This is an nice piece of work, but I have a couple of comments: 1. The paper asserts "Even if the majority of passwords used to hide content were strong, there would be a small percentage of weak passwords ... and we should have been able to find them." That might be true if there are a large number of stego users independently selecting passwords, but it's not a compelling argument if stego is being employed by a few sophisticated terrorist organizations, as suggested by the April 1991 Newsday article, http://www.usatoday.com/life/cyber/tech/2001-02-05-binladen.htm . It is quite likely that such organizations train users to select strong passwords or passphrases. Indeed, since the stego systems use symmetric keys, field cells would have to be assigned passwords prior to deployment. In all likelihood this would be done by a central communications group, with good crypto skills.
Even if some cells did use weak passwords, they are likely to derive them from languages and religious quotes that I suspect are not well represented in your dictionary. There is also the possibility that the terrorist organizations modified published stego programs or built their own from scratch, perhaps to incorporate public key methods. In that case, a dictionary attack is hopeless. I don't think you can conclude much from the failure of your dictionary attack to decrypt any messages. 2. The signature graphs you presented for several of the stego methods seemed very strong. I wonder if there is more pattern recognition possible to determine highly likely candidates. I would be interested in seeing what the graphs look like for the putative false alarms you found. It also might be interesting to run the detection program on a corpus of JPEGs known NOT to contain stego, such as a clip art CD. 3. If you did succeed in decrypting one of Osama Bin Laden's missives, wouldn't he have a case against you under DMCA? Arnold Reinhold At 12:16 PM -0500 12/21/01, Niels Provos wrote: >I just released Stegdetect 0.4. It contains the following changes: > > - Improved detection accuracy for JSteg and JPhide. > - JPEG Header Analysis reduces false positives. > - JPEG Header Analysis provides rudimentary detection of F5. > - Stegbreak uses the file magic utility to improve dictionary > attack against OutGuess 0.13b. > >You can download the UNIX source code or windows binary from > > http://www.outguess.org/download.php > >----- >The results from analyzing one million images from the Internet Archive's >USENET archive are available at > > http://www.citi.umich.edu/u/provos/stego/usenet.php > >[...] > After scanning two million images from eBay without finding any > hidden messages, we extended the scope of our analysis. > > This page provides details about the analysis of one million images > from the Internet Archive's USENET archive. > > Processing the one million images with stegdetect results in about > 20,000 suspicious images. We launched a dictionary attack on the > JSteg and JPHide positive images. The dictionary has a size of > 1,800,000 words and phrases. The disconcert cluster used to > distribute the dictionary attack has a peak performance of roughly > 87 GFLOPS. > > However, we have not found a single hidden message. >[...] > >Comments and feedback are welcome. We have an FAQ at > > http://www.citi.umich.edu/u/provos/stego/faq.html > >Regards and a merry Christmas, > Niels Provos > > > >--------------------------------------------------------------------- >The Cryptography Mailing List >Unsubscribe by sending "unsubscribe cryptography" to >[EMAIL PROTECTED] --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]