On the limits of steganography

In this paper, we clarify what steganography is and what it can do. We contrast it with the related disciplines of cryptography and traffic security, present a unified terminology agreed at the first international workshop on the subject, and outline a number of approaches-many of them developed to hide encrypted copyright marks or serial numbers in digital audio or video. We then present a number of attacks, some new, on such information hiding schemes. This leads to a discussion of the formidable obstacles that lie in the way of a general theory of information hiding systems (in the sense that Shannon gave us a general theory of secrecy systems). However, theoretical considerations lead to ideas of practical value, such as the use of parity checks to amplify covertness and provide public key steganography. Finally, we show that public key information hiding systems exist, and are not necessarily constrained to the case where the warden is passive.

[1]  Scott Craver,et al.  On Public-Key Steganography in the Presence of an Active Warden , 1998, Information Hiding.

[2]  Markus G. Kuhn,et al.  Tamper resistance: a cautionary note , 1996 .

[3]  Nicholas F. Maxemchuk,et al.  Electronic document distribution , 1994, AT&T Technical Journal.

[4]  Dennis Gabor,et al.  Theory of communication , 1946 .

[5]  Charalampos Manifavas,et al.  Chameleon - A New Kind of Stream Cipher , 1997, FSE.

[6]  Serge Vaudenay,et al.  The Newton Channel , 1996, Information Hiding.

[7]  Thomas W. Parsons,et al.  Voice and Speech Processing , 1986 .

[8]  Ioannis Pitas,et al.  A method for signature casting on digital images , 1996, Proceedings of 3rd IEEE International Conference on Image Processing.

[9]  Robert J. Hart,et al.  A voluntary international numbering system - the latest WIPO proposals , 1995, Comput. Law Secur. Rev..

[10]  Peter Wayner Disappearing cryptography - being and nothingness on the net , 1996 .

[11]  Eckhard Koch,et al.  Towards Robust and Hidden Image Copyright Labeling , 1995 .

[12]  Gustavus J. Simmons,et al.  How to insure that data acquired to verify treaty compliance are trustworthy , 1988, Proc. IEEE.

[13]  Michael K. Reiter,et al.  Crowds: anonymity for Web transactions , 1998, TSEC.

[14]  I. S. Moskowitz,et al.  Covert channels-here to stay? , 1994, Proceedings of COMPASS'94 - 1994 IEEE 9th Annual Conference on Computer Assurance.

[15]  Ross Anderson,et al.  Information hiding terminology , 1996 .

[16]  Gustavus J. Simmons,et al.  A survey of information authentication , 1988, Proc. IEEE.

[17]  Ross J. Anderson Stretching the Limits of Steganography , 1996, Information Hiding.

[18]  Bruce Schneier,et al.  Applied cryptography : protocols, algorithms, and source codein C , 1996 .

[19]  Jonathan T. Trostle,et al.  Modelling a fuzzy time system , 1993, Proceedings 1993 IEEE Computer Society Symposium on Research in Security and Privacy.

[20]  D. Schilling Meteor burst communications : theory and practice , 1993 .

[21]  Eliathamby Ambikairajah,et al.  Auditory masking and MPEG-1 audio compression , 1997 .

[22]  Paul F. Syverson,et al.  Hiding Routing Information , 1996, Information Hiding.

[23]  Birgit Pfitzmann,et al.  Trials of Traced Traitors , 1996, Information Hiding.

[24]  Walter Bender,et al.  Techniques for Data Hiding , 1996, IBM Syst. J..

[25]  David Aucsmith,et al.  Tamper Resistant Software: An Implementation , 1996, Information Hiding.

[26]  Ahmed H. Tewfik,et al.  Digital watermarks for audio signals , 1996, 1996 8th European Signal Processing Conference (EUSIPCO 1996).

[27]  C. E. SHANNON,et al.  A mathematical theory of communication , 1948, MOCO.

[28]  Bernard P. Zajac Applied cryptography: Protocols, algorithms, and source code in C , 1994 .

[29]  C. F. Osborne,et al.  A digital watermark , 1994, Proceedings of 1st International Conference on Image Processing.

[30]  Ingo Stierand,et al.  Computer Based Steganography: How It Works and Why Therefore Any Restrictions on Cryptography Are Nonsense, at Best , 1996, Information Hiding.

[31]  Steven H. Low,et al.  Copyright protection for the electronic distribution of text documents , 1999, Proc. IEEE.

[32]  Ken Wong,et al.  Fighting mobile phone fraud — Who is winning? — Part 1 , 1995 .

[33]  Gustavus J. Simmons,et al.  Results concerning the bandwidth of subliminal channels , 1998, IEEE J. Sel. Areas Commun..

[34]  Claude E. Shannon,et al.  Communication theory of secrecy systems , 1949, Bell Syst. Tech. J..

[35]  Gustavus J. Simmons,et al.  Contemporary Cryptology: The Science of Information Integrity , 1994 .

[36]  J. Hersey,et al.  Here to Stay , 1963 .

[37]  E. Owens,et al.  An Introduction to the Psychology of Hearing , 1997 .

[38]  Len Richardson,et al.  Communications: Theory and Practice , 1997 .

[39]  Gerhard C. Langelaar,et al.  Copy Protection for Multimedia Data based on Labeling Techniques , 1998 .

[40]  R. Anderson The Eternity Service , 1996 .

[41]  Ingemar J. Cox,et al.  A Secure, Robust Watermark for Multimedia , 1996, Information Hiding.

[42]  Bruce Schneier,et al.  Applied cryptography (2nd ed.): protocols, algorithms, and source code in C , 1995 .

[43]  Gustavus J. Simmons,et al.  The Prisoners' Problem and the Subliminal Channel , 1983, CRYPTO.

[44]  Walter Bender,et al.  Echo Hiding , 1996, Information Hiding.

[45]  Ross J. Anderson Liability and Computer Security: Nine Principles , 1994, ESORICS.

[46]  John McHugh,et al.  A cautionary note on image downgrading , 1992, [1992] Proceedings Eighth Annual Computer Security Application Conference.

[47]  Ronald S. Burt,et al.  A cautionary note , 1986 .

[48]  B. Moore An Introduction to the Psychology of Hearing , 1977 .

[49]  Gustavus J. Simmons,et al.  The history of subliminal channels , 1996, IEEE J. Sel. Areas Commun..

[50]  Frank Boland,et al.  Watermarking digital images for copyright protection , 1995 .