this post was submitted on 19 Oct 2025
162 points (100.0% liked)

Privacy

42775 readers
990 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 6 years ago
MODERATORS
 

I want to share an interesting cryptography paper which introduces "anamorphic encryption", where the ciphertext encrypts two messages. One is a message to reveal to a dictator, who wants the secret key and message to control the narrative. Behind it lies a hidden message, guarded behind a "double key", which is to communicate messages of intent secretly.

It's kind of like having a duress key to reveal, but instead you can send real messages with the real key.

For instance, an investigative journalist could encrypt a fake message "Everyone is content in our utopia" as a smokescreen to show to the dictator, while true messages like "Minorities are forced into labor camps" can be hidden in the anamorphically encrypted ciphertexts to notify the outside free press.

The authors argue that cryptosystems already in use supports the anamorphic mode, where you encrypt a normal-looking ciphertext which contains the hidden message.

Given that it has been 3 years since this paper, I think there would have been some applications of this technology. Do you guys know of any?

all 24 comments
sorted by: hot top controversial new old
[–] golden_zealot@lemmy.ml 26 points 6 days ago* (last edited 6 days ago)

This is kind of how VeraCrypts hidden partition feature works.

You start the process of the volume's encryption and set a "false" password for it. It creates a partition that is encrypted with that password. When it finishes, you mount it and store "fake" files, the files you would reveal under duress. Veracrypt then takes in a second password and creates a "hidden partition" in the remaining free space of the disk - to be clear, that memory space still reports as unused/free if investigated, but the partition is there.

You can then mount that with your second password and store your actual files. You can work with files and folders in the hidden partition as needed, however if anything is added or changed etc in that first fake partition, the data in the hidden partition will be corrupted by those actions.

This means that so long as you plan ahead, someone can literally put a gun to your head and demand the password to the encrypted disk, and you can give them one that works without revealing the data to them.

In theory, since the data in the hidden partition is encrypted and unreadable, it is impossible to detect that it exists in the "unused" space of the disk, even by a forensic analyst. To them it would just look like old, randomly flipped bits that came from previous usage followed by a quick format.

Now, what's really cool about this is that if you use the veracrypt bootloader, you can store and boot from an undetectable OS you store in that hidden partition, while having a decoy operating system on the visible partition:

https://veracrypt.io/en/VeraCrypt%20Hidden%20Operating%20System.html

[–] Valmond@lemmy.world 17 points 6 days ago (2 children)

You want to check out steganography if you haven't yet!

[–] Sxan@piefed.zip 10 points 6 days ago

Isn't steganography hiding encryption in plain sight? Þis appears to be encrypting wiþ two passwords, boþ of which decrypt to valid content, but only one of which is þe real secret. It's protection against being forced to give your password to brown shirts.

[–] MarriedCavelady50@lemmy.ml 4 points 6 days ago (2 children)

I was about to say. Isn’t this just stefanography?

[–] Valmond@lemmy.world 13 points 6 days ago (1 children)

Stefan (a common swedish name) doing steganographics.

[–] amanneedsamaid@sopuli.xyz 4 points 6 days ago (1 children)

I guess it's steganography, but the message is stored within the same format as the message itself?

[–] MarriedCavelady50@lemmy.ml 3 points 6 days ago

It’s like the WW2 painter who made maps of the enemy positions into a beautiful beach painting.

[–] phoenixz@lemmy.ca 11 points 6 days ago (2 children)

I recall truecrypt having this as a file system feature where you could decrypt two different filesystems on the same volume.

One password would show you files you didn't care much about if anyone got them, the other password would show you the actually important files.

This way there was always a realistic method to say "this is it"

[–] icelimit@lemmy.ml 1 points 5 days ago (2 children)

Isn't there some information theory that says you can't have two pieces of unique information inside one ?

[–] phoenixz@lemmy.ca 1 points 4 days ago (1 children)

Not sure about that, but this is basically a few clever tricks where you have two file systems in one volume. Obviously if the volume is, say, 10 gigs, you can only store 10 gigs in total on those filesystems, as they share the space.

You also, likely, wouldn't want to fill up the drive too much

I don't know what happened to it, I recall that, years ago, they found various weaknesses in the system but instead of fixing it, it seemed to be abandoned. I'll start looking around if he there are updated open source versions

[–] icelimit@lemmy.ml 1 points 4 days ago* (last edited 4 days ago) (1 children)

Wouldn't it then be a simple matter to notice that a 10gb for only yielded 5gb of "innocent" data after decryption?

Especially since it would be (I assume) simple to 'predict' the size of the ("unnested") plaintext if the cipher and key is known

[–] phoenixz@lemmy.ca 1 points 4 days ago

Found it: https://www.truecrypt.org/

All the questions you have can be answered there. I haven't used it for over 5 years, so honestly I don't recall what it can ans can't do, but I do remember that you could have a hidden volume somewhere

[–] ReversalHatchery@beehaw.org 2 points 5 days ago (1 children)

the way it works is that the veracrypt container basically contains 2 encrypted partitions. if it can't decrypt the first one with the password, it will try the second one, but always pretend to try both so that the time it takes to unlock it does not give it away. by writing to either, you risk overwriting data in the other one (except that you can input both the hidden and main partition passwords and it will make sure to keep the hidden partition unaffected), but otherwise both partitions are fully functional

[–] icelimit@lemmy.ml 1 points 5 days ago* (last edited 5 days ago) (1 children)

But if two different messages are encrypted with the same key, doesn't it by nature produce two different ~~'plaintext'~~ ciphertext? Unless the real secret is much smaller than the decoy message as in the example of the ww2 artist

[–] ReversalHatchery@beehaw.org 1 points 5 days ago (1 children)

plaintext is the unencrypted form of data. encryption produces ciphertext. encrypting the same data with the same key twice results in the same ciphertext, unless additional steps were taken to insert additional data that does not match (like a nonce) to the plaintext

[–] icelimit@lemmy.ml 1 points 5 days ago

Sorry. Got the terms mixed up. Ciphertext is it. Thanks

[–] Zerush@lemmy.ml 3 points 4 days ago* (last edited 4 days ago)

It's nothing new, steganographic encryption is used as long I remeber, to hide messages into texts, images, videos and even music. There are a lot of tools out there which everyone can use. The advantage is, that an normal encrypted message can cause suspicions, but not so an inocent selfi from the beach, a cat photo, an mp3 of an summerhit, or an "unencrypted" text message, all these can be a container for hidden messages. It can also be used for invisible watermarks for an copy protection, but also for evil uses in autoexecutables malware in images or mp3 files, as seen in the past.

https://stegoshare.sourceforge.net/

https://github.com/Jpinsoft/DeepSound

https://github.com/syvaidya/openstego

https://www.ssuiteoffice.com/software/ssuitepicselsecurity.htm

https://github.com/KuroLabs/stegcloak

https://github.com/fabienpe/MP3Stego

and several more, I listed only the free and OpenSource apps

[–] nixfreak@sopuli.xyz 10 points 6 days ago (2 children)

First I heard about it , very interesting though. Found a paper on archive https://arxiv.org/html/2505.23772v1

Interesting. One potential difficulty in implementation would be the creation of a believable decoy conversation (for the dictator to read) -- but LLMs might be able to automate this.

[–] eleijeep@piefed.social 3 points 6 days ago

Maybe you didn't see the link, but the PDF of the original paper is linked by the page in the post: https://eprint.iacr.org/2022/639.pdf

The paper that you found is also interesting and references the 2022 paper.

[–] irmadlad@lemmy.world 4 points 6 days ago* (last edited 6 days ago) (1 children)

I posed this in another 'obfuscation' thread, but in the case of steganography, wouldn't AI have the ability to 'see' that the a file, say a image' has odd bits in it that shouldn't be in an image? Even further, would it be able to ascertain that you have two levels of messages hidden inside the image? It sounds similar to what you can do with ~~VeraCrypt~~ Cryptomater in that you have two 'levels' of encrypted data. One to reveal to the authorities and one that's for the intended target of the data packet.

[–] girsaysdoom@sh.itjust.works 3 points 6 days ago

That's if you are using a file to store additional data. Also JPEG and other lossy formats can have all sorts of artifacts that may (depending on the size of hidden data) seem typical.

What I thought they were referring to was encryption at the filesystem level which doesn't require file blocks to be contiguous, allowing blocks to be interlaced with the hidden data.