Manage Learn to apply best practices and optimize your operations.

Encryption detection

In the Ask the Expert Q&A, Michael Cobb, our application security expert discusses if it is possible to detect encryption. He also takes a closer look at steganography, explains what it is and how it is used to secure e-mail communications.

Are there ways to detect encryption?

Definitely. Encryption only tries to obscure the meaning of a message or data, not its actual existence. This means encrypted data or messages can be relatively easy to find, but still difficult to crack. One of the main problems with encrypted messages is that it is easy to detect when encrypted communication occurs. Today's secure protocols, such as S/MIME, need to flag their presence so that programs like your e-mail client know what sort of data is being sent and can handle it correctly. Firewalls that filter network traffic can scan for encrypted messages by looking at the file's identification code.

Because encrypted data is easy to detect, people have tried to conceal when communication is taking place by hiding the existence of the message or data. To achieve this, they rely on steganography. A steganographic message is often first encrypted and then a "covertext," such as a picture or document, is modified in some way to include the encrypted message, resulting in stegotext. Nowadays, a popular steganographic method buries data in the mass of pixels in digital video and audio images. This poses serious problems for law enforcement authorities because steganographic data is hidden within seemingly innocuous files and doesn't trigger surveillance and monitoring systems. To combat this, statistical techniques are used to detect media that has been modified. Because the covertext has to be modified to store the hidden data there, are usually detectable signs within the covertext's normal characteristics that can be used to reveal the hidden message. This detection of steganographically-encoded data is called "steganalysis."

Related Information
  • Visit our encryption resource center.

  • Learn how to
  • This was last published in September 2005

    Dig Deeper on Email and Messaging Threats-Information Security Threats