Home Scroll Top

The Art Of Hiding Information ( Steganography )

Steganography serves as a means for private, secure and sometimes malicious communication. Steganography is a technology that hides a message within an object, a text, or a picture. It is often confused with cryptography, not in name but in appearance and usage. The easiest way to differentiate the two is to remember steganography conceals not only the contents of the message but also the mere existence of a message. The original steganographic applications used “null ciphers”, or clear text. A null cipher conveys that the message has not been encrypted in any way,whether it is using basic character shifting, substitution or advanced modern day encryption algorithm. So, the message is often in plain view but for a reason can either not be detected as being present or cannot be seen once detected. As is common with cryptography, steganography has its roots in military and government applications and has advanced in ingenuity and complexity. We will explore several approaches to the process of steganography as well as steganalysis. Steganalysis is the method by which to detect the presence of a hidden message and attempt to reveal the true contents of this message. This technology has also substantially evolved throughout history and often lags behind new steganographic discovery as a reactive attempt to detect and decipher messages.

The  first steganographic technique was developed in ancient Greece around 440 B.C.Various steganography techniques have been developed and each one uses its own way of arranging or embedding the various characters or bits which constitute the encrypted or unencrypted secret message. The most common stego method is the LSB approach, or Least Significant Bit. As we know digital pixels are represented by three colors: red, green and blue. These colors together form digital pictures or video. Each colour of every pixel requires 1 byte of information, or 8 bits. Since the first bit is the “least significant” or carries the least amount of importance in the byte, this steganographic technique chooses to overwrite the first bit of successive bytes until the entire secret message is embedded into the original source file, or the cover data. Since we have only modified the least significant bits of a portion of the source file, the human eye should not be able to detect the degradation in the picture or video.The most popular use of steganography in a constructive sense is “digital watermarking”. Digital watermarking embeds either signatures or copyright information in files such as digital video (DVD), audio, and art work. Using the prior LSB algorithm one can hide a copyright message in a photo, however it is highly recommended to either duplicate the same message over various areas in the photo or spread the message over the entire photo. Localizing the secret message in one area of the photo increases the risk of a savvy steganalyst finding and removing the copyright message for his use. This is also true for music artist’s audio files such as in MP3 format or the movie industry’s DVD format. (Li Lang – Digital Watermarking).

The music and movie industries continually devise new material control methods such as earmarking early distribution of movie screenings via steganography. In “traitor tracing” each copy of a given movie contains a digital watermark with a unique serial number and the movie distributor knows to whom each serial number has been delivered. When a copy is becomes compromised, the movie company only needs to extract the serial number from the copy in question and start tracing it to the point of origin. In “broadcast monitoring” broadcast detectors are used to extract the watermark of a given file or medium and report to the broadcasting events to notify the owner or distributor of broadcast status(medium was played, time and date). (Li Lang – Digital Watermarking) .

Terrorist organizations have mastered the art of combining steganography with encryption. As the “USA Today” reported on February 5th 2001, since 1993 these groups have engaged in malicious and criminal behavior using shareware encryption and steganography tools. As early as 1993 Ramzi Yousef encrypted files which planned the destruction of 11 airliners. The U.S.government was successful in capturing his laptop computer, extracting the files and decrypting them. However, FBI officials say it took them one year to decipher two of the critical files. The troubling aspect is there was no need for spending time on steganalysis or detection of a stego message since these were standalone encrypted files. According to U.S. officials, in early 2001 Osama bin Laden posted steganographic material in sports chat rooms and pornographic web sites with instructions for terrorist activities. Presently most terrorist instructions are also carried out this same way, but there has been an increase in the use of photographic images used for
steganography. (USA Today – Terror groups)

During World War II, a spy for Japan in New York City, Velvalee Dickinson, sent information to accommodation addresses in neutral South America. She was a dealer in dolls, and her letters discussed how many of this or that doll to ship. The stegotext was the doll orders, while the concealed “plaintext” was itself encoded and gave information about ship movements, etc. Her case became somewhat famous and she became known as the Doll Woman.

Cold War counter-propaganda. In 1968, crew members of the USS Pueblo intelligence ship held as prisoners by North Korea, communicated in sign language during staged photo opportunities, informing the United States they were not defectors, but rather were being held captive by the North Koreans. In other photos presented to the U.S., crew members gave “the finger” to the unsuspecting North Koreans, in an attempt to discredit photos that showed them smiling and comfortable.

Modern steganography entered the world in 1985 with the advent of the personal computer being applied to classical steganography problems. Digital steganography techniques include:

  1. Concealing messages within the lowest bits of noisy images or sound files.
  2. Concealing data within encrypted data or within random data. The data to be concealed is first encrypted before being used to overwrite part of a much larger block of encrypted data or a block of random data (an unbreakable cipher like the one-time pad generates ciphertexts that look perfectly random if you don’t have the private key).
  3. Chaffing and winnowing is a cryptographic technique to achieve confidentiality without using encryption when sending data over an insecure channel. The name is derived from agriculture: after grain has been harvested and threshed, it remains mixed together with inedible fibrous chaff. The chaff and grain are then separated by winnowing, and the chaff is discarded. The technique was conceived by Ron Rivest. Although it bears similarities to both traditional encryption and steganography, it cannot be classified under either category.

    This technique is remarkable compared to ordinary encryption methods because it allows the sender to deny responsibility for encrypting their message. When using chaffing and winnowing, the sender transmits the message unencrypted, in clear text. Although the sender and the receiver share a secret key, they use it only for authentication. However, a third party can make their communication confidential by simultaneously sending specially crafted messages through the same channel.

  4. Blog-Steganography. Messages are fractionalized and the (encrypted) pieces are added as comments of orphaned web-logs (or pin boards on social network platforms). In this case the selection of blogs is the symmetric key that sender and recipient are using; the carrier of the hidden message is the whole blogosphere.
  5. Modifying the echo of a sound file (Echo Steganography).
  6. Image bit-plane complexity segmentation steganography (i.e., BPCS-Steganography).