Provably Secure Steganography

Nicholas Hopper; Luis von Ahn; John Langford

doi:10.1109/TC.2008.199

Publication
2009
Issue No. 5 - May
Abstract - Provably Secure Steganography

	This Article
	Subscribers, please Login Purchase article: $19 PDF HTML IEEE Xplore Subscribers RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/EndNote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Nicholas Hopper Articles by Luis von Ahn Articles by John Langford

Provably Secure Steganography

May 2009 (vol. 58 no. 5)

pp. 662-676

	ASCII Text	x
	Nicholas Hopper, Luis von Ahn, John Langford, "Provably Secure Steganography," IEEE Transactions on Computers, vol. 58, no. 5, pp. 662-676, May, 2009.

	BibTex	x
	@article{ 10.1109/TC.2008.199, author = {Nicholas Hopper and Luis von Ahn and John Langford}, title = {Provably Secure Steganography}, journal ={IEEE Transactions on Computers}, volume = {58}, number = {5}, issn = {0018-9340}, year = {2009}, pages = {662-676}, doi = {http://doi.ieeecomputersociety.org/10.1109/TC.2008.199}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - JOUR JO - IEEE Transactions on Computers TI - Provably Secure Steganography IS - 5 SN - 0018-9340 SP662 EP676 EPD - 662-676 A1 - Nicholas Hopper, A1 - Luis von Ahn, A1 - John Langford, PY - 2009 KW - Steganography KW - covert channels KW - provable security. VL - 58 JA - IEEE Transactions on Computers ER -

Nicholas Hopper, University of Minnesota, Minneapolis

Luis von Ahn, Carnegie Mellon University, Pittsburgh

John Langford, Yahoo! Research, New York

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/TC.2008.199

Steganography is the problem of hiding secret messages in "innocent-looking” public communication so that the presence of the secret messages cannot be detected. This paper introduces a cryptographic formalization of steganographic security in terms of computational indistinguishability from a channel, an indexed family of probability distributions on cover messages. We use cryptographic and complexity-theoretic proof techniques to show that the existence of one-way functions and the ability to sample from the channel are necessary conditions for secure steganography. We then construct a steganographic protocol, based on rejection sampling from the channel, that is provably secure and has nearly optimal bandwidth under these conditions. This is the first known example of a general provably secure steganographic protocol. We also give the first formalization of "robust” steganography, where an adversary attempts to remove any hidden messages without unduly disrupting the cover channel. We give a necessary condition on the amount of disruption the adversary is allowed in terms of a worst case measure of mutual information. We give a construction that is provably secure and computationally efficient and has nearly optimal bandwidth, assuming repeatable access to the channel distribution.

[1] B.W. Lampson, “A Note on the Confinement Problem,” Comm. ACM, vol. 16, no. 10, pp. 613-615, 1973.
[2] NCSC-TG-030: A Guide to Understanding Covert Channel Analysis of Trusted Systems. US Nat'l Computer Security Center, 1993.
[3] D. Kahn, The Codebreakers: The Story of Secret Writing, revised ed. Scribner, 1996.
[4] G. Jagpal, “Steganography in Digital Images,” PhD dissertation, Cambridge Univ., Selwyn College, May 1995.
[5] Information Hiding Techniques for Steganography and Digital Watermarking. S. Katzenbeisser and F.A. Petitcolas, eds. Artech House, 2000.
[6] K. Matsui and K. Tanaka, “Video-Steganography: How to Secretly Embed a Signature in a Picture,” Proc. IMA IP Workshop, 1994.
[7] A. Westfeld and G. Wolf, “Steganography in a Video Conferencing System,” Proc. Second Int'l Workshop Information Hiding (IH '98), D. Aucsmith, ed., pp. 32-47, 1998.
[8] D. Gruhl, A. Lu, and W. Bender, “Echo Hiding,” Proc. First Int'l Workshop Information Hiding (IH '96), R.J. Anderson, ed., pp. 293-315, 1996.
[9] C. Neubauer, J. Herre, and K. Brandenburg, “Continuous Steganographic Data Transmission Using Uncompressed Audio,” Proc. Second Int'l Workshop Information Hiding (IH '98), vol. 1525, pp. 208-217, 1998.
[10] J. Brassil, S.H. Low, N.F. Maxemchuk, and L. O'Gorman, “Electronic Marking and Identification Techniques to Discourage Document Copying,” IEEE J. Selected Areas in Comm., vol. 13, no. 8, pp. 1495-1504, 1995.
[11] G.J. Simmons, “The Prisoners' Problem and the Subliminal Channel,” Proc. Int'l Cryptology Conf. (CRYPTO '83), pp. 51-67, 1983.
[12] R.J. Anderson, “Stretching the Limits of Steganography,” Proc. First Int'l Workshop Information Hiding (IH '96), pp. 39-48, 1996.
[13] R.J. Anderson and F.A. Petitcolas, “On the Limits of Steganography,” IEEE J. Selected Areas in Comm., vol. 16, no. 4, pp. 474-481, May 1998.
[14] C. Cachin, “An Information-Theoretic Model for Steganography,” Proc. Second Int'l Workshop Information Hiding (IH '98), pp. 306-318, 1998.
[15] T. Mittelholzer, “An Information-Theoretic Approach to Steganography and Watermarking,” Proc. Third Int'l Workshop Information Hiding (IH '99), A. Pfitzmann, ed., pp. 1-16, 1999.
[16] J.A. O'Sullivan, P. Moulin, and J.M. Ettinger, “Information Theoretic Analysis of Steganography,” Proc. IEEE Int'l Symp. Information Theory (ISIT '98), p. 297, Aug. 1998.
[17] J. Zöllner, H. Federrath, H. Klimant, A. Pfitzmann, R. Piotraschke, A. Westfeld, G. Wicke, and G. Wolf, “Modeling the Security of Steganographic Systems,” Proc. Second Int'l Workshop Information Hiding (IH '98), pp. 344-354, 1998.
[18] C. Cachin, “An Information-Theoretic Model for Steganography,” Information and Computation, vol. 192, no. 1, pp. 41-56, 2004.
[19] N.J. Hopper, J. Langford, and L. von Ahn, “Provably Secure Steganography,” Proc. 22nd Ann. Int'l Cryptology Conf. (CRYPTO'02), M. Yung, ed., pp. 77-92, 2002.
[20] N. Hopper, “Toward a Theory of Steganography,” PhD dissertation, Technical Report CMU-CS-04-157, Carnegie Mellon Univ., Pittsburgh, Aug. 2004.
[21] L. Reyzin and S. Russell, “Simple Stateless Steganography,” Cryptology ePrint Archive, Report 2003/093, http:/eprint.iacr. org/, 2003.
[22] N. Dedić, G. Itkis, L. Reyzin, and S. Russell, “Upper and Lower Bounds on Black-Box Steganography,” Proc. Second Theory of Cryptography Conf. (TCC '05), J. Kilian, ed., pp. 227-244, 2005.
[23] T.V. Le and K. Kurosawa, “Efficient Public Key Steganography Secure against Adaptively Chosen Stegotext Attacks,” Cryptology ePrint Archive, Report 2003/244, http:/eprint.iacr.org/, 2003.
[24] A. Lysyanskaya and M. Meyerovich, “Provably Secure Steganography with Imperfect Sampling,” Proc. Ninth Int'l Conf. Theory and Practice of Public-Key Cryptography (PKC '06), M. Yung, Y.Dodis, A. Kiayias, and T. Malkin, eds., pp. 123-139, 2006.
[25] M. Backes and C. Cachin, “Public-Key Steganography with Active Attacks,” Proc. Second Theory of Cryptography Conf. (TCC '05), J.Kilian, ed., pp. 210-226, 2005.
[26] O. Goldreich, S. Goldwasser, and S. Micali, “How to Construct Random Functions,” J. ACM, vol. 33, no. 4, pp. 792-807, 1986.
[27] J. Håstad, R. Impagliazzo, L.A. Levin, and M. Luby, “A Pseudorandom Generator from Any One-Way Function,” SIAM J. Computing, vol. 28, no. 4, pp. 1364-1396, 1999.
[28] J. Wolfowitz, Coding Theorems of Information Theory. Springer and Prentice Hall, 1978.
[29] J. Kilian, ed., Proc. Second Theory of Cryptography Conf. (TCC), 2005.

Index Terms:

Steganography, covert channels, provable security.

Citation:

Nicholas Hopper, Luis von Ahn, John Langford, "Provably Secure Steganography," IEEE Transactions on Computers, vol. 58, no. 5, pp. 662-676, May 2009, doi:10.1109/TC.2008.199

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.