= 27d567bc2d48d9f40e9ccc20ea370b15)
Pentashagon comments on A pair of free information security tools I wrote - Less Wrong
You are viewing a comment permalink. View the original post to see all comments and the full post content.
= 783df68a0f980790206b9ea87794c5b6)
Loading…= b715d02e85f7b3b4ae65ca3d3e450868)
Subscribe to RSS Feed
Powered by Reddit
= f037147d6e6c911a85753b9abdedda8d)
You are viewing a comment permalink. View the original post to see all comments and the full post content.
Comments (97)
Does it change the low bits of white (0xFFFFFF) pixels? It would be a dead giveaway to find noise in overexposed areas of a photo, at least with the cameras I've used.
It does. Taking a picture of a solid white or black background will absolutely make it easier for an attacker with access to your data to be more confident that steganography is at work. That said there are some factors that mitigate this risk.
The iPhone's camera, combined with its JPG compression, inserts noise almost everywhere. This is far from exhaustive but in a series of 10 all-dark and 10 all-bright photos, the noise distribution of the untouched photos was comparable to the noise distribution of the decoy. Given that I don't control either of these, I'm not counting on this to hold up forever.
The app forces you to take a picture (and disables the flash) rather than use an existing one, lessening the chances that someone uses a noiseless picture. Again though, someone could still take a picture of a solid black wall.
Because of this, the visual decoy aspect of it is not meant as cryptographic protection. It's designed to lessen the chances that you will become a target. Any test designed to increase confidence in a tampered image requires access to your data which means the attacker has already targeted you in most cases. If that happens, there are other more efficient ways of determining what pictures would be worth attacking.
My original statement was that an attacker cannot confirm your image is a Decoy. They can raise their confidence that steganography is taking place. But unless a distinguishing attack against full AES exists, they can't say with certainty that the steganography at work is Decoy.
TL;DR: the decoy aspect of things is basically security through obscurity. The cryptographic protection comes from the AES encryption.
The fact that it distributes noise doesn't mean that the noise is uniformly distributed. It likely doesn't put the same noise in an area with is uniformly colored and an area that isn't uniformly colored.
I can't say with certainty either that the sun will rise tomorrow.
This seems like deliberate misinterpretation of Nanashi's point. You can't say with certainty that the Sun will rise tomorrow, but you can say so with extremely high probability. An attacker can't confirm that the image is a Decoy with a probability anywhere near as high.
Correct. I'd assign a probability of, say, 99.999999999999999999% that the sun will rise tomorrow.
If I were an attacker analyzing the noise distribution of an image, I could say with maybe 10% probability that an image has been tampered with. From there I have to further reduce the probability because there are hundreds of ways an image could have been tampered with that aren't Decoy.
For what it's worth, here is a sample of the noise distribution of the iPhone's JPEG compression vs. Decoy
(iPhone on left, Decoy on right)
http://i.cubeupload.com/ujKps6.png
(Note that these are not the same picture, because Decoy does not save or store the original version of either photo. It's two pictures where I held the iPhone very close against a wall. So there's a slight color variation)
That's pretty useless -- what you want is to look at some statistical measures of the empirical distributions of lower-order bits in these images. See e.g. this outdated page.
I don't blame you for not spotting this, since these comments have gone really all over the place. But I did describe how an attacker would use LSB or Chi^2 analysis to determine:
For posterity here is that section: "Incidentally, regarding the specific details of such a detection method:
We (and the attacker) already know that the distribution of base64 characters in an AES-encrypted ciphertext is approximately random and follows no discernible pattern. We also know that the ciphertext is encoded into the last 2 bits of each 8-bit pixel. So, we can, with X amount of confidence, show that an image is not a Decoy if we extract the last 2 bits of each pixel and discover the resulting data is non-randomly distributed.
However, because it is possible for normal, non-Decoy, compressed JPEGs to exhibit a random distribution of the data in the last 2 bits of each pixel, the presence of randomness does not confirm that an image is a Decoy.
The only viable attack here would be to pull images which are "visually similar" (a trivial task by simply using Google image search), reduce them to the same size, compress them heavily, and then examine the last 2 bits of each of their pixels. If there is a significant difference in the randomness of the control images vs. the randomness of the suspected image, you could then suggest with X% confidence that the suspected image has been tampered with.
However, because it is possible for an image to be tampered with and yet NOT be a Decoy image, even then you could still not, with any legitimate amount of confidence, use such a test to state that an image is a Decoy."
The point you're missing is that the purpose of steganography is not to be noticed as opposed to "you can't prove this beyond reasonable doubt". If I run statistical analysis on the images in your phone and enough of them show suspicious randomness in LSBs, your steganography has failed already.
I've already said this like, five times, but I am giving you a pass here because there are a billion comments on this post and I wouldn't expect someone to read all of them.
So, I just don't get it. What is your point here? That steganography has potential weaknesses? Is anyone suggesting otherwise?