Entries Tagged "steganography"

Page 3 of 5

Disguising Tor Traffic as Skype Video Calls

One of the problems with Tor traffic is that it can de detected and blocked. Here’s SkypeMorph, a clever system that disguises Tor traffic as Skype video traffic.

To prevent the Tor traffic from being recognized by anyone analyzing the network flow, SkypeMorph uses what’s known as traffic shaping to convert Tor packets into User Datagram Protocol packets, as used by Skype. The traffic shaping also mimics the sizes and timings of packets produced by normal Skype video conversations. As a result, outsiders observing the traffic between the end user and the bridge see data that looks identical to a Skype video conversation.

The SkypeMorph developers chose Skype because the software is widely used throughout the world, making it hard for governments to block it without arousing widespread criticism. The developers picked the VoIP client’s video functions because its flow of packets more closely resembles Tor traffic. Voice communications, by contrast, show long pauses in transmissions, as one party speaks and the other listens.

Posted on April 13, 2012 at 7:08 AMView Comments

Secret Codes in Bacteria


Researchers have invented a new form of secret messaging using bacteria that make glowing proteins only under certain conditions. In addition to being useful to spies, the new technique could also allow companies to encode secret identifiers into crops, seeds, or other living commodities.


The new scheme replaces the fuse with seven colonies of Escherichia coli bacteria, each given a gene for a different fluorescent protein. When, and only when, these genes are turned on do the bacteria make these proteins and light up. The colors, including yellow, green, and red, vary based on which gene is expressed. All are clearly visibly different to the naked eye. With their colorful bacterial colonies in hand, the researchers then created a code using pairs of different colored bacteria. Having seven colors gave them 49 combinations, which they used to encode the 26 different letters and 23 alphanumeric symbols such as “@” and “$.” They wrote a message by simply blotting pairs of colored bacteria in rows. To “print” the message, the researchers transferred the bacteria onto a plate containing agar, a bacterial growth medium, into which they pressed a sheet of nitrocellulose “paper” that immobilizes the bacteria.

At this point, the bacteria on the nitrocellulose paper remain invisible. But the message receiver can turn on the key genes and make the colors light up by pressing the nitrocellulose paper into an agar plate containing a chemical trigger that activates expression of the fluorescent proteins. (The proteins chosen to light up are ones the bacteria don’t normally use, so unless the researchers activate them, they stay quiescent.) As long as the receiver knows which colors correspond to which characters, the message is revealed. But Walt and his colleagues added one more safeguard as well. Into some bacteria they inserted genes for resistance to particular antibiotics; the idea is that only the antibiotic-resistant bacteria are carrying the real message. If the message fell into the wrong hands, the receiver would see a mix of colors once the genes were activated and be unable to read it. But if the decoder added the right antibiotic, nonresistant bacteria and their colors die away, and the message becomes clear. The first example, reported in today’s issue of the Proceedings of the National Academy of Sciences reads “this is a bioencoded message from the walt lab @ tufts university 2010.”

Posted on October 27, 2011 at 12:01 PMView Comments

Telex Anti-Censorship System

This is really clever:

Many anticensorship systems work by making an encrypted connection (called a “tunnel”) from the user’s computer to a trusted proxy server located outside the censor’s network. This server relays requests to censored websites and returns the responses to the user over the encrypted tunnel. This approach leads to a cat-and-mouse game, where the censor attempts to discover and block the proxy servers. Users need to learn the address and login information for a proxy server somehow, and it’s very difficult to broadcast this information to a large number of users without the censor also learning it.

Telex turns this approach on its head to create what is essentially a proxy server without an IP address. In fact, users don’t need to know any secrets to connect. The user installs a Telex client app (perhaps by downloading it from an intermittently available website or by making a copy from a friend). When the user wants to visit a blacklisted site, the client establishes an encrypted HTTPS connection to a non-blacklisted web server outside the censor’s network, which could be a normal site that the user regularly visits. Since the connection looks normal, the censor allows it, but this connection is only a decoy.

The client secretly marks the connection as a Telex request by inserting a cryptographic tag into the headers. We construct this tag using a mechanism called public-key steganography. This means anyone can tag a connection using only publicly available information, but only the Telex service (using a private key) can recognize that a connection has been tagged.

As the connection travels over the Internet en route to the non-blacklisted site, it passes through routers at various ISPs in the core of the network. We envision that some of these ISPs would deploy equipment we call Telex stations. These devices hold a private key that lets them recognize tagged connections from Telex clients and decrypt these HTTPS connections. The stations then divert the connections to anti­censorship services, such as proxy servers or Tor entry points, which clients can use to access blocked sites. This creates an encrypted tunnel between the Telex user and Telex station at the ISP, redirecting connections to any site on the Internet.

EDITED TO ADD (8/1): Another article.

EDITED TO ADD (8/13): Another article.

Posted on July 19, 2011 at 9:59 AMView Comments

Hard-Drive Steganography through Fragmentation


Khan and his colleagues have written software that ensures clusters of a file, rather than being positioned at the whim of the disc drive controller chip, as is usually the case, are positioned according to a code. All the person at the other end needs to know is which file’s cluster positions have been encoded.

The code depends on whether sequential clusters in a file are situated adjacent to each other on the hard disc or not. If they are adjacent, this corresponds to a binary 1 in the secret message.


Posted on April 25, 2011 at 5:24 AMView Comments


A group of students at the Chinese University in Hong Kong have figured out how to store data in bacteria. The article talks about how secure it is, and the students even coined the term “bioencryption,” but I don’t see any encryption. It’s just storage.

Another article:

They have also developed a three-tier security fence to encode the data, which may come as welcome news to U.S. diplomats, who have seen their thoughts splashed over the Internet thanks to WikiLeaks.

“Bacteria can’t be hacked,” points out Allen Yu, another student instructor.

“All kinds of computers are vulnerable to electrical failures or data theft. But bacteria are immune from cyber attacks. You can safeguard the information.”

The team have even coined a word for this field — biocryptography — and the encoding mechanism contains built-in checks to ensure that mutations in some bacterial cells do not corrupt the data as a whole.

Why can’t bacteria be hacked? If the storage system is attached to a network, it’s just as vulnerable as anything else attached to a network. And if it’s disconnected from any network, then it’s just as secure as anything else disconnected from a network. The problem the U.S. diplomats had was authorized access to the WikiLeaks cables by someone who decided to leak them. No cryptography helps against that.

There is cryptography in the project:

In addition we have created an encryption module with the R64 Shufflon-Specific Recombinase to further secure the information.

If the group is smart, this will be some conventional cryptography algorithm used to encrypt the data before it is stored on the bacteria.

In any case, this is fascinating and interesting work. I just don’t see any new form of encryption, or anything inherently unhackable.

Posted on January 25, 2011 at 1:40 PMView Comments

Friday Squid Blogging: Steganography in the Longfin Inshore Squid


While the notion that a few animals produce polarization signals and use them in communication is not new, Mäthger and Hanlon’s findings present the first anatomical evidence for a “hidden communication channel” that can remain masked by typical camouflage patterns. Their results suggest that it might be possible for squid to send concealed polarized signals to one another while staying camouflaged to fish or mammalian predators, most of which do not have polarization vision.

Mäthger notes that these messages could contain information regarding the whereabouts of other squid, for example. “Whether signals could also contain information regarding the presence of predators (i.e., a warning signal) is speculation, but it may be possible,” she adds.

Posted on October 22, 2010 at 4:31 PMView Comments

Social Steganography

From danah boyd:

Carmen is engaging in social steganography. She’s hiding information in plain sight, creating a message that can be read in one way by those who aren’t in the know and read differently by those who are. She’s communicating to different audiences simultaneously, relying on specific cultural awareness to provide the right interpretive lens. While she’s focused primarily on separating her mother from her friends, her message is also meaningless to broader audiences who have no idea that she had just broken up with her boyfriend.

Posted on August 25, 2010 at 6:20 AMView Comments

Sidebar photo of Bruce Schneier by Joe MacInnis.