MRF has been undergoing development on two levels – one exploring the theoretical space, the other examining ways to implement some of the theoretical aspects that are becoming reasonably well understood.
For example, it is now clear that the MRF family of steganographic techniques can be divided into two main branches.
One is codenamed MRF1, the branch that has been studied extensively, and the other, not unsurprisingly, is MRF2, which has not been studied except in the most cursory way. It is orders of magnitude more complex than MRF1.
MRF1 has several sub-branches and even branches below that, with some interesting potential for sending exactly the same information cloaked in ways that are sufficiently different that the various forms do not appear to be even remotely related.
MRF1 can even emulate other forms of steganography – for example, the Fleissner Turning Grille.
One of the most interesting aspects of MRF in general is that for some branches it is not necessary to exchange the key – an indirect reference to the key is all that need be exchanged, and that exchange can itself be cloaked.
MRF1 appears to have a broad spectrum of potential applications.
For example, it can be implemented as a software application in a number of environments (development at present is focusing on Android devices), under which usage it may be employed to cloak either part or all of a plain text message, using any one of several different types and levels of cloaking. The cloaked text can be embedded in the plain text by the simple means of surrounding it with square brackets ([…]).
Thus a Tweet, an email, a Wall post, or any free text entry in a Web form can contain private and personal information that, even if made public by accident or design, will not readily reveal its contents to the observer who does not possess the correct key.
For example, I can write a paragraph and reveal an instruction to [suroslamondyeteshmetintui] in a way that is very difficult to decrypt without knowing the key. (This form is the most elemental of MRF1 and wouldn’t necessarily stand up to brute force searching of the entire range of possible re-arrangements, although as with many anagrams, multiple arrangements may be possible that are all equally likely to be correct (or incorrect)).
I read recently of someone who thought they were inviting a few close friends to a birthday party through a well-known social networking site and instead had tens of thousands of respondents saying that they would turn up. If MRF1 had been available then and used to cloak the invitation, only those who had been given the key to decloak the details would have known what it was about, when and where it would take place, and there would have been no embarrassment.
MRF1 could also be implemented at the OS level, under which it could operate as a function available to any application, such as an email client, a browser, an office productivity application, a graphics program, and so on.
MRF1 could also be implemented as part of a supervisory executable, (similar in operation to those applications that decompress compressed executable code on the fly, allowing programs to occupy less space, both on storage devices and in memory), without unduly slowing down the program’s execution.
For example, any executable may have its contents re-arranged according to an MRF1 key, rendering it impossible to execute as-is. The supervisory executable would apply the key to the cloaked code, executing the instructions according to the sequence dictated by the key as if they were meta-instructions (p-code or bytecode, for example).
If the original executable is updated or modified, its code sequence can be re-arranged so that a different key is required, eliminating the possibility of using an old key with a new release.
Some aspects of MRF1 are now in the process of moving from theory to the definition of proposed usage including the creation of likely Use Cases and a GUI for an application (at this stage, under Android 2.1 using the Eclipse IDE).
It should be a short step from there to alpha-testing.
In parallel, preparations are under way to create one or more preliminary patent filings in order to begin the process of protecting this valuable intellectual property.
Further information will follow as development proceeds.
MRF - The Privacy Tool 