Planning a Jailbreak: Use Steganography€¦ · Robert Kunnemann¨ Planning a Jailbreak: Use...
Transcript of Planning a Jailbreak: Use Steganography€¦ · Robert Kunnemann¨ Planning a Jailbreak: Use...
OutlineIntroduction
Information Hiding in HistoryInformation Hiding Today
Kerckhoff’s principleDefinition of steganographic security
Planning a Jailbreak: Use Steganography
Robert Kunnemann
August 11, 2007
Robert Kunnemann Planning a Jailbreak: Use Steganography
OutlineIntroduction
Information Hiding in HistoryInformation Hiding Today
Kerckhoff’s principleDefinition of steganographic security
IntroductionThe Prisoners ProblemWhy hiding?Ethical Positions
Information Hiding in HistoryHistoric Stegosystems
Information Hiding TodayTerminologyAttackHiding information in LSBCovert Channels
Kerckhoff’s principleKerckhoff’s principleSecurity by Obscurity
Definition of steganographic securitypublic-key stego-systemsSSA-CA Robert Kunnemann Planning a Jailbreak: Use Steganography
OutlineIntroduction
Information Hiding in HistoryInformation Hiding Today
Kerckhoff’s principleDefinition of steganographic security
The Prisoners ProblemWhy hiding?Ethical Positions
The Prisoners Problem
Simmons’ Prisoner’s Problem:
I Alice and Bob in Jail, seperated cells
I plan an escape plan
I send messages via couriers, who are spys set by warden Eve.
I Eve suspicious ⇒ both sent to Solitary confinement
I they shared a secret keyword before going to prison (allthoughthis is not necessary in all cases)
Robert Kunnemann Planning a Jailbreak: Use Steganography
OutlineIntroduction
Information Hiding in HistoryInformation Hiding Today
Kerckhoff’s principleDefinition of steganographic security
The Prisoners ProblemWhy hiding?Ethical Positions
The Prisoners Problem
Simmons’ Prisoner’s Problem:
I Alice and Bob in Jail, seperated cells
I plan an escape plan
I send messages via couriers, who are spys set by warden Eve.
I Eve suspicious ⇒ both sent to Solitary confinement
I they shared a secret keyword before going to prison (allthoughthis is not necessary in all cases)
Robert Kunnemann Planning a Jailbreak: Use Steganography
OutlineIntroduction
Information Hiding in HistoryInformation Hiding Today
Kerckhoff’s principleDefinition of steganographic security
The Prisoners ProblemWhy hiding?Ethical Positions
The Prisoners Problem
Simmons’ Prisoner’s Problem:
I Alice and Bob in Jail, seperated cells
I plan an escape plan
I send messages via couriers, who are spys set by warden Eve.
I Eve suspicious ⇒ both sent to Solitary confinement
I they shared a secret keyword before going to prison (allthoughthis is not necessary in all cases)
Robert Kunnemann Planning a Jailbreak: Use Steganography
OutlineIntroduction
Information Hiding in HistoryInformation Hiding Today
Kerckhoff’s principleDefinition of steganographic security
The Prisoners ProblemWhy hiding?Ethical Positions
The Prisoners Problem
Simmons’ Prisoner’s Problem:
I Alice and Bob in Jail, seperated cells
I plan an escape plan
I send messages via couriers, who are spys set by warden Eve.
I Eve suspicious ⇒ both sent to Solitary confinement
I they shared a secret keyword before going to prison (allthoughthis is not necessary in all cases)
Robert Kunnemann Planning a Jailbreak: Use Steganography
OutlineIntroduction
Information Hiding in HistoryInformation Hiding Today
Kerckhoff’s principleDefinition of steganographic security
The Prisoners ProblemWhy hiding?Ethical Positions
The Prisoners Problem
Simmons’ Prisoner’s Problem:
I Alice and Bob in Jail, seperated cells
I plan an escape plan
I send messages via couriers, who are spys set by warden Eve.
I Eve suspicious ⇒ both sent to Solitary confinement
I they shared a secret keyword before going to prison (allthoughthis is not necessary in all cases)
Robert Kunnemann Planning a Jailbreak: Use Steganography
OutlineIntroduction
Information Hiding in HistoryInformation Hiding Today
Kerckhoff’s principleDefinition of steganographic security
The Prisoners ProblemWhy hiding?Ethical Positions
The Warden
Eve can be
I passive, restricted to eavesdropping or
I active and change messages / emit new ones.
Robert Kunnemann Planning a Jailbreak: Use Steganography
OutlineIntroduction
Information Hiding in HistoryInformation Hiding Today
Kerckhoff’s principleDefinition of steganographic security
The Prisoners ProblemWhy hiding?Ethical Positions
I Normal” Cryptography does not suffice here! (But may helpat some point.)
I have to somehow embed so called stegotext in harmlesscommunication channel, the covertext.
Robert Kunnemann Planning a Jailbreak: Use Steganography
OutlineIntroduction
Information Hiding in HistoryInformation Hiding Today
Kerckhoff’s principleDefinition of steganographic security
The Prisoners ProblemWhy hiding?Ethical Positions
I Normal” Cryptography does not suffice here! (But may helpat some point.)
I have to somehow embed so called stegotext in harmlesscommunication channel, the covertext.
Robert Kunnemann Planning a Jailbreak: Use Steganography
OutlineIntroduction
Information Hiding in HistoryInformation Hiding Today
Kerckhoff’s principleDefinition of steganographic security
The Prisoners ProblemWhy hiding?Ethical Positions
information hiding
steganography, greek for covered writing.
Robert Kunnemann Planning a Jailbreak: Use Steganography
OutlineIntroduction
Information Hiding in HistoryInformation Hiding Today
Kerckhoff’s principleDefinition of steganographic security
The Prisoners ProblemWhy hiding?Ethical Positions
Why hide, not cipher?
Robert Kunnemann Planning a Jailbreak: Use Steganography
OutlineIntroduction
Information Hiding in HistoryInformation Hiding Today
Kerckhoff’s principleDefinition of steganographic security
The Prisoners ProblemWhy hiding?Ethical Positions
Ethics
I in cryptography: good guys want to keep their privacy againstevil eavesdroppers
I in steganography: little more complicated
I contact abuse helplines anonymously, vote in private
I plan crimes, pass secrets
Robert Kunnemann Planning a Jailbreak: Use Steganography
OutlineIntroduction
Information Hiding in HistoryInformation Hiding Today
Kerckhoff’s principleDefinition of steganographic security
The Prisoners ProblemWhy hiding?Ethical Positions
Ethics
I in cryptography: good guys want to keep their privacy againstevil eavesdroppers
I in steganography: little more complicated
I contact abuse helplines anonymously, vote in private
I plan crimes, pass secrets
Robert Kunnemann Planning a Jailbreak: Use Steganography
OutlineIntroduction
Information Hiding in HistoryInformation Hiding Today
Kerckhoff’s principleDefinition of steganographic security
The Prisoners ProblemWhy hiding?Ethical Positions
Ethics
I in cryptography: good guys want to keep their privacy againstevil eavesdroppers
I in steganography: little more complicated
I contact abuse helplines anonymously, vote in private
I plan crimes, pass secrets
Robert Kunnemann Planning a Jailbreak: Use Steganography
OutlineIntroduction
Information Hiding in HistoryInformation Hiding Today
Kerckhoff’s principleDefinition of steganographic security
Historic Stegosystems
I Herodotus (486-425 B.C.) tatooed a shaved slave’s head
I Gaspar Schott(1608-1666): hide messages in music scores
I Johannes Trithemus’ (1462-1516) ””Ave Maria”” code:Replace each letter by a word
Robert Kunnemann Planning a Jailbreak: Use Steganography
OutlineIntroduction
Information Hiding in HistoryInformation Hiding Today
Kerckhoff’s principleDefinition of steganographic security
Historic Stegosystems
I Herodotus (486-425 B.C.) tatooed a shaved slave’s head
I Gaspar Schott(1608-1666): hide messages in music scores
I Johannes Trithemus’ (1462-1516) ””Ave Maria”” code:Replace each letter by a word
Robert Kunnemann Planning a Jailbreak: Use Steganography
OutlineIntroduction
Information Hiding in HistoryInformation Hiding Today
Kerckhoff’s principleDefinition of steganographic security
Historic Stegosystems
I Herodotus (486-425 B.C.) tatooed a shaved slave’s head
I Gaspar Schott(1608-1666): hide messages in music scores
I Johannes Trithemus’ (1462-1516) ””Ave Maria”” code:Replace each letter by a word
Robert Kunnemann Planning a Jailbreak: Use Steganography
OutlineIntroduction
Information Hiding in HistoryInformation Hiding Today
Kerckhoff’s principleDefinition of steganographic security
Historic Stegosystems
The Art in information hiding - The Vexierbild
Figure: Sh: Vexierbild (1530)Robert Kunnemann Planning a Jailbreak: Use Steganography
OutlineIntroduction
Information Hiding in HistoryInformation Hiding Today
Kerckhoff’s principleDefinition of steganographic security
Historic Stegosystems
Figure: unknown artist: Vexierbild from the 19th century
Robert Kunnemann Planning a Jailbreak: Use Steganography
OutlineIntroduction
Information Hiding in HistoryInformation Hiding Today
Kerckhoff’s principleDefinition of steganographic security
TerminologyAttackHiding information in LSBCovert Channels
Terminology
I embedded data: the message you want to send secretly
I this is hidden in cover-text (-image/-audio)
I producing a stego-text (-object)
I stego-key controls hiding process and restricts detection andrecovery
Robert Kunnemann Planning a Jailbreak: Use Steganography
OutlineIntroduction
Information Hiding in HistoryInformation Hiding Today
Kerckhoff’s principleDefinition of steganographic security
TerminologyAttackHiding information in LSBCovert Channels
Terminology
I embedded data: the message you want to send secretly
I this is hidden in cover-text (-image/-audio)
I producing a stego-text (-object)
I stego-key controls hiding process and restricts detection andrecovery
Robert Kunnemann Planning a Jailbreak: Use Steganography
OutlineIntroduction
Information Hiding in HistoryInformation Hiding Today
Kerckhoff’s principleDefinition of steganographic security
TerminologyAttackHiding information in LSBCovert Channels
Terminology
I embedded data: the message you want to send secretly
I this is hidden in cover-text (-image/-audio)
I producing a stego-text (-object)
I stego-key controls hiding process and restricts detection andrecovery
Robert Kunnemann Planning a Jailbreak: Use Steganography
OutlineIntroduction
Information Hiding in HistoryInformation Hiding Today
Kerckhoff’s principleDefinition of steganographic security
TerminologyAttackHiding information in LSBCovert Channels
Terminology
I embedded data: the message you want to send secretly
I this is hidden in cover-text (-image/-audio)
I producing a stego-text (-object)
I stego-key controls hiding process and restricts detection andrecovery
Robert Kunnemann Planning a Jailbreak: Use Steganography
OutlineIntroduction
Information Hiding in HistoryInformation Hiding Today
Kerckhoff’s principleDefinition of steganographic security
TerminologyAttackHiding information in LSBCovert Channels
successful attack := detecting existence of communication
Robert Kunnemann Planning a Jailbreak: Use Steganography
OutlineIntroduction
Information Hiding in HistoryInformation Hiding Today
Kerckhoff’s principleDefinition of steganographic security
TerminologyAttackHiding information in LSBCovert Channels
Least Significant Bit
1 1 10 0 0 0
1232 8 4128 64 16
0
Figure: LSB
Robert Kunnemann Planning a Jailbreak: Use Steganography
OutlineIntroduction
Information Hiding in HistoryInformation Hiding Today
Kerckhoff’s principleDefinition of steganographic security
TerminologyAttackHiding information in LSBCovert Channels
LSB
1 1 10 0 0 0
1232 8 4128 64 16
1
Store information
here
Figure: LSB
Robert Kunnemann Planning a Jailbreak: Use Steganography
OutlineIntroduction
Information Hiding in HistoryInformation Hiding Today
Kerckhoff’s principleDefinition of steganographic security
TerminologyAttackHiding information in LSBCovert Channels
Issues
I BUT: easy to break.
I gets lost/damaged on reencoding
Robert Kunnemann Planning a Jailbreak: Use Steganography
OutlineIntroduction
Information Hiding in HistoryInformation Hiding Today
Kerckhoff’s principleDefinition of steganographic security
TerminologyAttackHiding information in LSBCovert Channels
Covert Channels
Communication paths not designed to transport information
Robert Kunnemann Planning a Jailbreak: Use Steganography
OutlineIntroduction
Information Hiding in HistoryInformation Hiding Today
Kerckhoff’s principleDefinition of steganographic security
TerminologyAttackHiding information in LSBCovert Channels
Examples
I dunno hides information in latencies of the apache webserver
I hide information in video signal for CRTs
Robert Kunnemann Planning a Jailbreak: Use Steganography
OutlineIntroduction
Information Hiding in HistoryInformation Hiding Today
Kerckhoff’s principleDefinition of steganographic security
TerminologyAttackHiding information in LSBCovert Channels
What’s wrong?
we assumed the adversary to be unaware of the method we use tohide the information. . .
Robert Kunnemann Planning a Jailbreak: Use Steganography
OutlineIntroduction
Information Hiding in HistoryInformation Hiding Today
Kerckhoff’s principleDefinition of steganographic security
Kerckhoff’s principleSecurity by Obscurity
Kerckhoff’s principle
I set by Auguste Kerckhoff in 1883
I first principles of cryptographic engineering
Robert Kunnemann Planning a Jailbreak: Use Steganography
OutlineIntroduction
Information Hiding in HistoryInformation Hiding Today
Kerckhoff’s principleDefinition of steganographic security
Kerckhoff’s principleSecurity by Obscurity
Kerckhoff’s principle
I assume the method used to cypher/hide information is knownto the opponent
I security by choice of key
Robert Kunnemann Planning a Jailbreak: Use Steganography
OutlineIntroduction
Information Hiding in HistoryInformation Hiding Today
Kerckhoff’s principleDefinition of steganographic security
Kerckhoff’s principleSecurity by Obscurity
Kerckhoff’s principle
I assume the method used to cypher/hide information is knownto the opponent
I security by choice of key
Robert Kunnemann Planning a Jailbreak: Use Steganography
OutlineIntroduction
Information Hiding in HistoryInformation Hiding Today
Kerckhoff’s principleDefinition of steganographic security
Kerckhoff’s principleSecurity by Obscurity
Security by Obscurity
The assumption, that the enemy will ignore the system you use
Robert Kunnemann Planning a Jailbreak: Use Steganography
OutlineIntroduction
Information Hiding in HistoryInformation Hiding Today
Kerckhoff’s principleDefinition of steganographic security
Kerckhoff’s principleSecurity by Obscurity
Bad idea
I better rely on a key and provable security
I So: we need a definition of security
Robert Kunnemann Planning a Jailbreak: Use Steganography
OutlineIntroduction
Information Hiding in HistoryInformation Hiding Today
Kerckhoff’s principleDefinition of steganographic security
Kerckhoff’s principleSecurity by Obscurity
Bad idea
I better rely on a key and provable security
I So: we need a definition of security
Robert Kunnemann Planning a Jailbreak: Use Steganography
OutlineIntroduction
Information Hiding in HistoryInformation Hiding Today
Kerckhoff’s principleDefinition of steganographic security
public-key stego-systemsSSA-CA
A public-key stego-system
consists of:
I An algorithm SK resulting in a public and a private stegokeyspk, ssk (using some security paramter k)
I An algorithm SE hiding the information in the coverobjectusing spk, it outputs a covertext
I An algorithm SD extracting the embedded data via ssk, or(e.g. if there is no embedded data) an errorsymbol ↓
Robert Kunnemann Planning a Jailbreak: Use Steganography
OutlineIntroduction
Information Hiding in HistoryInformation Hiding Today
Kerckhoff’s principleDefinition of steganographic security
public-key stego-systemsSSA-CA
A public-key stego-system
consists of:
I An algorithm SK resulting in a public and a private stegokeyspk, ssk (using some security paramter k)
I An algorithm SE hiding the information in the coverobjectusing spk, it outputs a covertext
I An algorithm SD extracting the embedded data via ssk, or(e.g. if there is no embedded data) an errorsymbol ↓
Robert Kunnemann Planning a Jailbreak: Use Steganography
OutlineIntroduction
Information Hiding in HistoryInformation Hiding Today
Kerckhoff’s principleDefinition of steganographic security
public-key stego-systemsSSA-CA
A public-key stego-system
consists of:
I An algorithm SK resulting in a public and a private stegokeyspk, ssk (using some security paramter k)
I An algorithm SE hiding the information in the coverobjectusing spk, it outputs a covertext
I An algorithm SD extracting the embedded data via ssk, or(e.g. if there is no embedded data) an errorsymbol ↓
Robert Kunnemann Planning a Jailbreak: Use Steganography
OutlineIntroduction
Information Hiding in HistoryInformation Hiding Today
Kerckhoff’s principleDefinition of steganographic security
public-key stego-systemsSSA-CA
Correctness
for all (spk, ssk) output by SK and all messages it should workoften.That means: (Pr[SD(ssk, SE(spk,m))) 6= m] is neglible in asecurity parameter k
Robert Kunnemann Planning a Jailbreak: Use Steganography
OutlineIntroduction
Information Hiding in HistoryInformation Hiding Today
Kerckhoff’s principleDefinition of steganographic security
public-key stego-systemsSSA-CA
The Game
Security in Cryptography is defined via Games.A challenger with a defined input/output behaviour against anarbitrary adversary.
Robert Kunnemann Planning a Jailbreak: Use Steganography
OutlineIntroduction
Information Hiding in HistoryInformation Hiding Today
Kerckhoff’s principleDefinition of steganographic security
public-key stego-systemsSSA-CA
Security
The system is secure iff the propability to crack it is negligible forall adversaries.
Robert Kunnemann Planning a Jailbreak: Use Steganography
OutlineIntroduction
Information Hiding in HistoryInformation Hiding Today
Kerckhoff’s principleDefinition of steganographic security
public-key stego-systemsSSA-CA
spk
Adv. SA1 SO1
Adv. SA2 SO2
sampling
oracle
for C
bR← {0, 1}
c∗ ← SE(spk, m∗)
or c∗R← C
SS-CCA
Challenger
(c∗, s)
b’
ci
SD(ssk, ci)
ci
SD(ssk, ci)
ssk
(m∗, s)
(ci 6= c∗)
Figure: Schematic Sketch
Robert Kunnemann Planning a Jailbreak: Use Steganography
OutlineIntroduction
Information Hiding in HistoryInformation Hiding Today
Kerckhoff’s principleDefinition of steganographic security
public-key stego-systemsSSA-CA
Steganographic Security against Active Attacks
Pr[SA
SOcca2
2 (spk,m∗, c∗, s) = b;
(spk, ssk)← SK, (m∗, s)← SASO11 , b
R← {0, 1},if b = 0 then c∗ ← SE(spk,m∗)
else c∗R← C
]=
12
+ ε(k)
Robert Kunnemann Planning a Jailbreak: Use Steganography