WMW
  NEWS     ABOUT     PARTNERS     CONTACT  
  HELP
WATERMARKING
  • Biography
  • FAQ
MAILINGLIST
  • Management
  • Archive
CONFERENCES
  • Calls
BENCHMARKING
  • Stirmark
  • CheckMark
  • Optimark
BOOKS
LINKS
  • Companies
  • Research
  • Others
WEBRING
DISCLAIMER
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [WM]: steganalysis attack against spammimic


It's nice that someone has taken the time to do a bit of steganalysis  
of the spam mimic tool. (The current website is based on some pascal  
code I wrote long ago when Pascal was hip!)

The author is correct that the current set up doesn't make it easy  
for people to change the phrases used to encode messages. But that's  
just a limit of the coding. My original interface let the user keep  
the grammar file separate as a sort of key. (This isn't practical at  
all on the web because the grammar files have a pretty gnarly grammar  
themselves.)

If anyone is interested, they can dig a bit deeper into my book  
_Disappearing Cryptography_ and find a better discussion of some ways  
to revise and extend the code. They are, alas, largely theoretical  
now, but they have the potential to add a great deal of complexity to  
the process. In a theoretical sense, you can make the entire process  
turing complete and then breaking becomes undecidable. It's not clear  
this has any practical significance because the real trick is finding  
the right selection of phrases.

A more practical approach may be to use some key to scramble the  
phrase book/grammar. This isn't so hard and it would thwart basic  
cryptanalysis.

Some of these details are also in the original mimic function paper  
in Cryptologia.

--Peter

BTW: Turn here for info on the book:

http://www.wayner.org/books/discrypt2/




On Apr 11, 2007, at 12:28 PM, Claudio/vecna wrote:

> I've published this simple analysis:
>
> http://www.delirandom.net/20070407/steganalysis-attack-against- 
> spammimic/
>
> The author of www.spammimic.com has answer me with:
>
>> As the author of that report pointed out, I am a bit constrained  
>> but backwards
>> compatibility.  It wouldn't be nice to my users to change the  
>> coding.  If I had
>> a selection of codings available it would confuse some recipients.
>>
>> It still works as a casual tool.
>
> I've answer to him:
>
>> I've study this problem for stegoclick http://www.delirandom.net/ 
>> 20070402/stegoclick-01/ because, two days after the release of  
>> 0.1, I've build a better 0.2, and some idea for 0.3 and so on...
>>
>> The unique solution IMHO, is to do a simple encoding set (able to  
>> contain 4 bit = 8 combination) usefull for detect the "encoding  
>> version", o ar "steganographyc protocol version", so will be able  
>> to decode correctly the message. the 4 bit should stay in a  
>> specific fixed cover, unchanged between different releases.
>
> What do you think about ?
>
> Thanks, have a nice day
> Claudio/vecna
>




______________________________________________________________________________

Watermarking Mailing List - http://www.watermarkingworld.org/ml.html
To unsubscribe send email to "majordomo@watermarkingworld.org" with
"unsubscribe watermarking YOURMAIL" in the body.
______________________________________________________________________________
© 2000-2002 by WatermarkingWorld
Design and Concept by Martin Kutter