Steganography for beginners
(All views are my own opinion, so if you don't like them - don't read it)
What is it and what's it for?
Steganography is the art of hiding information in such a way that others would not suspect that it is there. It is closely linked to Cryptography, but offers some interesting features which Crypto, when used by itself cannot. Have a look at this example:
Criminal A sends an encrpyted message to Criminal B. The police can't read it as it's encrypted, but the fact that the message is sent at all would raise suspicions.
Now consider:
Criminal A is an avid E-Bayer, he is selling his vacuum cleaner and puts it up for sale with a nice picture. Criminal B is also a hardened e-bayer and notices A's vacuum cleaner looks good. He views the picture of the product but decides it's too expensive and does not bid.
Criminal A has actually embedded a secret message into the picture of his Vacuum cleaner, which Criminal B has retreived from his browser cache after closing all network connections. The clear benefit here, is that to an outsider nothing unusual has happened to raise any concern.
Who uses it?
As in all walks of technology, the people with the most to lose tend to accept and embrace new technology. Criminals don't want to be caught and have their freedom to lose, so any developments in any field that may help them will be of interest. Terrorists also have an agenda and this would be compromised by being caught. It seems that the authorities were not as quick to respond to this development and I would expect, now working hard to catch up and try and combat the amount of stego floating around the internet today.
Does the fact that such groups make up a large proportion of users of steganography, make steganoraphy itself bad? No, this is the talk of closed minded individuals. Knowledge will be and has always been innocent and pure, it is the user that either makes good or bad from it.
Steganography is becoming increasingly popular in business and aids companies keep there secrets safe and in an age where most things are scanned five times before they arrive, perhaps we could all enjoy a little more privacy occasionally.
With that out of the way, lets have a look at some simple Stego.
Where can I hide things?
HTML and text files are a nice simple file. Simply put, each byte represents a character or a command (e.g. new line) and the file carries no header information. Most of the bytes represent visible characters and any alteration to these would cause an obvious change to our file. What about spaces and tabs - Can you see them? * * You can? What, all of them? Try looking at the source of this page in between the two asterisks. It has the word 'WHITE' in binary, with the space representing 0 and tab being 1. Remember HTML does not show whitespace and so can be a great place to hide data. Another possibility could be to hide binary in the number of spaces between words (1 space = 0, 2 spaces = 1) and again the browser would just show one space, but by viewing the source you could retrieve your message.
Look at the following sentance:
The hunter escaped past all security, sounds inferring some search teams arranged radios.
Taking the first letter of each word would give 'T H E P A S S I S S T A R'. This makes it very hard to write anything with any meaning, but you could take the first word of every line to make it easier on yourself. This introduces a crux issue in stego - the balance between capacity and detection. As you increase the capacity of hidden data, the ease of detection will increase. Most methods try to balance the two.
HTML files send instructions to your browswer for you to see. This can be utilised, by using a command to mark a note to the programmer, which is not read by the browser.
**
Once again in between the asterisks is a 'hidden' note. BUT, don't go hiding anything vital yet as these methods aren't too hard to spot! There is one limit to Steganogaphy and that is your imagination. Let's move on to a few picture ideas...
A Bitmap is literally a map of bits. There are header bytes and data bytes. The header sends all the instructions on how to read the data and certain aspects of this cannot be changed without upsetting the display of the image, other however can be. There are good sites on the internet showing the makeup of a BMP header and those bytes which can change, but for now, lets look at the data.
Each byte shows the saturation of a pixel 0x00 to 0xFF (or 0-255) in a 24bit image, or the colour number from the palette in an 8 bit image. 0xFF would show that it is fully saturated, so either pure red, green or blue. The human eye is not as accurate as a computer and cannot tell very close colours apart, whereas a computer can. One method of hiding data is to adjust the LSB (Least significant bits) of each byte to hide a binary message. I wrote a small program, in fact my first ever program, which sets the LSB to either 0 or 1 to hide a message. Have a look at the two pictures below, can you see any difference?
If you can, you clearly have super-human eyes =)
If you have PSP (or similar) you could layer the two and then check the difference. You will then see RGB differences of 1 on the cells which have had their LSB adjusted. Plus, download the zip of BINmap that was used to create the 'dirty' image. Unzip to a folder and then at the command promt type: dec STEG2.BMP HIDDEN.TXT and it will create the hidden file for you. This program was only written for a bit of fun, but there are many programs out there, which I will list a selection at the end for you.
Have a look at this image - see anything unusual?
Try opening it up in a paint program. Set the Colour #0A0A0A to a nice bright colour - see anything now? I have coloured in certain letters with a slightly varied colour to the rest. Reading from left to right should read 'ELIMINATE'.
This is only a brief essay or else I won't have anything to put into any challenges!!!
I think we have covered a lot of the basics, but the most important point is that there is no limit to Stego. I will try and include other ideas into the challenges, but for now, bye and happy hiding - Monty 17/07/04