Hey there, I have been working on the proposal for the browser extension. Here I got some doubts. The following say how I expect the system could work according to the MIAB implementation explained in 3.2 part in the research paper [1].
Alice who know Bob's public key. He encrypt the message using an arbitrarily selected shared key and hide the message in the image, and then he encrypt the shared key using Bob's public key and gets the cipher-text and adds it in some metadata. My doubt is how the MIAB client going to select the metadata's location ( e.g : Exif.Photo.ImageUniqueID or Exif.Image.DateTime, etc ). If its a fixed location and if the man-in-middle know that location,and if he know Bob's public key (since its public), he could easily get to the message. If MIAB going to select the location arbitrarily, how it could be transferred to Bob's MIAB client? This is a same issue could be faced by browser extensions also, since all the browser extension codes can be accessed by anyone.
[1] http://petsymposium.org/2012/papers/hotpets12-3-message.pdf
On Thu, Apr 25, 2013 at 8:02 AM, Damian Johnson atagar@torproject.orgwrote:
I'm Hareesan, undergraduate from University of Moratuwa,Sri Lanka. Interested in working on the project Steganography Browser Addon. I wish
to
confirm is that a project for GSOC? and Is it a good time to start
working
on my proposal?
I have already gone through few chapters of the paper (Message In A
Bottle:
Sailing Past Censorship) a bit.
Hi Hareesan. Yup, the volunteer page was updated to reflect this year's GSoC. Moritz and Sukhbir are the folks most familiar with that project [1]. And yes, GSoC is presently in the student application phase. Most good applications end up going through several revisions back-and-forth with prospective mentors so the sooner you get started the better!
[1] https://www.torproject.org/getinvolved/volunteer.html.en#steganographyBrowse... _______________________________________________ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev