50 research outputs found
Generating Steganographic Text with LSTMs
Motivated by concerns for user privacy, we design a steganographic system
("stegosystem") that enables two users to exchange encrypted messages without
an adversary detecting that such an exchange is taking place. We propose a new
linguistic stegosystem based on a Long Short-Term Memory (LSTM) neural network.
We demonstrate our approach on the Twitter and Enron email datasets and show
that it yields high-quality steganographic text while significantly improving
capacity (encrypted bits per word) relative to the state-of-the-art.Comment: ACL 2017 Student Research Worksho
Information similarity metrics in information security and forensics
We study two information similarity measures, relative entropy and the similarity metric, and methods for estimating them. Relative entropy can be readily estimated with existing algorithms based on compression. The similarity metric, based on algorithmic complexity, proves to be more difficult to estimate due to the fact that algorithmic complexity itself is not computable. We again turn to compression for estimating the similarity metric. Previous studies rely on the compression ratio as an indicator for choosing compressors to estimate the similarity metric. This assumption, however, is fundamentally flawed. We propose a new method to benchmark compressors for estimating the similarity metric. To demonstrate its use, we propose to quantify the security of a stegosystem using the similarity metric. Unlike other measures of steganographic security, the similarity metric is not only a true distance metric, but it is also universal in the sense that it is asymptotically minimal among all computable metrics between two objects. Therefore, it accounts for all similarities between two objects. In contrast, relative entropy, a widely accepted steganographic security definition, only takes into consideration the statistical similarity between two random variables. As an application, we present a general method for benchmarking stegosystems. The method is general in the sense that it is not restricted to any covertext medium and therefore, can be applied to a wide range of stegosystems. For demonstration, we analyze several image stegosystems using the newly proposed similarity metric as the security metric. The results show the true security limits of stegosystems regardless of the chosen security metric or the existence of steganalysis detectors. In other words, this makes it possible to show that a stegosystem with a large similarity metric is inherently insecure, even if it has not yet been broken
Designing Secure and Survivable Stegosystems
Steganography, the art and science of carrying out hidden communication, is an emergingsub-discipline of information security. Unlike cryptography, steganography conceals the existenceof a secret message by embedding it in an innocuous container digital media, thereby enablingunobstrusive communication over insecure channels. Detection and extraction of steganographiccontents is another challenge for the information security professional and this activity iscommonly known as steganalysis. Recent progress in steganalysis has posed a challenge fordesign and development of stegosystems with high levels of security and survivability. In thispaper, different strategies have been presented that can be used to escape detection and foilan eavesdropper having high technical capabilities as well as adequate infrastructure. Based onthe strength and weaknesses of current steganographic schemes, ideas have been progressedto make detection and destruction of hidden information more difficult
On the Gold Standard for Security of Universal Steganography
While symmetric-key steganography is quite well understood both in the
information-theoretic and in the computational setting, many fundamental
questions about its public-key counterpart resist persistent attempts to solve
them. The computational model for public-key steganography was proposed by von
Ahn and Hopper in EUROCRYPT 2004. At TCC 2005, Backes and Cachin gave the first
universal public-key stegosystem - i.e. one that works on all channels -
achieving security against replayable chosen-covertext attacks (SS-RCCA) and
asked whether security against non-replayable chosen-covertext attacks (SS-CCA)
is achievable. Later, Hopper (ICALP 2005) provided such a stegosystem for every
efficiently sampleable channel, but did not achieve universality. He posed the
question whether universality and SS-CCA-security can be achieved
simultaneously. No progress on this question has been achieved since more than
a decade. In our work we solve Hopper's problem in a somehow complete manner:
As our main positive result we design an SS-CCA-secure stegosystem that works
for every memoryless channel. On the other hand, we prove that this result is
the best possible in the context of universal steganography. We provide a
family of 0-memoryless channels - where the already sent documents have only
marginal influence on the current distribution - and prove that no
SS-CCA-secure steganography for this family exists in the standard
non-look-ahead model.Comment: EUROCRYPT 2018, llncs styl
An Information- Theoretical Model for Streaming Media Based Stegosystems
Steganography in streaming media differs from steganography in images or audio files because of the continuous embedding process and the necessary synchronization of sender and receiver due to packet loss in streaming media. The conventional theoretical model for image steganography is not appropriate for explaining the security scenarios for streaming media based stegosystems. In this paper, we propose a new information-theoretical model with two pseudo-random sequences imitating the continuous embedding and synchronization characteristics of streaming media based stegosystems. We also discuss the statistical properties of Voice over Internet Protocol (VoIP) speech streams through theoretical analysis and experimental testing. The experimental results show the bit stream consisting of fixed codebook parameters in speech frames is similar in statistical characteristics to a white-noise sequence. The relative entropy between the VoIP speech stream and the embedded secret message has been found to be zero. This leads us to conclude that the proposed streaming media based stegosystem is secure against statistical detection; in other words, the statistical measures cannot detect the existence of the secret message embedded in VoIP speech streams
Hard Communication Channels for Steganography
This paper considers steganography - the concept of hiding the presence of secret messages in legal communications - in the computational setting and its relation to cryptography. Very recently the first (non-polynomial time) steganographic protocol has been shown which, for any communication channel, is provably secure, reliable, and has nearly optimal bandwidth. The security is unconditional, i.e. it does not rely on any unproven complexity-theoretic assumption. This disproves the claim that the existence of one-way functions and access to a communication channel oracle are both necessary and sufficient conditions for the existence of secure steganography in the sense that secure and reliable steganography exists independently of the existence of one-way functions. In this paper, we prove that this equivalence also does not hold in the more realistic setting, where the stegosystem is polynomial time bounded. We prove this by constructing (a) a channel for which secure steganography exists if and only if one-way functions exist and (b) another channel such that secure steganography implies that no one-way functions exist. We therefore show that security-preserving reductions between cryptography and steganography need to be treated very carefully
Constructing Perfect Steganographic Systems
We propose steganographic systems for the case when covertexts (containers)
are generated by a finite-memory source with possibly unknown statistics. The
probability distributions of covertexts with and without hidden information are
the same; this means that the proposed stegosystems are perfectly secure, i.e.
an observer cannot determine whether hidden information is being transmitted.
The speed of transmission of hidden information can be made arbitrary close to
the theoretical limit - the Shannon entropy of the source of covertexts. An
interesting feature of the suggested stegosystems is that they do not require
any (secret or public) key.
At the same time, we outline some principled computational limitations on
steganography. We show that there are such sources of covertexts, that any
stegosystem that has linear (in the length of the covertext) speed of
transmission of hidden text must have an exponential Kolmogorov complexity.
This shows, in particular, that some assumptions on the sources of covertext
are necessary
Perfectly secure steganography: hiding information in the quantum noise of a photograph
We show that the quantum nature of light can be used to hide a secret message
within a photograph. Using this physical principle we achieve
information-theoretic secure steganography, which had remained elusive until
now. The protocol is such that the digital picture in which the secret message
is embedded is perfectly undistinguishable from an ordinary photograph. This
implies that, on a fundamental level, it is impossible to discriminate a
private communication from an exchange of photographs.Comment: 5 pages, 3 figures + appendix : 5 pages, 6 figure
Perfectly Secure Steganography Using Minimum Entropy Coupling
Steganography is the practice of encoding secret information into innocuous
content in such a manner that an adversarial third party would not realize that
there is hidden meaning. While this problem has classically been studied in
security literature, recent advances in generative models have led to a shared
interest among security and machine learning researchers in developing scalable
steganography techniques. In this work, we show that a steganography procedure
is perfectly secure under Cachin (1998)'s information-theoretic model of
steganography if and only if it is induced by a coupling. Furthermore, we show
that, among perfectly secure procedures, a procedure maximizes information
throughput if and only if it is induced by a minimum entropy coupling. These
insights yield what are, to the best of our knowledge, the first steganography
algorithms to achieve perfect security guarantees for arbitrary covertext
distributions. To provide empirical validation, we compare a minimum entropy
coupling-based approach to three modern baselines -- arithmetic coding, Meteor,
and adaptive dynamic grouping -- using GPT-2, WaveRNN, and Image Transformer as
communication channels. We find that the minimum entropy coupling-based
approach achieves superior encoding efficiency, despite its stronger security
constraints. In aggregate, these results suggest that it may be natural to view
information-theoretic steganography through the lens of minimum entropy
coupling