Steganography
Security through obscurity
stegano graphy
covered writing
The art of hiding information in ways that
prevents the detection of hidden messages.
Added level of protection to cryptography
(≈hide a small needle of information in a
large hay stack of dummy information).
1
Traditional techniques
Invisible ink
Microdots
Character arrangement
Spread spectrum
WW II
Apparently neutral’s protest is
thoroughly discounted and ignored.
Isman hard hit. Blockade issue affects
pretext for embargo on by-products,
ejecting suets and vegetables oil.
Pershing sails from NY June 1.
2
Today
www.spammimmic.com
Dear Friend ; You made the right decision when you signed up for our
mailing list . This is a one time mailing there is no need to request
removal if you won't want any more ! This mail is being sent in
compliance with Senate bill 1621 , Title 5 , Section 301 ! This is not a
get rich scheme ! Why work for somebody else when you can become
rich inside 84 DAYS ! Have you ever noticed how long the line-ups are
at bank machines and people love convenience ! Well, now is your
chance to capitalize on this ! WE will help YOU SELL MORE and SELL
MORE . The best thing about our system is that it is absolutely risk free
for you . But don't believe us . Mrs Jones who resides in Virginia tried us
and says "Now I'm rich, Rich, RICH" . This offer is 100% legal. ...
== ‘Password: 123abc’
Overview
Message
Message
Encrypt message
Decrypt message
Embed in cover
data
Insecure channel
Remove from
cover data
3
Criteria for a good algorithm
Stegano
Watermark
• Perceptual transparency
• Hiding capacity
• Robustness
+
+
-
-/+
+
• Computational complexity
-
-/+
Least Significant Bit insertion (LSB)
Header
Image raster
H
01001000
e
01100101
l
01101100
l
01101100
o
01101111
01101011 10100101 00101100
01101010
00101101
11111101 00011001 01100000
11111100
01100001
11101000 10000110
10000111 10101110
10101111
00101101 00011101 11100000
01101011 10101101 00101100
01101010
00101101
11101101 00000000
00000001 01100011
4
Structure at bit index
Bit
Original
Bit
Bit
Bit4
201
3
7
5
6
Hiding data in single bit (35kb)
Bit 0
7
6
5
4
3
2
1
5
LSB
Diff(x,y)=abs(f(x,y)-f_stego(x,y))*200
LSB in uncompressed images
• Ease of detection depends on size and
placement of payload.
• High capacity (93kb for a 500*500
image).
• Very easy to destroy.
• Computationally inexpensive
6
GIF files
Gif images have max 256 distinct colours.
Each pixel indexes into colour table.
= Sort colour table and use LSB
insertion in image raster.
=Hide info in the arrangement og
the colour table itself. 255bit - 1.6
kbit.
Unsorted
Sorted
GIF files (S-Tools)
Original
+40 kb
7
GIF files (S-Tools)
Diff(x,y)=abs(f(x,y)-f_stego(x,y))*3
Frequency domain (JPG)
f (x,y)
T (u,v)
DCT
T’ (u,v)
T (u,v) / Q(u,v)
8
Hiding information in frequency domain
LSB in n last
coefficients
Relative size of two medium
/(low) frequency coefficients
Hiding information in spatial domain
f (x,y)
T (u,v)
IDCT
T’ (u,v)
T’ (u,v) * Q(u,v)
JPG steganography (JPHS)
Original
+ 4kb data
9
JPG steganography (JPHS)
Diff(x,y)=abs(f(x,y)-f_stego(x,y))*50
Detecting hidden content
Perceptual transparency not good enough!
As with cryptography, counterattack has to be
tailored to stenographic algorithm, as each reduces
image structure in characteristic ways (statistical
signatures).
First order statistics: Changes in frequency
distribution of pixels values (histogram changes)
Before
After
10
Detecting hidden content
Model expected level of entropy and compare to
measured. (Add random noise to LSB).
Higher order statistics: Detect lack of
correlation/covariance between pixels in LSB.
JPG: Not all patterns of DCT coefficients possible
after quantization.
11