|
||
|
11 April 2013 Is Facebook's Secretbook Secure?
Date: Thu, 11 Apr 2013 11:56:57 +0100 That's two different properties... if the stego message has been encrypted before it is embedded then if the key is long enough then it is likely to stay secret. If "too much" data is embedded then it will be detectable by one of a number of methods (real pictures have various statistical properties that are disrupted by the embedding of what is effectively "noise"). There's a vast literature on this, good starting place is Jessica Fridrich's work: http://www.ws.binghamton.edu/fridrich/
>"The goal of this research was to demonstrate that JPEG steganography
can Embedding short messages into media that will survive transforms is called "watermarking" and there is a large literature on that as well! The initial robustness scheme called StirMark dates from 1997: http://www.petitcolas.net/fabien/watermarking/stirmark/ And since this is usually successfully passed, there have been later proposals such as CheckMark which add more transforms. The particular proposal here seems to have been specifically designed to survive Facebook's transform rather than to survive more general changes to the image.
>It wasn't easy developing the extension. "Many tools for steganography
in His draft paper is at: https://dl.dropboxusercontent.com/u/6853624/secretbook-draft-1.pdf It contains no references to other work at present, so it's not possible to see whether or not he has encountered the papers that might disabuse him of this exact statement :(
>If you've encoded a secret message in the image, Facebook will garble
An important reason for processing the images is that this prevents people
installing malicious images on their pages which will compromise visitors
whose graphic display software contains security flaws! I fully expect [but
have not tested] that Google+ does do some manipulations to avoid
this! __________
List-Id: UK Cryptography Policy Discussion Group
<ukcrypto.chiark.greenend.org.uk>
|