The internet is one of the greatest tools for protecting the inalienable right to free speech that every man possesses, even those who live in oppressive regimes that refuse to acknowledge it. Here's a new method for hiding secret messages in "plain sight" on the internet by taking advantage of one of the error-correction technologies in TCP, one of the protocols that forms that backbone of the internet.
Web, file transfer, email and peer-to-peer networks all use TCP, which ensures that data packets are received securely by making the sender wait until the receiver returns a "got it" message. If no such acknowledgement arrives (on average 1 in 1000 packets gets lost or corrupted), the sender's computer sends the packet again. This scheme is known as TCP's retransmission mechanism - and it can be bent to the steganographer's whim, says Mazurczyk.Their system, dubbed retransmission steganography (RSTEG), relies on sender and receiver using software that deliberately asks for retransmission even when email data packets are received successfully. "The receiver intentionally signals that a loss has occurred. The sender then retransmits the packet but with some secret data inserted in it," he says in a preliminary research paper (www.arxiv.org/abs/0905.0363). So the message is hidden among the teeming network traffic.
Could a careful eavesdropper spot that RSTEG is being used because the first sent packet is different from the one containing the secret message? As long as the system is not over-used, apparently not, because if a packet is corrupted the original packet and the retransmitted one will differ from each other anyway, masking the use of RSTEG.
(HT: NW.)