Schrecht t1_jb9jssl wrote
Reply to comment by volci in A group of researchers has achieved a breakthrough in secure communications by developing an algorithm that conceals sensitive information so effectively that it is impossible to detect that anything has been hidden by thebelsnickle1991
>If you're altering a source file (by adding information, as in this example), it's detectable
Technically true. For steganography, detection requires a copy of the original. If you create your own content and keep no copy after inserting the message, the bad guys don't have the original.
LummoxJR t1_jbbdp5l wrote
There are forms of steganography you can detect without the original, if you have an idea what patterns to look for. Ultimately the data is there somewhere.
Schrecht t1_jbbowfd wrote
Interesting. But it sounds like you're saying that the vulnerability is limited to some forms. Are there forms of steganography which lack that vulnerability?
TheSoup05 t1_jbbz3v3 wrote
Well, allegedly whatever type of steganography the article about doesn’t, but they don’t go into detail so I have my doubts.
The extent of my experience with steganography was a grad course a few years back with a professor who was a big name in the field. So I’m not an expert or anything, but I am somewhat familiar with this. And in my experience the answer is no. It’s an arms race. Someone comes up with a way to hide data, someone else comes up with a way to find it, so someone else comes up with a new way to hide it, so someone comes up with a new way to find it, etc. That’s not to say it’s perfectly accurate and that you can always tell with 100% certainty if a file has data encoded in it, but every method I’ve seen creates some artifact that is generally detectable with with a high degree of accuracy using the right kind of statistical analysis.
Schrecht t1_jbccdli wrote
Interesting. I feel like there must be a way to inject what looks like normal noise and perturb it in ways that look look natural but carry a signal. But you sound like your professor knew his shit. Thanks, it's something to think about.
LummoxJR t1_jbc1n6n wrote
If the data is there, it can be extracted, because the intended recipient was bound to have some way of extracting it. The question is how to know it's there and what to look for. For instance if you know the data is encoded in the LSB of a certain set of pixels in a lossless image, you can pull that data without the original. If you know roughly what to look for, like the data being in the LSB but aren't sure where, it's possible to run various types of pattern recognition on it. Plaintext encoded in the LSBs would be super obvious, for instance. But so would "noise" in an area of the image where LSB noise was expected to be low.
I have no idea what the state of the art is in steganographic detection, but I'm sure it involves the use of statistical tools to identify unexpected patterns in the data. Even if you used cryptography to encode a small piece of text so it became bitwise gibberish and then introduced it into a file through steganography, analytics could probably determine that the entropy of a particular part of the file shot way up. Once the data is found, the problem is no different than deciphering the intercepted message. Although steganography adds a layer of difficulty to the problem, it's just one layer. And if the trick is ever discovered, it stops being useful (to you) forever; you just have to find a new way of hiding data.
Viewing a single comment thread. View all comments