Provably Secure Steganography Based on List Decoding

TL;DR

This paper introduces a provably secure steganography scheme based on list decoding that significantly improves embedding capacity in language models while maintaining security, using a suffix-matching mechanism for correctness.

Contribution

It presents a novel list decoding approach for steganography with theoretical security proofs and practical efficiency, addressing capacity limitations of existing schemes.

Findings

Achieves higher embedding capacity than prior PSS schemes.

Maintains computational efficiency comparable to existing methods.

Demonstrates effectiveness across multiple LLMs and baselines.

Abstract

Steganography embeds secret messages in seemingly innocuous carriers for covert communication under surveillance. Current Provably Secure Steganography (PSS) schemes based on language models can guarantee computational indistinguishability between the covertext and stegotext. However, achieving high embedding capacity remains a challenge for existing PSS. The inefficient entropy utilization renders them not well-suited for Large Language Models (LLMs), whose inherent low-entropy tendencies severely constrain feasible embedding capacity. To address this, we propose a provably secure steganography scheme with a theoretically proved high capacity. Our scheme is based on the concept of list decoding: it maintains a set of candidates that contain the correct secret message, instead of directly finding the correct message with more effort. This strategy fully utilizes the information content of the generated text, yielding higher capacity. To ensure the correctness of our scheme, we further introduce a suffix-matching mechanism to distinguish the correct secret message from the candidates. We provide theoretical proofs for both the security and correctness of our scheme, alongside a derivation of its theoretical capacity lower bound. Our approach is plug-and-play, requiring only a direct replacement of the model's standard random sampling module. Experiments on three LLMs and seven PSS baselines demonstrate that our method achieves computational efficiency comparable to prior PSS schemes while delivering a substantial improvement in embedding capacity.