Matasano Chargen » Blog Archive » Attacking “Photoshop Encryption”

Attacking “Photoshop Encryption”

Thomas Ptacek | January 6th, 2007 | Filed Under: Defenses, New Findings, Uncategorized

Dheera Venkatraman is clever. He proposes a way to extract sensitive information from “pixelated” or “blurred” portions of the pictures of checks, invoices, traffic tickets and whatnot that people post.

The observation: while you clearly can’t just “undo” the pixelation, if you know the blurring algorithm, you can iterate over candidate numbers (or images thereof) and see which ones produce the same image.

It’s a simple dictionary attack (think of Photoshop’s “blur” as a cryptographic hash). This seems plausible because the “plaintext” is structured and relatively constrained, although in the real world you can think of a variety of things that would complicate the analysis (grainy source images, skew, etc). So I don’t know if it’s practical. But it made me think

Viewing 8 Comments

Roland Dobbins 2 years ago 1 point
Please login to rate.

Do you already have an account? Log in and claim this comment.

It seems to me that the safest way to blank things out is to simply excise them from the image with a crop tool, then insert a black rectangle over the cropped area to show the elision.

reply edit reblog flag

Thomas Ptacek 2 years ago 1 point
Please login to rate.

Do you already have an account? Log in and claim this comment.

That's what Dheera says too, but people screw this up all the time (as you imply), by layering a black rectangle over the data instead of making sure to remove it first.

reply edit reblog flag

http://www.matasano.com/log

one.miguel 2 years ago 1 point
Please login to rate.

Do you already have an account? Log in and claim this comment.

"people screw this up all the time (as you imply), by layering a black rectangle over the data instead of making sure to remove it first."

I believe layering a black rectangle over the data should secure it as well (unless you leave a part of the data showing) as removing it. Perhaps you mis-wrote?

reply edit reblog flag

http://www.monkey-tech.com

LMH 2 years ago 1 point
Please login to rate.

Do you already have an account? Log in and claim this comment.

Actually it doesn't matter if he mis-typed. It's a image format issue (ex. does the format support layers?).

Normally the software itself warns about that (ex. see Gimp), when saving from one format that supports them, to another that doesn't.

reply edit reblog flag

http://blog.info-pull.com

one.miguel 2 years ago 1 point
Please login to rate.

Do you already have an account? Log in and claim this comment.

True, if you are crazy enough post a multi-layered image file on the Internet (vs an exported GIF, JPEG or PNG)! But the article posted about discusses using mosiac or blurring or some other technique to obscure sensitive data and the ability to brute force it, not simply hiding layers.

BTW, LMH, I like the recent applefun findings, especially the iPhoto one.

reply edit reblog flag

http://www.monkey-tech.com

LMH 2 years ago 1 point
Please login to rate.

Do you already have an account? Log in and claim this comment.

What I wanted to say is that when you *save* the file, and you have positioned a new layer over the sensitive area, if the image format actually supports that, it will be silently saved (after all, the application warns because format incompatibility, not because you are hiding alien autopsy evidence ;o).

I've seen people doing similar stuff in Flash videos as well (positioning "black gaps" over information).

Not even talking about the PDF fiasco...

reply edit reblog flag

http://blog.info-pull.com

grey 2 years ago 1 point
Please login to rate.

Do you already have an account? Log in and claim this comment.

OK, so I just have to insert a bit of lecherous knowledge here.

Like all futuristic technology, the Japanese are millenia ahead of the rest of the world, as they've been doing this stuff for ages.

e.g.

http://homepage3.nifty.com/furumizo/gmaskd_e.htm

http://hp.vector.co.jp/authors/VA013065/index2.htm

and so on.

"Pr0n with mosiacs? FUCK WE NEED TO REVERSE THAT SHIT!" - translation of some epitath of horny person in .jp years ago.

P'shaw, Japanese can innovate my ass!

Seriously though, pr0n is a far more interesting motivator than checks? And yeesh, without people fucking up the black bars we'd never get gems like http://old.fuckallyall.com/article1585.html of techtv screensaver host pr0n.

To get super geeky, there was even a joke allusion in otaku no video in the late 1980's that one of the geeks in the faux-interview sequences had developed a pair of goggles to demosiac in realtime for video watching.

And don't even get me started on talking about people who reverse Japanese video games to remove any mosaic code (the images tend to use proprietary formats in pristine uncensored quality to simultaneously thwart and tempt reversers).

I guess the question in my mind is... does Dheera's stuff employ new techniques that can be employed to better pr0n decensoring efforts, or is this more of the same old?

I'm sorry, I couldn't even pretend to be serious with this post, but it really had to be said. ;)

reply edit reblog flag

http://undeadly.org

grey 2 years ago 1 point
Please login to rate.

Do you already have an account? Log in and claim this comment.

Sorry, there's more of interest in the Japanese unmasking tech

Such as shooting the messanger (i.e. going after the guy who wrote FLMask as somehow being an enabler of better pr0n sites)
http://joi.ito.com/archives/1999/11/01/japans_c...

I've got to say the simple tutorial on unmasking images is probably my favourite:
http://hp.vector.co.jp/authors/VA013065/Lunmask...

Like I said. Japan, way way ahead of us in technology, again.

reply edit reblog flag

http://undeadly.org

Attacking “Photoshop Encryption”

Add New Comment

Viewing 8 Comments

Add New Comment

Trackbacks

People We Read

Things We Write

RSS Feed

Archives