Security
Headlines
HeadlinesLatestCVEs

Headline

Explained: Steganography

Categories: Explained Categories: News Tags: Steganography

Tags: encryption

Tags: least significant bits

Tags: rgb

Tags: masking

Tags: palette-based

Tags: lossy

Tags: compression

Tags: cropping

Steganography is the prime example of hiding something in plain sight. We look at the basics, some methods, and the hurdles of hiding messages in images.

(Read more…)

The post Explained: Steganography appeared first on Malwarebytes Labs.

Malwarebytes
#git

Steganography is the prime example of effectively hiding something in plain sight. The word steganography comes from the Greek words “stegos” meaning “cover” and “grafia” meaning “writing.” Steganography, then, is defined as “covered writing."

In essence, we use the name steganography for every technique that conceals secret messages in something that doesn’t immediately cause suspicion.

In this article we will focus on steganography in digital images.

Methods

Hiding a message inside an image without changing its visible properties too much requires some work, but if the work is automated it can be done quickly and effectively.

Least significant bits

In the RGB color scheme, each pixel’s color is defined by 24 bits. The first 8 bits encode the amount of red in the pixel, the next 8 bits encode the amount of blue, and the next 8 bits encode the amount of green.

This method of steganography uses bits of each pixel in the image and makes hardly noticeable changes to the color by changing the least significant bits of the RGB amounts. The resulting changes that are made to the least significant bits are too small to be recognized by the human eye.

For example if a pixel has the color defined by RGB values (124, 5, 78) and I would change that to (123, 6, 79) in order to hide some message, the difference in colors will be minimal.

Images courtesy of rgbtohex.net

You can barely see the difference between the color of the two figures, let alone such a difference when it would only be shown in pixels in a broader image.

Masking

The methods that use these techniques are effectively similar to paper watermarks, creating markings in an image. This can be achieved, for example, by modifying the luminance of parts of the image. Luminance determines how bright a particular object will appear in its given size per unit.

Without a color, luminance is the value from which an image’s brightness can be calculated. And without an available comparison to the original, these changes will hardly be noticeable. Masking and filtering techniques are mostly used on 24 bit and grey scale images. Masking images entails changing the luminance of the masked area.

Palette-based technique

Senders embed their message in palette-based images such as GIF or PNG files. The persistence of palette based images is very interesting. There is a color lookup table which holds all the colors that are used in the image. Each pixel is represented as a single byte and the pixel data is an index to the color palette.

There are two approaches to hiding messages in palette-based images:

  • Embedding messages into the palette. The capacity does not depend on the image and is limited by the palette size.
  • Embedding into the image data. Provides a higher capacity, but it is generally harder to design a secure scheme.

Compression and cropping

There are some possible hurdles that can remove or distort the hidden message between being created and reaching its destination. To escape those pitfalls the choice of the format and the method is important. And you will have to know which hurdles you can expect on the chosen route.

To prevent data loss there are three elements to consider in steganography:

  • the message from the sender to the receiver
  • the carrier, in our case the image in which the message is hidden
  • the key is the information the receiver needs to find the message

The most common worry will be whether any operations that are performed on the carrier on its way from the sender to the receiver have an impact on the message. A much researched topic in this field is resisting JPEG compression. Lossy compression removes redundancies that are too small for the human eye to differentiate which makes the compressed files a close approximate, but not an exact duplicate of the original one. A famous file format that does lossy compression is JPEG.

Due to the development of mobile communication technology, many social media platforms such as Facebook, Twitter, and Instagram transmit enormous amounts of images. JPEG compression is always applied on the images of social media platforms out of consideration for the bandwidth, tariff, traffic, and other restrictions. This kind of lossy operation often destroyed the message hidden by traditional steganography techniques.

Cropping is an operation that can be used to make an image smaller (in pixels) and/or to change the aspect ratio (length to width) of the image. One approach to resist cropping is to copy the steganographic mark several times in different positions of the image.

Since masking techniques embed information in significant areas, the hidden message is more integral to the cover image than it will be when you are hiding the information at the noise level as you would with LSB techniques.

Steganography vs encryption

Why would we hide our secret message in an image rather than encrypt it? After all, an encrypted message cannot reveal its contents if its intercepted, unless the interceptor has the decryption key.

However, sending encrypted messages might imply that there is something we want to hide.

So, what to do if you want to send a secret message to someone without anyone else knowing that there is a secret in the message? Steganography is a possible answer to that problem.

Other hurdles

To find the hidden message the receiver will need some information and to prevent that the message can be found and read by anyone this will need a certain amount of complexity.

In top secret communications you will see a combination of steganography and encryption where a hidden message needs to be decrypted before it reveals anything meaningful. One of the problems is the security of transferring the key used for steganography between sender and receiver.

Again, there has been a lot of research into this matter. It can be as simple as using matching encode and decode routines. But whichever method you chose, it is imperative to have clear and unambiguous agreements in place if you want to rely on steganography for your secret communications.

Example

Let’s hide a message in the image we used as a header for this post. We used the python script which is available on geeksforgeeks.org.

Original:

With a hidden message:

The elegant part of this script is that the receiver does not need a copy of the original image or some cipher to decode with. The receiver just needs to use the same script to decode the message.

As you can see from the example images above, though there is no perceptible difference between the two images, we have, indeed, hidden a message within (Malwarebytes rocks).

Malwarebytes: Latest News

Large eBay malvertising campaign leads to scams