Public-key steganography

Luis Von Ahn; Nicholas J. Hopper

Public-key steganography

Luis Von Ahn, Nicholas J. Hopper

Computer Science and Engineering

Research output: Contribution to journal › Article › peer-review

76 Scopus citations

Abstract

Informally, a public-key steganography protocol allows two parties, who have never met or exchanged a secret, to send hidden messages over a public channel so that an adversary cannot even detect that these hidden messages are being sent. Unlike previous settings in which provable security has been applied to steganography, public-key steganography is information-theoretically impossible. In this work we introduce computational security conditions for public-key steganography similar to those introduced by Hopper, Langford and von Ahn [7] for the private-key setting. We also give the first protocols for publickey steganography and steganographic key exchange that are provably secure under standard cryptographic assumptions. Additionally, in the random oracle model, we present a protocol that is secure against adversaries that have access to a decoding oracle (a steganographic analogue of Rackoff and Simon's attacker-specific adaptive chosen-ciphertext adversaries from CRYPTO 91 [10]).

Original language	English (US)
Pages (from-to)	323-341
Number of pages	19
Journal	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume	3027
State	Published - Dec 1 2004

OpenUrl availability

Full text

Cite this

@article{02420356fc494eb4a638ba25b520772e,

title = "Public-key steganography",

abstract = "Informally, a public-key steganography protocol allows two parties, who have never met or exchanged a secret, to send hidden messages over a public channel so that an adversary cannot even detect that these hidden messages are being sent. Unlike previous settings in which provable security has been applied to steganography, public-key steganography is information-theoretically impossible. In this work we introduce computational security conditions for public-key steganography similar to those introduced by Hopper, Langford and von Ahn [7] for the private-key setting. We also give the first protocols for publickey steganography and steganographic key exchange that are provably secure under standard cryptographic assumptions. Additionally, in the random oracle model, we present a protocol that is secure against adversaries that have access to a decoding oracle (a steganographic analogue of Rackoff and Simon's attacker-specific adaptive chosen-ciphertext adversaries from CRYPTO 91 [10]).",

author = "{Von Ahn}, Luis and Hopper, {Nicholas J.}",

year = "2004",

month = dec,

day = "1",

language = "English (US)",

volume = "3027",

pages = "323--341",

journal = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

issn = "0302-9743",

publisher = "Springer Verlag",

}

TY - JOUR

T1 - Public-key steganography

AU - Von Ahn, Luis

AU - Hopper, Nicholas J.

PY - 2004/12/1

Y1 - 2004/12/1

N2 - Informally, a public-key steganography protocol allows two parties, who have never met or exchanged a secret, to send hidden messages over a public channel so that an adversary cannot even detect that these hidden messages are being sent. Unlike previous settings in which provable security has been applied to steganography, public-key steganography is information-theoretically impossible. In this work we introduce computational security conditions for public-key steganography similar to those introduced by Hopper, Langford and von Ahn [7] for the private-key setting. We also give the first protocols for publickey steganography and steganographic key exchange that are provably secure under standard cryptographic assumptions. Additionally, in the random oracle model, we present a protocol that is secure against adversaries that have access to a decoding oracle (a steganographic analogue of Rackoff and Simon's attacker-specific adaptive chosen-ciphertext adversaries from CRYPTO 91 [10]).

AB - Informally, a public-key steganography protocol allows two parties, who have never met or exchanged a secret, to send hidden messages over a public channel so that an adversary cannot even detect that these hidden messages are being sent. Unlike previous settings in which provable security has been applied to steganography, public-key steganography is information-theoretically impossible. In this work we introduce computational security conditions for public-key steganography similar to those introduced by Hopper, Langford and von Ahn [7] for the private-key setting. We also give the first protocols for publickey steganography and steganographic key exchange that are provably secure under standard cryptographic assumptions. Additionally, in the random oracle model, we present a protocol that is secure against adversaries that have access to a decoding oracle (a steganographic analogue of Rackoff and Simon's attacker-specific adaptive chosen-ciphertext adversaries from CRYPTO 91 [10]).

UR - http://www.scopus.com/inward/record.url?scp=33750401431&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=33750401431&partnerID=8YFLogxK

M3 - Article

AN - SCOPUS:33750401431

SN - 0302-9743

VL - 3027

SP - 323

EP - 341

JO - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

JF - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

ER -

Public-key steganography

Abstract

OpenUrl availability

Other files and links

Fingerprint

Cite this