Stealth and Steganography

MacPGP2.6.3 has a new feature: stealth. If you choose "Stealthify" in the File menu, and then choose a previously encrypted PGP file, all PGP related headers and identifiers will be stripped off. The resulting file cannot be distinguished, even by sophisticated analysis, from random garbage. The data in this file can then be merged into a graphics or audio file completely hiding the existence of this encrypted data.

The above graphic "A View of Mars from Phobos" looks entirely innocent. However it is hiding a PGP encrypted message. To extract this message proceed as follows:

  1. Download this graphic and save it as a "gif" file, say "mars.gif".
  2. Use the program Graphic Converter to convert "mars.gif" file into a "pict" file, "mars.pict"
  3. Run the Stego program to "unsteg" the pict file obtaining "mars.pict.out".
  4. Copy this PGP secret key: Demonstration Key (384) to the Clipboard and run MacPGP (Open/Decrypt) on it. You will be asked if you want to add it to your secret keyring - say yes. This secret key has no password protecting it, so whenever you are asked for the passphrase just hit the OK button.
  5. Now choose "Destealthify" from the File menu and then choose "mars.pict.out". In the following dialog choose "Convert to public key message encrypted to:" and then choose "Demonstration Key (384)". MacPGP will now decrypt the file and verify the signature.

You might also try this procedure on the background image for the MacPGP 2.6.3 Home Page.

Links to Related Sites

Steganography Info and Archive
The most comprehensive site on the worldwide web for steganography related resources.
Romana Machado's Stego Page
Check here for updates to the Stego program referred to above. Romana is now working on a platform independent Java version of Stego which will process GIFs directly.
Adam Back's PGP Stealth Page
This page contains documentation and source code for Stealth v. 2, which you may use to build compatible Stealth programs for other platforms. (Adam's web site also contains the famous RSA in 3 lines of Perl, an amusing demonstration of the futility of export restrictions of cryptographic software.)

WebTechs Mozilla Checked!