Stenography
From The Black OP Security Wiki
Main Page >> Tutorial Directory >> Stenography
|
|
FAQ
Q. Is steganography the same thing as encryption?
A.
No, encryptions goal is to make it so that data can not be recovered
with out a key. Steganographys goal is to make it so the presence of
data can not be connected. The two often compliment each other, for
example most plausible deniability crypto-systems use steganography
principles. Likewise, more steganography systems encrypt the data
before hiding it in a cover file.
Q. Is steganography very good?
A.
Steganography is not as "secure" as encryption is. Strong encryption
can not be broken. The vast majority of steganography, possibly all of
it, can have the hidden information detected with with careful
analyitical techniques. If you use steganography, you are sort of
hoping that no one tries and finds out that you are using it.
Steganography is in many ways the same thing as plausible deniability.
For example, if you send someone a text document steganographically
hidden in an image file, you are trying to avoid detection and if you
are detected you can use the defense that you were merely sending a
picture. The adversary then needs to analyze the image and try and find
the text file. In some cases they may be able to, in almost all cases
they will be able to at least determine that something is hidden in the
image file but they may not be able to determine what it is. This is
especially true when you mix encryption with steganography, even if the
adversary can prove you are using steganography they can not prove what
you are hiding inside the cover files. Some steganographic techniques
are better at hiding the fact that steganography is being used than
others, but none of them are as solid at accomplishing their goals as
encryption can be at accomplishing its goal.
Q. So how exactly is steganography helpful for me?
A. You can do many things with steganography.
Example
One: You have a lot of sensitive text files. You encrypt them, but an
adversary might force you to give up your password. So you can hide the
encrypted text files in images, and many adversaries are going to
overlook them.
Example Two: You need to communicate with a group
of people about sensitive information, and want to avoid attracting
attention for using encrypted communications. You can encrypt your
communications, steganographically hide them in an image, and put them
up on a website. Note that the people you are communicating with will
need to know the password to uncover the hidden information, and you
will need to think of a way to securely transfer it to them (asymmetric
encryption).
Q. What all can be used as cover files?
A.
You can use anything as a cover file, depending on the specific
steganography program you are using. Commonly images are used. If you
need to hide larger amounts of data, video files or audio files can
also be used.
Q. Are there any named steganography standards? Like AES or Serpent are for encryption?
A.
Yes, but steganography algorithms tend to be named after the software
that they come from. One exception would be mirage, which is the name
of an algorithm that to the best of my knowledge has still not been
implemented.
Q. Don't terrorists use steganography?!
A. I
have no idea, but even if they do it isn't as big of a deal as the news
makes it out to be. I imagine most of this is fearmongering on the part
of the media.
About
Steganography is the
practice of hiding data in other data. This can be done in a number of
ways, the easiest to explain (and one of the most popular) being least significant bit, or LSB. If you read the tutorial on computer forensics
you will remember that computers work with binary code (1's and 0's,
aka bits), and that an image is really a large string of bits, often
broken down into 24 bit strings per pixel. The 24 bit string is further
broken down into three 8 bit strings, with the three 8 bit strings
representing red green and blue. The 8 bit string can represent 0-255
(2^8 = 256).
For example, (0, 0, 0) represents black while
(255, 255, 255) is white. There are over 16
million possible colors that can be represented this way.
For example, a specific light blue color can be represented by the string (176, 224, 230) which in binary is 10110000 11100000 11100110
The
color (177, 225, 231) is near identical as far as the human eye can
tell, and the binary string is also near equal, only the 8th bit of the
3 strings changes: 10110001, 11100001, 11100111
These
changes in the color will not make a noticeable difference to the human
eye, but allow for bits to be stored inside a file by having the bits
to hide replace the LSB of the strings that make up the image colors.
This is especially handy when combined with encryption, where the
Can you see a difference between the two above images? Not really, but with the proper key, you could reveal a hidden bit string that forms an encrypted text document in the image on the bottom. Not much information can be hidden inside of an image, usually not much more than text
messages in text files. If you use stegongraphy in video files, or audio files, you can hide quite a bit more. It should be possible to hide actual images inside of video files. Video steganography can use LSB as well, a video file is merely thousands of images compressed
together and played back at a steady rate. Audio can be done the same
way as well, and the human ear will not be able to discern the
differences in sounds.
Note that the more information you hide
steganographically, the more noise it will leave, and the easier it
will be for an adversary to discover you are using it. Small amounts of
data hidden in large files are very difficult to detect. Encryption
should still be used though, steganography has the goal of hiding
information, if it is discovered that steganography is being used you
still need encryption to fall back on in order to keep the 'real'
information obscured.
