[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #8096 [Stegotorus]: Security factor for steg modules



#8096: Security factor for steg modules
-----------------------------+------------------
     Reporter:  vmon         |      Owner:  zwol
         Type:  enhancement  |     Status:  new
     Priority:  normal       |  Milestone:
    Component:  Stegotorus   |    Version:
   Resolution:               |   Keywords:  steg
Actual Points:               |  Parent ID:
       Points:               |
-----------------------------+------------------

Comment (by vmon):

 Now Stegotorus takes --minimum-noise-to-signal in command line, and by
 pass this number to steg. Currently, both implemented payload servers
 (ApachePayloadServer and TracePayloadServer) respect this value and don't
 use a cover whose size isn't minimum-noise-to-signal times its capacity,
 to be used as a cover. For example c.f. trace_payload_server.cc:372
           if (pl.typePayloadCap[contentType][current] <= cap ||
 pl.payload_hdrs[pl.typePayload[contentType][current]].length/(double)cap <
 noise2signal)
             continue;

 However, it means that file specific steg sub-modules such as (JPEG,
 JavaScript) only uses the begining of the cover and leave the remainder of
 the buffer intact. to get a better statistical indistinguishibility, it is
 desirable for the steg submodule to see if the cover has more capacity
 than the data to be embeded and if so, it distribute the data uniformly
 among the changable bytes (for example keying a pseudorandom function to
 determine the offset of the bytes being used in embedding in contrast to
 those which stays in tact (due to over capacity).

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/8096#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs