OFFICIAL SECURITY BLOG
January 17, 2014 | BY Jean Taggart
“Stenography is the art and science of encoding hidden messages in such a way that no one, apart from the sender and intended recipient, suspects the existence of the message. It is a form of security through obscurity.”
We are seeing it’s use for both good, such as DissidentX that aims at providing political dissidents a way to communicate covertly, and bad such as obfuscation in malware samples, the Alureon Trojan comes to mind.
A simplified example would be a steganographically modified image, that appears perfectly normal, but upon closer inspection has a few random pixels that are of a different color.
To the untrained eye, these pixels could be static, maybe a bit of file corruption, when in fact they are a hidden message.
Traditional steganographic techniques tend not to be very stealthy and can be detected.
Brams new tool takes steganography to a whole new level and hopes to make the fact there’s a secret message even more difficult to detect.
It uses a new form of steganography that leverages cryptographic hashes to make detection more difficult. One example of the many new techniques it uses is the absence of text in a seed document can be used as part of the steganographic process.
This makes collaborating on the creation of an innocent looking document a possible covert channel! “I took that last paragraph out, I didn’t like it… Wink, Wink.”
DissidentX also allows for multiple messages to be encoded in the same document, providing a defense against “rubber hose decryption” my favorite kind! This is where the secret is extracted by force, with torture or by beating the recipient with a rubber hose, hence the name.
It’s interesting to see tools such as steganography, tools typically used to evade surveillance and repressive regimes making a resurgence.