Steganography By: Brittany Bugg and Makenzie Young December 4, 2007

advertisement
Steganography
By: Brittany Bugg and Makenzie
Young
December 4, 2007
What is Steganography?
 The art of writing in code
 Hiding information by embedding messages
within other messages
 Only the person receiving the message can
decode it, but they have to have to the proper
code or software to do so.
Background
 Dates back as early as Ancient Rome where
they would inscribe messages on stone tablets
and then pour wax over it
The wax would be scraped off to read the message
Mostly used for military intelligence
Another method used in ancient Greece, tattooing a
message on someone’s head and then allowing their
hair to grow back then the receiver of the message
would shave their head
 Chinese used messengers on foot where they
would hide messages on silk cased in wax and
the messengers sometimes carried it in them
Applications for Steganography

Hide and Seek (versions 4.1 and 5.0)




StegoDos






By Colin Maroney
Images 320x480
Spreads data throughtout the GIF in a random fashion
Also known as Black Wolf’s Picture Encoder
Public Domain software by an anonymous person
Works with images that are 320x200 with 256 colors
Steganos is a LSB embedding system that embeds data into
images
SecurEngine, an application in which small text files are
hidden in larger text files
White Noise

By Ray Arachelian
White Noise Example
White Noise was the first software
tested that could embed this
message (to the left) into the
picture above.
Other Examples
 Invisible Ink
Can be used in documents or even clothing
 Fingerprinting
 Peers communicating
Doesn’t stop the fact that there is a message being sent
between the peers, which can obviously be detected
 Chaffing and winnowing
Where the recipient receives multiple messages where
they can identify the true meaning, but only one of the
messages is authentic and the rest are bogus
 Microdots
Where only a microscope can read the message
Pros
Used for:
Watermaking images for copyright protection
Example: holding a $20 bill up to the light and seeing
a watermark
Hidden in images, video files, and audio files
Confidentiality of valuable information to
prevent theft
Cons
Unfortunately, steganography can also be
used for illegal purposes:
Concealing a plan for terroristic threats
It is believed that al-Qaeda used steganographic
software to communicate plans with each other
before the 9-11 attacks, this has not yet been
confirmed
This is a huge threat to the gorvernment
Hiding harmful files
Stealing data
http://youtube.com/watch?v=ySkhnqdptzs
Steganalysis
 Steganalysis is a way to defeat steganography
 Stegdetect is a tool used for detecting the
content in images.
 The only con to steganalysis is that
steganography cannot always be detected
 Techniques on attack approach is important
depending on what information is available:




Steg-only attack: steganographic medium is available
Known-carrier attack: the original cover and the medium are available
Known message attack: when the hidden message is known
Chosen message attack: when the steganalyst knows the message and
has access to the steganography tool and can embed and analyze
messages
Applications for Steganalysis
 EnCase, by Guidance
Software Inc.
 Ilook Investigator, by
Electronic Crimes
Program
This is an
example of a file
without
embedded text
This is an
example of a
file with
embedded text
Algorithms
Are step-by-step procedures in solving a
problem
It is used by steganalysts in decoding
messages from images where the focus is
right now
Compare/contrast
Stenography
defined by dictionary.com, is “a person who
specializes in taking dictation in shorthand”
Cryptography
transforming information into an unreadable format
Digital Watermarking
When an image is embedded with copyright
information
Stenography
 A stenographer should not be confused for a
steganographer because they do not conceal messages
they write in shorthand coding
 For example, court reporters
 They use stenotype machines to type up what the people are
saying
 Type in codes, some reporters actually have a dictionary of
codes that consist of common words, phrases, etc.
 Type up to 300 words per minute, the average is 230
 In heated court cases up to 250 words can be said
Cryptography
 Cryptography is transforming information into an
unreadable format
 It is used to protect information such as credit
card information, email messages, etc.
 Unlike steganography, you can tell a message
has been encrypted, but in order to decode it
you need to have the proper key
 Cryptanalysis is the code breaking method
Digital Watermarking
 Digital watermarking is a pattern of bits inserted
into a picture or file to identify the copyright
information.
 Like steganography, it is meant to be invisible
 The bits within the image have to be scattered
so that they cannot be tampered with or
identified
 The actual watermark also has to be robust
enough so that if the image is changed, the
watermark is still there.
 Examples
Sources
 http://www.securityfocus.com/infocus/1684
 http://www.braingle.com/brainteasers/codes/steganograp
hy.php
 http://www.outguess.org/detection.php
 http://palisade.plynt.com/issues/2005May/steganalysis/
 http://www.strangehorizons.com/2001/20011008/stegan
ography.shtml
 http://www.webopedia.com/TERM/C/cryptography.html
 http://www.jjtc.com/stegdoc/index2.html
Download