Computer Crime Research Center

cybercrime/223.jpg

What is steganography and how does it differ from cryptography?

Date: August 26, 2019
Source: Computer Crime Research Center
By: JOSH LAKESPECIALIST IN SECURITY, PRIVACY AND ENCRYPTION

... level, and amount of scrutiny expected.

If data is hidden in images, it’s still quite hard for the human eye to detect anomalies when 20 percent of the data has been replaced, assuming the information has been well hidden. At lower percentages, the image will look essentially the same. As more data is packed in, the quality starts to deteriorate and you may even be able to see elements of the hidden picture.

If you’re having trouble getting your head around what it looks like, check out the examples starting at page three, and then again from page 12 in this paper written by John Ortiz for Black Hat.

If we use 20 percent as a benchmark, then it’s best to have a file that’s at least five times the size of the data you want to conceal. With this technique at a low risk level, you would want a five gigabyte file for each gigabyte that you want to hide.

This makes steganography relatively inefficient. If your goal is to keep data secure and confidential, rather than to obscure the fact that communication is taking place, cryptography is generally a better option.

On top of the efficiency problem, the recipient also needs to know where and how information has been hidden so that they can access it. This generally means that you will need access to a secure channel so that you can discuss these details without any attackers intercepting them. Because secure channels are often difficult to come by, particularly in situations that require steganography in the first place, this can be a difficult problem to surmount.

Finally, when trying to keep information hidden, it’s important to consider Kerckhoff’s principle:

“A cryptosystem should be secure even if everything about the system, except the key, is public knowledge.”

The central point is that it is unwise to use a system where the only protection is the enemy’s lack of awareness – they may stumble upon or deduce that there is hidden data, then figure out ways to extract it.

It depends on the situation, but if keeping information secure and inaccessible to unauthorized parties is of the utmost importance, then data should be encrypted with a private key before steganographic techniques are applied.

The different types of steganography
There are too many types of steganography to cover each one, so we will stick to the more commonly used and interesting forms, giving examples of how they are used.

Physical steganography
Steganography was developed well before computers, so there are a range of non-digital techniques that we can use to hide information.

Invisible ink
Throughout history, invisible ink has been one of the most common steganographic practices. It works under the principle that a message can be written without leaving any visible marks, only to be revealed later after a certain treatment is applied.

A wide range of substances can be used as invisible inks. Some of these include lemon juice, cola, wine, vinegar, milk, and soapy water, all of which can be made visible by heat. Laundry detergents, sunscreen, soap and saliva are also invisible inks, but they are revealed by ultraviolet light instead.

There are also a number of combinations where the first ingredient is used to write and the second causes a chemical reaction that makes the image visible. These include starch and iodine, iron sulfate and sodium carbonate, vinegar and red cabbage water, phenolphthalein and ammonia fumes, as well as salt and silver nitrate.

Invisible ink can only be relied on when adversaries don’t suspect that it’s been used. If messages are already being screened, it may not be the best technique, because it’s relatively easy to uncover the messages. Likewise, if the writing process leaves behind any signs, such as a different texture, scratch marks or an altered sheen, the invisible ink might be detected by the enemy.

Invisible ink was a critical part of George Washington’s communication process as he worked to overthrow the British. He created a spy group in 1778, and messages would frequently be sent between the members. They would often write a legitimate shopping list with an invisible ink message hidden underneath, just in case the note was intercepted.

They used an ink developed by Dr. James Jay. Washington often referred to it as ‘medicine’ in his letters as a cover. The letters were also frequently written in code, just in case the British came across one of the messages. Combining steganography with encryption added another layer of protection.

Original article



Add comment  Email to a Friend

Copyright © 2001-2013 Computer Crime Research Center
CCRC logo