Hey there,
I'm Hareesan, undergraduate from University of Moratuwa,Sri Lanka. Interested in working on the project Steganography Browser Addon. I wish to confirm is that a project for GSOC? and Is it a good time to start working on my proposal?
I have already gone through few chapters of the paper (Message In A Bottle: Sailing Past Censorshiphttp://www.cs.kau.se/philwint/censorbib/#Invernizzi2012) a bit.
I'm Hareesan, undergraduate from University of Moratuwa,Sri Lanka. Interested in working on the project Steganography Browser Addon. I wish to confirm is that a project for GSOC? and Is it a good time to start working on my proposal?
I have already gone through few chapters of the paper (Message In A Bottle: Sailing Past Censorship) a bit.
Hi Hareesan. Yup, the volunteer page was updated to reflect this year's GSoC. Moritz and Sukhbir are the folks most familiar with that project [1]. And yes, GSoC is presently in the student application phase. Most good applications end up going through several revisions back-and-forth with prospective mentors so the sooner you get started the better!
[1] https://www.torproject.org/getinvolved/volunteer.html.en#steganographyBrowse...
Hey there, I have been working on the proposal for the browser extension. Here I got some doubts. The following say how I expect the system could work according to the MIAB implementation explained in 3.2 part in the research paper [1].
Alice who know Bob's public key. He encrypt the message using an arbitrarily selected shared key and hide the message in the image, and then he encrypt the shared key using Bob's public key and gets the cipher-text and adds it in some metadata. My doubt is how the MIAB client going to select the metadata's location ( e.g : Exif.Photo.ImageUniqueID or Exif.Image.DateTime, etc ). If its a fixed location and if the man-in-middle know that location,and if he know Bob's public key (since its public), he could easily get to the message. If MIAB going to select the location arbitrarily, how it could be transferred to Bob's MIAB client? This is a same issue could be faced by browser extensions also, since all the browser extension codes can be accessed by anyone.
[1] http://petsymposium.org/2012/papers/hotpets12-3-message.pdf
On Thu, Apr 25, 2013 at 8:02 AM, Damian Johnson atagar@torproject.orgwrote:
I'm Hareesan, undergraduate from University of Moratuwa,Sri Lanka. Interested in working on the project Steganography Browser Addon. I wish
to
confirm is that a project for GSOC? and Is it a good time to start
working
on my proposal?
I have already gone through few chapters of the paper (Message In A
Bottle:
Sailing Past Censorship) a bit.
Hi Hareesan. Yup, the volunteer page was updated to reflect this year's GSoC. Moritz and Sukhbir are the folks most familiar with that project [1]. And yes, GSoC is presently in the student application phase. Most good applications end up going through several revisions back-and-forth with prospective mentors so the sooner you get started the better!
[1] https://www.torproject.org/getinvolved/volunteer.html.en#steganographyBrowse... _______________________________________________ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
Hi Hareesan,
: Exif.Photo.ImageUniqueID or Exif.Image.DateTime, etc ). If its a fixed location and if the man-in-middle know that location,and if he know Bob's public key (since its public), he could easily get to the message. If MIAB
Alice will use Bob's public key to encrypt the message, so the message can be read by Bob and no one else, as only he has the corresponding private key.
going to select the location arbitrarily, how it could be transferred to Bob's MIAB client?
While MIAB proposes the use of blog pings (see section 3.1.1 of the paper) to distribute the messages and a MIAB client to embed them, our idea for this project is to come up with a similar system, but one that will allow: a). embedding secrets (like in our case, bridge addresses) in a website(s), b). detecting these secrets when a user navigates to them.
So, while theoretically what we aim to do is similar to MIAB, the practical implementation will be different and coming up with that design will constitute the main part of your application.
Hi, I have updated my proposal to melange. It would be great if mentors can have a look and give feedback to improve it further before deadline.
On Sun, Apr 28, 2013 at 12:40 AM, Sukhbir Singh sukhbir.in@gmail.comwrote:
Hi Hareesan,
: Exif.Photo.ImageUniqueID or Exif.Image.DateTime, etc ). If its a fixed location and if the man-in-middle know that location,and if he know Bob's public key (since its public), he could easily get to the message. If
MIAB
Alice will use Bob's public key to encrypt the message, so the message can be read by Bob and no one else, as only he has the corresponding private key.
going to select the location arbitrarily, how it could be transferred to Bob's MIAB client?
While MIAB proposes the use of blog pings (see section 3.1.1 of the paper) to distribute the messages and a MIAB client to embed them, our idea for this project is to come up with a similar system, but one that will allow: a). embedding secrets (like in our case, bridge addresses) in a website(s), b). detecting these secrets when a user navigates to them.
So, while theoretically what we aim to do is similar to MIAB, the practical implementation will be different and coming up with that design will constitute the main part of your application.
-- Sukhbir _______________________________________________ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
-
Damian Johnson -
Hareesan -
Sukhbir Singh