Real-time steganographic proxies for the technically-challenged?

Reply · March 29, 2011, 7:58pm

Let’s say I’m determined to, er, exercise my freedom of speech over the Internet, and I want to do so in a way that’s difficult to detect. Or let’s say (perhaps more realistically), someone’s an Internet user in a country that frowns upon such shenanigans.

There are services like Tor and Freenet, but they have clearly-identifiable signatures or send obviously encrypted traffic.

Are there any easy-to-use services that disguise encrypted two-way communications inside live video or audio such that The Powers That Be will see a “Hi, Mom… yeah, how are the dogs? Yeah… uh-huh… blah blah blah” while an encrypted chat session is going on behind the scenes, piggybacking on the video?

And would something like that have an easily detectable statistical signature?

Blaster_Master · March 29, 2011, 8:25pm

I’m unsure if there are any easy to use services, though I have my doubts, I can’t really answer that question, but I can answer your other question about the statistical signature it leaves behind. In short, with an encrypted chat, presumably text chat, you could probably get away with it if it were embedded in video simply because the ratio of the message relative to the space in which to hide it is relatively small.

Most of my experience in this was with encoding and detecting messages embedded in images, primarily jpegs, but I suspect it generalizes decently to video. The primary issue is that, by design, encrypted data should be statistically as similar to purely random data as possible otherwise some information about the data is potentially retrievable. The statistical issue arises in the fact that images, and videos, are decidely NOT random data and there are distinct patterns, and so caution has to be taken when hiding the data, because every bit replaced changes that distribution. Obviously, encoding at a lower rate will have a smaller effect on this distribution and, thus, make it more difficult to detect.

That said, statistics isn’t generally the method that is used to detect embedded messages because a text message hidden in a large image or video would be almost impossible to detect statistically, as it would easily fall within the range of typical variation unless done extremely sloppily. Instead, the more interesting concerns comes with the way in which images and videos are compressed. In the same way that compression can cause artifacts to appear in images and video, manipulating the data in those compressions can also create artifacts, which are easier to detect because the entire methodology behind compression is essentially based on patterns. Particularly with images and videos, there is a lot of context for detecting artifacts, such as adjacent regions in an image and, in a video, even neighboring frames.

That said, I think there still ought to be enough bandwidth in a video to successfully avoid detection of text chat, simply because you’re talking about ratios on the order of 1:100000+. Where, in my research, we were having terrible detection rates well before reaching ratios that small.

spenczar · March 29, 2011, 9:22pm

Not only is it possible, but it exists in freeware form. SteganRTP is a protocol for hiding data in RTP packets, which lets you hide messages (probably text) inside of a VOIP call. Dustin Trammel introduced this with a great talk at DEFCON (a hacker conference) about this four years ago. Not sure if it’s actually any good - it doesn’t appear to have received much attention.

Reply · March 30, 2011, 6:13am

Fascinating!

Thank you, Blaster Master, for the insight and thank you spenczar for the link