Steganography
Contents
What
is Steganography?
Steganography
is the art and science of hiding one message inside another in such a way that
the presence of the hidden message is unknown.
Steganography
is derived from Greek, literally means covered writing
The
difference between cryptology and steganography is one of objective:
Cryptology
takes a message and encrypts it so that it can not be read by a third party.
However the third party is aware of the presence of the message.
Steganography
goes a step further and hides a message inside a stego-object (eg: digital
sound, images), in such a way that the presence of the message is undetectable.
History
Historic
Examples (in the World War I/II)
Invisible
inks (e.g.: milk, lemon juice). All of these liquids dry on the paper such that
they can not be seen, but darken when heated in order to reveal the hidden
message.
Selected
Characters
Minute
differences between handwritten characters.
Steganography
used nowadays?
Lately,
al-Qaeda operatives have been sending hundreds of encrypted messages that have
been hidden in files on digital photographs on the auction site eBay.com
.The
volume of the messages has nearly doubled in the past month, indicating to some
U.S. intelligence officials that al-Qaeda is planning another attack.
- USA Today, 10 July 2002
Authorities also are investigating information from detainees that
suggests al Qaeda members -- and possibly even bin Laden -- are hiding messages
inside photographic files on Web sites.
- CNN, 23 July 2002
Terms
The
word cover is used to describe the
original, unaltered media, i.e. cover image.
The
term embedded is used to denote the information that hidden inside the cover
image.
The
objective Stego is used to describe the combined product; a cover image with a
text message embedded within it is called a stego-image.
Steganography
methods
Basic
methods
-
Textual
Steganography
-
Image
Steganography
-
Audio
Steganography
Textual
Steganography:
It
is also called null cipher, or unencrypted message.
The
premise for null ciphers is to hide an important message within an uninteresting
innocent message so as not to raise suspicious.
Example:
A message could be concealed in the second letter of every word in a
cover message.
"Accepted
your overture. Next Friday, about eleven, come away anywhere."
Message
is Cover blown
One
known message sent by a German spy
was:
Apparently
neutrals protest is thoroughly discounted and ignored. Isman hard hit.
Blockade issue affects pretext for embargo on by-products, ejecting suets
and vegetables oils.
Pershing sails from
NY June 1.
Random
Position Textual Steganography
Rather than to use fixed
position letters for embedding messages, we can also use random position letters
and sending this random positions separately , and message can be extracted at
receiver end.
Image
Steganography
Digital
Image
In order to understand how steganography is applied to digital images,
one must understand what digital images are.
On a computer, an image is an array of numbers that represent light
intensities at various points (pixels). Images
can have 8 bits per pixel or 24 bits per pixel.
With
8 bits/pixel, there are 256, color varieties.
With 24 bits/pixel there are 16,777,216, color varieties.
Color
variation for a pixel is derived from 3 primary colors: red, green, and blue.
24 bit image example:
24 bit images use 3 bytes to represent
a color value (8 bits = 1 byte)
1 pixel = (00100111 11101001
11001000)
red
green blue
Image
Steganography Technique
Least
Significant Bit Encoding (LSB):
The idea behind the LSB algorithm is to insert the bits of the hidden
message into the least significant bits of the pixels.
Simplified Example with an 8 bit pixel:
1 pixel: (00
01
10
11)
white red
green blue
Insert 0011:
(00
00
11
11)
white white
blue
blue
Disadvantages
and advantages of LSB
As
can be inferred from the example with the 8 bit pixel, applying LSB insertions
can alter the color constituents of the pixel.
This could lead to noticeable differences from the cover image to the
stego image, thus alerting observers of the existence of steganography.
Advantages
of LSB Insertion:
A
major advantage of the LSB algorithm is it is quick and easy.
LSB
insertion is secure.
Theoretically,
a small change in the least significant bit (The Bits that holds the least
amount of information) should not affect the overall representation of the
number significantly
Steganograhic
methods rely on the fact that the last significant bit has equal probability of
having a values [0 1]; The LSB of the binary representation should be considered
to be the noise of the image.
Steganography
Available Software
Some
of the most popular programs that use
Images/audio
files as the cover files are:
Hide and Seek
White Noise Storm
S-Tools
MP3 Stego
Hide and Seek
Runs on windows.
Uses GIF image Files as the cover files, hiding data in pseudo-randomly
chosen LSBs.
The message is also encrypted before it is embedded into the cover image.
The weakness is that it only works with images of certain dimensions. For
example, either
320x200 or 640x480 pixels.
If the image is smaller than the minimum, then the stego-image is padded
with black space.
If the cover image is larger, then the stego-image is cropped to fit.
White
Noise Storm
Runs on DOS.
It uses image files as its cover medium
It is able to embed text messages into the cover file.
WNS will also encrypt the messages before combining it with the cover
image.
The disadvantage of WNS is that it takes a much larger file to hold the
same amount of information as the other tools.
Notice
the noise interfering with the image
Integrity
on the right.
S-Tools
It is very popular steganography program
It is able to embed secret messages into a variety of file types,
including GIF and BMP images and audio files.
In order to
work its magic on image files, S-Tools reduces the color palette to 32 colors,
and then produces a few variations of these colors that are only
different by one bit.
The
disadvantage of S-Tools:
-
is that by operating on the colors like this, it creates a very predictable
spread of colors in the image.
-
Thus once the characteristic signature is known, one can check images
against the data and be able to tell if there is a hidden message in there
via S-Tools.
MP3 Stego
It uses MP3 audio files as the cover medium.
The secret data is compressed, then encrypted, and then encoded into the
audio stream as it is being converted.
The problem with this technique is that if an MP3 file is uncompressed
and then re-encoded, the hidden information will be lost.
Steganalysis
It
is the growing field of detection of hidden information in possible stego-objects.
Detection Reading/Removing
Detection
When
the stego object is available for analysis, There are two categories of methods
that can be used for detecting hidden
messages.
Signature Detection
Blind Detection
Signature
Detection
Involves checking image files for a signature that is left behind by the
program used to create the stego-image.
The various algorithms that are used to hide these messages, leave a
general well-known recognizable signatures within the file
The downfall of the signature detection is that any steganography
algorithm for which the signature is not known will go undetected.
Blind Detection
A company named Wetstone Technologies created a large Database called the
Steganography Index library (SIL)
They studied a large number of images of different types that have been
encoded with various steganograhy algorithms.
They then tested a
number of images, both unaltered and stego-images, against the data in the SIL
The results show that the clean images contained unique characteristics
that were not found in the images with hidden messages inside.
The research is still undergoing development.
Reading/Removing
Once
the presence of hidden data has been discovered, the attacker may try to extract
the message in order to read it. This is quite difficult, if not impossible, as
the algorithms used to encode the messages are not always easily reversible.
Even if the
attacker is able to extract the hidden information, the message itself may have
been encrypted before being hidden inside the image. So the attacker has to
break the encryption algorithm.
Because of these, the attacker could chose to either destroy the hidden
message, or encrypt a false message (if the steganograhic and encryption
algorithms are known).
Destroying the information is very simple task for instance:
Converting the image to a different file type and back will destroy the hidden
message.
Altering the image with image processing software, such as resizing, stretching,
or deleting a line of pixels out of the image.
Even
if the image is too obviously altered , there is a chance that the receiver will
know that the communication has been broken.
Commercial
Steganograhic Application
Digital Watermarking
The
raise of high-bandwidth in internet gives user ability to download audio, video,
movies and multi media easily over the internet.
This raises the problem of large-scale unauthorized pirating.
Therefore, the idea of putting ID on these materials has
emerged to protect copyrights.
The basic idea is that these ID can help identify and prosecute copyright
violators.
Companies are hoping to be able to add information to digital media files
that will identify them and reveal information about their source.
