Steganography a presentation by Zachary Burt
information theory - fall quarter
My Dilemma: �The Beginning
• My friend Mark is very interested in the e-book market. E-books are sold over the internet for anywhere from $2 to $500
• E-books usually are distributed as PDFs, sometimes password-protected, and sometimes in proprietary formats that require a special reader and password
My Dilemma: �WTF, PDF
• Passwords can be cracked using brute-force methods with cheap software on the internet
• Raster images from e-books delivered through proprietary readers can be captured via screenshots and bundled as unlocked PDFs
My Dilemma: �Yarr.
• Unlocked PDFs can be pirated with increasing ease due to the advent of P2P technologies such as BitTorrent
• Although a long-term solution may be to find alternative, piracy-friendly economic models, this is a problem!
My Dilemma: �A Idea Springs Forth
• What you need to do is code the information so that you have a unique way of identifying a signature, while at the same time not significantly shift the information any way (as to avoid arousing suspicion)! The text itself (content) must be structured in a way that you can infer extra information: a signature
• The signature will be the id of the purchaser
Surprise!
• Apparently I’m not the first person to consider this problem
• Steganography is the art and science of writing hidden messages so that none but sender and recipient realize there is a hidden message
F.Y.I.; BTW
• Cryptography (not the same thing) obscures the meaning of a message without concealing the message itself
This is Bill Nye the Science Guy. I was going for a “Did you know that?...Now you know!” vibe
Terminology
• Steganography usually employs both a covertext and a message
• The message is produced
• A covertext is modified to contain it
• This results in stegotext
Cryptography�Quick Tangent
• Message can be plaintext and then converted into ciphertext for added security before it becomes stegotext
• This requires an encryption algorithm
Humanity and HVS
• Most steganography methods take advantage of human psychology and the human visual system.
• Think “Change blindness”
Covertext • A covertext can be anything if you’re clever
enough about it. We’ll look at ways to be clever with a few different types of media.
• text (.doc, .txt, .html, newspapers)
• images (pictures, periods)
• sounds (.mp3, radio transmissions)
• human being
Text • Line shifting (as little as .003 in.)
• Word shifting (spaces between words)
• Change features of characters (b, d, T, i, etc.)
• Ordering (xml)
• Word choice (esp. spam messages!)
• Words map to a dictionary
• nth character significant
• Problem: easy to normalize text
Images
• LSB encoding: least significant bit. 3 bits available for 24-bit images, 1 bit available for 8 bit images (R -> 255, G -> 255, B -> 255)
• You can do this without the HVS detecting, but it is very vulnerable to attacks as simple as changing formatting from GIF to JPEG
Images�LSB Encoding Example
• Host pixel: 10110001
• Secret pixel: 00111111
• New Image pixel: 10110011
• Transform 10110011 into 00110000
• Uses only 4 bits, fairly low loss for host and secret
Images�LSB Encoding Outcome • Changing the
number of bits used has an effect on quality of both the original and secret image
• The sweet spot may be around 4 bits
Images�You’d Never Expect It
• Microdot techniques take an image and reduce it to the size of a grammatical unit such as a period. Any arbitrary covertext can be used as long as it contains periods.
• J. Edgar Hoover described their use as “the enemy’s masterpiece of espionage”
Images�Other Techniques
• Embed a digital watermark
• Direct Cosine Transformations
• This extends the data of the original image as opposed to hiding information inside the data
• Scatter black pixels, disguised as noise, in even or odd blocks
Sound�Fun Techniques
• Binary data can be encoded as noise, but recognized with a proper decoding key
• Encoding data in mp3 files requires you to store data in the parity bit during the compression process
• decompress and read all parity bits
Human Being
• 1. Shave the head of a human being, preferably a slave
• 2. Tattoo a message on his head
• 3. Wait for the hair to grow back
Defeating Steg�Steganalysis
• Color histogram, eliminate spikes
• Bitmap images and near-duplicate colors
• color table, LSB creates dupes, arouses supicion
Defeating Steg�The Battle
• Anticipate with inverse transformations
• Error correcting codes, redundancy
• Normalize the image
• Change the format
• D+W+W’
Defeating Steg�StirMark
• StirMark applies geometric distortions, a random low frequency deviation based around the center of the image, and a transfer function to introduce error into all the sample values
• The change in the image is nearly impossible to detect but any watermark is likely destroyed
The Bottom Line
• Steganography is useful but has its drawbacks
• Normalization, confusion
• Best when combined with cryptography
My Dilemma:�Proposed Resolutions
• Subtle changes in the spacing of the image might be possible to detect using a diff program, or by comparing the hashes of two instances of a copyrighted e-book
• They could be defeated by scanning the text, normalizing it, and binding it as a plain PDF
• Change kerning to interfere with OCR
The Media
• Al Qaeda rumors: eBay, pornography
• Pedophiles using stego to hide their images
Remember the picture on the front page?
• I didn’t think so.
• (Maybe you did; after all, this was a presentation about steganography and it may have appeared pretty conspicuous...)
Catty Title • If you remove all but the last 2 bits of every
color component in the first image, you get an almost completely black image.
• When you make it 85 times brighter, though, kittens start to purr.
You weren’t expecting this, were you.
Conclusions:�The Future of Stego • It probably would have been more appropriate to have a space-age stegosaurus for the picture, but whatever
• Criticism: “it only works when nobody expects it”
• New techniques being researched
• DNA
• Sometimes the best place to hide something may be in plain sight
