In this podcast we discuss the emerging threat of steganography in voice over IP.

This is really interesting - is it something that is already happening?

Currently, this seems to be confined to research labs. The primary reference for this podcast is an IEEE Spectrum article by three professors - Józef Lubacz, Wojciech Mazurczyk & Krzysztof Szczypiorsk - at Warsaw University of Technology. This is part of their ongoing research, as part of the Network Security Group, to identify emerging threats and develop countermeasures. Before we delve into this new topic, lets provide the audience with a little background. First what is steganography - sounds like a dinosaur? Yeah - the Stegosaurus. I'm not sure how or if the two are related; we'll leave that one for the Paleontologists in the audience.  Steganography is something that has been around a long time - some say as far back as 440 BC. While encryption takes our message and scrambles it, so that an unintended recipient cannot read it, steganography attempts to hide or obscure that a message even exists. The researchers refer to steganography as "meta-encryption." Another useful analogy they use is to refer to the secret message and the carrier within which it is hidden. Can you give us some examples? If we start in ancient times, we can point to examples of shaving a messengers head, tattooing a message on their head, letting the hair grow back and sending them off. Other examples include using invisible ink or even writing on boiled eggs with an ink that penetrates the shell and can be read by peeling the egg. Simon Singh's "The Code Book" is a great read that details the history of encrypting and obscuring information.  What about some more modern examples? When we refer to modern steganography we are usually referring to digital steganography. Digital steganography takes advantage of digital data by (for example) hiding a message within  images, audio, or video files. In this case the image, audio or video file is the carrier. The larger the file (image, audio or video) the larger message it can carry. The researchers contend that a single 6-minute mp3 audio file, say roughly 30 megabytes in size, could be used to conceal every play written by Shakespeare. 

 

So how does this work? Say you and I wanted to communicate using steganography. We would each download one of the hundreds of freely available stego apps. You would take a fairly innocuous image file, use the software to embed a message into that file, and send me the altered file. To anyone else, this would just look like a photo you're sharing with a friend, but because I know there's a hidden message, I open with the same stego app and read the hidden message. You could also add a password to further protect the message. So how do we stop this? This is a specialized field called "steganalysis." The simplest way to detect a hidden message is to compare the carrier file - our innocuous image - to the original. A file that is larger than the original is a red flag. This of course presupposes that you have access to the original file. In most cases, this will not be the case, so instead, we look for anomalies. Is the audio file significantly larger than a 3-minute audio file should be? We can also use spectrum analysis or look for inconsistencies in the way the data has been compressed.  How would spectrum analysis help? Some steganography techniques try to take our digital data and modify the least-siginificant bit. In our digital data the LSB often just shows up as noise and doesn't effect the image, audio, or video quality. A spectrum analyzer would help us to compare the "noise" in an unaltered sample and to try and identify anomalies.

 

Wow - that's scary stuff. What about Voice over IP[is this part OK]?

Voice over IP or ("voype") is