STEGANOGRAPHY

1INTRODUCTION

Steganography comes from the Greek and literally means Covered writing It is one of

various data hiding techniques which aims at transmitting a message on a channel where

some other kind of information is already being transmitted This distinguishes

steganography from covert channel techniques which instead of trying to transmit data

between two entities that were unconnected before

The goal of steganography is to hide messages inside other ldquoharmlessrdquo messages in a way

that does not allow any ldquoenemyrdquo to even detect that there is a second secret message present

The only missing information for the ldquoenemyrdquo is the short easily exchangeable random

number sequence the secret key without the secret key the ldquoenemyrdquo should not have the

slightest chance of even becoming suspicious that on an observed communication channel

hidden communication might take place

Steganography is closely related to the problem of ldquohidden channelsrdquo n secure operating

system design a term which refers to all communication paths that cannot easily be restricted

by access control mechanisms In an ideal world we would all be able to sent openly

encrypted mail or files to each other with no fear of reprisals However there are often cases

when this is possible either because the working company does not allow encrypted email or

the local government does not approve of encrypt communication (a reality in some parts of

the world) This is where steganography can come into play

Data hiding techniques can also be classified with respect to the extraction process

1048766 Cover Escrow methods need both the original piece of information and the encoded one in

order to extract the embedded data

1048766 Blind or Oblivious schemes can recover the hidden message by means only of the encoded

Steganography has developed a lot in recent years because digital techniques allow new

ways of hiding informations inside other informations and this can be valuable in a lot of

situations The first to employ hidden communications techniques -with radio transmissions

were the armies because of the strategic importance of secure communication and the need

to conceal the source as much as possible Nowadays new constraints in using strong

encryption for messages are added by international laws so if two peers want to use it they

can resort in hiding the communication into casual looking data This problem has become

more and more important just in these days after the international Wassenaar agreement

with which around thirty of the major - with respect to technology - countries in the world

decided to apply restrictions in cryptography export similar to the USrsquos onesAnother

application of steganography is the protection of sensitive data A file system can be hidden

in random looking files in a hard disk needing a key to extract the original files This can

protect from physical attacks to people in order to get their passwords because maybe the

attacker canrsquot even know that some files are in that disk The major concern of steganography

is stealth because if an attacker either passive or active can detect the presence of the

message from that point he can try to extract it and if encrypted to decrypt it The resistance

to attempt at destruction or noise is not required since we consider the sender and the

receiver equally interested in exchanging messages so that they will try to transmit the stego-

medium in the best way they can If the stego-data can be transmitted over the selected

channel and this is usually the case with all the media that are used like images or sounds

then the embedded data will be preserved along with them Thus data hiding techniques for

steganography must focus on the maximum strength against detection and extraction As a

second request we would prefer a high data rate because we will usually want to be able to

exchange any amount of data from simple messages to top secret images

2STEGANOGRAPHY AND CRYPTOGRAPHY

Cryptography is the study of hiding information and it is used when communicating over an

untrusted medium such as internet where information needs to be protected from other third

parties Modern cryptography focuses on developing cryptographic algorithms that are hard

to break by an adversary due to the computational hardness therefore could not be broken by

a practical means In the modern cryptography there are three types of cryptographic

algorithms used called Symmetric key cryptography Public-key cryptography and hash

functions Symmetric key cryptography involves encryption methods where both the sender

and the receiver share the same key used to encrypt the data In Public-key cryptography two

different but mathematically related keys are used Hash functions does not use a key instead

they compute a fixed length hash value from the data It is impossible to recover the length or

the original plain text from this hash value

The study of hiding information is called Cryptography When communicating over an

untrusted medium such as internet it is very important to protect information and

Cryptography plays an important role in this Today cryptography uses principles from

several disciplines such as mathematics computer science etc Steganography deals with

composing hidden messages so that only the sender and the receiver know that the message

even exists Since nobody except the sender and the receiver knows the existence of the

message it does not attract unwanted attention

Fig Steganographic model

FigSymmetric-key cryptographic model

Fig Unifying model

Steganography deals with composing hidden messages so that only the sender and the

receiver know that the message even exists Since nobody except the sender and the receiver

knows the existence of the message it does not attract unwanted attention Steganography

was used even in ancient times and these ancient methods are called Physical Steganography

Some examples for these methods are messages hidden in messages body messages written

in secret inks messages written on envelopes in areas covered by stamps etc Modern

Steganography methods are called Digital Steganography These modern methods include

hiding messages within noisy images embedding a message within random data embedding

pictures with the message within video files etc Furthermore Network Steganography is

used in telecommunication networks This includes techniques like Steganophony (hiding a

message in Voice-over-IP conversations) and WLAN Steganography (methods for

transmitting Steganograms in Wireless Local Area Networks) there are three types of

cryptographic algorithms used called Symmetric key cryptography Public-key cryptography

and hash functions Symmetric key cryptography involves encryption methods where both

the sender and the receiver share the same key used to encrypt the data

Fig Mapping between model components

Steganography and cryptography are cousins in spy-craft family Cryptography scrambles a

message so it cannot be understood Steganography hides the message so it cannot be seen A

message in cipher text for instance might arouse suspicion on the part of the recipient while

an ldquoinvisiblerdquo message created with steganographic methods will not

In this way we can say that steganography completes cryptography and actually there are

usually two ciphers to break when trying to extract the embedded message one is the one

with which the message was embedded and the other is the one with which the message was

enciphered

Cryptography is the study of hiding information while Steganography deals with composing

hidden messages so that only the sender and the receiver know that the message even exists

In Steganography only the sender and the receiver know the existence of the message

whereas in cryptography the existence of the encrypted message is visible to the world Due

to this Steganography removes the unwanted attention coming to the hidden message

Cryptographic methods try to protect the content of a message while Steganography uses

methods that would hide both the message as well as the content By combining

Steganography and Cryptography one can achieve better security The major concern of

steganography is stealth because if an attacker either passive or active can detect the

presence of the message from that point he can try to extract it and if encrypted to decrypt

it The resistance to attempt at destruction or noise is not required since we consider the

sender and the receiver equally interested in exchanging messages so that they will try to

transmit the stego-medium in the best way they can If the stego-data can be transmitted over

the selected channel and this is usually the case with all the media that are used like images

or sounds then the embedded data will be preserved along with them

3Image based steganography

Embedding a message into an image requires two files The first is the innocent-looking

image that will hold the hidden information called the cover image The second file is the

messagemdashthe information to be hidden A message may be plain-text cipher-text other

images or anything that can be embedded in a bit stream When combined the cover image

and the embedded message make a stegoimage A stego-key (a type of password) may also

be used to hide then later decode the message Most steganography software recommends the

use of lossless 24-bit images such as BMP The next-best alternative to 24-bit images is 256-

coloror gray-scale images The most common of these are GIF files

Steganographic systems uses images as cover media because people often transmit digital

pictures over email and other Internet communication (egeBay)Moreoverafter

digitalizationimages contain the so-called quantization noise which provides space to embed

data (Westfeld and Pfitzmann 1999) In this article we will concentrate only on images as

carrier media

The modern formulation of steganography is often given in terms of the prisonersrsquo problem

(Simmons 1984 Kharrazi et al 2004) where Alice and Bob are two inmates who wish to

communicate in order to hatch an escape plan However all communication between them is

examined by the warden Wendy who will put them in solitary confinement at the slightest

suspicion of covert communication

Steganography was used even in ancient times and these ancient methods are called Physical

Steganography Some examples for these methods are messages hidden in messages body

messages written in secret inks messages written on envelopes in areas covered by stamps etc

Modern Steganography methods are called Digital Steganography

Specifically in the general model for steganography we have Alice (the sender) wishing to

send a secret message M to Bob (the receiver) in order to do this Alice chooses a cover

image CThe steganographic algorithm identifies Crsquos redundant bits (ie those that can be

modified without arising Wendyrsquos suspicion) then the embedding process creates a stego

image S by replacing these redundant bits with data from M S is transmitted over a public

channel (monitored by Wendy) and is received by Bob only if Wendy has no suspicion on it

Once Bob recovers S he can get M through the extracting process

Fig ISC embedded process

The embedding process represents the critical task for a steganographic system since S must

be as similar as possible to C for avoidingWendyrsquos intervention (Wendy acts for the

eavesdropper) Least significant bit (LSB) insertion is a common and simple approach to

embed information in a cover file it overwrites the LSB of a pixel with anMrsquos bit

Fig ISC extracting process

Unfortunately modifying the cover image changes its statistical properties so eavesdroppers

can detect the distortions in the resulting stego imagersquos statistical properties In fact the

embedding of high-entropy data (often due to encryption) changes the histogram of colour

frequencies in a predictable way (Provos and Honeyman 2003 Westfeld and Pfitzmann

1999) Westfeld (Westfeld 2001) proposed F5 an algorithm that does not overwrite LSB and

preserves the stego imagersquos statistical properties (see Sect 52) Since standard

steganographic systems do not provide strong message encryption they recommend to

encrypt M before embedding Because of this we have always to deal with a two-steps

protocol first we must cipher M (obtaining Mrsquo) and then we can embeded M in C

Figure shows the result of such comparison obtained using a JPEG cover set Cset of 20

images (1024 x 768 average size 330 KB) In every image of Cset we have embedded a

canto from Dantersquos Divina Commedia (about 5 KB for each canto) with a JPEG quality

factor set to 80 Only for ISC we also used the images of Cset as key images The mean

difference (in percentage) for every AC coefficient in the interval [minus88] is shown on the

yaxis in Fig 7 in particular the black columns represent the differences introduced by F5

embedding step while the white ones correspond to the number of modifications yielded by

ISC embedding process As one can notice the respective difference values are comparable

Em1 is a simplified version of ISC because actually ISC spreads M over the entire stego

image yielding the same embedding density everywhere In doing this ISC neither uses

permutative straddling nor matrix encoding but simply divides the nonzero coefficients array

in blocks of the same length If necessary only one of the coefficients in each block is

modified Furthermore ISC presents an on-line mechanism for correcting the statistical

deviations created by the embedding step If the message length is sufficiently short (ie it is

less than the number of AC nonzero coefficients) ISC transforms useless coefficients in

order to restore the original statistical properties characterizing the cover medium

As an example if ISC transforms an AC coefficient from -1 into -2 when it encounters the

first unused -2 it transforms this value in -1 in order to reequilibrate the histogram Naturally

the more information we embed in the cover image the less ISC can correct the introduced

modifications If we choose a 24-bit image as cover we can store 3 bits in each pixel To the

human eye the resulting stego image will look identical to the cover image (Johnson and

Jajodia 1998)

Fig ISC technique

In the next sections we will present a new all-in one method able to perform steganography

providing strong encryption at the same time Our method has been planned either to work

with bit streams scattered over multiple images (in an online way of functioning) or to work

with still images it yields random outputs in order to make steganalysis more difficult and it

can cipher M in a theoretically secure manner preserving the stego imagersquos statistical

propertiesThe simplicity of our method gives the possibility of using it in real-time

applications such as mobile video communication

4Some history

The first description of the use of steganography dates back to the Greeks Herodotus tells

how a message was passed to the Greeks about Xersesrsquo hostile intentions underneath the wax

of a writing tablet and describes a technique of dotting successive letters in a cover text with

a secret ink due to Aeneas the Tactician Pirate legends tell of the practice of tattooing secret

information such as a map on the head of someone so that the hair would conceal it

Steganography is the art and science of writing hidden messages in such a way that no one

apart from the sender and intended recipient suspects the existence of the message a form of

security through obscurity The word steganography is of Greek origin and means concealed

writing from the Greek words steganos meaning covered or protected and graphei

(γραφή) meaning writing The first recorded use of the term was in 1499 by Johannes

Trithemius in his Steganographia a treatise on cryptography and steganography disguised as

a book on magic Generally messages will appear to be something else images articles

shopping lists or some other covertext and classically the hidden message may be in

invisible ink between the visible lines of a private letter

The advantage of steganography over cryptography alone is that messages do not attract

attention to themselves Plainly visible encrypted messagesmdashno matter how unbreakablemdash

will arouse suspicion and may in themselves be incriminating in countries where encryption

is illegal[1] Therefore whereas cryptography protects the contents of a message

steganography can be said to protect both messages and communicating parties

Steganography includes the concealment of information within computer files In digital

steganography electronic communications may include steganographic coding inside of a

transport layer such as a document file image file program or protocol Media files are ideal

for steganographic transmission because of their large size As a simple example a sender

might start with an innocuous image file and adjust the color of every 100th pixel to

correspond to a letter in the alphabet a change so subtle that someone not specifically

looking for it is unlikely to notice it

Kahn tells of a trick used in China of embedding a code ideogram at a prearranged position in

a dispatch a similar idea led to the grille system used in medieval Europe where a wooden

template would be placed over a seemingly innocuous text highlighting an embedded secret

message Invisible ink offered a common form of invisible writing

Early in WWII steganographic technology consisted almost exclusively of these inks With

invisible ink a seemingly innocent letter could contain a very different message written

between the lines During WWII the grille spies used method or some variants In the same

period the Germans developed microdot technology which prints a clear good quality

photograph shrinking it to the size of a dot During the Cold War period USSR and US

wanted to hide their sensors in the enemyrsquos facilities These devices had to send data to their

nations without being spotted

5SOME DEFINITIONS

We give some definitions common to the steganography field

Cover medium This is the medium in which we want to hide data it can be an innocent

looking piece of information for steganography or some important medium that must be

protected for copyright or integrity reasons

Embedded message This is the hidden message we want to put in the cover It can be some

data for steganography and some copyright informations or added content for digital

watermarking

Stegokey This is represented by some secret information which is needed in order to extract

the embedded message from the stegomedium

Stego-medium This is the final piece of information that the casual observer can see

We can define this simple formula

Cover-medium + embedded-message = stego-message

6BASIC METHOD BEHIND STEGANOGRAPHY

FigSteganography process

7IMAGE FILES

To a computer an image is an array of numbers that represent an array of numbers that

represent light intensities at various points or pixels These pixels make up the imagersquos raster

data A common image size is 640 480 and 256 colors (or 8 bits per pixel) Such an image

could contain about 300 kb of data Digital images are typically stored as either 24-bit or 8-

bit files A 24-bit image provides the most space for hiding information however it can be

quite large except for the JPEG images A 24-bit image of 1024 pixels width and 768 pixels

height has more than two million pixels each having 24-bits which would produce a file

exceeding 2 Mega bytes Such a file would attract attention during transmission File

compression would thus be beneficial if not necessary to transmit such a file

71File compression

There are two types of file compression methods- lossless and lossy Both methods save

storage space but have different results interfering with the hidden information when

information is uncompressed Lossless compression lets us reconstruct the original message

exactly therefore it is preferred when the original information must remain intact (as with

steganographic images) Lossless compression as typical of images saved as GIF and 8-bit

BMP Lossless compression on the other hand saves space but may not maintain the original

imagersquos integrity This method typifies images saved as JPEG Due to the lossy compression

algorithm which we discuss later the JPEG formats provide close approximations to high-

quality digital photographs but not an exact duplicate Hence the term ldquolossy compressionrdquo

72Embedding data

Embedding data which is to be hidden into an image requires two files The first is the

innocent looking image that will hold the hidden information called the cover image The

second file is the message- the information to be hidden A message may be plain text cipher

text other images or anything that can be embedded in a bit stream when combined the

cover image and the embedded message make a stegoimage A stego-key (a type of

password) may also be used to hide and then later decode the message

Most steganographic software neither supports not recommends using JPEG images But

recommends instead the use of lossless 24-bit images such as BMP The next best alternative

to 24-bit images is 256- color or gray scale images The most common of these found on the

Internet are GIF files

Every AC coefficient in the interval [minus88] is shown on the yaxis in Fig 7 in particular the

black columns represent the differences introduced by F5 embedding step while the white

ones correspond to the number of modifications yielded by ISC embedding process

Fig ISC for JPEG sequence(Embedded step)

FigISC for JPEG sequence(Extracting step)

In 8-bit color images such as GIF files each pixel is represented by a single byte and each

pixel nearly points to a color index able (a palette) with 256 possible colors The pixels value

is between 0 and 255 The software simply paints the indicated color on the screen at the

selected pixel position

Many steganography experts recommend the use of images featuring 256 shades of grapy

Gray scale images are preferred because the shades change very gradually from byte to byte

and the less the value changes between palette entries the better they can hide information

When considering an image in which to hide information you must consider the image as

well as the palette Obviously an image with large areas of solid colors is a poor choice as

variances created from the embedded massage will be noticeable in the solid areas

73 Data embedded security system

The choice of embedding algorithm in the most cases is driven by the results of the

steganographic channel robustness analysis One of the areas that improves steganographic

robustness is usage of a key scheme for embedding messagesVarious key steganographic

schemes have various levels of protection Key scheme term means a procedure of how to use

key steganographic system based on the extent of its use However when the steganographic

robustness is increased a bandwidth of the whole embedding system is decreased Therefore

the task of a scheme selection for achieving the optimal values of the steganographic system

is not trivial

Embedding messages in steganographic system can be carried out without use of a key or

with use of a key To improve steganographic robustness key can be used as a verification

option It can make an impact on the distribution of bits of a message within a container as

well as an impact on the procedure of forming a sequence of embedded bits of a message

The first level of protection is determined only by the choice of embedding algorithm This

may be the least significant bits modification algorithm or algorithms for modifying the

frequency or spatial-temporal characteristics of the container The first level of protection is

presented in any steganographic channel Steganographic system in this case can be

represented as shown at The First Protection Level Scheme figure There following notations

are used c - is a container file F - steganographic channel space (frequency orand amplitude

container part that is available for steganographic modification and message signal

transmission) SC - steganographic system m - message to be embedded E - embedding

method ĉ - modified container file

The second protection level of the steganographic system as well as all levels of protection

of the higher orders is characterized by the use of Key (password) via steganographic

modification An example of a simple key scheme which provides a second level of

protection is to write the unmodified or modified password in the top or bottom of the

message or the distribution of the password sign on the entire length of the steganographic

channel Such key schemes do not affect the distribution of messages through the container

and do not use a message preprocessing according to the defined key (see figure The Second

Protection Level Scheme) This kind of steganographic systems are used in such tasks as for

instance adding a digital signature for proof of copyright Data embedding performance is

not changed in comparison with the fastest approach of the first protection level usage

Steganographic data channels that use key schemes based distribution of a message through

the container and or preprocessing of an embedded message for data hiding are more secure

When the third protection level key scheme is used it affects the distribution of a message

through the container (see figure The Third Protection Level Scheme where F(P L) ndash

distribution function of a message within a container P ndash minimum number of container

samples that are needed to embed one message sample L ndash step of a message distribution

within a container) Accordingly the performance of container processing will be lower than

in the case of the first and the second key schemes Taking into account that PgeL the

simplest representation of the F(P L) function could be as following

F(P L) = cycleL + stepP

where cycle is a number of the current L section and step is a number of the embedded

message sample

The difference between the fourth protection level scheme and the third one is that in

steganographic system there are two distribution functions of a message within a container

are used The first is responsible for a message samples selection according to some function

G(Q N) and the second function F(P L) is responsible for position selection in a container

for message sample hiding Here Q ndash the size of message block to be inserted N ndash the size (in

bits) of one sample of the message file (see figure The Fourth Protection Level Scheme)

8CONCEALMENT IN DIGITAL IMAGES

Information can be hidden many different ways in images To hide information straight

message insertion may encode every bit of information in the message or selectively embed

the message in ldquonoisyrdquo areas that draw less attention- those areas where there is a great deal

of natural color variation The message may also be scattered randomly throughout the

image Redundant pattern encoding ldquowallpapersrdquo the cover image with the message

Image based Steganography is the most popular method for message concealment In this

paper two techniques are proposed for enhancing the message secrecy using image based

steganography The first technique is based on the use of punctuation marks to encode a

secret message before embedding it into the image file The second technique is based on the

use of modified scytale cipher to hide a secret message in an image file Both of these

techniques have been implemented and tested using the S-Tools software package The

original and stego-images both are shown for the purpose of comparison

A number of ways exist to hide information in digital images Common approaches include

1048766 Least significant bit (LSB) insertion

1048766 Masking and filtering

1048766 Algorithms and transformations

81Least significant bit insertion

Least significant Bit insertion is a common simple approach to embedding information in a

cover file To hide an image in the LSBs of each byte of a 24-bit image you can store 3 bits

in each pixel A 1024 768 image has the potential to hide a total of 2359296 bits of

information Ti you compress the message to be hidden before you embed it you can hide a

large amount of information To the human eye the resulting stego-image will look identical

to the cover image

82Masking and Filtering

Masking and filtering techniques usually restricted to 24-bit and tray-scale images hide

information by marking an image in a manner similar to paper watermarks Watermarking

techniques may be applied without fear of image destruction due to lossy compression

because they are more integrated into the image

Visible watermarks are not steganography by definition The difference is primarily one of

intent Traditional steganography conceals information watermarks extend information and

become an attribute of the cover image Digital watermarks may include such information as

copyright ownership or license In steganography the object of communication is the hidden

message In digital watermarking the object of communication is the cover

To create a watermarked image we increase the luminance of the masked area by 15

percent If we were to change the luminance by a smaller percentage the mask would be

undetected by the human eye Now we can use the watermarked image to hide plaintext or

encoded information

Masking is more robust than LSB insertion with respect to compression cropping and some

image processing Masking techniques embed information in more significant areas so that

the hidden message is more integral to the cover image than just hiding it in the ldquonoiserdquo level

This makes it more suitable than LSB with lossy JPEG images

83Algorithms and Transformations

LSB manipulation is a quick and easy way to hide information but is vulnerable to small

changes resulting from image processing or lossy compression Such compression is a key

advantage that JPEG images have over other formats High quality images can be stored in

relatively small files using JPEG compression method

One steganographic method that integrates the compression algorithm for hiding the

information is Jpeg-Jsteg Jpeg-Jsteg creates a JPEG stego image from the input of a message

to be hidden and a lossless cover mage

Another method used in Patchwork and similar techniques is the redundant pattern encoding

Here the hidden information is scattered throughout the cover mage These approaches may

help protect against image processing such as cropping and rotations and they hide

information more thoroughly than by simply masking They also support image manipulation

more readily than tools that rely on LSB In using redundant pattern encoding you must trade

off message size against robustness A large message may be embedded only once because it

would occupy a much greater portion of the image area

Other techniques encrypt and scatter the hidden data throughout an image Scattering the

message makes it appear more like noise Proponents of this approach assume that even if the

message bits are extracted they will be useless without the algorithm and stego-key to

decode them Scattering and encryption helps protect against hidden message extraction but

not against message destruction through image processing A scattered message in the

imagersquos LSBs is still as vulnerable to destruction from lossy compression and image

processing as is a clear text message inserted in the LSBs

84 Countermeasures and detection

Detection of physical steganography requires careful physical examination including the use

of magnification developer chemicals and ultraviolet light It is a time-consuming process

with obvious resource implications even in countries where large numbers of people are

employed to spy on their fellow nationals However it is feasible to screen mail of certain

suspected individuals or institutions such as prisons or prisoner-of-war (POW) camps

During World War II a technology used to ease monitoring of POW mail was specially

treated paper that would reveal invisible ink An article in the June 24 1948 issue of Paper

Trade Journal by the Technical Director of the United States Government Printing Office

Morris S Kantrowitz describes in general terms the development of this paper three

prototypes of which were named Sensicoat Anilith and Coatalith paper These were for the

manufacture of post cards and stationery to be given to German prisoners of war in the US

and Canada If POWs tried to write a hidden message the special paper would render it

visible At least two US patents were granted related to this technology one to Mr

Kantrowitz No 2515232 Water-Detecting paper and Water-Detecting Coating

Composition Therefor patented July 18 1950 and an earlier one Moisture-Sensitive Paper

and the Manufacture Thereof No 2445586 patented July 20 1948 A similar strategy is to

issue prisoners with writing paper ruled with a water-soluble ink that runs when in contact

with a water-based invisible ink

In computing detection of steganographically encoded packages is called steganalysis The

simplest method to detect modified files however is to compare them to known originals

For example to detect information being moved through the graphics on a website an analyst

can maintain known-clean copies of these materials and compare them against the current

contents of the site The differences assuming the carrier is the same will compose the

payload In general using extremely high compression rate makes steganography difficult

but not impossible While compression errors provide a hiding place for data high

compression reduces the amount of data available to hide the payload in raising the encoding

density and facilitating easier detection (in the extreme case even by casual observation)

9 LEAST SIGNIFICANT BIT (LSB) INSERTION

91Technique basics

Today when converting an analog image to digital format we usually choose between three

different ways of representing colors

1048766 24-bit color every pixel can have one in 2^24 colors and these are represented as different

quantities of three basic colors red (R) green (G) blue (B) given by 8 bits (256 values)

1048766 8-bit color every pixel can have one in 256 (2^8) colors chosen from a palette or a table

of colors

1048766 8-bit gray-scale every pixel can have one in 256 (2^8) shades of gray

LSB insertion modifies the LSBs of each color in 24-bit images or the LSBs of the 8-bit

value for 8-bit images

92Data Rate

The most basic of LSBs insertion for 24-bit pictures inserts 3 bitspixel Since every pixel is

24 bits we can hide

3 hidden-bitspixel 24 data-bitspixel = 18 hidden-bitsdatabits

So for this case we hide 1 bit of the embedded message for every 8 bits of the cover image If

we pushed the insertion to include the second LSBs the formula would change to

And we would hide 2 bits of the embedded message for every 8 bits of the cover image

Adding a third-bit insertion we would get

Acquiring a data rate of 3 embedded bits every 8 bits of the image The data rate for insertion

in 8-bit images is analogous to the 1 LSB insertion in 24-bit images or 1 embedded bit every

8 cover bits We can see the problem in another light and ask how many cover bytes are

needed to send an embedded byte

For 1-LSB insertion in 24-bit images or in 8-bit images this value would be 818 = 8 Bytes

For 2-LSBs insertion in 24-bit pictures it would be 828 = 4 Bytes for 3-LSBs insertion it

would be 838 = 2133 Bytes

93Robustness

LSB insertion is very vulnerable to a lot of transformationseven the most harmless and usual

ones Lossy compression eg JPEG is very likely to destroy it completely The problem is

that the holes in the Human Visual System that LSB insertion tries to exploit ndash little

sensitivity to added noise - are the same that lossy compression algorithms rely on to be able

to reduce the data rate of images

Geometrical transformations moving the pixels around and especially message and the only

one that could allow recovery is a simple translation Any other kind of picture

transformation like blurring or other effects usually will destroy the hidden data All in all

LSB insertion is a very little robust technique for data hiding displacing them from the

original grid are likely to destroy the embedded

94Ease of detectionextraction

There is no theoretical outstanding mark of LSB insertion if not a little increase of

background noise Itrsquos very easy instead to extract LSBs even with simple programs and to

check them later to find if they mean something or not

95Suitability for steganography or watermarking

First of all since it is a so vulnerable technique even for simple processing LSB insertion is

almost useless for digital watermarking where it must face malicious attempts at its

destruction plus normal transformations like compressiondecompression or conversion to

analog (printing or visualization)conversion to digital (scanning) Its comparatively high data

rate can point it as a good technique for steganography where robustness is not such an

important constraint

96Problems and possible solutions

Having stated that LSB insertion is good for steganography we can try to improve one of its

major drawbacks the ease of extraction We donrsquot want that a malicious attacker be able to

read everything we are sending

This is usually accomplished with two complementary techniques

Encryption of the message so that who extracts it must also decrypt it before it makes

Randomizing the placement of the bits using a cryptographical random function

(scattering) so that itrsquos almost impossible to rebuild the message without knowing the

seed for the random function

In this way the message is protected by two different keys acquiring much more

confidentiality than before This approach protects also the integrity of the message being

much more difficult (we could say at least computationally infeasible) to counterfeit the

message

Anyway since we donrsquot want our message to be only an encrypted and scrambled message

we must go back to the purpose of making the communication hidden

The two most important issues in this problem are

The choice of images

The choice of the format (24-bit or 8-bit compressed or not)

The cover image first of all must seem casual so it must be chosen between a set of subjects

that can have a reason to be exchanged between the source and the receiver Then it must

have quite varying colors it must be noisy so that the added noise is going to be covered

by the already present one Wide solid-color areas imagnify very much any little amount of

noise added to them Second there is a problem with the file size which involves the choice

of the format Unusually big files exchanged between two peers in fact are likely to arise

suspicion

To solve this problem it has been studied a modification to the JPEG algorithm that inserts

LSBs in some of the lossless stages or pilots the rounding of the coefficients of the DCT used

to compress the image to encode the bits Since we need to have small image file sizes we

should resort in using 8-bit images if we want to communicate using LSB insertion because

their size is more likely to be considered as normal

The problem with 256 colors images is that they make use of an indexed palette and

changing a LSB means that we switch a pixel from a position to an adjacent one If there are

adjacent contrasting colors in the palette it can happen that a pixel in the image changes its

color abruptly and the hidden message becomes visible

To solve this problem different methods have been studied like rearranging the palette so

that adjacent colors donrsquot contrast so much or even reducing the palette to a smaller number

of colors and replicating the same entry in the table in adjacent positions so that the

difference after the embedding of the message is not visible at all

Moreover for most images the reduction of colors from for instance 256 to 32 is hardly

visible Most of the experts anyway advise to use 8-bit grayscale images since their palette

is much less varying than the color one so LSB insertion is going to be very hard to detect by

the human eye

10SSIS - SPREAD SPECTRUM IMAGE STEGANOGRAPHY

Techniques of error-control coding image restoration and those similar to spread spectrum

communication are combined within the SSIS system The fundamental concept is the

embedding of the hidden information within noise which is then added to a digital cover

image This noise is typical of the noise inherent to the image acquisition process and if kept

at low levels is not perceptible to the human eye or by computer analysis without access to

the original image To successfully decode the message image restoration techniques and

error-control coding are employed Image restoration is used to obtain an approximate

estimate of the original cover image from the stegoimage This promotes the estimation of the

embedded signal that was added to the cover in addition to allowing SSIS to be a blind

steganography scheme

Finally because the noise is of low power and the restoration process is not perfect the

estimation of the embedded signal is poor resulting in an embedded signal bit error rate

(BER) that is rather high To compensate the message signal is processed by a low-rate

error-correcting code before embedding This conglomeration of communication and image

processing techniques provides a method of reliable blind image steganography

The major processes of the stegosystem encoder are portrayed Within the system the

message is optionally encrypted with key 1 and then encoded via a low-rate

errorcorrectingcode producing the encoded message Thesender enters key 2 into a wideband

pseudorandom noise generator producing a real-valued noise sequence sequently the

modulation scheme is used to combine the message with the noise sequence thereby

composing the embedded signal which is then input into an interleaver using key 3 This

signal is now added with the cover image to produce the stegoimage which is appropriately

quantized and clipped to preserve the initial dynamic range of the cover image The

stegoimage is then transmitted in some manner to the recipient At the receiver the

stegoimage is received by the recipient who maintains the same keys as the sender uses the

stegosystem decoder to extract the hidden information The decoder uses image restoration

techniques to produce an estimate of the original cover image from the received

stegoimage The difference between and

is fed into a keyed deinterleaver to construct an estimate of the embedded signal With key

2 the noise sequence is regenerated the encoded message is then demodulated and an

estimate of the encoded message is constructed The estimate of the message is then

decoded via the low-rate errorcontrol decoder optionally decrypted using key 1 and revealed

to the recipient

The interleaver in this scheme which reorders the embedded signal before it is added to the

cover image serves a dual function The first is to prevent a group or burst of errors This

allows the errors to occur almost independently within a codeword thus giving the error-

correcting code an equal chance at correcting the errors in all codewords Second since the

interleaver requires a key to stipulate the interleaving algorithm this key can serve as another

level of security to establish the proper order of the embedded signal before decoding

We point out this technique as an example for spread spectrum data-hiding methods Spread

spectrum techniques are now widely used in military radio communications due to their very

high robustness to detection and extraction SSIS is a quite mature process and its aim is to

achieve low detectability ease of extraction high data rate and good robustness to removal It

is based on spread spectrum techniques but it enhances them by adding other encoding steps

FigSSIS encoder

FigSSIS decoder

101Technique basics

The core of SSIS is a spread spectrum encoder These devices work by modulating a narrow

band signal over a carrier The carrierrsquos frequency is continually shifted using a

pseudorandom noise generator fed with a secret key In this way the spectral energy of the

signal is spread over a wide band thus decreasing its density usually under the noise level

To extract the embedded message the receiver must use the same key and noise generator to

tune on the right frequencies and demodulate the original signal A casual observer wonrsquot be

able even to detect the hidden communication since it is under the noise level

102Data Rate

The data rate for this technique can be fairly high but it depends on the choices made for the

different parameters of the encoding We can assume that the message will be compressed

before embedding to allow for a higher capacity The ECC encoder instead is going to insert

redundant data into the stream to be able to correct the errors The more errors we want to

correct the more bits will be added Then we have a tradeoff between good retrieval and

capacity If we can allow for small glitches in the recovered message then we can use a

weaker encoding

Moreover the more data we want to insert in the image the more noise we are going to add

to it Then if our cover is not noisy we will be able to hide very little data while if we

choose a noisy one its capacity will be higher Experiments with 512x512 grey scale images

(256 KB) could embed from 500 bytes to 5KB depending on the cover These experiments

used a spread spectrum signal powerful enough to give almost total error-free retrieval

because the compression method adopted didnrsquot allow for any errors This means a data rate

varying from 1 hidden-bytes50 cover-bytes to 10 hiddenbytes 50 cover-bytes a rate

surpassed only by LSB insertion

103Robustness

Spread spectrum techniques are usually quite robust Every transformation that adds noise to

the image isnrsquot able to destroy the message Anyway a determined attacker can quite easily

compromise the embedded data using some digital processing like for examplenoise

reduction filters the same that are used in decoding to estimate the original cover

Spread spectrum encoding is widely used in military communications for its robustness

against detection An attacker canrsquot usually even know if the message was embedded and

anyway it will be very hard for him to extract it without knowing the right key2 and key3

Due to its fairly high capacity and low ease of detection and extraction SISS is very good for

steganography

The basic tradeoff in using SSIS is between the error rate we can afford and the amount of

informations we want to embed that varies in turn the power of the added noise The ECC is

used to allow for a lower power without increasing the Bit Error Rate as well

Further improvements will deal with improving the original cover estimate stage so that itrsquoll

lead to a lower Bit Error Rate in the recovered signal allowing to use less redundant ECCs

The first is redundant encoding by dividing the cover into blocks and embedding the same

message in each of them so that the hidden data can be extracted even from a part of the

image as big as one block but the more of it we have the more certain we can be about the

result

Moreover they added to the spectrum a template that can through a log-polar transform

applied to the spectrum of the stegoimage determine the original scale factor and orientation

of the image rendering the stego-message virtually immune to scaling and rotation Finally

spread spectrum techniques can add an adaptive perceptual masking filter before the insertion

of the signal so that the added noise is quite sure to be under perceptual limits This

however will increase the error rate in the retrieval because it reduces the power of the

embedded signal

11Applications of Steganography

Steganography is applicable to but not limited to the following areas

1) Confidential communication and secret data storing

2) Protection of data alteration

3) Access control system for digital content distribution

4) Media Database systems

The area differs in what feature of the steganography is utilized in each system

111 Confidential communication and secret data storing

The secrecy of the embedded data is essential in this areaHistorically steganography have

been approached in this area Steganography provides us with

(A) Potential capability to hide the existence of confidential data

(B) Hardness of detecting the hidden (ie embedded) data

(C) Strengthening of the secrecy of the encrypted data

In practice when you use some steganography you must first select a vessel data according

to the size of the embedding data The vessel should be innocuous Then you embed the

confidential data by using an embedding program (which is one component of the

steganography software) together with some key When extracting you (or your party) use an

extracting program (another component) to recover the embedded data by the same key

( common key in terms of cryptography) In this case you need a key negotiation before

you start communication

Attaching a stego file to an e-mail message is the simplest example in this application area

But you and your party must do a sending-and-receiving action that could be noticed by a

third party So e-mailing is not a completely secret communication methodThere is an easy

method that has no key-negotiation We have a model of Anonymous Covert Mailing

System There is some other communication method that uses the Internet Webpage In this

method you dont need to send anything to your party and no one can detect your

communication

Each secrecy based application needs an embedding process which leaves the smallest

embedding evidence You may follow the following

(A) Choose a large vessel larger the better compared with the embedding data

(B) Discard the original vessel after embedding

For example in the case of Qtech Hide amp View it leaves some latent embedding evidence

even if the vessel has a very large embedding capacity You are recommended to embed only

25 or less (for PNG BMP output) of the maximum capacity or only 3 of the vessel size

(for JPEG output)

112 Protection of data alteration

We take advantage of the fragility of the embedded data in this application area

The embedded data can rather be fragile than be very robust Actually embedded data are

fragile in most steganography programs Especially Qtech Hide amp View program embeds

data in an extremely fragile manner However this fragility opens a new direction toward an

information-alteration protective system such as a Digital Certificate Document System

The most novel point among others is that no authentication bureau is needed If it is

implemented people can send their digital certificate data to any place in the world through

Internet No one can forge alter nor tamper such certificate data If forged altered or

tampered it is easily detected by the extraction program

Stated somewhat more formally the objective for making steganographic encoding difficult

to detect is to ensure that the changes to the carrier (the original signal) due to the injection of

the payload (the signal to covertly embed) are visually (and ideally statistically) negligible

that is to say the changes are indistinguishable from the noise floor of the carrier Any

medium can be a carrier but media with a large amount of redundant or compressible

information are better suited

From an information theoretical point of view this means that the channel must have more

capacity than the surface signal requires that is there must be redundancy For a digital

image this may be noise from the imaging element for digital audio it may be noise from

recording techniques or amplification equipment In general electronics that digitize an

analog signal suffer from several noise sources such as thermal noise flicker noise and shot

noise This noise provides enough variation in the captured digital information that it can be

exploited as a noise cover for hidden data In addition lossy compression schemes (such as

JPEG) always introduce some error into the decompressed data it is possible to exploit this

for steganographic use as well

Steganography can be used for digital watermarking where a message (being simply an

identifier) is hidden in an image so that its source can be tracked or verified (for example

Coded Anti-Piracy) or even just to identify an image (as in the EURion constellation)

113 Access control system for digital content distribution

In this area embedded data is hidden but is explained to publicize the contentToday

digital contents are getting more and more commonly distributed by Internet than ever before

For example music companies release new albums on their Webpage in a free or charged

manner However in this case all the contents are equally distributed to the people who

accessed the page So an ordinary Web distribution scheme is not suited for a case-by-case

and selective distribution Of course it is always possible to attach digital content to e-mail

messages and send to the customers But it will takes a lot of cost in time and labor

If you have some valuable content which you think it is okay to provide others if they really

need it and if it is possible to upload such content on the Web in some covert manner And if

you can issue a special access key to extract the content selectively you will be very happy

about it A steganographic scheme can help realize a this type of system

We have developed a prototype of an Access Control System for digital content

distribution through Internet The following steps explain the scheme

(1) A content owner classify hisher digital contents in a folder-by-folder manner and embed

the whole folders in some large vessel according to a steganographic method using folder

access keys and upload the embedded vessel (stego data) on hisher own Webpage

(2) On that Webpage the owner explains the contents in depth and publicize worldwide The

contact information to the owner (post mail address e-mail address phone number etc) will

be posted there

(3) The owner may receive an access-request from a customer who watched that Webpage In

that case the owner may (or may not) creates an access key and provide it to the customer

(free or charged)

In this mechanism the most important point is a selective extraction is possible or notWe

have already developed such a selective extraction program to implement the system

114 Media Database systems

In this application area of steganography secrecy is not important but unifying two types of

data into one is the most importantMedia data (photo picture movie music etc) have some

association with other information A photo picture for instance may have the following

(1) The title of the picture and some physical object information

(2) The date and the time when the picture was taken

(3) The camera and the photographers information

Formerly these are annotated beside the each picture in the albumRecently almost all

cameras are digitalized They are cheap in price easy to use quick to shoot They eventually

made people feel reluctant to work on annotating each picture Now most home PCs are

stuck with the huge amount of photo files In this situation it is very hard to find a specific

shot in the piles of pictures A photo album software may help a little You can sort the

pictures and put a couple of annotation words to each photo When you want to find a

specific picture you can make a search by keywords for the target picture However the

annotation data in such software are not unified with the target pictures Each annotation only

has a link to the picture Therefore when you transfer the pictures to a different album

software all the annotation data are lost

This problem is technically referred to as Metadata (eg annotation data) in a media

database system (a photo album software) are separated from the media data (photo data) in

the database managing system (DBMS) This is a big problem

Steganography can solve this problem because a steganography program unifies two types of

data into one by way of embedding operation So metadata can easily be transferred from

one system to another without hitch Specifically you can embed all your goodbad memory

(of your sight-seeing trip) in each snap shot of the digital photo You can either send the

embedded picture to your friend to extract your memory on hisher PC or you may keep it

silent in your own PC to enjoy extracting the memory ten years after If a motion picture

steganography system has been developed in the near future a keyword based movie-scene

retrieving system will be implemented It will be a step to a semantic movie retrieval system

12CONCLUSION

In this paper we tried to give an all-round view of steganography both used to exchange

messages and watermarking First we gave an outline of the problem telling also some of the

history of this quickly developing field Then we showed the different techniques invented

from the simplest to the more complex ones trying to evaluate them under many points of

view Major emphasis was put on data hiding in images for the techniques involved are

usually more mature than the corresponding ones for other kinds of informations Image

encoding algorithms can also be representative for manipulation of other types of media like

voice text binary files binary files communication channels etc

The strength of our system resides in the new concept of key image Involving two images

(the cover and the key) in place of only one (the cover) we are able to change the cover

coefficients randomly This opportunity does not give a steganalytic tool the chance of

searching for a predictable set of modifications The proposed approach has many

applications in hiding and coding messages within standard medias such as images or videos

As future work we intend to study steganalytic techniques for ISC and to extend ISC to

mobile video communication

Then we gave an outline of the problems involved with watermarking a field that has come

into light after the development of broadband worldwide digital networks Steganography and

digital watermarking are undergoing a development process similar to that of encryption

Steganographyrsquos niche in security is to supplement cryptography and not to replace it There

is a continuous invention of new techniques for steganography followed by successful

breakings and new improvements of them

13REFERENCES

Neil F Johnson Sushil Jajodia George Mason University Exploring

Steganography Seeing the Unseen IEEE Computers February 1998 pp 26-34

W Bender D Gruhl N Morimoto A Lu Techniques for Data Hiding IBM

Systems Journal Vol 35

Ross Anderson Roger Needham Adi Shamir The Steganographic File System 2nd

Information Hiding Workshop 1998

Ross J Anderson Fabien AP Petitcolas On the limits of steganographyrdquo

W Bender D Gruhl N Morimoto and A Lu ldquoTechniques for data hidingrdquo IBM

Syst J vol 35 1996

I J Cox J Kilian T Leighton and T Shamoon ldquoSecure spread spectrum

watermarking for images audio and videordquo in Proc IEEE Int Conf Image

Processing Lausanne Switzerland Sept 1996 vol 111 pp 243ndash246

D Kahn The CodebreakersmdashThe Story of Secret Writing New York Scribner

F Johnson and S Jajodia ldquoExploring steganography Seeing the unseenrdquo IEEE

Computer Mag pp 26ndash34 Feb 1998

B Pfitzmann ldquoTrials of traced traitorsrdquo in Information Hiding First International

Workshop Lecture Notes in Computer Science R Anderson Ed Berlin Germany

Springer-Verlag 1996 vol 1 pp 49ndash64

J R Smith and B O Comisky ldquoModulation and information hiding in imagesrdquo in

Information Hiding First International Workshop Lecture Notes in Computer

Science R Anderson Ed Berlin Germany Springer-Verlag 1996 vol 1174 pp

207ndash226

L M Marvel and C G Boncelet Jr ldquoCapacity of the additive steganographic

channelrdquo submitted for publication

R van Schyndel A Tirkel and C Osborne ldquoA digital watermarkrdquo in Proc IEEE Int

Conf Image Processing 1994 vol 2 pp 86ndash90

R B Wolfgang and E J Delp ldquoA watermark for digital imagesrdquo in Proc IEEE Int

Conf Image Processing Lausanne Switzerland Sept 1996 vol 111 pp 219ndash222

Detection of physical steganography requires careful physical examination including the use of magnification developer chemicals and ultraviolet light It is a time-consuming process with obvious resource implications even in countries where large numbers of people are employed to spy on their fellow nationals However it is feasible to screen mail of certain suspected individuals or institutions such as prisons or prisoner-of-war (POW) camps During World War II a technology used to ease monitoring of POW mail was specially treated paper that would reveal invisible ink An article in the June 24 1948 issue of Paper Trade Journal by the Technical Director of the United States Government Printing Office Morris S Kantrowitz describes in general terms the development of this paper three prototypes of which were named Sensicoat Anilith and Coatalith paper These were for the manufacture of post cards and stationery to be given to German prisoners of war in the US and Canada If POWs tried to write a hidden message the special paper would render it visible At least two US patents were granted related to this technology one to Mr Kantrowitz No 2515232 Water-Detecting paper and Water-Detecting Coating Composition Therefor patented July 18 1950 and an earlier one Moisture-Sensitive Paper and the Manufacture Thereof No 2445586 patented July 20 1948 A similar strategy is to issue prisoners with writing paper ruled with a water-soluble ink that runs when in contact with a water-based invisible ink