Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Provably Secure Disambiguating Neural Linguistic Steganography

Yuang Qi, Kejiang Chen, Kai Zeng, Weiming Zhang, Nenghai Yu

TL;DR

This work tackles segmentation ambiguity in provably secure neural linguistic steganography caused by detokenization after subword-based generation. It introduces SyncPool, a distribution-preserving disambiguation framework that forms ambiguity pools from prefix-related tokens and employs synchronous sampling via a shared CSPRNG to ensure unambiguous extraction without altering the original token distributions. The authors provide theoretical security arguments and demonstrate, across English and Chinese contexts and multiple models, that SyncPool eliminates decoding errors while maintaining zero KL divergence and near-original perplexity, with only modest efficiency trade-offs. The method enables practical deployment of provably secure linguistic steganography in real-world language models. Code and experiments substantiate that SyncPool preserves security guarantees while significantly reducing segmentation-induced decoding failures.

Abstract

Recent research in provably secure neural linguistic steganography has overlooked a crucial aspect: the sender must detokenize stegotexts to avoid raising suspicion from the eavesdropper. The segmentation ambiguity problem, which arises when using language models based on subwords, leads to occasional decoding failures in all neural language steganography implementations based on these models. Current solutions to this issue involve altering the probability distribution of candidate words, rendering them incompatible with provably secure steganography. We propose a novel secure disambiguation method named SyncPool, which effectively addresses the segmentation ambiguity problem. We group all tokens with prefix relationships in the candidate pool before the steganographic embedding algorithm runs to eliminate uncertainty among ambiguous tokens. To enable the receiver to synchronize the sampling process of the sender, a shared cryptographically-secure pseudorandom number generator (CSPRNG) is deployed to select a token from the ambiguity pool. SyncPool does not change the size of the candidate pool or the distribution of tokens and thus is applicable to provably secure language steganography methods. We provide theoretical proofs and experimentally demonstrate the applicability of our solution to various languages and models, showing its potential to significantly improve the reliability and security of neural linguistic steganography systems.

Provably Secure Disambiguating Neural Linguistic Steganography

TL;DR

This work tackles segmentation ambiguity in provably secure neural linguistic steganography caused by detokenization after subword-based generation. It introduces SyncPool, a distribution-preserving disambiguation framework that forms ambiguity pools from prefix-related tokens and employs synchronous sampling via a shared CSPRNG to ensure unambiguous extraction without altering the original token distributions. The authors provide theoretical security arguments and demonstrate, across English and Chinese contexts and multiple models, that SyncPool eliminates decoding errors while maintaining zero KL divergence and near-original perplexity, with only modest efficiency trade-offs. The method enables practical deployment of provably secure linguistic steganography in real-world language models. Code and experiments substantiate that SyncPool preserves security guarantees while significantly reducing segmentation-induced decoding failures.

Abstract

Recent research in provably secure neural linguistic steganography has overlooked a crucial aspect: the sender must detokenize stegotexts to avoid raising suspicion from the eavesdropper. The segmentation ambiguity problem, which arises when using language models based on subwords, leads to occasional decoding failures in all neural language steganography implementations based on these models. Current solutions to this issue involve altering the probability distribution of candidate words, rendering them incompatible with provably secure steganography. We propose a novel secure disambiguation method named SyncPool, which effectively addresses the segmentation ambiguity problem. We group all tokens with prefix relationships in the candidate pool before the steganographic embedding algorithm runs to eliminate uncertainty among ambiguous tokens. To enable the receiver to synchronize the sampling process of the sender, a shared cryptographically-secure pseudorandom number generator (CSPRNG) is deployed to select a token from the ambiguity pool. SyncPool does not change the size of the candidate pool or the distribution of tokens and thus is applicable to provably secure language steganography methods. We provide theoretical proofs and experimentally demonstrate the applicability of our solution to various languages and models, showing its potential to significantly improve the reliability and security of neural linguistic steganography systems.
Paper Structure (31 sections, 16 equations, 4 figures, 5 tables, 3 algorithms)

This paper contains 31 sections, 16 equations, 4 figures, 5 tables, 3 algorithms.

Table of Contents

  1. Instruction
  2. Background and Related Work
  3. Steganography System and Steganographic Security
  4. Provably Secure Neural Linguistic Steganography
  5. Segmentation Ambiguity
  6. Disambiguation Algorithm
  7. Basic Solution
  8. MWIS-based Solution
  9. Proposed Method
  10. Candidate Pool with Original Distribution
  11. Ambiguity Pool
  12. Synchronous Random Sampling
  13. Embedding
  14. Extraction
  15. Complexity
  16. ...and 16 more sections

Figures (4)

  • Figure 1: An example of segmentation ambiguity in generative linguistic steganography. The sender Alice generates a token sequence corresponding to subwords "_any" and "thing" during steganography embedding. During transmission, the stego-tokens are decoded into the text " anything". Unfortunately, the receiver Bob may retokenize " anything" as a single token "_anything". This can lead to errors in steganography extraction.
  • Figure 2: The provably secure disambiguating linguistic steganography consists of the existing provably secure steganography method and our proposed distribution-preserving disambiguation method SyncPool. We group the original probability distribution by prefix relationships, use the existing provably secure steganography method, e.g. Discop, to embed the message on the grouped distribution, and perform synchronized random sampling from the ambiguity pools using a shared random number between the sender and receiver to ensure unique message extraction. The probability distribution corresponding to the sampled tokens remains unchanged before and after implementing ambiguity elimination.
  • Figure 3: Different cases about prefix relationship.
  • Figure 4: Time consumption introduced by disambiguating algorithms. (a) Llama2; (b) Baichuan2.

Theorems & Definitions (2)

  • Definition 1
  • Definition 2