There was that Russian Spy who was transmitting data for years on her Facebook account through steganography pictures on her Facebook account.
http://www.technologyreview.com/view/419833/russian-spies-us...
The FBI didn't know about it until after she was caught. So believe it or not, Steganography _works_. If you're trying to hide the fact that you're a spy, encrypting all of your messages over TOR is a bad idea.
On the other hand, if you pretend to be a normal person and embed secret messages in your Facebook posts, you can be a spy for years and not get caught.
I think one of the reasons stego works is because of the sheer amount of data being generated and shared in the modern world.
It's kind of a blessing and a curse for spy agencies. On the one hand, they love to collect data, and the more the better, since with more data to analyze, they can potentially learn more things. But the more data there is, the more computing power they have to throw at it to make sense of it.
So it's really not surprising that data can be hidden from spy agencies (possibly by relatively primitive means even), because they probably don't have the computing power (vast as their computing power is) to effectively run every possible detection algorithm and all their highly sophisticated (and probably computationally expensive) steganalysis software on so much data.
Videos, since they are so huge compared to other media files like text or audio, have always seemed like an ideal medium for stego to me. Of course, it's more difficult to preserve one's hidden data on sites like youtube that re-compress the videos that get uploaded to them, but any site that hosts original videos unmolested should be ripe for stego.
Right, but that means it inherits all the problems of security by obscurity, like it breaking as soon as the public knows the technique, which they do now.
My other point was that this seems to be equivalent to traditional stego solutions but with a key size equal to the algorithm size.
(And I'm not sure why merely asking about they key size problem and obscurity problem hurt the discussion enough to get hammered so hard...)
I never really understood why is it so.
Encrypted data must be indistinguishible from random, thus, if you replace any random projection of a file with your data, the result should be completely unrecognizable. It shouldn't really matter if your algorithms are public.
Is the problem that it's hard to get random projections from modern data? If so, why not use older formats?
From what I understand, ideally stego would be used in conjunction with encryption.
First, you would encrypt your message, then you would use stego to hide it.
If the stego is good, it would be a computationally intractable problem[2] for your adversary to determine whether there was indeed a message hidden within the data they were analyzing, with greater than 50% accuracy.
That said, I'm not sure how practical using an application like this would be for stego. It does not "whiten" the data it tries to hide, so unless the data's already whitened, it could potentially stand out like a sore thumb when subjected to steganalysis. And how would you propose actually using this?
This does present some intriguing possibilities, however, like maybe having Alice and Bob share a tweaked version of an OCR library and having Alice generate random images until her encrypted message has been "encoded" in such a way as to be recognizable by the tweaked OCR library that she shares with Bob. The tweaking of the library's character recognition parameters could be a sort of pre-shared key, and would not be available to Eve (the adversary).
[1] - this post comes from a hobbyist, not from any kind of security researcher, steganalyst, cryptoanalyst, etc. So please take what I say with a grain of salt and please correct me if I'm wrong.
[2] - "computationally intractable" being different for different adversaries, of course, which is one reason you need a good threat model.
