Pooled Steganalysis in JPEG: how to deal with the spreading strategy?

International audienceIn image pooled steganalysis, a steganalyst, Eve, aims to detect if a set of images sent by a steganographer, Alice, to a receiver, Bob, contains a hidden message. We can reasonably assess that the steganalyst does not know the strategy used to spread the payload across images. To the best of our knowledge, in this case, the most appropriate solution for pooled steganalysis is to use a Single-Image Detector (SID) to estimate/quantify if an image is cover or stego, and to average the scores obtained on the set of images. In such a scenario, where Eve does not know the spreading strategies, we experimentally show that if Eve can discriminate among few well-known spreading strategies, she can improve her steganalysis performances compared to a simple averaging or maximum pooled approach. Our discriminative approach allows obtaining steganalysis efficiencies comparable to those obtained by a clairvoyant, Eve, who knows the Alice spreading strategy. Another interesting observation is that DeLS spreading strategy behaves really better than all the other spreading strategies. Those observations results in the experimentation with six different spreading strategies made on Jpeg images with J-UNIWARD, a state-of-the-art Single-Image-Detector, and a dis-criminative architecture that is invariant to the individual payload in each image, invariant to the size of the analyzed set of images, and build on a binary detector (for the pooling) that is able to deal with various spreading strategies

Human Public-Key Encryption

This paper proposes a public-key cryptosystem and a short password encryption mode, where traditional hardness assumptions are replaced by specific refinements of the CAPTCHA concept called Decisional and Existential CAPTCHAs. The public-key encryption method, achieving 128-bit security, typically requires from the sender to solve one CAPTCHA. The receiver does not need to resort to any human aid. A second symmetric encryption method allows to encrypt messages using very short passwords shared between the sender and the receiver. Here, a simple 5-character alphanumeric password provides sufficient security for all practical purposes. We conjecture that the automatic construction of Decisional and Existential CAPTCHAs is possible and provide candidate ideas for their implementation