Elke Franz

Computer Based Steganography: How It Works and Why Therefore Any Restrictions on Cryptography Are Nonsense, at Best

In the future, messages, e.g. speech, text or pictures, will be transmitted digitally since this is cheaper, more perfect and more flexible. It is possible to hide messages, which are of necessity much shorter, nearly unrecognizable for outsiders in such digitized messages. In this article we describe how computer based steganography works and give a summary on the results of our implementation.

Adaptive steganography based on dithering

This paper investigates possibilities to develop adaptive steganographic algorithms in general and especially for images as possible cover data. We exploit dithering as a means to gain image information that can be used by adaptive steganographic algorithms. First, we point out general possibilities for using this process for steganography and discuss advantages and drawbacks. Since the original dither criteria is not sufficient for steganography, we modify it and develop further algorithms. Considerable tests confirm the improvements of the extensions. Finally, we point out possibilities for further research.

Towards privacy-aware elearning

Acting in the digital world, such as browsing the Internet, always causes generation of data. However, the average user is not aware that his actions leave traces which might cause privacy risks. Within this paper, we discuss the need for privacy-enhancing application design considering eLearning as example. eLearning is an application area that comprises many use cases which are common in the digital world. Since an eLearning application aims at assisting users, they cannot act in full anonymity. We discuss a possible solution which uses privacy-enhancing identity management (PIM) in order to provide as much anonymity as possible while still enabling assistance.

Steganography Secure against Cover-Stego-Attacks

Steganography aims to secretly transmit messages by embedding them in cover data. The usual criterion each stegosystem must meet is to resist stego-only-attacks. An even stronger criterion is to resist cover-stego-attacks. The article introduces a stego paradigm which aims to meet this stronger requirement by simulating a “usual process” of data processing. The general realization of the paradigm is discussed. One possible realization is sketched.

Usable presentation of secure pseudonyms

Privacy-Enhancing Identity Management (PIM) enables us-ers to control which personal information they provide to their communication partner(s) by partitioning their personal information into partial identities for themselves. Since partial identities must not be linkable, they cannot share a global name. Therefore, pseudonyms are used as identifiers.We discuss in this paper that besides the frequency of their use also the (re)presentation of pseudonyms influences the achievable privacy. Particularly, we point out that conflicting requirements on privacy and usability cannot be sufficiently considered by a single type of representation of pseudonyms. Hence, a PIM system should generate digital pseudonyms which are used for communication, while users assign local mnemonics to these pseudonyms in order to simplify their use. We discuss possible solutions for the support of mnemonics and, thereby, propose some improvements to privacy-enhancing identity management tools.

Pre-processing for adding noise steganography

This paper introduces and discusses an idea for utilizing noise introduced by scanning for steganography. In contrast to known approaches, we suggest a pre-processing step in order to reduce noise before embedding. This step shall enable us to embed by adding a noise signal without increasing local variances. The paper describes characteristic features of noise and possibilities to measure and consider them. Furthermore, we introduce a method to generate a noise signal that adheres to our simplified description. For embedding this signal, we consider the use of existing methods. Practical test results confirm the suitability of our approach, even if one must be aware of general limitations.

A Payment Scheme for Mixes Providing Anonymity

Mixes allow the users of electronic data networks to communicate with each other without identifying themselves or uncovering their relationship. Several security applications suggest the usage of mixes. However, such concepts are often not commercially used in practice. One reason may be that providers are only willing to offer anonymous communication if their payment is arranged.

Physical layer security vs. network layer secrecy: Who wins on the untrusted two-way relay channel?

We consider the problem of secure communications in a Gaussian two-way relay network where two nodes exchange confidential messages only via an untrusted relay. The relay is assumed to be honest but curious, i.e., an eavesdropper that conforms to the system rules and applies the intended relaying scheme. We analyze the achievable secrecy rates by applying network coding on the physical layer or the network layer and compare the results in terms of complexity, overhead, and efficiency. Further, we discuss the advantages and disadvantages of the respective approaches.

Collaborative E-learning

In the following chapter a short overview about the collaborative eLearning application prototype BluES’n is given. Starting by emphasising its need and potentials for PRIME, the integrated and realised privacy-enhancing components and functionalities are described. A summarising section points out lessons learnt when integrating PRIME into the application.

Privacy-aware user interfaces within collaborative environments

The main focus of this paper is to discuss the representation of contextual information in advanced user interfaces supporting privacy awareness. Thereby, we especially consider collaborative environments which potentially provide information about users to everybody acting in the system. Users can apply Privacy-Enhancing Identity Management (PIM) in order to control which information they disclose to whom in which situation. However, since PIM must be done additionally to the actual tasks within the application, it is questionable whether users will reasonably utilize it. Therefore, a privacy-aware user interface is an important prerequisite for the broad acceptance and adequate use of PIM. We discuss which contextual information should be represented in a collaborative environment and suggest a possible representation of the selected information.