Steganography Kati Reiland CS 419 April 7, 2003
Jan 03, 2016
Steganography
Kati ReilandCS 419
April 7, 2003
What is Steganography?
• Technically meaning “covered writing”
• Anything that hides information in another media without making any visible changes to the media.
• Not cryptography
History of Steganography
• In 440 b.c. Demeratus warned Sparta
• Shaved messenger’s head• “Invisible Inks”• A Beautiful Mind• Hidden Data in i’s, j’s, and periods• Today, used to protect currency
from counterfeiting
Uses of Steganography
• Hiding of information to avoid observation or detection
• Protection of intellectual property rights.
Possible Uses of Steganography Drawbacks
Used to combine explanatory information with an image (e.g. doctor’s notes with an x-ray)
Could accidentally degrade or render an image misleading
Embedding corrective audio or image data in case corrosion occurs from a poor transmission or connection
Could counteract with the original image
Peer-to-peer private communications Doesn’t hide the fact that an e-mail was sent
Posting secret communications on the web to avoid transmission
Anyone with a cracking tool could expose and read the message
Copyright protection Hardware tools needed to protect the watermarking.
Maintaining Anonymity It is easier to use free web-based e-mail or cloaked e-mail
Hiding data on the network in case of a breach
Better to understand and effectively use standardized encryption
Table from ComputerWorld, 2002
Avoiding Detection
• Binary Data– ASCII text– Graphics
• Cover Object• Where is it hidden?
– TCP/IP Headers– Spaces in Text– “Noise” in sound files– Least Significant Bits in image files
Example of Hidden Data
• Camouflaging– Fishing freshwater bends and saltwater
coasts rewards anyone feeling stressed. Resourceful anglers usually find masterful leapers fun and admit swordfish rank overwhelming anyday.
Fishing freshwater bends and saltwater coasts rewards anyone feeling stressed. Resourceful anglers usually find masterful leapers fun and admit swordfish rank overwhelming anyday.
An Easier Example
• After the theater, all clients keep a tab down at Wesley’s Nook.
After the theater, all clients keep a tab down at Wesley’s Nook.
ATTACK AT DAWN
Data in Audio
• Uses Least Significant Bits to hold data
• May retain data in the “unhearable” areas of the audio file
Data in Images• Large files offer the best option for
concealment but they are also the most difficult to transmit.– Compression
• Lossless• Lossy
• 3 Types of Hiding in Digital Images– Least Significant Bit (LSB) Insertion– Masking and Filtering– Algorithms and Transformations
From Protecting Personal Data
Various Color Palettes
LSB Insertion
• Can be destroyed by any compression
• On average, only alters 50% of the bits
• Works best with 24-bit cover images
• Undetectable to the human eye
From Protecting Personal Data
Masking and Filtering
• Used for 24-bit and Gray-scale images
• “Watermarking”• Extend the image to
include the information as a part of the cover image.
• Generally unchanged by compression
Algorithms and Transformations
• Discrete Cosine Transform– A lossy compression (cosines are not
exact calculations)• Redundant Pattern Encoding
– Also called Spread Spectrum Methods– Scatters info in the image and
“marks” the significant areas– The rules for scattering and swapping
are kept by the “stego-key”
Most Popular Stego Tools
• StegoDos
• White Noise Storm
• S-Tools
• Hide and Seek
Protection of Rights
• Digital Watermarking • Digital Fingerprinting
Uses
• Copyright Information– Integrity– Informs of Ownership
• Stop Piracy– Ruins the use of pirated software,
music, or data– Simply doesn’t allow duplicates to be
made• Keep track of where the
music/software is being used
Digital Watermarking
• Places a piece of information, usually copyright information about the owner, repeated within the data.
• MagicGate and OpenMG• MP3Stego • PictureMarc
Digital Fingerprinting
• An embedded unique pattern into each distributed copy of the data.
• The unique data needs to appear normal to the user.
Steganalysis
• The process of finding hidden data in other media.
• Corporate Data Theft• 4 Types of Attacks
– Stego-only Attack– Chosen Stego Attack– Known Cover Attack– Known Stego Attack
BibliographyThe Code Book by Simon Singh
Steganography and Steganalysis by Joshua Silman
Steganography by Neil Johnson
Steganography: The New Terrorist Tool? By Danley Harrison
TechTV’s various articles on Copy Protection and Digital Watermarking
Protecting Personal Data by Simone Fischer-Hubner