summaryrefslogtreecommitdiff
path: root/security/hydan/DESCR
blob: 3603354d9dff98677f06ef66de0fcd0901f827cb (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
Hydan steganographically conceals a message into an application.  It
exploits redundancy in the i386 instruction set by defining sets of
functionally equivalent instructions.  It then encodes information in
machine code by using the appropriate instructions from each set.

Features:
       - Application filesize remains unchanged
       - Message is blowfish encrypted with a user-supplied
	 passphrase before being embedded
       - Encoding rate: 1/110

Primary uses for Hydan:
       - Covert Communication:  embedding data into binaries creates a
	 covert channel that can be used to exchange secret messages.
       - Signing:  a program's cryptographic signature can be embedded
	 into itself.  The recipient of the binary can then verify
	 that it has not been tampered with (virus or trojan), and is
	 really from who it claims to be from.  This check can be
	 built into the OS for user transparency.
       - Watermarking:  a watermark can be embedded to uniquely
	 identify binaries for copyright purposes, or as part of a DRM
	 scheme.  Note:  this usage is not recommended as Hydan
	 implements fragile watermarks.