210 likes | 282 Views
Steganography. Overview. What is steganography ? Regarding cryptography Classifications of steganography Who uses steganography?. What is Steganography?. Steganography comes from the Latin & Greek roots: Steganos (Greek) meaning covered Graphy (Latin) meaning writing or drawing
E N D
Overview • What is steganography? • Regarding cryptography • Classifications of steganography • Who uses steganography?
What is Steganography? • Steganography comes from the Latin & Greek roots: • Steganos (Greek) meaning covered • Graphy (Latin) meaning writing or drawing • Steganography is the science of hiding information. (Kessler) • Steganography is the art of concealing the existence of information within seemingly innocuous carriers (Johnson) • The Art & Science of using overt objects to create and exploit covert communications. (Trawick)
Covert Channels • Definitions • NSA: Definition 4 - Covert channels are those that "use entities not normally viewed as data objects to transfer information from one subject to another.“ • RSA Labs: A covert channel enables the prisoners [actors] to exchange secret information through messages that appear to be innocuous. • Wikipedia: a covert channel is a type of computer security attack that creates a capability to transfer information objects between processes that are not supposed to be allowed to communicate by the computer security policy. • Steganography is arguably the most common covert channel used (but only among those who consider steganography a covert channel)
Regarding Cryptography • Steganography and Cryptography are not the same • Cryptography seeks to scramble the contents of a message in such a way that it is unreadable without the proper key • Steganography seeks to completely hide the existence of the message • The two concepts can be used together • Order of operations is relevant • A hidden message that is encrypted • An encrypted message that has a hidden message inside
Classifications of Steganography • Insertion • Substitution • Generation
Classifications - Insertion • Adds to beginning or ending of file • In between BOF and EOF headers • Practically unlimited storage • Does not affect the appearance of original • Does not modify the original data • Metadata for the file may be changed, however • File size changes proportionately
Classifications - Substitution • Changes existing data in the original file • In images change typically applied to Least Significant Bit (LSB) • Limits to how much you can hide • Can change the visual appearance
Classifications - Generation • Uses an algorithm and a hidden file to generate a new file • Unlimited storage • Generates pictures such as fractals, static or noise depending on algorithm used. • Use may allow steganography image to remain intact even after processing such as format change
Who Uses Steganography? • Terrorists are thought to use steganography (particularly Web Images) to transmit messages to communicate and coordinate criminal activity • Commercial & Government users use it to communicate with employees and hide critical data • Use as a Dead-Drop so parties don’t know each other
Steganography Detection Try to open all the pictures? • File in question is usually password protected • George Trawick’s PhD Dissertation • Looking for traces of Steganography, something which narrow down the pool of possibilities • In the example of JPEG compression, certain elements remain stable and therefore traceable so that law enforcement can more easier cope with image-altering steganographic techniques
Steganography Detection Tools • StegDetect • Outguess • Camouflage • iSteg - http://www.hanynet.com/isteg/index.html • Pict Encrypt
StegDetect • Uses linear discriminant analysis Outguess, “Steganography Detection with Stegdetect,” Neil Provos, 1999-2004. http://www.outguess.org/detection.php
OutGuess $ outguess -k "my secret key" -d hidden.txt demo.jpg out.jpg Reading demo.jpg.... JPEG compression quality set to 75 Extracting usable bits: 40059 bits Correctable message size: 21194 bits, 52.91% Encoded 'snark.bz2': 14712 bits, 1839 bytes Finding best embedding... 0: 7467(50.6%)[50.8%], bias 8137(1.09), saved: -13, total: 18.64% 1: 7311(49.6%)[49.7%], bias 8079(1.11), saved: 5, total: 18.25% 4: 7250(49.2%)[49.3%], bias 7906(1.09), saved: 13, total: 18.10% 59: 7225(49.0%)[49.1%], bias 7889(1.09), saved: 16, total: 18.04% 59, 7225: Embedding data: 14712 in 40059 Bits embedded: 14744, changed: 7225(49.0%)[49.1%], bias: 7889, tot: 40032, skip: 25288 Foiling statistics: corrections: 2590, failed: 1, offset: 122.585494 +- 239.664983 Total bits changed: 15114 (change 7225 + bias 7889) Storing bitmap into data... Writing foil/out.jpg.... Outguess, “Steganography Detection with Stegdetect,” Neil Provos, 1999-2004. http://www.outguess.org/detection.php
Summary • What is steganography? • Regarding cryptography • Classifications of steganography • Who uses steganography?
References • “Principles of Steganography,” Max Weiss. http://www.math.ucsd.edu/~crypto/Projects/MaxWeiss/steganography.pdf • Wikipedia: http://en.wikipedia.org/wiki/Steganography • Outguess, “Steganography Detection with Stegdetect,” Neil Provos, 1999-2004. http://www.outguess.org/detection.php