[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[infowar.de] Steganografie in Indien

To: "Infowar.de" <infowar - de -! - infopeace - de>
Subject: [infowar.de] Steganografie in Indien
From: Ralf Bendrath <bendrath -! - zedat - fu-berlin - de>
Date: Sun, 12 Aug 2001 14:43:12 +0200
Organization: http://www.fogis.de
Sender: bendrath -! - zedat - fu-berlin - de
Infowar.de, http://userpage.fu-berlin.de/~bendrath/liste.html
-------------------------------------------------------------
Fazit des Textes: 

"India's security agencies should utilise the latest steganographic 
technologies for their internal communications, in contrast to the 
insecure channels they use at present. They should also develop the
futuristic science of detecting these hidden messages and decrypting
them (...)"

Der Autor betreibt übrigens eine geschlossene Liste zum Thema
C4I/Infowar und Südostasien, http://groups.yahoo.com/group/c4i.

Grüße, RB


Hindustan Times, Friday, 10 August 2001, Edit page

Crack the code 
Ravi Visvesvaraya Prasad

http://www.hindustantimes.com/nonfram/100801/platefrm.asp

THE LASHKAR-e-Tayyeba militants responsible for the Red Fort attack 
were running a cybercafe and using electronic mail to receive 
instructions from abroad. 

When the Delhi Police seized their computers and hundreds of 
encrypted e-mail messages, they found a vast amount of pornographic 
films and photographs on the hard disks. Thinking that the militants 
had amassed their pornographic collection for personal enjoyment, the 
police turned it over to the maalkhana as case property. 

A few weeks later, a police officer in Delhi read in the USA Today 
about the testimony furnished by George Tenet, Director, CIA, to the 
US Congress. Tenet said that Islamic extremists were hiding their 
messages within pornographic and sports images and movies, as well as 
in music files, and were utilising heavily-visited electronic chat 
rooms and bulletin boards as "drop sites". 

The intended recipient would download the file and decrypt the hidden 
message. To all others who would download that file, it would seem to 
be an innocuous image. Tenet was alarmed that the extremists had 
successfully evaded the SIGINT (signals intelligence) and COMINT 
(communications intelligence) interception operations of America's 
National Security Agency. 

Hence, it occurred to this alert policeman in Delhi that the 
pornography seized from the militants could contain hidden 
instructions. 

These developments have drawn attention to the recondite field of 
steganography, the science of concealing encrypted messages within 
innocuous cover messages, pictures or music in such a manner that an 
interceptor or other recipients of the cover file would not even 
suspect that hidden within it was an encrypted message. 

In the simpler field of cryptography, an interceptor would be able to 
discern that the encrypted message existed, and his challenge would 
be merely to crack the code and decrypt the secret message; even this 
simple task would take the best security agencies several weeks to 
perform. The US Air Force Research Laboratory has forecast the future 
information warfare technologies and the counter measures to fight 
it. Steganography topped the list. 

While the fundamentals of steganography were enunciated by Johannes 
Trithemius of Frankfurt, it is in the last 18 months that 
technological advances have taken place, mainly at German, Austrian, 
Swiss, Italian and Finnish universities, Cambridge University in the 
UK, and Carnegie Mellon and George Mason Universities in the US. 
Security agencies have been rendered impotent by the inexpensive 
steganographic software packages which conceal information in digital 
audio, video and image files. 

The first organisations to recognise the utility of steganographic 
algorithms developed in European universities were Pakistani hacker 
groups, the Palestinian cells of Hamas and Hizbollah, Osama bin 
Laden's Al Qaida, and the LTTE. Al Qaida heeded bin Laden's directive 
that mastering advanced technologies was integral to jehad. It was 
the first to practise the research results of Professors Ross 
Anderson and Fabien Petitcolas of Cambridge University, and conceal 
its messages in dense packet internet traffic, and large bandwidth 
uncompressed audio, video and image files. 

These would be located at heavily visited pornographic sites, music 
download sites, chat rooms and bulletin boards. Al Qaida began to use 
these as message "drop sites" for their agents. A security analyst 
detected steganographic activity even on heavy-traffic commercial 
portals such as Amazon and eBay, who were not even aware that their 
websites were being used for such purposes. 

A security analyst recounted the case of a suspected Islamic 
militant. The FBI in the US, which had placed him under surveillance 
using its packet-sniffing tool Carnivore, was intrigued that while he 
kept e-mailing photographs of his family to e-mail addresses that 
appeared to be those of relatives, he never received any replies. He 
was found to be sending instructions to his agents using DEMCOM's 
Steganos, which was undetectable by FBI's Carnivore. 

Packages that combine technical excellence with human psychological 
factors to avoid suspicion are Texto, developed in Finnish 
universities, which converts messages into blank verse poetry, and 
Spam Mimic, developed by Peter Wayner, which encodes messages into 
what looks like a junk e-mail. 

While round one has gone to the terrorists, Indian security agencies 
can fight back. Compressed video, music and image files have 
predictable patterns that would be disrupted when a message is 
inserted. It is possible to develop a stegoscanner program, akin to a 
virus scanner, to examine hard drives and identify the electronic 
fingerprints and signatures left behind by steganographic 
applications. 

A US steganography expert has formulated a roadmap for future 
efforts: First, derive the signatures/indicators associated with each 
steganographic package and write a scanner. The harder part is 
picking up the dead drops. This would require thousands of police 
officers to continuously monitor the websites, bulletin boards and 
chat rooms. The next stage is difficult. Once all possible nodes are 
identified, one should write a Trojan horse that would sit in the 
machines and scan all activity. 

India's security agencies should utilise the latest steganographic 
technologies for their internal communications, in contrast to the 
insecure channels they use at present. They should also develop the 
futuristic science of detecting these hidden messages and decrypting 
them, in order to trace sensitive information being leaked out under 
innocuous guises. For these, they should work together with the IITs, 
just as the Center for Secure Information Systems in the US is a 
joint venture between the National Security Agency and the George 
Mason University. The Pentagon and CIA are funding steganalysis 
research at the Carnegie Mellon. 

If Osama bin Laden and the LTTE can put into practice the latest 
technological breakthroughs from European universities, there is no 
reason why India should not use its academia and industry. The 
intelligence agencies should, for instance, examine the hard drives 
of those Sudanese associates of bin Laden whom they caught some time 
back.


---------------------------------------------------------------
Liste verlassen: 
Mail an infowar -
 de-request -!
- infopeace -
 de mit "unsubscribe" im Text.
Prev by Date: [infowar.de] IT-Sicherheitstag in Darmstadt, 16.10.2001
Next by Date: [infowar.de] Computer Security Conference, Washington, 29.-30.10.
Previous by thread: [infowar.de] IT-Sicherheitstag in Darmstadt, 16.10.2001
Next by thread: [infowar.de] Computer Security Conference, Washington, 29.-30.10.
Index(es):
- Date
- Thread