Steganography Paul Gretes Gangster pay ho Dennis Pattersonno sniper DNA test A lepers gut

Topics  Driving Interest and Examples  Prisoner’s Problem  Public/Private Key Steganography  Attacks  Basic Theory  Watermarking/Fingerprinting

p h g l o j i m e i s s u n a f y ne i rs n r Apparently neutral’s protest is thoroughly discounted and ignored. Isman hard hit. Blockade issue affects pretext for embargo on by-products, ejecting suets and vegetable oils. Intercepted message:

p h g l o j i m e i s s u n a f y ne i rs n r (Perishing sails from NY June I)

Steganography  Comes from the greek words  and  – literally, “covered writing”  Steganography conceals the fact that a message even exists.

Driving Interest behind Steganography  Military and Intelligence agencies –Battlefield Communications  Criminals –Or terrorists (Bin Laden suspected use)  Law Enforcement and counter intelligence agencies –Interested in weaknesses

Earlier Examples  Prisoners hid messages in letters home using the dots and dashes on i, j, t, & f to spell out a hidden text in Morse Code  Herodotus tells us Histiaeus shaved the head of his most trusted slave and tattooed it with a message which disappeared after the hair had regrown.

Example

Steganography diagram

Definitions…  Embedded data – message you want to send  Cover object – text, image, audio, or other object to hide data in  Stego-key – used to control hiding process  Stego-object – resulting object when data is hidden in cover object  Robustness –>

Steganography in pictures  How? –Least Significant Bit Insertion –Masking and Filtering More robust than LSB Insertion –Algorithms and Transformations

LSB Insertion  3 pixels of a picture might be (without compression) ( ) ( ) ( )  Binary value for A is  New data for 3 pixels would be ( ) ( ) ( )  Change won’t be visually noticeable!

Steganography in Audio  Echo hiding –We cannot perceive short echoes (millisecond short) –Introduce two types of short echo with different delays to encode zeros and ones  Example program: MP3Stego –Information hidden during compression process

Aphex Twin

Steganography in Programs  Example program: Hydan –Exploits redundancy in the i386 instruction set by defining sets of functionally equivalent instructions Can add 50 or subtract –50 XOR DX,DX MOV BX, 4 MOV AX,3 versus MOV AX, 3 MOV BX,4 XOR DX, DX MUL BX MUL BX –Same code, new order---when paired with original, can give meaning

 Marks should not degrade the perceived quality of the work  Detecting the presence and/or value of a mark should require knowledge of a secret  Multiple marks should not interfere with each other  Mark should survive all attacks that do not degrade work’s perceived quality –Resampling, dithering, compression, and combinations of these Qualities of a Robust Marking System

Channels  Covert Channels –Usually non-digital –Flower pot example  Subliminal channel –Exploits existing randomness –Regular communication through stego-object  “Supraliminal” channel –Low bandwidth – maybe establish session key –Information not hidden but cannot be modified Example: a novel

Prisoners’ Problem  Two individuals attempt to communicate covertly without alerting a “warden” who controls the communications channel

Prisoners’ Problem, continued  Passive Warden – monitors traffic and signal to some process outside the system if unauthorized message traffic is detected; (just spies on channel)  Active Warden – tries to remove all possible covert messages from cover texts that pass through their hands; (can slightly modify data being sent) –Much harder to deal with

Pure Steganography  In the best case, prisoners would not have to communicate prior to imprisonment (to trade encryption keys)  Is it possible? –Very difficult to engineer

Public/Private Key Steganography  Intertwined with Prisoner’s Problem  Private-Key Steganography assumes that Alice and Bob are allowed to share a secret key prior to imprisonment, or even trade public keys  Public-Key Steganography – shared key isn’t necessary – one only needs to know the other’s public key (may have to check all objects for messages)

Role of Randomness  Average information rate given by entropy  Example: entropy of monochrome images is generally around 4 – 6 bits/pixel –Use this difference to hide information –All the gain provided by compression is used for hiding

Watermarking/Fingerprinting  Cousin to steganography  Not limited to images (but is main focus)  Fingerprint – hidden serial number  Watermarking – hidden copyright message –Visible Company logo (image) –Invisible More applications Fragile – mark destroyed if image manipulated (ex: in Court) Robust – mark is resistant to image manipulation (verify ownership)

Types of Marking  Private Marking – require original for comparison –What if original is tampered with?  Public Marking (or Blind Marking) – requires neither secret original or embedded mark –More challenging –More useful

Attacks  Robustness attack –Try to diminish or remove mark  Presentation attack –Modify content such that detector cannot find mark  Interpretation attack –Devise a situation which prevents assertion of ownerships  Many attacks are combinations of above

Original image Rotated Stretched Cropped Blurred (would more likely be a combination of manipulations) Robustness Attacks

 Program: StirMark –Slightly stretches, shifts, bends, rotates by an unnoticeable, random amount. Then, adds a low frequency deviation to each pixel. Also adds smoothly distributed error.  Attack on Echo Hiding –Try to detect echo and remove it

Presentation Attack  Mosaic Attack –Chop image into smaller images –Prevents web crawlers from finding whole image and checking for watermark

Interpretation Attack  Owner of document d encodes watermark w, publishes the marked version d + w and has no other proof of ownership.  Attacker registers his watermark as w’ can claim that original unmarked version of it was d + w – w’.

 Goal: discover covert messages  Extended  2 tests  Stuff way to complicated for this presentation Statistical Steganalysis

Conclusions/Summary  Complicated  Many methods of implementation  Implementation depends on situation –Many situations –Many assumptions  Must ensure robustness (in most cases)

Works used  Most information: –Fabien A. P. Petitcolas, Ross J. Anderson, and Markus G. Kuhn. Information hiding - a survey. Proceedings of the IEEE, 87(7), pp , July –Neil F. Johnson, Sushil Jajodia. Exploring Steganography: Seeing the Unseen, IEEE Computer, February pp –Niels Provos. Defending Against Statistical Steganalysis. In Proceedings of the 10th USENIX Security Symposium, pages , August –R. Anderson, "Stretching the limits of steganography," in Information Hiding, Springer Lecture Notes in Computer Science vol. 1174, pp , –R. Anderson and F. Petitcolas. On the limits of steganography, ieee journal on selceted areas in communications 16, pp , may 1998., –‘Resolving Rightful Ownerships with Invisible Watermarking Techniques: Limitations, Attacks, and Implications.’ Craver, N. Memon, B.-L. Yeo, M. M. Yeung, IEEE Journal of Selected Areas in Communications, vol. 16 no. 4 pp. 573– 586, May 1998, Special issue on copyright & privacy protection. –S. Craver, "On Public-Key Steganography in the Presence of an Active Warden." in Information Hiding II, Springer Lecture Notes in Computer Science v 1525 (April 1996), pp 355—368.  Other information: various websites