What is Steganography?
Steganography is the art of hiding information in images. In Greek, Steganography means “covered writing”.
In steganography, confidential data is hidden in images to protect it from unauthorized users. So basically it means, hiding a secret message within a cover-medium in such a way that others cannot detect the presence of the hidden message.
In contemporary terms, steganography has evolved into a digital strategy of hiding a file in some form of multimedia, such as an image, an audio file (like a .wav or mp3) or even a video file.
Steganography vs. Cryptography
Steganography and cryptography are two important techniques to secure data. It has gained importance post World War II. It is now widely used by Law Enforcement Agencies, terrorists etc.
Steganography’s goal is to hide the presence of a message.
Cryptogtaphy’s goal is to obscure a message or communication so that it cannot be understood.
Steganography differs from cryptography in the sense that, cryptography focuses on keeping the contents of a message secret, whereas steganography focuses on keeping the existence of the message secret. The strength of steganography can thus be amplified by combining it with cryptography. Steganography and cryptography make a powerful combination regarding data security!
Methods of Steganography
Embedding messages in media, like
- Plain Text
Steganography with plain text can be done in number of ways, as mentioned below:
- Using selected characters or words from a specially-crafted cover-text. (Consider this sentence – “Since Everyone Can Read, Encoding Text In Neutral Sentences Is Doubtfully Effective”. Here, if you observe, first letter of each word is used to convey a message – Secret Inside!!)
- Introducing white-space characters (line spaces and tabs) that a text view won’t display.
For demonstration purpose we will illustrate SNOW (Steganographic nature of Whitespace).
Snow is a program for concealing and extracting messages in ASCII text files. This method conceals messages by appending tabs and spaces (known as whitespace) at the end of lines. Tabs and spaces are invisible to most text viewers, hence depicting steganographic nature of this encoding scheme.
Figure. 1.1 shows all the available options in snow. They are described as below:
-C = use compression during concealing, uncompress during extraction
-Q = quite mode. Used to turn off verbose messages while program runs
-S = Show approximate space available in cover file
-p = password option is used for encryption/decryption
– l = snow will create lines sorter than this optional line length parameter
-f = this is the secret file
-m = this is the secret message string
infile = this is the input cover file
outfile = this is the output file
For this example, we will use following file :-
insnow.txt = this is the secret file to conceal
hide.txt = this is the infile (cover file)
outsnow.txt = this is the outfile (cover file + secret file)
[email protected] = this is the password used for encryption/decryption
Note:- All the above specified examples need appropriate substitution for practical purposes..
Now to hide the file – insnow.txt within hide.txt using encryption with the output of snow, the command is as follows:
Snow –p “[email protected]” –f insnow.txt hide.txt outsnow.txt
Now to extract the hidden message following command is used:
And the contents of the secret file are revealed:-
“meet me at dawn”
Data can be hidden in images also. In fact images are most widely used in steganography.
Many tools are available to do image steganography like Camouflage, JPEG-JSTEG. For demonstration we will use Camouflage.
Camouflage allows you to hide files by scrambling them and then attaching them to the file of your choice. This camouflaged file then looks and behaves like a normal file, and can be stored or emailed without attracting attention. Camouflage software is easy to install, user-friendlyand a very versatile steganography tool that is free of cost and readily available for downloading .
For example following files will be used:-
Sunflower.jpg = cover medium
Secret.jpg = file to be hidden
Kiss = passphrase
You can camouflage a file or several files at a time by right-clicking them and choosing “Camouflage” from the menu. Following window will appear.
Now, in the first window, you can view/edit the files by double clickin them or by right clicking them and choosing ‘Open’. Selectin “Properties’ will give information about the file.
Anyway, click next.
Here, in the second window, it will ask for the cover medium (file). Select a file with which you want to cover your secret file. This file can be of any type, but in this example we are using a .JPG file.;
In the next window, give the location and filename for the camouflaged file. Check ‘Read-only’ to create camouflaged file with its ‘Read-only’ attribute. This is recommended because it makes the file safer, and prevents other applications from modifying it and destroying the camouflaged section.
In the final window you can type a password.We will use “kiss” as password for demonstration purpose. If you do not wish to add password then just click ‘Finish’. This will create the camouflaged file and then exit.
To extract the files hidden within a comuflaged file, right-click the camouflaged file and choose ‘Uncamouflage’ from the menu.
A password prompt appears. Enter the password, if any. Once you entered the correct password (if applicable), click ‘Next’
This window displays a list of the files hidden within the camouflaged file. The first file in the list is the file originally used as camouflage (cover medium).To extract files just click ‘Next’.
Here give the location where you want the file to be extracted. Now you can view your secret file!!!
In Audio steganography,secret messages are embedded in digital sound. The secret message is embedded by slightly altering the binary sequence of a sound file. Existing audio steganography software can embed messages in WAV, AU, and even MP3 sound files.
Embedding secret messages in digital sound is usually a more difficult process than embedding messages in other media, such as digital images.
For example following files will be used:-
Cover.wav = this is the cover medium file
Secret.wav = this is the hidden data file
Out.wav = output file (cover_medium + hidden_file)
[email protected] = this is the passphrase
Open S-Tools (S-Tools.exe).
Drag the cover_medium, in this case cover.wav, into the S-Tools window
Now, to hide the secret file, drag secret.wav into S-tools window and drop it onto the cover medium. Immediately you will be prompted for a passphrase. The passphrase is used in generating the pseudo-random number which is used to insert the bits into the cover file. IDEA, DES, TripleDES, and MDC are the encryption algorithms provided by S-Tools.
After choosing appropriate passphrase and Encryption Algorithm, right click on the secret file and save it.
The passphrase and encryption algorithm used must be remembered in order to extract the secret file.
Now, to extract the hidden message, open the out.wav in S-Tools.
Steganography, the easy way… No steganography software required!!!
Yes you read it right – No steganography software.
So here is a quick how-to on doing image steganography with common tools, without any specialized software.
- Compress the file you want to secure( I tried both rar & zip), say secure.zip
- Take the image file which you want to use, say image.jpg
- run the following command
copy /b image.jpg + secure.zip hidden.jpg
- Double click hidden.jpg & you'll see the original image
- Open the file in archiving utility ( tried winzip & winrar)
- It will open the content of original secure.zip
copy command copies the content of both the files into a third file.
The third file starts with the header of an image & even the extension is of image, so the OS (tried KDE & GNOME in case of Linux) interprets it like an image & shows the image, that too without any distortion or noise in the image.
/b option indicates binary operation & takes care of any possible goof up.
Download the image from http://bit.ly/stegano-demo which looks like one below & try opening it in any archiving software.
|Original image @ http://bit.ly/stegano-demo|