Upload
edwin-fisher
View
216
Download
2
Tags:
Embed Size (px)
Citation preview
Definition
Steganography: (from Greek steganos, or "covered," and graphie, or "writing") is the hiding of a secret message within an ordinary message and the extraction of it at its destination
Takes cryptography a step farther by hiding an encrypted message so that no one suspects it exists
Ideally, anyone scanning your data will fail to know it contains encrypted data
Introduction Computer Steganography: two principles
– Digitized images or sound can be altered without losing their functionality
– Human inability to distinguish minor changes in image color or sound quality
In modern digital steganography, data is first encrypted by the usual means and then inserted, using a special algorithm, into redundant data that is part of a particular file format
Changing the value of the least significant bit of the pixel color won’t result in any perceivable change of that color
History
Ancient Greece, text was written on wax covered tablets
During WWII, the Germans developed the microdot for the letter i
Invisible inks: some messages had to be "developed“ by using special chemicals
Unencrypted messages: the real message is "camouflaged" in an innocent sounding message
Algorithm - Pure
Pure steganography– No key is necessary– E: Ca x M -> Ca– D: Ca -> M– Relies on the secrecy of the method
Example– Using the first character in a letter to
hide the secret message
Example of Pure Steganography
Null cipher (unencrypted message)– News Eight Weather: Tonight increasing snow.
Unexpected precipitation smothers eastern towns. Be extremely cautious and use snowtires especially heading east. The highways are knowingly slippery. Highway evacuation is suspected. Police report emergency situations in downtown ending near Tuesday.
First letter of each word:– Newt is upset because he thinks he is President.
Algorithm – Secret Key
Secret key steganography– Uses a secret stego-key: sender and
receiver share stego-key– E: Ca x (K x M) -> Ca– D: Ca x K -> M
Example– Encrypt data using shared secret key
before hiding within the carrier
Example Secret Key Steganography
The left image (8.9K) contains no hidden data
The right one (11.2K) contains about 5K of password-protected text
Algorithm – Public Key
Public key steganography– Uses two keys: public/private key
combo•Public key encryption
– E: Ca x (U x M) -> Ca– D: Ca x R -> M
•Private key encryption– E: Ca x (R x M) -> Ca– D: Ca x U -> M
Example Programs
Various programs offered today– Freeware/Shareware include
• Hide and Seek: hides data in LSB of GIF & BMP
• Camouflage: hides data (ex: MP3’s) by encrypting and then appending the data to the end of a file
• S-Tools: LSB color reduction, then inserts additional data to hide color modification
– Commercial• PixelTag: uses pattern block encoding
• Steganos: multiple products for data hiding
Flaws with Steganography
Pictures– Color degradation
– Significant file size change
Audio– Distorted sounds
– Significant file size change
Manipulation of carrier may result in degraded or inability to extract the message
Difficulty in hiding large message inside small carriers
Attacks
Visual Attacks– LSB– Filtering image
Digital Manipulation– Color palette– Modification of carrier
Statistical Analysis– Mathematical manipulation of possible carrier
to determine if a hidden message exists
Visual Attack - Filter
Applying a filter to the original image’s LSB shows that there is a hidden message
Countermeasure – Message Spreading
Spreading the message out evenly throughout the carrier conceals the hidden message
Filtering of image does not reveal hidden message
Countermeasure – Large Carrier
The use of larger carriers helps to hide the message better
8-bit palette 8-bit steganographic image
Countermeasure - Patterns
The use of unrecognizable patterns for the carrier prevents modification from being noticed
Extraction of LSB does not reveal existence of a hidden message (no hidden message in this image)
Application of Steganography
Enables secret communication Complements regular encryption
– How will someone decrypt your message if they cannot find it?
– Harder to break: need to first find the cipher text, then it needs to be decrypted
References http://www.all-nettools.com/privacy/stegano.htm http://www.aces.att.com/glossary/steganog.htm http://www.cdt.luth.se/~peppar/kurs/smd074/lekt
/7/slide0.html http://www.ise.gmu.edu/~njohnson/ihws98/jjgmu.html http://www.jjtc.com/Steganography/ http://www.ise.gmu.edu/~njohnson/Steganography/
toolmatrix.htm