The ability to securely transfer data between remotely located terminals is a necessary requirement for many present day applications, in particular where the data being transferred is confidential, such as in electronic transactions of financial and/or other confidential data between remotely located terminals.
Cryptography is one known way of securely transmitting information. Conventionally, a signal comprising the confidential information is encrypted at a sending device using an encryption key, which encrypts the information in accordance with a selected algorithm. The encrypted signal comprising the encrypted information is subsequently transmitted to a receiving device. To recover the encrypted information a decryption key is used at the receiving device.
The security of known cryptographic protocols often resides in the computational complexity required to derive the decryption key. In practice, the computational complexity required to crack a cryptographic protocol often means that several hours, if not days are required to crack the protocol! However, the increasing complexity of the applied encryption algorithms has the converse undesired effect of increasing the computational power required at the receiving end, to carry out decryption. Increasingly sophisticated specialised hardware is required to provide such robust levels of security.
In real world cryptographic applications, often the level of security is sacrificed, in favour of minimising implementation costs. In such applications, the cost saving of using lower level security protocols is perceived as justifying the decrease in afforded security. This is particularly true in relatively low-cost transmission systems, such as networked lottery ticket issuing terminals, where the value of the lottery ticket itself and the associated hardware do not justify investing in state of the art cryptographic systems. As a result, often such systems are relatively insecure.
A further shortcoming associated with known cryptographic systems, is that the presence of encrypted data itself, may be sufficient to alert and attract the unwanted attention of a malevolent third party. After all, only sensitive and confidential information tends to be encrypted. Thus, in effect whilst cryptography can be very successful in maintaining the confidentiality of sensitive information in transit, it can also alert a malevolent third party to the existence of such data in the first instance.
Steganography provides a known way of overcoming the afore described shortcoming associated with known cryptographic protocols. Effectively, steganography is the art and science of writing hidden messages in such a way that no one, apart from the sender and intended recipient, suspects the existence of the message, a form of security through obscurity. Often this is achieved by hiding a confidential message within a “carrier” message. The carrier message effectively disguises the confidential message. In this way, the steganographic message does not attract the unwanted interest of malevolent third parties.
In practice, steganographic messages are commonly comprised of a carrier file, within which the confidential information is disguised. For example, often text files, such as PDF files are used as the carrier, and the confidential information is disguised within the text of the file in accordance with an algorithm. The more complex the algorithm the greater the provided security. However, this improved security requires increased processing capabilities at both the sender and the receiver, which inevitably increases the costs of the required hardware.
It is clear that there is a need for improved secure transmission methods for use in low-cost applications, and it is an object of the present invention to provide an improved, secure transmission system and method which is simple to implement, at relatively low cost, and does not suffer the shortcomings of the prior art systems.