[guardian-dev] Pixelknot: a new app

Nathan of Guardian nathan at guardianproject.info
Sun Feb 24 14:14:04 EST 2013

On 02/23/2013 07:30 AM, Jacob Appelbaum wrote:
> Could you explain the stego design? Is it just F5? If so...
> http://cs.marlboro.edu/term/spring06/programming_workshop/students/dgg/work/week_six.attachments/breaking_f5.pdf

I don't want to let this linger to long, but I do hope that Harlo will
jump into the thread, as she led the implementation. I will address what
I can.

We are aware of the paper you linked to, but felt that within the threat
model we are hoping to address, it seemed that going with F5 still made
a lot of sense. I think we will have a more detailed writeup soon, but
in short, it is a bit different than the warden/prisoner model Rachel
discusses. We feel a primary model for sharing these stegagram's will be
via bluetooth and NFC image beaming, and not as images posted on the
broader, open web.

We also have added an additional layer of encryption[0] in the concealed
data itself, which is currently symmetric/shared-secret but will soon
also support GnuPG (once we have finished our Android impl). The user is
prompted to "set a password" for their hidden message.

In this way, even if the stegagram is detected and the concealed data
extracted, the contents of the message will not be able to be recovered,
nor will it be possible to tamper with, so long as the shared secret or
eventually the private keys, are not compromised.

> Also, perhaps it might be a good time to mention Rachel Greenstadt's thesis: 
>    http://web.mit.edu/~greenie/Public/thesis.pdf

Thanks for the reminder about this! Re-reading it, I wonder how this can
be applied to a mobile web environment. Just considering the diversity
of images needed, and constrained bandwidth, etc, it might be tricky.
However, I also think there are perhaps some unique features of mobile
(bundling of content into apps, or Android "Gallery" syncing), that
could lend themselves to this approach. We will think on this some more.

Thanks for the quick feedback!


[0] Current Aes impl:

More information about the Guardian-dev mailing list