One of my good friends, Paul Squires recently posted an comment on steganography. The main thrust of his article was about the problems with encryption, in that it quite often easy to tell that there is encrypted data in the first place. Meaning that under the laws of RIPA you could be forced to divulge your private keys and allow the authorities to access your encrypted information.
Paul goes on to point out that steganography can be used to hide the fact that you have any encrypted data in the first place and that images are a good medium for this purpose. This is where I have to disagree.
From a quick search around the web, it is apparent, that it is reasonably easy to discover if an image does indeed contain steganographic information. More information here. However, all is not lost. Steganography does indeed have a valid application that I have come across.
For some time now I have been using an open source encryption tool called TrueCrypt. This works like a number of other encryption products (e.g. PGPDisk) in which you create an encrypted volume which is essentially one big file on your disk (or whatever media you choose). When you want to read the information, you then ‘mount’ the file as a drive and the information is encrypted/decrypted on the fly as it is read from and written to disk.
However, as Paul quite rightly points out this poses a problem since, if I created a 1GB encrypted volume, anyone browsing my hard drive (assuming that is where I put it) would spot this rather obviously large file and could probably guess it was an encrypted volume. Then, under RIPA, I would be forced to reveal my password and big brother would be able to gain access.
This is where TrueCrypt comes into its own. The software has the concept of hidden volumes which are basically encrypted volumes within encrypted volumes. Using this technique I use one set of credentials to open the standard encrypted volume and a different set of credentials (when opening up exactly the same file) to access the hidden volume. Therefore, under RIPA, if I was forced to reveal my private keys, I could provide the keys to the outer volume without the authorities ever knowing there was a hidden volume with the actual sensitive data in it. There is no way (that I know of) where it is possible to tell whether an encrypted volume contains an extra hidden volume or not (it would sort of defeat the object if there was).
If you haven’t looked at Truecrypt I recommend it. It has all sorts of really neat features such as the ability to require a keyfile (any file you specify) as being present and untampered when unlocking the volume, in addition to a standard password/passphrase.