Loading [a11y]/accessibility-menu.js
Provably Secure Steganography | IEEE Journals & Magazine | IEEE Xplore

Provably Secure Steganography


Abstract:

Steganography is the problem of hiding secret messages in "innocent-lookingrdquo public communication so that the presence of the secret messages cannot be detected. This...Show More

Abstract:

Steganography is the problem of hiding secret messages in "innocent-lookingrdquo public communication so that the presence of the secret messages cannot be detected. This paper introduces a cryptographic formalization of steganographic security in terms of computational indistinguishability from a channel, an indexed family of probability distributions on cover messages. We use cryptographic and complexity-theoretic proof techniques to show that the existence of one-way functions and the ability to sample from the channel are necessary conditions for secure steganography. We then construct a steganographic protocol, based on rejection sampling from the channel, that is provably secure and has nearly optimal bandwidth under these conditions. This is the first known example of a general provably secure steganographic protocol. We also give the first formalization of "robustrdquo steganography, where an adversary attempts to remove any hidden messages without unduly disrupting the cover channel. We give a necessary condition on the amount of disruption the adversary is allowed in terms of a worst case measure of mutual information. We give a construction that is provably secure and computationally efficient and has nearly optimal bandwidth, assuming repeatable access to the channel distribution.
Published in: IEEE Transactions on Computers ( Volume: 58, Issue: 5, May 2009)
Page(s): 662 - 676
Date of Publication: 31 October 2008

ISSN Information:


1 Introduction

A classic problem of computer security is the mitigation of covert channels. First introduced by Lampson [1], a covert channel in a (single-host or distributed) computer system can be roughly defined as any means by which two processes or users can exchange information in violation of security policy. While the exact detection of usable covert channels in a system is undecidable, many conservative approaches exist to detect and eliminate all potential covert channels; for example, the US Department of Defense "Light Pink Book" [2] on covert channel analysis includes detailed procedures to find and eliminate covert channels. Unfortunately, the cost of such elimination is often prohibitive; in this case, the Light Pink Book recommends techniques to limit the bandwidth of covert channels and requires auditing to detect any use of the covert channel. A natural question that arises from this suggestion is whether it is feasible for an auditor to do so.

Contact IEEE to Subscribe

References

References is not available for this document.