1. No category

Steganography

Steganography
Marcus Öberg, [email protected]
Royal institute of technology DD143X
Supervisor: Johan Boye
April 12, 2012
i
Abstract
Steganography is the art of concealing messages. In this work I rst
present a very brief history of steganography, and discuss the relation
between steganography and cryptography. Three possible linguistic
methods for steganography is discussed. The use of synonyms to encode secrets in a text by exchanging words t there synonyms. The
text mimic approach calculated the statistical composition of a text
and tries to mimic this to produce a cover text. The last discussed
linguistic method is the use of a grammar that denes rules for the
composition of sentences of paragraphs. I also discuss the use of images to hide messages, either in the least sinicant bit of each pixel or
in the noise from JEPG compression. In the end I conclude that the
grammar based approach is the most promising but that it is also the
hardest in the sense of constructing the rules for the grammar.
ii
Contents
1 Introduction
1
2 Aim
1
3 Background
1
4 Cryptography and Steganography
2
5 Linguistic steganography
2
5.1
5.2
5.3
History . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
2
Hiding secrets in text . . . . . . . . . . . . . . . . . . . . . . .
3
5.2.1
Synonyms . . . . . . . . . . . . . . . . . . . . . . . . .
3
5.2.2
Text mimic
. . . . . . . . . . . . . . . . . . . . . . . .
4
5.2.3
Grammar-based mimicry . . . . . . . . . . . . . . . . .
7
5.2.4
ASCII art
. . . . . . . . . . . . . . . . . . . . . . . . .
9
Hiding secrets in pictures . . . . . . . . . . . . . . . . . . . . .
10
5.3.1
Hiding information in Least Signicant Bit . . . . . . .
10
5.3.2
Hiding information in natural noise . . . . . . . . . . .
11
6 Discussion
12
6.1
Synonyms
. . . . . . . . . . . . . . . . . . . . . . . . . . . . .
12
6.2
Text mimic and Grammar-based mimicry . . . . . . . . . . . .
12
6.3
Steganography in images . . . . . . . . . . . . . . . . . . . . .
13
7 Conclusion
14
iii
1
Introduction
Steganography is the act of concealing messages.
Modern steganography
refers to hiding messages in digital mediums, for example in images, audio,
video or in text.
Today there are many methods to prevent unauthorized
persons from reading sensitive information, the most common is of course
cryptography. One way to distinguish between cryptography and steganography could be to say that cryptography hides sensitive information and
steganography hides the fact that there exists any sensitive information.
2
Aim
My aim was to explore dierent methods of moder steganography and to
evaluate the these.
3
Background
The rst example of steganography comes from ancient Greece and tells the
story of the imprisoned Histæus. Histæus managed to send secret messages
by tattooing the message on the scalp of a slave. Later when the slaves hair
had regrown the slave was sent to deliver the message [1]. Dierent methods
were used during the world wars, for example the German spies concealed
messages by using invisible ink and placing small dots above or below letters
in a text [2].
Text that is used to hide a message is called
cover text
and is supposed
to look like a valid message. In modern steganography the cover text is often
chosen to imitate spam-messages due to the vast spread of such messages.
According to an approximation 89% of the total amount of e-mails sent in
2011 was spam [3].
This makes spam a perfect candidate for the purpose
of cover text due to the fact that everyone gets them and almost no one
pays them any particular notice.
Today when the use of internet and the
functionality provided has exploded it has become more interesting to use
other types of mediums to hide information.
In images it is possible to hide messages in the natural occurring noise
that originate from compression or le conversion, and in audio messages
can be hidden in high frequencies that is above the human range of hearing
[1]. With the amount of information available on the Internet it is almost
1
impossible for someone to search for media that contains hidden messages.
It is like searching for a needle in a haystack.
4
Cryptography and Steganography
It is impossible to talk about steganography without mentioning cryptography. This is partly due to the fact that that the two elds overlap and partly
due to the fact that the two are often used together. Many cryptographic
tools try to generate as random data as possible to be able to hide the fact
that there is something there, and most steganography methods work under
the assumption that your data is encrypted before it is hidden with steganography. In this text I will not talk further about encryption and I will continue
the discussion about steganography under the assumption that the message
that is to be hidden might or might not be encrypted through some kind of
cryptography algorithm.
5
Linguistic steganography
Linguistic steganography is a term used to describe the process of hiding
information in text. The secret is often a secret text or a code. It is important
that it is hard for an attacker to extract the secret from the cover text, but
the real goal is to make the cover text so that it would not raise any suspicions
at all.
5.1
History
It is said that the rst published work describing steganography was written
by the German abbot Johannes Trithemiu (1462-1516).
1
book can roughly be translated
The name of the
as Steganography: the art through which
writing is hidden requiring recovery by the minds of men.. It is from this
title that we have derived the word steganography[4] The word steganography originates from the greek words steganos meaning "cover" and graphie
meaning "writing" [5].
1 Original titel: Steganographia:hoe est ars per occultam scripturam animi sui voluntatem absentibus aperiendi certa
2
But even before Trithemiu wrote his books there are examples throughout
history of people who have used steganography. The means for hiding the
text vary widely, from the example with Histæus and his slave to writing
on silk, compressing the silk into a ball and then covering it with wax. For
extra protection this wax ball was then swallowed until nature extracted it
[4]. A more rened way was used in the times when people used wax tables
to write. These tables were wooden plates with a layer of wax on top. The
author would then write his text in the wax.
To hide a message someone
could melt away the wax and inscribe a message in the wood, then he would
cover the table with wax again and the message would be invisible.
Cardano Grille developed a system that most of us are familiar with from
early school years. The main idea is to take a piece of paper and an ordinary
text such as a piece of newspaper. Then you cut holes in the paper so that
the holes lines up with certain letters in the text and through the holes you
can read the message [6].
One more recent example is of the previous prime minister of Britain,
Margaret Thatcher, who after several leaks of secret information to the press
decided to let all the computers be reprogrammed so that each minister had
a identication signature encoded in the spacing between words. In this way
it was possible to trace the leak.
5.2
Hiding secrets in text
5.2.1 Synonyms
One method for steganography that has been discussed is the use of synonyms.
Most if not all natural languages have synonyms for most usual
words. It would be possible to build up a database with synonyms and give
each synonym for a certain word a value, such as 0 or 1. An example of such
a database could look like this.
Word Synonyms
Value
Small
Tiny, Little
0
Tiny
Small, Little
1
Little
Small, Tiny
2
Then when a text is encoded with the message the algorithm would nd
words that are in the database and exchange them to the synonym that
would match the secret message. So for example if we nd the word Small
3
in the cover text and the next bit of the message to encode is 1 we simply
exchange 'Small' for 'Tiny'. The words that are not in the database would
just be ignored. In this way it would be possible to decode the message by
looking at each individual word and extracting the corresponding value if it
exists in the database.
5.2.2 Text mimic
The text mimic approached by Peter Wayner is a method to construct cover
texts with hidden messages by analyzing a text and collecting information
about the statistical composition of the text. The goal is then to produce a
cover text with approximately the same statistical composition [7].
Peter Wayner uses the Human algorithm to collect statistical information about a text. To produce a cover text with a similar statistical composition it is possible to run the algorithm "in reverse" .
Human coding:
Human coding is a simple way of compressing text
using the texts statistical composition and dening a specic alphabet encoding. In computers each letter is dened by a binary value and each letter
has to take up as much space in the computers memory as every other letter.
This is due to the fact that computers deal with bits and bytes. Each byte is
composed of eight bits. The letter 'a' is very common in most texts and even
though the letter 'q' is much more uncommon they both occupy the same
space.
Human coding makes use of the fact that some characters are more
common than others by assigning a dierent code to each letter. The common
letters receive codes with few bits and the uncommon receive codes that
contain more bits. For example the letter 'a' could get the code 01 and 'q'
could get 101101. It is then possible to place more than one letter in a byte
if the letters are common.
One important thing to note in this method is that we have to eliminate
ambiguity in the codes. Since we have dierent length of codes we have to be
able to address the fact that when we read the compressed text we would not
know the length of the specic code that we are trying to read. This means
that we can not use the full space of the binary language. For example if we
encode the letter 'a' as 01 it would be impossible to encode the letter 'e' as
0110 because when we read the rst two bits we would not be able to know
if we saw the letter 'a' of if we should continue reading. So the encoding for
4
'e' and every other letter would have to start with 00 or 1. This is in fact not
a big problem since the English alphabet is limited in the amount of letters
and signs that can be used [7].
To achieve the actual coding Peter Wayner describes a binary tree structure that is build based in the probability of each letter in the text [7]. To
construct the tree we can follow these steps
1. Calculate the probability that a certain character exists in a cover text.
We start by constructing a forest where each tree is a node containing
one character and the weight of the tree. The weight is initially set to
the probability of the associated character.
2. Find the two trees that have the smallest weight and construct a new
tree by adding an empty node as parent to the two trees. This parent
will have two branches, one that represents 0 and one that represents
1. The weight of the new tree will be the sum of its two children.
3. Repeat the step two until there is only one tree.
This tree will now
contain the encoding for each character in the text.
In the next section I will describe how to make use of this method to,
instead of compressing text, generate text that has a similar statistical composition to the original text.
Figure 1: A tree that encodes the letters a, e, p and q. For example p has
the code 01.
Running in reverse:
In order to utilize the Homan coding to generate
text we build the statistical tree a little dierently. We can construct one tree
for every character in the text and build the tree based on the probability
5
that a certain character will follow. Now we can begin with a random letter
and use the tree to let the next character chosen be based on the probability
in the tree.
This would allow us to create a text with an approximately
correct statistical composition but the text would not contain any words, as
we can se in g 2.
Figure 2:
An example of a text generated with respect to one character.
Taken from Peter Wayner [7].
To be able to generate a text that actually mimics a real text we have to
take more than one letter into consideration. We can construct similar trees
as above but with the respect to ve characters for example. If this is done
we will sort out some combinations of characters that does not exist in the
real text. For example would 'oding' be in the trees since it is part of the
word 'coding' but the combination 'xqpfd' is not part of any real word so it
would have the probability of zero and hence it would not be chosen as part
of the generated text.
Figure 3: And example of a text generated with respect to ve character.
Taken from Peter Wayner [7].
In gure 3 we can see that the text mostly generates real words.
6
The
Table 1:
Bold denes variables, normal text denes terminals and italic
denes variable names.
→ Access Return name( Parameter )
→ Public || Private || Protected
Return → Type
Parameter → Type name || Type name, Parameter
Type → int || boolean || String
Start
Full denition.
Access
Possible values for Access.
Return value of some type
Multiple parameters
Existing types
actual context of the words are somewhat logical but as we can see in the
gure there is no bigger subject for the text.
This would of course be a
problem if we would like to mimic something like a newspaper.
But if we
would mimic some technical text that few people understand it would be
possible to fool the reader that the text is real and that he just isn't capable
of understanding it.
To get rid of the words that are not real words ( for example reconomic
in g 3) it is possible to let the tree be generated with whole words instead of
character strings of length
n.
This would often require a bigger source text
to be able to generate a large enough base so that the text would not repeat
itself to much [7].
5.2.3 Grammar-based mimicry
The real problem with the previous version of the mimic method is that even
though the generated text is composed of real words, it doesn't make any
sense. With the help of a grammar protocol it is possible to generate a text
with some context and readability.
Context-free grammar:
The principles behind context-free grammar
are widely used in programming languages to declare rules for how the syntax should be written and later parsed.
If we take a simple programming
language (similar to Java) and try to dene a function declaration it might
look like this:
The denition of a function is here dened as the composition of
ables, terminals and variable names on the right side of Start.
vari-
The variable
names can be anything, but the variables has to match one of the dened
terminals in each dened set. For example the Access variable has to match
one of the terminals Public, Private or Protected. The denition of the variable Parameter is a little special in the sense that if is recursive. This allows
7
the function declaration to have one or more parameters.
This notion of dening something as strict but with multiple choices can
easily be used in natural language as well. A simple example could look like
this.
→ noun verb Place
noun → The dog || The cat || The sh
verb → ate my homework || built a casle
Place → at the market. || in a barn.
Start
With this is possible to run the denition in reverse, so instead of parsing
a line of text to determine if it follows the rules we can generate a line of text
by choosing a terminal for each variable at random. A possible sentence from
this tiny denition could be 'The cat ate my homework in a barn.'.
If we
where to build a large enough denition we could generate a large text with
well formed sentences, these sentences would still not be linked to each other
so there would still not be an actual context in the text as a whole but with
a more complex grammar it would be possible to dene whole paragraphs
(or even a whole text).
Adding a code:
With a well formed grammar it is possible to encode
hidden messaged based on what terminal is chosen. So instead of generating
the sentence at random we chose the terminal that has been given a certain
code. If it would be done with binary codes it might look like this:
→ noun verb Place
noun → The dog || The cat || The sh
verb → ate my homework || built a casle
Place → at the market. || in a barn.
Start
0 || 1 || 10
0 || 1
0 || 1
If we had produced the sentence I wrote above it would describe the
message 101. In the denition for nouns we can see there are three possible
terminals, hence we are able to let the third terminal have a longer code.
Since we want our generated text to be as short as possible it is important
to have a large amount of possible terminals for each variable.
8
5.2.4 ASCII art
By using only the letters and signs on a computer keyboard or a typewriter
it is possible to compose pictures. The simplest example is probably the well
known smiley that is composed of a colon and a parenthesis :). But much
more complicated images could be created. One early example is by Lewis
carol in the book Alice in wonderland from 1865.
Figure 4: The text is supposed to look like a mouse tail
When computers became more available people constructed more and
more complex ASCII art. Today it is possible to convert a real picture to
ASCII art. One example of this is Mona Lisa as ASCII
9
Figure 5: The painting Mona lisa converted to ASCII
It is clear that this method of converting pictures could be used to hide
messages. My own idea concerning this would be to exchange similar letters
and let one of them represent 0 and the other one 1. For example the letter
l could be replaced by the sign |. They are very similar but it would be easy
for a computer to nd and read them as dierent.
The good thing about
this method is that there are no rules to how the image should be translated.
This means that the pair of signs that is supposed to represent 0 or 1 does not
have to be all that similar, it suces that they are roughly the same shape.
Some examples j and ) , L and ¿ , ! and i. Even though these signs are not
all that similar they could produce an image with similar overall result.
5.3
Hiding secrets in pictures
There are a number of techniques for hiding information in digital pictures.
I will describe two of the most common, altering the least signicant bit and
hiding information in the natural noise.
5.3.1 Hiding information in Least Signicant Bit
Digital pictures can be constructed in dierent ways, a simple example is
pictures that are composed of RGB pixels. An RBG pixel is a dot that is
described as a combination of Red, Green and Blue. With these three colors
it is possible to make all colors. In a pixel the color is described as an amount
of Red, an amount of Green and an amount of Blue. The amount of each
color can be represented as an six digit hexadecimal number where the two
rst digits represent how much red should be used, the two following digits
represent green and the last two represent blue. For example 0xFF0000 says
that we should use the maximum amount of red and no green or blue.
10
The idea behind hiding information in the least signicant bit is that
since there are 255 combinations for each of the three colors you won't see
much visible change if we alter the value by one.
In practice we can hide
three bits in each pixel since there are three colors that comprise the pixel.
If we would like to encode the message 110 into a pixel with the value
0xFF00FF we would rst look at the two digits that represent red, FF and
convert them to binary form. This would give us 11111111. Since the rst
bit we want to hide is 1 we don't have to do anything. The next two digits
is 00 and in binary they obviously become eight zeros.
Since we want to
encode a 1 we need to alter the last bit in the binary number and end up
with 00000001 or in hexadecimal 0x01. In the last two digits we need to do
the same thing but instead of chancing the last bit to 1 it should be changed
to 0. So in the end we will get the pixel 0xFF01FE. This is not the same
color but the dierence is very small.
In each individual pixel we could now hide information in a fairly safe
manner. But there might still be some clue about the change when the pixel
is placed next to a pixel that is supposed to have the same color. Even this
is not easy to detect but in some kinds of pictures the dierence can be seen.
5.3.2 Hiding information in natural noise
JPEG is a le format for compressing images. I will not go into details on how
it works as it is somewhat complicated. Briey decribed, JPEG compression
uses a discrete cosine transformation and compresses the image with Homan
coding similar the method i have discussed. This means that when we show a
JPEG it is not necessary that every bit in the RGB hexadecimal digit is taken
JPEG(f)
into consideration. If we have the image f we can convert it
into
−1
JPEG. If we then converts it back with
we will get the
JPEG (JPEG(f))
original image back. But there will be small changes in the actual RGB bit
content. If we examine the dierence between every RGB value in the original
image and the converted image we will nd that some bits are unimportant
when we convert the image to JEPG. This means that in these bits we are
able to store our message without altering the resulting JPEG image.
11
6
Discussion
6.1
Synonyms
The most dicult part about the method where we exchange synonyms is
to build a database that is correct and uses good synonyms. The fact that
natural languages contains multiple words that is written the same but have
dierent meaning Makes it hard to produce a database that does not use
these kind of words. It might also be hard to produce a database that is big
enough to be able to make as much use as possible of the cover text[8]. In
the end I am not sure it would oer a good solution mainly due to the fact
that the natural language is ambiguous , one word could describe dierent
things in dierent contexts. Example:
The boat can oat in the water
and
The oat can hold decimal values
These two sentences both uses the word oat in a correct way but the word
has totally dierent meaning in the two contexts.
6.2
Text mimic and Grammar-based mimicry
I mentioned in 5.2.2 that when we use Homan coding we are unable to utilize
the full binary space. In the context of the text mimic this is a limitation set
by the tree construction algorithm I described. With a dierent data type
it would be possible to use the full binary space. The reason this limitation
exists in the Homan coding is that it is originally used for compression and
in that case we would want to transform the binary codes to text. But in
the case of text mimic we want to do it the other way around, and since
there is no ambiguity when it comes to what letter is read we don't have to
limit the binary space. In the case where grammar is used we don't have this
limitation at all.
It can be dicult to compare the two methods since they have a dierent
focus. The text mimic approach is good at collecting statistical information
about a text and producing a cover text with a similar composition , though
the actual content of the text might not be comprehensive . On the other
hand grammar-based mimicry is able to produce convincing texts as long as
we have a large database and well dened grammar. To my knowledge there
is no good way to automatically generate a well formed grammar.
12
But in
the case where such a grammar was available, or was easy to construct, the
grammar-based approach would probably yield a better result then the text
mimic approach.
6.3
Steganography in images
Both methods of hiding information in the least signicant bit and using
the natural noise from compression tends to yield a good result. It is very
hard to tell if an image have been modied in this way and with the big
pictures available today it is possible to hide quite a lot of information in
one image. But the image media comes with some limitations. For example
it becomes impossible to print the image and send it, this would work with
text, but it is not possible to print or read the picture with the required
quality. In my opinion the best pictures to use for hiding information this
way is pictures taken with a digital camera preferably outside. Because the
light outside and the behavior of nature as a background often doesn't oer
any areas that is exactly the same color or any perfect lines. There are a lot
of dierent le types for images today, if images are to be used as medium for
hiding information it is important that the handling of the image is correct
afterward. There are many systems today that converts pictures without the
knowledge of the user. This id due to the fact that it is today very easy to
do these conversions and it is somehow easier to convert everything to one
format instead of providing full support for all formats. What this means is
that if one such conversion was done on the image the secret would be lost.
13
7
Conclusion
In conclusion I believe that the methods of hiding information in images show
great potential as long as the picture isn't converted or transformed in such
a way that the secret gets destroyed. In linguistic steganography I believe
that the grammar based approach can yield good results if the grammar is
well dened and large enough to oer variations, this might or might no be
a hard nut to crack.
References
[1] Krista Bennett.
Linguistic steganography:
survey, analysis, and ro-
bustness concers for hiding information in text, 2004.
Accessed online
<https://www.cerias.purdue.edu/assets/pdf/bibtex_archive/
2004-13.pdf>
(2012-02-10).
[2] Jonathan Cummins,
lett.
Patrick Diskin,
Steganography
and
digital
Samuel Lau,
watermarking,
and Robert Par2001.
Accessed
<http://www.cs.bham.ac.uk/\~mdr/teaching/modules03/
online
security/students/SS5/Steganography.pdf>
[3] Pingdom.
Internet 2010 in numbers, 2011.
(2012-02-10).
Accessed online <http:
//royal.pingdom.com/2011/01/12/internet-2010-in-numbers/>
(2012-02-10).
[4] James C. Judg.
cessed
online
Steganography:
Past,
present,
futur,
2004.
Ac-
<http://www.sans.org/reading_room/whitepapers/
stenganography/steganography-past-present-future_552>
(2012-03-19).
[5] Roberto Neijts and Margie Semilof.
Stegonography, 2000.
Accessed
<http://searchsecurity.techtarget.com/definition/
steganography> (2012-04-11).
online
steganography.
Cardanogrille.
Accessed online <http:
//library.thinkquest.org/27993/crypto/steg/classic1.shtml>
[6] Classical
(2012-03-19).
14
Disappearing Cryptography: Information Hiding:
Steganography & Watermarking. Morgan Kaufmann Publishers Inc., San
[7] Peter
Wayner.
Francisco, CA, USA, 3 edition, 2009.
[8] Keith Winstei.
Lexical steganography through adaptive modulation of
the word choice hash.
Accessed online <http://alumni.imsa.edu/
~keithw/tlex/lsteg.pdf>
(2012-03-19).
15

 Download  Report

Paperzz.com

Your Paperzz

© Copyright 2026 Paperzz