Join 3,524 readers in helping fund MetaFilter (Hide)

January 16, 2014 2:25 PM   Subscribe

DissidentX is a new steganography tool by Bram Cohen of BitTorrent fame designed to “vastly simplify the implementation of new steganographic techniques, and allow a universal decoder and encoding of multiple messages to different keys in the same file.” In particular, DissidentX allows encoding multiple plain texts into the same cover text with different keys, so called deniable encryption.
posted by jeffburdges (9 comments total) 28 users marked this as a favorite

There are Linux file systems like Rubberhose and StegFS that offer deniable encryption too, but afaik they're no longer actively maintained. EncFS's --anykey option does not provide deniable encryption.
posted by jeffburdges at 2:28 PM on January 16

The thing that's always bothered me about deniable encryption is how self-defeating it seems. Wouldn't just knowing that it's possible for cipher text to be decrypted into multiple plain texts be incentive enough to hold someone until they produced the "real" key?
posted by RonButNotStupid at 2:49 PM on January 16

It would if the attacker knows that some specific plaintext is being hidden. It can end a fishing expedition, though.
posted by mr_roboto at 2:52 PM on January 16

Yes, if you hide only one boring layer and one interesting layer, then perhaps they'd convince the judge a second layer must exist. If however you've hidden several layers, including an actual crime like ordering drugs online, then they might stop searching, especially after finding evidence they cannot use, like say due to a partial immunity deal over that layer or whatever.

Now DissidentX is extremely useful with only one layer by virtue of "vastly simplify the implementation of new steganographic techniques". Also Bram Cohen's open invitation with the term "reference implementation" suggests it might become the 'only game in town' for many applications, which Bram Cohen managed before with BitTorrent remember. I therefore doubt judges could reasonably infer that two layers exist merely due to DissidentX being used.

Related : Syed Hussain given extra-jail time after he failed to reveal the password for a USB stick that GCHQ was unable to crack (the U.K.'s key disclosure laws let them compel self-incrimination)
posted by jeffburdges at 3:09 PM on January 16 [2 favorites]

It took me embarrassingly long to find the technical overview, so I thought I'd link it here for others.
posted by caaaaaam at 6:03 PM on January 16 [2 favorites]

From the Forbes site: "with the help of a group of researchers at Stanford"

Given all that we know about NSA infiltration of fuckall, and I'm not trying to be completely paranoid, and I certainly don't think Bram himself is suspect, how can we guarantee that the researchers aren't in some way compromised? I mean - we do have open source, thank gawd... But that hasn't seem to stopped other things from being compromised (it makes it harder, certainly)... I hope people who are good with Crypto are looking extra hard at this, we need to make sure crypto going forward is not compromised... *sigh*
posted by symbioid at 7:21 PM on January 16

Ain't so easy to corrupt group, or especially public, discussions, symbioid, which includes working conversations, or especially published results. Ain't so easy to get every group member onboard either.

Are they able sneak subtle backdoors into the code? Yes, but doing so risks exposure. And even if they do so, they create a high value backdoors that they cannot use often. Appelbaum mentioned that the NSA restricts what exploits they deploy against highly skilled adversaries.

Imagine if a target finds convincing evidence the software has backdoors : Said target gets new legal defenses. Developers find & fix the backdoor. And they identify the NSA stooge who added it, ruining his reputation and sullying the NSA's recruitment effort. etc.

As an unclassified example, Cobham only sells their Orion Guardian ST820 GPS tracker device to law enforcement, and they're quite expensive anyway. Ideally, the CA student who found one should've immediately handed it over to Noisebridge or similar, so they could document it, publish the frequencies it uses, publish the firmware, etc.

posted by jeffburdges at 8:01 PM on January 16 [1 favorite]

I never understood why Syed Hussain didn't put a hidden volume on the flash drive. Or even a hidden volume in the blank space of a hidden volume. Have some bad, but not-too-terrible stuff on a flash drive and password it and make a huge display about not wanting to reveal it, and then maybe do so after a lot of drama has occurred. All of the really sensitive stuff could've been kept on the hidden volume - see this TrueCrypt explanation. If no one knows it's there, and if they look and there's nothing there, then they'd believe that there's nothing else on the drive. Unless I've missed something and there's some way to tell.

“Right now, most steganography techniques are detectable,” says Cohen.

Does any one know of a site that would break down the different techniques and their failings? There's nothing in the article about what techniques are detectable and how they are, so why would this be different just because he says it is? I'd like to know why it's better.
posted by Zack_Replica at 10:50 AM on January 17

Honeywords : Making Password-Cracking Detectable
Honeywords Password Security Strategy
“Honey Encryption” bamboozles attackers with fake secrets
posted by jeffburdges at 1:36 AM on January 31

« Older Pulp Fiction Guess Who? (via Boing Boing)...  |  Russell Johnson, beloved of ma... Newer »

This thread has been archived and is closed to new comments