Steganography - University of Wisconsin–La Crosse
Download
Report
Transcript Steganography - University of Wisconsin–La Crosse
Steganography
Kati Reiland
CS 419
April 7, 2003
What is Steganography?
• Technically meaning “covered writing”
• Anything that hides information in
another media without making any
visible changes to the media.
• Not cryptography
History of Steganography
•
•
•
•
•
•
In 440 b.c. Demeratus warned Sparta
Shaved messenger’s head
“Invisible Inks”
A Beautiful Mind
Hidden Data in i’s, j’s, and periods
Today, used to protect currency from
counterfeiting
Uses of Steganography
• Hiding of information to avoid
observation or detection
• Protection of intellectual property
rights.
Possible Uses of Steganography
Drawbacks
Used to combine explanatory
information with an image (e.g.
doctor’s notes with an x-ray)
Could accidentally degrade or render
an image misleading
Embedding corrective audio or image
data in case corrosion occurs from a
poor transmission or connection
Could counteract with the original
image
Peer-to-peer private communications
Doesn’t hide the fact that an e-mail
was sent
Posting secret communications on the
web to avoid transmission
Anyone with a cracking tool could
expose and read the message
Copyright protection
Hardware tools needed to protect the
watermarking.
Maintaining Anonymity
It is easier to use free web-based e-mail
or cloaked e-mail
Hiding data on the network in case of a Better to understand and effectively
breach
use standardized encryption
Table from ComputerWorld, 2002
Avoiding Detection
• Binary Data
– ASCII text
– Graphics
• Cover Object
• Where is it hidden?
– TCP/IP Headers
– Spaces in Text
– “Noise” in sound files
– Least Significant Bits in image files
Example of Hidden Data
• Camouflaging
– Fishing freshwater bends and saltwater
coasts rewards anyone feeling stressed.
Resourceful anglers usually find masterful
leapers fun and admit swordfish rank
overwhelming anyday.
Fishing freshwater bends and saltwater coasts
rewards anyone feeling stressed. Resourceful
anglers usually find masterful leapers fun and
admit swordfish rank overwhelming anyday.
An Easier Example
• After the theater, all clients keep a tab
down at Wesley’s Nook.
After the theater, all clients keep a tab
down at Wesley’s Nook.
ATTACK AT DAWN
Data in Audio
• Uses Least Significant Bits to hold data
• May retain data in the “unhearable”
areas of the audio file
Data in Images
• Large files offer the best option for
concealment but they are also the most
difficult to transmit.
– Compression
• Lossless
• Lossy
• 3 Types of Hiding in Digital Images
– Least Significant Bit (LSB) Insertion
– Masking and Filtering
– Algorithms and Transformations
From Protecting Personal Data
Various Color Palettes
LSB Insertion
•
•
•
•
Can be destroyed by any compression
On average, only alters 50% of the bits
Works best with 24-bit cover images
Undetectable to the human eye
From Protecting Personal Data
Masking and Filtering
• Used for 24-bit and Grayscale images
• “Watermarking”
• Extend the image to
include the information as
a part of the cover image.
• Generally unchanged by
compression
Algorithms and Transformations
• Discrete Cosine Transform
– A lossy compression (cosines are not exact
calculations)
• Redundant Pattern Encoding
– Also called Spread Spectrum Methods
– Scatters info in the image and “marks” the
significant areas
– The rules for scattering and swapping are
kept by the “stego-key”
Most Popular Stego Tools
• StegoDos
• White Noise Storm
• S-Tools
• Hide and Seek
Protection of Rights
• Digital Watermarking
• Digital Fingerprinting
Uses
• Copyright Information
– Integrity
– Informs of Ownership
• Stop Piracy
– Ruins the use of pirated software, music, or
data
– Simply doesn’t allow duplicates to be made
• Keep track of where the music/software
is being used
Digital Watermarking
• Places a piece of information, usually
copyright information about the owner,
repeated within the data.
• MagicGate and OpenMG
• MP3Stego
• PictureMarc
Digital Fingerprinting
• An embedded unique pattern into each
distributed copy of the data.
• The unique data needs to appear
normal to the user.
Steganalysis
• The process of finding hidden data in
other media.
• Corporate Data Theft
• 4 Types of Attacks
– Stego-only Attack
– Chosen Stego Attack
– Known Cover Attack
– Known Stego Attack
Bibliography
The Code Book by Simon Singh
Steganography and Steganalysis by Joshua Silman
Steganography by Neil Johnson
Steganography: The New Terrorist Tool? By Danley
Harrison
TechTV’s various articles on Copy Protection and Digital
Watermarking
Protecting Personal Data by Simone Fischer-Hubner