Beruflich Dokumente
Kultur Dokumente
Submitted by
Karanpal Singh
Dr. K. S. Kahlon
Table of Contents
Serial No.
Topic
Page No.
What is Steganography?
Existing Software
Project Description
Explication of Features
10
12
What is steganography?
Steganography is a technique of hiding important information by concealing it in a seemingly
innocuous environment. The hidden information appears to be something else, something which is
usually harmless and not thought of as a container for hiding data. The guiding principle for
steganography is not attracting attention and making the information look banal. From hiding
messages in wax tablets in ancient Greece to writing in the space covered by the stamps on an
envelope during World War II, steganoraphy has been in use as far back as recorded history goes.
However, in the digital context it implies the practice of concealing a message or a file into another
file, message, image, audio, etc.
The year 1985 marked the advent of digital steganography when personal computers were used to
address some challenges of steganography. Following the spread of world wide web,
steganographic techniques have manifested in various garbs, most notably in the case of a printers
and photocopying machines that confidentially add date and time stamps on every page they print.
Steganography and Cryptography
While it is a common practice to add a layer of cryptography to messages sent information doctored
via steganography, the two are quite fundamentally different in their nature and scope.
Cryptography works on the principle of shared secret. The message is converted into an
undecipherable data by application of an algorithm which can then be unravelled only by a secretholder. This secret has to be constantly guarded by all parties concerned so that the information isn't
compromised. The most certain method to work one's way around cryptographed data is by a brute
force attack which tries all possible combinations of the secret. To avoid such a scenario, secret or
keys are made long and unwieldy so that processing speed acts as a limiting factor. Thus, while we
have made our data impenetrable and secure still there arises a need to conceal this encrypted data,
that discovering it become an uphill battle.
Steganography on the other hand does not require shared secrets, it tries to deny the existence of
any important information by giving it a hackneyed, overfamiliar appearance, and in doing so it not
only conceals the information but also diverts attention away from it. This is usually done by
making sensitive information masquerade as other media, concealed within other media or even
hidden in network traffic. This technique is limited therefore only by imagination.
2
Challenges in Steganography
The greatest challenge faced in developing a method of concealing data is that given enough time,
even the most brilliantly hidden data is liable to be found out if someone is looking for it. Ingenuity
in hiding data is a subjective notion and there are no objective benchmarks that can assure the
longevity of data safety. The most strongly built stegalyzer algorithm can miss some poorly hidden
data due to novelty in its location, at the same time an ingenious stash may crumble in front of an
unsuspecting observer who apprehends the pattern!
On the top of this, there are more stegalyzers than there are steganography tools. Intelligence
agencies and watchdogs are always on the lookout for steganographed data. Countries have
frequently raised allegations against each other of pervading into another's security through
steganographed messages. The most recent of these was that of FBI alleging that the Russian
foreign intelligence service made contact with illegal agents stationed abroad using messages
hidden in images.
There are limitations on the data that can be reasonably hidden. Unreasonably large media files as
well as copious amounts of media being sharing are likely to cause suspicion from certain quarters.
Existing Software
Most existing implementations of existing steganography tools fall under an umbrella trend: They
are open source software, hide information in images and make use of an assortment of open source
cryptography or compression algorithms like LZMA, Base64, LSB insertion, etc. A lesser number
support encoding of data into audio files, and an even lesser number into video files. A negligible
number also make use of techniques such as hiding data in the HTML, XML and ODT tags. The
most notable of these implementations are briefly discussed below.
StegFS
StegFS is the moon among the stars of steganography software. It is a groundbreaking
stegnographic file system that encrypts and hides the data in such a manner that its existence
cannot be proved. Each byte of the disk is encrypted and randomised so that each byte is an
equally likely candidate for being a part of the coveted data, but since the number of files on the
disk cannot be ascertained the attacker is left without a clue. This was specifically designed to
prevent rubberhose attacks and coercive situations.
The system is designed in layers using vectors that connect bytes within the same layer. In case
of a coercive situation, some of the keys can be relinquished to reveal only upto certain hidden
levels while denying the existence of any other levels, even if the attacker looks at the disk
directly.
It was implemented by Andrew Mcdonald and Markus Kuhn, but was based on an original
research paper on the concept of steganographic file system by Ross Anderson, Roger Needham
and Adi Shamir.
OpenPuff
It is noted for being the first steganpgraphy tool (December 2004). Its distinctive feature was its
ability to distribute the data into multiple carrier files, and was hence useful for hiding large files
(256MB, 512 MB, etc.) whose size was limited only by the implementation used. It used three
layers of obfuscation cryptography, whitening and encoding. It extends deniable cryptography
into deniable steganography. It could turn nearly every kind of media file (be it an image, an
audio, a video or even flash) into a career file. It also had some rudimentary features for
Project Description
Project Name
Steganographic Messaging Service
Objective
Making a robsust text and file sharing service with generic email features which is operable on a
LAN, the distinguishing feature being that the information being sent is hidden using
steganography.
Live chat
Address book
Steganoraphy services
1. Encoding encrypted text messages into images, and their decryption
2. Encoding image files into audio files, and their decryption
3. Classic text message encryption using steganography, and their decryption
Technology Used
Front End: Jave 2 Standard Edition (J2SE)
Back End: MySQL
Hardware Requirements
Pentium 4 computer
512 MB RAM
LAN (Ethernet)
Software Requirements
Explication of features
Messaging Client
The messaging client provides the generic email features such as sending and receiving text
messages with or without attached media. It has similar Inbox and Sent Items dialogs to view and
modify received and sent messages. To start using the application a user has to first signup with the
server in which he is given a unique username and a password of his choice, both of which are
needed to log in later on. The password can be reset and restored by the user as and when the need
arises.
The Live Chat allows to users who are online at the same time to communicate using text messages
which make use of realtime steganographic manipulation.
The Address book keeps a log of all the users who have corresponded at one time or another. This
acts as directory of user names for future reference.
Steganography Services
Hiding of text within an image
The text message will be hidden within an image file (BMP, JPEG, PNG, etc.) using a
combination of both Base64 encoding as well as Least Significant Bit Insertion. Proper GUI that
allows the user to view the image before and after tampering will be provided.
Hiding of image within an audio
This will be carried out by means of appending as well as inserting the image into the audio
file in an optimal manner that doesn't perceptiply alter the behaviour of the audio. Both the methods
have to be used because image files can have be considerabe size that may play a negative effect in
the effectiveness-quality trade-off. To do this the insertions would be made at appropriate echo
spots in an audio file so that the change would not be detectable by human ear. This is possible only
to the extent of insertable spaces available in the audio carrier. The remainder of the file will be
appended after the trailing bits of the audio file. Metadata substitution will be used wherever
possible.
Hiding of text within another carrier text
This feature is not supported by any existing software and will be unique to this project. The
10
various methods that can be used for such a task can include
replacement of characters with their visual twins in other scripts such as Cyrillic, Greek and
others.
Using vectored carrier chains in the background to point to hidden symbol in the carrier. The
principle behind these chains can be in the form of a mathematical series such as Fibonacci
series where every replaced character in the carrier corresponds to a Fibonacci coefficient.
Using an algorithm to replace unassgned unicode characters (that appeear as spaces on the
screen) and an effective substitution can be carried out.
Only one of these methods will be used at a time to avoid complexity message reconstruction on the
receiving end. The most important factors that determines the method to be used is message/carrier
size ratio.
11
12