Steganography

From: David Mertz <voting-project_at_gnosis_dot_cx>
Date: Fri Jun 04 2004 - 14:49:16 CDT

On Jun 4, 2004, at 3:24 PM, David Mertz wrote:
> Even an information-limited barcode can leak *some* information though.

Let me tell readers two stories about steganography.

(1) I once developed a system for transforming XML files, losslessly,
in such a way that gzip and the like would compress the transformed
encoding significantly better (even bzip2 is helped). Actually, it
turns out that the US Army is spending about a million dollars, via
SBIR, to basically reimplement what I already did (unfortunately, I
won't see a penny of that, given the particular company that wound up
getting the grant).

In developing the transformation spec, I first implemented it in
Python; then rewrote the tranform in C for better speed. For reasons
utterly mysterious to me, the two versions do *NOT* produce byte-wise
identical transformed files... but despite that fact, both versions
interoperate entirely correctly! They are pretty close, but a few bytes
here and there differ. Both achieve the goal of enhanced
compressibility. In other word, completely by accident, I created some
underspecified aspect of the encoding that could potentially be used as
a covert channel.

In my defense, I am sure I *could* figure out where the difference came
from with some extra debugging. For a couple short articles for which
I just wanted to demonstrate the concept, and perform some basic
benchmarks, I didn't need to solve the mystery.

(2) Let me describe a way to hide information in plain text: Take an
email message (like this one). First normalize the spaces so that each
word is separated by exactly one space. Then take your secret message
as a bit pattern: e.g. 001101101... Using each fifth inside space in
the message, if the bit of the secret message is zero, do nothing, if
it is a one change the single space to two spaces. How many of you
think you know whether my prior notes have contained a hidden message
encoded this way? Maybe it's not every fifth space that is used, but
every prime numbered space. Maybe the non-candidate spaces are
sometimes randomly doubled to distract analysts.

Another sneaky thing to do is to not use internal spaces, but trailing
spaces at the end of lines. You can't see those in a printout, and
most text viewers don't display them either. (good text editors might
have the option of displaying spaces, but how many of you turn that on
anyway?)
==================================================================
= The content of this message, with the exception of any external
= quotations under fair use, are released to the Public Domain
==================================================================
Received on Wed Jun 30 23:17:06 2004

This archive was generated by hypermail 2.1.8 : Wed Jun 30 2004 - 23:17:29 CDT