Slashdot Mirror
Secret Data: Steganography v Steganalysis
gManZboy writes "Two researchers in China has taken a look at the steganography vs. steganalysis arms race. Steganography (hiding data) has drawn more attention recently, as those concerned about information security have recognized that illicit use of the technique might become a threat (to companies or even states). Researchers have thus increased study of steganalysis, the detection of embedded information."
I think this is the way of the future with regards to encryption. You cant crack what you cant find.
This came out a long time ago with the idea of hiding child pornography in files containing what appeared to be pictures of art, or other benign picture files.
There was even an episode of Law and Order about this. Its nothing new, but I agree it does pose many questions about security. (Security through obscurity is really good if the level of obscurity is paramount.)
And they said zombies weren't real!
I believe that information can be arbitrarily well obfuscated and hidden and therefore I find it difficult to imagine that there can be an effective and feasible technique to counter attack stenographic messages.
"illicit use [of steganography]"? I didn't realize encrypting stuff was illegal. Land of the free and all that.
[ home ]
Throw in a Stegosaurus and we've got a real Destroy All Monsters vibe going.
Run! It's Steganalysis!
3D Printing Tips and Tricks at Zheng3.com
But it's hidden
init 11 - for when you need that edge.
I thought the Steganalysis was extinct...that's public school education for you.
As if you can hide information in places that nobody would find, just doesn't seem like a plausible direction for security.
------
insert sig here,here, and here
Hide it on slashdot by posting at level 0. No one will think to look, and there's an unlimited storage potential.
I tinkered with this for a while. Start up gnucleus, do a search for *.jpg, and grab a bunch of files to scan. Not surprisingly, many of the images were porn (it's for research purposes, I swear!)
The biggest problems were 1. most (actually, all) of the images that came back as good candidates for having embedded images came back as false positives and 2. lack of a brute-force steg break utility.
number 2 is probably a result of poor searching on my part, but I honestly couldn't find a recent, (and free) tool that would do a brute force crack on embedded images. At the time (a few months back) I was using stegbreak and stegdetect.
So, is there anything better? anyone else have any luck?
There are some people that if they don't know, you can't tell 'em.
I can certainly see the use in espionage, hiding the real message in the static, as it were (Didn't a Tom Clancy book use this plot device? I think the message was sent in the connect noises for the modem). And NS's Baroque Cycle had some interesting steganographic bits in it (excessively long and boring letters about the nobility's obsession with fashion hiding an encrypted message for all to see). But on a day to day basis, I doubt this will affect most people.
Do not touch -Willie
Dear Friend , Your email address has been submitted .
to us indicating your interest in our newsletter
If you no longer wish to receive our publications simply
reply with a Subject: of "REMOVE" and you will immediately
be removed from our mailing list . This mail is being
sent in compliance with Senate bill 2116 , Title 3
; Section 304 ! This is different than anything else
you've seen . Why work for somebody else when you can
become rich within 56 MONTHS . Have you ever noticed
more people than ever are surfing the web and how long
the line-ups are at bank machines ! Well, now is your
chance to capitalize on this . We will help you decrease
perceived waiting time by 110% and SELL MORE . You
can begin at absolutely no cost to you . But don't
believe us ! Ms Simpson of Massachusetts tried us and
says "My only problem now is where to park all my cars"
! We are licensed to operate in all states ! We beseech
you - act now . Sign up a friend and your friend will
be rich too ! Thank-you for your serious consideration
of our offer !
SCO employee? Check out the bounty
I think thIs iS The way of the FutuRe
with regardS To encryPtiOn.
You've got a nicely steganographed "first post" there.
This is entirely solving the wrong problem. You can't crack what you can find, either - certainly you can't cryptanalyze it, in a competently designed system.
Ciphers are already strong enough - they need to be made more convenient and efficient, not less so.
The suggestion is that if data is being hidden in the LSB of a photo then you can use statistical analysis to spot this anomoly.
The problem here seems to be that if you were to compress your hidden data prior to hiding it, then the data inserted would appear random and should thwart statistical analysis. You'd need some redundancy there if you intent to jpeg compress the image, but it might work.
I've toyed with the idea of hiding data in the vectors used in a mpeg file. Exploiting the nature of the compression algorithm rather than the source data.
actually this is a really good thing. not just on slashdot, but on other sites where you can search the documents for key words.
Heck, post as ac with a unique subject and post encrypted (gpg) ascii in multiple parts. the data will be here still next year or five (plausible) and you can retrieve it, and decrypt (assuming you have the public key or password if it's symmetric
For those that are really concerned about information security steganography is a great thing. It makes much harder for attacker to get access to the sensitive private, corporate or goverment data.
Use of steganography is a threat only for those who want to wiretap communications and access other's data.
I have done a small experiment in steganography using DCT coefficients and spread spectrum technique, spreading a 4 bit number in 4 high frequency coeficients in a DCT transformed image
It works pretty well.. but I did it in PHP+GD, so it's pretty slow...
if anyone is interested, I have a paper that describes the methods, the PSNR and everything else... you can reach me at my gmail server, under the dangil alias
as soon as a method for stegnography is discovered it basically looses any advantage. the only way it could work is if the number of methods would increase at a exponential or higher rate. otherwise any interested party can just brute force your data for every possible stegnoraphy method. even if one that you use hasn't been discovered yet they can store that data and check it later. in either case if you got something to hide from they you are screwed. a much better way for secure communication is http://www.xelerance.com/mirror/otr/
me fail english? thats unpossible
I hide all my secret information in fake research papers on steganalysis. They never think to look there.
If I take a payload -- say a text file. If I compress the file, then encrypt the compressed data then finally hide it.
... and on and on...
Excecpt when I hide it I use the least significant bit of every n bytes where n is a 10 digit sequence.
[1,2,3,4,3,2,1,2,6,7]
the first source bit is stored in the lsb of the first image byte.
the second source bit is stored in the lsb of the [1+2] image byte.
the third source bit is stored in the lsb of the [1+2+3] image byte.
If the end of the image file is reached before the source file is embedded then wrap around and repeat using the second lest significant bit.
Using a unique noisy image source such as a crappy web cam taking a picture of a TV displaying white noise (to thwart a compressability test used for detecting images with hidden data), how could you detect this hidden message much less decode it without know specificaly how the algo works?
Because an encrypted stream is obviously hiding, it gives the attacker something to focus on. What a person might do instead with Steganography is embed encrypted information, so that the set of information is not only hard to detect in a field of dummy files, but that once the encrypted data is found one still has to decode it.
Reference [11] is for the F5 algorithm: Yet consider this paper: The abstract from Fridrich et al. says "... we present a steganalytic method that can reliably detect messages
So TFA article cites countermeasures from 2001, even though a method of defeating those countermeasures was published in 2002.
The above is just one example. Overall, TFA seems poor and out-of-date. This is a case where the F in "TFA" does not stand for "fine".
I'm more worried about the ilicit use of kitchen knives
I'll put my money on the dinosaur
The man who trades freedom for security does not deserve nor will he ever receive either. - Benjamin Franklin
Googlefight!
Steganography wins.
That doesn't serve the purpose of steganography, though. If someone is clued in to the possibility that you might be sending messages by posting them on Slashdot, it's fairly easy to check and find out that yes, in fact, you are sending messages. The idea behind steganography is not to make the message unrecoverable from the cover data, but to make it so that nobody detects that any communication is even going on.
From summary: Two researchers in China has taken a look
Apparently the editors has taken the day off.
I think that steg provides the opportunity to increase security of already existing crypto. Wouldn't it be plausable to take already encrypted data, and then hide it? Sure, it's not foolproof, but it's no worse than having the encrypted data sent as is.
At the same time however, it seems like steganography has some inherent flaws in it. That is to say, the more people use is, the quicker people will be able to determine patterns in the method. This would allow people/groups/countries/etc. to find the message faster. Doesn't sound like too reasonable of an idea.
Additionally....I'd be interested to see what DJB has to say about steganography...
So we hide the information by embedding it into goatse pictures!
Sounds like an extension of normal encryption/cryptanalysis techniques to me. The only difference is the ciphertext appears to be an unrelated plain text rather than random. To oversimplify, its a matter of finding patterns within other patterns, rather than patterns within pseudo-chaos. Still, seeing deeper than the obvious is not easy to do.
Lycestra
Method: An image is built of bytes representing shades of colors. If you go through and change the least significant bit of each byte you can encode a message. Note: this is achieved without substantially changing the image.
Example: 10001000 becomes 10001001
Significance: If two people were to set up a system, like "go to site XYZ on every 3rd Friday and download the pic of the day," it would be nearly impossible to track them. An agent in the field checks the image, noting the value of the last bit of each byte. Stringing these values together he creates a message. Two individuals can communicate from across the world without anyone else suspecting.
This can be used for anything: 1) Terrorists coordinating timed attacks 2) Americans selling national security secrets to foreign powers. 3) Communication between intelligence community agents (ours or theirs).
Land of the free yes, but all three of the above uses are illegal.
Steganography vs. Steganalysis
Wasn't this the sequel to Godzilla vs. Mothra?
Insert witty comment *here*. I'm fresh out of wit...
...that this has already been used, at least to get around free website restrictions. Many of them rejected uploads of zip/rar/.001-.00X etc. types of files, often even with header checks. Make it a picture gallery and well... what can you say, it's a popular gallery ;)
Kjella
Live today, because you never know what tomorrow brings
Hiding ciphertext within pictures or sounds does not work. They are mathematical methods to detect that a picture or a sound contains encrypted data (unusual noise). There is currently only one steganographic method I am aware of that really works. It is hiding ciphertext within ciphertext. I know only of one open source and free program that realises this scheme: TrueCrypt. And here is how they do it.
"Two things inspire me to awe -- the starry heavens above and the moral universe within." - Albert Einstein
This reminds me of a concern that surfaced in the immediate wake of 9/11: that the bad guys were shunning traditional net-based communication (e-mail, forum/newsgroup postings, etc.) and might be using codes or signals embedded in images in common places (eBay, for example).
I seem to recall a distributed screen-saver type app that was being used to crunch through millions of hosted images. Not much to find online about this, but there are articles like this one at NewScientist.com suggesting that the effort was a washout. here are some more stats from a study that came up dry, but there always this reference to "first stenographic image in the wild" as reported by ABC back when.
Don't disappoint your bird dog. Go to the range.
The fact that this is happening in China suggests to me that this is being done on the behest of the socialist government, which is far more concerned about the threat of grass roots movements for freedom and democracy than anything else.
Make no mistake, the current chinese government may represent a "kindler, gentler" communist regime, but its mere existence is still a crime against humanity.
Lee
Muslim community leaders warn of backlash from tomorrow morning's terrorist attack.
-----BEGIN PGP MESSAGE-----
l dC 4gOkQ=
Charset: ISO-8859-1
Version: GnuPG v1.2.5 (MingW32)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
VGhhbmtzISBJIG5lZWQgYWxsIHRoZSBsdWNrIEkgY2FuIGd
-----END PGP MESSAGE-----
The roots of education are bitter, but the fruit is sweet.
--Aristotle
hidden somewhere "in plain sight" in the code I turn in, is a program that actually works and has no bugs.
SLASHDOT: news for people who can't concentrate on work or have no life at all and got tired of yelling back at the TV.
Using statistical methods, most steganography can be broken either now or in the near future if the steganalyst can spend a lot of time and computing resources on each candidate bit collection, and if you're hiding a lot of bits in each collection. The consequence: don't hide very many bits, and widen the search space by hiding your trees in a forest of significant size, so that the amount of CPU the analyst can use on any particular tree is low.
Key exchange is a great candidate for steganography. And to make sure the population of innocuous bit collections around yours is high, find a place where a lot of people around you are dealing in large quantities of bits: music collections at a university, or spam messages on an e-mail relay.
A Stegosaur would stomp them both!
Case in point.
I was only replying to the somewhat offtopic comment. And I know what stenography is. I've used it myself through websites that let you use "avatars" or post pictures such as fark.com photoshop contests. It is fun, is it not?
*cheers*
He did say:
You can't crack what you can't find
Or is there some new technique whereby plaintext can be cracked???
He was implying hiding ciphertext via stego.
I got excited I thought this was all about the Stegasaurus.
ahhh...so THAT's what all that incessant GNAA crap is.
It would be interesting to investigate the use of steganography to provide for multiple channels for your encrypted message -- for example, you could divide the bits of your message across more than one image on a website. Harder to detect, and if detected, harder to decrypt.
Just a thought...
It's supposed to be completely automatic, but actually you have to press this button.
Is that a really bad pun for a B Movie?
(paraphrased)"There is no baby. She wasn't even pregnant.", was the way the lack of nukes in WW2 Germany was described, I think. There's just so many way to hide comunications. No computer required. For example: If you see somebody looking for a 1972 Ford Pinto in the classifieds, they're probably terrorists trying to hide a message. They plan on backing the thing into a building.
What?
I recall an article (linked here) about a guy who blackmailed a company (bank?). His method of getting payment involved them setting up an acount and getting the information to him so he could withdrawl the money at any ATM (no way to be there when he made the pickup). He had them communicate the information he needed by putting it on an existing public site using steganographic software that he sent (or provided instructions to get). Very elaborate, but he goofed by using his own PC, and they did eventually track him down even though he tried to remain annonymous with no direct communication back to him. Public key encryption would have been enough, but steganography allowed them to put the info on an existing public site without raising suspicion. I laughed at the part where he got caught after all that work...
I was just reading the DeCSS Haiku noticing how the guy managed to use a mnemonic encryption of PI (words with 3,1,4,1,5,9,2,6,5 length), and I wondered.
How about doing the same thing like say... encoding the full DeCSS source code in plaintext steganography, using words' length?
For example:
a) Encode to octal. 010205000506030102
b) Add 1. 2/3/6/1/6/4/2/3
c) Encode. "My fav. mangas: I wonder what is erm..." etc.
Just a thought.
I know there was a big fuss about these possibilities a couple of years ago--IIRC there were assertions that Al Qaeda was using it--and I thought some researchers had done a careful study and found no evidence for it whatsoever.
Is steganography in multimedia images really being used, or is it just a paranoid fantasy?
(Yes, I know--if it has never been detected, thatproves that it works....)
"How to Do Nothing," kids activities, back in print!
What I want to know is how is steganography, (and more importantly steganalysis), applied to network communication? If I have a network that has very defined traffic, how could someone embed their own data in our normal traffic. And how could I detect it?
I do security
Interesting points.
.doc with all of my financial accounts, for example) and considered the idea of stuffing it into a forest of innocuous files.
With lots of steg info, I can see where it quickly turns into a problem. I was considering more of the situation where I have ONE really important piece of information to hide (a
I am no expert, so I welcome modifications to this method, but here goes:
1. Take small piece of highly valuable information and encrypt it with a stong encryption method.
2. Download large amount of random data (pictures of kittens from 450 different websites, lotsa grainy ones)
3. Make strange modifications to pictures (lens flare!)
4. Apply favorite steg method and hide encrypted document.
Please discuss, I am quite interested now.
What strikes me as most curious is that the current debate about steganography is in itself an exercise in steganography--at least, in the sense of hiding important information in plain sight. Through the use of technical-sounding words, concerned parties manage to conceal what seems to be a genuinely frightening disrespect of the freedom of information.
Simply take "steganography" out of the equation. It's easy to scare the masses by using intimidating neologisms. But steganography is simply a manner to transmit information privately. So let's recast the sentence, "...illicit use of the technique might become a threat to the security of the worldwide information infrastructure." Let's simply say, "Individuals attempting to keep their private information private might become a threat to the security of the worldwide information infrastructure."
What used to be a preferred method for sending private information to a friend? The mail? Didn't we used to have a respect for the privacy of letters we sent via post? So how come no one said, "Sealing envelopes might become a threat to the security of the worldwide information infrastructure"?
What's being steganographically hidden in this debate is the reality that these days, quite a few people--many of them in power--simply no longer believe that a person has any right to private or personal information. Why would a technology such as this arise in the first place? Because we know that the first anthrax envelope made the private post public for everyone? Because we know our e-mail can be read, our servers can be hacked, our telephone calls recorded and our houses ransacked simply because fear of terrorists convinced us to sign over our civil liberties as if we no longer desired them?
This technology arose because some people realized that they were losing any pretense at privacy they might have had, and so were motivated to develop tools to maintain it. And now, we take the new word "steganography" and talk about how dangerous it is... perhaps because we're trying to conceal inside the hidden message that all privacy is dangerous, that anything you do, say or think should always be subject to review by the appropriate authorities.
What he wants is more important that what I want. What he wants is also more important that what you want.
There's so many misconceptions that I believe that you've got to be trolling here.
as soon as a method for stegnography is discovered it basically looses any advantage
The method in question would be a shared secret key. An enormous amount of encryption uses the shared-key approach and much of it is quite secure.
the only way it could work is if the number of methods would increase at a exponential or higher rate
The number of methods available are effectively infinite. Compare that to integer factoring, where the set of possible answers has a defined ceiling (all primes < value). The limit that steganography has placed on it is relative to the size of the image being used.
otherwise any interested party can just brute force your data for every possible stegnoraphy method.
Here's an example of steganography applied to text: within the sunday paper the editor left a hidden message where the sentence is composed of the 2nd character of the 4th paragraph of each page. Or was it the 2nd word of the 4th paragraph. Or was it some other day of the week. If you have no clue what method is being applied, you have no chance in decoding the message. But, feel free to waste you time trying.
even if one that you use hasn't been discovered yet they can store that data and check it later.
It is obvious that you have NEVER studied cryptography. Encrpytion is used when the channels offered to communicate information is insecure. If you were guaranteed to have 100% security, there is no need to encrypt. Anyway, there is ALWAYS the opportunity for an eavesdropper to record the ciphertext (passive attack) when data is transmitted via potentially insecure channels. That link you included still allows for passive attack.
in either case if you got something to hide from they you are screwed.
If something is SO secret then don't send/store it.
Troll.
If the embedded data rate is low enough, it's completely impossible to detect even if it was constructed using simple steganographic techniques.
Governments, companies, and everybody else simply have to get used to the fact that if anybody cares, they can hide and transmit information to anyone. I'm not sure that's a good thing--it also interferes with things like whistleblowing--but it's just the way it is.
Hey, Windows users, there is no such thing as "forward" slash, there is only slash and backslash.
Wasn't there an (unencripted) mountable filesystem that stored its data by posting as AC? (Can't find it at the mo...)
You'll have to forgive me, I'm not the greatest cryptographer in the world. But let's say that Joe Shmoe takes a picture with his cheap 8-megapixel camera, with a very high ISO setting for lots of noise. Now, that's roughly 192 megabits of information.
Suppose he needs to encode a 1 kilobit message. that means that there's going to be one bit of signal for every 192 kilobits of image. Now, say he does the encoding to merely appear like more noise in the already noisy image.
Given that low of a signal-to-noise ratio, I really don't see how you could detect the message unless you had prior knowledge of the algorithm or locations.
steve
Oh, you're not stuck, you're just unable to let go of the onion rings.
not sure, look around for me since you seem to have a better (albiet vague) notion of what it is.
Good luck finding steganographed, one time pad encoded messages.
"Sir, I found some noise here..."
Analogies don't equal equalities, they are merely somewhat analogous.
Wonge hongavonge hongidongdongenong yourong pongacongkongetongsong. You wongilonglong nongevongerong congrongakong ourong alonggongorongitonghongmong!!
VOTE!
would be to hide code written in whitespace. Encrypted, of course.
Crack that!
Ok, I this is the second article that I've read (within 5 minutes of each other!) that, while unrelated, both contain the word steganography.
This can't be a coincidence... there must be a hidden meaning... I'll get back to you once I discover what it is...
PS: Don't wait up.
Wanted: witty unique signature. Must be willing to relocate.
... or other online photo-posting websites. Create/select a known tag, and post what appear to be appropriate images there, which also happen to contain a steganographically hidden payload...
What's the message that's hidden in your post? :-)
Time flies like an arrow. Fruit flies like a banana.
If the govt found you sending plain text explanations of your terrorist plans, would they take it seriously or pass you off as a nut who's too incompetent to hide themselves?
I mod down anyone who says "I will be modded down for this", regardless of the rest of their comment
I agree with almost all of what you say: Getting caught with encryption could be a death sentence, encryption and steg have different goals, they can supplant one another in a reciprocity sort of way, etc. But let me say this again: it is so damn hard to do steg well, that anyone living in an area where coded transmissions are life-risking acts, should think twice. Me, I'd stay *clear* the fsck away from steg.
Steg isn't just *hard*, like encryption (where one can get good encryption, or carefully implement a published, trusted algorithm and be safe). It's harder. Each implementation has to be robust against all sorts of preliminary cryptanalysis techniques, plus you're dealing with stuff beyond your control (like machine-specific traits in scanner or camera output). Stuff that is *beyond your control* can reveal steg being used. For hiding data in photos, for example, all it sometimes takes is *looking* at histograms of the bytes found in normal images off a device vs. the histograms of bytes found in steg'd ones. Try it! The graphs nearly scream 'STEG!!!' at you (because each consumer device will have some characteristic 'gap' or overloading in the range of possible values, or because of compression algorithms in the device, if they save to jpg or mpeg).
I'm still not claiming expertise, but if but my life depended on this stuff, I'd tend toward lower-tech: I'd hide the info somewhere boring and plausibly-deniable.
Stenography is another word for shorthand.
"I'm not impatient. I just hate waiting." - My Dad
2 points:
1.) The Noosphere (the glass machine of ideas) is finite, albeit in weird ways. This means that like the discussion about Knuth progresses, authors tend to be strange attractors within the glass spheres, with wow pretty colors, look!
2.) In the Impire of Newtonian Reality, the flaws are what make the Imps fix what isn't broke. For example, if you have _ in a move-walk path, then an imp's algorithm will not make him avoid _.
What's interesting in a steganographic sense, is that for best results, that modules within the imp are not allowed to know that his move-walk algorithm is broken. So he keeps stepping in _. Which matures the modules that are being kept information-scarce by the force of nature.
If you need text styles to communicate then you don't have a message.
It was a mountable filesystem that stored files by posting on /. as AC. Example:
/mnt/slash /mnt/slash/textdocument
/mnt/slash/textdocument
slashmount
cp textdocument
File "textdocument" would then be broken up into chunks of maybe 2500 characters, posted on slashdot as AC on the first story on the main page, and the comment UID recorded.
vi
Would then retrieve each post using the previously stored comment UIDs, merge them together in order, and spit back your original text file.
Completely pointless, but I thought it was a cool idea.
Any use of steganography is probably an illicit use. If you're encrypting something for a legitimate purpose, you probably wouldn't need to hide the very fact that you're encrypting something!
in my porn!
Oh well, what the hell...
here's a link
You've got a nicely steganographed "first post" there.
/users3 did Kubla Kahn A stately pleasure dome decree, Where /bin, the sacred river ran Through Test Suites measureless to Man Down to a sunless C.
Yeah, well thanks to this article, I'm trying to find hidden information in the fortune cookie at the bottom of this very same article:
In
So far all I've got is that either puns on computing terms or directions to asassinate Bill Gates while he sunbathes by a middle-eastern riverbank during a total eclipse of the sun.
"You cannot have a General Will unless you have shared experiences. You cannot be fair to people you don't know."
Where the heck did 'reactionary: not exactly...' come from!? All I did was hit reply, and people above/below me in the thread got the re: Layered Implementation.
Wierd.
Those of you who find stego interesting might enjoy reading about one person's explorations of the topic on the Code Project site .. I found the idea of reordering HTML attributes to encode information especially inspired:
http://www.codeproject.com/csharp/steganodotnet13. asp
The same author has written a number of other stego-related articles, usually with C# code .. plus she's kinda cute. ;-)
Enjoy.
This space intentionally left blank.