Explore some popular steganography tools and how to perform steganalysis
As children, most of us have used lemon juice as invisible ink to write messages to our friends. There was an indescribable thrill in watching words appear — almost magically — when we held a white sheet of paper up in front of a candle flame. What you might not have known back then is how this experiment demonstrates not only oxidation but also steganography!
In this article, we’ll look at some popular steganography tools and how they’re useful in steganalysis. But before that, let’s dive into some history on how steganography was introduced and what the differences are between steganography vs cryptography.
Security Through Obscurity: What Is Steganography?
Steganography is an age-old practice of hiding data (in any form — text, image, etc.) in plain sight within another object. This process allows you to transmit information undetected, without arousing any suspicion.
While the first recorded use of steganography can be traced back to ancient Greece, it was Johannes Trithemius in 1499 who, with his book Steganographia, officially gave it a name. Over the years, and as the results of technological advances, digital steganography has gained popularity. Examples of relatively recent steganography include:
- microdots being heavily used during the world wars,
- prisoners blinking in Morse code, and
- Cicada 3301 internet puzzles.
Steganography has even been used by modern spy rings such as the Illegals Program, a network of Russian spies who used steganography to aimed to leak classified information back to Russian intelligence.
So, how does steganography work? Let’s consider the following example:
Suppose Erin wants to send a secret message to Todd without anybody’s knowledge. He uses a steganographic method to conceal the secret message within a carrier object like an audio clip or an image file. The embedding process generates a new stego object that Erin can now send to Todd without arousing suspicion.
To a regular observer, it looks like an ordinary file since the hidden message is invisible. Upon receiving the object, Todd uses the same steganographic method to extract the secret message from the object. Sometimes a key is used along with the steganographic method to provide additional security. If Erin uses this added security measure, Todd must use the same key to extract the secret message.
What Is Cryptography?
Cryptography is the method of protecting information by transforming it using mathematical concepts and algorithms into an unreadable form. The data is encrypted using public or private key cryptography. In public key (or symmetric key) cryptography, the same key is used to encrypt and decrypt a message. In private key (or asymmetric key) cryptography, different keys — a public and a secret key that are mathematically related to each other — are used.
Modern cryptography concerns itself with the following primary objectives:
- Confidentiality. The encrypted message (or ciphertext) can’t be decipherable to anyone for whom it was unintended
- Integrity. The message sent must be delivered unaltered to the receiver, or the modification must at least be detected.
- Non-repudiation. The sender cannot deny sending the message at a later stage, or a recipient can’t dispute receiving a message.
- Authentication. The sender and recipient can confirm each other’s identity and the origin/destination of the message.
So, with all of this in mind, what is the difference between steganography and cryptography?
Steganography vs Cryptography
Steganography is often confused with cryptography because both the techniques intend to keep your data private from prying eyes. The ways they achieve said goals, however, are very different:
- With cryptography, any eavesdropper will know that the information you’re exchanging has been encrypted and rendered unreadable without knowing the secret decryption key.
- Steganography, on the other hand, camouflages your data and transmits it using seemingly innocuous carrier media to prevent snoops from knowing that a secret exchange is taking place.
|Basis for Comparison||Steganography||Cryptography|
|Goal||Conceals the occurrence of any exchange between parties to facilitate secret communication.||Encrypts the contents of visible communications to protect the data.|
|Concealment Tactic||The embedded message is invisible to an unaware observer.||The encrypted message is indecipherable to anyone without the decryption key.|
|Supported Security Principles||Confidentiality and authentication||Confidentiality, data integrity, authentication, and non-repudiation|
|Implementation Techniques||Spatial domain, transform domain, distortion, etc.||Asymmetric key encryption, symmetric key encryption, etc.|
|Counter Steps||Use rigid protocol specifications, data sanitizationMonitor data exchanges, perform analyses that include looking for structural oddities suggestive of manipulation||Use reverse engineering to break complex algorithms Implement cryptography export laws that prohibit the transfer of such devices or technology between countries|
Let’s explore a few steganography tools. We’ll discuss how they’re used to hide and transmit information inconspicuously through files and media.
1. Xiao Steganography
Xiao Steganography is a free tool with an easy to use interface. You can use this software to conceal your secret messages inside BMP images or WAV files. All you need to do is upload a WAV or BMP file as the carrier and then add the secret file which you wish to hide. It supports encryption algorithms like RC4, Triple DES, and hashing. Choose the algorithm you want to apply from the list and save the stego-medium. To decrypt it, the receiver will need to use the same tool.
Steghide is an open-source, command-line software that you can use to hide your message in an image or within an audio file.
To insert your secret message within a carrier file, use the following command after modifying the file extensions as required:
> steghide embed -cf image.jpg -ef secret.txt
On the receiver’s end, to extract the secret image, run the following command:
> steghide extract -sf image.jpg
To view additional info on the file received, before proceeding to extract it, you can execute the command as follows:
> steghide info image.jpg
Note: This tool accepts input in the form of JPEG, BMP, WAV, and AU, and the embedded message is not limited to text. It uses Rijndael’s algorithm, a block cipher with a key size of 128 bits, and it’s recommended for Mac and Linux users.
Crypture is another command-line tool that accepts BMP as the input file within which you can hide your messages. One constraint is that the BMP image file needs to be eight times larger than your secret data file. On the bright side, though, the software itself is only 6 KBs in size and doesn’t require any installation.
4. SSuite Picsel Security
SSuite Picsel, a leading product from the SSuite office software, is a free portable standalone application for steganography. You can use this tool to hide text within image files using a different approach that uses image files as keys. In addition to the image file where you embed the secret message, another image file is used as a key instead of a passphrase for encryption. It accepts BMP, JPG, JPEG, and WMF as input files.
DeepSound is an audio steganography tool that hides or extracts secret messages within or from your audio files or audio CD tracks. It also supports encryption using AES-256 to improve data protection. Additionally, the application comes with an easy to use audio converter module with support for several audio formats, including FLAC, MP3, WMA, WAV, and APE.
Now that we have taken a look at how to conceal information, how do we detect when messages are hidden using steganography? Steganalysis is niche area in the field of information hiding that does precisely that. This process aims to identify suspected packages, determine whether they have hidden payloads, and, if feasible, attempts to recover them. Steganography and steganalysis are, essentially, two sides to the same coin — the former conceals, and the latter detects and recovers.
Several methods and techniques can be used to perform steganalysis, but they can broadly be classified into two types — targeted (or specific) steganalysis and blind (or universal) steganalysis. The targeted steganalysis method is entirely dependent on the steganographic algorithm that is used to conceal the secret data, whereas with blind steganalysis, the processes are independent of the underlying algorithm. Targeted steganalysis can further be categorized as visual, statistical, and structural attacks.
Listed below are some tools you can explore to try your hand at steganalysis:
- StegExpose is a steganalysis tool, specializing in the detection of LSB steganography (LSB stands for “least significant bit”) and quantitative steganalysis. It can detect manipulation in lossless images like PNG and BMP and comes with a command-line interface. It analyzes images in bulk and produces reports and customizations that add a layer of simplicity for any non-forensic user.
- Stegdetect is another commonly used steganalysis tool by security researcher Niels Provos. StegoHunt is a commercial product that can be used as an alternative.