[tor-dev] About GSOC 2013 Steganography Browser Addon project idea

Hareesan rharishan at gmail.com
Sat Apr 27 07:35:19 UTC 2013

Hey there,
I have been working on the proposal for the browser extension. Here I got
some doubts. The following say how I expect the system could work according
to the MIAB implementation explained in 3.2 part in the research paper [1].

Alice who know Bob's public key. He encrypt the message using
an arbitrarily selected shared key and hide the message in the image, and
then he encrypt the shared key using Bob's public key and gets
the cipher-text and adds it in some metadata. My doubt is how the MIAB
client going to select the metadata's location ( e.g
: Exif.Photo.ImageUniqueID or Exif.Image.DateTime, etc ). If its a fixed
location and if the man-in-middle know that location,and if he know Bob's
public key (since its public), he could easily get to the message. If MIAB
going to select the location arbitrarily, how it could be transferred to
Bob's MIAB client?
This is a same issue could be faced by browser extensions also, since all
the browser extension codes can be accessed by anyone.

[1] http://petsymposium.org/2012/papers/hotpets12-3-message.pdf

On Thu, Apr 25, 2013 at 8:02 AM, Damian Johnson <atagar at torproject.org>wrote:

> > I'm Hareesan, undergraduate from University of Moratuwa,Sri Lanka.
> > Interested in working on the project Steganography Browser Addon. I wish
> to
> > confirm is that a project for GSOC? and Is it a good time to start
> working
> > on my proposal?
> >
> > I have already gone through few chapters of the paper (Message In A
> Bottle:
> > Sailing Past Censorship) a bit.
> Hi Hareesan. Yup, the volunteer page was updated to reflect this
> year's GSoC. Moritz and Sukhbir are the folks most familiar with that
> project [1]. And yes, GSoC is presently in the student application
> phase. Most good applications end up going through several revisions
> back-and-forth with prospective mentors so the sooner you get started
> the better!
> [1]
> https://www.torproject.org/getinvolved/volunteer.html.en#steganographyBrowserAddon
> _______________________________________________
> tor-dev mailing list
> tor-dev at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev

*Hareesan R
Department of Computer Science And Engineering
University Of Morat**uwa
Sri Lanka****
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20130427/8cf2788d/attachment-0001.html>

More information about the tor-dev mailing list