Pseudo-Random Error Correction

• Pseudo-random error correction is a method that uses shared PRNGs to synchronize encoding and decoding in linguistic steganography, ensuring statistical indistinguishability.
• It employs repetition codes, PRNG consistency checks, and neighborhood search to correct errors arising from substitutions, insertions, and deletions in token sequences.
• The approach delivers high decoding accuracy under adversarial tampering, maintaining secure message extraction in contemporary diffusion-based steganographic systems.

Pseudo-random error correction is a set of error management techniques in provably secure linguistic steganography that leverage shared pseudo-random number generators (PRNGs) to synchronize stochastic decisions during encoding and decoding. These techniques are crucial for maintaining reliable extraction of embedded messages in the face of non-malicious noise (e.g., segmentation ambiguities) and tampering (substitution, insertion, deletion) while preserving the statistical properties that guarantee perfect or computational security. Pseudo-random error correction is particularly pertinent in modern diffusion-based steganographic frameworks, where parallel sampling and strong adversarial threat models require robust and efficient error-handling mechanisms.

1. Formal Security and Robustness Models

Provably secure linguistic steganography schemes are formulated in a symmetric-key setting where the encoder and decoder share a secret key for the PRNG, and the channel is modeled as a generative LLM (autoregressive or diffusion). Correctness is defined as: $$\Pr_{k,h}[\,\mathcal{D}(k,h,\mathcal{E}(k,h,m))\neq m\,]<\delta$$ for negligible $\delta$ (Qi et al., 21 Jan 2026). Robustness is formalized against an adversarial tampering function $f\in\mathcal{F}_{\alpha,\beta,\gamma}$, which can apply up to $\alpha L$ substitutions, $\beta L$ insertions, and $\gamma L$ deletions to a length-$L$ token sequence. A stegosystem is $\delta$-robust if it can recover the original message with probability at least $1-\delta$ even after such perturbations: $$\Pr_{k,m,h}\bigl[\mathcal{D}(k,h,f(\mathcal{E}(k,h,m)))\neq m\bigr]<\delta$$ (Qi et al., 21 Jan 2026). Security guarantees require that, to any polynomial-time adversary lacking the key, the stegotext distribution is computationally indistinguishable from genuine LLM output, even with pseudo-random error correction mechanisms present.

2. Diffusion LLMs and Parallel Embedding

Traditional ARM-based PSLS approaches embed bits sequentially, making them vulnerable to error propagation—any corrupt token can desynchronize future decoding. In contrast, diffusion LLMs (DLMs) support parallel or partially parallel generation, enabling robust error correction by embedding in multiple independent token positions at each reverse denoising step (Qi et al., 21 Jan 2026). At each reverse step, the DLM samples $N_\mathrm{unmask}$ tokens; those with sufficient entropy (robust positions) are used redundantly for message embedding.

Let $\ell_s$ be the number of bits to embed at step $s$, determined by the min-entropy of the positions: $$\ell_s = \min_{j\in\mathrm{unmask}} \left\lfloor -\log_2 \max_x p_\theta(x \mid \mathbf{x}_t) \right\rfloor$$ If $N_\mathrm{unmask} \geq 3$, the same $\ell_s$-bit message fragment is injected into all robust positions using PRN offsets.

3. Pseudo-Random Error Correction Mechanisms

STEAD (Qi et al., 21 Jan 2026) implements layered pseudo-random error correction as follows:

3.1 Repetition Codes in Robust Positions

In each diffusion step where $N_s \geq 3$, the message fragment $\mathbf{m}_s$ is embedded identically across all robust positions using the PRN offset mechanism: $$r_s^j \leftarrow \left(r_s^j+\frac{\mathrm{dec}(\mathbf{m}_s)}{2^{\ell_s}}\right) \bmod 1$$ During extraction, the decoder recovers $\mathbf{m}_s$ at each position and applies majority voting (repetition code) to correct up to $\lfloor N_s/2 \rfloor$ substitution errors: $$\hat{\mathbf{m}}_s = \mathrm{Majority}\left(\{ \mathrm{dec}^{-1}(\mathrm{recovered\ bits}) \}_{j=1}^{N_s} \right)$$ This mechanism corrects errors that would otherwise derail sequential decoding.

3.2 Pseudo-Random Consistency Checks in Non-Robust Positions

Non-robust positions (e.g., those without sufficient entropy for embedding) generate tokens using standard PRNG-driven sampling. Upon extraction, the decoder resamples using the original PRN and compares it to the received token. A mismatch denotes tampering, which can be corrected on the spot:

• If $\mathrm{received\ token} \neq \mathrm{PRNG}$-sampled token, replace with the reference token.
• This provides single-symbol error detection and immediate recovery for substitutions outside robust positions.

3.3 Neighborhood Search (for Insertions/Deletions)

Insertions or deletions introduce token misalignment, not correctable by repetition or PRN resampling alone. STEAD addresses this by "neighborhood search": in case of extraction failure for a robust bit batch, it locally scans a window of size

$\mu = \max(2, |L - L'|)$

around the expected token index to find the actual embedded token, updating the alignment for future steps (Qi et al., 21 Jan 2026). This search, combined with PRNG-synchronized checks, efficiently recovers from moderate misalignments while preserving distributional indistinguishability.

4. Security Analysis

The security properties of pseudo-random error correction are rooted in the indistinguishability of PRNG outputs from true randomness and the structure of the embedding process:

• The encoder’s use of PRNG outputs offset by message-derived constants (for robust positions) produces samples indistinguishable from normal covertext, as the offset does not alter the marginal distribution.
• Error detection/correction mechanisms do not expose or bias the distribution, since both sender and receiver synchronize PRNGs and actions via the shared seed, and all error correction is internal to the decoding process.
• Robustness against $\mathcal{F}_{\alpha, \beta, \gamma}$-tampering is achieved if

$2(\alpha+\beta+\gamma) < \min_s \frac{N_s}{L}$

and the search window satisfies

$\beta + \gamma < \frac{\mu}{L}$

ensuring that the majority in any repetition block is uncorrupted, and global alignment can be maintained.

5. Empirical Performance and Effectiveness

In experiments with diffusion models and strong ARM baselines (Qi et al., 21 Jan 2026):

• Embedding capacity reaches $84$ bits per $1,000$ tokens (with $7.78$ bits/token entropy).
• Decoding success rate remains above $80\%$ under adversarial substitution rates up to $\alpha=0.2$, and for insertions/deletions up to $10$ tokens.
• Pseudo-random error correction (in conjunction with other mechanisms) yields steganalysis error rates near chance, and does not degrade statistical imperceptibility or perplexity.
• Repetition code and neighborhood search provide graceful degradation: performance drops only outside the designed error budget.

6. Relationship to Prior ARM-based PSLS and Token Ambiguity

Conventional ARM-based schemes (Meteor, Discop, SparSamp) are highly sensitive to sequential tampering: a single token error derails all subsequent decoding. Pseudo-random error correction—using non-sequential, parallelized redundancy plus PRNG-driven reconciliation—breaks this cascade, localizing errors and enabling recovery (Qi et al., 21 Jan 2026). For token ambiguity in subword models, PRNG-synchronized sampling also underpins disambiguation modules (e.g., SyncPool (Qi et al., 2024)), making pseudo-random error correction a unifying principle for both robustness and soundness in contemporary steganography.

7. Limitations and Potential Improvements

Pseudo-random error correction is most effective when combined with sufficient parallelism (as in DLMs), robust error-correcting codes (e.g., repetition or more advanced schemes when position entropy allows), and well-calibrated neighbor search for misalignments. Its performance may degrade with low entropy per position or if large-scale coordinated attacks exceed the correctable fraction per embedding batch. Future extensions may exploit adaptive redundancy and hybrid codes, or integrate dynamic window search methods for more complex tampering patterns.

---

For an authoritative technical exposition and empirical details, see "STEAD: Robust Provably Secure Linguistic Steganography with Diffusion LLM" (Qi et al., 21 Jan 2026).