Efficient Steganography with Provable Security Guarantees

We provide a new provably-secure steganographic encryption protocol that is proven secure in the complexity-theoretic framework of Hopper et al. The fundamental building block of our steganographic encryption protocol is a “one-time stegosystem” that allows two parties to transmit one-time steganographic messages of length shorter than the shared key with information-theoretic security guarantees. The employment of a pseudorandom number generator (PRNG) allows the transmission of longer messages in the same way that such a generator allows the use of one-time pad encryption for messages longer than the key in symmetric encryption. The advantage of our construction compared to that of Hopper et al. is that it avoids the use of a pseudorandom function family and instead relies (directly) on a PRNG in a way that provides a linear versus constant improvement in the number of applications of the underlying (say) one-way permutation per bit transmitted. This advantageous trade-off is achieved by substituting the pseudorandom function family employed in the previous construction with an appropriate combinatorial construction that has been used extensively in derandomization, namely almost t-wise independent function families.

[1]  Avi Wigderson,et al.  Extracting randomness via repeated condensing , 2000, Proceedings 41st Annual Symposium on Foundations of Computer Science.

[2]  Shirley Dex,et al.  JR 旅客販売総合システム(マルス)における運用及び管理について , 1991 .

[3]  Sang Joon Kim,et al.  A Mathematical Theory of Communication , 2006 .

[4]  Victor Shoup,et al.  A computational introduction to number theory and algebra , 2005 .

[5]  Nicholas Hopper,et al.  Public-Key Steganography , 2003, EUROCRYPT.

[6]  Thomas Mittelholzer,et al.  An Information-Theoretic Approach to Steganography and Watermarking , 1999, Information Hiding.

[7]  Silvio Micali,et al.  How to construct random functions , 1986, JACM.

[8]  Noam Nisan,et al.  Extracting Randomness: A Survey and New Constructions , 1999, J. Comput. Syst. Sci..

[9]  J. H. van Lint,et al.  Introduction to Coding Theory , 1982 .

[10]  Ronen Shaltiel,et al.  Recent Developments in Explicit Constructions of Extractors , 2002, Bull. EATCS.

[11]  Noga Alon,et al.  Simple Construction of Almost k-wise Independent Random Variables , 1992, Random Struct. Algorithms.

[12]  J. H. van Lint,et al.  Introduction to Coding Theory , 1982 .

[13]  Noam Nisan,et al.  Extracting randomness: how and why. A survey , 1996, Proceedings of Computational Complexity (Formerly Structure in Complexity Theory).

[14]  Ran Raz,et al.  Extracting all the randomness and reducing the error in Trevisan's extractors , 1999, STOC '99.

[15]  Noga Alon,et al.  Simple construction of almost k-wise independent random variables , 1990, Proceedings [1990] 31st Annual Symposium on Foundations of Computer Science.

[16]  Moni Naor,et al.  Number-theoretic constructions of efficient pseudo-random functions , 1997, Proceedings 38th Annual Symposium on Foundations of Computer Science.

[17]  Robert G. Gallager,et al.  A simple derivation of the coding theorem and some applications , 1965, IEEE Trans. Inf. Theory.

[18]  Hannes Federrath,et al.  Modeling the Security of Steganographic Systems , 1998, Information Hiding.

[19]  Moni Naor,et al.  Small-Bias Probability Spaces: Efficient Constructions and Applications , 1993, SIAM J. Comput..

[20]  Christian Cachin,et al.  An information-theoretic model for steganography , 1998, Inf. Comput..

[21]  Gustavus J. Simmons,et al.  The Prisoners' Problem and the Subliminal Channel , 1983, CRYPTO.

[22]  Noam Nisan,et al.  Randomness is Linear in Space , 1996, J. Comput. Syst. Sci..