The art and science of hiding communication!!
Firdous Ahmad1 Khan
CSE @ NIT SXR
TABLE OF CONTENTS
• Different Than Cryptography
• Historical Perspective
• Steganography in Written Text
• Modern Steganography
• Text In Image
• Image in Image
• Audio & Video Steganography
• UV Watermarking
• Network Steganography
• Derived from the Greek words steganos (στεγανός) meaning "covered or
protected," and graphei (γραυή) meaning "writing."
• It is the art of hiding stuff in stuff so that others can’t see your stuff.
• Steganography is the practice of hiding data in other data in an effort to keep third
parties from knowing that the intended message is even there !
• Encryption's ugly step brother !
• It has art aspects since human judgment is involved.
• Principle : Principle Of Steganography.mp4
DIFFERENT THAN CRYPTOGRAPHY
• Cryptography is the essence to prepare a message in such a way that unauthorized
parties aren’t able to understand it while as Steganography is the essence to
embed secret messages within seemingly innocent carriers such that unauthorized
parties are unaware of the communication.
• Cryptography provides privacy, Steganography is intended to provide secrecy.
– hide, without altering
– obfuscates the fact of communication, not the data
– preventative - deters attacks
– alter, without hiding
– obfuscates the data, not the fact of communication
– curative - defends attacks
• Dates back to 400 BC when Histaeus sent a message, by shaving the
head of his most trusted slave, then tattooed a message on the slave's
scalp, to his friend Aristagorus, urging revolt against the Persians.
• Demaratus tells Athens of Persia’s attack plans by writing the secret
message on a tablet, & covers it with wax.
• Chinese wrote messages on silk and encased them in balls of wax. The
wax ball, "la wan," could then be hidden in the messenger.
• A more subtle method, nearly as old, is to use invisible ink( lemon juice,
milk, or urine, all of which turn dark when held over a flame).
• Microdots used by Germany in WW2 documents shrunk to the size of a
dot & embedded within innocent letters. Inkjet dots smaller than human
eyes can see.
[Prison Break Serial]
c. First Publication on Steganography
Also the first book on Steganography was entitled “Steganograpia” written by Johannes Trithemius in the
• Proposed by Girolamo Cardano in XV century.
• Carden grille was a sheet of parchment with
apertures for writing text.
• Pricking pin holes above or below the letters in a
newspaper or article.
• Used by Nazi Forces in WW2.
• In 1984 Gustavus Simmons formulated this
• Two accomplices are arrested in separate
cells & are allowed to communicate via
warden who can look into the contents of
• The prisoners are to agree on an escape
plan without raising suspicion of the warden.
• Solution is to create a subliminal
channel(communicate secretly in normal
looking communication over an insecure
STEGANOGRAPHY IN WRITTEN TEXT
• Covert text can be embedded in printed matter or in text.
• Embedding can also be by means of altering the
appearance of text as
d) Font color alterations.
In 2004 it was revealed that several printer manufactures use steganography to hide
information about printer serial numbers and the manufacturing code to track
Brother, Canon, Dell, Epson, HP, IBM, Konica Minolta, Kyocera, Lanier, Lexmark,
Ricoh, Toshiba, Xerox
• An actual message from German spy “read second letter in each word”
(example of NULL CIPHER)
“Apparently neutral's protest is thoroughly discounted and ignored.
Isman hard hit. Blockade issue affects pretext for embargo on byproducts, ejecting suets and vegetable oils”.
Pershing sails from NY June 1
• We explore new steganographic and cryptographic algorithms and
techniques throughout the world to produce
wide variety and
security in the electronic web called the Internet.
Explore The World Wide Web
• Use Different fonts to indicate 0/1 of letter encodings(Francis Bacon
• Laser printers can adjust spacing of lines and characters by less
than 1/300th of an inch. To hide a zero, leave a standard space,
and to hide a one leave 1/300th of an inch more than usual. Varying
the spacing over an entire document can hide a short binary
message that is undetectable by the human eye.
• Hiding one message within another(“container”)
• Most containers are rich media
Images, audio, video are very redundant, can be tweaked without affecting human eye/ear
US argued that Al_QAIDA implanted instructions within taped interviews.
• Copyright notices embedded in digital art
Serial number embedded to prevent replication
Seek infringements on the web using spiders/crawlers
• Digital cameras EXIF(Exchangeable Image File Format) tags
Not secretive but hidden from the eye
Embed info such as camera type, date, shutter speed, focal length..
• Similarly, possible to embed messages in invisible part of html pages
TEXT IN IMAGE (2 METHODS)
• Consider a 8-bit grey scale image
One pixel of information is stored using 8 bits.
There are 256 different variations of grey.
• As a simple example of least significant bit(LSB) substitution, imagine "hiding" the character 'G'
across the following eight bytes of a carrier file (the least significant bits are underlined):
10010101 00001101 11001001 10010110
00001111 11001011 10011111 00010000
• A 'G' is represented in the American Standard Code for Information Interchange (ASCII) as the binary
string 01000111. These eight bits can be "written" to the least significant bit of each of the eight carrier
bytes as follows:
• In the sample above, only half of the least significant bits were actually changed (shown above in
italics). This makes some sense when one set of zeros and ones are being substituted with another
set of zeros and ones.
LSB ADVANTAGES AND DISADVANTAGES
• Does not change the size of the file
• Is harder to detect than other steganography
• Normally must use the original program to
hide and reveal data
• If the picture with the hidden information is
converted to another format, then the hidden
data may be lost
CAN YOU TELL THE DIFFERENCE
After Encoding “101”:
Same file with “I should
be able to hold 37
IMAGE IN IMAGE
The Image used for embedding should be 8 times greater than the image which is supposed to be kept
AUDIO & VIDEO STEGANORAPHY
• Data is hidden by modifying sample data.
• Coding still frames - spatial or frequency
• Uncompressed audio formats
• data encoded during refresh
– WAV (Waveform Audio File Format)
– BWF (Broadcast Wave Format)
– MBWF (Multichannel Broadcast Wave
• Compressed audio formats
• visible watermarking
used by most networks (logo at bottom-right)
Example : Audio Steganography.mp4
• Advanced Audio Coding (AAC)
• Free Lossless Audio Codec (FLAC)
• Direct Stream Transfer (DST)
Spatial domain watermarking
• bit flipping
• color separation
Frequency domain watermarking
• embed signal in select frequency bands (e.g. high frequency areas)
• Network Steganography
Information hiding techniques which can be utilized to exchange steganograms in telecommunication networks.
Can be Intra-protocol or Inter-protocol
unused bits in packet headers
IP(Type of service, Flags, fragment offset, etc.)
• LACK(Lost Audio Packet Steganography)
Hide information in packet delay.
• HICCUPS (Hidden Communication System for Corrupted Networks)
Disguise information as natural “distortion” or noise.
• Operating System
slack space(Fragmentation issue)
normally used to hide data from investigators
STEGANOGRAPHY VS WATERMARKING
Goal of steganography
• Intruder cannot detect a message
• Primarily 1:1 communication
Goal of Watermarking
• Intruder cannot remove or replace the message
• Primarily 1:* communication
• Example : Watermarks.mp4
• The art and science of steganalysis is intended to detect or estimate hidden information
based on observing some data transfer.
• In some cases, just being caught sending a message can bring suspicion, or give
information to the 3rd party
• Why is this person hiding something?
• Why all the communication right now?
• Steganalysis techniques can be classified in a similar way as cryptanalysis methods, largely
based on how much prior information is known
• Steganography-only attack: The steganography medium is the only item available for analysis.
• Known-carrier attack: The carrier and steganography media are both available for analysis.
• Known-message attack: The hidden message is known.
• Chosen-steganography attack: The steganography medium and algorithm are both known.
• Chosen-message attack: A known message and steganography algorithm are used to create
steganography media for future analysis and comparison.
• Known-steganography attack: The carrier and steganography medium, as well as the
steganography algorithm, are known discipline with few articles appearing before the late 1990s.
• Steganography & Steganalysis are still at an early stage of research.
• Although in principle secure schemes exist, practical ones with reasonable capacity are known.
• Notion for security & capacity for steganography needs to be investigated.
• Since it obvious that no system of data hiding is totally immune to attacks. However,
steganography has its place in security. It in no way can replace cryptography, but is
intended to supplement it. Its application in watermarking for use in detection of unauthorized,
illegally copied material is continually being realized and developed.
• The growing number of communication protocols, services and computing environments
offers almost unlimited opportunities for displaying a whole spectrum of steganographic