By Paul Marks
26 May 2009
THE internet's underlying technology can be harnessed to let people
exchange secret messages, perhaps allowing free speech an outlet in
So says a team of steganographers at the Institute of Telecommunications
in Warsaw, Poland. Steganography is the art of hiding a message in an
openly available medium. For example, you can subtly change the pixels
in an image in a way that is undetectable to the eye but carries meaning
to anyone who knows the pre-arranged coding scheme.
Wojciech Mazurczyk, along with Krzysztof Szczypiorski and Milosz
Smolarczyk, have already worked out how to sneak messages into internet
phone calls, and now the Warsaw team have turned their attention to the
internet's transmission control protocol (TCP).
Web, file transfer, email and peer-to-peer networks all use TCP, which
ensures that data packets are received securely by making the sender
wait until the receiver returns a "got it" message. If no such
acknowledgement arrives (on average 1 in 1000 packets gets lost or
corrupted), the sender's computer sends the packet again. This scheme is
known as TCP's retransmission mechanism - and it can be bent to the
steganographer's whim, says Mazurczyk.
Their system, dubbed retransmission steganography (RSTEG), relies on
sender and receiver using software that deliberately asks for
retransmission even when email data packets are received successfully.
"The receiver intentionally signals that a loss has occurred. The sender
then retransmits the packet but with some secret data inserted in it,"
he says in a preliminary research paper (www.arxiv.org/abs/0905.0363).
So the message is hidden among the teeming network traffic.
Visit the InfoSec News security bookstore!