[ISN] Fake web traffic can hide secret chat

From: InfoSec News <alerts_at_private>
Date: Thu, 28 May 2009 00:13:49 -0500 (CDT)
http://www.newscientist.com/article/mg20227096.200-fake-web-traffic-can-hide-secret-chat.html

By Paul Marks
New Scientist
26 May 2009

THE internet's underlying technology can be harnessed to let people 
exchange secret messages, perhaps allowing free speech an outlet in 
oppressive regimes.

So says a team of steganographers at the Institute of Telecommunications 
in Warsaw, Poland. Steganography is the art of hiding a message in an 
openly available medium. For example, you can subtly change the pixels 
in an image in a way that is undetectable to the eye but carries meaning 
to anyone who knows the pre-arranged coding scheme.

Wojciech Mazurczyk, along with Krzysztof Szczypiorski and Milosz 
Smolarczyk, have already worked out how to sneak messages into internet 
phone calls, and now the Warsaw team have turned their attention to the 
internet's transmission control protocol (TCP).

Web, file transfer, email and peer-to-peer networks all use TCP, which 
ensures that data packets are received securely by making the sender 
wait until the receiver returns a "got it" message. If no such 
acknowledgement arrives (on average 1 in 1000 packets gets lost or 
corrupted), the sender's computer sends the packet again. This scheme is 
known as TCP's retransmission mechanism - and it can be bent to the 
steganographer's whim, says Mazurczyk.

Their system, dubbed retransmission steganography (RSTEG), relies on 
sender and receiver using software that deliberately asks for 
retransmission even when email data packets are received successfully. 
"The receiver intentionally signals that a loss has occurred. The sender 
then retransmits the packet but with some secret data inserted in it," 
he says in a preliminary research paper (www.arxiv.org/abs/0905.0363). 
So the message is hidden among the teeming network traffic.

[...]


_____________________________________________
Visit the InfoSec News security bookstore!
http://www.shopinfosecnews.org 
Received on Wed May 27 2009 - 22:13:49 PDT

This archive was generated by hypermail 2.2.0 : Wed May 27 2009 - 22:26:45 PDT