Hiding files inside images (Steganography)

This might get more interest over on the Information Security forum.

ChRoMe wrote: »

Use PGP, don't roll your own.

If its the same password to encrypt and decrypt, that's symmetric encryption that you want, so probably not PGP/GPG which are more associated with asymmetric/public-private key encryption.

But the point chrome is making, to not roll your own encryption, is something that everyone agrees on. If you try to write your own encryption, you'll get it wrong and it'll probably be easy for someone skilled to break.


Whether you care about that depends on the scope of your project.


If you want strong encryption, you probably want something like AES for symmetric encryption. That's a common standard. Openssl has good implementations and a lot of people use it when they need an encryption library.

But even then you'll need something that people can't just brute force by guessing the password...

These things take an awful lot of work to get right, if you want to make them 'strong'. One error, one side channel, can compromise everything. Whether this project is worth that much work is up to the OP. If you do want to make it strong, there's a good bit of reading to do, followed by careful coding etc.


Just make sure you are clear to your users whether the hard work to make it properly secure has been done, or not.

Non technical people can end up relying on software to secure them, without having a clue whats going on. That might be a big deal if someone is living under an oppressive regime or something... so you generally want to be clear about what level of security users can expect.

cirx08 wrote: »

No better way to get better at programming than to keep practising

Absolutely.

Just, if you release something to the public that has encryption, or security, listed as a feature, make sure you are up front and unambiguous about the limits of how much they should trust the security.

This is pretty cool, could be expanded by adding some kind of passcode to the file and running it through some kind of decryption algorithm, a very simple one being a caesar cipher.

edit:
nevermind looks like other people are already discussing that!

Procasinator wrote: »

Personally, I would say the plausible deniability TrueCrypt offers you is achieved through the use of steganography.

I think I understand the semantics you are using, if I understand you right:

You are saying that 1) the fact that encrypted volumes are indistinguishable (at least in theory) from random data,
2) means that the random data at the end of the outer volume could contain a hidden volume which can't be discovered.
Hence, you would say that that entire system is a steganographic system which allows volumes to be stored in a hidden manner at the end of a containing volume.

And you would say that this entire setup allows plausible deniability, in that someone could say 'oh there is no hidden volume'.

While I agree with the last bit, about plausible deniability, I don't like describing truecrypt as offering steganography. (Maybe you agree?)

I guess you could to say it uses steganography to offer deniability, but that isn't the same thing as the system as a whole offer steganography, which I don't think it does.


The wikipedia definition of steganography (first sentence):

Wikipedia wrote:

"Steganography is the art and science of writing hidden messages in such a way that no one, apart from the sender and intended recipient, suspects the existence of the message, a form of security through obscurity. "

Truecrypt fails that test.
An adversary, upon seeing a truecrypt volume (or large unmarked file in the filesystem), will always suspect that 1) there's a truecrypt volume there, and 2) there's a hidden volume in that truecrypt volume.

The owner of the volume could plausibility deny it, but the adversary will still suspect the existance of the message; so truecrypt, as a whole system, doesn't offer steganography.


Which brings us on to...

ChRoMe wrote: »

Thats exactly what it is, true crypt's concept is that if someone holds a gun to your head and you supply them the key/password to decrypt, if the hidden partition is not exposed, that will help prove you did it under duress.

I don't exactly understand your post, there, Chrome - Im not sure it makes sense?


But, anyway, what I wanted to say, is that if you are in a 'gun to head' scenario (improbable, but heaven forbid), truecrypt offers no protection.

The bad guys will just beat you with the $5 wrench until you tell them the password to the inner volume.

You will tell them the password before they stop beating you with the wrench, because that's how humans work.


And, that, is why I don't consider truecrypt steganography.
Whereas perhaps a clever way of embedding messages in images, like the OP is working on (but (at least somewhat) statistically secure, which the OP doesn't have) is potentially steganography, in that an adversary would never even suspect a message, truecrypt does not offer that.

mad turnip wrote: »

This is pretty cool, could be expanded by adding some kind of passcode to the file and running it through some kind of decryption algorithm, a very simple one being a caesar cipher.

The caesar cipher won't even keep out your kid sister :-)

fergalr wrote: »

The caesar cipher won't even keep out your kid sister :-)

I mistakenly just read page one, and stupidly forgot that people on boards actually have an idea what there talking about!!!!!!!!!!

fergalr wrote: »

The owner of the volume could plausibility deny it, but the adversary will still suspect the existance of the message; so truecrypt, as a whole system, doesn't offer steganography.

Ill tell you what, make some memory dumps compress and encrypt them for security and add all your files in there for any serious software developer memory dumps are quite common and quite large in size good luck for anyone shifting through that load of muck! And not to mention if there is 20 memory dumps gl finding the right one!

srsly78 wrote: »

Fergal TrueCrypt lets you give a "fake password" for $5 wrench scenarios, this gives access to a fake "secret" partition.

First off, to the best of my knowledge:

- For a given truecrypt container, there can be one 'standard' 'outer' volume, and one 'inner' 'hidden' volume.

- The truecrypt docs refer to those as 'standard' and 'hidden' volumes.
http://www.truecrypt.org/docs/hidden-volume


So, you are saying, that you just give the password to the 'standard' 'outer' volume, and all your worries are over, Truecrypt has successfully protected you, and hence is equivalent to steganography?


My point is, that in this unfair and nasty world that we live in, if a bad guy is standing over you with a wrench, and you give him the password to the 'standard' volume, do you think all your worries are over? S/He decrypts the volume, and says 'Oh, that doesnt have the files we are looking for. Sorry about that, you can go now.'? Or, do you think they will say 'oh, I see you are using software which supports an additional hidden volume. Please give me the password for it.'


Now, thankfully, I live in a nice country like Ireland, where I would only be using truecrypt to stop someone who stole my laptop looking at my personal files, and where $5 wrenches are rare.

But, there are people who live in nastier parts of the world. If you live in one of those parts, the plausibility deniability of Truecrypt isn't going to help you, if the bad guys take your computer and see at the .tc files.


You might say 'well, perhaps if they just see jpegs on your computer, they'll suspect you have data hidden in the jpegs, and will interrogate you anyway?'

However, I would say that the [probability_of_hidden_data, given truecrypt] is very much greater than the [probability_of_hidden_data, given jpegs on computer]. I think it'd be hard to argue with that.


We are into pretty abstract distinctions, in questions of degree of security here. Thankfully.

Dermot Illogical wrote: »

The installer won't work offline. Is it set up to phone home or something?

Edit: It's trying to connect to bi.bisrv.com if I'm reading wireshark correctly. What's that about?

Heh the plot thickens, as this all been an elaborate ruse?