0

As far as I understand, it is possible to send encrypted data over unencrypted network protocols, such as HTTP; however, it would look really suspicious if encrypted data were sent through an unencrypted network. So, I was thinking about encrypting the data (a text file, for instance) locally and then send it through HTTP. Now, my question (or questions) is:

If someone were to inspect the data sent over the network, would they know that it was encrypted? If so, what would be a way to make the encrypted data look like unencrypted data (for example, if the text said: "Hello World," the intruder would read something like: "Not a secret")

Please, correct me if I haven't quite understood how encryption works as I have no real experience with it besides encrypting my hard drive.

  • Relevant: [Cryptography that looks like ordinary email](https://security.stackexchange.com/q/45153/2138) – user Sep 22 '17 at 09:12

2 Answers2

6

Yes, this is known as steganography. In order to hide the encryption, it requires a lot of background "noise" which is itself a decoy signal - so the cyphertext is much larger than the clear text. A common method for acheiving this is to hide a text message inside an image.

There are several examples on github

symcbean
  • 18,278
  • 39
  • 73
2

This field of research is called steganography. It does not need any encryption, but because it is about keeping data secret it is often related to encryption.

You can hide data in two ways. The first one is obscuring the data. In this case you are hiding the data somewhere that you expect an attacker not to find it, for example in an unused part of an binary file.

A better approach is to choose a protocol that has a lot of noise in it, or that allows a lot of noise to be introduced. This could be done using a lot of different methods. Examples include:

  • Using the least significant bits for the pixel values in an image.
  • Using some of the least significant bits of your public Diffie-Hellman share in a TLS handshake.

Each bit of noise generally allows you to transmit one bit of data. Note that encrypting the data is not required. But when transmitting plain text, an attacker may see patterns in the noise and conclude that there is a hidden channel there. So it is often a good idea to encrypt your messages, because the noise will look random and the attacker will not be able to detect patterns.

dusk
  • 200
  • 6