Journal of Cryptology

, Volume 22, Issue 3, pp 365–394 | Cite as

Upper and Lower Bounds on Black-Box Steganography

  • Nenad DedićEmail author
  • Gene Itkis
  • Leonid Reyzin
  • Scott Russell


We study the limitations of steganography when the sender is not using any properties of the underlying channel beyond its entropy and the ability to sample from it. On the negative side, we show that the number of samples the sender must obtain from the channel is exponential in the rate of the stegosystem. On the positive side, we present the first secret-key stegosystem that essentially matches this lower bound regardless of the entropy of the underlying channel. Furthermore, for high-entropy channels, we present the first secret-key stegosystem that matches this lower bound statelessly (i.e., without requiring synchronized state between sender and receiver).


Steganography Covert communication Rejection sampling Lower bound Pseudorandomnness Information hiding Huge random objects 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. [1]
    M. Backes, C. Cachin, Public-key steganography with active attacks, in Second Theory of Cryptography Conference—TCC 2005, ed. by J. Kilian, Lecture Notes in Computer Science, vol. 3378 (Springer, New York, 1995), pp. 210–226 Google Scholar
  2. [2]
    B. Bloom, Space/time tradeoffs in hash coding with allowable errors. Commun. ACM 13(7), 422–426 (1970) zbMATHCrossRefGoogle Scholar
  3. [3]
    A. Broder, M. Mitzenmacher, Network applications of bloom filters: A survey, in Proceedings of the Fortieth Annual Allerton Conference on Communication, Control and Computing, 2002 Google Scholar
  4. [4]
    C. Cachin, An information-theoretic model for steganography, in Second International Workshop on Information Hiding, Lecture Notes in Computer Science, vol. 1525 (Springer, New York, 1998), pp. 306–316 CrossRefGoogle Scholar
  5. [5]
    N. Dedić, G. Itkis, L. Reyzin, S. Russell, Upper and lower bounds on black-box steganography, in Second Theory of Cryptography Conference—TCC 2005, ed. by J. Kilian, Lecture Notes in Computer Science, vol. 3378 (Springer, New York, 1995), pp. 227–244 Google Scholar
  6. [6]
    B. Fristedt, L. Gray, A Modern Approach to Probability Theory (Birkhäuser, Basel, 1997) zbMATHGoogle Scholar
  7. [7]
    O. Goldreich, S. Goldwasser, S. Micali, How to construct random functions. J. ACM 33(4), 792–807 (1986) CrossRefMathSciNetGoogle Scholar
  8. [8]
    O. Goldreich, S. Goldwasser, A. Nussboim, On the implementation of huge random objects, in 44th Annual Symposium on Foundations of Computer Science, Cambridge, MA, 2003. IEEE, pp. 68–79 Google Scholar
  9. [9]
    J. Håstad, R. Impagliazzo, L.A. Levin, M. Luby, Construction of pseudorandom generator from any one-way function. SIAM J. Comput. 28(4), 1364–1396 (1999) zbMATHCrossRefMathSciNetGoogle Scholar
  10. [10]
    W. Hoeffding, Probability inequalities for sums of bounded random variables. J. Am. Stat. Assoc. 58(301), 13–30 (1963) zbMATHCrossRefMathSciNetGoogle Scholar
  11. [11]
    N. Hopper, J. Langford, L. von Ahn, Provably secure steganography. Technical Report 2002/137, Cryptology e-print archive,, 2002. Preliminary version in Crypto 2002
  12. [12]
    N.J. Hopper, Toward a Theory of Steganography. PhD thesis, Carnegie Mellon University, Pittsburgh, PA, USA, July 2004. Available as Technical Report CMU-CS-04-157 Google Scholar
  13. [13]
    L. Kissner, T. Malkin, O. Reingold, Private communication to N. Hopper, J. Langford, L. von Ahn, 2002 Google Scholar
  14. [14]
    T. Van Le, Efficient provably secure public key steganography. Technical Report 2003/156, Cryptology e-print archive,, 2003
  15. [15]
    T. Van Le, K. Kurosawa, Efficient public key steganography secure against adaptively chosen stegotext attacks. Technical Report 2003/244, Cryptology e-print archive,, 2003
  16. [16]
    R.J. McEliece, The Theory of Information and Coding, 2nd edn. (Cambridge University Press, Cambridge, 2002) zbMATHGoogle Scholar
  17. [17]
    L. Reyzin, A note on the statistical difference of small direct products. Technical Report BUCS-TR-2004-032, CS Department, Boston University, September 21, 2004. Available from
  18. [18]
    L. von Ahn, N.J. Hopper, Public-key steganography, in Advances in Cryptology—EUROCRYPT 2004, ed. by C. Cachin, J. Camenisch, Lecture Notes in Computer Science, vol. 3027 (Springer, New York, 2004) Google Scholar

Copyright information

© International Association for Cryptologic Research 2008

Authors and Affiliations

  • Nenad Dedić
    • 1
    Email author
  • Gene Itkis
    • 1
  • Leonid Reyzin
    • 1
  • Scott Russell
    • 1
  1. 1.Department of Computer ScienceBoston UniversityBostonUSA

Personalised recommendations