Steganography Security through obscurity stegano graphy covered writing The art of hiding information in ways that prevents the detection of hidden messages. Added level of protection to cryptography (≈hide a small needle of information in a large hay stack of dummy information). 1 Traditional techniques Invisible ink Microdots Character arrangement Spread spectrum WW II Apparently neutral’s protest is thoroughly discounted and ignored. Isman hard hit. Blockade issue affects pretext for embargo on by-products, ejecting suets and vegetables oil. Pershing sails from NY June 1. 2 Today www.spammimmic.com Dear Friend ; You made the right decision when you signed up for our mailing list . This is a one time mailing there is no need to request removal if you won't want any more ! This mail is being sent in compliance with Senate bill 1621 , Title 5 , Section 301 ! This is not a get rich scheme ! Why work for somebody else when you can become rich inside 84 DAYS ! Have you ever noticed how long the line-ups are at bank machines and people love convenience ! Well, now is your chance to capitalize on this ! WE will help YOU SELL MORE and SELL MORE . The best thing about our system is that it is absolutely risk free for you . But don't believe us . Mrs Jones who resides in Virginia tried us and says "Now I'm rich, Rich, RICH" . This offer is 100% legal. ... == ‘Password: 123abc’ Overview Message Message Encrypt message Decrypt message Embed in cover data Insecure channel Remove from cover data 3 Criteria for a good algorithm Stegano Watermark • Perceptual transparency • Hiding capacity • Robustness + + - -/+ + • Computational complexity - -/+ Least Significant Bit insertion (LSB) Header Image raster H 01001000 e 01100101 l 01101100 l 01101100 o 01101111 01101011 10100101 00101100 01101010 00101101 11111101 00011001 01100000 11111100 01100001 11101000 10000110 10000111 10101110 10101111 00101101 00011101 11100000 01101011 10101101 00101100 01101010 00101101 11101101 00000000 00000001 01100011 4 Structure at bit index Bit Original Bit Bit Bit4 201 3 7 5 6 Hiding data in single bit (35kb) Bit 0 7 6 5 4 3 2 1 5 LSB Diff(x,y)=abs(f(x,y)-f_stego(x,y))*200 LSB in uncompressed images • Ease of detection depends on size and placement of payload. • High capacity (93kb for a 500*500 image). • Very easy to destroy. • Computationally inexpensive 6 GIF files Gif images have max 256 distinct colours. Each pixel indexes into colour table. = Sort colour table and use LSB insertion in image raster. =Hide info in the arrangement og the colour table itself. 255bit - 1.6 kbit. Unsorted Sorted GIF files (S-Tools) Original +40 kb 7 GIF files (S-Tools) Diff(x,y)=abs(f(x,y)-f_stego(x,y))*3 Frequency domain (JPG) f (x,y) T (u,v) DCT T’ (u,v) T (u,v) / Q(u,v) 8 Hiding information in frequency domain LSB in n last coefficients Relative size of two medium /(low) frequency coefficients Hiding information in spatial domain f (x,y) T (u,v) IDCT T’ (u,v) T’ (u,v) * Q(u,v) JPG steganography (JPHS) Original + 4kb data 9 JPG steganography (JPHS) Diff(x,y)=abs(f(x,y)-f_stego(x,y))*50 Detecting hidden content Perceptual transparency not good enough! As with cryptography, counterattack has to be tailored to stenographic algorithm, as each reduces image structure in characteristic ways (statistical signatures). First order statistics: Changes in frequency distribution of pixels values (histogram changes) Before After 10 Detecting hidden content Model expected level of entropy and compare to measured. (Add random noise to LSB). Higher order statistics: Detect lack of correlation/covariance between pixels in LSB. JPG: Not all patterns of DCT coefficients possible after quantization. 11