Steganography ICS Lab.
Introduction What is Steganography? Steganography is the art or practice of concealing a message, image, or file within another message, image, or file. Origin of the word The word steganography combines the Ancient Greek words steganos (στεγανός), meaning "covered, concealed, or protected", and graphein (γράφειν) meaning "writing"
The first Steganography Ancient Greece, 440BC Wax Covered Tablet (Exactly, Wax Covered the messages) The first recorded uses of steganography can be traced back to 440 BC when Herodotus mentions two examples in his Histories. Demaratus sent a warning about a forthcoming attack to Greece by writing it directly on the wooden backing of a wax tablet before applying its beeswax surface. Wax tablets were in common use then as reusable writing surfaces, sometimes used for shorthand. Herodotus Demaratus
Old Steganography(Physical) Hidden messages within wax tablets Hidden messages on messenger's body In Ancient Greece, hidden by the hair that afterwards grew over it, and exposed by shaving the head again. Invisible ink (Secret ink) During World War II, the French Resistance sent some messages written on the backs of couriers using invisible ink. Messages written on envelopes in the area covered by postage stamps.
Modern Steganography (Digital) Modern Steganography Modern steganography entered the world in 1985 with the advent of the personal computers being applied to classical steganography problems. Examples Concealing messages within the lowest bits of noisy images or sound files. Concealed messages in tampered executable files, exploiting redundancy in the targeted instruction set. Making text the same color as the background in word processor documents, e-mails, and forum posts.
How to conceal the datas? Steganography using LSB(Least Significant Bit) Conceal the binary datas to LSB of each bytes of Target Image. We can embed the secet binary data of BMP file easily. Because, after we change the LSB, Human cannot recognize the difference of colors. The Left side and Right side are seems to shown same color, but the value of G(green) is different. But it is very small change for color. So, the secret datas can hide in the pixels.
How to conceal the datas? Steganography using LSB(Least Significant Bit) Can you recognize the difference of Two images?
Using Tools There are a lot of tools for Steganography S-Tools Windows-based Steganography tool Key Support with IDEA, DES, Triple-DES Encryption OpenStego Need JRE(java runtime environment)
Using Tools : S-tools Example Drag-Drop the original target file This program supports GIF, BMP, WAV only. This Imagefile can hold up to 26,208 bytes. Because this program will embed the secret data to original pixels bit. (not using additional space)
Using Tools : S-tools Example Then, It makes image with hidden data Human cannot found out the difference of that images. Then, right-click on the hidden image, and use save as.
Using Tools : S-tools Example Now, we try to get secret data from image Drag-Drop the hidden image to the program. Right-click on that image, and use Reveal
Using Tools : S-tools Example Input the passphrase and Select Encryption
Using Tools : S-tools Example Then, the secret data will shown on Revealed Archive Right-click on secret file name Secret.txt. Then Use Save as We can get the secret files from Image.
Case Study Terrorist attack of 9/11 In 2001, Osama Bin Laden and terrorist cells use steganography techniques for sent the secret messages. The airplane s structure(boeing 757 Map) was hidden into the Mona Lisa. For Secret Agent Communication In 2010, the eleven secret agent s of Foreign Intelligence Service(Russia) sent the secret messages to hometown while they live in local area with very friendly for neighbors. Finally they arrested by Federal Bureau of Investigation(FBI).
Cryptography Contest in Korea Problem There is secret account numbers in 3 image files. Find hidden message(12-digit account numbers) using 3 image files.
Cryptography Contest in Korea Solution 1 LSB(Least Significant Bit) method is typical way to hiding information in bmp file 0 1 0 1 1 0 0 0 Check bmp header! pixel offset(start of pixel) : 0x436 1 pixel = 8bit
Cryptography Contest in Korea Solution 2 Enhancing the pixel by lsb if lsb is 1, pixel : 0xff else, pixel : 0x00 ex) 54 = 01010100 => 00000000 = 00 37 = 00110111 => 11111111 = ff
Cryptography Contest in Korea Solution 3 Result of enhancing IMG_2257.bmp IMG_2119.bmp IMG_1972.bmp 원본 변환
Cryptography Contest in Korea Solution 4 bit operation 2257 xor 2119 xor 1972 2257 or 2119 xor 1972 2257 xor 2119 and 1972 2257 and 1972 2257 or 2119 2257 and 2119
References Steganography: A New Age of Terrorism, SANS 2004, http://www.giac.org/paper/gsec/3494/steganography-age-terrorism/102620 Wikipedia, http://en.wikipedia.org/wiki/steganography Steganography: Why it Matters in a "Post 911" World, SANS 2002, http://www.sans.org/reading-room/whitepapers/covert/steganography-matters-post-911- world-676