A “perfectly secure” communication method has been developed that conceals sensitive information inside innocuous data in a way that cannot be detected, University of Oxford researchers have said.
The method can be incorporated into social media and private messaging and could “empower” vulnerable groups, such as dissidents, investigative journalists and humanitarian aid workers, the researchers added.
The algorithm applies to a setting called steganography which is the practice of hiding sensitive information inside innocuous content.
Steganography differs from cryptography because the sensitive information is concealed in such a way that it obscures the fact that something has been hidden. An example could be hiding a Shakespeare poem inside an AI-generated image of a cat.
Despite having been studied for more than 25 years, existing steganography approaches generally have imperfect security, meaning that individuals who use these methods risk being detected. This is because previous steganography algorithms would subtly change the distribution of the innocuous content.
To overcome this, the research team used recent breakthroughs in information theory: specifically, minimum entropy coupling, which allows one to join two distributions of data together such that their mutual information is maximised, but the individual distributions are preserved.
With the new algorithm, there is no statistical difference between the distribution of the innocuous content and the distribution of content that encodes sensitive information, the researchers said.
The algorithm was tested using several types of models that produce auto-generated content and showed up to 40 per cent higher encoding efficiency than previous methods which enables more information to be concealed within a given amount of data.
The researchers intend to release the technology under a free licence to third parties for non-commercial uses, such as for academic and humanitarian purposes.
Dr Christian Schroeder de Witt, co-lead author, said: “Our method can be applied to any software that automatically generates content, for instance probabilistic video filters or meme generators.
“This could be very valuable, for instance, for journalists and aid workers in countries where the act of encryption is illegal. However, users still need to exercise precaution as any encryption technique may be vulnerable to side-channel attacks, such as detecting a steganography app on the user’s phone.”
Co-lead author Samuel Sokota said: “The main contribution of the work is showing a deep connection between a problem called minimum entropy coupling and perfectly secure steganography. By leveraging this connection, we introduce a new family of steganography algorithms that have perfect security guarantees.”
Sign up to the E&T News e-mail to get great stories like this delivered to your inbox every day.
Original Source: https://eandt.theiet.org/content/articles/2023/03/perfectly-secure-digital-messaging-hides-sensitive-data-from-prying-eyes/