Steganography: Speaking with silence
SKYPE, a computer program that allows its users to have telephone-style conversations over the internet, is extremely popular. The service, owned by Microsoft, boasts more than 600m registered users. By one estimate it accounts for more than a third of international phone calls. One reason for its popularity is that, because it avoids ordinary telephone networks, it is cheap. A subsection of its users, though, prefer it for its security—for every conversation is encrypted and therefore, in theory, difficult to eavesdrop upon.
Yet hackers, security researchers and other professional paranoids have often wondered how secure Skype really is. Its users are warned in the program’s terms of service—and its developers have reiterated—that data may be passed to the authorities, where it is “legally required and technically feasible”. And because the program itself is “closed source”, meaning no one outside Skype knows precisely how it works, it is impossible to know what “technically feasible” actually means, or whether the software contains any compromising bugs.
Happily for the paranoid, a trio of researchers reckon they have come up with a way to send secret messages via Skype without tipping off censors or intelligence agencies that something fishy is going on. The three, Wojciech Mazurczyk, Maciej Karas and Krzysztof Szczypiorski, who all work at the Warsaw University of Technology, made use of a technique called steganography, cryptography’s lesser-known, less glamorous cousin. Whereas cryptography relies on the brute force of mathematics to make messages unreadable, steganography relies on stealth and cunning to make them undetectable, by hiding them within other, innocent communications. (A classic example is writing in invisible ink between the lines of an ordinary letter.) That way, potential eavesdroppers are not even aware that a conversation is happening.
The key to the researchers’ method—which they call “SkyDe”, a contraction of “Skype Hide”—lies in how Skype treats silence. In most conversations, only one person talks at a time. Yet rather than simply sending no data during this unilateral silence, Skype carries on transmitting. Although all of Skype’s data are encrypted, the chunks that encode silence are smaller than those which encode speech, which allows them to be detected reliably.
SkyDe works by encrypting the sensitive data (to make them resemble ordinary, encrypted Skype transmissions) and then waiting for a period of silence. When it finds one, it hijacks the silent “packets”, as the individual chunks of data sent across the network are called, and replaces their contents with the hidden message. The receiving end then snags the resulting packets and stitches the message back together.
via The Economist
The Latest Streaming News: Steganography updated minute-by-minute
Bookmark this page and come back often