Steganography tools
Encyclopedia
A steganography
software tool implements a subset of the most general digital steganography process, allowing users to insert and extract hidden data into and from carrier files.
on the hidden data, but remember it is optional: data has to be invisible first.
Please notice also that, according to common public opinion:
Take also a look to this practical definition of carrier:
From a user point of view:
Carrier chains are a main feature of every professional steganography tool, ensuring that you can't get the hidden data back:
This additional security feature is usually achieved by:
, like statistical steganalysis
. Strong cryptography, along with any other obfuscation process, is always welcome but should only be considered as a last-man-standing defense. Encoding (steganography) will deceive attackers and obfuscation (cryptography) will slow them down once you've been caught. People hiding sensitive data should consider deniable cryptography
as an exit strategy
.
Robustness against statistical steganalysis
can be achieved by a balanced mix of:
Steganography users should rely only on multi-layered architectures with a deep documented obfuscation
process.
Steganography
Steganography is the art and science of writing hidden messages in such a way that no one, apart from the sender and intended recipient, suspects the existence of the message, a form of security through obscurity...
software tool implements a subset of the most general digital steganography process, allowing users to insert and extract hidden data into and from carrier files.
Architecture
Novel users approaching steganography need to get acquainted with some common steganography-related terms and conceptsHidden data
Data to be covertly communicated are usually referred to as hidden data. Steganography focuses on the covertly adjective. You're going to employ a steganography tool because the very existence of the data has to be secret and invisible. The tool can also perform some cryptographyCryptography
Cryptography is the practice and study of techniques for secure communication in the presence of third parties...
on the hidden data, but remember it is optional: data has to be invisible first.
Please notice also that, according to common public opinion:
- Cryptography plays a relevant role in public / trusted / legal data sharing
- Steganography plays a minor role in secret / obscure / illegal data sharing
Carrier
The carrier is the signal, stream, or data file into which the payload is hidden.Take also a look to this practical definition of carrier:
- The audio/image/video/text/executable/repository file that, once processed,
- will look and work as the original one
- will hold inside part of or the whole hidden data
- will raise no suspect sending it by email, sharing it through internet, carrying it out of the office, a.s.o.
From a user point of view:
- Carriers have to raise no suspect because of their size
- small carriers with no data are very suspicious: What would you think about an empty word document with a 1Mb size?
- huge carriers exchanged through internet are very suspicious: What about a downloadable set of DVD .vobVOBA VOB file is a container format in DVD-Video media. VOB can contain video, audio, subtitle, menu and navigation contents multiplexed together into a stream form. VOB is based on the MPEG program stream format, but with additional limitations and specifications in the private streams...
files?
- Carriers have to raise no suspect because of their format
- out of date file formats are very suspicious: What about a .wavWAVWaveform Audio File Format , is a Microsoft and IBM audio file format standard for storing an audio bitstream on PCs...
downloadable telephone ringtone? - non standard file format extensions are very suspicious: What about a PDF reported as broken or corrupted by adobe reader?
- out of date file formats are very suspicious: What about a .wav
Chain
When hidden data is split among a set of files you get a carrier chain.Carrier chains are a main feature of every professional steganography tool, ensuring that you can't get the hidden data back:
- if one or more carriers are missing
- if one or more carriers have been manipulated (volatile steganography)
- if one or more carriers are not processed in the correct order
This additional security feature is usually achieved by:
- using a different initialization vectorInitialization vectorIn cryptography, an initialization vector is a fixed-size input to a cryptographic primitive that is typically required to be random or pseudorandom...
for each carrier and storing it inside processed carriers -> CryptedIVn = Crypt( IVn, CryptedIVn-1 ) - using a different cryptography algorithm for each carrier and choosing it with a chain-order-dependent equiprobabilisticEquiprobableEquiprobability is a philosophical concept in probability theory that allows one to assign equal probabilities to outcomes when they are judged to be equipossible or to be "equally likely" in some sense...
algorithm
Cryptography
Users have to remember that steganography's main goal is invisibility. A good steganography tool should first ensure robustness against modern forensic methodsComputer forensics
Computer forensics is a branch of digital forensic science pertaining to legal evidence found in computers and digital storage media...
, like statistical steganalysis
Steganalysis
Steganalysis is the art and science of detecting messages hidden using steganography; this is analogous to cryptanalysis applied to cryptography.- Overview :...
. Strong cryptography, along with any other obfuscation process, is always welcome but should only be considered as a last-man-standing defense. Encoding (steganography) will deceive attackers and obfuscation (cryptography) will slow them down once you've been caught. People hiding sensitive data should consider deniable cryptography
Deniable encryption
In cryptography and steganography, deniable encryption is encryption that allows its users to convincingly deny that the data is encrypted, or that they are able to decrypt it. Such convincing denials may or may not be genuine. For example, although suspicions might exist that the data is...
as an exit strategy
Exit strategy
An exit strategy is a means of leaving one's current situation, either after a predetermined objective has been achieved, or as a strategy to mitigate failure. An organisation or individual without an exit strategy may be in a quagmire...
.
Robustness against statistical steganalysis
Steganalysis
Steganalysis is the art and science of detecting messages hidden using steganography; this is analogous to cryptanalysis applied to cryptography.- Overview :...
can be achieved by a balanced mix of:
- stream based cryptography process
- data whiteningDecorrelationDecorrelation is a general term for any process that is used to reduce autocorrelation within a signal, or cross-correlation within a set of signals, while preserving other aspects of the signal. A frequently used method of decorrelation is the use of a matched linear filter to reduce the...
process - encoding process
Steganography users should rely only on multi-layered architectures with a deep documented obfuscation
Obfuscation
Obfuscation is the hiding of intended meaning in communication, making communication confusing, wilfully ambiguous, and harder to interpret.- Background :Obfuscation may be used for many purposes...
process.
Carrier engine
The carrier engine is the core of any steganography tool. Different file formats are modified in different ways, in order to covertly insert hidden data inside them. Among these processing algorithms you can find:- Injection (suspicious because of the content-unrelated file size increment)
- Generation (suspicious because of the traceability of the generated carriers)
- Ancillary dataAncillary dataAncillary data , in the context of television systems, refers to a means which by non-video information may be embedded within the serial digital interface...
and metadataMetadataThe term metadata is an ambiguous term which is used for two fundamentally different concepts . Although the expression "data about data" is often used, it does not apply to both in the same way. Structural metadata, the design and specification of data structures, cannot be about data, because at...
substitution - LSBLeast significant bitIn computing, the least significant bit is the bit position in a binary integer giving the units value, that is, determining whether the number is even or odd. The lsb is sometimes referred to as the right-most bit, due to the convention in positional notation of writing less significant digits...
or adaptive substitution - Frequency space manipulation
See also
- SteganographySteganographySteganography is the art and science of writing hidden messages in such a way that no one, apart from the sender and intended recipient, suspects the existence of the message, a form of security through obscurity...
- BPCS-SteganographyBPCS-SteganographyBPCS-Steganography is a type of digital steganography. Digital steganography can hide confidential data very securely by embedding them into some media data called "vessel data." The vessel data is also referred to as "carrier, cover, or dummy data"...
- Steganographic file systemSteganographic file systemSteganographic file systems are a kind of file system first proposed by Ross Anderson, Roger Needham, and Adi Shamir. Their paper proposed two main methods of hiding data: in a series of fixed size files originally consisting of random bits on top of which 'vectors' could be superimposed in such a...
- Steganography detection
Steganography tools directories
Articles
- Analyzing steganography softwares
- Steganalysis
- Niels Provos - Defending against statistical steganalysis
- Jessica Fridrich - Constructing good covering codes for applications in steganography