First Synopsis

Steganographic Messaging Service

____________________________________________________________
Submitted in partial fulfillment of the requirements for the degree of

Bachelor of Technology in Computer Science & Engineering

Submitted to

GURU NANAK DEV UNIVERSITY, AMRITASR

Under the guidance of

Submitted by

Ms. Manpreet Kaur

Karanpal Singh

Dr. K. S. Kahlon

(2011 CSA 1036)

Department of Computer Science & Engineering

GNDU

Table of Contents

Serial No.

Topic

Page No.

What is Steganography?

Existing Software

Analysis of Existing Tools

Project Description

Explication of Features

10

References for Existing

Software

12

What is steganography?
Steganography is a technique of hiding important information by concealing it in a seemingly
innocuous environment. The hidden information appears to be something else, something which is
usually harmless and not thought of as a container for hiding data. The guiding principle for
steganography is not attracting attention and making the information look banal. From hiding
messages in wax tablets in ancient Greece to writing in the space covered by the stamps on an
envelope during World War II, steganoraphy has been in use as far back as recorded history goes.
However, in the digital context it implies the practice of concealing a message or a file into another
file, message, image, audio, etc.
The year 1985 marked the advent of digital steganography when personal computers were used to
address some challenges of steganography. Following the spread of world wide web,
steganographic techniques have manifested in various garbs, most notably in the case of a printers
and photocopying machines that confidentially add date and time stamps on every page they print.
Steganography and Cryptography
While it is a common practice to add a layer of cryptography to messages sent information doctored
via steganography, the two are quite fundamentally different in their nature and scope.
Cryptography works on the principle of shared secret. The message is converted into an
undecipherable data by application of an algorithm which can then be unravelled only by a secretholder. This secret has to be constantly guarded by all parties concerned so that the information isn't
compromised. The most certain method to work one's way around cryptographed data is by a brute
force attack which tries all possible combinations of the secret. To avoid such a scenario, secret or
keys are made long and unwieldy so that processing speed acts as a limiting factor. Thus, while we
have made our data impenetrable and secure still there arises a need to conceal this encrypted data,
that discovering it become an uphill battle.
Steganography on the other hand does not require shared secrets, it tries to deny the existence of
any important information by giving it a hackneyed, overfamiliar appearance, and in doing so it not
only conceals the information but also diverts attention away from it. This is usually done by
making sensitive information masquerade as other media, concealed within other media or even
hidden in network traffic. This technique is limited therefore only by imagination.
2

Challenges in Steganography
The greatest challenge faced in developing a method of concealing data is that given enough time,
even the most brilliantly hidden data is liable to be found out if someone is looking for it. Ingenuity
in hiding data is a subjective notion and there are no objective benchmarks that can assure the
longevity of data safety. The most strongly built stegalyzer algorithm can miss some poorly hidden
data due to novelty in its location, at the same time an ingenious stash may crumble in front of an
unsuspecting observer who apprehends the pattern!
On the top of this, there are more stegalyzers than there are steganography tools. Intelligence
agencies and watchdogs are always on the lookout for steganographed data. Countries have
frequently raised allegations against each other of pervading into another's security through
steganographed messages. The most recent of these was that of FBI alleging that the Russian
foreign intelligence service made contact with illegal agents stationed abroad using messages
hidden in images.
There are limitations on the data that can be reasonably hidden. Unreasonably large media files as
well as copious amounts of media being sharing are likely to cause suspicion from certain quarters.

Existing Software
Most existing implementations of existing steganography tools fall under an umbrella trend: They
are open source software, hide information in images and make use of an assortment of open source
cryptography or compression algorithms like LZMA, Base64, LSB insertion, etc. A lesser number
support encoding of data into audio files, and an even lesser number into video files. A negligible
number also make use of techniques such as hiding data in the HTML, XML and ODT tags. The
most notable of these implementations are briefly discussed below.
StegFS
StegFS is the moon among the stars of steganography software. It is a groundbreaking
stegnographic file system that encrypts and hides the data in such a manner that its existence
cannot be proved. Each byte of the disk is encrypted and randomised so that each byte is an
equally likely candidate for being a part of the coveted data, but since the number of files on the
disk cannot be ascertained the attacker is left without a clue. This was specifically designed to
prevent rubberhose attacks and coercive situations.
The system is designed in layers using vectors that connect bytes within the same layer. In case
of a coercive situation, some of the keys can be relinquished to reveal only upto certain hidden
levels while denying the existence of any other levels, even if the attacker looks at the disk
directly.
It was implemented by Andrew Mcdonald and Markus Kuhn, but was based on an original
research paper on the concept of steganographic file system by Ross Anderson, Roger Needham
and Adi Shamir.
OpenPuff
It is noted for being the first steganpgraphy tool (December 2004). Its distinctive feature was its
ability to distribute the data into multiple carrier files, and was hence useful for hiding large files
(256MB, 512 MB, etc.) whose size was limited only by the implementation used. It used three
layers of obfuscation cryptography, whitening and encoding. It extends deniable cryptography
into deniable steganography. It could turn nearly every kind of media file (be it an image, an
audio, a video or even flash) into a career file. It also had some rudimentary features for

asynchronous data sharing.

Virtual Steganographic Library
It has an interactive point and click approach in which the user can choose the order and number
of steps of encryption to be used. The GUI is similar to UML software design tools such as
Rational Rose. However, the level of steganography provided is quite basic and is only for
certain formats of images.
Twitter Secret Messages
It is the only implementation in which one text message is hidden in another carrier message (a
tweet) by making use of similar looking characters and spaces. The resulting message however is
easily discernible which is not quite aligned with the principle of not attracting attention.
StegoShare
It supports various image formats such as BMP, PNG, JPG, GIF, TIFF, etc. The maximum
supported hidden file size is 2GB in upto 65536 images, the average capacity being 40% i.e. a
file of 100MB need at least 250MB worth of images. It also used 128 bit encryption.
DarkCryptTC
It is notable for the sheer range of file formats that it brings under its fold. Its very use of 100
algorithms in 5 modes is a confounds potential attackers. Steganography is not its highlight but
certainly a strength. It has the certain peculiar features such as being able to hide data in DLL,
EXE and NTFS streams.
StegaMail
The steganography is limited to hiding data in images. It has dedicated messaging feature that
allows the doctored files to be sent via e-mail.

Analysis of Existing Tools

All the tools revolve around the same techniques and architecture to provide steganography
services. The three most relied upon techniques for hiding data in other files are discussed.
Least Significant Bit encoding
This method is the more popular one among encoding images. Programs that use the Least
Significant Bit, or LSB, method encode the message in the least significant bit of every byte in
an image. By doing so, the value of each pixel is changed slightly, but not enough to make
significant changes to the image. In a 24-bit image, 3 bytes are used for each pixel, so each pixel
could encode 3 bits of a secret message. The altered image would look identical to the human
eye, even when compared to the original. However, grayscale images are always advocated for
use in steganography as they have a very limited palette and any chance of detecting an
abberation in the image by the naked eye is made negligible.
A more plausible container image would be a 256 color image, where 1 byte is used for each
pixel. A 640 x 480 image of this quality would be able to store 300 kilobits of data. With a large
enough image, one could even hide an image within another image. Popular commercial
programs that use LSB encoding include White Noise Storm and S-Tools.
Frquency Domain encoding
This method encodes messages within images by working with the 2-dimensional Fast Fourier
Transform, or 2-D FFT of the container image. The 2-D FFT separates the frequencies of the
image into rings centered around an axis. Those rings closest to the axis represent the low
frequencies of the image, and those furthest away represent the high frequencies. In the
frequency domain encoding method, the secret message is encoded in the middle frequencies of
the image. This is done by converting the message text to bits and overlaying these bits in a ring
shape in the desired frequency band on the 2-D FFT. Although the ring of bits appears dark and
outstanding on the 2-D FFT, the effect on the image itself is very slight. Also, an image encoded
by this method is able to better withstand noise, compression, translation, and rotation, than
images encoded by the LSB method.
Apart from reliance on these three specific methods for hiding data, all the tools are based on the
same generalised four-fold architecture. The various parts of this architecture are briefly described
6

in the following paragraphs.

1. Carrier
The carrier is the signal, stream or data into which the information is hidden. In using carriers one
has to ascertain that suspicions are not raised because a file fails to work and behave as it would
ordinarily do. Incongrous filesizes and use of deprecated file formats would certainly arouse
ridicule, if not suspiscion.
The carrier must be original and not publically available so that it cannot be compared against
something.
2. Chain
The hidden data, whether spread in the same file or in a number of files, forms a chain of sorts in
which each bit of data is vectored to the successive bits. The integrity of these chains is to be
ensured throughout the carrier data.
3. Robustness and Cryptography
Steganography tools aim to ensure robustness against modern forensic methods, such as statistical
steganalysis. Robustness is achieved by a mix of a stream-based cryptography process, a data
whitening process, an encoding process. If the data is detected, cryptography also helps to minimize
the resulting damage, since the data is not exposed, only the fact that a secret was transmitted. The
sender may be forced to decrypt the data once it is discovered, but deniable encryption can be
leveraged to make the decrypted data appear benign.
4. Carrier Engine
The carrier engine describes the different methods to be employed for different types of carrier data.
The carrier engine may simply inject data into the carrier, substitute ancillary data or metadata,
substitute least significant bits or manipulate frequency space.

Project Description
Project Name
Steganographic Messaging Service

Objective
Making a robsust text and file sharing service with generic email features which is operable on a
LAN, the distinguishing feature being that the information being sent is hidden using
steganography.

Features of the Project

Messaging Client

Signup, Login and Password Reset and Restore

Sending messages containing text and/or attachments

View received messages

View sent items

Live chat

Address book

Steganoraphy services
1. Encoding encrypted text messages into images, and their decryption
2. Encoding image files into audio files, and their decryption
3. Classic text message encryption using steganography, and their decryption

Technology Used
Front End: Jave 2 Standard Edition (J2SE)
Back End: MySQL

Hardware Requirements

Pentium 4 computer

512 MB RAM

LAN (Ethernet)

Software Requirements

Windows/Linux Operating System

Java Runtime Environment (JRE)

MySQL Database (Server Only)

Complete Unicode compatibility (especially Cyrillic and Greek scripts)

Explication of features
Messaging Client
The messaging client provides the generic email features such as sending and receiving text
messages with or without attached media. It has similar Inbox and Sent Items dialogs to view and
modify received and sent messages. To start using the application a user has to first signup with the
server in which he is given a unique username and a password of his choice, both of which are
needed to log in later on. The password can be reset and restored by the user as and when the need
arises.
The Live Chat allows to users who are online at the same time to communicate using text messages
which make use of realtime steganographic manipulation.
The Address book keeps a log of all the users who have corresponded at one time or another. This
acts as directory of user names for future reference.

Steganography Services
Hiding of text within an image
The text message will be hidden within an image file (BMP, JPEG, PNG, etc.) using a
combination of both Base64 encoding as well as Least Significant Bit Insertion. Proper GUI that
allows the user to view the image before and after tampering will be provided.
Hiding of image within an audio
This will be carried out by means of appending as well as inserting the image into the audio
file in an optimal manner that doesn't perceptiply alter the behaviour of the audio. Both the methods
have to be used because image files can have be considerabe size that may play a negative effect in
the effectiveness-quality trade-off. To do this the insertions would be made at appropriate echo
spots in an audio file so that the change would not be detectable by human ear. This is possible only
to the extent of insertable spaces available in the audio carrier. The remainder of the file will be
appended after the trailing bits of the audio file. Metadata substitution will be used wherever
possible.
Hiding of text within another carrier text
This feature is not supported by any existing software and will be unique to this project. The
10

various methods that can be used for such a task can include

replacement of characters with their visual twins in other scripts such as Cyrillic, Greek and
others.

Using vectored carrier chains in the background to point to hidden symbol in the carrier. The
principle behind these chains can be in the form of a mathematical series such as Fibonacci
series where every replaced character in the carrier corresponds to a Fibonacci coefficient.

Using an algorithm to replace unassgned unicode characters (that appeear as spaces on the
screen) and an effective substitution can be carried out.

Only one of these methods will be used at a time to avoid complexity message reconstruction on the
receiving end. The most important factors that determines the method to be used is message/carrier
size ratio.

11

References for existing software

1. StegFS - http://www.mcdonald.org.uk/StegFS/
Original research paper: http://www.cl.cam.ac.uk/ftp/users/rja14/sfs3.ps.gz
Implementation paper: http://www.cl.cam.ac.uk/~mgk25/ih99-stegfs.pdf
2. OpenPuff - http://embeddedsw.net/OpenPuff_Steganography_Home.html
3. Virtual Steganography Library http://sourceforge.net/projects/vsl/
4. Twitter Secret Messages - http://holloway.co.nz/steg/
5. StegoShare http://stegoshare.sf.net/, http://stegoshare.sourceforge.net/
6. TotalCryptTC - http://www.totalcmd.net/plugring/darkcrypttc.html
7. StegaMail - http://stegamail.soft112.com/

12