Steganography Brent McClain Rob Carey
What is Steganography Greek Origin Steganos means covered Graph means writing Hiding information in plain sight
Cover Image Another image hidden in the picture Created with InfoSteg
Usage of Steganography vs Cryptography Steganography Covert Channel Only useful for low volume of data Watermarking is used for verification Cryptography Covert Message Useful for any given volume of data Digital Signatures are used for verification
Steganographic Algorithms No published standard Algorithms are hidden until cracked Security through obscurity Types of Algorithms LSB DCT
Attacks on Steganography, Steganalysis Steganalysis is the detection and analysis of data that has been hidden using Steganography. Steganalyis primarily uses statistics to detect and attack Steganography
Steganalysis Attacks Stego only attack Stego Object available Known cover attack - Original Cover and Stego Objects are available Known message attack - Hidden Message and Stego Object are available Chosen stego attack - The Stego Algorithm and Stego Object are available Chosen message attack - Takes a chosen message and generates a Stego Object for comparison Known stego attack - the Stego Algorithm, the Cover Object and the Stego Object are available
Attacks Against Steganography Vs Attacks Against Cryptography Steganalyis Stego only attack Known message attack Chosen message attack Chosen stego attack Cryptanalysis Ciphertext only attack Known plaintext attack Chosen plaintext attack Chosen ciphertext attack
EzStego Hides data in the LSB Sorts the color palette of a GIF Changes pixel color based on data being hidden
Before EzStego Sorting After EzStego Sorting
Original Image 50% Embedded Original Image Filtered 50% Embedded Filtered
Attacking EzStego Frequency Based Determination χ² ² (Chi-Squared) Attack Uses Pairs of Values Values which only differ by the LSB
PoV Frequency Normal Image EzStego Image
Similarity to Monoalphabetic Crack Character Frequency in a long English plain text Character Frequency in the corresponding cipher text for a shift cipher
Shared Key Steganography Advanced Steganographic Algorithms Distribution Behaviors changes base on the private key Lack of preordained distribution set decreases probability of detection
F5 Algorithm The private key acts as seed for the pseudo random number generation scheme Pseudo-Random walk through image to randomize distribution signature Matrix-based embedding scheme Decrements DCT coefficient instead of just setting LSB Immune to χ² ² Attack
Attacking F5 Still a Frequency Based attack Estimated cover image is recreated by decompressing, manipulating, and recompressing Deviation of the DCT s from the value 0 are compared in the histograms of the observed image and the estimated cover image
Ideal Steganographic Algorithm Avoids detection when Steganographic Algorithm is known Good ratio between Cover Object and Hidden Object size
Watermarking Watermarking is a subset of Steganography Used for document tracking and rights management Movies distributed for review carry watermarks to identify who they were sent to. Primary goal is to prevent the removal of a watermark.
Watermarking vs Digital Signature Both are used for Verification and Authentication Watermarking is designed for robustness Digital Signature is designed to be fragile for increased security Both are designed to be tamper resistant
Defending Against Steganography 1. Control the medium used to send the messages, i.e. a corporate network 2. Save and analyze suspected Stego objects 3. Reformat Stego objects and continue sending. i.e. Recompress or reformat a JPEG image to eliminate any possible chance of a covert message.
Conclusion Steganography is far behind Cryptography The best historical steganographic algorithms were not public at their time of use Lack of public collaboration has hinder development of better steganographic algorithms.
Questions?