Its Time to Look at Real Digital Security

'Retouching' technologies have good uses-and bad.

Digital tools make and take away perfect copies of information, leaving no tracks behind. They can also be used, though, to distort information in ways hard to detect. Sensitive knowledge easily crosses our borders, while once-trustworthy data such as photographs become no more credible than the person who presents them. We dont know what were losing, and we cant believe what we keep.

This lack of digital security may come from misplaced imitation of physical security methods. If you change the form of a valuable physical object, you also change its value; information security is harder than physical security because information can change among many forms without being degraded. But were used to the idea that briefcases are searched and car trunks are opened; bad information security mimics these methods with techniques such as keyword scans of e-mail.

Information can cross even a well-guarded boundary at will, however, using tools of steganography. No amount of keyword scanning or other naive inspection will detect a client list, a process description or a complex diagram if its embedded in some innocent-looking image or other carrier object. Steganographic methods can be as simple and obvious as encoding a message in the initial letters of the words of an apparently ordinary e-mail or as subtle as tiny alterations of line spacing or tweaking of the least significant bits of image pixels to represent covert content.

/zimages/2/28571.gifClick here to read more about steganography tools.

Compressed image formats, such as JPEG, have enough erratic variation between adjacent pixels to prevent easy detection of such concealment, especially if the payload is first encrypted to produce a ciphertext that has the statistics of random noise.

"The use of steganography is certain to increase," stated Gary Kessler, an associate professor in the Computer and Digital Forensics Program at Champlain College, in his February paper, "An Overview of Steganography for the Computer Forensics Examiner," republished in July by the FBI journal Forensic Science Communications.

Steganography "will be a growing hurdle for law enforcement and counterterrorism activities," said Kessler, despite the difficulty of measuring its current level of use. "Ignoring the significance of steganography because of the lack of statistics is security through denial and not a good strategy," he warned.

But even while people rightly worry that there may be hidden meanings in the noisy bits of ordinary-looking e-mail attachments, other records that reside quietly at home may be living a lie. Ive taught my sons to retouch photos, for example, to remove a fingertip blocking a corner of a picture. The boys dont leave obvious edges; they know how to use a feather-edged selection to merge a piece of unobstructed sky over what they want to remove. Unfortunately, there are plenty of less innocent reasons to alter supposedly objective bits of history.

/zimages/2/28571.gifFor insights on security coverage around the Web, check out Security Center Editor Larry Seltzers Weblog.

Research teams, including one at the State University of New York, are developing statistical methods to detect such image alterations. As is so often the case, though, theres an emerging arms race between good guys and bad guys. Tools complex enough to produce top-flight forgeries "will move from research labs to commercial software," wrote SUNY Binghamtons Jessica Fridrich, David Soukal and Jan Lukás in their August 2003 paper, "Detection of Copy-Move Forgery in Digital Images."

Fridrichs current project, described late last month in The New York Times, seeks to assure the provenance of digital photos by combining two images: one of what the lens sees in front of the camera, the other of the distinctive patterns in the eye of the photographer. By merging these two inputs, one winds up with a record whose integrity is assured; it can be shown that an image on record is the one that was originally captured, with the origin of the image traced to a particular person.

Perhaps, in general, we can secure information only by controlling its relationships with people. Role-based access limits opportunities to leak it; origination keys, like those in Fridrichs camera, reduce the temptation to distort it.

Thats the path to real information security, instead of an irrelevant and futile imitation.

Technology Editor Peter Coffee can be reached at

To read more Peter Coffee, subscribe to eWEEK magazine.

/zimages/2/28571.gifCheck out eWEEK.coms Security Center at for the latest security news, reviews and analysis.


Be sure to add our developer and Web services news feed to your RSS newsreader or My Yahoo page