International Association for Cryptologic Research

International Association
for Cryptologic Research


Paper: Public Key Steganography

Luis von Ahn
Nicholas J. Hopper
Search ePrint
Search Google
Abstract: Informally, a public-key steganography protocol allows two parties, who have never met or exchanged a secret, to send hidden messages over a public channel so that an adversary cannot even detect that these hidden messages are being sent. Unlike previous settings in which provable security has been applied to steganography, public-key steganography is information-theoretically impossible. In this work we introduce computational security conditions for public-key steganography similar to those introduced by Hopper, Langford and von Ahn for the private-key setting. We also give the first protocols for public-key steganography and steganographic key exchange that are provably secure under standard cryptographic assumptions. Additionally, in the random oracle model, we present a protocol that is secure against adversaries that have access to a decoding oracle (the steganographic equivalent of CCA-2 adversaries).
  title={Public Key Steganography},
  booktitle={IACR Eprint archive},
  keywords={foundations /},
  note={ 12363 received 6 Nov 2003},
  author={Luis von Ahn and Nicholas J. Hopper},