Upper and Lower Bounds on Black-Box Steganography

  • Nenad Dedić
  • Gene Itkis
  • Leonid Reyzin
  • Scott Russell
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3378)


We study the limitations of steganography when the sender is not using any properties of the underlying channel beyond its entropy and the ability to sample from it. On the negative side, we show that the number of samples the sender must obtain from the channel is exponential in the rate of the stegosystem. On the positive side, we present the first secret-key stegosystem that essentially matches this lower bound regardless of the entropy of the underlying channel. Furthermore, for high-entropy channels, we present the first secret-key stegosystem that matches this lower bound statelessly (i.e., without requiring synchronized state between sender and receiver).


Shared State Pseudorandom Function Description Size Passive Adversary History Length 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. [BC04]
    Backes, M., Cachin, C.: Public-key steganography with active attacks. Technical Report 2003/231, Cryptology e-print archive (2004),
  2. [Blo70]
    Bloom, B.: Space/time tradeoffs in hash coding with allowable errors. Communications of the ACM 13(7), 422–426 (1970)zbMATHCrossRefGoogle Scholar
  3. [BM02]
    Broder, A., Mitzenmacher, M.: Network applications of bloom filters: A survey. In: Proceedings of the Fortieth Annual Allerton Conference on Communication, Control and Computing (2002)Google Scholar
  4. [Cac98]
    Cachin, C.: An information-theoretic model for steganography. In: Aucsmith, D. (ed.) IH 1998. LNCS, vol. 1525, pp. 306–316. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  5. [DIRR04]
    Dedić, N., Itkis, G., Reyzin, L., Russell, S.: Upper and lower bounds on black-box steganography. Technical Report 2004/246, Cryptology e-print archive (2004),
  6. [GGM86]
    Goldreich, O., Goldwasser, S., Micali, S.: How to construct random functions. Journal of the ACM 33(4), 792–807 (1986)CrossRefMathSciNetGoogle Scholar
  7. [GGN03]
    Goldreich, O., Goldwasser, S., Nussboim, A.: On the implementation of huge random objects. In: 44th Annual Symposium on Foundations of Computer Science, Cambridge, Massachusetts, October 2003, pp. 68–79 (2003)Google Scholar
  8. [HILL99]
    Håstad, J., Impagliazzo, R., Levin, L.A., Luby, M.: Construction of pseudorandom generator from any one-way function. SIAM Journal on Computing 28(4), 1364–1396 (1999)zbMATHCrossRefMathSciNetGoogle Scholar
  9. [HLvA02]
    Hopper, N., Langford, J., von Ahn, L.: Provably secure steganography. Technical Report 2002/137, Cryptology e-print archive (2002), (Preliminary version in Crypto 2002)
  10. [Hoe63]
    Hoeffding, W.: Probability inequalities for sums of bounded random variables. Journal of the American Statistical Association 58(301), 13–30 (1963)zbMATHCrossRefMathSciNetGoogle Scholar
  11. [Hop04]
    Hopper, N.J.: Toward a Theory of Steganography. PhD thesis, Carnegie Mellon University, Pittsburgh, PA, USA (July 2004), Available as Technical Report CMU-CS-04-157Google Scholar
  12. [KMR02]
    Kissner, L., Malkin, T., Reingold, O.: Private communication to Hopper, N., Langford, J., von Ahn, L. (2002)Google Scholar
  13. [Le03]
    Van Le., T.: Efficient provably secure public key steganography. Technical Report 2003/156, Cryptology e-print archive (2003),
  14. [LK03]
    Van Le, T., Kurosawa, K.: Efficient public key steganography secure against adaptively chosen stegotext attacks. Technical Report 2003/244, Cryptology e-print archive (2003),
  15. [McE02]
    McEliece, R.J.: The Theory of Information and Coding, 2nd edn. Cambridge University Press, Cambridge (2002)zbMATHCrossRefGoogle Scholar
  16. [Rey04]
    Reyzin, L.: A Note On the Statistical Difference of Small Direct Products. Technical Report BUCS-TR-2004-032, CS Department, Boston University, September 21 (2004), Available from
  17. [Sim83]
    Simmons, G.J.: The prisoners’ problem and the subliminal channel. In: Chaum, D. (ed.) Advances in Cryptology: Proceedings of Crypto 1983, August 22-24, 1983, pp. 51–67. Plenum Press, New York (1984)Google Scholar
  18. [vAH04]
    von Ahn, L., Hopper, N.J.: Public-key steganography. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 323–341. Springer, Heidelberg (2004)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2005

Authors and Affiliations

  • Nenad Dedić
    • 1
  • Gene Itkis
    • 1
  • Leonid Reyzin
    • 1
  • Scott Russell
    • 1
  1. 1.Boston University Computer ScienceBostonUSA

Personalised recommendations