1 / 32

Statistical models for Secure Steganography Systems

Statistical models for Secure Steganography Systems. N.Muthiyalu Jothir Media Informatics. Agenda. Introduction Steganography Information theory Security Model Limitations Conclusion. Introduction.

prentice
Download Presentation

Statistical models for Secure Steganography Systems

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Statistical models for Secure Steganography Systems N.Muthiyalu Jothir Media Informatics DRM Seminar

  2. Agenda • Introduction • Steganography • Information theory • Security Model • Limitations • Conclusion DRM Seminar

  3. Introduction • “Steganography is the art and science of writing hidden messages in such a way that no one apart from the intended recipient knows of the existence of the message” • “Covered or Hidden Writing” DRM Seminar

  4. Steganography Vs Cryptography • Steganography is the dark cousin of cryptography, the use of codes. • Cryptography  Privacy • Steganography Secrecy DRM Seminar

  5. Digital Still Images • Larger the cover message – Easier to hide message • For example: a 24-bit bitmap image will have 8 bits representing each of the three color values (R,G,B) • Watermarking, Fingerprinting etc. DRM Seminar

  6. Information Theory • “The fundamental problem of communication is that of reproducing at one point either exactly or approximately a message selected at another point.” -C.E. Shannon, 1948 DRM Seminar

  7. According to Shannon, the entropy of a random variable X with probability distribution PX and alphabet אis defined as indicates the amount of information contained in x, i.e., the number of bits needed to code x. For example, in an image with uniform distribution of gray-level intensity, i.e. Px = 1/256, then the number of bits needed to code each gray level is 8 bits. The entropy of this image is 8. Information Theory …cont DRM Seminar

  8. …cont • Information  "only infrmatn esentil fo understandn mst b tranmitd." • The amount of information, or uncertainty, output by an information source is a measure of its entropy. • In turn, a source's entropy determines the amount of bits per symbol required to encode the source's information. DRM Seminar

  9. Relative Entropy • Let p and q be two probability distributions on a common alphabet X. Relative entropy / Kullback Leibler “distance” between p and q is defined as • D(p || q) is a measure of the inefficiency of assuming that the distribution is q when the true distribution is p. DRM Seminar

  10. Security Model : Proposed • An information-theoretic model • Presence of passive adversaries • “Simmons' Prisoners‘ Problem" • “Hypothesis” testing problem DRM Seminar

  11. Active adversaries • Presence of hidden message is known Publicly • E.g., Watermarking and Fingerprinting. DRM Seminar

  12. Scenario with Passive Adversaries • Players  Alice and Bob • Passive Adversary  Eve • “Cover Text, C”  Original, unaltered message • “Stegotext, S” Transformed message using Secret Key. DRM Seminar

  13. Eve, the decision maker Hypothesis testing DRM Seminar

  14. Model • The security of a steganographic system is quantified in terms of the relative entropy D(PC | PS) (or discrimination) between PC and PS. • D(PC | PS) = 0  stego system is perfectly secure DRM Seminar

  15. Security System DRM Seminar

  16. Observations • H(S / CEKR) = 0  Certainty • H(E) > 0  Uncertainty • H(E / SK) = 0  Certainty DRM Seminar

  17. …cont • Alice is inactive she sends cover text C • Active S is a concatenation of multiple messages from Alice • The probability distributions of cover text (Pc) are assumed to be known to all parties DRM Seminar

  18. Security Definition • Definition 1 : A stegosystem as defined previously with cover text C and stegotext S is called Є – secure against passive adversaries if D(PC|PS) ≤ Є • If Є = 0, the stegosystem is called perfectly secure. DRM Seminar

  19. Eve's decision process • Binary partition (C0, C1) of the set C of possible cover texts • Alice is active if and only if the observed message ‘c’ is contained in C1. • Type II error Eve fails to detect • Probability β • Type I errorEve accuses Alice when she is inactive. • Probabilty ά. Assumed to be zero. DRM Seminar

  20. Theorem • The stegosystem that is Є-secure against passive adversaries, satisfy d(ά,β) ≤ Є • In particular, if ά = 0, then β = 2-Є DRM Seminar

  21. …cont • In a perfectly secure system, D(PC|PS) = 0  PC = PS; Thus, Eve can obtain no information about whether Alice is active by observing the message. DRM Seminar

  22. External Information Influence • The modified stegosystem with external information Y , cover text C, and stegotext S is called Є - secure against passive adversaries if D(PC|Y |PS|Y ) ≤ Є DRM Seminar

  23. One-time pad • Security  The stegotext distribution is close to the cover text distribution without knowledge of the key. • Cover text C is a uniformly distributed n-bit string • The key generator chooses the n-bit key K • S = e K and Bob can decode by computing e = S K DRM Seminar

  24. Security of One Time Pad • Uniformly distributed in the set of n-bit strings and therefore D(PC|PS) = 0. • Perfect steganographic security • One-time pad system is equivalent to the basic scheme of visual cryptography • But, Wardens never allow random messages  Drawback DRM Seminar

  25. Universal Data Compression • Traditional data compression techniques • Huffman coding • require a priori knowledge about the distribution of the data • Universal data compression algorithms • Lempel and Ziv • source statistics are unknown a priori or vary with time DRM Seminar

  26. Willems' Repetition algorithm • Parameters  block length L and delay D • Binary source X producing {Xt} = X1, X2,… with values in {0,1}. • Source output is divided into blocks Y1, Y2… of length L • Encoding of a block Yt operates by considering • Repetition time, the length of the interval since its last occurrence. DRM Seminar

  27. …cont • Repetition time is encoded using the following code • where || denotes the concatenation of the bit strings. DRM Seminar

  28. The Modification for Information Hiding • Information hiding takes place if the encoder or the decoder encounters a block y such that ty≥ 1/ρ • If this is the case, bit j of the message m is embedded in y’ according to DRM Seminar

  29. Limitations • Embedding distortion DEmb can be large for the same secure statistics • Future work by Joachim and Bernd, address the above issue. DRM Seminar

  30. Conclusion • A security model has been proposed • Forms the basis for the hypothetical testing scenario • Security of the Steganography system depends on the relative entropy between C and S. DRM Seminar

  31. References • Christian Cachin, “An Information - Theoretic Model for Steganography”, Cambridge, 1998. • Joachim, Bernd, “A Communications Approach to Image Steganography”, Proceedings of SPIE, Jan 2002. DRM Seminar

  32. Thank You… DRM Seminar

More Related