Steganography

Steganography Means “covered or secret writing” A brief history

440 BC: Tattoos on slaves heads Wax covered tablets

WWII Image Substitution Null Ciphers Microdots

Today Technology taking advantage of these old techniques

Null ciphers Coding in images, audio, video and microdot

Possible Uses of Steganography Drawbacks

Combine explanatory information with an image

Could degrade or render an image useless

Embed corrective audio or image data in case of corrosion

Could counteract and be counterproductive with original image

Private Communications Doesn’t hide the fact an e-mail was sent

Posting secret communications on Web to avoid transmission

Third parties with steganography detection and cracking tools can view message

Copywrite protection Steganographic software can’t protect the watermark

Maintaining anonymity Easier to open free Web-based e-mail

What It Does

Hides information needing to be kept secret in unused, redundant parts of data

Data most often hidden in: Text/Word documents Audio files Digital images

Text

Very challenging – small amounts of repetitive data Line-shift encoding: actually shifting the line of text up

or down Value depends on whether the line was up or down

from a stationary line Word-shift encoding: uses horizontal space between

words to obtain a value for the hidden message Feature specific encoding: encoding a secret

message by changing certain attributes such as the length of letters

Audio

The MOST challenging Sample Quantization: 16-bit linear sampling

architecture used for WAV and AIFF formats Temporal Sampling Rate: uses selectable

frequencies; the higher the sample rate the more usable data will become

Perceptual Sampling: usually an MP3 file, changes statistics of audio by only encoding parts listener can perceive Perceived sound maintained but actual signal is

changed

Digital Images

Anything that can be encoded in a bit-stream can be hidden in digital image

Cover Images can be: 8-bit:

256 color choices Small file size

24-bit: 16 million color choices Large file size

Gray-scale: Shades very only slightly from byte to byte

Methods of Image Encoding Least Significant Bit Encoding

Three bits of data encoded into each pixel of 24-bit image; one bit encoded into each pixel of 8-bit image

Ex: Binary A can be hidden into 3 pixels(00100111 11101001 11001000)(00100111 11001000 11101001)(11001000 00100111 11101001)

Inserting Binary value of A (10000011) into three pixels, beginning from top left byte:

(00100111 11101000 11001000)(00100110 11001000 11101000)(11001000 00100111 11101001)

Susceptible to slight changes to image or format 8-bit images less forgiving because of color restrictions

Masking and Filtering Extends image data by putting secret data over the original Immune to manipulation **Important: Watermarking is not Steganography

Watermarks become part of image and are noticeable

Algorithms & Transformations Discrete Cosine Transformation

Used to compress JPEG images Variances will depend on the values and methods used to

calculate DCT Luminance

Uses spread spectrum techniques or redundant pattern matching

Help protect against image processing techniques Fourier Transformations Wavelet Transformations

Hide information more thoroughly than masking Support image manipulation more readily than LSB

Security

Cryptography vs. Steganography Cryptography: scrambles messages to obscure

the messages meaning Steganography: hides the message entirely

Stronger encryption methods result when Steganography and Cryptography are combined

Three Steganography protocols that utilizes concepts similar to Cryptography

Pure Steganography

Least Secure Does not require the exchange of a cipher

key Sender and receiver have to assume no third

parties know of the message

Secret Key Steganography

Secret key must be exchanged prior to communication

Only parties who know the secret key can read the secret message

Exchanging of key makes it more vulnerable

Public Key Steganography

Use of both private and public key to ensure security

Sender uses public key during encoding process

Recipient uses private key during decoding process

Offers multiple levels of security

Steganalysis

Detecting hidden messages using Steganography Majority of stego-images do not reveal visual

clues in the cover-image Possible to detect hidden image with electronic

signatures & Stego software

Signatures

Simplest signature to recognize is increase in file size

Other signatures may become apparent in some form of manipulation to the color palette Large increase or decrease in number of unique colors Palette colors increasing incrementally rather than

randomly Exception: Gray-scale images do increase incrementally Look for disproportionate number of shades of black

Statistical Analysis

Average bytes Variation of bytes Skew Kurtosis Average deviation Differential values

Destroying or Disabling

Convert the image to different format Any formatting:

Cropping Blurring Sharpening, etc.

References

Cole, Eric. Hiding in Plain Sight. Steganography and the Art of Covert Communication. Indianapolis, Indiana: Wiley Publishing, Inc. 2003.

Jajodia, Sushil & Johnson, Neil. Exploring Steganography: Seeing

the Unseen. April 12, 2005. URL: http://www.jjtc.com/pub/r2026.pdf

Radcliff, Deborah. Steganography: Hidden Data. June 10, 2002. Computer World. April 10, 2005. URL: http://www.computerworld.com/printthis/2002/0,4814,71726,00.html