2003 at 04:53:01 PM EST

    but don't you think gnupg would be good enough for most people reading this site?

    [ Parent ]
    note: steganography, not encryption (none / 0) (#37)
    by CanSpice on Thu Apr 17, 2003 at 06:22:16 PM EST

    The story's about steganography, or hiding data in something so that you don't know there's hidden data. This is why the user you replied to encoded the message as Chinese spam, so that nobody would think there's actually a message inside.

    If you use gnupg you know there's a message in there. It's encrypted and hard to get out, sure, but you still know there's something there.

    I'd be surprised if flagging programs flagged Chinese spam with the same priority that they flag obviously encrypted emails.

    [ Parent ]

    People reading this site... (2.33 / 3) (#54)
    by tkatchev on Fri Apr 18, 2003 at 08:52:43 AM EST

    ...should seriously consider dropping their perverted pornography obsession.

       -- Signed, Lev Andropoff, cosmonaut.
    [ Parent ]

    Stego is not security through obscurity (4.66 / 3) (#42)
    by sgoldgaber on Thu Apr 17, 2003 at 07:31:45 PM EST

    Steganography is not security through obscurity.

    The idea is that even if they knew your method they should have no greater than a 50/50 finding the real message among the innocuous messages.

    As per your example:

     1 - it shouldn't matter if they know which language you're going to use
     2 - it shouldn't matter if they know to look at the whitespace for
         information on the encryption scheme
     3 - it shouldn't matter if they know you'll use different encryption
         schemes
     4 - it shouldn't matter if they know you'll use the greeting for
         to indicate to what email address the key will be sent
     5 - it shouldn't matter if they know to look in Chinese spam

    If you have a good stego system, they should still have at best a 50/50 (no better than random) chance of spotting the hidden message.

    What this means is that you really shouldn't rely on thinking of all these clever, obscure places to hide your information (whitespaces, Chinese spam).  You should assume they know as much as you do about the method and location, and make a method that will be secure, despite their knowledge.

    With stego systems, this means that the challenge is to find a system that will make your hidden information be statistically and otherwise indistinguishable from the information it is hiding in.  And I'm afraid it's going to take more than using whitespace and putting your message in Chinese spam to do it.

    I recommend searching google for "security through obscurity" for more details on why relying on obscurity for your security is not such a hot idea.

      --Sergey


    [ Parent ]

    Give an example (5.00 / 1) (#46)
    by Lavahead on Fri Apr 18, 2003 at 12:00:53 AM EST

    Your definition, that "if they [know] your method they should have no greater than a 50/50 finding the real message" seems to be more in line with cryptography than steganography.  Because if they know your method, you can't hide anything (steganography).  All you can do is make the cost of reversing your method intractable (cryptography).

    Steganography literally means 'covered writing' and attempts to conceal the fact that a relevant message exists at all.  Chinese spam seems an excellent place to start.

    If I am misinterpreting you, please give an example that fits your definition.


    [ Parent ]

    stegopr0n (5.00 / 3) (#55)
    by sgoldgaber on Fri Apr 18, 2003 at 09:36:36 AM EST

    Lavahead wrote:
    >
    > Because if they know your method, you can't hide anything

    This is not accurate.

    > If I am misinterpreting you, please give an example that fits your definition.

    Here is an example:

    One of the earliest and most popular methods of doing stego in the internet age is hiding messages in lossless images.  Lets say you choose to hide messages in Asian pr0n pics (as opposed to Chinese spam :).  You do this by changing the least significant bits (LSBs) in the image to your message.

    Now, being new to stego you decide to directly put your message, "Bush is a wanker!", in plain text in the LSBs of the image.  Going by our assumption that the attackers know your method, they know to look in every Asian pr0n pic you post to alt.binaries.pictures.erotica (a.b.p.e), and look in the LSBs for the message.  And, lo and behold, they spot your message right off the bat.  Ashcroft releases the hounds, and you are busted.

    Five years later, after getting out of the hard labor camps, you are a little wiser, so you decide to encrypt your message with pgp first.  You send off a few more Asian pr0n pics (APPs) with the LSBs containing your encrypted message to a.b.p.e.  So, since the attackers know your method, they know to look in the LSBs of your APPs in a.b.p.e and they see your encrypted message.  They don't know what it says, but your sending it is enough for them to throw you in jail for suspected terrorism (since we all know only terrorists use stego or crypto), and use rubber hose cryptoanalysis to get your encryption key out of you.

    You swear to yourself that next time, you will hide the very existance of an encrypted message.  While spending another five years in the gulag, you have a brainstorm that the way you can do this is to strip the telltale pgp header off of the encrypted message.  That way, what will be left is "just noise".  You write a program to do this, and call it StealthPGP.  So, now, you know the drill:  plaintext -> PGP -> StealthPGP -> LSB(APP) -> a.b.p.e  But, they know your method, and so they know that even though the LSBs of the APPs in a.b.p.e. may look, to the untrained eye, like "noise", they can still do statistical analysis of that "noise" and compare it to the "noise" in the LSBs of the APPs that they took themselves (so that they know their source is pure).  And, lo and behold, one of the APPs you sent to a.b.p.e. has a non-standard LSB signature.  You must be hiding something.  An honest citizen has nothing to hide.  Off to the gulag you go!

    Your time in the gulag is not wasted, however, and you come out determined to give it one last shot.  This time you are going to make sure encrypted, stripped, LSBs of the APPs will be statistically and otherwise indistinguishable from the "ordinary" APPs seen in a.b.p.e.  You do this by writing the SuperMegaTriStega program.  So now we have:  plaintext -> PGP -> StealthPGP -> SMTS -> LSB(APP) -> a.b.p.e.  Now all the APPs you send to a.b.p.e. are indistinguishable in every way from "ordinary" APPs, even though they know your method.  So you have won!

    Of course, there is no SuperMegaTriStega program that can guarantee that a message that is run through it is completely statistically and otherwise indistinguishable from the data it is hiding in.  It's always possible that some new stegoanalysis technique will be able to uncover some anomaly.  But it's the ideal of indistinguishability that stego programs aim for.

      --Sergey


    [ Parent ]

    In what sense... (5.00 / 1) (#58)
    by synaesthesia on Fri Apr 18, 2003 at 10:59:59 AM EST

    Now all the APPs you send to a.b.p.e. are indistinguishable in every way from "ordinary" APPs, even though they know your method.

    ...in what sense do they 'know your method'? Does the SMTS work using a secret (key)?


    Sausages or cheese?
    [ Parent ]

    a bit more on ideal stego (5.00 / 2) (#61)
    by sgoldgaber on Fri Apr 18, 2003 at 01:47:27 PM EST

    synaesthesia wrote:
    >
    > ...in what sense do they 'know your method'? Does the SMTS work using a secret (key)?

    Well, first let me make clear that SMTS (the SuperMegaTriStega program) is an idealized steganography program.  It doesn't actually exist.  It's just a funny name I made up to illustrate the concept.  So, in the sense that SMTS does not actually exist, it does not "work" at all.  However, we can go in to a bit more detail on how a steganographic program might work (and possibly how some existing steganographic systems do work).

    You ask, "Does a [steganographic system] work using a secret key?"  Some systems do use secret keys, some work using public keys, others use neither.  But, you should be aware that the principle of assuming your attackers know your method is not the same as assuming they know your secret key.  In both cryptography and steganography, you can work on the assumption that your attacker does not know your secret key, but does know your method.  To bring up the crypto analogy, the security of the blowfish cipher does not depend on it being kept secret.  Infact, the algorithm itself is public, and widely available.  As a user of this publically known method, you should, of course, still keep your key secret (and trust in the math :).  For more information on the distinction between public/secret _keys_ and public/secret _methods_ I again suggest a google search for "security through obscurity".

    Let's say you are trying to hide a message consisting of a uniformly distributed series of random bits (effectively, the output of an ideal crypto system, stripped of its headers) in an image.  Let us further assume, for simplicity's sake, that the type of image you are hiding your message in has a uniform distribution of least significant bits.  If your stego system can insert your message in to the LSBs of the image in such a way so retain the (uniform) LSB distribution of the type of image you are hiding your message in, then the secret key can be as simple as the offset and length of the message.

    An even simpler method would be to pad your message such that its length is equivalent to the number of LSBs in your target image.  In this method there is no need to exchange the length and offset of the message.  And since the distribution of bits in your message matches the LSB distribution of the type of image you are sending then you will have achieved the ideal security that a stego system can offer.

    With this ideal system, the attackers are welcome to know your method (in our basic example, that you hide your data in the LSBs of images), but they won't be able to tell if any given image contains any hidden data using a method any better than a guess.  In our ideal system, there will be no telltale anomalies in the distribution of the image LSBs to tip them off, so they might as well flip a coin to decide which image contains hidden data.

    Of course, in real life we can't make all of these assumptions.  LSBs will not usually be uniformly distributed in real life images.  And there are all sorts of steganalysis tricks that can be used to detect that there is some hidden data in your medium.  Real-life stego systems try to meet these challenges in various ways.  For more details, I suggest searching citeseer ( http://citeseer.nj.nec.com ) for "steganography" and "steganalysis".

      --Sergey


    [ Parent ]

    A historical example (none / 0) (#75)
    by lukme on Mon Apr 21, 2003 at 02:06:35 AM EST

    synaesthesia wrote: > > ...in what sense do they 'know your method'?

    Here is an example, the venona project.




    -----------------------------------
    It's awfully hard to fly with eagles when you're a turkey.
    [ Parent ]
    Stego "cover" library? (5.00 / 1) (#59)
    by Gooba42 on Fri Apr 18, 2003 at 01:03:21 PM EST

    Would it be possible to write a program to browse through your library of cover messages and look for the one whose inherent randomness would best cover your current message?

    As long as it's going to be compared to the "statistical norm" then why not know yourself what the norm is and then use it? asian001a.jpg is 0.1 under average/normal for whatever reason and your message would bump it up to a 0.0 or a 0.1 so you use that instead of asian002a.jpg which is already 0.2 above normal and would be at 0.3 or 0.4 if you added your message.

    [ Parent ]

    Nice try :) (5.00 / 1) (#62)
    by sgoldgaber on Fri Apr 18, 2003 at 02:13:42 PM EST

    Gooba42 wrote:
    >
    > Would it be possible to write a program to browse through your library of cover messages
    > and look for the one whose inherent randomness would best cover your current message?

    While on the surface of it that seems like a good idea, I'm not sure it's really what you want.  What you are aiming for is not to match the LSB distribution of any one particular image but to make sure that the LSBs of the resulting image do not stand out from a "typical" image of the type you are using to hide your message.

    If, say, your message consisted of all "on" bits (1111111111111111111111111... etc... let's say 20000 "on" bits), then, if your library is lage enough, you may well find an image in your image library that has 20000 consecutive "on" LSBs in it, and would thus be perfect for hiding your message in.  But, when the LSBs of that image are compared to the "typical" LSB distribution it will likely stick out like a sore thumb, regardless of whether those LSBs were in the image "naturally" or not.

    The real challenge of steganography is to recognize and devise methods for artificially matching distributions of data from various aggregate sources.  One interesting thing is that a lot of steganalysis boils down to human pattern matching, after the original data has been processed in some way (to, say, isolate the LSBs of an image and display them visually).  So, in effect, what stego programs have to do is outwit this human pattern matching ability, in addition to outwitting the ingenuity of stegoanalysis programmers, and withstand brute force attacks.  Not an easy thing to do.  But lots of fun.  :)

      --Sergey


    [ Parent ]

    it is an impossible ideal(?) (5.00 / 1) (#76)
    by lukme on Mon Apr 21, 2003 at 02:34:41 AM EST

    Of course, there is no SuperMegaTriStega program that can guarantee that a message that is run through it is completely statistically and otherwise indistinguishable from the data it is hiding in. It's always possible that some new stegoanalysis technique will be able to uncover some anomaly. But it's the ideal of indistinguishability that stego programs aim for.

    The ideal of indistinguishability is an impossible ideal.

    If a message is completely indistinguishable from the data it is hiding in, then the message has become perfectly spread out (the entropy is 0). The only way for this to happen is to loose the message.




    -----------------------------------
    It's awfully hard to fly with eagles when you're a turkey.
    [ Parent ]
    Not true... (4.00 / 1) (#49)
    by gnovos on Fri Apr 18, 2003 at 04:09:58 AM EST

    The thing is, even if you use pgp "nobody ralises" that is it encrypted, becuase nobody is looking...  but as soon as somone is looking, like let's say this guy's hard drives are seized by the FBI, then the game is up.  Unless he's doing the decryption in his head, they'll find the decrypting program he's using and then it's trivial for them to figure out that that chinese spam that he saved is actually your secret message.

    Secure cypto, TRUE security, requires that you assume that the listening party knows your algorithm completely.  

    It's a cop-out to say, "nobody will ever guess this", because if somone has a reason to be looking at you mail, they probably can deduce the algorith by watching you long enough.


    A Haiku: "fuck you fuck you fuck/you fuck you fuck you fuck you/fuck you fuck you snow" - JChen
    [ Parent ]

    Finding the algorithm... (5.00 / 1) (#85)
    by OneEyedApe on Wed Apr 23, 2003 at 04:42:24 PM EST

    ...shouldn't matter at all. You should pin your security on the secrecy of your key, not your algorithm. Of course, this is a bit idealistic.

    [ Parent ]
    Ignorant or just plain evil? (3.75 / 4) (#26)
    by Eater on Thu Apr 17, 2003 at 04:21:21 PM EST

    Laws like these really make me wonder - are the people churning them out just plain ignorant of the way the internet works or are they really evil bastards who want to make sure the public doesn't get its hands on anything the government can't handle? The article mentions that the bill was pushed in Michigan by companies that didn't want people stealing cable and PPV shows. If this is indeed the reason such a sweeping law was passed, then it really shows the ignorance of the law makers and ranks right up there with the Greek video-games ban (created to prevent gambling... of all things). However, it is also a good thing that this is caused only by ignorance, because eventually people will become more educated on how the internet functions, and the next generation of law makers will not pass such laws and may even repeal these ones.

    Eater.

    I don't see a distinction. (none / 0) (#63)
    by Kaki Nix Sain on Fri Apr 18, 2003 at 04:00:57 PM EST

    I figure that it is evil to hold and use power while remaining ignorant about the domains in which you are using that power. Incompetence/ignorance, in combination with power, is evil. Simple-dimple.



    [ Parent ]

    Incompetence (1.00 / 1) (#90)
    by The Writer on Thu May 08, 2003 at 03:41:27 PM EST

    "Never ascribe to malice that which can be adequately explained by incompetence." -- Napolean Bonaparte.

    [ Parent ]
    One obvious example (3.00 / 4) (#28)
    by epepke on Thu Apr 17, 2003 at 04:40:17 PM EST

    One obvious example of steganography is digital watermarks to protect copyright of images. It's funny, because the same people I'd expect to go for the "steganography is eeeevul" stuff I'd also expect to be gung-ho for intellectual property protection.


    The truth may be out there, but lies are inside your head.--Terry Pratchett


    Illusion of security over freedom (4.85 / 7) (#30)
    by sgoldgaber on Thu Apr 17, 2003 at 04:56:30 PM EST

    The intent of a law making illegal software that hides "the existence or place of origin or destination of any telecommunications service" seems to be aimed at getting greater accountability and fighting anonymity.  These kinds of efforts are generally couched as a means of fighting terrorism and crime.

    As such, watermarking schemes would likely be exempt because they do not try to hide the origin or destination of the message.  Minorities such as battered wives and human rights activists, who who may be adversely affected by depriving them of effective anonymity will likely not sway lawmakers and juries when juxtaposed with pictures of the World Trade Center collapsing, or Tokyo sarin attacks.  The minorities benefiting from anonymity will likely be ignored, if they go up against something deemed to be in the "greater interest of the public".

    Large stego-using corporations will likely always be able to afford to stave off lawsuits or buy exemptions (although they're probably already exempt from the intent of the law, as outlined above).

    Overall, there has been a long fight against anonymity and for 100% accountability.  Generally, no one wants anonymity.  Denial of service attacks that have been plaguing the Internet have the potential of being solved through 100% accountability.  Widespread hacking could likewise be deterred, if not eliminated.  Corporations want to know who's using/stealing their software.  Governments want to be assured of collecting their taxes, and keeping tabs on their citizens, etc...

    As far as the government, corporations, and even the general public is concerned, the only people who want anonymity are a handful of cypherpunk loons, some techies, and some human rights activists... all easily ignored minorities.  In their ignorance, the public does not see crypto and stego as freedom-enhancing technologies.  And even if they did, the public has often proven to willingly trade freedom for convenience and the promise of security.

    Of course, it is valuable to attempt to fight these kinds of battles on the legal front, against well or not-so-well meaning people who try to keep the pandora's box of technology closed.  But, perhaps a more effective route would be to develop these technologies anyway (hats off to you for your wonderful Mimic Functions), dissemate them widely, work outside of the United States and other crypto/stego-unfriendly environments (becoming harder and harder to do as draconian cyber-laws are gaining gloabl reach), and most important of all, educate the public on these technologies and value of freedom... in particular why they should value freedom over (the illusion of) security.  Because if there is a large-scale terrorist attack against the United States in the near future, as terrorism experts have been promising, we can kiss this bickering over the wording of little anti-stego laws goodbye, as we witness a much more draconian crackdown on civil liberties than we saw post 911.

      --Sergey


    You Mean When... (5.00 / 1) (#38)
    by Richard Henry Lee on Thu Apr 17, 2003 at 06:28:30 PM EST

    Because if there is a large-scale terrorist attack against the United States in the near future, as terrorism experts have been promising, we can kiss this bickering over the wording of little anti-stego laws goodbye, as we witness a much more draconian crackdown on civil liberties than we saw post 911.

    Prediction: 10-15K deaths, poisoned water supply. The average US citizen will beg their government for "protection".

    Most people in the United States do not realize that freedom comes at a price. It was a price willingly paid by their forefathers. I often see the "Blood of Patriots" quote here and on other boards, unfortunately the situation will never be that dire until it is too late.

    The bill is already waiting in the wings I'm afraid. Nothing can be left to chance. The fear of Congress, the "will" of the people and the appearance of forceful and decisive action, just like last time. The sheeple of America will once again huddle for protection. United we stand, after all.




    Let this happy day give birth to an American republic. Let her arise, not to devastate and to conquer, but to reestablish the reign of peace and of law. - June 7, 1776

    [ Parent ]
    "You must be doing something wrong!" (4.50 / 2) (#67)
    by mcgrew on Fri Apr 18, 2003 at 08:43:14 PM EST

    As far as the government, corporations, and even the general public is concerned, the only people who want anonymity are a handful of cypherpunk loons, some techies, and some human rights activists...

    I'm not talking about you, since you seem to be FOR the right to remain anonymous, but did you ever notice that in tech forums when discussing privacy (ZDnet forums come to mind) and our increasing lack of it, some loon always pipes in with "the only people who want to be anonymous have something to hide".

    I find it hilariously ironic that these people ALWAYS use a pseudonym!

    (Personally, my real name is anonymous enough- the last I looked, there were several people on the internet with the same first and last name as me, and one is a fairly well known standup comedian. Myself, I'm only a smartass as a hobby.)

    "The entire neocon movement is dedicated to revoking mcgrew's posting priviliges. This is why we went to war with Iraq." -LilDebbie
    [ Parent ]

    Yup, even though terrorists have secure channels. (none / 0) (#78)
    by lukme on Mon Apr 21, 2003 at 03:21:20 AM EST

    Crypto/Stego is not necessary for the terrorist/organized crime networks. Why would they go through the bother of hiding a message when they have secure channels of communications (and patience).




    -----------------------------------
    It's awfully hard to fly with eagles when you're a turkey.
    [ Parent ]
    That law does suck (4.25 / 4) (#39)
    by Mister Pmosh on Thu Apr 17, 2003 at 07:05:46 PM EST

    I am fortunate to not live there I suppose.

    Something that myself and at least one other person I know enjoy doing is hiding messages in the photographs that we publish on the web. There's never anything too fancy, usually just a text file saying hi in some fashion or another. Another idea that I've considered hiding low-resolution photographs of funny things inside photos of serious things, such as embedding tubgirl in photoss of politicians. Steganography is not a tool for me, just a toy, and a way to identify my own photographs if someone else steals them.
    "I don't need no instructions to know how to rock!" -- Carl

    Ugh (5.00 / 1) (#70)
    by Detritus on Fri Apr 18, 2003 at 11:33:27 PM EST

    Another idea that I've considered hiding low-resolution photographs of funny things inside photos of serious things, such as embedding tubgirl in photos of politicians.

    From all of us who had never been exposed to tubgirl and were tempted to type 'tubgirl' into Google and follow the first result, I say Damn You!

    Kings and lords come and go and leave nothing but statues in a desert, while a couple of young men tinkering in a workshop change the way the world works — Havelock Vetinari
    [ Parent ]

    Geez (4.33 / 3) (#72)
    by Mister Pmosh on Sat Apr 19, 2003 at 02:04:27 PM EST

    In the past, one would be fussed at for posting a goatse.cx link even if it was relevant, now just one mention of tubgirl (who I thought everyone had the displeasure of seeing a picture of) and now I'm being flamed for it.

    Anyway I'm joking, not really bitching. However, I would search for things on the text part of google before I hit the graphics, with things like this.
    "I don't need no instructions to know how to rock!" -- Carl
    [ Parent ]

    Easy examples (4.00 / 2) (#41)
    by godix on Thu Apr 17, 2003 at 07:25:49 PM EST

    HTML headers. Unless you look at the source you aren't going to find any editorial remarks.

    Similarly, comments in code would qualify as well.


    "You think we're arrogant, and we think you're French."
    - George Herbert Walker B

    concealing telecommunications? (none / 0) (#44)
    by Elendur on Thu Apr 17, 2003 at 08:50:01 PM EST

    From the article:

    Among other things, residents of the Great Lakes State can no longer knowingly "assemble, develop, manufacture, possess, deliver, offer to deliver, or advertise" any device or software that conceals "the existence or place of origin or destination of any telecommunications service."

    I don't think code comments really have much to do with concealing telecommunications.  I don't see how HTML headers do this either.  It's not about concealing editorial remarks, but concealing where the communication is coming from.  It might be more relevant to ask whether a company can conceal the existence of services on their internal network from the internet.

    The question your comment raises to me is, do you have to conceal your communication on every level, or just to the casual observer?  Most email clients allow you to input the "From" header yourself.  Does this qualify as concealing the origin of a communication?  If you look at the email source, you will see the servers it passed through and the originating IP, but to the casual observer and average internet user, you've concealed where it's from.

    [ Parent ]

    bent (2.33 / 3) (#52)
    by spottedkangaroo on Fri Apr 18, 2003 at 07:28:32 AM EST

    I know the us govt blows. And I know that sometimes these things get out of hand...

    But when you go to court, the judge and the attorneys do take into account the intent the lawmakers had in mind, and not just the specific language of the law. Sure, this one is written stupid, but it's intended to keep people from hiding the source and destination of phone calls.

    Sounds fine to me. Perhaps it should be re-written...

    Meanwhile in SOVIET RUSSIA... (1.00 / 6) (#53)
    by tkatchev on Fri Apr 18, 2003 at 08:43:29 AM EST

    ...yada yada.

    Back to the future?

       -- Signed, Lev Andropoff, cosmonaut.

    This is Kuro5hin... (5.00 / 1) (#84)
    by OneEyedApe on Wed Apr 23, 2003 at 04:28:51 PM EST

    not /.

    That particular piece of nonsense does not seem to have caught on here.



    [ Parent ]
    Example (5.00 / 3) (#57)
    by nevertheless on Fri Apr 18, 2003 at 09:56:40 AM EST

    Where's Waldo.

    --
    This whole "being at work" thing just isn't doing it for me. -- Phil the Canuck


    Hiding origins (3.66 / 3) (#68)
    by mcgrew on Fri Apr 18, 2003 at 08:49:07 PM EST

    I think you folks are looking at this backwards. This law is about concealing "the existence or place of origin or destination of any telecommunications service." (thanks, Elendur [#44])

    It isn't about hiding the message, it is about hiding the origin of the message.

    The dufuses in the Michigan legislature obviously are trying to write an anti-spam law. I think they are blissfully unaware of the necessity for anonymous web sites, and postings to such.

    After all, who needs privacy more than a politician? Politicians are some of the most self-serving scum on Earth. Look at Clinton's forty million dollar blow job, for example, or Rostenkowski, or any of the others that actually got CAUGHT.

    Power doesn't corrupt, but it attracts the corrupt and the corruptable. If you are in Michigan, be sure you are registered to vote and let your legislator know that this law works against him, personally. It will die as quietly as it was born.

    "The entire neocon movement is dedicated to revoking mcgrew's posting priviliges. This is why we went to war with Iraq." -LilDebbie

    Perhaps (none / 0) (#74)
    by fishpi on Sun Apr 20, 2003 at 12:36:29 PM EST

    I haven't read the full text of the law, but hiding "the existence ... of [a] telecommunications service" sounds to me like hiding the existence of a message (or more precisely a channel through which a message is transmitted), which is exactly what steganography tries to do.

    [ Parent ]
    Workin' on Clinton (none / 0) (#81)
    by Eccles on Tue Apr 22, 2003 at 02:05:44 PM EST

    Look at Clinton's forty million dollar blow job, for example

    Monica Lewinsky was on some talk show recently promoting her hosting of "Mr. Personality." Monica hesitated on saying something, to which one of the other women said, "C'mon, girl, spit it out."

    [ Parent ]
    all right (3.00 / 3) (#71)
    by Shren on Sat Apr 19, 2003 at 03:53:34 AM EST

    Everyone who lives in Michigan and uses spamblocks on thier email address, please report to your state police for detention and the leveling of charges.

    Bird on a Guided Bomb (1.16 / 6) (#73)
    by cgibinladen on Sat Apr 19, 2003 at 02:16:49 PM EST

    < )
     ( \
      X
    8====D
    OMG A BOOTSTRAP IS NOT SECURE!@!1111
    Lossy compression (none / 0) (#86)
    by gadster on Thu Apr 24, 2003 at 10:15:54 AM EST

    The name says it all. Why not use png?

    Perhaps (none / 0) (#87)
    by rmn on Thu Apr 24, 2003 at 07:59:25 PM EST

    Why not use TIFF? Or RPF?

    Perhaps because of size / bandwidth limits? And because "lossy" compression does not imply a perceptible loss?

    RMN
    ~~~

    [ Parent ]

    Everyday Steganography | 91 comments (76 topical, 15 editorial, 0 hidden)
    Display: Sort:

    kuro5hin.org

    [XML]
    All trademarks and copyrights on this page are owned by their respective companies. The Rest 2000 - Present Kuro5hin.org Inc.
    See our legalese page for copyright policies. Please also read our Privacy Policy.
    Kuro5hin.org is powered by Free Software, including Apache, Perl, and Linux, The Scoop Engine that runs this site is freely available, under the terms of the GPL.
    Need some help? Email help@kuro5hin.org.
    My heart's the long stairs.

    Powered by Scoop create account | help/FAQ | mission | links | search | IRC | YOU choose the stories!