The stenography is a set of rules that allow us to hide messages within messages, called carrier. The word steganography combines the Ancient Greek words steganos (στεγανός), meaning "covered, concealed, or protected", and graphein (γράφειν) meaning "writing". Its Objective is to establish an undercover communication cannel, in such a way that if someone reads the message he can´t work out there is an additional information exchange.
The reason for the Stenography comes with the Prisoner issue, in which two prisoners, Alice (A) and Bob(B) are incarcerated in to separated cells, and they want to plan a prison brake. Their only way to communicate is sending messages via the prison guard, Oscar (O), who can read all messages, modify them or not to send them if they are suspicious. So, sending an encrypted message is not an option because therefore O, does not understand the message, he can figure out than A and B are up to something .The stenography solves this issue, Since O reads a navy message, but A and B know how to extract the secret message from the carrier.
Stenography and Cryptography
Even if they have a similar objective, The Exchange of info in a way that a third party can´t obtain, they work on different ways. The main difference is that Cryptography doesn´t covers the fact that information is being send, it focus on hiding the info so that the receiver is the only one who can read it. The downside of this method is that if a third party has acces to the message, could suspect that an information exchange is happening, and even if he cannot understand it, take measures against the information exchange. As an example, a Government of a repressed country, that monitors persons who send encrypted emails.
In the other hand, The Stenography allows you to send this information Exchange by hiding it in, for example, a photo than can be uploaded into a blog or a social network, and they can stay under covered for third parties. The recipient of the message, that know where to find the photos and know the stenography algorithm used, can retrieve the secret message.
Although, for even more security, both methods are used together, Firstly the message is encrypted and then is hidden in a carrier, making the information even more difficult to find.
It is thought that the stenography was created in the ancient Greek. One of the first methods used within the wax. In the ancient Greek, wood tablets covered in wax, where used to write text. The stenography method consisted in writing the text on the wood, and then covering it with wax, and writing another text non related to the hidden one on the wax. The receiver just had to remove the wax and read the original message. Through the history, and until the first computer, different techniques have been used to hide the messages, these techniques are known as Classic Stenography. Some of these techniques are:
- A message tattooed on the shaved head of the Messenger. When the hair had grown, The Messenger was sent with a fake message in hand, in order to keep the real message uncompromised if the messenger was captured.
- Using invisible Inks. Historically vinegar or fruit juice has been used to write a message in a paper sheet, message will be revealed if placed next to a heat source. A modern way to this is by using chemicals products that react to specific wave lengths of light, as ultraviolet light.
- Null encrypting. The basic method consist n hiding the message in the first letter of each Word of the carrier. More elaborated methods consist of a holed template that placed over the carrier reveals the secret message.
- Bacon´s cipher. Invented by Francis bacon, consist of assigning to each letter of the plaintext a binary code. And then the message is encrypted, and a fake message is written with the same character length as the secret one. Finally, the fake message is printed using two different typeface letters that are used depending on the binary character of the secret message.
We understand modern stenography as the one that the carrier is a digital file or a digital cannel, like a photo, an audio, a video or packages send via a network. It has a bigger potential for mainly two reasons:
- The mainly difference with the classic stenography is that the in the classic, the hidden message was mainly text, in the modern you can hide any type of file in any type of file.
- Allows using more complex algorithms, because you can use the capacity of calculation of the computer to hide the message on the carrier.
Stenography on images: LSB insertion
One of the most popular algorithms (and therefore, one of the easiest to detect) is the LSB (Least significant bit) insertion. In some Images format, every pixel is represented as a group of bytes, each one represents the quantity of a determined primary color in the pixel. The LSB insertion technique takes advantage of that the change in the LSB of each pixel does not make a distortioned perception to the human. So that the method changes the LSB for the bytes of the secret message. When using this technique is recommended to use as a carrier a very noisy image, with very heterogeneous colors, so that the changes are not easily perceptible. In some image format, like GIF´s, that use a color palette, you can also hide the information on the color palette itself.
Stenography in audios: echo encoding
The LSB algorithm does not work as good as for pictures, because human can hear the changes with the original, so different techniques are used. One of this is the echo encoding. An echo is a repetition of the original sound with a delay or offset, and a decay of the amplitude of the wave. These echoes, with a high decay and a short offset, are imperceptible to the human ear. This method can be used to codify the message in an audio file, using the offset to establish a 0 or a 1 of the codified message.
Stenography over networks
They are methods that take advantage of unused extensions o extensions that do not affect the mechanics of the communication of the packages of the different net protocols. Two examples are:
- In the TCP headers, when a communication begins you can choose any sequenced number (a 32 bits one).This can be used to send a short secrete message each time a new connection is done. Another extension that can be used is the senders direction that can be distortioned, to send secret info in its place.
- The Loki project is a tool that takes advantage of the data extensions, in the ping type messages of the ICMP protocol, because most of the routers send this packages without checking them if the ping flag is activated.
- In the executable files, for certain processor architectures, the redundancy of several equivalent instructions of all the possible instructions can be used to send a message depending of what instruction you use.
- There are Unicode characters that are unprintable. For example in the Arab alphabet, there are two character used to “join” or ”disjoin” the letters of a word, but combining them with Latin character won’t make a difference in the screen. This can be used to send a hidden binary message in the text that can be revealed by opening the file with a hexadecimal editor.
- Depending on the file format, extra bits can be inserted behind the end of extension mark of the file, so the file can be operated normally, but bits can be read using a hexadecimal editor.