steganography
DESCRIPTION
STEGANOGRAPHYTRANSCRIPT
1INTRODUCTION
Steganography comes from the Greek and literally means Covered writing It is one of
various data hiding techniques which aims at transmitting a message on a channel where
some other kind of information is already being transmitted This distinguishes
steganography from covert channel techniques which instead of trying to transmit data
between two entities that were unconnected before
The goal of steganography is to hide messages inside other ldquoharmlessrdquo messages in a way
that does not allow any ldquoenemyrdquo to even detect that there is a second secret message present
The only missing information for the ldquoenemyrdquo is the short easily exchangeable random
number sequence the secret key without the secret key the ldquoenemyrdquo should not have the
slightest chance of even becoming suspicious that on an observed communication channel
hidden communication might take place
Steganography is closely related to the problem of ldquohidden channelsrdquo n secure operating
system design a term which refers to all communication paths that cannot easily be restricted
by access control mechanisms In an ideal world we would all be able to sent openly
encrypted mail or files to each other with no fear of reprisals However there are often cases
when this is possible either because the working company does not allow encrypted email or
the local government does not approve of encrypt communication (a reality in some parts of
the world) This is where steganography can come into play
Data hiding techniques can also be classified with respect to the extraction process
1048766 Cover Escrow methods need both the original piece of information and the encoded one in
order to extract the embedded data
1048766 Blind or Oblivious schemes can recover the hidden message by means only of the encoded
data
Steganography has developed a lot in recent years because digital techniques allow new
ways of hiding informations inside other informations and this can be valuable in a lot of
situations The first to employ hidden communications techniques -with radio transmissions
were the armies because of the strategic importance of secure communication and the need
to conceal the source as much as possible Nowadays new constraints in using strong
encryption for messages are added by international laws so if two peers want to use it they
can resort in hiding the communication into casual looking data This problem has become
1
more and more important just in these days after the international Wassenaar agreement
with which around thirty of the major - with respect to technology - countries in the world
decided to apply restrictions in cryptography export similar to the USrsquos onesAnother
application of steganography is the protection of sensitive data A file system can be hidden
in random looking files in a hard disk needing a key to extract the original files This can
protect from physical attacks to people in order to get their passwords because maybe the
attacker canrsquot even know that some files are in that disk The major concern of steganography
is stealth because if an attacker either passive or active can detect the presence of the
message from that point he can try to extract it and if encrypted to decrypt it The resistance
to attempt at destruction or noise is not required since we consider the sender and the
receiver equally interested in exchanging messages so that they will try to transmit the stego-
medium in the best way they can If the stego-data can be transmitted over the selected
channel and this is usually the case with all the media that are used like images or sounds
then the embedded data will be preserved along with them Thus data hiding techniques for
steganography must focus on the maximum strength against detection and extraction As a
second request we would prefer a high data rate because we will usually want to be able to
exchange any amount of data from simple messages to top secret images
2STEGANOGRAPHY AND CRYPTOGRAPHY
Cryptography is the study of hiding information and it is used when communicating over an
untrusted medium such as internet where information needs to be protected from other third
parties Modern cryptography focuses on developing cryptographic algorithms that are hard
to break by an adversary due to the computational hardness therefore could not be broken by
a practical means In the modern cryptography there are three types of cryptographic
algorithms used called Symmetric key cryptography Public-key cryptography and hash
functions Symmetric key cryptography involves encryption methods where both the sender
and the receiver share the same key used to encrypt the data In Public-key cryptography two
different but mathematically related keys are used Hash functions does not use a key instead
they compute a fixed length hash value from the data It is impossible to recover the length or
the original plain text from this hash value
The study of hiding information is called Cryptography When communicating over an
untrusted medium such as internet it is very important to protect information and
2
Cryptography plays an important role in this Today cryptography uses principles from
several disciplines such as mathematics computer science etc Steganography deals with
composing hidden messages so that only the sender and the receiver know that the message
even exists Since nobody except the sender and the receiver knows the existence of the
message it does not attract unwanted attention
Fig Steganographic model
FigSymmetric-key cryptographic model
3
Fig Unifying model
Steganography deals with composing hidden messages so that only the sender and the
receiver know that the message even exists Since nobody except the sender and the receiver
knows the existence of the message it does not attract unwanted attention Steganography
was used even in ancient times and these ancient methods are called Physical Steganography
Some examples for these methods are messages hidden in messages body messages written
in secret inks messages written on envelopes in areas covered by stamps etc Modern
Steganography methods are called Digital Steganography These modern methods include
hiding messages within noisy images embedding a message within random data embedding
pictures with the message within video files etc Furthermore Network Steganography is
used in telecommunication networks This includes techniques like Steganophony (hiding a
message in Voice-over-IP conversations) and WLAN Steganography (methods for
transmitting Steganograms in Wireless Local Area Networks) there are three types of
cryptographic algorithms used called Symmetric key cryptography Public-key cryptography
and hash functions Symmetric key cryptography involves encryption methods where both
the sender and the receiver share the same key used to encrypt the data
4
Fig Mapping between model components
Steganography and cryptography are cousins in spy-craft family Cryptography scrambles a
message so it cannot be understood Steganography hides the message so it cannot be seen A
message in cipher text for instance might arouse suspicion on the part of the recipient while
an ldquoinvisiblerdquo message created with steganographic methods will not
In this way we can say that steganography completes cryptography and actually there are
usually two ciphers to break when trying to extract the embedded message one is the one
with which the message was embedded and the other is the one with which the message was
enciphered
Cryptography is the study of hiding information while Steganography deals with composing
hidden messages so that only the sender and the receiver know that the message even exists
In Steganography only the sender and the receiver know the existence of the message
whereas in cryptography the existence of the encrypted message is visible to the world Due
to this Steganography removes the unwanted attention coming to the hidden message
Cryptographic methods try to protect the content of a message while Steganography uses
methods that would hide both the message as well as the content By combining
Steganography and Cryptography one can achieve better security The major concern of
steganography is stealth because if an attacker either passive or active can detect the
presence of the message from that point he can try to extract it and if encrypted to decrypt
it The resistance to attempt at destruction or noise is not required since we consider the
5
sender and the receiver equally interested in exchanging messages so that they will try to
transmit the stego-medium in the best way they can If the stego-data can be transmitted over
the selected channel and this is usually the case with all the media that are used like images
or sounds then the embedded data will be preserved along with them
3Image based steganography
Embedding a message into an image requires two files The first is the innocent-looking
image that will hold the hidden information called the cover image The second file is the
messagemdashthe information to be hidden A message may be plain-text cipher-text other
images or anything that can be embedded in a bit stream When combined the cover image
and the embedded message make a stegoimage A stego-key (a type of password) may also
be used to hide then later decode the message Most steganography software recommends the
use of lossless 24-bit images such as BMP The next-best alternative to 24-bit images is 256-
coloror gray-scale images The most common of these are GIF files
Steganographic systems uses images as cover media because people often transmit digital
pictures over email and other Internet communication (egeBay)Moreoverafter
digitalizationimages contain the so-called quantization noise which provides space to embed
data (Westfeld and Pfitzmann 1999) In this article we will concentrate only on images as
carrier media
The modern formulation of steganography is often given in terms of the prisonersrsquo problem
(Simmons 1984 Kharrazi et al 2004) where Alice and Bob are two inmates who wish to
communicate in order to hatch an escape plan However all communication between them is
examined by the warden Wendy who will put them in solitary confinement at the slightest
suspicion of covert communication
Steganography was used even in ancient times and these ancient methods are called Physical
Steganography Some examples for these methods are messages hidden in messages body
messages written in secret inks messages written on envelopes in areas covered by stamps etc
Modern Steganography methods are called Digital Steganography
Specifically in the general model for steganography we have Alice (the sender) wishing to
send a secret message M to Bob (the receiver) in order to do this Alice chooses a cover
image CThe steganographic algorithm identifies Crsquos redundant bits (ie those that can be
modified without arising Wendyrsquos suspicion) then the embedding process creates a stego
6
image S by replacing these redundant bits with data from M S is transmitted over a public
channel (monitored by Wendy) and is received by Bob only if Wendy has no suspicion on it
Once Bob recovers S he can get M through the extracting process
Fig ISC embedded process
The embedding process represents the critical task for a steganographic system since S must
be as similar as possible to C for avoidingWendyrsquos intervention (Wendy acts for the
eavesdropper) Least significant bit (LSB) insertion is a common and simple approach to
embed information in a cover file it overwrites the LSB of a pixel with anMrsquos bit
Fig ISC extracting process
7
Unfortunately modifying the cover image changes its statistical properties so eavesdroppers
can detect the distortions in the resulting stego imagersquos statistical properties In fact the
embedding of high-entropy data (often due to encryption) changes the histogram of colour
frequencies in a predictable way (Provos and Honeyman 2003 Westfeld and Pfitzmann
1999) Westfeld (Westfeld 2001) proposed F5 an algorithm that does not overwrite LSB and
preserves the stego imagersquos statistical properties (see Sect 52) Since standard
steganographic systems do not provide strong message encryption they recommend to
encrypt M before embedding Because of this we have always to deal with a two-steps
protocol first we must cipher M (obtaining Mrsquo) and then we can embeded M in C
Figure shows the result of such comparison obtained using a JPEG cover set Cset of 20
images (1024 x 768 average size 330 KB) In every image of Cset we have embedded a
canto from Dantersquos Divina Commedia (about 5 KB for each canto) with a JPEG quality
factor set to 80 Only for ISC we also used the images of Cset as key images The mean
difference (in percentage) for every AC coefficient in the interval [minus88] is shown on the
yaxis in Fig 7 in particular the black columns represent the differences introduced by F5
embedding step while the white ones correspond to the number of modifications yielded by
ISC embedding process As one can notice the respective difference values are comparable
Em1 is a simplified version of ISC because actually ISC spreads M over the entire stego
image yielding the same embedding density everywhere In doing this ISC neither uses
permutative straddling nor matrix encoding but simply divides the nonzero coefficients array
in blocks of the same length If necessary only one of the coefficients in each block is
modified Furthermore ISC presents an on-line mechanism for correcting the statistical
deviations created by the embedding step If the message length is sufficiently short (ie it is
less than the number of AC nonzero coefficients) ISC transforms useless coefficients in
order to restore the original statistical properties characterizing the cover medium
As an example if ISC transforms an AC coefficient from -1 into -2 when it encounters the
first unused -2 it transforms this value in -1 in order to reequilibrate the histogram Naturally
the more information we embed in the cover image the less ISC can correct the introduced
modifications If we choose a 24-bit image as cover we can store 3 bits in each pixel To the
human eye the resulting stego image will look identical to the cover image (Johnson and
Jajodia 1998)
8
Fig ISC technique
In the next sections we will present a new all-in one method able to perform steganography
providing strong encryption at the same time Our method has been planned either to work
with bit streams scattered over multiple images (in an online way of functioning) or to work
with still images it yields random outputs in order to make steganalysis more difficult and it
can cipher M in a theoretically secure manner preserving the stego imagersquos statistical
propertiesThe simplicity of our method gives the possibility of using it in real-time
applications such as mobile video communication
4Some history
The first description of the use of steganography dates back to the Greeks Herodotus tells
how a message was passed to the Greeks about Xersesrsquo hostile intentions underneath the wax
of a writing tablet and describes a technique of dotting successive letters in a cover text with
a secret ink due to Aeneas the Tactician Pirate legends tell of the practice of tattooing secret
information such as a map on the head of someone so that the hair would conceal it
Steganography is the art and science of writing hidden messages in such a way that no one
apart from the sender and intended recipient suspects the existence of the message a form of
security through obscurity The word steganography is of Greek origin and means concealed
writing from the Greek words steganos meaning covered or protected and graphei
9
(γραφή) meaning writing The first recorded use of the term was in 1499 by Johannes
Trithemius in his Steganographia a treatise on cryptography and steganography disguised as
a book on magic Generally messages will appear to be something else images articles
shopping lists or some other covertext and classically the hidden message may be in
invisible ink between the visible lines of a private letter
The advantage of steganography over cryptography alone is that messages do not attract
attention to themselves Plainly visible encrypted messagesmdashno matter how unbreakablemdash
will arouse suspicion and may in themselves be incriminating in countries where encryption
is illegal[1] Therefore whereas cryptography protects the contents of a message
steganography can be said to protect both messages and communicating parties
Steganography includes the concealment of information within computer files In digital
steganography electronic communications may include steganographic coding inside of a
transport layer such as a document file image file program or protocol Media files are ideal
for steganographic transmission because of their large size As a simple example a sender
might start with an innocuous image file and adjust the color of every 100th pixel to
correspond to a letter in the alphabet a change so subtle that someone not specifically
looking for it is unlikely to notice it
Kahn tells of a trick used in China of embedding a code ideogram at a prearranged position in
a dispatch a similar idea led to the grille system used in medieval Europe where a wooden
template would be placed over a seemingly innocuous text highlighting an embedded secret
message Invisible ink offered a common form of invisible writing
Early in WWII steganographic technology consisted almost exclusively of these inks With
invisible ink a seemingly innocent letter could contain a very different message written
between the lines During WWII the grille spies used method or some variants In the same
period the Germans developed microdot technology which prints a clear good quality
photograph shrinking it to the size of a dot During the Cold War period USSR and US
wanted to hide their sensors in the enemyrsquos facilities These devices had to send data to their
nations without being spotted
5SOME DEFINITIONS
We give some definitions common to the steganography field
10
Cover medium This is the medium in which we want to hide data it can be an innocent
looking piece of information for steganography or some important medium that must be
protected for copyright or integrity reasons
Embedded message This is the hidden message we want to put in the cover It can be some
data for steganography and some copyright informations or added content for digital
watermarking
Stegokey This is represented by some secret information which is needed in order to extract
the embedded message from the stegomedium
Stego-medium This is the final piece of information that the casual observer can see
We can define this simple formula
Cover-medium + embedded-message = stego-message
6BASIC METHOD BEHIND STEGANOGRAPHY
FigSteganography process
7IMAGE FILES
To a computer an image is an array of numbers that represent an array of numbers that
represent light intensities at various points or pixels These pixels make up the imagersquos raster
data A common image size is 640 480 and 256 colors (or 8 bits per pixel) Such an image
could contain about 300 kb of data Digital images are typically stored as either 24-bit or 8-
11
bit files A 24-bit image provides the most space for hiding information however it can be
quite large except for the JPEG images A 24-bit image of 1024 pixels width and 768 pixels
height has more than two million pixels each having 24-bits which would produce a file
exceeding 2 Mega bytes Such a file would attract attention during transmission File
compression would thus be beneficial if not necessary to transmit such a file
71File compression
There are two types of file compression methods- lossless and lossy Both methods save
storage space but have different results interfering with the hidden information when
information is uncompressed Lossless compression lets us reconstruct the original message
exactly therefore it is preferred when the original information must remain intact (as with
steganographic images) Lossless compression as typical of images saved as GIF and 8-bit
BMP Lossless compression on the other hand saves space but may not maintain the original
imagersquos integrity This method typifies images saved as JPEG Due to the lossy compression
algorithm which we discuss later the JPEG formats provide close approximations to high-
quality digital photographs but not an exact duplicate Hence the term ldquolossy compressionrdquo
72Embedding data
Embedding data which is to be hidden into an image requires two files The first is the
innocent looking image that will hold the hidden information called the cover image The
second file is the message- the information to be hidden A message may be plain text cipher
text other images or anything that can be embedded in a bit stream when combined the
cover image and the embedded message make a stego- image A stego-key (a type of
password) may also be used to hide and then later decode the message
Most steganographic software neither supports not recommends using JPEG images But
recommends instead the use of lossless 24-bit images such as BMP The next best alternative
to 24-bit images is 256- color or gray scale images The most common of these found on the
Internet are GIF files
Every AC coefficient in the interval [minus88] is shown on the yaxis in Fig 7 in particular the
black columns represent the differences introduced by F5 embedding step while the white
ones correspond to the number of modifications yielded by ISC embedding process
12
Fig ISC for JPEG sequence(Embedded step)
FigISC for JPEG sequence(Extracting step)
In 8-bit color images such as GIF files each pixel is represented by a single byte and each
pixel nearly points to a color index able (a palette) with 256 possible colors The pixels value
is between 0 and 255 The software simply paints the indicated color on the screen at the
selected pixel position
Many steganography experts recommend the use of images featuring 256 shades of grapy
Gray scale images are preferred because the shades change very gradually from byte to byte
and the less the value changes between palette entries the better they can hide information
13
When considering an image in which to hide information you must consider the image as
well as the palette Obviously an image with large areas of solid colors is a poor choice as
variances created from the embedded massage will be noticeable in the solid areas
73 Data embedded security system
The choice of embedding algorithm in the most cases is driven by the results of the
steganographic channel robustness analysis One of the areas that improves steganographic
robustness is usage of a key scheme for embedding messagesVarious key steganographic
schemes have various levels of protection Key scheme term means a procedure of how to use
key steganographic system based on the extent of its use However when the steganographic
robustness is increased a bandwidth of the whole embedding system is decreased Therefore
the task of a scheme selection for achieving the optimal values of the steganographic system
is not trivial
Embedding messages in steganographic system can be carried out without use of a key or
with use of a key To improve steganographic robustness key can be used as a verification
option It can make an impact on the distribution of bits of a message within a container as
well as an impact on the procedure of forming a sequence of embedded bits of a message
The first level of protection is determined only by the choice of embedding algorithm This
may be the least significant bits modification algorithm or algorithms for modifying the
frequency or spatial-temporal characteristics of the container The first level of protection is
presented in any steganographic channel Steganographic system in this case can be
represented as shown at The First Protection Level Scheme figure There following notations
are used c - is a container file F - steganographic channel space (frequency orand amplitude
container part that is available for steganographic modification and message signal
transmission) SC - steganographic system m - message to be embedded E - embedding
method ĉ - modified container file
The second protection level of the steganographic system as well as all levels of protection
of the higher orders is characterized by the use of Key (password) via steganographic
modification An example of a simple key scheme which provides a second level of
protection is to write the unmodified or modified password in the top or bottom of the
message or the distribution of the password sign on the entire length of the steganographic
channel Such key schemes do not affect the distribution of messages through the container
and do not use a message preprocessing according to the defined key (see figure The Second
14
Protection Level Scheme) This kind of steganographic systems are used in such tasks as for
instance adding a digital signature for proof of copyright Data embedding performance is
not changed in comparison with the fastest approach of the first protection level usage
Steganographic data channels that use key schemes based distribution of a message through
the container and or preprocessing of an embedded message for data hiding are more secure
When the third protection level key scheme is used it affects the distribution of a message
through the container (see figure The Third Protection Level Scheme where F(P L) ndash
distribution function of a message within a container P ndash minimum number of container
samples that are needed to embed one message sample L ndash step of a message distribution
within a container) Accordingly the performance of container processing will be lower than
in the case of the first and the second key schemes Taking into account that PgeL the
simplest representation of the F(P L) function could be as following
F(P L) = cycleL + stepP
where cycle is a number of the current L section and step is a number of the embedded
message sample
The difference between the fourth protection level scheme and the third one is that in
steganographic system there are two distribution functions of a message within a container
are used The first is responsible for a message samples selection according to some function
G(Q N) and the second function F(P L) is responsible for position selection in a container
for message sample hiding Here Q ndash the size of message block to be inserted N ndash the size (in
bits) of one sample of the message file (see figure The Fourth Protection Level Scheme)
8CONCEALMENT IN DIGITAL IMAGES
Information can be hidden many different ways in images To hide information straight
message insertion may encode every bit of information in the message or selectively embed
the message in ldquonoisyrdquo areas that draw less attention- those areas where there is a great deal
of natural color variation The message may also be scattered randomly throughout the
image Redundant pattern encoding ldquowallpapersrdquo the cover image with the message
Image based Steganography is the most popular method for message concealment In this
paper two techniques are proposed for enhancing the message secrecy using image based
steganography The first technique is based on the use of punctuation marks to encode a
secret message before embedding it into the image file The second technique is based on the
15
use of modified scytale cipher to hide a secret message in an image file Both of these
techniques have been implemented and tested using the S-Tools software package The
original and stego-images both are shown for the purpose of comparison
A number of ways exist to hide information in digital images Common approaches include
1048766 Least significant bit (LSB) insertion
1048766 Masking and filtering
1048766 Algorithms and transformations
81Least significant bit insertion
Least significant Bit insertion is a common simple approach to embedding information in a
cover file To hide an image in the LSBs of each byte of a 24-bit image you can store 3 bits
in each pixel A 1024 768 image has the potential to hide a total of 2359296 bits of
information Ti you compress the message to be hidden before you embed it you can hide a
large amount of information To the human eye the resulting stego-image will look identical
to the cover image
82Masking and Filtering
Masking and filtering techniques usually restricted to 24-bit and tray-scale images hide
information by marking an image in a manner similar to paper watermarks Watermarking
techniques may be applied without fear of image destruction due to lossy compression
because they are more integrated into the image
Visible watermarks are not steganography by definition The difference is primarily one of
intent Traditional steganography conceals information watermarks extend information and
become an attribute of the cover image Digital watermarks may include such information as
copyright ownership or license In steganography the object of communication is the hidden
message In digital watermarking the object of communication is the cover
To create a watermarked image we increase the luminance of the masked area by 15
percent If we were to change the luminance by a smaller percentage the mask would be
undetected by the human eye Now we can use the watermarked image to hide plaintext or
encoded information
Masking is more robust than LSB insertion with respect to compression cropping and some
image processing Masking techniques embed information in more significant areas so that
16
the hidden message is more integral to the cover image than just hiding it in the ldquonoiserdquo level
This makes it more suitable than LSB with lossy JPEG images
83Algorithms and Transformations
LSB manipulation is a quick and easy way to hide information but is vulnerable to small
changes resulting from image processing or lossy compression Such compression is a key
advantage that JPEG images have over other formats High quality images can be stored in
relatively small files using JPEG compression method
One steganographic method that integrates the compression algorithm for hiding the
information is Jpeg-Jsteg Jpeg-Jsteg creates a JPEG stego image from the input of a message
to be hidden and a lossless cover mage
Another method used in Patchwork and similar techniques is the redundant pattern encoding
Here the hidden information is scattered throughout the cover mage These approaches may
help protect against image processing such as cropping and rotations and they hide
information more thoroughly than by simply masking They also support image manipulation
more readily than tools that rely on LSB In using redundant pattern encoding you must trade
off message size against robustness A large message may be embedded only once because it
would occupy a much greater portion of the image area
Other techniques encrypt and scatter the hidden data throughout an image Scattering the
message makes it appear more like noise Proponents of this approach assume that even if the
message bits are extracted they will be useless without the algorithm and stego-key to
decode them Scattering and encryption helps protect against hidden message extraction but
not against message destruction through image processing A scattered message in the
imagersquos LSBs is still as vulnerable to destruction from lossy compression and image
processing as is a clear text message inserted in the LSBs
84 Countermeasures and detection
Detection of physical steganography requires careful physical examination including the use
of magnification developer chemicals and ultraviolet light It is a time-consuming process
with obvious resource implications even in countries where large numbers of people are
employed to spy on their fellow nationals However it is feasible to screen mail of certain
suspected individuals or institutions such as prisons or prisoner-of-war (POW) camps
During World War II a technology used to ease monitoring of POW mail was specially
17
treated paper that would reveal invisible ink An article in the June 24 1948 issue of Paper
Trade Journal by the Technical Director of the United States Government Printing Office
Morris S Kantrowitz describes in general terms the development of this paper three
prototypes of which were named Sensicoat Anilith and Coatalith paper These were for the
manufacture of post cards and stationery to be given to German prisoners of war in the US
and Canada If POWs tried to write a hidden message the special paper would render it
visible At least two US patents were granted related to this technology one to Mr
Kantrowitz No 2515232 Water-Detecting paper and Water-Detecting Coating
Composition Therefor patented July 18 1950 and an earlier one Moisture-Sensitive Paper
and the Manufacture Thereof No 2445586 patented July 20 1948 A similar strategy is to
issue prisoners with writing paper ruled with a water-soluble ink that runs when in contact
with a water-based invisible ink
In computing detection of steganographically encoded packages is called steganalysis The
simplest method to detect modified files however is to compare them to known originals
For example to detect information being moved through the graphics on a website an analyst
can maintain known-clean copies of these materials and compare them against the current
contents of the site The differences assuming the carrier is the same will compose the
payload In general using extremely high compression rate makes steganography difficult
but not impossible While compression errors provide a hiding place for data high
compression reduces the amount of data available to hide the payload in raising the encoding
density and facilitating easier detection (in the extreme case even by casual observation)
9 LEAST SIGNIFICANT BIT (LSB) INSERTION
91Technique basics
Today when converting an analog image to digital format we usually choose between three
different ways of representing colors
1048766 24-bit color every pixel can have one in 2^24 colors and these are represented as different
quantities of three basic colors red (R) green (G) blue (B) given by 8 bits (256 values)
each
18
1048766 8-bit color every pixel can have one in 256 (2^8) colors chosen from a palette or a table
of colors
1048766 8-bit gray-scale every pixel can have one in 256 (2^8) shades of gray
LSB insertion modifies the LSBs of each color in 24-bit images or the LSBs of the 8-bit
value for 8-bit images
92Data Rate
The most basic of LSBs insertion for 24-bit pictures inserts 3 bitspixel Since every pixel is
24 bits we can hide
3 hidden-bitspixel 24 data-bitspixel = 18 hidden-bitsdatabits
So for this case we hide 1 bit of the embedded message for every 8 bits of the cover image If
we pushed the insertion to include the second LSBs the formula would change to
6 hidden-bitspixel 24 data-bitspixel = 28 hidden-bitsdatabits
And we would hide 2 bits of the embedded message for every 8 bits of the cover image
Adding a third-bit insertion we would get
9 hidden-bitspixel 24 data-bitspixel = 38 hidden-bitsdatabits
Acquiring a data rate of 3 embedded bits every 8 bits of the image The data rate for insertion
in 8-bit images is analogous to the 1 LSB insertion in 24-bit images or 1 embedded bit every
8 cover bits We can see the problem in another light and ask how many cover bytes are
needed to send an embedded byte
For 1-LSB insertion in 24-bit images or in 8-bit images this value would be 818 = 8 Bytes
For 2-LSBs insertion in 24-bit pictures it would be 828 = 4 Bytes for 3-LSBs insertion it
would be 838 = 2133 Bytes
93Robustness
LSB insertion is very vulnerable to a lot of transformationseven the most harmless and usual
ones Lossy compression eg JPEG is very likely to destroy it completely The problem is
that the holes in the Human Visual System that LSB insertion tries to exploit ndash little
sensitivity to added noise - are the same that lossy compression algorithms rely on to be able
to reduce the data rate of images
19
Geometrical transformations moving the pixels around and especially message and the only
one that could allow recovery is a simple translation Any other kind of picture
transformation like blurring or other effects usually will destroy the hidden data All in all
LSB insertion is a very little robust technique for data hiding displacing them from the
original grid are likely to destroy the embedded
94Ease of detectionextraction
There is no theoretical outstanding mark of LSB insertion if not a little increase of
background noise Itrsquos very easy instead to extract LSBs even with simple programs and to
check them later to find if they mean something or not
95Suitability for steganography or watermarking
First of all since it is a so vulnerable technique even for simple processing LSB insertion is
almost useless for digital watermarking where it must face malicious attempts at its
destruction plus normal transformations like compressiondecompression or conversion to
analog (printing or visualization)conversion to digital (scanning) Its comparatively high data
rate can point it as a good technique for steganography where robustness is not such an
important constraint
96Problems and possible solutions
Having stated that LSB insertion is good for steganography we can try to improve one of its
major drawbacks the ease of extraction We donrsquot want that a malicious attacker be able to
read everything we are sending
This is usually accomplished with two complementary techniques
Encryption of the message so that who extracts it must also decrypt it before it makes
sense
Randomizing the placement of the bits using a cryptographical random function
(scattering) so that itrsquos almost impossible to rebuild the message without knowing the
seed for the random function
In this way the message is protected by two different keys acquiring much more
confidentiality than before This approach protects also the integrity of the message being
much more difficult (we could say at least computationally infeasible) to counterfeit the
message
20
Anyway since we donrsquot want our message to be only an encrypted and scrambled message
we must go back to the purpose of making the communication hidden
The two most important issues in this problem are
The choice of images
The choice of the format (24-bit or 8-bit compressed or not)
The cover image first of all must seem casual so it must be chosen between a set of subjects
that can have a reason to be exchanged between the source and the receiver Then it must
have quite varying colors it must be noisy so that the added noise is going to be covered
by the already present one Wide solid-color areas imagnify very much any little amount of
noise added to them Second there is a problem with the file size which involves the choice
of the format Unusually big files exchanged between two peers in fact are likely to arise
suspicion
To solve this problem it has been studied a modification to the JPEG algorithm that inserts
LSBs in some of the lossless stages or pilots the rounding of the coefficients of the DCT used
to compress the image to encode the bits Since we need to have small image file sizes we
should resort in using 8-bit images if we want to communicate using LSB insertion because
their size is more likely to be considered as normal
The problem with 256 colors images is that they make use of an indexed palette and
changing a LSB means that we switch a pixel from a position to an adjacent one If there are
adjacent contrasting colors in the palette it can happen that a pixel in the image changes its
color abruptly and the hidden message becomes visible
To solve this problem different methods have been studied like rearranging the palette so
that adjacent colors donrsquot contrast so much or even reducing the palette to a smaller number
of colors and replicating the same entry in the table in adjacent positions so that the
difference after the embedding of the message is not visible at all
Moreover for most images the reduction of colors from for instance 256 to 32 is hardly
visible Most of the experts anyway advise to use 8-bit grayscale images since their palette
is much less varying than the color one so LSB insertion is going to be very hard to detect by
the human eye
21
10SSIS - SPREAD SPECTRUM IMAGE STEGANOGRAPHY
Techniques of error-control coding image restoration and those similar to spread spectrum
communication are combined within the SSIS system The fundamental concept is the
embedding of the hidden information within noise which is then added to a digital cover
image This noise is typical of the noise inherent to the image acquisition process and if kept
at low levels is not perceptible to the human eye or by computer analysis without access to
the original image To successfully decode the message image restoration techniques and
error-control coding are employed Image restoration is used to obtain an approximate
estimate of the original cover image from the stegoimage This promotes the estimation of the
embedded signal that was added to the cover in addition to allowing SSIS to be a blind
steganography scheme
Finally because the noise is of low power and the restoration process is not perfect the
estimation of the embedded signal is poor resulting in an embedded signal bit error rate
(BER) that is rather high To compensate the message signal is processed by a low-rate
error-correcting code before embedding This conglomeration of communication and image
processing techniques provides a method of reliable blind image steganography
The major processes of the stegosystem encoder are portrayed Within the system the
message is optionally encrypted with key 1 and then encoded via a low-rate
errorcorrectingcode producing the encoded message Thesender enters key 2 into a wideband
pseudorandom noise generator producing a real-valued noise sequence sequently the
modulation scheme is used to combine the message with the noise sequence thereby
composing the embedded signal which is then input into an interleaver using key 3 This
signal is now added with the cover image to produce the stegoimage which is appropriately
quantized and clipped to preserve the initial dynamic range of the cover image The
stegoimage is then transmitted in some manner to the recipient At the receiver the
stegoimage is received by the recipient who maintains the same keys as the sender uses the
stegosystem decoder to extract the hidden information The decoder uses image restoration
techniques to produce an estimate of the original cover image from the received
stegoimage The difference between and
is fed into a keyed deinterleaver to construct an estimate of the embedded signal With key
2 the noise sequence is regenerated the encoded message is then demodulated and an
estimate of the encoded message is constructed The estimate of the message is then
22
decoded via the low-rate errorcontrol decoder optionally decrypted using key 1 and revealed
to the recipient
The interleaver in this scheme which reorders the embedded signal before it is added to the
cover image serves a dual function The first is to prevent a group or burst of errors This
allows the errors to occur almost independently within a codeword thus giving the error-
correcting code an equal chance at correcting the errors in all codewords Second since the
interleaver requires a key to stipulate the interleaving algorithm this key can serve as another
level of security to establish the proper order of the embedded signal before decoding
We point out this technique as an example for spread spectrum data-hiding methods Spread
spectrum techniques are now widely used in military radio communications due to their very
high robustness to detection and extraction SSIS is a quite mature process and its aim is to
achieve low detectability ease of extraction high data rate and good robustness to removal It
is based on spread spectrum techniques but it enhances them by adding other encoding steps
FigSSIS encoder
23
FigSSIS decoder
101Technique basics
The core of SSIS is a spread spectrum encoder These devices work by modulating a narrow
band signal over a carrier The carrierrsquos frequency is continually shifted using a
pseudorandom noise generator fed with a secret key In this way the spectral energy of the
signal is spread over a wide band thus decreasing its density usually under the noise level
To extract the embedded message the receiver must use the same key and noise generator to
tune on the right frequencies and demodulate the original signal A casual observer wonrsquot be
able even to detect the hidden communication since it is under the noise level
102Data Rate
The data rate for this technique can be fairly high but it depends on the choices made for the
different parameters of the encoding We can assume that the message will be compressed
before embedding to allow for a higher capacity The ECC encoder instead is going to insert
redundant data into the stream to be able to correct the errors The more errors we want to
correct the more bits will be added Then we have a tradeoff between good retrieval and
capacity If we can allow for small glitches in the recovered message then we can use a
weaker encoding
Moreover the more data we want to insert in the image the more noise we are going to add
to it Then if our cover is not noisy we will be able to hide very little data while if we
choose a noisy one its capacity will be higher Experiments with 512x512 grey scale images
(256 KB) could embed from 500 bytes to 5KB depending on the cover These experiments
used a spread spectrum signal powerful enough to give almost total error-free retrieval
because the compression method adopted didnrsquot allow for any errors This means a data rate
24
varying from 1 hidden-bytes50 cover-bytes to 10 hiddenbytes 50 cover-bytes a rate
surpassed only by LSB insertion
103Robustness
Spread spectrum techniques are usually quite robust Every transformation that adds noise to
the image isnrsquot able to destroy the message Anyway a determined attacker can quite easily
compromise the embedded data using some digital processing like for examplenoise
reduction filters the same that are used in decoding to estimate the original cover
104Ease of detectionextraction
Spread spectrum encoding is widely used in military communications for its robustness
against detection An attacker canrsquot usually even know if the message was embedded and
anyway it will be very hard for him to extract it without knowing the right key2 and key3
105Suitability for steganography or watermarking
Due to its fairly high capacity and low ease of detection and extraction SISS is very good for
steganography
106Problems and possible solutions
The basic tradeoff in using SSIS is between the error rate we can afford and the amount of
informations we want to embed that varies in turn the power of the added noise The ECC is
used to allow for a lower power without increasing the Bit Error Rate as well
Further improvements will deal with improving the original cover estimate stage so that itrsquoll
lead to a lower Bit Error Rate in the recovered signal allowing to use less redundant ECCs
The first is redundant encoding by dividing the cover into blocks and embedding the same
message in each of them so that the hidden data can be extracted even from a part of the
image as big as one block but the more of it we have the more certain we can be about the
result
Moreover they added to the spectrum a template that can through a log-polar transform
applied to the spectrum of the stegoimage determine the original scale factor and orientation
of the image rendering the stego-message virtually immune to scaling and rotation Finally
spread spectrum techniques can add an adaptive perceptual masking filter before the insertion
of the signal so that the added noise is quite sure to be under perceptual limits This
25
however will increase the error rate in the retrieval because it reduces the power of the
embedded signal
11Applications of Steganography
Steganography is applicable to but not limited to the following areas
1) Confidential communication and secret data storing
2) Protection of data alteration
3) Access control system for digital content distribution
4) Media Database systems
The area differs in what feature of the steganography is utilized in each system
111 Confidential communication and secret data storing
The secrecy of the embedded data is essential in this areaHistorically steganography have
been approached in this area Steganography provides us with
(A) Potential capability to hide the existence of confidential data
(B) Hardness of detecting the hidden (ie embedded) data
(C) Strengthening of the secrecy of the encrypted data
In practice when you use some steganography you must first select a vessel data according
to the size of the embedding data The vessel should be innocuous Then you embed the
confidential data by using an embedding program (which is one component of the
steganography software) together with some key When extracting you (or your party) use an
extracting program (another component) to recover the embedded data by the same key
( common key in terms of cryptography) In this case you need a key negotiation before
you start communication
Attaching a stego file to an e-mail message is the simplest example in this application area
But you and your party must do a sending-and-receiving action that could be noticed by a
third party So e-mailing is not a completely secret communication methodThere is an easy
method that has no key-negotiation We have a model of Anonymous Covert Mailing
System There is some other communication method that uses the Internet Webpage In this
26
method you dont need to send anything to your party and no one can detect your
communication
Each secrecy based application needs an embedding process which leaves the smallest
embedding evidence You may follow the following
(A) Choose a large vessel larger the better compared with the embedding data
(B) Discard the original vessel after embedding
For example in the case of Qtech Hide amp View it leaves some latent embedding evidence
even if the vessel has a very large embedding capacity You are recommended to embed only
25 or less (for PNG BMP output) of the maximum capacity or only 3 of the vessel size
(for JPEG output)
112 Protection of data alteration
We take advantage of the fragility of the embedded data in this application area
The embedded data can rather be fragile than be very robust Actually embedded data are
fragile in most steganography programs Especially Qtech Hide amp View program embeds
data in an extremely fragile manner However this fragility opens a new direction toward an
information-alteration protective system such as a Digital Certificate Document System
The most novel point among others is that no authentication bureau is needed If it is
implemented people can send their digital certificate data to any place in the world through
Internet No one can forge alter nor tamper such certificate data If forged altered or
tampered it is easily detected by the extraction program
Stated somewhat more formally the objective for making steganographic encoding difficult
to detect is to ensure that the changes to the carrier (the original signal) due to the injection of
the payload (the signal to covertly embed) are visually (and ideally statistically) negligible
that is to say the changes are indistinguishable from the noise floor of the carrier Any
medium can be a carrier but media with a large amount of redundant or compressible
information are better suited
From an information theoretical point of view this means that the channel must have more
capacity than the surface signal requires that is there must be redundancy For a digital
image this may be noise from the imaging element for digital audio it may be noise from
recording techniques or amplification equipment In general electronics that digitize an
analog signal suffer from several noise sources such as thermal noise flicker noise and shot
27
noise This noise provides enough variation in the captured digital information that it can be
exploited as a noise cover for hidden data In addition lossy compression schemes (such as
JPEG) always introduce some error into the decompressed data it is possible to exploit this
for steganographic use as well
Steganography can be used for digital watermarking where a message (being simply an
identifier) is hidden in an image so that its source can be tracked or verified (for example
Coded Anti-Piracy) or even just to identify an image (as in the EURion constellation)
113 Access control system for digital content distribution
In this area embedded data is hidden but is explained to publicize the contentToday
digital contents are getting more and more commonly distributed by Internet than ever before
For example music companies release new albums on their Webpage in a free or charged
manner However in this case all the contents are equally distributed to the people who
accessed the page So an ordinary Web distribution scheme is not suited for a case-by-case
and selective distribution Of course it is always possible to attach digital content to e-mail
messages and send to the customers But it will takes a lot of cost in time and labor
If you have some valuable content which you think it is okay to provide others if they really
need it and if it is possible to upload such content on the Web in some covert manner And if
you can issue a special access key to extract the content selectively you will be very happy
about it A steganographic scheme can help realize a this type of system
We have developed a prototype of an Access Control System for digital content
distribution through Internet The following steps explain the scheme
(1) A content owner classify hisher digital contents in a folder-by-folder manner and embed
the whole folders in some large vessel according to a steganographic method using folder
access keys and upload the embedded vessel (stego data) on hisher own Webpage
(2) On that Webpage the owner explains the contents in depth and publicize worldwide The
contact information to the owner (post mail address e-mail address phone number etc) will
be posted there
(3) The owner may receive an access-request from a customer who watched that Webpage In
that case the owner may (or may not) creates an access key and provide it to the customer
(free or charged)
28
In this mechanism the most important point is a selective extraction is possible or notWe
have already developed such a selective extraction program to implement the system
114 Media Database systems
In this application area of steganography secrecy is not important but unifying two types of
data into one is the most importantMedia data (photo picture movie music etc) have some
association with other information A photo picture for instance may have the following
(1) The title of the picture and some physical object information
(2) The date and the time when the picture was taken
(3) The camera and the photographers information
Formerly these are annotated beside the each picture in the albumRecently almost all
cameras are digitalized They are cheap in price easy to use quick to shoot They eventually
made people feel reluctant to work on annotating each picture Now most home PCs are
stuck with the huge amount of photo files In this situation it is very hard to find a specific
shot in the piles of pictures A photo album software may help a little You can sort the
pictures and put a couple of annotation words to each photo When you want to find a
specific picture you can make a search by keywords for the target picture However the
annotation data in such software are not unified with the target pictures Each annotation only
has a link to the picture Therefore when you transfer the pictures to a different album
software all the annotation data are lost
This problem is technically referred to as Metadata (eg annotation data) in a media
database system (a photo album software) are separated from the media data (photo data) in
the database managing system (DBMS) This is a big problem
Steganography can solve this problem because a steganography program unifies two types of
data into one by way of embedding operation So metadata can easily be transferred from
one system to another without hitch Specifically you can embed all your goodbad memory
(of your sight-seeing trip) in each snap shot of the digital photo You can either send the
embedded picture to your friend to extract your memory on hisher PC or you may keep it
silent in your own PC to enjoy extracting the memory ten years after If a motion picture
steganography system has been developed in the near future a keyword based movie-scene
retrieving system will be implemented It will be a step to a semantic movie retrieval system
29
12CONCLUSION
In this paper we tried to give an all-round view of steganography both used to exchange
messages and watermarking First we gave an outline of the problem telling also some of the
history of this quickly developing field Then we showed the different techniques invented
from the simplest to the more complex ones trying to evaluate them under many points of
view Major emphasis was put on data hiding in images for the techniques involved are
usually more mature than the corresponding ones for other kinds of informations Image
encoding algorithms can also be representative for manipulation of other types of media like
voice text binary files binary files communication channels etc
The strength of our system resides in the new concept of key image Involving two images
(the cover and the key) in place of only one (the cover) we are able to change the cover
coefficients randomly This opportunity does not give a steganalytic tool the chance of
searching for a predictable set of modifications The proposed approach has many
applications in hiding and coding messages within standard medias such as images or videos
As future work we intend to study steganalytic techniques for ISC and to extend ISC to
mobile video communication
Then we gave an outline of the problems involved with watermarking a field that has come
into light after the development of broadband worldwide digital networks Steganography and
digital watermarking are undergoing a development process similar to that of encryption
Steganographyrsquos niche in security is to supplement cryptography and not to replace it There
is a continuous invention of new techniques for steganography followed by successful
breakings and new improvements of them
30
13REFERENCES
Neil F Johnson Sushil Jajodia George Mason University Exploring
Steganography Seeing the Unseen IEEE Computers February 1998 pp 26-34
W Bender D Gruhl N Morimoto A Lu Techniques for Data Hiding IBM
Systems Journal Vol 35
Ross Anderson Roger Needham Adi Shamir The Steganographic File System 2nd
Information Hiding Workshop 1998
Ross J Anderson Fabien AP Petitcolas On the limits of steganographyrdquo
W Bender D Gruhl N Morimoto and A Lu ldquoTechniques for data hidingrdquo IBM
Syst J vol 35 1996
I J Cox J Kilian T Leighton and T Shamoon ldquoSecure spread spectrum
watermarking for images audio and videordquo in Proc IEEE Int Conf Image
Processing Lausanne Switzerland Sept 1996 vol 111 pp 243ndash246
D Kahn The CodebreakersmdashThe Story of Secret Writing New York Scribner
1967
F Johnson and S Jajodia ldquoExploring steganography Seeing the unseenrdquo IEEE
Computer Mag pp 26ndash34 Feb 1998
B Pfitzmann ldquoTrials of traced traitorsrdquo in Information Hiding First International
Workshop Lecture Notes in Computer Science R Anderson Ed Berlin Germany
Springer-Verlag 1996 vol 1 pp 49ndash64
J R Smith and B O Comisky ldquoModulation and information hiding in imagesrdquo in
Information Hiding First International Workshop Lecture Notes in Computer
Science R Anderson Ed Berlin Germany Springer-Verlag 1996 vol 1174 pp
207ndash226
L M Marvel and C G Boncelet Jr ldquoCapacity of the additive steganographic
channelrdquo submitted for publication
R van Schyndel A Tirkel and C Osborne ldquoA digital watermarkrdquo in Proc IEEE Int
Conf Image Processing 1994 vol 2 pp 86ndash90
R B Wolfgang and E J Delp ldquoA watermark for digital imagesrdquo in Proc IEEE Int
Conf Image Processing Lausanne Switzerland Sept 1996 vol 111 pp 219ndash222
31
- 84 Countermeasures and detection
- Detection of physical steganography requires careful physical examination including the use of magnification developer chemicals and ultraviolet light It is a time-consuming process with obvious resource implications even in countries where large numbers of people are employed to spy on their fellow nationals However it is feasible to screen mail of certain suspected individuals or institutions such as prisons or prisoner-of-war (POW) camps During World War II a technology used to ease monitoring of POW mail was specially treated paper that would reveal invisible ink An article in the June 24 1948 issue of Paper Trade Journal by the Technical Director of the United States Government Printing Office Morris S Kantrowitz describes in general terms the development of this paper three prototypes of which were named Sensicoat Anilith and Coatalith paper These were for the manufacture of post cards and stationery to be given to German prisoners of war in the US and Canada If POWs tried to write a hidden message the special paper would render it visible At least two US patents were granted related to this technology one to Mr Kantrowitz No 2515232 Water-Detecting paper and Water-Detecting Coating Composition Therefor patented July 18 1950 and an earlier one Moisture-Sensitive Paper and the Manufacture Thereof No 2445586 patented July 20 1948 A similar strategy is to issue prisoners with writing paper ruled with a water-soluble ink that runs when in contact with a water-based invisible ink
-
more and more important just in these days after the international Wassenaar agreement
with which around thirty of the major - with respect to technology - countries in the world
decided to apply restrictions in cryptography export similar to the USrsquos onesAnother
application of steganography is the protection of sensitive data A file system can be hidden
in random looking files in a hard disk needing a key to extract the original files This can
protect from physical attacks to people in order to get their passwords because maybe the
attacker canrsquot even know that some files are in that disk The major concern of steganography
is stealth because if an attacker either passive or active can detect the presence of the
message from that point he can try to extract it and if encrypted to decrypt it The resistance
to attempt at destruction or noise is not required since we consider the sender and the
receiver equally interested in exchanging messages so that they will try to transmit the stego-
medium in the best way they can If the stego-data can be transmitted over the selected
channel and this is usually the case with all the media that are used like images or sounds
then the embedded data will be preserved along with them Thus data hiding techniques for
steganography must focus on the maximum strength against detection and extraction As a
second request we would prefer a high data rate because we will usually want to be able to
exchange any amount of data from simple messages to top secret images
2STEGANOGRAPHY AND CRYPTOGRAPHY
Cryptography is the study of hiding information and it is used when communicating over an
untrusted medium such as internet where information needs to be protected from other third
parties Modern cryptography focuses on developing cryptographic algorithms that are hard
to break by an adversary due to the computational hardness therefore could not be broken by
a practical means In the modern cryptography there are three types of cryptographic
algorithms used called Symmetric key cryptography Public-key cryptography and hash
functions Symmetric key cryptography involves encryption methods where both the sender
and the receiver share the same key used to encrypt the data In Public-key cryptography two
different but mathematically related keys are used Hash functions does not use a key instead
they compute a fixed length hash value from the data It is impossible to recover the length or
the original plain text from this hash value
The study of hiding information is called Cryptography When communicating over an
untrusted medium such as internet it is very important to protect information and
2
Cryptography plays an important role in this Today cryptography uses principles from
several disciplines such as mathematics computer science etc Steganography deals with
composing hidden messages so that only the sender and the receiver know that the message
even exists Since nobody except the sender and the receiver knows the existence of the
message it does not attract unwanted attention
Fig Steganographic model
FigSymmetric-key cryptographic model
3
Fig Unifying model
Steganography deals with composing hidden messages so that only the sender and the
receiver know that the message even exists Since nobody except the sender and the receiver
knows the existence of the message it does not attract unwanted attention Steganography
was used even in ancient times and these ancient methods are called Physical Steganography
Some examples for these methods are messages hidden in messages body messages written
in secret inks messages written on envelopes in areas covered by stamps etc Modern
Steganography methods are called Digital Steganography These modern methods include
hiding messages within noisy images embedding a message within random data embedding
pictures with the message within video files etc Furthermore Network Steganography is
used in telecommunication networks This includes techniques like Steganophony (hiding a
message in Voice-over-IP conversations) and WLAN Steganography (methods for
transmitting Steganograms in Wireless Local Area Networks) there are three types of
cryptographic algorithms used called Symmetric key cryptography Public-key cryptography
and hash functions Symmetric key cryptography involves encryption methods where both
the sender and the receiver share the same key used to encrypt the data
4
Fig Mapping between model components
Steganography and cryptography are cousins in spy-craft family Cryptography scrambles a
message so it cannot be understood Steganography hides the message so it cannot be seen A
message in cipher text for instance might arouse suspicion on the part of the recipient while
an ldquoinvisiblerdquo message created with steganographic methods will not
In this way we can say that steganography completes cryptography and actually there are
usually two ciphers to break when trying to extract the embedded message one is the one
with which the message was embedded and the other is the one with which the message was
enciphered
Cryptography is the study of hiding information while Steganography deals with composing
hidden messages so that only the sender and the receiver know that the message even exists
In Steganography only the sender and the receiver know the existence of the message
whereas in cryptography the existence of the encrypted message is visible to the world Due
to this Steganography removes the unwanted attention coming to the hidden message
Cryptographic methods try to protect the content of a message while Steganography uses
methods that would hide both the message as well as the content By combining
Steganography and Cryptography one can achieve better security The major concern of
steganography is stealth because if an attacker either passive or active can detect the
presence of the message from that point he can try to extract it and if encrypted to decrypt
it The resistance to attempt at destruction or noise is not required since we consider the
5
sender and the receiver equally interested in exchanging messages so that they will try to
transmit the stego-medium in the best way they can If the stego-data can be transmitted over
the selected channel and this is usually the case with all the media that are used like images
or sounds then the embedded data will be preserved along with them
3Image based steganography
Embedding a message into an image requires two files The first is the innocent-looking
image that will hold the hidden information called the cover image The second file is the
messagemdashthe information to be hidden A message may be plain-text cipher-text other
images or anything that can be embedded in a bit stream When combined the cover image
and the embedded message make a stegoimage A stego-key (a type of password) may also
be used to hide then later decode the message Most steganography software recommends the
use of lossless 24-bit images such as BMP The next-best alternative to 24-bit images is 256-
coloror gray-scale images The most common of these are GIF files
Steganographic systems uses images as cover media because people often transmit digital
pictures over email and other Internet communication (egeBay)Moreoverafter
digitalizationimages contain the so-called quantization noise which provides space to embed
data (Westfeld and Pfitzmann 1999) In this article we will concentrate only on images as
carrier media
The modern formulation of steganography is often given in terms of the prisonersrsquo problem
(Simmons 1984 Kharrazi et al 2004) where Alice and Bob are two inmates who wish to
communicate in order to hatch an escape plan However all communication between them is
examined by the warden Wendy who will put them in solitary confinement at the slightest
suspicion of covert communication
Steganography was used even in ancient times and these ancient methods are called Physical
Steganography Some examples for these methods are messages hidden in messages body
messages written in secret inks messages written on envelopes in areas covered by stamps etc
Modern Steganography methods are called Digital Steganography
Specifically in the general model for steganography we have Alice (the sender) wishing to
send a secret message M to Bob (the receiver) in order to do this Alice chooses a cover
image CThe steganographic algorithm identifies Crsquos redundant bits (ie those that can be
modified without arising Wendyrsquos suspicion) then the embedding process creates a stego
6
image S by replacing these redundant bits with data from M S is transmitted over a public
channel (monitored by Wendy) and is received by Bob only if Wendy has no suspicion on it
Once Bob recovers S he can get M through the extracting process
Fig ISC embedded process
The embedding process represents the critical task for a steganographic system since S must
be as similar as possible to C for avoidingWendyrsquos intervention (Wendy acts for the
eavesdropper) Least significant bit (LSB) insertion is a common and simple approach to
embed information in a cover file it overwrites the LSB of a pixel with anMrsquos bit
Fig ISC extracting process
7
Unfortunately modifying the cover image changes its statistical properties so eavesdroppers
can detect the distortions in the resulting stego imagersquos statistical properties In fact the
embedding of high-entropy data (often due to encryption) changes the histogram of colour
frequencies in a predictable way (Provos and Honeyman 2003 Westfeld and Pfitzmann
1999) Westfeld (Westfeld 2001) proposed F5 an algorithm that does not overwrite LSB and
preserves the stego imagersquos statistical properties (see Sect 52) Since standard
steganographic systems do not provide strong message encryption they recommend to
encrypt M before embedding Because of this we have always to deal with a two-steps
protocol first we must cipher M (obtaining Mrsquo) and then we can embeded M in C
Figure shows the result of such comparison obtained using a JPEG cover set Cset of 20
images (1024 x 768 average size 330 KB) In every image of Cset we have embedded a
canto from Dantersquos Divina Commedia (about 5 KB for each canto) with a JPEG quality
factor set to 80 Only for ISC we also used the images of Cset as key images The mean
difference (in percentage) for every AC coefficient in the interval [minus88] is shown on the
yaxis in Fig 7 in particular the black columns represent the differences introduced by F5
embedding step while the white ones correspond to the number of modifications yielded by
ISC embedding process As one can notice the respective difference values are comparable
Em1 is a simplified version of ISC because actually ISC spreads M over the entire stego
image yielding the same embedding density everywhere In doing this ISC neither uses
permutative straddling nor matrix encoding but simply divides the nonzero coefficients array
in blocks of the same length If necessary only one of the coefficients in each block is
modified Furthermore ISC presents an on-line mechanism for correcting the statistical
deviations created by the embedding step If the message length is sufficiently short (ie it is
less than the number of AC nonzero coefficients) ISC transforms useless coefficients in
order to restore the original statistical properties characterizing the cover medium
As an example if ISC transforms an AC coefficient from -1 into -2 when it encounters the
first unused -2 it transforms this value in -1 in order to reequilibrate the histogram Naturally
the more information we embed in the cover image the less ISC can correct the introduced
modifications If we choose a 24-bit image as cover we can store 3 bits in each pixel To the
human eye the resulting stego image will look identical to the cover image (Johnson and
Jajodia 1998)
8
Fig ISC technique
In the next sections we will present a new all-in one method able to perform steganography
providing strong encryption at the same time Our method has been planned either to work
with bit streams scattered over multiple images (in an online way of functioning) or to work
with still images it yields random outputs in order to make steganalysis more difficult and it
can cipher M in a theoretically secure manner preserving the stego imagersquos statistical
propertiesThe simplicity of our method gives the possibility of using it in real-time
applications such as mobile video communication
4Some history
The first description of the use of steganography dates back to the Greeks Herodotus tells
how a message was passed to the Greeks about Xersesrsquo hostile intentions underneath the wax
of a writing tablet and describes a technique of dotting successive letters in a cover text with
a secret ink due to Aeneas the Tactician Pirate legends tell of the practice of tattooing secret
information such as a map on the head of someone so that the hair would conceal it
Steganography is the art and science of writing hidden messages in such a way that no one
apart from the sender and intended recipient suspects the existence of the message a form of
security through obscurity The word steganography is of Greek origin and means concealed
writing from the Greek words steganos meaning covered or protected and graphei
9
(γραφή) meaning writing The first recorded use of the term was in 1499 by Johannes
Trithemius in his Steganographia a treatise on cryptography and steganography disguised as
a book on magic Generally messages will appear to be something else images articles
shopping lists or some other covertext and classically the hidden message may be in
invisible ink between the visible lines of a private letter
The advantage of steganography over cryptography alone is that messages do not attract
attention to themselves Plainly visible encrypted messagesmdashno matter how unbreakablemdash
will arouse suspicion and may in themselves be incriminating in countries where encryption
is illegal[1] Therefore whereas cryptography protects the contents of a message
steganography can be said to protect both messages and communicating parties
Steganography includes the concealment of information within computer files In digital
steganography electronic communications may include steganographic coding inside of a
transport layer such as a document file image file program or protocol Media files are ideal
for steganographic transmission because of their large size As a simple example a sender
might start with an innocuous image file and adjust the color of every 100th pixel to
correspond to a letter in the alphabet a change so subtle that someone not specifically
looking for it is unlikely to notice it
Kahn tells of a trick used in China of embedding a code ideogram at a prearranged position in
a dispatch a similar idea led to the grille system used in medieval Europe where a wooden
template would be placed over a seemingly innocuous text highlighting an embedded secret
message Invisible ink offered a common form of invisible writing
Early in WWII steganographic technology consisted almost exclusively of these inks With
invisible ink a seemingly innocent letter could contain a very different message written
between the lines During WWII the grille spies used method or some variants In the same
period the Germans developed microdot technology which prints a clear good quality
photograph shrinking it to the size of a dot During the Cold War period USSR and US
wanted to hide their sensors in the enemyrsquos facilities These devices had to send data to their
nations without being spotted
5SOME DEFINITIONS
We give some definitions common to the steganography field
10
Cover medium This is the medium in which we want to hide data it can be an innocent
looking piece of information for steganography or some important medium that must be
protected for copyright or integrity reasons
Embedded message This is the hidden message we want to put in the cover It can be some
data for steganography and some copyright informations or added content for digital
watermarking
Stegokey This is represented by some secret information which is needed in order to extract
the embedded message from the stegomedium
Stego-medium This is the final piece of information that the casual observer can see
We can define this simple formula
Cover-medium + embedded-message = stego-message
6BASIC METHOD BEHIND STEGANOGRAPHY
FigSteganography process
7IMAGE FILES
To a computer an image is an array of numbers that represent an array of numbers that
represent light intensities at various points or pixels These pixels make up the imagersquos raster
data A common image size is 640 480 and 256 colors (or 8 bits per pixel) Such an image
could contain about 300 kb of data Digital images are typically stored as either 24-bit or 8-
11
bit files A 24-bit image provides the most space for hiding information however it can be
quite large except for the JPEG images A 24-bit image of 1024 pixels width and 768 pixels
height has more than two million pixels each having 24-bits which would produce a file
exceeding 2 Mega bytes Such a file would attract attention during transmission File
compression would thus be beneficial if not necessary to transmit such a file
71File compression
There are two types of file compression methods- lossless and lossy Both methods save
storage space but have different results interfering with the hidden information when
information is uncompressed Lossless compression lets us reconstruct the original message
exactly therefore it is preferred when the original information must remain intact (as with
steganographic images) Lossless compression as typical of images saved as GIF and 8-bit
BMP Lossless compression on the other hand saves space but may not maintain the original
imagersquos integrity This method typifies images saved as JPEG Due to the lossy compression
algorithm which we discuss later the JPEG formats provide close approximations to high-
quality digital photographs but not an exact duplicate Hence the term ldquolossy compressionrdquo
72Embedding data
Embedding data which is to be hidden into an image requires two files The first is the
innocent looking image that will hold the hidden information called the cover image The
second file is the message- the information to be hidden A message may be plain text cipher
text other images or anything that can be embedded in a bit stream when combined the
cover image and the embedded message make a stego- image A stego-key (a type of
password) may also be used to hide and then later decode the message
Most steganographic software neither supports not recommends using JPEG images But
recommends instead the use of lossless 24-bit images such as BMP The next best alternative
to 24-bit images is 256- color or gray scale images The most common of these found on the
Internet are GIF files
Every AC coefficient in the interval [minus88] is shown on the yaxis in Fig 7 in particular the
black columns represent the differences introduced by F5 embedding step while the white
ones correspond to the number of modifications yielded by ISC embedding process
12
Fig ISC for JPEG sequence(Embedded step)
FigISC for JPEG sequence(Extracting step)
In 8-bit color images such as GIF files each pixel is represented by a single byte and each
pixel nearly points to a color index able (a palette) with 256 possible colors The pixels value
is between 0 and 255 The software simply paints the indicated color on the screen at the
selected pixel position
Many steganography experts recommend the use of images featuring 256 shades of grapy
Gray scale images are preferred because the shades change very gradually from byte to byte
and the less the value changes between palette entries the better they can hide information
13
When considering an image in which to hide information you must consider the image as
well as the palette Obviously an image with large areas of solid colors is a poor choice as
variances created from the embedded massage will be noticeable in the solid areas
73 Data embedded security system
The choice of embedding algorithm in the most cases is driven by the results of the
steganographic channel robustness analysis One of the areas that improves steganographic
robustness is usage of a key scheme for embedding messagesVarious key steganographic
schemes have various levels of protection Key scheme term means a procedure of how to use
key steganographic system based on the extent of its use However when the steganographic
robustness is increased a bandwidth of the whole embedding system is decreased Therefore
the task of a scheme selection for achieving the optimal values of the steganographic system
is not trivial
Embedding messages in steganographic system can be carried out without use of a key or
with use of a key To improve steganographic robustness key can be used as a verification
option It can make an impact on the distribution of bits of a message within a container as
well as an impact on the procedure of forming a sequence of embedded bits of a message
The first level of protection is determined only by the choice of embedding algorithm This
may be the least significant bits modification algorithm or algorithms for modifying the
frequency or spatial-temporal characteristics of the container The first level of protection is
presented in any steganographic channel Steganographic system in this case can be
represented as shown at The First Protection Level Scheme figure There following notations
are used c - is a container file F - steganographic channel space (frequency orand amplitude
container part that is available for steganographic modification and message signal
transmission) SC - steganographic system m - message to be embedded E - embedding
method ĉ - modified container file
The second protection level of the steganographic system as well as all levels of protection
of the higher orders is characterized by the use of Key (password) via steganographic
modification An example of a simple key scheme which provides a second level of
protection is to write the unmodified or modified password in the top or bottom of the
message or the distribution of the password sign on the entire length of the steganographic
channel Such key schemes do not affect the distribution of messages through the container
and do not use a message preprocessing according to the defined key (see figure The Second
14
Protection Level Scheme) This kind of steganographic systems are used in such tasks as for
instance adding a digital signature for proof of copyright Data embedding performance is
not changed in comparison with the fastest approach of the first protection level usage
Steganographic data channels that use key schemes based distribution of a message through
the container and or preprocessing of an embedded message for data hiding are more secure
When the third protection level key scheme is used it affects the distribution of a message
through the container (see figure The Third Protection Level Scheme where F(P L) ndash
distribution function of a message within a container P ndash minimum number of container
samples that are needed to embed one message sample L ndash step of a message distribution
within a container) Accordingly the performance of container processing will be lower than
in the case of the first and the second key schemes Taking into account that PgeL the
simplest representation of the F(P L) function could be as following
F(P L) = cycleL + stepP
where cycle is a number of the current L section and step is a number of the embedded
message sample
The difference between the fourth protection level scheme and the third one is that in
steganographic system there are two distribution functions of a message within a container
are used The first is responsible for a message samples selection according to some function
G(Q N) and the second function F(P L) is responsible for position selection in a container
for message sample hiding Here Q ndash the size of message block to be inserted N ndash the size (in
bits) of one sample of the message file (see figure The Fourth Protection Level Scheme)
8CONCEALMENT IN DIGITAL IMAGES
Information can be hidden many different ways in images To hide information straight
message insertion may encode every bit of information in the message or selectively embed
the message in ldquonoisyrdquo areas that draw less attention- those areas where there is a great deal
of natural color variation The message may also be scattered randomly throughout the
image Redundant pattern encoding ldquowallpapersrdquo the cover image with the message
Image based Steganography is the most popular method for message concealment In this
paper two techniques are proposed for enhancing the message secrecy using image based
steganography The first technique is based on the use of punctuation marks to encode a
secret message before embedding it into the image file The second technique is based on the
15
use of modified scytale cipher to hide a secret message in an image file Both of these
techniques have been implemented and tested using the S-Tools software package The
original and stego-images both are shown for the purpose of comparison
A number of ways exist to hide information in digital images Common approaches include
1048766 Least significant bit (LSB) insertion
1048766 Masking and filtering
1048766 Algorithms and transformations
81Least significant bit insertion
Least significant Bit insertion is a common simple approach to embedding information in a
cover file To hide an image in the LSBs of each byte of a 24-bit image you can store 3 bits
in each pixel A 1024 768 image has the potential to hide a total of 2359296 bits of
information Ti you compress the message to be hidden before you embed it you can hide a
large amount of information To the human eye the resulting stego-image will look identical
to the cover image
82Masking and Filtering
Masking and filtering techniques usually restricted to 24-bit and tray-scale images hide
information by marking an image in a manner similar to paper watermarks Watermarking
techniques may be applied without fear of image destruction due to lossy compression
because they are more integrated into the image
Visible watermarks are not steganography by definition The difference is primarily one of
intent Traditional steganography conceals information watermarks extend information and
become an attribute of the cover image Digital watermarks may include such information as
copyright ownership or license In steganography the object of communication is the hidden
message In digital watermarking the object of communication is the cover
To create a watermarked image we increase the luminance of the masked area by 15
percent If we were to change the luminance by a smaller percentage the mask would be
undetected by the human eye Now we can use the watermarked image to hide plaintext or
encoded information
Masking is more robust than LSB insertion with respect to compression cropping and some
image processing Masking techniques embed information in more significant areas so that
16
the hidden message is more integral to the cover image than just hiding it in the ldquonoiserdquo level
This makes it more suitable than LSB with lossy JPEG images
83Algorithms and Transformations
LSB manipulation is a quick and easy way to hide information but is vulnerable to small
changes resulting from image processing or lossy compression Such compression is a key
advantage that JPEG images have over other formats High quality images can be stored in
relatively small files using JPEG compression method
One steganographic method that integrates the compression algorithm for hiding the
information is Jpeg-Jsteg Jpeg-Jsteg creates a JPEG stego image from the input of a message
to be hidden and a lossless cover mage
Another method used in Patchwork and similar techniques is the redundant pattern encoding
Here the hidden information is scattered throughout the cover mage These approaches may
help protect against image processing such as cropping and rotations and they hide
information more thoroughly than by simply masking They also support image manipulation
more readily than tools that rely on LSB In using redundant pattern encoding you must trade
off message size against robustness A large message may be embedded only once because it
would occupy a much greater portion of the image area
Other techniques encrypt and scatter the hidden data throughout an image Scattering the
message makes it appear more like noise Proponents of this approach assume that even if the
message bits are extracted they will be useless without the algorithm and stego-key to
decode them Scattering and encryption helps protect against hidden message extraction but
not against message destruction through image processing A scattered message in the
imagersquos LSBs is still as vulnerable to destruction from lossy compression and image
processing as is a clear text message inserted in the LSBs
84 Countermeasures and detection
Detection of physical steganography requires careful physical examination including the use
of magnification developer chemicals and ultraviolet light It is a time-consuming process
with obvious resource implications even in countries where large numbers of people are
employed to spy on their fellow nationals However it is feasible to screen mail of certain
suspected individuals or institutions such as prisons or prisoner-of-war (POW) camps
During World War II a technology used to ease monitoring of POW mail was specially
17
treated paper that would reveal invisible ink An article in the June 24 1948 issue of Paper
Trade Journal by the Technical Director of the United States Government Printing Office
Morris S Kantrowitz describes in general terms the development of this paper three
prototypes of which were named Sensicoat Anilith and Coatalith paper These were for the
manufacture of post cards and stationery to be given to German prisoners of war in the US
and Canada If POWs tried to write a hidden message the special paper would render it
visible At least two US patents were granted related to this technology one to Mr
Kantrowitz No 2515232 Water-Detecting paper and Water-Detecting Coating
Composition Therefor patented July 18 1950 and an earlier one Moisture-Sensitive Paper
and the Manufacture Thereof No 2445586 patented July 20 1948 A similar strategy is to
issue prisoners with writing paper ruled with a water-soluble ink that runs when in contact
with a water-based invisible ink
In computing detection of steganographically encoded packages is called steganalysis The
simplest method to detect modified files however is to compare them to known originals
For example to detect information being moved through the graphics on a website an analyst
can maintain known-clean copies of these materials and compare them against the current
contents of the site The differences assuming the carrier is the same will compose the
payload In general using extremely high compression rate makes steganography difficult
but not impossible While compression errors provide a hiding place for data high
compression reduces the amount of data available to hide the payload in raising the encoding
density and facilitating easier detection (in the extreme case even by casual observation)
9 LEAST SIGNIFICANT BIT (LSB) INSERTION
91Technique basics
Today when converting an analog image to digital format we usually choose between three
different ways of representing colors
1048766 24-bit color every pixel can have one in 2^24 colors and these are represented as different
quantities of three basic colors red (R) green (G) blue (B) given by 8 bits (256 values)
each
18
1048766 8-bit color every pixel can have one in 256 (2^8) colors chosen from a palette or a table
of colors
1048766 8-bit gray-scale every pixel can have one in 256 (2^8) shades of gray
LSB insertion modifies the LSBs of each color in 24-bit images or the LSBs of the 8-bit
value for 8-bit images
92Data Rate
The most basic of LSBs insertion for 24-bit pictures inserts 3 bitspixel Since every pixel is
24 bits we can hide
3 hidden-bitspixel 24 data-bitspixel = 18 hidden-bitsdatabits
So for this case we hide 1 bit of the embedded message for every 8 bits of the cover image If
we pushed the insertion to include the second LSBs the formula would change to
6 hidden-bitspixel 24 data-bitspixel = 28 hidden-bitsdatabits
And we would hide 2 bits of the embedded message for every 8 bits of the cover image
Adding a third-bit insertion we would get
9 hidden-bitspixel 24 data-bitspixel = 38 hidden-bitsdatabits
Acquiring a data rate of 3 embedded bits every 8 bits of the image The data rate for insertion
in 8-bit images is analogous to the 1 LSB insertion in 24-bit images or 1 embedded bit every
8 cover bits We can see the problem in another light and ask how many cover bytes are
needed to send an embedded byte
For 1-LSB insertion in 24-bit images or in 8-bit images this value would be 818 = 8 Bytes
For 2-LSBs insertion in 24-bit pictures it would be 828 = 4 Bytes for 3-LSBs insertion it
would be 838 = 2133 Bytes
93Robustness
LSB insertion is very vulnerable to a lot of transformationseven the most harmless and usual
ones Lossy compression eg JPEG is very likely to destroy it completely The problem is
that the holes in the Human Visual System that LSB insertion tries to exploit ndash little
sensitivity to added noise - are the same that lossy compression algorithms rely on to be able
to reduce the data rate of images
19
Geometrical transformations moving the pixels around and especially message and the only
one that could allow recovery is a simple translation Any other kind of picture
transformation like blurring or other effects usually will destroy the hidden data All in all
LSB insertion is a very little robust technique for data hiding displacing them from the
original grid are likely to destroy the embedded
94Ease of detectionextraction
There is no theoretical outstanding mark of LSB insertion if not a little increase of
background noise Itrsquos very easy instead to extract LSBs even with simple programs and to
check them later to find if they mean something or not
95Suitability for steganography or watermarking
First of all since it is a so vulnerable technique even for simple processing LSB insertion is
almost useless for digital watermarking where it must face malicious attempts at its
destruction plus normal transformations like compressiondecompression or conversion to
analog (printing or visualization)conversion to digital (scanning) Its comparatively high data
rate can point it as a good technique for steganography where robustness is not such an
important constraint
96Problems and possible solutions
Having stated that LSB insertion is good for steganography we can try to improve one of its
major drawbacks the ease of extraction We donrsquot want that a malicious attacker be able to
read everything we are sending
This is usually accomplished with two complementary techniques
Encryption of the message so that who extracts it must also decrypt it before it makes
sense
Randomizing the placement of the bits using a cryptographical random function
(scattering) so that itrsquos almost impossible to rebuild the message without knowing the
seed for the random function
In this way the message is protected by two different keys acquiring much more
confidentiality than before This approach protects also the integrity of the message being
much more difficult (we could say at least computationally infeasible) to counterfeit the
message
20
Anyway since we donrsquot want our message to be only an encrypted and scrambled message
we must go back to the purpose of making the communication hidden
The two most important issues in this problem are
The choice of images
The choice of the format (24-bit or 8-bit compressed or not)
The cover image first of all must seem casual so it must be chosen between a set of subjects
that can have a reason to be exchanged between the source and the receiver Then it must
have quite varying colors it must be noisy so that the added noise is going to be covered
by the already present one Wide solid-color areas imagnify very much any little amount of
noise added to them Second there is a problem with the file size which involves the choice
of the format Unusually big files exchanged between two peers in fact are likely to arise
suspicion
To solve this problem it has been studied a modification to the JPEG algorithm that inserts
LSBs in some of the lossless stages or pilots the rounding of the coefficients of the DCT used
to compress the image to encode the bits Since we need to have small image file sizes we
should resort in using 8-bit images if we want to communicate using LSB insertion because
their size is more likely to be considered as normal
The problem with 256 colors images is that they make use of an indexed palette and
changing a LSB means that we switch a pixel from a position to an adjacent one If there are
adjacent contrasting colors in the palette it can happen that a pixel in the image changes its
color abruptly and the hidden message becomes visible
To solve this problem different methods have been studied like rearranging the palette so
that adjacent colors donrsquot contrast so much or even reducing the palette to a smaller number
of colors and replicating the same entry in the table in adjacent positions so that the
difference after the embedding of the message is not visible at all
Moreover for most images the reduction of colors from for instance 256 to 32 is hardly
visible Most of the experts anyway advise to use 8-bit grayscale images since their palette
is much less varying than the color one so LSB insertion is going to be very hard to detect by
the human eye
21
10SSIS - SPREAD SPECTRUM IMAGE STEGANOGRAPHY
Techniques of error-control coding image restoration and those similar to spread spectrum
communication are combined within the SSIS system The fundamental concept is the
embedding of the hidden information within noise which is then added to a digital cover
image This noise is typical of the noise inherent to the image acquisition process and if kept
at low levels is not perceptible to the human eye or by computer analysis without access to
the original image To successfully decode the message image restoration techniques and
error-control coding are employed Image restoration is used to obtain an approximate
estimate of the original cover image from the stegoimage This promotes the estimation of the
embedded signal that was added to the cover in addition to allowing SSIS to be a blind
steganography scheme
Finally because the noise is of low power and the restoration process is not perfect the
estimation of the embedded signal is poor resulting in an embedded signal bit error rate
(BER) that is rather high To compensate the message signal is processed by a low-rate
error-correcting code before embedding This conglomeration of communication and image
processing techniques provides a method of reliable blind image steganography
The major processes of the stegosystem encoder are portrayed Within the system the
message is optionally encrypted with key 1 and then encoded via a low-rate
errorcorrectingcode producing the encoded message Thesender enters key 2 into a wideband
pseudorandom noise generator producing a real-valued noise sequence sequently the
modulation scheme is used to combine the message with the noise sequence thereby
composing the embedded signal which is then input into an interleaver using key 3 This
signal is now added with the cover image to produce the stegoimage which is appropriately
quantized and clipped to preserve the initial dynamic range of the cover image The
stegoimage is then transmitted in some manner to the recipient At the receiver the
stegoimage is received by the recipient who maintains the same keys as the sender uses the
stegosystem decoder to extract the hidden information The decoder uses image restoration
techniques to produce an estimate of the original cover image from the received
stegoimage The difference between and
is fed into a keyed deinterleaver to construct an estimate of the embedded signal With key
2 the noise sequence is regenerated the encoded message is then demodulated and an
estimate of the encoded message is constructed The estimate of the message is then
22
decoded via the low-rate errorcontrol decoder optionally decrypted using key 1 and revealed
to the recipient
The interleaver in this scheme which reorders the embedded signal before it is added to the
cover image serves a dual function The first is to prevent a group or burst of errors This
allows the errors to occur almost independently within a codeword thus giving the error-
correcting code an equal chance at correcting the errors in all codewords Second since the
interleaver requires a key to stipulate the interleaving algorithm this key can serve as another
level of security to establish the proper order of the embedded signal before decoding
We point out this technique as an example for spread spectrum data-hiding methods Spread
spectrum techniques are now widely used in military radio communications due to their very
high robustness to detection and extraction SSIS is a quite mature process and its aim is to
achieve low detectability ease of extraction high data rate and good robustness to removal It
is based on spread spectrum techniques but it enhances them by adding other encoding steps
FigSSIS encoder
23
FigSSIS decoder
101Technique basics
The core of SSIS is a spread spectrum encoder These devices work by modulating a narrow
band signal over a carrier The carrierrsquos frequency is continually shifted using a
pseudorandom noise generator fed with a secret key In this way the spectral energy of the
signal is spread over a wide band thus decreasing its density usually under the noise level
To extract the embedded message the receiver must use the same key and noise generator to
tune on the right frequencies and demodulate the original signal A casual observer wonrsquot be
able even to detect the hidden communication since it is under the noise level
102Data Rate
The data rate for this technique can be fairly high but it depends on the choices made for the
different parameters of the encoding We can assume that the message will be compressed
before embedding to allow for a higher capacity The ECC encoder instead is going to insert
redundant data into the stream to be able to correct the errors The more errors we want to
correct the more bits will be added Then we have a tradeoff between good retrieval and
capacity If we can allow for small glitches in the recovered message then we can use a
weaker encoding
Moreover the more data we want to insert in the image the more noise we are going to add
to it Then if our cover is not noisy we will be able to hide very little data while if we
choose a noisy one its capacity will be higher Experiments with 512x512 grey scale images
(256 KB) could embed from 500 bytes to 5KB depending on the cover These experiments
used a spread spectrum signal powerful enough to give almost total error-free retrieval
because the compression method adopted didnrsquot allow for any errors This means a data rate
24
varying from 1 hidden-bytes50 cover-bytes to 10 hiddenbytes 50 cover-bytes a rate
surpassed only by LSB insertion
103Robustness
Spread spectrum techniques are usually quite robust Every transformation that adds noise to
the image isnrsquot able to destroy the message Anyway a determined attacker can quite easily
compromise the embedded data using some digital processing like for examplenoise
reduction filters the same that are used in decoding to estimate the original cover
104Ease of detectionextraction
Spread spectrum encoding is widely used in military communications for its robustness
against detection An attacker canrsquot usually even know if the message was embedded and
anyway it will be very hard for him to extract it without knowing the right key2 and key3
105Suitability for steganography or watermarking
Due to its fairly high capacity and low ease of detection and extraction SISS is very good for
steganography
106Problems and possible solutions
The basic tradeoff in using SSIS is between the error rate we can afford and the amount of
informations we want to embed that varies in turn the power of the added noise The ECC is
used to allow for a lower power without increasing the Bit Error Rate as well
Further improvements will deal with improving the original cover estimate stage so that itrsquoll
lead to a lower Bit Error Rate in the recovered signal allowing to use less redundant ECCs
The first is redundant encoding by dividing the cover into blocks and embedding the same
message in each of them so that the hidden data can be extracted even from a part of the
image as big as one block but the more of it we have the more certain we can be about the
result
Moreover they added to the spectrum a template that can through a log-polar transform
applied to the spectrum of the stegoimage determine the original scale factor and orientation
of the image rendering the stego-message virtually immune to scaling and rotation Finally
spread spectrum techniques can add an adaptive perceptual masking filter before the insertion
of the signal so that the added noise is quite sure to be under perceptual limits This
25
however will increase the error rate in the retrieval because it reduces the power of the
embedded signal
11Applications of Steganography
Steganography is applicable to but not limited to the following areas
1) Confidential communication and secret data storing
2) Protection of data alteration
3) Access control system for digital content distribution
4) Media Database systems
The area differs in what feature of the steganography is utilized in each system
111 Confidential communication and secret data storing
The secrecy of the embedded data is essential in this areaHistorically steganography have
been approached in this area Steganography provides us with
(A) Potential capability to hide the existence of confidential data
(B) Hardness of detecting the hidden (ie embedded) data
(C) Strengthening of the secrecy of the encrypted data
In practice when you use some steganography you must first select a vessel data according
to the size of the embedding data The vessel should be innocuous Then you embed the
confidential data by using an embedding program (which is one component of the
steganography software) together with some key When extracting you (or your party) use an
extracting program (another component) to recover the embedded data by the same key
( common key in terms of cryptography) In this case you need a key negotiation before
you start communication
Attaching a stego file to an e-mail message is the simplest example in this application area
But you and your party must do a sending-and-receiving action that could be noticed by a
third party So e-mailing is not a completely secret communication methodThere is an easy
method that has no key-negotiation We have a model of Anonymous Covert Mailing
System There is some other communication method that uses the Internet Webpage In this
26
method you dont need to send anything to your party and no one can detect your
communication
Each secrecy based application needs an embedding process which leaves the smallest
embedding evidence You may follow the following
(A) Choose a large vessel larger the better compared with the embedding data
(B) Discard the original vessel after embedding
For example in the case of Qtech Hide amp View it leaves some latent embedding evidence
even if the vessel has a very large embedding capacity You are recommended to embed only
25 or less (for PNG BMP output) of the maximum capacity or only 3 of the vessel size
(for JPEG output)
112 Protection of data alteration
We take advantage of the fragility of the embedded data in this application area
The embedded data can rather be fragile than be very robust Actually embedded data are
fragile in most steganography programs Especially Qtech Hide amp View program embeds
data in an extremely fragile manner However this fragility opens a new direction toward an
information-alteration protective system such as a Digital Certificate Document System
The most novel point among others is that no authentication bureau is needed If it is
implemented people can send their digital certificate data to any place in the world through
Internet No one can forge alter nor tamper such certificate data If forged altered or
tampered it is easily detected by the extraction program
Stated somewhat more formally the objective for making steganographic encoding difficult
to detect is to ensure that the changes to the carrier (the original signal) due to the injection of
the payload (the signal to covertly embed) are visually (and ideally statistically) negligible
that is to say the changes are indistinguishable from the noise floor of the carrier Any
medium can be a carrier but media with a large amount of redundant or compressible
information are better suited
From an information theoretical point of view this means that the channel must have more
capacity than the surface signal requires that is there must be redundancy For a digital
image this may be noise from the imaging element for digital audio it may be noise from
recording techniques or amplification equipment In general electronics that digitize an
analog signal suffer from several noise sources such as thermal noise flicker noise and shot
27
noise This noise provides enough variation in the captured digital information that it can be
exploited as a noise cover for hidden data In addition lossy compression schemes (such as
JPEG) always introduce some error into the decompressed data it is possible to exploit this
for steganographic use as well
Steganography can be used for digital watermarking where a message (being simply an
identifier) is hidden in an image so that its source can be tracked or verified (for example
Coded Anti-Piracy) or even just to identify an image (as in the EURion constellation)
113 Access control system for digital content distribution
In this area embedded data is hidden but is explained to publicize the contentToday
digital contents are getting more and more commonly distributed by Internet than ever before
For example music companies release new albums on their Webpage in a free or charged
manner However in this case all the contents are equally distributed to the people who
accessed the page So an ordinary Web distribution scheme is not suited for a case-by-case
and selective distribution Of course it is always possible to attach digital content to e-mail
messages and send to the customers But it will takes a lot of cost in time and labor
If you have some valuable content which you think it is okay to provide others if they really
need it and if it is possible to upload such content on the Web in some covert manner And if
you can issue a special access key to extract the content selectively you will be very happy
about it A steganographic scheme can help realize a this type of system
We have developed a prototype of an Access Control System for digital content
distribution through Internet The following steps explain the scheme
(1) A content owner classify hisher digital contents in a folder-by-folder manner and embed
the whole folders in some large vessel according to a steganographic method using folder
access keys and upload the embedded vessel (stego data) on hisher own Webpage
(2) On that Webpage the owner explains the contents in depth and publicize worldwide The
contact information to the owner (post mail address e-mail address phone number etc) will
be posted there
(3) The owner may receive an access-request from a customer who watched that Webpage In
that case the owner may (or may not) creates an access key and provide it to the customer
(free or charged)
28
In this mechanism the most important point is a selective extraction is possible or notWe
have already developed such a selective extraction program to implement the system
114 Media Database systems
In this application area of steganography secrecy is not important but unifying two types of
data into one is the most importantMedia data (photo picture movie music etc) have some
association with other information A photo picture for instance may have the following
(1) The title of the picture and some physical object information
(2) The date and the time when the picture was taken
(3) The camera and the photographers information
Formerly these are annotated beside the each picture in the albumRecently almost all
cameras are digitalized They are cheap in price easy to use quick to shoot They eventually
made people feel reluctant to work on annotating each picture Now most home PCs are
stuck with the huge amount of photo files In this situation it is very hard to find a specific
shot in the piles of pictures A photo album software may help a little You can sort the
pictures and put a couple of annotation words to each photo When you want to find a
specific picture you can make a search by keywords for the target picture However the
annotation data in such software are not unified with the target pictures Each annotation only
has a link to the picture Therefore when you transfer the pictures to a different album
software all the annotation data are lost
This problem is technically referred to as Metadata (eg annotation data) in a media
database system (a photo album software) are separated from the media data (photo data) in
the database managing system (DBMS) This is a big problem
Steganography can solve this problem because a steganography program unifies two types of
data into one by way of embedding operation So metadata can easily be transferred from
one system to another without hitch Specifically you can embed all your goodbad memory
(of your sight-seeing trip) in each snap shot of the digital photo You can either send the
embedded picture to your friend to extract your memory on hisher PC or you may keep it
silent in your own PC to enjoy extracting the memory ten years after If a motion picture
steganography system has been developed in the near future a keyword based movie-scene
retrieving system will be implemented It will be a step to a semantic movie retrieval system
29
12CONCLUSION
In this paper we tried to give an all-round view of steganography both used to exchange
messages and watermarking First we gave an outline of the problem telling also some of the
history of this quickly developing field Then we showed the different techniques invented
from the simplest to the more complex ones trying to evaluate them under many points of
view Major emphasis was put on data hiding in images for the techniques involved are
usually more mature than the corresponding ones for other kinds of informations Image
encoding algorithms can also be representative for manipulation of other types of media like
voice text binary files binary files communication channels etc
The strength of our system resides in the new concept of key image Involving two images
(the cover and the key) in place of only one (the cover) we are able to change the cover
coefficients randomly This opportunity does not give a steganalytic tool the chance of
searching for a predictable set of modifications The proposed approach has many
applications in hiding and coding messages within standard medias such as images or videos
As future work we intend to study steganalytic techniques for ISC and to extend ISC to
mobile video communication
Then we gave an outline of the problems involved with watermarking a field that has come
into light after the development of broadband worldwide digital networks Steganography and
digital watermarking are undergoing a development process similar to that of encryption
Steganographyrsquos niche in security is to supplement cryptography and not to replace it There
is a continuous invention of new techniques for steganography followed by successful
breakings and new improvements of them
30
13REFERENCES
Neil F Johnson Sushil Jajodia George Mason University Exploring
Steganography Seeing the Unseen IEEE Computers February 1998 pp 26-34
W Bender D Gruhl N Morimoto A Lu Techniques for Data Hiding IBM
Systems Journal Vol 35
Ross Anderson Roger Needham Adi Shamir The Steganographic File System 2nd
Information Hiding Workshop 1998
Ross J Anderson Fabien AP Petitcolas On the limits of steganographyrdquo
W Bender D Gruhl N Morimoto and A Lu ldquoTechniques for data hidingrdquo IBM
Syst J vol 35 1996
I J Cox J Kilian T Leighton and T Shamoon ldquoSecure spread spectrum
watermarking for images audio and videordquo in Proc IEEE Int Conf Image
Processing Lausanne Switzerland Sept 1996 vol 111 pp 243ndash246
D Kahn The CodebreakersmdashThe Story of Secret Writing New York Scribner
1967
F Johnson and S Jajodia ldquoExploring steganography Seeing the unseenrdquo IEEE
Computer Mag pp 26ndash34 Feb 1998
B Pfitzmann ldquoTrials of traced traitorsrdquo in Information Hiding First International
Workshop Lecture Notes in Computer Science R Anderson Ed Berlin Germany
Springer-Verlag 1996 vol 1 pp 49ndash64
J R Smith and B O Comisky ldquoModulation and information hiding in imagesrdquo in
Information Hiding First International Workshop Lecture Notes in Computer
Science R Anderson Ed Berlin Germany Springer-Verlag 1996 vol 1174 pp
207ndash226
L M Marvel and C G Boncelet Jr ldquoCapacity of the additive steganographic
channelrdquo submitted for publication
R van Schyndel A Tirkel and C Osborne ldquoA digital watermarkrdquo in Proc IEEE Int
Conf Image Processing 1994 vol 2 pp 86ndash90
R B Wolfgang and E J Delp ldquoA watermark for digital imagesrdquo in Proc IEEE Int
Conf Image Processing Lausanne Switzerland Sept 1996 vol 111 pp 219ndash222
31
- 84 Countermeasures and detection
- Detection of physical steganography requires careful physical examination including the use of magnification developer chemicals and ultraviolet light It is a time-consuming process with obvious resource implications even in countries where large numbers of people are employed to spy on their fellow nationals However it is feasible to screen mail of certain suspected individuals or institutions such as prisons or prisoner-of-war (POW) camps During World War II a technology used to ease monitoring of POW mail was specially treated paper that would reveal invisible ink An article in the June 24 1948 issue of Paper Trade Journal by the Technical Director of the United States Government Printing Office Morris S Kantrowitz describes in general terms the development of this paper three prototypes of which were named Sensicoat Anilith and Coatalith paper These were for the manufacture of post cards and stationery to be given to German prisoners of war in the US and Canada If POWs tried to write a hidden message the special paper would render it visible At least two US patents were granted related to this technology one to Mr Kantrowitz No 2515232 Water-Detecting paper and Water-Detecting Coating Composition Therefor patented July 18 1950 and an earlier one Moisture-Sensitive Paper and the Manufacture Thereof No 2445586 patented July 20 1948 A similar strategy is to issue prisoners with writing paper ruled with a water-soluble ink that runs when in contact with a water-based invisible ink
-
Cryptography plays an important role in this Today cryptography uses principles from
several disciplines such as mathematics computer science etc Steganography deals with
composing hidden messages so that only the sender and the receiver know that the message
even exists Since nobody except the sender and the receiver knows the existence of the
message it does not attract unwanted attention
Fig Steganographic model
FigSymmetric-key cryptographic model
3
Fig Unifying model
Steganography deals with composing hidden messages so that only the sender and the
receiver know that the message even exists Since nobody except the sender and the receiver
knows the existence of the message it does not attract unwanted attention Steganography
was used even in ancient times and these ancient methods are called Physical Steganography
Some examples for these methods are messages hidden in messages body messages written
in secret inks messages written on envelopes in areas covered by stamps etc Modern
Steganography methods are called Digital Steganography These modern methods include
hiding messages within noisy images embedding a message within random data embedding
pictures with the message within video files etc Furthermore Network Steganography is
used in telecommunication networks This includes techniques like Steganophony (hiding a
message in Voice-over-IP conversations) and WLAN Steganography (methods for
transmitting Steganograms in Wireless Local Area Networks) there are three types of
cryptographic algorithms used called Symmetric key cryptography Public-key cryptography
and hash functions Symmetric key cryptography involves encryption methods where both
the sender and the receiver share the same key used to encrypt the data
4
Fig Mapping between model components
Steganography and cryptography are cousins in spy-craft family Cryptography scrambles a
message so it cannot be understood Steganography hides the message so it cannot be seen A
message in cipher text for instance might arouse suspicion on the part of the recipient while
an ldquoinvisiblerdquo message created with steganographic methods will not
In this way we can say that steganography completes cryptography and actually there are
usually two ciphers to break when trying to extract the embedded message one is the one
with which the message was embedded and the other is the one with which the message was
enciphered
Cryptography is the study of hiding information while Steganography deals with composing
hidden messages so that only the sender and the receiver know that the message even exists
In Steganography only the sender and the receiver know the existence of the message
whereas in cryptography the existence of the encrypted message is visible to the world Due
to this Steganography removes the unwanted attention coming to the hidden message
Cryptographic methods try to protect the content of a message while Steganography uses
methods that would hide both the message as well as the content By combining
Steganography and Cryptography one can achieve better security The major concern of
steganography is stealth because if an attacker either passive or active can detect the
presence of the message from that point he can try to extract it and if encrypted to decrypt
it The resistance to attempt at destruction or noise is not required since we consider the
5
sender and the receiver equally interested in exchanging messages so that they will try to
transmit the stego-medium in the best way they can If the stego-data can be transmitted over
the selected channel and this is usually the case with all the media that are used like images
or sounds then the embedded data will be preserved along with them
3Image based steganography
Embedding a message into an image requires two files The first is the innocent-looking
image that will hold the hidden information called the cover image The second file is the
messagemdashthe information to be hidden A message may be plain-text cipher-text other
images or anything that can be embedded in a bit stream When combined the cover image
and the embedded message make a stegoimage A stego-key (a type of password) may also
be used to hide then later decode the message Most steganography software recommends the
use of lossless 24-bit images such as BMP The next-best alternative to 24-bit images is 256-
coloror gray-scale images The most common of these are GIF files
Steganographic systems uses images as cover media because people often transmit digital
pictures over email and other Internet communication (egeBay)Moreoverafter
digitalizationimages contain the so-called quantization noise which provides space to embed
data (Westfeld and Pfitzmann 1999) In this article we will concentrate only on images as
carrier media
The modern formulation of steganography is often given in terms of the prisonersrsquo problem
(Simmons 1984 Kharrazi et al 2004) where Alice and Bob are two inmates who wish to
communicate in order to hatch an escape plan However all communication between them is
examined by the warden Wendy who will put them in solitary confinement at the slightest
suspicion of covert communication
Steganography was used even in ancient times and these ancient methods are called Physical
Steganography Some examples for these methods are messages hidden in messages body
messages written in secret inks messages written on envelopes in areas covered by stamps etc
Modern Steganography methods are called Digital Steganography
Specifically in the general model for steganography we have Alice (the sender) wishing to
send a secret message M to Bob (the receiver) in order to do this Alice chooses a cover
image CThe steganographic algorithm identifies Crsquos redundant bits (ie those that can be
modified without arising Wendyrsquos suspicion) then the embedding process creates a stego
6
image S by replacing these redundant bits with data from M S is transmitted over a public
channel (monitored by Wendy) and is received by Bob only if Wendy has no suspicion on it
Once Bob recovers S he can get M through the extracting process
Fig ISC embedded process
The embedding process represents the critical task for a steganographic system since S must
be as similar as possible to C for avoidingWendyrsquos intervention (Wendy acts for the
eavesdropper) Least significant bit (LSB) insertion is a common and simple approach to
embed information in a cover file it overwrites the LSB of a pixel with anMrsquos bit
Fig ISC extracting process
7
Unfortunately modifying the cover image changes its statistical properties so eavesdroppers
can detect the distortions in the resulting stego imagersquos statistical properties In fact the
embedding of high-entropy data (often due to encryption) changes the histogram of colour
frequencies in a predictable way (Provos and Honeyman 2003 Westfeld and Pfitzmann
1999) Westfeld (Westfeld 2001) proposed F5 an algorithm that does not overwrite LSB and
preserves the stego imagersquos statistical properties (see Sect 52) Since standard
steganographic systems do not provide strong message encryption they recommend to
encrypt M before embedding Because of this we have always to deal with a two-steps
protocol first we must cipher M (obtaining Mrsquo) and then we can embeded M in C
Figure shows the result of such comparison obtained using a JPEG cover set Cset of 20
images (1024 x 768 average size 330 KB) In every image of Cset we have embedded a
canto from Dantersquos Divina Commedia (about 5 KB for each canto) with a JPEG quality
factor set to 80 Only for ISC we also used the images of Cset as key images The mean
difference (in percentage) for every AC coefficient in the interval [minus88] is shown on the
yaxis in Fig 7 in particular the black columns represent the differences introduced by F5
embedding step while the white ones correspond to the number of modifications yielded by
ISC embedding process As one can notice the respective difference values are comparable
Em1 is a simplified version of ISC because actually ISC spreads M over the entire stego
image yielding the same embedding density everywhere In doing this ISC neither uses
permutative straddling nor matrix encoding but simply divides the nonzero coefficients array
in blocks of the same length If necessary only one of the coefficients in each block is
modified Furthermore ISC presents an on-line mechanism for correcting the statistical
deviations created by the embedding step If the message length is sufficiently short (ie it is
less than the number of AC nonzero coefficients) ISC transforms useless coefficients in
order to restore the original statistical properties characterizing the cover medium
As an example if ISC transforms an AC coefficient from -1 into -2 when it encounters the
first unused -2 it transforms this value in -1 in order to reequilibrate the histogram Naturally
the more information we embed in the cover image the less ISC can correct the introduced
modifications If we choose a 24-bit image as cover we can store 3 bits in each pixel To the
human eye the resulting stego image will look identical to the cover image (Johnson and
Jajodia 1998)
8
Fig ISC technique
In the next sections we will present a new all-in one method able to perform steganography
providing strong encryption at the same time Our method has been planned either to work
with bit streams scattered over multiple images (in an online way of functioning) or to work
with still images it yields random outputs in order to make steganalysis more difficult and it
can cipher M in a theoretically secure manner preserving the stego imagersquos statistical
propertiesThe simplicity of our method gives the possibility of using it in real-time
applications such as mobile video communication
4Some history
The first description of the use of steganography dates back to the Greeks Herodotus tells
how a message was passed to the Greeks about Xersesrsquo hostile intentions underneath the wax
of a writing tablet and describes a technique of dotting successive letters in a cover text with
a secret ink due to Aeneas the Tactician Pirate legends tell of the practice of tattooing secret
information such as a map on the head of someone so that the hair would conceal it
Steganography is the art and science of writing hidden messages in such a way that no one
apart from the sender and intended recipient suspects the existence of the message a form of
security through obscurity The word steganography is of Greek origin and means concealed
writing from the Greek words steganos meaning covered or protected and graphei
9
(γραφή) meaning writing The first recorded use of the term was in 1499 by Johannes
Trithemius in his Steganographia a treatise on cryptography and steganography disguised as
a book on magic Generally messages will appear to be something else images articles
shopping lists or some other covertext and classically the hidden message may be in
invisible ink between the visible lines of a private letter
The advantage of steganography over cryptography alone is that messages do not attract
attention to themselves Plainly visible encrypted messagesmdashno matter how unbreakablemdash
will arouse suspicion and may in themselves be incriminating in countries where encryption
is illegal[1] Therefore whereas cryptography protects the contents of a message
steganography can be said to protect both messages and communicating parties
Steganography includes the concealment of information within computer files In digital
steganography electronic communications may include steganographic coding inside of a
transport layer such as a document file image file program or protocol Media files are ideal
for steganographic transmission because of their large size As a simple example a sender
might start with an innocuous image file and adjust the color of every 100th pixel to
correspond to a letter in the alphabet a change so subtle that someone not specifically
looking for it is unlikely to notice it
Kahn tells of a trick used in China of embedding a code ideogram at a prearranged position in
a dispatch a similar idea led to the grille system used in medieval Europe where a wooden
template would be placed over a seemingly innocuous text highlighting an embedded secret
message Invisible ink offered a common form of invisible writing
Early in WWII steganographic technology consisted almost exclusively of these inks With
invisible ink a seemingly innocent letter could contain a very different message written
between the lines During WWII the grille spies used method or some variants In the same
period the Germans developed microdot technology which prints a clear good quality
photograph shrinking it to the size of a dot During the Cold War period USSR and US
wanted to hide their sensors in the enemyrsquos facilities These devices had to send data to their
nations without being spotted
5SOME DEFINITIONS
We give some definitions common to the steganography field
10
Cover medium This is the medium in which we want to hide data it can be an innocent
looking piece of information for steganography or some important medium that must be
protected for copyright or integrity reasons
Embedded message This is the hidden message we want to put in the cover It can be some
data for steganography and some copyright informations or added content for digital
watermarking
Stegokey This is represented by some secret information which is needed in order to extract
the embedded message from the stegomedium
Stego-medium This is the final piece of information that the casual observer can see
We can define this simple formula
Cover-medium + embedded-message = stego-message
6BASIC METHOD BEHIND STEGANOGRAPHY
FigSteganography process
7IMAGE FILES
To a computer an image is an array of numbers that represent an array of numbers that
represent light intensities at various points or pixels These pixels make up the imagersquos raster
data A common image size is 640 480 and 256 colors (or 8 bits per pixel) Such an image
could contain about 300 kb of data Digital images are typically stored as either 24-bit or 8-
11
bit files A 24-bit image provides the most space for hiding information however it can be
quite large except for the JPEG images A 24-bit image of 1024 pixels width and 768 pixels
height has more than two million pixels each having 24-bits which would produce a file
exceeding 2 Mega bytes Such a file would attract attention during transmission File
compression would thus be beneficial if not necessary to transmit such a file
71File compression
There are two types of file compression methods- lossless and lossy Both methods save
storage space but have different results interfering with the hidden information when
information is uncompressed Lossless compression lets us reconstruct the original message
exactly therefore it is preferred when the original information must remain intact (as with
steganographic images) Lossless compression as typical of images saved as GIF and 8-bit
BMP Lossless compression on the other hand saves space but may not maintain the original
imagersquos integrity This method typifies images saved as JPEG Due to the lossy compression
algorithm which we discuss later the JPEG formats provide close approximations to high-
quality digital photographs but not an exact duplicate Hence the term ldquolossy compressionrdquo
72Embedding data
Embedding data which is to be hidden into an image requires two files The first is the
innocent looking image that will hold the hidden information called the cover image The
second file is the message- the information to be hidden A message may be plain text cipher
text other images or anything that can be embedded in a bit stream when combined the
cover image and the embedded message make a stego- image A stego-key (a type of
password) may also be used to hide and then later decode the message
Most steganographic software neither supports not recommends using JPEG images But
recommends instead the use of lossless 24-bit images such as BMP The next best alternative
to 24-bit images is 256- color or gray scale images The most common of these found on the
Internet are GIF files
Every AC coefficient in the interval [minus88] is shown on the yaxis in Fig 7 in particular the
black columns represent the differences introduced by F5 embedding step while the white
ones correspond to the number of modifications yielded by ISC embedding process
12
Fig ISC for JPEG sequence(Embedded step)
FigISC for JPEG sequence(Extracting step)
In 8-bit color images such as GIF files each pixel is represented by a single byte and each
pixel nearly points to a color index able (a palette) with 256 possible colors The pixels value
is between 0 and 255 The software simply paints the indicated color on the screen at the
selected pixel position
Many steganography experts recommend the use of images featuring 256 shades of grapy
Gray scale images are preferred because the shades change very gradually from byte to byte
and the less the value changes between palette entries the better they can hide information
13
When considering an image in which to hide information you must consider the image as
well as the palette Obviously an image with large areas of solid colors is a poor choice as
variances created from the embedded massage will be noticeable in the solid areas
73 Data embedded security system
The choice of embedding algorithm in the most cases is driven by the results of the
steganographic channel robustness analysis One of the areas that improves steganographic
robustness is usage of a key scheme for embedding messagesVarious key steganographic
schemes have various levels of protection Key scheme term means a procedure of how to use
key steganographic system based on the extent of its use However when the steganographic
robustness is increased a bandwidth of the whole embedding system is decreased Therefore
the task of a scheme selection for achieving the optimal values of the steganographic system
is not trivial
Embedding messages in steganographic system can be carried out without use of a key or
with use of a key To improve steganographic robustness key can be used as a verification
option It can make an impact on the distribution of bits of a message within a container as
well as an impact on the procedure of forming a sequence of embedded bits of a message
The first level of protection is determined only by the choice of embedding algorithm This
may be the least significant bits modification algorithm or algorithms for modifying the
frequency or spatial-temporal characteristics of the container The first level of protection is
presented in any steganographic channel Steganographic system in this case can be
represented as shown at The First Protection Level Scheme figure There following notations
are used c - is a container file F - steganographic channel space (frequency orand amplitude
container part that is available for steganographic modification and message signal
transmission) SC - steganographic system m - message to be embedded E - embedding
method ĉ - modified container file
The second protection level of the steganographic system as well as all levels of protection
of the higher orders is characterized by the use of Key (password) via steganographic
modification An example of a simple key scheme which provides a second level of
protection is to write the unmodified or modified password in the top or bottom of the
message or the distribution of the password sign on the entire length of the steganographic
channel Such key schemes do not affect the distribution of messages through the container
and do not use a message preprocessing according to the defined key (see figure The Second
14
Protection Level Scheme) This kind of steganographic systems are used in such tasks as for
instance adding a digital signature for proof of copyright Data embedding performance is
not changed in comparison with the fastest approach of the first protection level usage
Steganographic data channels that use key schemes based distribution of a message through
the container and or preprocessing of an embedded message for data hiding are more secure
When the third protection level key scheme is used it affects the distribution of a message
through the container (see figure The Third Protection Level Scheme where F(P L) ndash
distribution function of a message within a container P ndash minimum number of container
samples that are needed to embed one message sample L ndash step of a message distribution
within a container) Accordingly the performance of container processing will be lower than
in the case of the first and the second key schemes Taking into account that PgeL the
simplest representation of the F(P L) function could be as following
F(P L) = cycleL + stepP
where cycle is a number of the current L section and step is a number of the embedded
message sample
The difference between the fourth protection level scheme and the third one is that in
steganographic system there are two distribution functions of a message within a container
are used The first is responsible for a message samples selection according to some function
G(Q N) and the second function F(P L) is responsible for position selection in a container
for message sample hiding Here Q ndash the size of message block to be inserted N ndash the size (in
bits) of one sample of the message file (see figure The Fourth Protection Level Scheme)
8CONCEALMENT IN DIGITAL IMAGES
Information can be hidden many different ways in images To hide information straight
message insertion may encode every bit of information in the message or selectively embed
the message in ldquonoisyrdquo areas that draw less attention- those areas where there is a great deal
of natural color variation The message may also be scattered randomly throughout the
image Redundant pattern encoding ldquowallpapersrdquo the cover image with the message
Image based Steganography is the most popular method for message concealment In this
paper two techniques are proposed for enhancing the message secrecy using image based
steganography The first technique is based on the use of punctuation marks to encode a
secret message before embedding it into the image file The second technique is based on the
15
use of modified scytale cipher to hide a secret message in an image file Both of these
techniques have been implemented and tested using the S-Tools software package The
original and stego-images both are shown for the purpose of comparison
A number of ways exist to hide information in digital images Common approaches include
1048766 Least significant bit (LSB) insertion
1048766 Masking and filtering
1048766 Algorithms and transformations
81Least significant bit insertion
Least significant Bit insertion is a common simple approach to embedding information in a
cover file To hide an image in the LSBs of each byte of a 24-bit image you can store 3 bits
in each pixel A 1024 768 image has the potential to hide a total of 2359296 bits of
information Ti you compress the message to be hidden before you embed it you can hide a
large amount of information To the human eye the resulting stego-image will look identical
to the cover image
82Masking and Filtering
Masking and filtering techniques usually restricted to 24-bit and tray-scale images hide
information by marking an image in a manner similar to paper watermarks Watermarking
techniques may be applied without fear of image destruction due to lossy compression
because they are more integrated into the image
Visible watermarks are not steganography by definition The difference is primarily one of
intent Traditional steganography conceals information watermarks extend information and
become an attribute of the cover image Digital watermarks may include such information as
copyright ownership or license In steganography the object of communication is the hidden
message In digital watermarking the object of communication is the cover
To create a watermarked image we increase the luminance of the masked area by 15
percent If we were to change the luminance by a smaller percentage the mask would be
undetected by the human eye Now we can use the watermarked image to hide plaintext or
encoded information
Masking is more robust than LSB insertion with respect to compression cropping and some
image processing Masking techniques embed information in more significant areas so that
16
the hidden message is more integral to the cover image than just hiding it in the ldquonoiserdquo level
This makes it more suitable than LSB with lossy JPEG images
83Algorithms and Transformations
LSB manipulation is a quick and easy way to hide information but is vulnerable to small
changes resulting from image processing or lossy compression Such compression is a key
advantage that JPEG images have over other formats High quality images can be stored in
relatively small files using JPEG compression method
One steganographic method that integrates the compression algorithm for hiding the
information is Jpeg-Jsteg Jpeg-Jsteg creates a JPEG stego image from the input of a message
to be hidden and a lossless cover mage
Another method used in Patchwork and similar techniques is the redundant pattern encoding
Here the hidden information is scattered throughout the cover mage These approaches may
help protect against image processing such as cropping and rotations and they hide
information more thoroughly than by simply masking They also support image manipulation
more readily than tools that rely on LSB In using redundant pattern encoding you must trade
off message size against robustness A large message may be embedded only once because it
would occupy a much greater portion of the image area
Other techniques encrypt and scatter the hidden data throughout an image Scattering the
message makes it appear more like noise Proponents of this approach assume that even if the
message bits are extracted they will be useless without the algorithm and stego-key to
decode them Scattering and encryption helps protect against hidden message extraction but
not against message destruction through image processing A scattered message in the
imagersquos LSBs is still as vulnerable to destruction from lossy compression and image
processing as is a clear text message inserted in the LSBs
84 Countermeasures and detection
Detection of physical steganography requires careful physical examination including the use
of magnification developer chemicals and ultraviolet light It is a time-consuming process
with obvious resource implications even in countries where large numbers of people are
employed to spy on their fellow nationals However it is feasible to screen mail of certain
suspected individuals or institutions such as prisons or prisoner-of-war (POW) camps
During World War II a technology used to ease monitoring of POW mail was specially
17
treated paper that would reveal invisible ink An article in the June 24 1948 issue of Paper
Trade Journal by the Technical Director of the United States Government Printing Office
Morris S Kantrowitz describes in general terms the development of this paper three
prototypes of which were named Sensicoat Anilith and Coatalith paper These were for the
manufacture of post cards and stationery to be given to German prisoners of war in the US
and Canada If POWs tried to write a hidden message the special paper would render it
visible At least two US patents were granted related to this technology one to Mr
Kantrowitz No 2515232 Water-Detecting paper and Water-Detecting Coating
Composition Therefor patented July 18 1950 and an earlier one Moisture-Sensitive Paper
and the Manufacture Thereof No 2445586 patented July 20 1948 A similar strategy is to
issue prisoners with writing paper ruled with a water-soluble ink that runs when in contact
with a water-based invisible ink
In computing detection of steganographically encoded packages is called steganalysis The
simplest method to detect modified files however is to compare them to known originals
For example to detect information being moved through the graphics on a website an analyst
can maintain known-clean copies of these materials and compare them against the current
contents of the site The differences assuming the carrier is the same will compose the
payload In general using extremely high compression rate makes steganography difficult
but not impossible While compression errors provide a hiding place for data high
compression reduces the amount of data available to hide the payload in raising the encoding
density and facilitating easier detection (in the extreme case even by casual observation)
9 LEAST SIGNIFICANT BIT (LSB) INSERTION
91Technique basics
Today when converting an analog image to digital format we usually choose between three
different ways of representing colors
1048766 24-bit color every pixel can have one in 2^24 colors and these are represented as different
quantities of three basic colors red (R) green (G) blue (B) given by 8 bits (256 values)
each
18
1048766 8-bit color every pixel can have one in 256 (2^8) colors chosen from a palette or a table
of colors
1048766 8-bit gray-scale every pixel can have one in 256 (2^8) shades of gray
LSB insertion modifies the LSBs of each color in 24-bit images or the LSBs of the 8-bit
value for 8-bit images
92Data Rate
The most basic of LSBs insertion for 24-bit pictures inserts 3 bitspixel Since every pixel is
24 bits we can hide
3 hidden-bitspixel 24 data-bitspixel = 18 hidden-bitsdatabits
So for this case we hide 1 bit of the embedded message for every 8 bits of the cover image If
we pushed the insertion to include the second LSBs the formula would change to
6 hidden-bitspixel 24 data-bitspixel = 28 hidden-bitsdatabits
And we would hide 2 bits of the embedded message for every 8 bits of the cover image
Adding a third-bit insertion we would get
9 hidden-bitspixel 24 data-bitspixel = 38 hidden-bitsdatabits
Acquiring a data rate of 3 embedded bits every 8 bits of the image The data rate for insertion
in 8-bit images is analogous to the 1 LSB insertion in 24-bit images or 1 embedded bit every
8 cover bits We can see the problem in another light and ask how many cover bytes are
needed to send an embedded byte
For 1-LSB insertion in 24-bit images or in 8-bit images this value would be 818 = 8 Bytes
For 2-LSBs insertion in 24-bit pictures it would be 828 = 4 Bytes for 3-LSBs insertion it
would be 838 = 2133 Bytes
93Robustness
LSB insertion is very vulnerable to a lot of transformationseven the most harmless and usual
ones Lossy compression eg JPEG is very likely to destroy it completely The problem is
that the holes in the Human Visual System that LSB insertion tries to exploit ndash little
sensitivity to added noise - are the same that lossy compression algorithms rely on to be able
to reduce the data rate of images
19
Geometrical transformations moving the pixels around and especially message and the only
one that could allow recovery is a simple translation Any other kind of picture
transformation like blurring or other effects usually will destroy the hidden data All in all
LSB insertion is a very little robust technique for data hiding displacing them from the
original grid are likely to destroy the embedded
94Ease of detectionextraction
There is no theoretical outstanding mark of LSB insertion if not a little increase of
background noise Itrsquos very easy instead to extract LSBs even with simple programs and to
check them later to find if they mean something or not
95Suitability for steganography or watermarking
First of all since it is a so vulnerable technique even for simple processing LSB insertion is
almost useless for digital watermarking where it must face malicious attempts at its
destruction plus normal transformations like compressiondecompression or conversion to
analog (printing or visualization)conversion to digital (scanning) Its comparatively high data
rate can point it as a good technique for steganography where robustness is not such an
important constraint
96Problems and possible solutions
Having stated that LSB insertion is good for steganography we can try to improve one of its
major drawbacks the ease of extraction We donrsquot want that a malicious attacker be able to
read everything we are sending
This is usually accomplished with two complementary techniques
Encryption of the message so that who extracts it must also decrypt it before it makes
sense
Randomizing the placement of the bits using a cryptographical random function
(scattering) so that itrsquos almost impossible to rebuild the message without knowing the
seed for the random function
In this way the message is protected by two different keys acquiring much more
confidentiality than before This approach protects also the integrity of the message being
much more difficult (we could say at least computationally infeasible) to counterfeit the
message
20
Anyway since we donrsquot want our message to be only an encrypted and scrambled message
we must go back to the purpose of making the communication hidden
The two most important issues in this problem are
The choice of images
The choice of the format (24-bit or 8-bit compressed or not)
The cover image first of all must seem casual so it must be chosen between a set of subjects
that can have a reason to be exchanged between the source and the receiver Then it must
have quite varying colors it must be noisy so that the added noise is going to be covered
by the already present one Wide solid-color areas imagnify very much any little amount of
noise added to them Second there is a problem with the file size which involves the choice
of the format Unusually big files exchanged between two peers in fact are likely to arise
suspicion
To solve this problem it has been studied a modification to the JPEG algorithm that inserts
LSBs in some of the lossless stages or pilots the rounding of the coefficients of the DCT used
to compress the image to encode the bits Since we need to have small image file sizes we
should resort in using 8-bit images if we want to communicate using LSB insertion because
their size is more likely to be considered as normal
The problem with 256 colors images is that they make use of an indexed palette and
changing a LSB means that we switch a pixel from a position to an adjacent one If there are
adjacent contrasting colors in the palette it can happen that a pixel in the image changes its
color abruptly and the hidden message becomes visible
To solve this problem different methods have been studied like rearranging the palette so
that adjacent colors donrsquot contrast so much or even reducing the palette to a smaller number
of colors and replicating the same entry in the table in adjacent positions so that the
difference after the embedding of the message is not visible at all
Moreover for most images the reduction of colors from for instance 256 to 32 is hardly
visible Most of the experts anyway advise to use 8-bit grayscale images since their palette
is much less varying than the color one so LSB insertion is going to be very hard to detect by
the human eye
21
10SSIS - SPREAD SPECTRUM IMAGE STEGANOGRAPHY
Techniques of error-control coding image restoration and those similar to spread spectrum
communication are combined within the SSIS system The fundamental concept is the
embedding of the hidden information within noise which is then added to a digital cover
image This noise is typical of the noise inherent to the image acquisition process and if kept
at low levels is not perceptible to the human eye or by computer analysis without access to
the original image To successfully decode the message image restoration techniques and
error-control coding are employed Image restoration is used to obtain an approximate
estimate of the original cover image from the stegoimage This promotes the estimation of the
embedded signal that was added to the cover in addition to allowing SSIS to be a blind
steganography scheme
Finally because the noise is of low power and the restoration process is not perfect the
estimation of the embedded signal is poor resulting in an embedded signal bit error rate
(BER) that is rather high To compensate the message signal is processed by a low-rate
error-correcting code before embedding This conglomeration of communication and image
processing techniques provides a method of reliable blind image steganography
The major processes of the stegosystem encoder are portrayed Within the system the
message is optionally encrypted with key 1 and then encoded via a low-rate
errorcorrectingcode producing the encoded message Thesender enters key 2 into a wideband
pseudorandom noise generator producing a real-valued noise sequence sequently the
modulation scheme is used to combine the message with the noise sequence thereby
composing the embedded signal which is then input into an interleaver using key 3 This
signal is now added with the cover image to produce the stegoimage which is appropriately
quantized and clipped to preserve the initial dynamic range of the cover image The
stegoimage is then transmitted in some manner to the recipient At the receiver the
stegoimage is received by the recipient who maintains the same keys as the sender uses the
stegosystem decoder to extract the hidden information The decoder uses image restoration
techniques to produce an estimate of the original cover image from the received
stegoimage The difference between and
is fed into a keyed deinterleaver to construct an estimate of the embedded signal With key
2 the noise sequence is regenerated the encoded message is then demodulated and an
estimate of the encoded message is constructed The estimate of the message is then
22
decoded via the low-rate errorcontrol decoder optionally decrypted using key 1 and revealed
to the recipient
The interleaver in this scheme which reorders the embedded signal before it is added to the
cover image serves a dual function The first is to prevent a group or burst of errors This
allows the errors to occur almost independently within a codeword thus giving the error-
correcting code an equal chance at correcting the errors in all codewords Second since the
interleaver requires a key to stipulate the interleaving algorithm this key can serve as another
level of security to establish the proper order of the embedded signal before decoding
We point out this technique as an example for spread spectrum data-hiding methods Spread
spectrum techniques are now widely used in military radio communications due to their very
high robustness to detection and extraction SSIS is a quite mature process and its aim is to
achieve low detectability ease of extraction high data rate and good robustness to removal It
is based on spread spectrum techniques but it enhances them by adding other encoding steps
FigSSIS encoder
23
FigSSIS decoder
101Technique basics
The core of SSIS is a spread spectrum encoder These devices work by modulating a narrow
band signal over a carrier The carrierrsquos frequency is continually shifted using a
pseudorandom noise generator fed with a secret key In this way the spectral energy of the
signal is spread over a wide band thus decreasing its density usually under the noise level
To extract the embedded message the receiver must use the same key and noise generator to
tune on the right frequencies and demodulate the original signal A casual observer wonrsquot be
able even to detect the hidden communication since it is under the noise level
102Data Rate
The data rate for this technique can be fairly high but it depends on the choices made for the
different parameters of the encoding We can assume that the message will be compressed
before embedding to allow for a higher capacity The ECC encoder instead is going to insert
redundant data into the stream to be able to correct the errors The more errors we want to
correct the more bits will be added Then we have a tradeoff between good retrieval and
capacity If we can allow for small glitches in the recovered message then we can use a
weaker encoding
Moreover the more data we want to insert in the image the more noise we are going to add
to it Then if our cover is not noisy we will be able to hide very little data while if we
choose a noisy one its capacity will be higher Experiments with 512x512 grey scale images
(256 KB) could embed from 500 bytes to 5KB depending on the cover These experiments
used a spread spectrum signal powerful enough to give almost total error-free retrieval
because the compression method adopted didnrsquot allow for any errors This means a data rate
24
varying from 1 hidden-bytes50 cover-bytes to 10 hiddenbytes 50 cover-bytes a rate
surpassed only by LSB insertion
103Robustness
Spread spectrum techniques are usually quite robust Every transformation that adds noise to
the image isnrsquot able to destroy the message Anyway a determined attacker can quite easily
compromise the embedded data using some digital processing like for examplenoise
reduction filters the same that are used in decoding to estimate the original cover
104Ease of detectionextraction
Spread spectrum encoding is widely used in military communications for its robustness
against detection An attacker canrsquot usually even know if the message was embedded and
anyway it will be very hard for him to extract it without knowing the right key2 and key3
105Suitability for steganography or watermarking
Due to its fairly high capacity and low ease of detection and extraction SISS is very good for
steganography
106Problems and possible solutions
The basic tradeoff in using SSIS is between the error rate we can afford and the amount of
informations we want to embed that varies in turn the power of the added noise The ECC is
used to allow for a lower power without increasing the Bit Error Rate as well
Further improvements will deal with improving the original cover estimate stage so that itrsquoll
lead to a lower Bit Error Rate in the recovered signal allowing to use less redundant ECCs
The first is redundant encoding by dividing the cover into blocks and embedding the same
message in each of them so that the hidden data can be extracted even from a part of the
image as big as one block but the more of it we have the more certain we can be about the
result
Moreover they added to the spectrum a template that can through a log-polar transform
applied to the spectrum of the stegoimage determine the original scale factor and orientation
of the image rendering the stego-message virtually immune to scaling and rotation Finally
spread spectrum techniques can add an adaptive perceptual masking filter before the insertion
of the signal so that the added noise is quite sure to be under perceptual limits This
25
however will increase the error rate in the retrieval because it reduces the power of the
embedded signal
11Applications of Steganography
Steganography is applicable to but not limited to the following areas
1) Confidential communication and secret data storing
2) Protection of data alteration
3) Access control system for digital content distribution
4) Media Database systems
The area differs in what feature of the steganography is utilized in each system
111 Confidential communication and secret data storing
The secrecy of the embedded data is essential in this areaHistorically steganography have
been approached in this area Steganography provides us with
(A) Potential capability to hide the existence of confidential data
(B) Hardness of detecting the hidden (ie embedded) data
(C) Strengthening of the secrecy of the encrypted data
In practice when you use some steganography you must first select a vessel data according
to the size of the embedding data The vessel should be innocuous Then you embed the
confidential data by using an embedding program (which is one component of the
steganography software) together with some key When extracting you (or your party) use an
extracting program (another component) to recover the embedded data by the same key
( common key in terms of cryptography) In this case you need a key negotiation before
you start communication
Attaching a stego file to an e-mail message is the simplest example in this application area
But you and your party must do a sending-and-receiving action that could be noticed by a
third party So e-mailing is not a completely secret communication methodThere is an easy
method that has no key-negotiation We have a model of Anonymous Covert Mailing
System There is some other communication method that uses the Internet Webpage In this
26
method you dont need to send anything to your party and no one can detect your
communication
Each secrecy based application needs an embedding process which leaves the smallest
embedding evidence You may follow the following
(A) Choose a large vessel larger the better compared with the embedding data
(B) Discard the original vessel after embedding
For example in the case of Qtech Hide amp View it leaves some latent embedding evidence
even if the vessel has a very large embedding capacity You are recommended to embed only
25 or less (for PNG BMP output) of the maximum capacity or only 3 of the vessel size
(for JPEG output)
112 Protection of data alteration
We take advantage of the fragility of the embedded data in this application area
The embedded data can rather be fragile than be very robust Actually embedded data are
fragile in most steganography programs Especially Qtech Hide amp View program embeds
data in an extremely fragile manner However this fragility opens a new direction toward an
information-alteration protective system such as a Digital Certificate Document System
The most novel point among others is that no authentication bureau is needed If it is
implemented people can send their digital certificate data to any place in the world through
Internet No one can forge alter nor tamper such certificate data If forged altered or
tampered it is easily detected by the extraction program
Stated somewhat more formally the objective for making steganographic encoding difficult
to detect is to ensure that the changes to the carrier (the original signal) due to the injection of
the payload (the signal to covertly embed) are visually (and ideally statistically) negligible
that is to say the changes are indistinguishable from the noise floor of the carrier Any
medium can be a carrier but media with a large amount of redundant or compressible
information are better suited
From an information theoretical point of view this means that the channel must have more
capacity than the surface signal requires that is there must be redundancy For a digital
image this may be noise from the imaging element for digital audio it may be noise from
recording techniques or amplification equipment In general electronics that digitize an
analog signal suffer from several noise sources such as thermal noise flicker noise and shot
27
noise This noise provides enough variation in the captured digital information that it can be
exploited as a noise cover for hidden data In addition lossy compression schemes (such as
JPEG) always introduce some error into the decompressed data it is possible to exploit this
for steganographic use as well
Steganography can be used for digital watermarking where a message (being simply an
identifier) is hidden in an image so that its source can be tracked or verified (for example
Coded Anti-Piracy) or even just to identify an image (as in the EURion constellation)
113 Access control system for digital content distribution
In this area embedded data is hidden but is explained to publicize the contentToday
digital contents are getting more and more commonly distributed by Internet than ever before
For example music companies release new albums on their Webpage in a free or charged
manner However in this case all the contents are equally distributed to the people who
accessed the page So an ordinary Web distribution scheme is not suited for a case-by-case
and selective distribution Of course it is always possible to attach digital content to e-mail
messages and send to the customers But it will takes a lot of cost in time and labor
If you have some valuable content which you think it is okay to provide others if they really
need it and if it is possible to upload such content on the Web in some covert manner And if
you can issue a special access key to extract the content selectively you will be very happy
about it A steganographic scheme can help realize a this type of system
We have developed a prototype of an Access Control System for digital content
distribution through Internet The following steps explain the scheme
(1) A content owner classify hisher digital contents in a folder-by-folder manner and embed
the whole folders in some large vessel according to a steganographic method using folder
access keys and upload the embedded vessel (stego data) on hisher own Webpage
(2) On that Webpage the owner explains the contents in depth and publicize worldwide The
contact information to the owner (post mail address e-mail address phone number etc) will
be posted there
(3) The owner may receive an access-request from a customer who watched that Webpage In
that case the owner may (or may not) creates an access key and provide it to the customer
(free or charged)
28
In this mechanism the most important point is a selective extraction is possible or notWe
have already developed such a selective extraction program to implement the system
114 Media Database systems
In this application area of steganography secrecy is not important but unifying two types of
data into one is the most importantMedia data (photo picture movie music etc) have some
association with other information A photo picture for instance may have the following
(1) The title of the picture and some physical object information
(2) The date and the time when the picture was taken
(3) The camera and the photographers information
Formerly these are annotated beside the each picture in the albumRecently almost all
cameras are digitalized They are cheap in price easy to use quick to shoot They eventually
made people feel reluctant to work on annotating each picture Now most home PCs are
stuck with the huge amount of photo files In this situation it is very hard to find a specific
shot in the piles of pictures A photo album software may help a little You can sort the
pictures and put a couple of annotation words to each photo When you want to find a
specific picture you can make a search by keywords for the target picture However the
annotation data in such software are not unified with the target pictures Each annotation only
has a link to the picture Therefore when you transfer the pictures to a different album
software all the annotation data are lost
This problem is technically referred to as Metadata (eg annotation data) in a media
database system (a photo album software) are separated from the media data (photo data) in
the database managing system (DBMS) This is a big problem
Steganography can solve this problem because a steganography program unifies two types of
data into one by way of embedding operation So metadata can easily be transferred from
one system to another without hitch Specifically you can embed all your goodbad memory
(of your sight-seeing trip) in each snap shot of the digital photo You can either send the
embedded picture to your friend to extract your memory on hisher PC or you may keep it
silent in your own PC to enjoy extracting the memory ten years after If a motion picture
steganography system has been developed in the near future a keyword based movie-scene
retrieving system will be implemented It will be a step to a semantic movie retrieval system
29
12CONCLUSION
In this paper we tried to give an all-round view of steganography both used to exchange
messages and watermarking First we gave an outline of the problem telling also some of the
history of this quickly developing field Then we showed the different techniques invented
from the simplest to the more complex ones trying to evaluate them under many points of
view Major emphasis was put on data hiding in images for the techniques involved are
usually more mature than the corresponding ones for other kinds of informations Image
encoding algorithms can also be representative for manipulation of other types of media like
voice text binary files binary files communication channels etc
The strength of our system resides in the new concept of key image Involving two images
(the cover and the key) in place of only one (the cover) we are able to change the cover
coefficients randomly This opportunity does not give a steganalytic tool the chance of
searching for a predictable set of modifications The proposed approach has many
applications in hiding and coding messages within standard medias such as images or videos
As future work we intend to study steganalytic techniques for ISC and to extend ISC to
mobile video communication
Then we gave an outline of the problems involved with watermarking a field that has come
into light after the development of broadband worldwide digital networks Steganography and
digital watermarking are undergoing a development process similar to that of encryption
Steganographyrsquos niche in security is to supplement cryptography and not to replace it There
is a continuous invention of new techniques for steganography followed by successful
breakings and new improvements of them
30
13REFERENCES
Neil F Johnson Sushil Jajodia George Mason University Exploring
Steganography Seeing the Unseen IEEE Computers February 1998 pp 26-34
W Bender D Gruhl N Morimoto A Lu Techniques for Data Hiding IBM
Systems Journal Vol 35
Ross Anderson Roger Needham Adi Shamir The Steganographic File System 2nd
Information Hiding Workshop 1998
Ross J Anderson Fabien AP Petitcolas On the limits of steganographyrdquo
W Bender D Gruhl N Morimoto and A Lu ldquoTechniques for data hidingrdquo IBM
Syst J vol 35 1996
I J Cox J Kilian T Leighton and T Shamoon ldquoSecure spread spectrum
watermarking for images audio and videordquo in Proc IEEE Int Conf Image
Processing Lausanne Switzerland Sept 1996 vol 111 pp 243ndash246
D Kahn The CodebreakersmdashThe Story of Secret Writing New York Scribner
1967
F Johnson and S Jajodia ldquoExploring steganography Seeing the unseenrdquo IEEE
Computer Mag pp 26ndash34 Feb 1998
B Pfitzmann ldquoTrials of traced traitorsrdquo in Information Hiding First International
Workshop Lecture Notes in Computer Science R Anderson Ed Berlin Germany
Springer-Verlag 1996 vol 1 pp 49ndash64
J R Smith and B O Comisky ldquoModulation and information hiding in imagesrdquo in
Information Hiding First International Workshop Lecture Notes in Computer
Science R Anderson Ed Berlin Germany Springer-Verlag 1996 vol 1174 pp
207ndash226
L M Marvel and C G Boncelet Jr ldquoCapacity of the additive steganographic
channelrdquo submitted for publication
R van Schyndel A Tirkel and C Osborne ldquoA digital watermarkrdquo in Proc IEEE Int
Conf Image Processing 1994 vol 2 pp 86ndash90
R B Wolfgang and E J Delp ldquoA watermark for digital imagesrdquo in Proc IEEE Int
Conf Image Processing Lausanne Switzerland Sept 1996 vol 111 pp 219ndash222
31
- 84 Countermeasures and detection
- Detection of physical steganography requires careful physical examination including the use of magnification developer chemicals and ultraviolet light It is a time-consuming process with obvious resource implications even in countries where large numbers of people are employed to spy on their fellow nationals However it is feasible to screen mail of certain suspected individuals or institutions such as prisons or prisoner-of-war (POW) camps During World War II a technology used to ease monitoring of POW mail was specially treated paper that would reveal invisible ink An article in the June 24 1948 issue of Paper Trade Journal by the Technical Director of the United States Government Printing Office Morris S Kantrowitz describes in general terms the development of this paper three prototypes of which were named Sensicoat Anilith and Coatalith paper These were for the manufacture of post cards and stationery to be given to German prisoners of war in the US and Canada If POWs tried to write a hidden message the special paper would render it visible At least two US patents were granted related to this technology one to Mr Kantrowitz No 2515232 Water-Detecting paper and Water-Detecting Coating Composition Therefor patented July 18 1950 and an earlier one Moisture-Sensitive Paper and the Manufacture Thereof No 2445586 patented July 20 1948 A similar strategy is to issue prisoners with writing paper ruled with a water-soluble ink that runs when in contact with a water-based invisible ink
-
Fig Unifying model
Steganography deals with composing hidden messages so that only the sender and the
receiver know that the message even exists Since nobody except the sender and the receiver
knows the existence of the message it does not attract unwanted attention Steganography
was used even in ancient times and these ancient methods are called Physical Steganography
Some examples for these methods are messages hidden in messages body messages written
in secret inks messages written on envelopes in areas covered by stamps etc Modern
Steganography methods are called Digital Steganography These modern methods include
hiding messages within noisy images embedding a message within random data embedding
pictures with the message within video files etc Furthermore Network Steganography is
used in telecommunication networks This includes techniques like Steganophony (hiding a
message in Voice-over-IP conversations) and WLAN Steganography (methods for
transmitting Steganograms in Wireless Local Area Networks) there are three types of
cryptographic algorithms used called Symmetric key cryptography Public-key cryptography
and hash functions Symmetric key cryptography involves encryption methods where both
the sender and the receiver share the same key used to encrypt the data
4
Fig Mapping between model components
Steganography and cryptography are cousins in spy-craft family Cryptography scrambles a
message so it cannot be understood Steganography hides the message so it cannot be seen A
message in cipher text for instance might arouse suspicion on the part of the recipient while
an ldquoinvisiblerdquo message created with steganographic methods will not
In this way we can say that steganography completes cryptography and actually there are
usually two ciphers to break when trying to extract the embedded message one is the one
with which the message was embedded and the other is the one with which the message was
enciphered
Cryptography is the study of hiding information while Steganography deals with composing
hidden messages so that only the sender and the receiver know that the message even exists
In Steganography only the sender and the receiver know the existence of the message
whereas in cryptography the existence of the encrypted message is visible to the world Due
to this Steganography removes the unwanted attention coming to the hidden message
Cryptographic methods try to protect the content of a message while Steganography uses
methods that would hide both the message as well as the content By combining
Steganography and Cryptography one can achieve better security The major concern of
steganography is stealth because if an attacker either passive or active can detect the
presence of the message from that point he can try to extract it and if encrypted to decrypt
it The resistance to attempt at destruction or noise is not required since we consider the
5
sender and the receiver equally interested in exchanging messages so that they will try to
transmit the stego-medium in the best way they can If the stego-data can be transmitted over
the selected channel and this is usually the case with all the media that are used like images
or sounds then the embedded data will be preserved along with them
3Image based steganography
Embedding a message into an image requires two files The first is the innocent-looking
image that will hold the hidden information called the cover image The second file is the
messagemdashthe information to be hidden A message may be plain-text cipher-text other
images or anything that can be embedded in a bit stream When combined the cover image
and the embedded message make a stegoimage A stego-key (a type of password) may also
be used to hide then later decode the message Most steganography software recommends the
use of lossless 24-bit images such as BMP The next-best alternative to 24-bit images is 256-
coloror gray-scale images The most common of these are GIF files
Steganographic systems uses images as cover media because people often transmit digital
pictures over email and other Internet communication (egeBay)Moreoverafter
digitalizationimages contain the so-called quantization noise which provides space to embed
data (Westfeld and Pfitzmann 1999) In this article we will concentrate only on images as
carrier media
The modern formulation of steganography is often given in terms of the prisonersrsquo problem
(Simmons 1984 Kharrazi et al 2004) where Alice and Bob are two inmates who wish to
communicate in order to hatch an escape plan However all communication between them is
examined by the warden Wendy who will put them in solitary confinement at the slightest
suspicion of covert communication
Steganography was used even in ancient times and these ancient methods are called Physical
Steganography Some examples for these methods are messages hidden in messages body
messages written in secret inks messages written on envelopes in areas covered by stamps etc
Modern Steganography methods are called Digital Steganography
Specifically in the general model for steganography we have Alice (the sender) wishing to
send a secret message M to Bob (the receiver) in order to do this Alice chooses a cover
image CThe steganographic algorithm identifies Crsquos redundant bits (ie those that can be
modified without arising Wendyrsquos suspicion) then the embedding process creates a stego
6
image S by replacing these redundant bits with data from M S is transmitted over a public
channel (monitored by Wendy) and is received by Bob only if Wendy has no suspicion on it
Once Bob recovers S he can get M through the extracting process
Fig ISC embedded process
The embedding process represents the critical task for a steganographic system since S must
be as similar as possible to C for avoidingWendyrsquos intervention (Wendy acts for the
eavesdropper) Least significant bit (LSB) insertion is a common and simple approach to
embed information in a cover file it overwrites the LSB of a pixel with anMrsquos bit
Fig ISC extracting process
7
Unfortunately modifying the cover image changes its statistical properties so eavesdroppers
can detect the distortions in the resulting stego imagersquos statistical properties In fact the
embedding of high-entropy data (often due to encryption) changes the histogram of colour
frequencies in a predictable way (Provos and Honeyman 2003 Westfeld and Pfitzmann
1999) Westfeld (Westfeld 2001) proposed F5 an algorithm that does not overwrite LSB and
preserves the stego imagersquos statistical properties (see Sect 52) Since standard
steganographic systems do not provide strong message encryption they recommend to
encrypt M before embedding Because of this we have always to deal with a two-steps
protocol first we must cipher M (obtaining Mrsquo) and then we can embeded M in C
Figure shows the result of such comparison obtained using a JPEG cover set Cset of 20
images (1024 x 768 average size 330 KB) In every image of Cset we have embedded a
canto from Dantersquos Divina Commedia (about 5 KB for each canto) with a JPEG quality
factor set to 80 Only for ISC we also used the images of Cset as key images The mean
difference (in percentage) for every AC coefficient in the interval [minus88] is shown on the
yaxis in Fig 7 in particular the black columns represent the differences introduced by F5
embedding step while the white ones correspond to the number of modifications yielded by
ISC embedding process As one can notice the respective difference values are comparable
Em1 is a simplified version of ISC because actually ISC spreads M over the entire stego
image yielding the same embedding density everywhere In doing this ISC neither uses
permutative straddling nor matrix encoding but simply divides the nonzero coefficients array
in blocks of the same length If necessary only one of the coefficients in each block is
modified Furthermore ISC presents an on-line mechanism for correcting the statistical
deviations created by the embedding step If the message length is sufficiently short (ie it is
less than the number of AC nonzero coefficients) ISC transforms useless coefficients in
order to restore the original statistical properties characterizing the cover medium
As an example if ISC transforms an AC coefficient from -1 into -2 when it encounters the
first unused -2 it transforms this value in -1 in order to reequilibrate the histogram Naturally
the more information we embed in the cover image the less ISC can correct the introduced
modifications If we choose a 24-bit image as cover we can store 3 bits in each pixel To the
human eye the resulting stego image will look identical to the cover image (Johnson and
Jajodia 1998)
8
Fig ISC technique
In the next sections we will present a new all-in one method able to perform steganography
providing strong encryption at the same time Our method has been planned either to work
with bit streams scattered over multiple images (in an online way of functioning) or to work
with still images it yields random outputs in order to make steganalysis more difficult and it
can cipher M in a theoretically secure manner preserving the stego imagersquos statistical
propertiesThe simplicity of our method gives the possibility of using it in real-time
applications such as mobile video communication
4Some history
The first description of the use of steganography dates back to the Greeks Herodotus tells
how a message was passed to the Greeks about Xersesrsquo hostile intentions underneath the wax
of a writing tablet and describes a technique of dotting successive letters in a cover text with
a secret ink due to Aeneas the Tactician Pirate legends tell of the practice of tattooing secret
information such as a map on the head of someone so that the hair would conceal it
Steganography is the art and science of writing hidden messages in such a way that no one
apart from the sender and intended recipient suspects the existence of the message a form of
security through obscurity The word steganography is of Greek origin and means concealed
writing from the Greek words steganos meaning covered or protected and graphei
9
(γραφή) meaning writing The first recorded use of the term was in 1499 by Johannes
Trithemius in his Steganographia a treatise on cryptography and steganography disguised as
a book on magic Generally messages will appear to be something else images articles
shopping lists or some other covertext and classically the hidden message may be in
invisible ink between the visible lines of a private letter
The advantage of steganography over cryptography alone is that messages do not attract
attention to themselves Plainly visible encrypted messagesmdashno matter how unbreakablemdash
will arouse suspicion and may in themselves be incriminating in countries where encryption
is illegal[1] Therefore whereas cryptography protects the contents of a message
steganography can be said to protect both messages and communicating parties
Steganography includes the concealment of information within computer files In digital
steganography electronic communications may include steganographic coding inside of a
transport layer such as a document file image file program or protocol Media files are ideal
for steganographic transmission because of their large size As a simple example a sender
might start with an innocuous image file and adjust the color of every 100th pixel to
correspond to a letter in the alphabet a change so subtle that someone not specifically
looking for it is unlikely to notice it
Kahn tells of a trick used in China of embedding a code ideogram at a prearranged position in
a dispatch a similar idea led to the grille system used in medieval Europe where a wooden
template would be placed over a seemingly innocuous text highlighting an embedded secret
message Invisible ink offered a common form of invisible writing
Early in WWII steganographic technology consisted almost exclusively of these inks With
invisible ink a seemingly innocent letter could contain a very different message written
between the lines During WWII the grille spies used method or some variants In the same
period the Germans developed microdot technology which prints a clear good quality
photograph shrinking it to the size of a dot During the Cold War period USSR and US
wanted to hide their sensors in the enemyrsquos facilities These devices had to send data to their
nations without being spotted
5SOME DEFINITIONS
We give some definitions common to the steganography field
10
Cover medium This is the medium in which we want to hide data it can be an innocent
looking piece of information for steganography or some important medium that must be
protected for copyright or integrity reasons
Embedded message This is the hidden message we want to put in the cover It can be some
data for steganography and some copyright informations or added content for digital
watermarking
Stegokey This is represented by some secret information which is needed in order to extract
the embedded message from the stegomedium
Stego-medium This is the final piece of information that the casual observer can see
We can define this simple formula
Cover-medium + embedded-message = stego-message
6BASIC METHOD BEHIND STEGANOGRAPHY
FigSteganography process
7IMAGE FILES
To a computer an image is an array of numbers that represent an array of numbers that
represent light intensities at various points or pixels These pixels make up the imagersquos raster
data A common image size is 640 480 and 256 colors (or 8 bits per pixel) Such an image
could contain about 300 kb of data Digital images are typically stored as either 24-bit or 8-
11
bit files A 24-bit image provides the most space for hiding information however it can be
quite large except for the JPEG images A 24-bit image of 1024 pixels width and 768 pixels
height has more than two million pixels each having 24-bits which would produce a file
exceeding 2 Mega bytes Such a file would attract attention during transmission File
compression would thus be beneficial if not necessary to transmit such a file
71File compression
There are two types of file compression methods- lossless and lossy Both methods save
storage space but have different results interfering with the hidden information when
information is uncompressed Lossless compression lets us reconstruct the original message
exactly therefore it is preferred when the original information must remain intact (as with
steganographic images) Lossless compression as typical of images saved as GIF and 8-bit
BMP Lossless compression on the other hand saves space but may not maintain the original
imagersquos integrity This method typifies images saved as JPEG Due to the lossy compression
algorithm which we discuss later the JPEG formats provide close approximations to high-
quality digital photographs but not an exact duplicate Hence the term ldquolossy compressionrdquo
72Embedding data
Embedding data which is to be hidden into an image requires two files The first is the
innocent looking image that will hold the hidden information called the cover image The
second file is the message- the information to be hidden A message may be plain text cipher
text other images or anything that can be embedded in a bit stream when combined the
cover image and the embedded message make a stego- image A stego-key (a type of
password) may also be used to hide and then later decode the message
Most steganographic software neither supports not recommends using JPEG images But
recommends instead the use of lossless 24-bit images such as BMP The next best alternative
to 24-bit images is 256- color or gray scale images The most common of these found on the
Internet are GIF files
Every AC coefficient in the interval [minus88] is shown on the yaxis in Fig 7 in particular the
black columns represent the differences introduced by F5 embedding step while the white
ones correspond to the number of modifications yielded by ISC embedding process
12
Fig ISC for JPEG sequence(Embedded step)
FigISC for JPEG sequence(Extracting step)
In 8-bit color images such as GIF files each pixel is represented by a single byte and each
pixel nearly points to a color index able (a palette) with 256 possible colors The pixels value
is between 0 and 255 The software simply paints the indicated color on the screen at the
selected pixel position
Many steganography experts recommend the use of images featuring 256 shades of grapy
Gray scale images are preferred because the shades change very gradually from byte to byte
and the less the value changes between palette entries the better they can hide information
13
When considering an image in which to hide information you must consider the image as
well as the palette Obviously an image with large areas of solid colors is a poor choice as
variances created from the embedded massage will be noticeable in the solid areas
73 Data embedded security system
The choice of embedding algorithm in the most cases is driven by the results of the
steganographic channel robustness analysis One of the areas that improves steganographic
robustness is usage of a key scheme for embedding messagesVarious key steganographic
schemes have various levels of protection Key scheme term means a procedure of how to use
key steganographic system based on the extent of its use However when the steganographic
robustness is increased a bandwidth of the whole embedding system is decreased Therefore
the task of a scheme selection for achieving the optimal values of the steganographic system
is not trivial
Embedding messages in steganographic system can be carried out without use of a key or
with use of a key To improve steganographic robustness key can be used as a verification
option It can make an impact on the distribution of bits of a message within a container as
well as an impact on the procedure of forming a sequence of embedded bits of a message
The first level of protection is determined only by the choice of embedding algorithm This
may be the least significant bits modification algorithm or algorithms for modifying the
frequency or spatial-temporal characteristics of the container The first level of protection is
presented in any steganographic channel Steganographic system in this case can be
represented as shown at The First Protection Level Scheme figure There following notations
are used c - is a container file F - steganographic channel space (frequency orand amplitude
container part that is available for steganographic modification and message signal
transmission) SC - steganographic system m - message to be embedded E - embedding
method ĉ - modified container file
The second protection level of the steganographic system as well as all levels of protection
of the higher orders is characterized by the use of Key (password) via steganographic
modification An example of a simple key scheme which provides a second level of
protection is to write the unmodified or modified password in the top or bottom of the
message or the distribution of the password sign on the entire length of the steganographic
channel Such key schemes do not affect the distribution of messages through the container
and do not use a message preprocessing according to the defined key (see figure The Second
14
Protection Level Scheme) This kind of steganographic systems are used in such tasks as for
instance adding a digital signature for proof of copyright Data embedding performance is
not changed in comparison with the fastest approach of the first protection level usage
Steganographic data channels that use key schemes based distribution of a message through
the container and or preprocessing of an embedded message for data hiding are more secure
When the third protection level key scheme is used it affects the distribution of a message
through the container (see figure The Third Protection Level Scheme where F(P L) ndash
distribution function of a message within a container P ndash minimum number of container
samples that are needed to embed one message sample L ndash step of a message distribution
within a container) Accordingly the performance of container processing will be lower than
in the case of the first and the second key schemes Taking into account that PgeL the
simplest representation of the F(P L) function could be as following
F(P L) = cycleL + stepP
where cycle is a number of the current L section and step is a number of the embedded
message sample
The difference between the fourth protection level scheme and the third one is that in
steganographic system there are two distribution functions of a message within a container
are used The first is responsible for a message samples selection according to some function
G(Q N) and the second function F(P L) is responsible for position selection in a container
for message sample hiding Here Q ndash the size of message block to be inserted N ndash the size (in
bits) of one sample of the message file (see figure The Fourth Protection Level Scheme)
8CONCEALMENT IN DIGITAL IMAGES
Information can be hidden many different ways in images To hide information straight
message insertion may encode every bit of information in the message or selectively embed
the message in ldquonoisyrdquo areas that draw less attention- those areas where there is a great deal
of natural color variation The message may also be scattered randomly throughout the
image Redundant pattern encoding ldquowallpapersrdquo the cover image with the message
Image based Steganography is the most popular method for message concealment In this
paper two techniques are proposed for enhancing the message secrecy using image based
steganography The first technique is based on the use of punctuation marks to encode a
secret message before embedding it into the image file The second technique is based on the
15
use of modified scytale cipher to hide a secret message in an image file Both of these
techniques have been implemented and tested using the S-Tools software package The
original and stego-images both are shown for the purpose of comparison
A number of ways exist to hide information in digital images Common approaches include
1048766 Least significant bit (LSB) insertion
1048766 Masking and filtering
1048766 Algorithms and transformations
81Least significant bit insertion
Least significant Bit insertion is a common simple approach to embedding information in a
cover file To hide an image in the LSBs of each byte of a 24-bit image you can store 3 bits
in each pixel A 1024 768 image has the potential to hide a total of 2359296 bits of
information Ti you compress the message to be hidden before you embed it you can hide a
large amount of information To the human eye the resulting stego-image will look identical
to the cover image
82Masking and Filtering
Masking and filtering techniques usually restricted to 24-bit and tray-scale images hide
information by marking an image in a manner similar to paper watermarks Watermarking
techniques may be applied without fear of image destruction due to lossy compression
because they are more integrated into the image
Visible watermarks are not steganography by definition The difference is primarily one of
intent Traditional steganography conceals information watermarks extend information and
become an attribute of the cover image Digital watermarks may include such information as
copyright ownership or license In steganography the object of communication is the hidden
message In digital watermarking the object of communication is the cover
To create a watermarked image we increase the luminance of the masked area by 15
percent If we were to change the luminance by a smaller percentage the mask would be
undetected by the human eye Now we can use the watermarked image to hide plaintext or
encoded information
Masking is more robust than LSB insertion with respect to compression cropping and some
image processing Masking techniques embed information in more significant areas so that
16
the hidden message is more integral to the cover image than just hiding it in the ldquonoiserdquo level
This makes it more suitable than LSB with lossy JPEG images
83Algorithms and Transformations
LSB manipulation is a quick and easy way to hide information but is vulnerable to small
changes resulting from image processing or lossy compression Such compression is a key
advantage that JPEG images have over other formats High quality images can be stored in
relatively small files using JPEG compression method
One steganographic method that integrates the compression algorithm for hiding the
information is Jpeg-Jsteg Jpeg-Jsteg creates a JPEG stego image from the input of a message
to be hidden and a lossless cover mage
Another method used in Patchwork and similar techniques is the redundant pattern encoding
Here the hidden information is scattered throughout the cover mage These approaches may
help protect against image processing such as cropping and rotations and they hide
information more thoroughly than by simply masking They also support image manipulation
more readily than tools that rely on LSB In using redundant pattern encoding you must trade
off message size against robustness A large message may be embedded only once because it
would occupy a much greater portion of the image area
Other techniques encrypt and scatter the hidden data throughout an image Scattering the
message makes it appear more like noise Proponents of this approach assume that even if the
message bits are extracted they will be useless without the algorithm and stego-key to
decode them Scattering and encryption helps protect against hidden message extraction but
not against message destruction through image processing A scattered message in the
imagersquos LSBs is still as vulnerable to destruction from lossy compression and image
processing as is a clear text message inserted in the LSBs
84 Countermeasures and detection
Detection of physical steganography requires careful physical examination including the use
of magnification developer chemicals and ultraviolet light It is a time-consuming process
with obvious resource implications even in countries where large numbers of people are
employed to spy on their fellow nationals However it is feasible to screen mail of certain
suspected individuals or institutions such as prisons or prisoner-of-war (POW) camps
During World War II a technology used to ease monitoring of POW mail was specially
17
treated paper that would reveal invisible ink An article in the June 24 1948 issue of Paper
Trade Journal by the Technical Director of the United States Government Printing Office
Morris S Kantrowitz describes in general terms the development of this paper three
prototypes of which were named Sensicoat Anilith and Coatalith paper These were for the
manufacture of post cards and stationery to be given to German prisoners of war in the US
and Canada If POWs tried to write a hidden message the special paper would render it
visible At least two US patents were granted related to this technology one to Mr
Kantrowitz No 2515232 Water-Detecting paper and Water-Detecting Coating
Composition Therefor patented July 18 1950 and an earlier one Moisture-Sensitive Paper
and the Manufacture Thereof No 2445586 patented July 20 1948 A similar strategy is to
issue prisoners with writing paper ruled with a water-soluble ink that runs when in contact
with a water-based invisible ink
In computing detection of steganographically encoded packages is called steganalysis The
simplest method to detect modified files however is to compare them to known originals
For example to detect information being moved through the graphics on a website an analyst
can maintain known-clean copies of these materials and compare them against the current
contents of the site The differences assuming the carrier is the same will compose the
payload In general using extremely high compression rate makes steganography difficult
but not impossible While compression errors provide a hiding place for data high
compression reduces the amount of data available to hide the payload in raising the encoding
density and facilitating easier detection (in the extreme case even by casual observation)
9 LEAST SIGNIFICANT BIT (LSB) INSERTION
91Technique basics
Today when converting an analog image to digital format we usually choose between three
different ways of representing colors
1048766 24-bit color every pixel can have one in 2^24 colors and these are represented as different
quantities of three basic colors red (R) green (G) blue (B) given by 8 bits (256 values)
each
18
1048766 8-bit color every pixel can have one in 256 (2^8) colors chosen from a palette or a table
of colors
1048766 8-bit gray-scale every pixel can have one in 256 (2^8) shades of gray
LSB insertion modifies the LSBs of each color in 24-bit images or the LSBs of the 8-bit
value for 8-bit images
92Data Rate
The most basic of LSBs insertion for 24-bit pictures inserts 3 bitspixel Since every pixel is
24 bits we can hide
3 hidden-bitspixel 24 data-bitspixel = 18 hidden-bitsdatabits
So for this case we hide 1 bit of the embedded message for every 8 bits of the cover image If
we pushed the insertion to include the second LSBs the formula would change to
6 hidden-bitspixel 24 data-bitspixel = 28 hidden-bitsdatabits
And we would hide 2 bits of the embedded message for every 8 bits of the cover image
Adding a third-bit insertion we would get
9 hidden-bitspixel 24 data-bitspixel = 38 hidden-bitsdatabits
Acquiring a data rate of 3 embedded bits every 8 bits of the image The data rate for insertion
in 8-bit images is analogous to the 1 LSB insertion in 24-bit images or 1 embedded bit every
8 cover bits We can see the problem in another light and ask how many cover bytes are
needed to send an embedded byte
For 1-LSB insertion in 24-bit images or in 8-bit images this value would be 818 = 8 Bytes
For 2-LSBs insertion in 24-bit pictures it would be 828 = 4 Bytes for 3-LSBs insertion it
would be 838 = 2133 Bytes
93Robustness
LSB insertion is very vulnerable to a lot of transformationseven the most harmless and usual
ones Lossy compression eg JPEG is very likely to destroy it completely The problem is
that the holes in the Human Visual System that LSB insertion tries to exploit ndash little
sensitivity to added noise - are the same that lossy compression algorithms rely on to be able
to reduce the data rate of images
19
Geometrical transformations moving the pixels around and especially message and the only
one that could allow recovery is a simple translation Any other kind of picture
transformation like blurring or other effects usually will destroy the hidden data All in all
LSB insertion is a very little robust technique for data hiding displacing them from the
original grid are likely to destroy the embedded
94Ease of detectionextraction
There is no theoretical outstanding mark of LSB insertion if not a little increase of
background noise Itrsquos very easy instead to extract LSBs even with simple programs and to
check them later to find if they mean something or not
95Suitability for steganography or watermarking
First of all since it is a so vulnerable technique even for simple processing LSB insertion is
almost useless for digital watermarking where it must face malicious attempts at its
destruction plus normal transformations like compressiondecompression or conversion to
analog (printing or visualization)conversion to digital (scanning) Its comparatively high data
rate can point it as a good technique for steganography where robustness is not such an
important constraint
96Problems and possible solutions
Having stated that LSB insertion is good for steganography we can try to improve one of its
major drawbacks the ease of extraction We donrsquot want that a malicious attacker be able to
read everything we are sending
This is usually accomplished with two complementary techniques
Encryption of the message so that who extracts it must also decrypt it before it makes
sense
Randomizing the placement of the bits using a cryptographical random function
(scattering) so that itrsquos almost impossible to rebuild the message without knowing the
seed for the random function
In this way the message is protected by two different keys acquiring much more
confidentiality than before This approach protects also the integrity of the message being
much more difficult (we could say at least computationally infeasible) to counterfeit the
message
20
Anyway since we donrsquot want our message to be only an encrypted and scrambled message
we must go back to the purpose of making the communication hidden
The two most important issues in this problem are
The choice of images
The choice of the format (24-bit or 8-bit compressed or not)
The cover image first of all must seem casual so it must be chosen between a set of subjects
that can have a reason to be exchanged between the source and the receiver Then it must
have quite varying colors it must be noisy so that the added noise is going to be covered
by the already present one Wide solid-color areas imagnify very much any little amount of
noise added to them Second there is a problem with the file size which involves the choice
of the format Unusually big files exchanged between two peers in fact are likely to arise
suspicion
To solve this problem it has been studied a modification to the JPEG algorithm that inserts
LSBs in some of the lossless stages or pilots the rounding of the coefficients of the DCT used
to compress the image to encode the bits Since we need to have small image file sizes we
should resort in using 8-bit images if we want to communicate using LSB insertion because
their size is more likely to be considered as normal
The problem with 256 colors images is that they make use of an indexed palette and
changing a LSB means that we switch a pixel from a position to an adjacent one If there are
adjacent contrasting colors in the palette it can happen that a pixel in the image changes its
color abruptly and the hidden message becomes visible
To solve this problem different methods have been studied like rearranging the palette so
that adjacent colors donrsquot contrast so much or even reducing the palette to a smaller number
of colors and replicating the same entry in the table in adjacent positions so that the
difference after the embedding of the message is not visible at all
Moreover for most images the reduction of colors from for instance 256 to 32 is hardly
visible Most of the experts anyway advise to use 8-bit grayscale images since their palette
is much less varying than the color one so LSB insertion is going to be very hard to detect by
the human eye
21
10SSIS - SPREAD SPECTRUM IMAGE STEGANOGRAPHY
Techniques of error-control coding image restoration and those similar to spread spectrum
communication are combined within the SSIS system The fundamental concept is the
embedding of the hidden information within noise which is then added to a digital cover
image This noise is typical of the noise inherent to the image acquisition process and if kept
at low levels is not perceptible to the human eye or by computer analysis without access to
the original image To successfully decode the message image restoration techniques and
error-control coding are employed Image restoration is used to obtain an approximate
estimate of the original cover image from the stegoimage This promotes the estimation of the
embedded signal that was added to the cover in addition to allowing SSIS to be a blind
steganography scheme
Finally because the noise is of low power and the restoration process is not perfect the
estimation of the embedded signal is poor resulting in an embedded signal bit error rate
(BER) that is rather high To compensate the message signal is processed by a low-rate
error-correcting code before embedding This conglomeration of communication and image
processing techniques provides a method of reliable blind image steganography
The major processes of the stegosystem encoder are portrayed Within the system the
message is optionally encrypted with key 1 and then encoded via a low-rate
errorcorrectingcode producing the encoded message Thesender enters key 2 into a wideband
pseudorandom noise generator producing a real-valued noise sequence sequently the
modulation scheme is used to combine the message with the noise sequence thereby
composing the embedded signal which is then input into an interleaver using key 3 This
signal is now added with the cover image to produce the stegoimage which is appropriately
quantized and clipped to preserve the initial dynamic range of the cover image The
stegoimage is then transmitted in some manner to the recipient At the receiver the
stegoimage is received by the recipient who maintains the same keys as the sender uses the
stegosystem decoder to extract the hidden information The decoder uses image restoration
techniques to produce an estimate of the original cover image from the received
stegoimage The difference between and
is fed into a keyed deinterleaver to construct an estimate of the embedded signal With key
2 the noise sequence is regenerated the encoded message is then demodulated and an
estimate of the encoded message is constructed The estimate of the message is then
22
decoded via the low-rate errorcontrol decoder optionally decrypted using key 1 and revealed
to the recipient
The interleaver in this scheme which reorders the embedded signal before it is added to the
cover image serves a dual function The first is to prevent a group or burst of errors This
allows the errors to occur almost independently within a codeword thus giving the error-
correcting code an equal chance at correcting the errors in all codewords Second since the
interleaver requires a key to stipulate the interleaving algorithm this key can serve as another
level of security to establish the proper order of the embedded signal before decoding
We point out this technique as an example for spread spectrum data-hiding methods Spread
spectrum techniques are now widely used in military radio communications due to their very
high robustness to detection and extraction SSIS is a quite mature process and its aim is to
achieve low detectability ease of extraction high data rate and good robustness to removal It
is based on spread spectrum techniques but it enhances them by adding other encoding steps
FigSSIS encoder
23
FigSSIS decoder
101Technique basics
The core of SSIS is a spread spectrum encoder These devices work by modulating a narrow
band signal over a carrier The carrierrsquos frequency is continually shifted using a
pseudorandom noise generator fed with a secret key In this way the spectral energy of the
signal is spread over a wide band thus decreasing its density usually under the noise level
To extract the embedded message the receiver must use the same key and noise generator to
tune on the right frequencies and demodulate the original signal A casual observer wonrsquot be
able even to detect the hidden communication since it is under the noise level
102Data Rate
The data rate for this technique can be fairly high but it depends on the choices made for the
different parameters of the encoding We can assume that the message will be compressed
before embedding to allow for a higher capacity The ECC encoder instead is going to insert
redundant data into the stream to be able to correct the errors The more errors we want to
correct the more bits will be added Then we have a tradeoff between good retrieval and
capacity If we can allow for small glitches in the recovered message then we can use a
weaker encoding
Moreover the more data we want to insert in the image the more noise we are going to add
to it Then if our cover is not noisy we will be able to hide very little data while if we
choose a noisy one its capacity will be higher Experiments with 512x512 grey scale images
(256 KB) could embed from 500 bytes to 5KB depending on the cover These experiments
used a spread spectrum signal powerful enough to give almost total error-free retrieval
because the compression method adopted didnrsquot allow for any errors This means a data rate
24
varying from 1 hidden-bytes50 cover-bytes to 10 hiddenbytes 50 cover-bytes a rate
surpassed only by LSB insertion
103Robustness
Spread spectrum techniques are usually quite robust Every transformation that adds noise to
the image isnrsquot able to destroy the message Anyway a determined attacker can quite easily
compromise the embedded data using some digital processing like for examplenoise
reduction filters the same that are used in decoding to estimate the original cover
104Ease of detectionextraction
Spread spectrum encoding is widely used in military communications for its robustness
against detection An attacker canrsquot usually even know if the message was embedded and
anyway it will be very hard for him to extract it without knowing the right key2 and key3
105Suitability for steganography or watermarking
Due to its fairly high capacity and low ease of detection and extraction SISS is very good for
steganography
106Problems and possible solutions
The basic tradeoff in using SSIS is between the error rate we can afford and the amount of
informations we want to embed that varies in turn the power of the added noise The ECC is
used to allow for a lower power without increasing the Bit Error Rate as well
Further improvements will deal with improving the original cover estimate stage so that itrsquoll
lead to a lower Bit Error Rate in the recovered signal allowing to use less redundant ECCs
The first is redundant encoding by dividing the cover into blocks and embedding the same
message in each of them so that the hidden data can be extracted even from a part of the
image as big as one block but the more of it we have the more certain we can be about the
result
Moreover they added to the spectrum a template that can through a log-polar transform
applied to the spectrum of the stegoimage determine the original scale factor and orientation
of the image rendering the stego-message virtually immune to scaling and rotation Finally
spread spectrum techniques can add an adaptive perceptual masking filter before the insertion
of the signal so that the added noise is quite sure to be under perceptual limits This
25
however will increase the error rate in the retrieval because it reduces the power of the
embedded signal
11Applications of Steganography
Steganography is applicable to but not limited to the following areas
1) Confidential communication and secret data storing
2) Protection of data alteration
3) Access control system for digital content distribution
4) Media Database systems
The area differs in what feature of the steganography is utilized in each system
111 Confidential communication and secret data storing
The secrecy of the embedded data is essential in this areaHistorically steganography have
been approached in this area Steganography provides us with
(A) Potential capability to hide the existence of confidential data
(B) Hardness of detecting the hidden (ie embedded) data
(C) Strengthening of the secrecy of the encrypted data
In practice when you use some steganography you must first select a vessel data according
to the size of the embedding data The vessel should be innocuous Then you embed the
confidential data by using an embedding program (which is one component of the
steganography software) together with some key When extracting you (or your party) use an
extracting program (another component) to recover the embedded data by the same key
( common key in terms of cryptography) In this case you need a key negotiation before
you start communication
Attaching a stego file to an e-mail message is the simplest example in this application area
But you and your party must do a sending-and-receiving action that could be noticed by a
third party So e-mailing is not a completely secret communication methodThere is an easy
method that has no key-negotiation We have a model of Anonymous Covert Mailing
System There is some other communication method that uses the Internet Webpage In this
26
method you dont need to send anything to your party and no one can detect your
communication
Each secrecy based application needs an embedding process which leaves the smallest
embedding evidence You may follow the following
(A) Choose a large vessel larger the better compared with the embedding data
(B) Discard the original vessel after embedding
For example in the case of Qtech Hide amp View it leaves some latent embedding evidence
even if the vessel has a very large embedding capacity You are recommended to embed only
25 or less (for PNG BMP output) of the maximum capacity or only 3 of the vessel size
(for JPEG output)
112 Protection of data alteration
We take advantage of the fragility of the embedded data in this application area
The embedded data can rather be fragile than be very robust Actually embedded data are
fragile in most steganography programs Especially Qtech Hide amp View program embeds
data in an extremely fragile manner However this fragility opens a new direction toward an
information-alteration protective system such as a Digital Certificate Document System
The most novel point among others is that no authentication bureau is needed If it is
implemented people can send their digital certificate data to any place in the world through
Internet No one can forge alter nor tamper such certificate data If forged altered or
tampered it is easily detected by the extraction program
Stated somewhat more formally the objective for making steganographic encoding difficult
to detect is to ensure that the changes to the carrier (the original signal) due to the injection of
the payload (the signal to covertly embed) are visually (and ideally statistically) negligible
that is to say the changes are indistinguishable from the noise floor of the carrier Any
medium can be a carrier but media with a large amount of redundant or compressible
information are better suited
From an information theoretical point of view this means that the channel must have more
capacity than the surface signal requires that is there must be redundancy For a digital
image this may be noise from the imaging element for digital audio it may be noise from
recording techniques or amplification equipment In general electronics that digitize an
analog signal suffer from several noise sources such as thermal noise flicker noise and shot
27
noise This noise provides enough variation in the captured digital information that it can be
exploited as a noise cover for hidden data In addition lossy compression schemes (such as
JPEG) always introduce some error into the decompressed data it is possible to exploit this
for steganographic use as well
Steganography can be used for digital watermarking where a message (being simply an
identifier) is hidden in an image so that its source can be tracked or verified (for example
Coded Anti-Piracy) or even just to identify an image (as in the EURion constellation)
113 Access control system for digital content distribution
In this area embedded data is hidden but is explained to publicize the contentToday
digital contents are getting more and more commonly distributed by Internet than ever before
For example music companies release new albums on their Webpage in a free or charged
manner However in this case all the contents are equally distributed to the people who
accessed the page So an ordinary Web distribution scheme is not suited for a case-by-case
and selective distribution Of course it is always possible to attach digital content to e-mail
messages and send to the customers But it will takes a lot of cost in time and labor
If you have some valuable content which you think it is okay to provide others if they really
need it and if it is possible to upload such content on the Web in some covert manner And if
you can issue a special access key to extract the content selectively you will be very happy
about it A steganographic scheme can help realize a this type of system
We have developed a prototype of an Access Control System for digital content
distribution through Internet The following steps explain the scheme
(1) A content owner classify hisher digital contents in a folder-by-folder manner and embed
the whole folders in some large vessel according to a steganographic method using folder
access keys and upload the embedded vessel (stego data) on hisher own Webpage
(2) On that Webpage the owner explains the contents in depth and publicize worldwide The
contact information to the owner (post mail address e-mail address phone number etc) will
be posted there
(3) The owner may receive an access-request from a customer who watched that Webpage In
that case the owner may (or may not) creates an access key and provide it to the customer
(free or charged)
28
In this mechanism the most important point is a selective extraction is possible or notWe
have already developed such a selective extraction program to implement the system
114 Media Database systems
In this application area of steganography secrecy is not important but unifying two types of
data into one is the most importantMedia data (photo picture movie music etc) have some
association with other information A photo picture for instance may have the following
(1) The title of the picture and some physical object information
(2) The date and the time when the picture was taken
(3) The camera and the photographers information
Formerly these are annotated beside the each picture in the albumRecently almost all
cameras are digitalized They are cheap in price easy to use quick to shoot They eventually
made people feel reluctant to work on annotating each picture Now most home PCs are
stuck with the huge amount of photo files In this situation it is very hard to find a specific
shot in the piles of pictures A photo album software may help a little You can sort the
pictures and put a couple of annotation words to each photo When you want to find a
specific picture you can make a search by keywords for the target picture However the
annotation data in such software are not unified with the target pictures Each annotation only
has a link to the picture Therefore when you transfer the pictures to a different album
software all the annotation data are lost
This problem is technically referred to as Metadata (eg annotation data) in a media
database system (a photo album software) are separated from the media data (photo data) in
the database managing system (DBMS) This is a big problem
Steganography can solve this problem because a steganography program unifies two types of
data into one by way of embedding operation So metadata can easily be transferred from
one system to another without hitch Specifically you can embed all your goodbad memory
(of your sight-seeing trip) in each snap shot of the digital photo You can either send the
embedded picture to your friend to extract your memory on hisher PC or you may keep it
silent in your own PC to enjoy extracting the memory ten years after If a motion picture
steganography system has been developed in the near future a keyword based movie-scene
retrieving system will be implemented It will be a step to a semantic movie retrieval system
29
12CONCLUSION
In this paper we tried to give an all-round view of steganography both used to exchange
messages and watermarking First we gave an outline of the problem telling also some of the
history of this quickly developing field Then we showed the different techniques invented
from the simplest to the more complex ones trying to evaluate them under many points of
view Major emphasis was put on data hiding in images for the techniques involved are
usually more mature than the corresponding ones for other kinds of informations Image
encoding algorithms can also be representative for manipulation of other types of media like
voice text binary files binary files communication channels etc
The strength of our system resides in the new concept of key image Involving two images
(the cover and the key) in place of only one (the cover) we are able to change the cover
coefficients randomly This opportunity does not give a steganalytic tool the chance of
searching for a predictable set of modifications The proposed approach has many
applications in hiding and coding messages within standard medias such as images or videos
As future work we intend to study steganalytic techniques for ISC and to extend ISC to
mobile video communication
Then we gave an outline of the problems involved with watermarking a field that has come
into light after the development of broadband worldwide digital networks Steganography and
digital watermarking are undergoing a development process similar to that of encryption
Steganographyrsquos niche in security is to supplement cryptography and not to replace it There
is a continuous invention of new techniques for steganography followed by successful
breakings and new improvements of them
30
13REFERENCES
Neil F Johnson Sushil Jajodia George Mason University Exploring
Steganography Seeing the Unseen IEEE Computers February 1998 pp 26-34
W Bender D Gruhl N Morimoto A Lu Techniques for Data Hiding IBM
Systems Journal Vol 35
Ross Anderson Roger Needham Adi Shamir The Steganographic File System 2nd
Information Hiding Workshop 1998
Ross J Anderson Fabien AP Petitcolas On the limits of steganographyrdquo
W Bender D Gruhl N Morimoto and A Lu ldquoTechniques for data hidingrdquo IBM
Syst J vol 35 1996
I J Cox J Kilian T Leighton and T Shamoon ldquoSecure spread spectrum
watermarking for images audio and videordquo in Proc IEEE Int Conf Image
Processing Lausanne Switzerland Sept 1996 vol 111 pp 243ndash246
D Kahn The CodebreakersmdashThe Story of Secret Writing New York Scribner
1967
F Johnson and S Jajodia ldquoExploring steganography Seeing the unseenrdquo IEEE
Computer Mag pp 26ndash34 Feb 1998
B Pfitzmann ldquoTrials of traced traitorsrdquo in Information Hiding First International
Workshop Lecture Notes in Computer Science R Anderson Ed Berlin Germany
Springer-Verlag 1996 vol 1 pp 49ndash64
J R Smith and B O Comisky ldquoModulation and information hiding in imagesrdquo in
Information Hiding First International Workshop Lecture Notes in Computer
Science R Anderson Ed Berlin Germany Springer-Verlag 1996 vol 1174 pp
207ndash226
L M Marvel and C G Boncelet Jr ldquoCapacity of the additive steganographic
channelrdquo submitted for publication
R van Schyndel A Tirkel and C Osborne ldquoA digital watermarkrdquo in Proc IEEE Int
Conf Image Processing 1994 vol 2 pp 86ndash90
R B Wolfgang and E J Delp ldquoA watermark for digital imagesrdquo in Proc IEEE Int
Conf Image Processing Lausanne Switzerland Sept 1996 vol 111 pp 219ndash222
31
- 84 Countermeasures and detection
- Detection of physical steganography requires careful physical examination including the use of magnification developer chemicals and ultraviolet light It is a time-consuming process with obvious resource implications even in countries where large numbers of people are employed to spy on their fellow nationals However it is feasible to screen mail of certain suspected individuals or institutions such as prisons or prisoner-of-war (POW) camps During World War II a technology used to ease monitoring of POW mail was specially treated paper that would reveal invisible ink An article in the June 24 1948 issue of Paper Trade Journal by the Technical Director of the United States Government Printing Office Morris S Kantrowitz describes in general terms the development of this paper three prototypes of which were named Sensicoat Anilith and Coatalith paper These were for the manufacture of post cards and stationery to be given to German prisoners of war in the US and Canada If POWs tried to write a hidden message the special paper would render it visible At least two US patents were granted related to this technology one to Mr Kantrowitz No 2515232 Water-Detecting paper and Water-Detecting Coating Composition Therefor patented July 18 1950 and an earlier one Moisture-Sensitive Paper and the Manufacture Thereof No 2445586 patented July 20 1948 A similar strategy is to issue prisoners with writing paper ruled with a water-soluble ink that runs when in contact with a water-based invisible ink
-
Fig Mapping between model components
Steganography and cryptography are cousins in spy-craft family Cryptography scrambles a
message so it cannot be understood Steganography hides the message so it cannot be seen A
message in cipher text for instance might arouse suspicion on the part of the recipient while
an ldquoinvisiblerdquo message created with steganographic methods will not
In this way we can say that steganography completes cryptography and actually there are
usually two ciphers to break when trying to extract the embedded message one is the one
with which the message was embedded and the other is the one with which the message was
enciphered
Cryptography is the study of hiding information while Steganography deals with composing
hidden messages so that only the sender and the receiver know that the message even exists
In Steganography only the sender and the receiver know the existence of the message
whereas in cryptography the existence of the encrypted message is visible to the world Due
to this Steganography removes the unwanted attention coming to the hidden message
Cryptographic methods try to protect the content of a message while Steganography uses
methods that would hide both the message as well as the content By combining
Steganography and Cryptography one can achieve better security The major concern of
steganography is stealth because if an attacker either passive or active can detect the
presence of the message from that point he can try to extract it and if encrypted to decrypt
it The resistance to attempt at destruction or noise is not required since we consider the
5
sender and the receiver equally interested in exchanging messages so that they will try to
transmit the stego-medium in the best way they can If the stego-data can be transmitted over
the selected channel and this is usually the case with all the media that are used like images
or sounds then the embedded data will be preserved along with them
3Image based steganography
Embedding a message into an image requires two files The first is the innocent-looking
image that will hold the hidden information called the cover image The second file is the
messagemdashthe information to be hidden A message may be plain-text cipher-text other
images or anything that can be embedded in a bit stream When combined the cover image
and the embedded message make a stegoimage A stego-key (a type of password) may also
be used to hide then later decode the message Most steganography software recommends the
use of lossless 24-bit images such as BMP The next-best alternative to 24-bit images is 256-
coloror gray-scale images The most common of these are GIF files
Steganographic systems uses images as cover media because people often transmit digital
pictures over email and other Internet communication (egeBay)Moreoverafter
digitalizationimages contain the so-called quantization noise which provides space to embed
data (Westfeld and Pfitzmann 1999) In this article we will concentrate only on images as
carrier media
The modern formulation of steganography is often given in terms of the prisonersrsquo problem
(Simmons 1984 Kharrazi et al 2004) where Alice and Bob are two inmates who wish to
communicate in order to hatch an escape plan However all communication between them is
examined by the warden Wendy who will put them in solitary confinement at the slightest
suspicion of covert communication
Steganography was used even in ancient times and these ancient methods are called Physical
Steganography Some examples for these methods are messages hidden in messages body
messages written in secret inks messages written on envelopes in areas covered by stamps etc
Modern Steganography methods are called Digital Steganography
Specifically in the general model for steganography we have Alice (the sender) wishing to
send a secret message M to Bob (the receiver) in order to do this Alice chooses a cover
image CThe steganographic algorithm identifies Crsquos redundant bits (ie those that can be
modified without arising Wendyrsquos suspicion) then the embedding process creates a stego
6
image S by replacing these redundant bits with data from M S is transmitted over a public
channel (monitored by Wendy) and is received by Bob only if Wendy has no suspicion on it
Once Bob recovers S he can get M through the extracting process
Fig ISC embedded process
The embedding process represents the critical task for a steganographic system since S must
be as similar as possible to C for avoidingWendyrsquos intervention (Wendy acts for the
eavesdropper) Least significant bit (LSB) insertion is a common and simple approach to
embed information in a cover file it overwrites the LSB of a pixel with anMrsquos bit
Fig ISC extracting process
7
Unfortunately modifying the cover image changes its statistical properties so eavesdroppers
can detect the distortions in the resulting stego imagersquos statistical properties In fact the
embedding of high-entropy data (often due to encryption) changes the histogram of colour
frequencies in a predictable way (Provos and Honeyman 2003 Westfeld and Pfitzmann
1999) Westfeld (Westfeld 2001) proposed F5 an algorithm that does not overwrite LSB and
preserves the stego imagersquos statistical properties (see Sect 52) Since standard
steganographic systems do not provide strong message encryption they recommend to
encrypt M before embedding Because of this we have always to deal with a two-steps
protocol first we must cipher M (obtaining Mrsquo) and then we can embeded M in C
Figure shows the result of such comparison obtained using a JPEG cover set Cset of 20
images (1024 x 768 average size 330 KB) In every image of Cset we have embedded a
canto from Dantersquos Divina Commedia (about 5 KB for each canto) with a JPEG quality
factor set to 80 Only for ISC we also used the images of Cset as key images The mean
difference (in percentage) for every AC coefficient in the interval [minus88] is shown on the
yaxis in Fig 7 in particular the black columns represent the differences introduced by F5
embedding step while the white ones correspond to the number of modifications yielded by
ISC embedding process As one can notice the respective difference values are comparable
Em1 is a simplified version of ISC because actually ISC spreads M over the entire stego
image yielding the same embedding density everywhere In doing this ISC neither uses
permutative straddling nor matrix encoding but simply divides the nonzero coefficients array
in blocks of the same length If necessary only one of the coefficients in each block is
modified Furthermore ISC presents an on-line mechanism for correcting the statistical
deviations created by the embedding step If the message length is sufficiently short (ie it is
less than the number of AC nonzero coefficients) ISC transforms useless coefficients in
order to restore the original statistical properties characterizing the cover medium
As an example if ISC transforms an AC coefficient from -1 into -2 when it encounters the
first unused -2 it transforms this value in -1 in order to reequilibrate the histogram Naturally
the more information we embed in the cover image the less ISC can correct the introduced
modifications If we choose a 24-bit image as cover we can store 3 bits in each pixel To the
human eye the resulting stego image will look identical to the cover image (Johnson and
Jajodia 1998)
8
Fig ISC technique
In the next sections we will present a new all-in one method able to perform steganography
providing strong encryption at the same time Our method has been planned either to work
with bit streams scattered over multiple images (in an online way of functioning) or to work
with still images it yields random outputs in order to make steganalysis more difficult and it
can cipher M in a theoretically secure manner preserving the stego imagersquos statistical
propertiesThe simplicity of our method gives the possibility of using it in real-time
applications such as mobile video communication
4Some history
The first description of the use of steganography dates back to the Greeks Herodotus tells
how a message was passed to the Greeks about Xersesrsquo hostile intentions underneath the wax
of a writing tablet and describes a technique of dotting successive letters in a cover text with
a secret ink due to Aeneas the Tactician Pirate legends tell of the practice of tattooing secret
information such as a map on the head of someone so that the hair would conceal it
Steganography is the art and science of writing hidden messages in such a way that no one
apart from the sender and intended recipient suspects the existence of the message a form of
security through obscurity The word steganography is of Greek origin and means concealed
writing from the Greek words steganos meaning covered or protected and graphei
9
(γραφή) meaning writing The first recorded use of the term was in 1499 by Johannes
Trithemius in his Steganographia a treatise on cryptography and steganography disguised as
a book on magic Generally messages will appear to be something else images articles
shopping lists or some other covertext and classically the hidden message may be in
invisible ink between the visible lines of a private letter
The advantage of steganography over cryptography alone is that messages do not attract
attention to themselves Plainly visible encrypted messagesmdashno matter how unbreakablemdash
will arouse suspicion and may in themselves be incriminating in countries where encryption
is illegal[1] Therefore whereas cryptography protects the contents of a message
steganography can be said to protect both messages and communicating parties
Steganography includes the concealment of information within computer files In digital
steganography electronic communications may include steganographic coding inside of a
transport layer such as a document file image file program or protocol Media files are ideal
for steganographic transmission because of their large size As a simple example a sender
might start with an innocuous image file and adjust the color of every 100th pixel to
correspond to a letter in the alphabet a change so subtle that someone not specifically
looking for it is unlikely to notice it
Kahn tells of a trick used in China of embedding a code ideogram at a prearranged position in
a dispatch a similar idea led to the grille system used in medieval Europe where a wooden
template would be placed over a seemingly innocuous text highlighting an embedded secret
message Invisible ink offered a common form of invisible writing
Early in WWII steganographic technology consisted almost exclusively of these inks With
invisible ink a seemingly innocent letter could contain a very different message written
between the lines During WWII the grille spies used method or some variants In the same
period the Germans developed microdot technology which prints a clear good quality
photograph shrinking it to the size of a dot During the Cold War period USSR and US
wanted to hide their sensors in the enemyrsquos facilities These devices had to send data to their
nations without being spotted
5SOME DEFINITIONS
We give some definitions common to the steganography field
10
Cover medium This is the medium in which we want to hide data it can be an innocent
looking piece of information for steganography or some important medium that must be
protected for copyright or integrity reasons
Embedded message This is the hidden message we want to put in the cover It can be some
data for steganography and some copyright informations or added content for digital
watermarking
Stegokey This is represented by some secret information which is needed in order to extract
the embedded message from the stegomedium
Stego-medium This is the final piece of information that the casual observer can see
We can define this simple formula
Cover-medium + embedded-message = stego-message
6BASIC METHOD BEHIND STEGANOGRAPHY
FigSteganography process
7IMAGE FILES
To a computer an image is an array of numbers that represent an array of numbers that
represent light intensities at various points or pixels These pixels make up the imagersquos raster
data A common image size is 640 480 and 256 colors (or 8 bits per pixel) Such an image
could contain about 300 kb of data Digital images are typically stored as either 24-bit or 8-
11
bit files A 24-bit image provides the most space for hiding information however it can be
quite large except for the JPEG images A 24-bit image of 1024 pixels width and 768 pixels
height has more than two million pixels each having 24-bits which would produce a file
exceeding 2 Mega bytes Such a file would attract attention during transmission File
compression would thus be beneficial if not necessary to transmit such a file
71File compression
There are two types of file compression methods- lossless and lossy Both methods save
storage space but have different results interfering with the hidden information when
information is uncompressed Lossless compression lets us reconstruct the original message
exactly therefore it is preferred when the original information must remain intact (as with
steganographic images) Lossless compression as typical of images saved as GIF and 8-bit
BMP Lossless compression on the other hand saves space but may not maintain the original
imagersquos integrity This method typifies images saved as JPEG Due to the lossy compression
algorithm which we discuss later the JPEG formats provide close approximations to high-
quality digital photographs but not an exact duplicate Hence the term ldquolossy compressionrdquo
72Embedding data
Embedding data which is to be hidden into an image requires two files The first is the
innocent looking image that will hold the hidden information called the cover image The
second file is the message- the information to be hidden A message may be plain text cipher
text other images or anything that can be embedded in a bit stream when combined the
cover image and the embedded message make a stego- image A stego-key (a type of
password) may also be used to hide and then later decode the message
Most steganographic software neither supports not recommends using JPEG images But
recommends instead the use of lossless 24-bit images such as BMP The next best alternative
to 24-bit images is 256- color or gray scale images The most common of these found on the
Internet are GIF files
Every AC coefficient in the interval [minus88] is shown on the yaxis in Fig 7 in particular the
black columns represent the differences introduced by F5 embedding step while the white
ones correspond to the number of modifications yielded by ISC embedding process
12
Fig ISC for JPEG sequence(Embedded step)
FigISC for JPEG sequence(Extracting step)
In 8-bit color images such as GIF files each pixel is represented by a single byte and each
pixel nearly points to a color index able (a palette) with 256 possible colors The pixels value
is between 0 and 255 The software simply paints the indicated color on the screen at the
selected pixel position
Many steganography experts recommend the use of images featuring 256 shades of grapy
Gray scale images are preferred because the shades change very gradually from byte to byte
and the less the value changes between palette entries the better they can hide information
13
When considering an image in which to hide information you must consider the image as
well as the palette Obviously an image with large areas of solid colors is a poor choice as
variances created from the embedded massage will be noticeable in the solid areas
73 Data embedded security system
The choice of embedding algorithm in the most cases is driven by the results of the
steganographic channel robustness analysis One of the areas that improves steganographic
robustness is usage of a key scheme for embedding messagesVarious key steganographic
schemes have various levels of protection Key scheme term means a procedure of how to use
key steganographic system based on the extent of its use However when the steganographic
robustness is increased a bandwidth of the whole embedding system is decreased Therefore
the task of a scheme selection for achieving the optimal values of the steganographic system
is not trivial
Embedding messages in steganographic system can be carried out without use of a key or
with use of a key To improve steganographic robustness key can be used as a verification
option It can make an impact on the distribution of bits of a message within a container as
well as an impact on the procedure of forming a sequence of embedded bits of a message
The first level of protection is determined only by the choice of embedding algorithm This
may be the least significant bits modification algorithm or algorithms for modifying the
frequency or spatial-temporal characteristics of the container The first level of protection is
presented in any steganographic channel Steganographic system in this case can be
represented as shown at The First Protection Level Scheme figure There following notations
are used c - is a container file F - steganographic channel space (frequency orand amplitude
container part that is available for steganographic modification and message signal
transmission) SC - steganographic system m - message to be embedded E - embedding
method ĉ - modified container file
The second protection level of the steganographic system as well as all levels of protection
of the higher orders is characterized by the use of Key (password) via steganographic
modification An example of a simple key scheme which provides a second level of
protection is to write the unmodified or modified password in the top or bottom of the
message or the distribution of the password sign on the entire length of the steganographic
channel Such key schemes do not affect the distribution of messages through the container
and do not use a message preprocessing according to the defined key (see figure The Second
14
Protection Level Scheme) This kind of steganographic systems are used in such tasks as for
instance adding a digital signature for proof of copyright Data embedding performance is
not changed in comparison with the fastest approach of the first protection level usage
Steganographic data channels that use key schemes based distribution of a message through
the container and or preprocessing of an embedded message for data hiding are more secure
When the third protection level key scheme is used it affects the distribution of a message
through the container (see figure The Third Protection Level Scheme where F(P L) ndash
distribution function of a message within a container P ndash minimum number of container
samples that are needed to embed one message sample L ndash step of a message distribution
within a container) Accordingly the performance of container processing will be lower than
in the case of the first and the second key schemes Taking into account that PgeL the
simplest representation of the F(P L) function could be as following
F(P L) = cycleL + stepP
where cycle is a number of the current L section and step is a number of the embedded
message sample
The difference between the fourth protection level scheme and the third one is that in
steganographic system there are two distribution functions of a message within a container
are used The first is responsible for a message samples selection according to some function
G(Q N) and the second function F(P L) is responsible for position selection in a container
for message sample hiding Here Q ndash the size of message block to be inserted N ndash the size (in
bits) of one sample of the message file (see figure The Fourth Protection Level Scheme)
8CONCEALMENT IN DIGITAL IMAGES
Information can be hidden many different ways in images To hide information straight
message insertion may encode every bit of information in the message or selectively embed
the message in ldquonoisyrdquo areas that draw less attention- those areas where there is a great deal
of natural color variation The message may also be scattered randomly throughout the
image Redundant pattern encoding ldquowallpapersrdquo the cover image with the message
Image based Steganography is the most popular method for message concealment In this
paper two techniques are proposed for enhancing the message secrecy using image based
steganography The first technique is based on the use of punctuation marks to encode a
secret message before embedding it into the image file The second technique is based on the
15
use of modified scytale cipher to hide a secret message in an image file Both of these
techniques have been implemented and tested using the S-Tools software package The
original and stego-images both are shown for the purpose of comparison
A number of ways exist to hide information in digital images Common approaches include
1048766 Least significant bit (LSB) insertion
1048766 Masking and filtering
1048766 Algorithms and transformations
81Least significant bit insertion
Least significant Bit insertion is a common simple approach to embedding information in a
cover file To hide an image in the LSBs of each byte of a 24-bit image you can store 3 bits
in each pixel A 1024 768 image has the potential to hide a total of 2359296 bits of
information Ti you compress the message to be hidden before you embed it you can hide a
large amount of information To the human eye the resulting stego-image will look identical
to the cover image
82Masking and Filtering
Masking and filtering techniques usually restricted to 24-bit and tray-scale images hide
information by marking an image in a manner similar to paper watermarks Watermarking
techniques may be applied without fear of image destruction due to lossy compression
because they are more integrated into the image
Visible watermarks are not steganography by definition The difference is primarily one of
intent Traditional steganography conceals information watermarks extend information and
become an attribute of the cover image Digital watermarks may include such information as
copyright ownership or license In steganography the object of communication is the hidden
message In digital watermarking the object of communication is the cover
To create a watermarked image we increase the luminance of the masked area by 15
percent If we were to change the luminance by a smaller percentage the mask would be
undetected by the human eye Now we can use the watermarked image to hide plaintext or
encoded information
Masking is more robust than LSB insertion with respect to compression cropping and some
image processing Masking techniques embed information in more significant areas so that
16
the hidden message is more integral to the cover image than just hiding it in the ldquonoiserdquo level
This makes it more suitable than LSB with lossy JPEG images
83Algorithms and Transformations
LSB manipulation is a quick and easy way to hide information but is vulnerable to small
changes resulting from image processing or lossy compression Such compression is a key
advantage that JPEG images have over other formats High quality images can be stored in
relatively small files using JPEG compression method
One steganographic method that integrates the compression algorithm for hiding the
information is Jpeg-Jsteg Jpeg-Jsteg creates a JPEG stego image from the input of a message
to be hidden and a lossless cover mage
Another method used in Patchwork and similar techniques is the redundant pattern encoding
Here the hidden information is scattered throughout the cover mage These approaches may
help protect against image processing such as cropping and rotations and they hide
information more thoroughly than by simply masking They also support image manipulation
more readily than tools that rely on LSB In using redundant pattern encoding you must trade
off message size against robustness A large message may be embedded only once because it
would occupy a much greater portion of the image area
Other techniques encrypt and scatter the hidden data throughout an image Scattering the
message makes it appear more like noise Proponents of this approach assume that even if the
message bits are extracted they will be useless without the algorithm and stego-key to
decode them Scattering and encryption helps protect against hidden message extraction but
not against message destruction through image processing A scattered message in the
imagersquos LSBs is still as vulnerable to destruction from lossy compression and image
processing as is a clear text message inserted in the LSBs
84 Countermeasures and detection
Detection of physical steganography requires careful physical examination including the use
of magnification developer chemicals and ultraviolet light It is a time-consuming process
with obvious resource implications even in countries where large numbers of people are
employed to spy on their fellow nationals However it is feasible to screen mail of certain
suspected individuals or institutions such as prisons or prisoner-of-war (POW) camps
During World War II a technology used to ease monitoring of POW mail was specially
17
treated paper that would reveal invisible ink An article in the June 24 1948 issue of Paper
Trade Journal by the Technical Director of the United States Government Printing Office
Morris S Kantrowitz describes in general terms the development of this paper three
prototypes of which were named Sensicoat Anilith and Coatalith paper These were for the
manufacture of post cards and stationery to be given to German prisoners of war in the US
and Canada If POWs tried to write a hidden message the special paper would render it
visible At least two US patents were granted related to this technology one to Mr
Kantrowitz No 2515232 Water-Detecting paper and Water-Detecting Coating
Composition Therefor patented July 18 1950 and an earlier one Moisture-Sensitive Paper
and the Manufacture Thereof No 2445586 patented July 20 1948 A similar strategy is to
issue prisoners with writing paper ruled with a water-soluble ink that runs when in contact
with a water-based invisible ink
In computing detection of steganographically encoded packages is called steganalysis The
simplest method to detect modified files however is to compare them to known originals
For example to detect information being moved through the graphics on a website an analyst
can maintain known-clean copies of these materials and compare them against the current
contents of the site The differences assuming the carrier is the same will compose the
payload In general using extremely high compression rate makes steganography difficult
but not impossible While compression errors provide a hiding place for data high
compression reduces the amount of data available to hide the payload in raising the encoding
density and facilitating easier detection (in the extreme case even by casual observation)
9 LEAST SIGNIFICANT BIT (LSB) INSERTION
91Technique basics
Today when converting an analog image to digital format we usually choose between three
different ways of representing colors
1048766 24-bit color every pixel can have one in 2^24 colors and these are represented as different
quantities of three basic colors red (R) green (G) blue (B) given by 8 bits (256 values)
each
18
1048766 8-bit color every pixel can have one in 256 (2^8) colors chosen from a palette or a table
of colors
1048766 8-bit gray-scale every pixel can have one in 256 (2^8) shades of gray
LSB insertion modifies the LSBs of each color in 24-bit images or the LSBs of the 8-bit
value for 8-bit images
92Data Rate
The most basic of LSBs insertion for 24-bit pictures inserts 3 bitspixel Since every pixel is
24 bits we can hide
3 hidden-bitspixel 24 data-bitspixel = 18 hidden-bitsdatabits
So for this case we hide 1 bit of the embedded message for every 8 bits of the cover image If
we pushed the insertion to include the second LSBs the formula would change to
6 hidden-bitspixel 24 data-bitspixel = 28 hidden-bitsdatabits
And we would hide 2 bits of the embedded message for every 8 bits of the cover image
Adding a third-bit insertion we would get
9 hidden-bitspixel 24 data-bitspixel = 38 hidden-bitsdatabits
Acquiring a data rate of 3 embedded bits every 8 bits of the image The data rate for insertion
in 8-bit images is analogous to the 1 LSB insertion in 24-bit images or 1 embedded bit every
8 cover bits We can see the problem in another light and ask how many cover bytes are
needed to send an embedded byte
For 1-LSB insertion in 24-bit images or in 8-bit images this value would be 818 = 8 Bytes
For 2-LSBs insertion in 24-bit pictures it would be 828 = 4 Bytes for 3-LSBs insertion it
would be 838 = 2133 Bytes
93Robustness
LSB insertion is very vulnerable to a lot of transformationseven the most harmless and usual
ones Lossy compression eg JPEG is very likely to destroy it completely The problem is
that the holes in the Human Visual System that LSB insertion tries to exploit ndash little
sensitivity to added noise - are the same that lossy compression algorithms rely on to be able
to reduce the data rate of images
19
Geometrical transformations moving the pixels around and especially message and the only
one that could allow recovery is a simple translation Any other kind of picture
transformation like blurring or other effects usually will destroy the hidden data All in all
LSB insertion is a very little robust technique for data hiding displacing them from the
original grid are likely to destroy the embedded
94Ease of detectionextraction
There is no theoretical outstanding mark of LSB insertion if not a little increase of
background noise Itrsquos very easy instead to extract LSBs even with simple programs and to
check them later to find if they mean something or not
95Suitability for steganography or watermarking
First of all since it is a so vulnerable technique even for simple processing LSB insertion is
almost useless for digital watermarking where it must face malicious attempts at its
destruction plus normal transformations like compressiondecompression or conversion to
analog (printing or visualization)conversion to digital (scanning) Its comparatively high data
rate can point it as a good technique for steganography where robustness is not such an
important constraint
96Problems and possible solutions
Having stated that LSB insertion is good for steganography we can try to improve one of its
major drawbacks the ease of extraction We donrsquot want that a malicious attacker be able to
read everything we are sending
This is usually accomplished with two complementary techniques
Encryption of the message so that who extracts it must also decrypt it before it makes
sense
Randomizing the placement of the bits using a cryptographical random function
(scattering) so that itrsquos almost impossible to rebuild the message without knowing the
seed for the random function
In this way the message is protected by two different keys acquiring much more
confidentiality than before This approach protects also the integrity of the message being
much more difficult (we could say at least computationally infeasible) to counterfeit the
message
20
Anyway since we donrsquot want our message to be only an encrypted and scrambled message
we must go back to the purpose of making the communication hidden
The two most important issues in this problem are
The choice of images
The choice of the format (24-bit or 8-bit compressed or not)
The cover image first of all must seem casual so it must be chosen between a set of subjects
that can have a reason to be exchanged between the source and the receiver Then it must
have quite varying colors it must be noisy so that the added noise is going to be covered
by the already present one Wide solid-color areas imagnify very much any little amount of
noise added to them Second there is a problem with the file size which involves the choice
of the format Unusually big files exchanged between two peers in fact are likely to arise
suspicion
To solve this problem it has been studied a modification to the JPEG algorithm that inserts
LSBs in some of the lossless stages or pilots the rounding of the coefficients of the DCT used
to compress the image to encode the bits Since we need to have small image file sizes we
should resort in using 8-bit images if we want to communicate using LSB insertion because
their size is more likely to be considered as normal
The problem with 256 colors images is that they make use of an indexed palette and
changing a LSB means that we switch a pixel from a position to an adjacent one If there are
adjacent contrasting colors in the palette it can happen that a pixel in the image changes its
color abruptly and the hidden message becomes visible
To solve this problem different methods have been studied like rearranging the palette so
that adjacent colors donrsquot contrast so much or even reducing the palette to a smaller number
of colors and replicating the same entry in the table in adjacent positions so that the
difference after the embedding of the message is not visible at all
Moreover for most images the reduction of colors from for instance 256 to 32 is hardly
visible Most of the experts anyway advise to use 8-bit grayscale images since their palette
is much less varying than the color one so LSB insertion is going to be very hard to detect by
the human eye
21
10SSIS - SPREAD SPECTRUM IMAGE STEGANOGRAPHY
Techniques of error-control coding image restoration and those similar to spread spectrum
communication are combined within the SSIS system The fundamental concept is the
embedding of the hidden information within noise which is then added to a digital cover
image This noise is typical of the noise inherent to the image acquisition process and if kept
at low levels is not perceptible to the human eye or by computer analysis without access to
the original image To successfully decode the message image restoration techniques and
error-control coding are employed Image restoration is used to obtain an approximate
estimate of the original cover image from the stegoimage This promotes the estimation of the
embedded signal that was added to the cover in addition to allowing SSIS to be a blind
steganography scheme
Finally because the noise is of low power and the restoration process is not perfect the
estimation of the embedded signal is poor resulting in an embedded signal bit error rate
(BER) that is rather high To compensate the message signal is processed by a low-rate
error-correcting code before embedding This conglomeration of communication and image
processing techniques provides a method of reliable blind image steganography
The major processes of the stegosystem encoder are portrayed Within the system the
message is optionally encrypted with key 1 and then encoded via a low-rate
errorcorrectingcode producing the encoded message Thesender enters key 2 into a wideband
pseudorandom noise generator producing a real-valued noise sequence sequently the
modulation scheme is used to combine the message with the noise sequence thereby
composing the embedded signal which is then input into an interleaver using key 3 This
signal is now added with the cover image to produce the stegoimage which is appropriately
quantized and clipped to preserve the initial dynamic range of the cover image The
stegoimage is then transmitted in some manner to the recipient At the receiver the
stegoimage is received by the recipient who maintains the same keys as the sender uses the
stegosystem decoder to extract the hidden information The decoder uses image restoration
techniques to produce an estimate of the original cover image from the received
stegoimage The difference between and
is fed into a keyed deinterleaver to construct an estimate of the embedded signal With key
2 the noise sequence is regenerated the encoded message is then demodulated and an
estimate of the encoded message is constructed The estimate of the message is then
22
decoded via the low-rate errorcontrol decoder optionally decrypted using key 1 and revealed
to the recipient
The interleaver in this scheme which reorders the embedded signal before it is added to the
cover image serves a dual function The first is to prevent a group or burst of errors This
allows the errors to occur almost independently within a codeword thus giving the error-
correcting code an equal chance at correcting the errors in all codewords Second since the
interleaver requires a key to stipulate the interleaving algorithm this key can serve as another
level of security to establish the proper order of the embedded signal before decoding
We point out this technique as an example for spread spectrum data-hiding methods Spread
spectrum techniques are now widely used in military radio communications due to their very
high robustness to detection and extraction SSIS is a quite mature process and its aim is to
achieve low detectability ease of extraction high data rate and good robustness to removal It
is based on spread spectrum techniques but it enhances them by adding other encoding steps
FigSSIS encoder
23
FigSSIS decoder
101Technique basics
The core of SSIS is a spread spectrum encoder These devices work by modulating a narrow
band signal over a carrier The carrierrsquos frequency is continually shifted using a
pseudorandom noise generator fed with a secret key In this way the spectral energy of the
signal is spread over a wide band thus decreasing its density usually under the noise level
To extract the embedded message the receiver must use the same key and noise generator to
tune on the right frequencies and demodulate the original signal A casual observer wonrsquot be
able even to detect the hidden communication since it is under the noise level
102Data Rate
The data rate for this technique can be fairly high but it depends on the choices made for the
different parameters of the encoding We can assume that the message will be compressed
before embedding to allow for a higher capacity The ECC encoder instead is going to insert
redundant data into the stream to be able to correct the errors The more errors we want to
correct the more bits will be added Then we have a tradeoff between good retrieval and
capacity If we can allow for small glitches in the recovered message then we can use a
weaker encoding
Moreover the more data we want to insert in the image the more noise we are going to add
to it Then if our cover is not noisy we will be able to hide very little data while if we
choose a noisy one its capacity will be higher Experiments with 512x512 grey scale images
(256 KB) could embed from 500 bytes to 5KB depending on the cover These experiments
used a spread spectrum signal powerful enough to give almost total error-free retrieval
because the compression method adopted didnrsquot allow for any errors This means a data rate
24
varying from 1 hidden-bytes50 cover-bytes to 10 hiddenbytes 50 cover-bytes a rate
surpassed only by LSB insertion
103Robustness
Spread spectrum techniques are usually quite robust Every transformation that adds noise to
the image isnrsquot able to destroy the message Anyway a determined attacker can quite easily
compromise the embedded data using some digital processing like for examplenoise
reduction filters the same that are used in decoding to estimate the original cover
104Ease of detectionextraction
Spread spectrum encoding is widely used in military communications for its robustness
against detection An attacker canrsquot usually even know if the message was embedded and
anyway it will be very hard for him to extract it without knowing the right key2 and key3
105Suitability for steganography or watermarking
Due to its fairly high capacity and low ease of detection and extraction SISS is very good for
steganography
106Problems and possible solutions
The basic tradeoff in using SSIS is between the error rate we can afford and the amount of
informations we want to embed that varies in turn the power of the added noise The ECC is
used to allow for a lower power without increasing the Bit Error Rate as well
Further improvements will deal with improving the original cover estimate stage so that itrsquoll
lead to a lower Bit Error Rate in the recovered signal allowing to use less redundant ECCs
The first is redundant encoding by dividing the cover into blocks and embedding the same
message in each of them so that the hidden data can be extracted even from a part of the
image as big as one block but the more of it we have the more certain we can be about the
result
Moreover they added to the spectrum a template that can through a log-polar transform
applied to the spectrum of the stegoimage determine the original scale factor and orientation
of the image rendering the stego-message virtually immune to scaling and rotation Finally
spread spectrum techniques can add an adaptive perceptual masking filter before the insertion
of the signal so that the added noise is quite sure to be under perceptual limits This
25
however will increase the error rate in the retrieval because it reduces the power of the
embedded signal
11Applications of Steganography
Steganography is applicable to but not limited to the following areas
1) Confidential communication and secret data storing
2) Protection of data alteration
3) Access control system for digital content distribution
4) Media Database systems
The area differs in what feature of the steganography is utilized in each system
111 Confidential communication and secret data storing
The secrecy of the embedded data is essential in this areaHistorically steganography have
been approached in this area Steganography provides us with
(A) Potential capability to hide the existence of confidential data
(B) Hardness of detecting the hidden (ie embedded) data
(C) Strengthening of the secrecy of the encrypted data
In practice when you use some steganography you must first select a vessel data according
to the size of the embedding data The vessel should be innocuous Then you embed the
confidential data by using an embedding program (which is one component of the
steganography software) together with some key When extracting you (or your party) use an
extracting program (another component) to recover the embedded data by the same key
( common key in terms of cryptography) In this case you need a key negotiation before
you start communication
Attaching a stego file to an e-mail message is the simplest example in this application area
But you and your party must do a sending-and-receiving action that could be noticed by a
third party So e-mailing is not a completely secret communication methodThere is an easy
method that has no key-negotiation We have a model of Anonymous Covert Mailing
System There is some other communication method that uses the Internet Webpage In this
26
method you dont need to send anything to your party and no one can detect your
communication
Each secrecy based application needs an embedding process which leaves the smallest
embedding evidence You may follow the following
(A) Choose a large vessel larger the better compared with the embedding data
(B) Discard the original vessel after embedding
For example in the case of Qtech Hide amp View it leaves some latent embedding evidence
even if the vessel has a very large embedding capacity You are recommended to embed only
25 or less (for PNG BMP output) of the maximum capacity or only 3 of the vessel size
(for JPEG output)
112 Protection of data alteration
We take advantage of the fragility of the embedded data in this application area
The embedded data can rather be fragile than be very robust Actually embedded data are
fragile in most steganography programs Especially Qtech Hide amp View program embeds
data in an extremely fragile manner However this fragility opens a new direction toward an
information-alteration protective system such as a Digital Certificate Document System
The most novel point among others is that no authentication bureau is needed If it is
implemented people can send their digital certificate data to any place in the world through
Internet No one can forge alter nor tamper such certificate data If forged altered or
tampered it is easily detected by the extraction program
Stated somewhat more formally the objective for making steganographic encoding difficult
to detect is to ensure that the changes to the carrier (the original signal) due to the injection of
the payload (the signal to covertly embed) are visually (and ideally statistically) negligible
that is to say the changes are indistinguishable from the noise floor of the carrier Any
medium can be a carrier but media with a large amount of redundant or compressible
information are better suited
From an information theoretical point of view this means that the channel must have more
capacity than the surface signal requires that is there must be redundancy For a digital
image this may be noise from the imaging element for digital audio it may be noise from
recording techniques or amplification equipment In general electronics that digitize an
analog signal suffer from several noise sources such as thermal noise flicker noise and shot
27
noise This noise provides enough variation in the captured digital information that it can be
exploited as a noise cover for hidden data In addition lossy compression schemes (such as
JPEG) always introduce some error into the decompressed data it is possible to exploit this
for steganographic use as well
Steganography can be used for digital watermarking where a message (being simply an
identifier) is hidden in an image so that its source can be tracked or verified (for example
Coded Anti-Piracy) or even just to identify an image (as in the EURion constellation)
113 Access control system for digital content distribution
In this area embedded data is hidden but is explained to publicize the contentToday
digital contents are getting more and more commonly distributed by Internet than ever before
For example music companies release new albums on their Webpage in a free or charged
manner However in this case all the contents are equally distributed to the people who
accessed the page So an ordinary Web distribution scheme is not suited for a case-by-case
and selective distribution Of course it is always possible to attach digital content to e-mail
messages and send to the customers But it will takes a lot of cost in time and labor
If you have some valuable content which you think it is okay to provide others if they really
need it and if it is possible to upload such content on the Web in some covert manner And if
you can issue a special access key to extract the content selectively you will be very happy
about it A steganographic scheme can help realize a this type of system
We have developed a prototype of an Access Control System for digital content
distribution through Internet The following steps explain the scheme
(1) A content owner classify hisher digital contents in a folder-by-folder manner and embed
the whole folders in some large vessel according to a steganographic method using folder
access keys and upload the embedded vessel (stego data) on hisher own Webpage
(2) On that Webpage the owner explains the contents in depth and publicize worldwide The
contact information to the owner (post mail address e-mail address phone number etc) will
be posted there
(3) The owner may receive an access-request from a customer who watched that Webpage In
that case the owner may (or may not) creates an access key and provide it to the customer
(free or charged)
28
In this mechanism the most important point is a selective extraction is possible or notWe
have already developed such a selective extraction program to implement the system
114 Media Database systems
In this application area of steganography secrecy is not important but unifying two types of
data into one is the most importantMedia data (photo picture movie music etc) have some
association with other information A photo picture for instance may have the following
(1) The title of the picture and some physical object information
(2) The date and the time when the picture was taken
(3) The camera and the photographers information
Formerly these are annotated beside the each picture in the albumRecently almost all
cameras are digitalized They are cheap in price easy to use quick to shoot They eventually
made people feel reluctant to work on annotating each picture Now most home PCs are
stuck with the huge amount of photo files In this situation it is very hard to find a specific
shot in the piles of pictures A photo album software may help a little You can sort the
pictures and put a couple of annotation words to each photo When you want to find a
specific picture you can make a search by keywords for the target picture However the
annotation data in such software are not unified with the target pictures Each annotation only
has a link to the picture Therefore when you transfer the pictures to a different album
software all the annotation data are lost
This problem is technically referred to as Metadata (eg annotation data) in a media
database system (a photo album software) are separated from the media data (photo data) in
the database managing system (DBMS) This is a big problem
Steganography can solve this problem because a steganography program unifies two types of
data into one by way of embedding operation So metadata can easily be transferred from
one system to another without hitch Specifically you can embed all your goodbad memory
(of your sight-seeing trip) in each snap shot of the digital photo You can either send the
embedded picture to your friend to extract your memory on hisher PC or you may keep it
silent in your own PC to enjoy extracting the memory ten years after If a motion picture
steganography system has been developed in the near future a keyword based movie-scene
retrieving system will be implemented It will be a step to a semantic movie retrieval system
29
12CONCLUSION
In this paper we tried to give an all-round view of steganography both used to exchange
messages and watermarking First we gave an outline of the problem telling also some of the
history of this quickly developing field Then we showed the different techniques invented
from the simplest to the more complex ones trying to evaluate them under many points of
view Major emphasis was put on data hiding in images for the techniques involved are
usually more mature than the corresponding ones for other kinds of informations Image
encoding algorithms can also be representative for manipulation of other types of media like
voice text binary files binary files communication channels etc
The strength of our system resides in the new concept of key image Involving two images
(the cover and the key) in place of only one (the cover) we are able to change the cover
coefficients randomly This opportunity does not give a steganalytic tool the chance of
searching for a predictable set of modifications The proposed approach has many
applications in hiding and coding messages within standard medias such as images or videos
As future work we intend to study steganalytic techniques for ISC and to extend ISC to
mobile video communication
Then we gave an outline of the problems involved with watermarking a field that has come
into light after the development of broadband worldwide digital networks Steganography and
digital watermarking are undergoing a development process similar to that of encryption
Steganographyrsquos niche in security is to supplement cryptography and not to replace it There
is a continuous invention of new techniques for steganography followed by successful
breakings and new improvements of them
30
13REFERENCES
Neil F Johnson Sushil Jajodia George Mason University Exploring
Steganography Seeing the Unseen IEEE Computers February 1998 pp 26-34
W Bender D Gruhl N Morimoto A Lu Techniques for Data Hiding IBM
Systems Journal Vol 35
Ross Anderson Roger Needham Adi Shamir The Steganographic File System 2nd
Information Hiding Workshop 1998
Ross J Anderson Fabien AP Petitcolas On the limits of steganographyrdquo
W Bender D Gruhl N Morimoto and A Lu ldquoTechniques for data hidingrdquo IBM
Syst J vol 35 1996
I J Cox J Kilian T Leighton and T Shamoon ldquoSecure spread spectrum
watermarking for images audio and videordquo in Proc IEEE Int Conf Image
Processing Lausanne Switzerland Sept 1996 vol 111 pp 243ndash246
D Kahn The CodebreakersmdashThe Story of Secret Writing New York Scribner
1967
F Johnson and S Jajodia ldquoExploring steganography Seeing the unseenrdquo IEEE
Computer Mag pp 26ndash34 Feb 1998
B Pfitzmann ldquoTrials of traced traitorsrdquo in Information Hiding First International
Workshop Lecture Notes in Computer Science R Anderson Ed Berlin Germany
Springer-Verlag 1996 vol 1 pp 49ndash64
J R Smith and B O Comisky ldquoModulation and information hiding in imagesrdquo in
Information Hiding First International Workshop Lecture Notes in Computer
Science R Anderson Ed Berlin Germany Springer-Verlag 1996 vol 1174 pp
207ndash226
L M Marvel and C G Boncelet Jr ldquoCapacity of the additive steganographic
channelrdquo submitted for publication
R van Schyndel A Tirkel and C Osborne ldquoA digital watermarkrdquo in Proc IEEE Int
Conf Image Processing 1994 vol 2 pp 86ndash90
R B Wolfgang and E J Delp ldquoA watermark for digital imagesrdquo in Proc IEEE Int
Conf Image Processing Lausanne Switzerland Sept 1996 vol 111 pp 219ndash222
31
- 84 Countermeasures and detection
- Detection of physical steganography requires careful physical examination including the use of magnification developer chemicals and ultraviolet light It is a time-consuming process with obvious resource implications even in countries where large numbers of people are employed to spy on their fellow nationals However it is feasible to screen mail of certain suspected individuals or institutions such as prisons or prisoner-of-war (POW) camps During World War II a technology used to ease monitoring of POW mail was specially treated paper that would reveal invisible ink An article in the June 24 1948 issue of Paper Trade Journal by the Technical Director of the United States Government Printing Office Morris S Kantrowitz describes in general terms the development of this paper three prototypes of which were named Sensicoat Anilith and Coatalith paper These were for the manufacture of post cards and stationery to be given to German prisoners of war in the US and Canada If POWs tried to write a hidden message the special paper would render it visible At least two US patents were granted related to this technology one to Mr Kantrowitz No 2515232 Water-Detecting paper and Water-Detecting Coating Composition Therefor patented July 18 1950 and an earlier one Moisture-Sensitive Paper and the Manufacture Thereof No 2445586 patented July 20 1948 A similar strategy is to issue prisoners with writing paper ruled with a water-soluble ink that runs when in contact with a water-based invisible ink
-
sender and the receiver equally interested in exchanging messages so that they will try to
transmit the stego-medium in the best way they can If the stego-data can be transmitted over
the selected channel and this is usually the case with all the media that are used like images
or sounds then the embedded data will be preserved along with them
3Image based steganography
Embedding a message into an image requires two files The first is the innocent-looking
image that will hold the hidden information called the cover image The second file is the
messagemdashthe information to be hidden A message may be plain-text cipher-text other
images or anything that can be embedded in a bit stream When combined the cover image
and the embedded message make a stegoimage A stego-key (a type of password) may also
be used to hide then later decode the message Most steganography software recommends the
use of lossless 24-bit images such as BMP The next-best alternative to 24-bit images is 256-
coloror gray-scale images The most common of these are GIF files
Steganographic systems uses images as cover media because people often transmit digital
pictures over email and other Internet communication (egeBay)Moreoverafter
digitalizationimages contain the so-called quantization noise which provides space to embed
data (Westfeld and Pfitzmann 1999) In this article we will concentrate only on images as
carrier media
The modern formulation of steganography is often given in terms of the prisonersrsquo problem
(Simmons 1984 Kharrazi et al 2004) where Alice and Bob are two inmates who wish to
communicate in order to hatch an escape plan However all communication between them is
examined by the warden Wendy who will put them in solitary confinement at the slightest
suspicion of covert communication
Steganography was used even in ancient times and these ancient methods are called Physical
Steganography Some examples for these methods are messages hidden in messages body
messages written in secret inks messages written on envelopes in areas covered by stamps etc
Modern Steganography methods are called Digital Steganography
Specifically in the general model for steganography we have Alice (the sender) wishing to
send a secret message M to Bob (the receiver) in order to do this Alice chooses a cover
image CThe steganographic algorithm identifies Crsquos redundant bits (ie those that can be
modified without arising Wendyrsquos suspicion) then the embedding process creates a stego
6
image S by replacing these redundant bits with data from M S is transmitted over a public
channel (monitored by Wendy) and is received by Bob only if Wendy has no suspicion on it
Once Bob recovers S he can get M through the extracting process
Fig ISC embedded process
The embedding process represents the critical task for a steganographic system since S must
be as similar as possible to C for avoidingWendyrsquos intervention (Wendy acts for the
eavesdropper) Least significant bit (LSB) insertion is a common and simple approach to
embed information in a cover file it overwrites the LSB of a pixel with anMrsquos bit
Fig ISC extracting process
7
Unfortunately modifying the cover image changes its statistical properties so eavesdroppers
can detect the distortions in the resulting stego imagersquos statistical properties In fact the
embedding of high-entropy data (often due to encryption) changes the histogram of colour
frequencies in a predictable way (Provos and Honeyman 2003 Westfeld and Pfitzmann
1999) Westfeld (Westfeld 2001) proposed F5 an algorithm that does not overwrite LSB and
preserves the stego imagersquos statistical properties (see Sect 52) Since standard
steganographic systems do not provide strong message encryption they recommend to
encrypt M before embedding Because of this we have always to deal with a two-steps
protocol first we must cipher M (obtaining Mrsquo) and then we can embeded M in C
Figure shows the result of such comparison obtained using a JPEG cover set Cset of 20
images (1024 x 768 average size 330 KB) In every image of Cset we have embedded a
canto from Dantersquos Divina Commedia (about 5 KB for each canto) with a JPEG quality
factor set to 80 Only for ISC we also used the images of Cset as key images The mean
difference (in percentage) for every AC coefficient in the interval [minus88] is shown on the
yaxis in Fig 7 in particular the black columns represent the differences introduced by F5
embedding step while the white ones correspond to the number of modifications yielded by
ISC embedding process As one can notice the respective difference values are comparable
Em1 is a simplified version of ISC because actually ISC spreads M over the entire stego
image yielding the same embedding density everywhere In doing this ISC neither uses
permutative straddling nor matrix encoding but simply divides the nonzero coefficients array
in blocks of the same length If necessary only one of the coefficients in each block is
modified Furthermore ISC presents an on-line mechanism for correcting the statistical
deviations created by the embedding step If the message length is sufficiently short (ie it is
less than the number of AC nonzero coefficients) ISC transforms useless coefficients in
order to restore the original statistical properties characterizing the cover medium
As an example if ISC transforms an AC coefficient from -1 into -2 when it encounters the
first unused -2 it transforms this value in -1 in order to reequilibrate the histogram Naturally
the more information we embed in the cover image the less ISC can correct the introduced
modifications If we choose a 24-bit image as cover we can store 3 bits in each pixel To the
human eye the resulting stego image will look identical to the cover image (Johnson and
Jajodia 1998)
8
Fig ISC technique
In the next sections we will present a new all-in one method able to perform steganography
providing strong encryption at the same time Our method has been planned either to work
with bit streams scattered over multiple images (in an online way of functioning) or to work
with still images it yields random outputs in order to make steganalysis more difficult and it
can cipher M in a theoretically secure manner preserving the stego imagersquos statistical
propertiesThe simplicity of our method gives the possibility of using it in real-time
applications such as mobile video communication
4Some history
The first description of the use of steganography dates back to the Greeks Herodotus tells
how a message was passed to the Greeks about Xersesrsquo hostile intentions underneath the wax
of a writing tablet and describes a technique of dotting successive letters in a cover text with
a secret ink due to Aeneas the Tactician Pirate legends tell of the practice of tattooing secret
information such as a map on the head of someone so that the hair would conceal it
Steganography is the art and science of writing hidden messages in such a way that no one
apart from the sender and intended recipient suspects the existence of the message a form of
security through obscurity The word steganography is of Greek origin and means concealed
writing from the Greek words steganos meaning covered or protected and graphei
9
(γραφή) meaning writing The first recorded use of the term was in 1499 by Johannes
Trithemius in his Steganographia a treatise on cryptography and steganography disguised as
a book on magic Generally messages will appear to be something else images articles
shopping lists or some other covertext and classically the hidden message may be in
invisible ink between the visible lines of a private letter
The advantage of steganography over cryptography alone is that messages do not attract
attention to themselves Plainly visible encrypted messagesmdashno matter how unbreakablemdash
will arouse suspicion and may in themselves be incriminating in countries where encryption
is illegal[1] Therefore whereas cryptography protects the contents of a message
steganography can be said to protect both messages and communicating parties
Steganography includes the concealment of information within computer files In digital
steganography electronic communications may include steganographic coding inside of a
transport layer such as a document file image file program or protocol Media files are ideal
for steganographic transmission because of their large size As a simple example a sender
might start with an innocuous image file and adjust the color of every 100th pixel to
correspond to a letter in the alphabet a change so subtle that someone not specifically
looking for it is unlikely to notice it
Kahn tells of a trick used in China of embedding a code ideogram at a prearranged position in
a dispatch a similar idea led to the grille system used in medieval Europe where a wooden
template would be placed over a seemingly innocuous text highlighting an embedded secret
message Invisible ink offered a common form of invisible writing
Early in WWII steganographic technology consisted almost exclusively of these inks With
invisible ink a seemingly innocent letter could contain a very different message written
between the lines During WWII the grille spies used method or some variants In the same
period the Germans developed microdot technology which prints a clear good quality
photograph shrinking it to the size of a dot During the Cold War period USSR and US
wanted to hide their sensors in the enemyrsquos facilities These devices had to send data to their
nations without being spotted
5SOME DEFINITIONS
We give some definitions common to the steganography field
10
Cover medium This is the medium in which we want to hide data it can be an innocent
looking piece of information for steganography or some important medium that must be
protected for copyright or integrity reasons
Embedded message This is the hidden message we want to put in the cover It can be some
data for steganography and some copyright informations or added content for digital
watermarking
Stegokey This is represented by some secret information which is needed in order to extract
the embedded message from the stegomedium
Stego-medium This is the final piece of information that the casual observer can see
We can define this simple formula
Cover-medium + embedded-message = stego-message
6BASIC METHOD BEHIND STEGANOGRAPHY
FigSteganography process
7IMAGE FILES
To a computer an image is an array of numbers that represent an array of numbers that
represent light intensities at various points or pixels These pixels make up the imagersquos raster
data A common image size is 640 480 and 256 colors (or 8 bits per pixel) Such an image
could contain about 300 kb of data Digital images are typically stored as either 24-bit or 8-
11
bit files A 24-bit image provides the most space for hiding information however it can be
quite large except for the JPEG images A 24-bit image of 1024 pixels width and 768 pixels
height has more than two million pixels each having 24-bits which would produce a file
exceeding 2 Mega bytes Such a file would attract attention during transmission File
compression would thus be beneficial if not necessary to transmit such a file
71File compression
There are two types of file compression methods- lossless and lossy Both methods save
storage space but have different results interfering with the hidden information when
information is uncompressed Lossless compression lets us reconstruct the original message
exactly therefore it is preferred when the original information must remain intact (as with
steganographic images) Lossless compression as typical of images saved as GIF and 8-bit
BMP Lossless compression on the other hand saves space but may not maintain the original
imagersquos integrity This method typifies images saved as JPEG Due to the lossy compression
algorithm which we discuss later the JPEG formats provide close approximations to high-
quality digital photographs but not an exact duplicate Hence the term ldquolossy compressionrdquo
72Embedding data
Embedding data which is to be hidden into an image requires two files The first is the
innocent looking image that will hold the hidden information called the cover image The
second file is the message- the information to be hidden A message may be plain text cipher
text other images or anything that can be embedded in a bit stream when combined the
cover image and the embedded message make a stego- image A stego-key (a type of
password) may also be used to hide and then later decode the message
Most steganographic software neither supports not recommends using JPEG images But
recommends instead the use of lossless 24-bit images such as BMP The next best alternative
to 24-bit images is 256- color or gray scale images The most common of these found on the
Internet are GIF files
Every AC coefficient in the interval [minus88] is shown on the yaxis in Fig 7 in particular the
black columns represent the differences introduced by F5 embedding step while the white
ones correspond to the number of modifications yielded by ISC embedding process
12
Fig ISC for JPEG sequence(Embedded step)
FigISC for JPEG sequence(Extracting step)
In 8-bit color images such as GIF files each pixel is represented by a single byte and each
pixel nearly points to a color index able (a palette) with 256 possible colors The pixels value
is between 0 and 255 The software simply paints the indicated color on the screen at the
selected pixel position
Many steganography experts recommend the use of images featuring 256 shades of grapy
Gray scale images are preferred because the shades change very gradually from byte to byte
and the less the value changes between palette entries the better they can hide information
13
When considering an image in which to hide information you must consider the image as
well as the palette Obviously an image with large areas of solid colors is a poor choice as
variances created from the embedded massage will be noticeable in the solid areas
73 Data embedded security system
The choice of embedding algorithm in the most cases is driven by the results of the
steganographic channel robustness analysis One of the areas that improves steganographic
robustness is usage of a key scheme for embedding messagesVarious key steganographic
schemes have various levels of protection Key scheme term means a procedure of how to use
key steganographic system based on the extent of its use However when the steganographic
robustness is increased a bandwidth of the whole embedding system is decreased Therefore
the task of a scheme selection for achieving the optimal values of the steganographic system
is not trivial
Embedding messages in steganographic system can be carried out without use of a key or
with use of a key To improve steganographic robustness key can be used as a verification
option It can make an impact on the distribution of bits of a message within a container as
well as an impact on the procedure of forming a sequence of embedded bits of a message
The first level of protection is determined only by the choice of embedding algorithm This
may be the least significant bits modification algorithm or algorithms for modifying the
frequency or spatial-temporal characteristics of the container The first level of protection is
presented in any steganographic channel Steganographic system in this case can be
represented as shown at The First Protection Level Scheme figure There following notations
are used c - is a container file F - steganographic channel space (frequency orand amplitude
container part that is available for steganographic modification and message signal
transmission) SC - steganographic system m - message to be embedded E - embedding
method ĉ - modified container file
The second protection level of the steganographic system as well as all levels of protection
of the higher orders is characterized by the use of Key (password) via steganographic
modification An example of a simple key scheme which provides a second level of
protection is to write the unmodified or modified password in the top or bottom of the
message or the distribution of the password sign on the entire length of the steganographic
channel Such key schemes do not affect the distribution of messages through the container
and do not use a message preprocessing according to the defined key (see figure The Second
14
Protection Level Scheme) This kind of steganographic systems are used in such tasks as for
instance adding a digital signature for proof of copyright Data embedding performance is
not changed in comparison with the fastest approach of the first protection level usage
Steganographic data channels that use key schemes based distribution of a message through
the container and or preprocessing of an embedded message for data hiding are more secure
When the third protection level key scheme is used it affects the distribution of a message
through the container (see figure The Third Protection Level Scheme where F(P L) ndash
distribution function of a message within a container P ndash minimum number of container
samples that are needed to embed one message sample L ndash step of a message distribution
within a container) Accordingly the performance of container processing will be lower than
in the case of the first and the second key schemes Taking into account that PgeL the
simplest representation of the F(P L) function could be as following
F(P L) = cycleL + stepP
where cycle is a number of the current L section and step is a number of the embedded
message sample
The difference between the fourth protection level scheme and the third one is that in
steganographic system there are two distribution functions of a message within a container
are used The first is responsible for a message samples selection according to some function
G(Q N) and the second function F(P L) is responsible for position selection in a container
for message sample hiding Here Q ndash the size of message block to be inserted N ndash the size (in
bits) of one sample of the message file (see figure The Fourth Protection Level Scheme)
8CONCEALMENT IN DIGITAL IMAGES
Information can be hidden many different ways in images To hide information straight
message insertion may encode every bit of information in the message or selectively embed
the message in ldquonoisyrdquo areas that draw less attention- those areas where there is a great deal
of natural color variation The message may also be scattered randomly throughout the
image Redundant pattern encoding ldquowallpapersrdquo the cover image with the message
Image based Steganography is the most popular method for message concealment In this
paper two techniques are proposed for enhancing the message secrecy using image based
steganography The first technique is based on the use of punctuation marks to encode a
secret message before embedding it into the image file The second technique is based on the
15
use of modified scytale cipher to hide a secret message in an image file Both of these
techniques have been implemented and tested using the S-Tools software package The
original and stego-images both are shown for the purpose of comparison
A number of ways exist to hide information in digital images Common approaches include
1048766 Least significant bit (LSB) insertion
1048766 Masking and filtering
1048766 Algorithms and transformations
81Least significant bit insertion
Least significant Bit insertion is a common simple approach to embedding information in a
cover file To hide an image in the LSBs of each byte of a 24-bit image you can store 3 bits
in each pixel A 1024 768 image has the potential to hide a total of 2359296 bits of
information Ti you compress the message to be hidden before you embed it you can hide a
large amount of information To the human eye the resulting stego-image will look identical
to the cover image
82Masking and Filtering
Masking and filtering techniques usually restricted to 24-bit and tray-scale images hide
information by marking an image in a manner similar to paper watermarks Watermarking
techniques may be applied without fear of image destruction due to lossy compression
because they are more integrated into the image
Visible watermarks are not steganography by definition The difference is primarily one of
intent Traditional steganography conceals information watermarks extend information and
become an attribute of the cover image Digital watermarks may include such information as
copyright ownership or license In steganography the object of communication is the hidden
message In digital watermarking the object of communication is the cover
To create a watermarked image we increase the luminance of the masked area by 15
percent If we were to change the luminance by a smaller percentage the mask would be
undetected by the human eye Now we can use the watermarked image to hide plaintext or
encoded information
Masking is more robust than LSB insertion with respect to compression cropping and some
image processing Masking techniques embed information in more significant areas so that
16
the hidden message is more integral to the cover image than just hiding it in the ldquonoiserdquo level
This makes it more suitable than LSB with lossy JPEG images
83Algorithms and Transformations
LSB manipulation is a quick and easy way to hide information but is vulnerable to small
changes resulting from image processing or lossy compression Such compression is a key
advantage that JPEG images have over other formats High quality images can be stored in
relatively small files using JPEG compression method
One steganographic method that integrates the compression algorithm for hiding the
information is Jpeg-Jsteg Jpeg-Jsteg creates a JPEG stego image from the input of a message
to be hidden and a lossless cover mage
Another method used in Patchwork and similar techniques is the redundant pattern encoding
Here the hidden information is scattered throughout the cover mage These approaches may
help protect against image processing such as cropping and rotations and they hide
information more thoroughly than by simply masking They also support image manipulation
more readily than tools that rely on LSB In using redundant pattern encoding you must trade
off message size against robustness A large message may be embedded only once because it
would occupy a much greater portion of the image area
Other techniques encrypt and scatter the hidden data throughout an image Scattering the
message makes it appear more like noise Proponents of this approach assume that even if the
message bits are extracted they will be useless without the algorithm and stego-key to
decode them Scattering and encryption helps protect against hidden message extraction but
not against message destruction through image processing A scattered message in the
imagersquos LSBs is still as vulnerable to destruction from lossy compression and image
processing as is a clear text message inserted in the LSBs
84 Countermeasures and detection
Detection of physical steganography requires careful physical examination including the use
of magnification developer chemicals and ultraviolet light It is a time-consuming process
with obvious resource implications even in countries where large numbers of people are
employed to spy on their fellow nationals However it is feasible to screen mail of certain
suspected individuals or institutions such as prisons or prisoner-of-war (POW) camps
During World War II a technology used to ease monitoring of POW mail was specially
17
treated paper that would reveal invisible ink An article in the June 24 1948 issue of Paper
Trade Journal by the Technical Director of the United States Government Printing Office
Morris S Kantrowitz describes in general terms the development of this paper three
prototypes of which were named Sensicoat Anilith and Coatalith paper These were for the
manufacture of post cards and stationery to be given to German prisoners of war in the US
and Canada If POWs tried to write a hidden message the special paper would render it
visible At least two US patents were granted related to this technology one to Mr
Kantrowitz No 2515232 Water-Detecting paper and Water-Detecting Coating
Composition Therefor patented July 18 1950 and an earlier one Moisture-Sensitive Paper
and the Manufacture Thereof No 2445586 patented July 20 1948 A similar strategy is to
issue prisoners with writing paper ruled with a water-soluble ink that runs when in contact
with a water-based invisible ink
In computing detection of steganographically encoded packages is called steganalysis The
simplest method to detect modified files however is to compare them to known originals
For example to detect information being moved through the graphics on a website an analyst
can maintain known-clean copies of these materials and compare them against the current
contents of the site The differences assuming the carrier is the same will compose the
payload In general using extremely high compression rate makes steganography difficult
but not impossible While compression errors provide a hiding place for data high
compression reduces the amount of data available to hide the payload in raising the encoding
density and facilitating easier detection (in the extreme case even by casual observation)
9 LEAST SIGNIFICANT BIT (LSB) INSERTION
91Technique basics
Today when converting an analog image to digital format we usually choose between three
different ways of representing colors
1048766 24-bit color every pixel can have one in 2^24 colors and these are represented as different
quantities of three basic colors red (R) green (G) blue (B) given by 8 bits (256 values)
each
18
1048766 8-bit color every pixel can have one in 256 (2^8) colors chosen from a palette or a table
of colors
1048766 8-bit gray-scale every pixel can have one in 256 (2^8) shades of gray
LSB insertion modifies the LSBs of each color in 24-bit images or the LSBs of the 8-bit
value for 8-bit images
92Data Rate
The most basic of LSBs insertion for 24-bit pictures inserts 3 bitspixel Since every pixel is
24 bits we can hide
3 hidden-bitspixel 24 data-bitspixel = 18 hidden-bitsdatabits
So for this case we hide 1 bit of the embedded message for every 8 bits of the cover image If
we pushed the insertion to include the second LSBs the formula would change to
6 hidden-bitspixel 24 data-bitspixel = 28 hidden-bitsdatabits
And we would hide 2 bits of the embedded message for every 8 bits of the cover image
Adding a third-bit insertion we would get
9 hidden-bitspixel 24 data-bitspixel = 38 hidden-bitsdatabits
Acquiring a data rate of 3 embedded bits every 8 bits of the image The data rate for insertion
in 8-bit images is analogous to the 1 LSB insertion in 24-bit images or 1 embedded bit every
8 cover bits We can see the problem in another light and ask how many cover bytes are
needed to send an embedded byte
For 1-LSB insertion in 24-bit images or in 8-bit images this value would be 818 = 8 Bytes
For 2-LSBs insertion in 24-bit pictures it would be 828 = 4 Bytes for 3-LSBs insertion it
would be 838 = 2133 Bytes
93Robustness
LSB insertion is very vulnerable to a lot of transformationseven the most harmless and usual
ones Lossy compression eg JPEG is very likely to destroy it completely The problem is
that the holes in the Human Visual System that LSB insertion tries to exploit ndash little
sensitivity to added noise - are the same that lossy compression algorithms rely on to be able
to reduce the data rate of images
19
Geometrical transformations moving the pixels around and especially message and the only
one that could allow recovery is a simple translation Any other kind of picture
transformation like blurring or other effects usually will destroy the hidden data All in all
LSB insertion is a very little robust technique for data hiding displacing them from the
original grid are likely to destroy the embedded
94Ease of detectionextraction
There is no theoretical outstanding mark of LSB insertion if not a little increase of
background noise Itrsquos very easy instead to extract LSBs even with simple programs and to
check them later to find if they mean something or not
95Suitability for steganography or watermarking
First of all since it is a so vulnerable technique even for simple processing LSB insertion is
almost useless for digital watermarking where it must face malicious attempts at its
destruction plus normal transformations like compressiondecompression or conversion to
analog (printing or visualization)conversion to digital (scanning) Its comparatively high data
rate can point it as a good technique for steganography where robustness is not such an
important constraint
96Problems and possible solutions
Having stated that LSB insertion is good for steganography we can try to improve one of its
major drawbacks the ease of extraction We donrsquot want that a malicious attacker be able to
read everything we are sending
This is usually accomplished with two complementary techniques
Encryption of the message so that who extracts it must also decrypt it before it makes
sense
Randomizing the placement of the bits using a cryptographical random function
(scattering) so that itrsquos almost impossible to rebuild the message without knowing the
seed for the random function
In this way the message is protected by two different keys acquiring much more
confidentiality than before This approach protects also the integrity of the message being
much more difficult (we could say at least computationally infeasible) to counterfeit the
message
20
Anyway since we donrsquot want our message to be only an encrypted and scrambled message
we must go back to the purpose of making the communication hidden
The two most important issues in this problem are
The choice of images
The choice of the format (24-bit or 8-bit compressed or not)
The cover image first of all must seem casual so it must be chosen between a set of subjects
that can have a reason to be exchanged between the source and the receiver Then it must
have quite varying colors it must be noisy so that the added noise is going to be covered
by the already present one Wide solid-color areas imagnify very much any little amount of
noise added to them Second there is a problem with the file size which involves the choice
of the format Unusually big files exchanged between two peers in fact are likely to arise
suspicion
To solve this problem it has been studied a modification to the JPEG algorithm that inserts
LSBs in some of the lossless stages or pilots the rounding of the coefficients of the DCT used
to compress the image to encode the bits Since we need to have small image file sizes we
should resort in using 8-bit images if we want to communicate using LSB insertion because
their size is more likely to be considered as normal
The problem with 256 colors images is that they make use of an indexed palette and
changing a LSB means that we switch a pixel from a position to an adjacent one If there are
adjacent contrasting colors in the palette it can happen that a pixel in the image changes its
color abruptly and the hidden message becomes visible
To solve this problem different methods have been studied like rearranging the palette so
that adjacent colors donrsquot contrast so much or even reducing the palette to a smaller number
of colors and replicating the same entry in the table in adjacent positions so that the
difference after the embedding of the message is not visible at all
Moreover for most images the reduction of colors from for instance 256 to 32 is hardly
visible Most of the experts anyway advise to use 8-bit grayscale images since their palette
is much less varying than the color one so LSB insertion is going to be very hard to detect by
the human eye
21
10SSIS - SPREAD SPECTRUM IMAGE STEGANOGRAPHY
Techniques of error-control coding image restoration and those similar to spread spectrum
communication are combined within the SSIS system The fundamental concept is the
embedding of the hidden information within noise which is then added to a digital cover
image This noise is typical of the noise inherent to the image acquisition process and if kept
at low levels is not perceptible to the human eye or by computer analysis without access to
the original image To successfully decode the message image restoration techniques and
error-control coding are employed Image restoration is used to obtain an approximate
estimate of the original cover image from the stegoimage This promotes the estimation of the
embedded signal that was added to the cover in addition to allowing SSIS to be a blind
steganography scheme
Finally because the noise is of low power and the restoration process is not perfect the
estimation of the embedded signal is poor resulting in an embedded signal bit error rate
(BER) that is rather high To compensate the message signal is processed by a low-rate
error-correcting code before embedding This conglomeration of communication and image
processing techniques provides a method of reliable blind image steganography
The major processes of the stegosystem encoder are portrayed Within the system the
message is optionally encrypted with key 1 and then encoded via a low-rate
errorcorrectingcode producing the encoded message Thesender enters key 2 into a wideband
pseudorandom noise generator producing a real-valued noise sequence sequently the
modulation scheme is used to combine the message with the noise sequence thereby
composing the embedded signal which is then input into an interleaver using key 3 This
signal is now added with the cover image to produce the stegoimage which is appropriately
quantized and clipped to preserve the initial dynamic range of the cover image The
stegoimage is then transmitted in some manner to the recipient At the receiver the
stegoimage is received by the recipient who maintains the same keys as the sender uses the
stegosystem decoder to extract the hidden information The decoder uses image restoration
techniques to produce an estimate of the original cover image from the received
stegoimage The difference between and
is fed into a keyed deinterleaver to construct an estimate of the embedded signal With key
2 the noise sequence is regenerated the encoded message is then demodulated and an
estimate of the encoded message is constructed The estimate of the message is then
22
decoded via the low-rate errorcontrol decoder optionally decrypted using key 1 and revealed
to the recipient
The interleaver in this scheme which reorders the embedded signal before it is added to the
cover image serves a dual function The first is to prevent a group or burst of errors This
allows the errors to occur almost independently within a codeword thus giving the error-
correcting code an equal chance at correcting the errors in all codewords Second since the
interleaver requires a key to stipulate the interleaving algorithm this key can serve as another
level of security to establish the proper order of the embedded signal before decoding
We point out this technique as an example for spread spectrum data-hiding methods Spread
spectrum techniques are now widely used in military radio communications due to their very
high robustness to detection and extraction SSIS is a quite mature process and its aim is to
achieve low detectability ease of extraction high data rate and good robustness to removal It
is based on spread spectrum techniques but it enhances them by adding other encoding steps
FigSSIS encoder
23
FigSSIS decoder
101Technique basics
The core of SSIS is a spread spectrum encoder These devices work by modulating a narrow
band signal over a carrier The carrierrsquos frequency is continually shifted using a
pseudorandom noise generator fed with a secret key In this way the spectral energy of the
signal is spread over a wide band thus decreasing its density usually under the noise level
To extract the embedded message the receiver must use the same key and noise generator to
tune on the right frequencies and demodulate the original signal A casual observer wonrsquot be
able even to detect the hidden communication since it is under the noise level
102Data Rate
The data rate for this technique can be fairly high but it depends on the choices made for the
different parameters of the encoding We can assume that the message will be compressed
before embedding to allow for a higher capacity The ECC encoder instead is going to insert
redundant data into the stream to be able to correct the errors The more errors we want to
correct the more bits will be added Then we have a tradeoff between good retrieval and
capacity If we can allow for small glitches in the recovered message then we can use a
weaker encoding
Moreover the more data we want to insert in the image the more noise we are going to add
to it Then if our cover is not noisy we will be able to hide very little data while if we
choose a noisy one its capacity will be higher Experiments with 512x512 grey scale images
(256 KB) could embed from 500 bytes to 5KB depending on the cover These experiments
used a spread spectrum signal powerful enough to give almost total error-free retrieval
because the compression method adopted didnrsquot allow for any errors This means a data rate
24
varying from 1 hidden-bytes50 cover-bytes to 10 hiddenbytes 50 cover-bytes a rate
surpassed only by LSB insertion
103Robustness
Spread spectrum techniques are usually quite robust Every transformation that adds noise to
the image isnrsquot able to destroy the message Anyway a determined attacker can quite easily
compromise the embedded data using some digital processing like for examplenoise
reduction filters the same that are used in decoding to estimate the original cover
104Ease of detectionextraction
Spread spectrum encoding is widely used in military communications for its robustness
against detection An attacker canrsquot usually even know if the message was embedded and
anyway it will be very hard for him to extract it without knowing the right key2 and key3
105Suitability for steganography or watermarking
Due to its fairly high capacity and low ease of detection and extraction SISS is very good for
steganography
106Problems and possible solutions
The basic tradeoff in using SSIS is between the error rate we can afford and the amount of
informations we want to embed that varies in turn the power of the added noise The ECC is
used to allow for a lower power without increasing the Bit Error Rate as well
Further improvements will deal with improving the original cover estimate stage so that itrsquoll
lead to a lower Bit Error Rate in the recovered signal allowing to use less redundant ECCs
The first is redundant encoding by dividing the cover into blocks and embedding the same
message in each of them so that the hidden data can be extracted even from a part of the
image as big as one block but the more of it we have the more certain we can be about the
result
Moreover they added to the spectrum a template that can through a log-polar transform
applied to the spectrum of the stegoimage determine the original scale factor and orientation
of the image rendering the stego-message virtually immune to scaling and rotation Finally
spread spectrum techniques can add an adaptive perceptual masking filter before the insertion
of the signal so that the added noise is quite sure to be under perceptual limits This
25
however will increase the error rate in the retrieval because it reduces the power of the
embedded signal
11Applications of Steganography
Steganography is applicable to but not limited to the following areas
1) Confidential communication and secret data storing
2) Protection of data alteration
3) Access control system for digital content distribution
4) Media Database systems
The area differs in what feature of the steganography is utilized in each system
111 Confidential communication and secret data storing
The secrecy of the embedded data is essential in this areaHistorically steganography have
been approached in this area Steganography provides us with
(A) Potential capability to hide the existence of confidential data
(B) Hardness of detecting the hidden (ie embedded) data
(C) Strengthening of the secrecy of the encrypted data
In practice when you use some steganography you must first select a vessel data according
to the size of the embedding data The vessel should be innocuous Then you embed the
confidential data by using an embedding program (which is one component of the
steganography software) together with some key When extracting you (or your party) use an
extracting program (another component) to recover the embedded data by the same key
( common key in terms of cryptography) In this case you need a key negotiation before
you start communication
Attaching a stego file to an e-mail message is the simplest example in this application area
But you and your party must do a sending-and-receiving action that could be noticed by a
third party So e-mailing is not a completely secret communication methodThere is an easy
method that has no key-negotiation We have a model of Anonymous Covert Mailing
System There is some other communication method that uses the Internet Webpage In this
26
method you dont need to send anything to your party and no one can detect your
communication
Each secrecy based application needs an embedding process which leaves the smallest
embedding evidence You may follow the following
(A) Choose a large vessel larger the better compared with the embedding data
(B) Discard the original vessel after embedding
For example in the case of Qtech Hide amp View it leaves some latent embedding evidence
even if the vessel has a very large embedding capacity You are recommended to embed only
25 or less (for PNG BMP output) of the maximum capacity or only 3 of the vessel size
(for JPEG output)
112 Protection of data alteration
We take advantage of the fragility of the embedded data in this application area
The embedded data can rather be fragile than be very robust Actually embedded data are
fragile in most steganography programs Especially Qtech Hide amp View program embeds
data in an extremely fragile manner However this fragility opens a new direction toward an
information-alteration protective system such as a Digital Certificate Document System
The most novel point among others is that no authentication bureau is needed If it is
implemented people can send their digital certificate data to any place in the world through
Internet No one can forge alter nor tamper such certificate data If forged altered or
tampered it is easily detected by the extraction program
Stated somewhat more formally the objective for making steganographic encoding difficult
to detect is to ensure that the changes to the carrier (the original signal) due to the injection of
the payload (the signal to covertly embed) are visually (and ideally statistically) negligible
that is to say the changes are indistinguishable from the noise floor of the carrier Any
medium can be a carrier but media with a large amount of redundant or compressible
information are better suited
From an information theoretical point of view this means that the channel must have more
capacity than the surface signal requires that is there must be redundancy For a digital
image this may be noise from the imaging element for digital audio it may be noise from
recording techniques or amplification equipment In general electronics that digitize an
analog signal suffer from several noise sources such as thermal noise flicker noise and shot
27
noise This noise provides enough variation in the captured digital information that it can be
exploited as a noise cover for hidden data In addition lossy compression schemes (such as
JPEG) always introduce some error into the decompressed data it is possible to exploit this
for steganographic use as well
Steganography can be used for digital watermarking where a message (being simply an
identifier) is hidden in an image so that its source can be tracked or verified (for example
Coded Anti-Piracy) or even just to identify an image (as in the EURion constellation)
113 Access control system for digital content distribution
In this area embedded data is hidden but is explained to publicize the contentToday
digital contents are getting more and more commonly distributed by Internet than ever before
For example music companies release new albums on their Webpage in a free or charged
manner However in this case all the contents are equally distributed to the people who
accessed the page So an ordinary Web distribution scheme is not suited for a case-by-case
and selective distribution Of course it is always possible to attach digital content to e-mail
messages and send to the customers But it will takes a lot of cost in time and labor
If you have some valuable content which you think it is okay to provide others if they really
need it and if it is possible to upload such content on the Web in some covert manner And if
you can issue a special access key to extract the content selectively you will be very happy
about it A steganographic scheme can help realize a this type of system
We have developed a prototype of an Access Control System for digital content
distribution through Internet The following steps explain the scheme
(1) A content owner classify hisher digital contents in a folder-by-folder manner and embed
the whole folders in some large vessel according to a steganographic method using folder
access keys and upload the embedded vessel (stego data) on hisher own Webpage
(2) On that Webpage the owner explains the contents in depth and publicize worldwide The
contact information to the owner (post mail address e-mail address phone number etc) will
be posted there
(3) The owner may receive an access-request from a customer who watched that Webpage In
that case the owner may (or may not) creates an access key and provide it to the customer
(free or charged)
28
In this mechanism the most important point is a selective extraction is possible or notWe
have already developed such a selective extraction program to implement the system
114 Media Database systems
In this application area of steganography secrecy is not important but unifying two types of
data into one is the most importantMedia data (photo picture movie music etc) have some
association with other information A photo picture for instance may have the following
(1) The title of the picture and some physical object information
(2) The date and the time when the picture was taken
(3) The camera and the photographers information
Formerly these are annotated beside the each picture in the albumRecently almost all
cameras are digitalized They are cheap in price easy to use quick to shoot They eventually
made people feel reluctant to work on annotating each picture Now most home PCs are
stuck with the huge amount of photo files In this situation it is very hard to find a specific
shot in the piles of pictures A photo album software may help a little You can sort the
pictures and put a couple of annotation words to each photo When you want to find a
specific picture you can make a search by keywords for the target picture However the
annotation data in such software are not unified with the target pictures Each annotation only
has a link to the picture Therefore when you transfer the pictures to a different album
software all the annotation data are lost
This problem is technically referred to as Metadata (eg annotation data) in a media
database system (a photo album software) are separated from the media data (photo data) in
the database managing system (DBMS) This is a big problem
Steganography can solve this problem because a steganography program unifies two types of
data into one by way of embedding operation So metadata can easily be transferred from
one system to another without hitch Specifically you can embed all your goodbad memory
(of your sight-seeing trip) in each snap shot of the digital photo You can either send the
embedded picture to your friend to extract your memory on hisher PC or you may keep it
silent in your own PC to enjoy extracting the memory ten years after If a motion picture
steganography system has been developed in the near future a keyword based movie-scene
retrieving system will be implemented It will be a step to a semantic movie retrieval system
29
12CONCLUSION
In this paper we tried to give an all-round view of steganography both used to exchange
messages and watermarking First we gave an outline of the problem telling also some of the
history of this quickly developing field Then we showed the different techniques invented
from the simplest to the more complex ones trying to evaluate them under many points of
view Major emphasis was put on data hiding in images for the techniques involved are
usually more mature than the corresponding ones for other kinds of informations Image
encoding algorithms can also be representative for manipulation of other types of media like
voice text binary files binary files communication channels etc
The strength of our system resides in the new concept of key image Involving two images
(the cover and the key) in place of only one (the cover) we are able to change the cover
coefficients randomly This opportunity does not give a steganalytic tool the chance of
searching for a predictable set of modifications The proposed approach has many
applications in hiding and coding messages within standard medias such as images or videos
As future work we intend to study steganalytic techniques for ISC and to extend ISC to
mobile video communication
Then we gave an outline of the problems involved with watermarking a field that has come
into light after the development of broadband worldwide digital networks Steganography and
digital watermarking are undergoing a development process similar to that of encryption
Steganographyrsquos niche in security is to supplement cryptography and not to replace it There
is a continuous invention of new techniques for steganography followed by successful
breakings and new improvements of them
30
13REFERENCES
Neil F Johnson Sushil Jajodia George Mason University Exploring
Steganography Seeing the Unseen IEEE Computers February 1998 pp 26-34
W Bender D Gruhl N Morimoto A Lu Techniques for Data Hiding IBM
Systems Journal Vol 35
Ross Anderson Roger Needham Adi Shamir The Steganographic File System 2nd
Information Hiding Workshop 1998
Ross J Anderson Fabien AP Petitcolas On the limits of steganographyrdquo
W Bender D Gruhl N Morimoto and A Lu ldquoTechniques for data hidingrdquo IBM
Syst J vol 35 1996
I J Cox J Kilian T Leighton and T Shamoon ldquoSecure spread spectrum
watermarking for images audio and videordquo in Proc IEEE Int Conf Image
Processing Lausanne Switzerland Sept 1996 vol 111 pp 243ndash246
D Kahn The CodebreakersmdashThe Story of Secret Writing New York Scribner
1967
F Johnson and S Jajodia ldquoExploring steganography Seeing the unseenrdquo IEEE
Computer Mag pp 26ndash34 Feb 1998
B Pfitzmann ldquoTrials of traced traitorsrdquo in Information Hiding First International
Workshop Lecture Notes in Computer Science R Anderson Ed Berlin Germany
Springer-Verlag 1996 vol 1 pp 49ndash64
J R Smith and B O Comisky ldquoModulation and information hiding in imagesrdquo in
Information Hiding First International Workshop Lecture Notes in Computer
Science R Anderson Ed Berlin Germany Springer-Verlag 1996 vol 1174 pp
207ndash226
L M Marvel and C G Boncelet Jr ldquoCapacity of the additive steganographic
channelrdquo submitted for publication
R van Schyndel A Tirkel and C Osborne ldquoA digital watermarkrdquo in Proc IEEE Int
Conf Image Processing 1994 vol 2 pp 86ndash90
R B Wolfgang and E J Delp ldquoA watermark for digital imagesrdquo in Proc IEEE Int
Conf Image Processing Lausanne Switzerland Sept 1996 vol 111 pp 219ndash222
31
- 84 Countermeasures and detection
- Detection of physical steganography requires careful physical examination including the use of magnification developer chemicals and ultraviolet light It is a time-consuming process with obvious resource implications even in countries where large numbers of people are employed to spy on their fellow nationals However it is feasible to screen mail of certain suspected individuals or institutions such as prisons or prisoner-of-war (POW) camps During World War II a technology used to ease monitoring of POW mail was specially treated paper that would reveal invisible ink An article in the June 24 1948 issue of Paper Trade Journal by the Technical Director of the United States Government Printing Office Morris S Kantrowitz describes in general terms the development of this paper three prototypes of which were named Sensicoat Anilith and Coatalith paper These were for the manufacture of post cards and stationery to be given to German prisoners of war in the US and Canada If POWs tried to write a hidden message the special paper would render it visible At least two US patents were granted related to this technology one to Mr Kantrowitz No 2515232 Water-Detecting paper and Water-Detecting Coating Composition Therefor patented July 18 1950 and an earlier one Moisture-Sensitive Paper and the Manufacture Thereof No 2445586 patented July 20 1948 A similar strategy is to issue prisoners with writing paper ruled with a water-soluble ink that runs when in contact with a water-based invisible ink
-
image S by replacing these redundant bits with data from M S is transmitted over a public
channel (monitored by Wendy) and is received by Bob only if Wendy has no suspicion on it
Once Bob recovers S he can get M through the extracting process
Fig ISC embedded process
The embedding process represents the critical task for a steganographic system since S must
be as similar as possible to C for avoidingWendyrsquos intervention (Wendy acts for the
eavesdropper) Least significant bit (LSB) insertion is a common and simple approach to
embed information in a cover file it overwrites the LSB of a pixel with anMrsquos bit
Fig ISC extracting process
7
Unfortunately modifying the cover image changes its statistical properties so eavesdroppers
can detect the distortions in the resulting stego imagersquos statistical properties In fact the
embedding of high-entropy data (often due to encryption) changes the histogram of colour
frequencies in a predictable way (Provos and Honeyman 2003 Westfeld and Pfitzmann
1999) Westfeld (Westfeld 2001) proposed F5 an algorithm that does not overwrite LSB and
preserves the stego imagersquos statistical properties (see Sect 52) Since standard
steganographic systems do not provide strong message encryption they recommend to
encrypt M before embedding Because of this we have always to deal with a two-steps
protocol first we must cipher M (obtaining Mrsquo) and then we can embeded M in C
Figure shows the result of such comparison obtained using a JPEG cover set Cset of 20
images (1024 x 768 average size 330 KB) In every image of Cset we have embedded a
canto from Dantersquos Divina Commedia (about 5 KB for each canto) with a JPEG quality
factor set to 80 Only for ISC we also used the images of Cset as key images The mean
difference (in percentage) for every AC coefficient in the interval [minus88] is shown on the
yaxis in Fig 7 in particular the black columns represent the differences introduced by F5
embedding step while the white ones correspond to the number of modifications yielded by
ISC embedding process As one can notice the respective difference values are comparable
Em1 is a simplified version of ISC because actually ISC spreads M over the entire stego
image yielding the same embedding density everywhere In doing this ISC neither uses
permutative straddling nor matrix encoding but simply divides the nonzero coefficients array
in blocks of the same length If necessary only one of the coefficients in each block is
modified Furthermore ISC presents an on-line mechanism for correcting the statistical
deviations created by the embedding step If the message length is sufficiently short (ie it is
less than the number of AC nonzero coefficients) ISC transforms useless coefficients in
order to restore the original statistical properties characterizing the cover medium
As an example if ISC transforms an AC coefficient from -1 into -2 when it encounters the
first unused -2 it transforms this value in -1 in order to reequilibrate the histogram Naturally
the more information we embed in the cover image the less ISC can correct the introduced
modifications If we choose a 24-bit image as cover we can store 3 bits in each pixel To the
human eye the resulting stego image will look identical to the cover image (Johnson and
Jajodia 1998)
8
Fig ISC technique
In the next sections we will present a new all-in one method able to perform steganography
providing strong encryption at the same time Our method has been planned either to work
with bit streams scattered over multiple images (in an online way of functioning) or to work
with still images it yields random outputs in order to make steganalysis more difficult and it
can cipher M in a theoretically secure manner preserving the stego imagersquos statistical
propertiesThe simplicity of our method gives the possibility of using it in real-time
applications such as mobile video communication
4Some history
The first description of the use of steganography dates back to the Greeks Herodotus tells
how a message was passed to the Greeks about Xersesrsquo hostile intentions underneath the wax
of a writing tablet and describes a technique of dotting successive letters in a cover text with
a secret ink due to Aeneas the Tactician Pirate legends tell of the practice of tattooing secret
information such as a map on the head of someone so that the hair would conceal it
Steganography is the art and science of writing hidden messages in such a way that no one
apart from the sender and intended recipient suspects the existence of the message a form of
security through obscurity The word steganography is of Greek origin and means concealed
writing from the Greek words steganos meaning covered or protected and graphei
9
(γραφή) meaning writing The first recorded use of the term was in 1499 by Johannes
Trithemius in his Steganographia a treatise on cryptography and steganography disguised as
a book on magic Generally messages will appear to be something else images articles
shopping lists or some other covertext and classically the hidden message may be in
invisible ink between the visible lines of a private letter
The advantage of steganography over cryptography alone is that messages do not attract
attention to themselves Plainly visible encrypted messagesmdashno matter how unbreakablemdash
will arouse suspicion and may in themselves be incriminating in countries where encryption
is illegal[1] Therefore whereas cryptography protects the contents of a message
steganography can be said to protect both messages and communicating parties
Steganography includes the concealment of information within computer files In digital
steganography electronic communications may include steganographic coding inside of a
transport layer such as a document file image file program or protocol Media files are ideal
for steganographic transmission because of their large size As a simple example a sender
might start with an innocuous image file and adjust the color of every 100th pixel to
correspond to a letter in the alphabet a change so subtle that someone not specifically
looking for it is unlikely to notice it
Kahn tells of a trick used in China of embedding a code ideogram at a prearranged position in
a dispatch a similar idea led to the grille system used in medieval Europe where a wooden
template would be placed over a seemingly innocuous text highlighting an embedded secret
message Invisible ink offered a common form of invisible writing
Early in WWII steganographic technology consisted almost exclusively of these inks With
invisible ink a seemingly innocent letter could contain a very different message written
between the lines During WWII the grille spies used method or some variants In the same
period the Germans developed microdot technology which prints a clear good quality
photograph shrinking it to the size of a dot During the Cold War period USSR and US
wanted to hide their sensors in the enemyrsquos facilities These devices had to send data to their
nations without being spotted
5SOME DEFINITIONS
We give some definitions common to the steganography field
10
Cover medium This is the medium in which we want to hide data it can be an innocent
looking piece of information for steganography or some important medium that must be
protected for copyright or integrity reasons
Embedded message This is the hidden message we want to put in the cover It can be some
data for steganography and some copyright informations or added content for digital
watermarking
Stegokey This is represented by some secret information which is needed in order to extract
the embedded message from the stegomedium
Stego-medium This is the final piece of information that the casual observer can see
We can define this simple formula
Cover-medium + embedded-message = stego-message
6BASIC METHOD BEHIND STEGANOGRAPHY
FigSteganography process
7IMAGE FILES
To a computer an image is an array of numbers that represent an array of numbers that
represent light intensities at various points or pixels These pixels make up the imagersquos raster
data A common image size is 640 480 and 256 colors (or 8 bits per pixel) Such an image
could contain about 300 kb of data Digital images are typically stored as either 24-bit or 8-
11
bit files A 24-bit image provides the most space for hiding information however it can be
quite large except for the JPEG images A 24-bit image of 1024 pixels width and 768 pixels
height has more than two million pixels each having 24-bits which would produce a file
exceeding 2 Mega bytes Such a file would attract attention during transmission File
compression would thus be beneficial if not necessary to transmit such a file
71File compression
There are two types of file compression methods- lossless and lossy Both methods save
storage space but have different results interfering with the hidden information when
information is uncompressed Lossless compression lets us reconstruct the original message
exactly therefore it is preferred when the original information must remain intact (as with
steganographic images) Lossless compression as typical of images saved as GIF and 8-bit
BMP Lossless compression on the other hand saves space but may not maintain the original
imagersquos integrity This method typifies images saved as JPEG Due to the lossy compression
algorithm which we discuss later the JPEG formats provide close approximations to high-
quality digital photographs but not an exact duplicate Hence the term ldquolossy compressionrdquo
72Embedding data
Embedding data which is to be hidden into an image requires two files The first is the
innocent looking image that will hold the hidden information called the cover image The
second file is the message- the information to be hidden A message may be plain text cipher
text other images or anything that can be embedded in a bit stream when combined the
cover image and the embedded message make a stego- image A stego-key (a type of
password) may also be used to hide and then later decode the message
Most steganographic software neither supports not recommends using JPEG images But
recommends instead the use of lossless 24-bit images such as BMP The next best alternative
to 24-bit images is 256- color or gray scale images The most common of these found on the
Internet are GIF files
Every AC coefficient in the interval [minus88] is shown on the yaxis in Fig 7 in particular the
black columns represent the differences introduced by F5 embedding step while the white
ones correspond to the number of modifications yielded by ISC embedding process
12
Fig ISC for JPEG sequence(Embedded step)
FigISC for JPEG sequence(Extracting step)
In 8-bit color images such as GIF files each pixel is represented by a single byte and each
pixel nearly points to a color index able (a palette) with 256 possible colors The pixels value
is between 0 and 255 The software simply paints the indicated color on the screen at the
selected pixel position
Many steganography experts recommend the use of images featuring 256 shades of grapy
Gray scale images are preferred because the shades change very gradually from byte to byte
and the less the value changes between palette entries the better they can hide information
13
When considering an image in which to hide information you must consider the image as
well as the palette Obviously an image with large areas of solid colors is a poor choice as
variances created from the embedded massage will be noticeable in the solid areas
73 Data embedded security system
The choice of embedding algorithm in the most cases is driven by the results of the
steganographic channel robustness analysis One of the areas that improves steganographic
robustness is usage of a key scheme for embedding messagesVarious key steganographic
schemes have various levels of protection Key scheme term means a procedure of how to use
key steganographic system based on the extent of its use However when the steganographic
robustness is increased a bandwidth of the whole embedding system is decreased Therefore
the task of a scheme selection for achieving the optimal values of the steganographic system
is not trivial
Embedding messages in steganographic system can be carried out without use of a key or
with use of a key To improve steganographic robustness key can be used as a verification
option It can make an impact on the distribution of bits of a message within a container as
well as an impact on the procedure of forming a sequence of embedded bits of a message
The first level of protection is determined only by the choice of embedding algorithm This
may be the least significant bits modification algorithm or algorithms for modifying the
frequency or spatial-temporal characteristics of the container The first level of protection is
presented in any steganographic channel Steganographic system in this case can be
represented as shown at The First Protection Level Scheme figure There following notations
are used c - is a container file F - steganographic channel space (frequency orand amplitude
container part that is available for steganographic modification and message signal
transmission) SC - steganographic system m - message to be embedded E - embedding
method ĉ - modified container file
The second protection level of the steganographic system as well as all levels of protection
of the higher orders is characterized by the use of Key (password) via steganographic
modification An example of a simple key scheme which provides a second level of
protection is to write the unmodified or modified password in the top or bottom of the
message or the distribution of the password sign on the entire length of the steganographic
channel Such key schemes do not affect the distribution of messages through the container
and do not use a message preprocessing according to the defined key (see figure The Second
14
Protection Level Scheme) This kind of steganographic systems are used in such tasks as for
instance adding a digital signature for proof of copyright Data embedding performance is
not changed in comparison with the fastest approach of the first protection level usage
Steganographic data channels that use key schemes based distribution of a message through
the container and or preprocessing of an embedded message for data hiding are more secure
When the third protection level key scheme is used it affects the distribution of a message
through the container (see figure The Third Protection Level Scheme where F(P L) ndash
distribution function of a message within a container P ndash minimum number of container
samples that are needed to embed one message sample L ndash step of a message distribution
within a container) Accordingly the performance of container processing will be lower than
in the case of the first and the second key schemes Taking into account that PgeL the
simplest representation of the F(P L) function could be as following
F(P L) = cycleL + stepP
where cycle is a number of the current L section and step is a number of the embedded
message sample
The difference between the fourth protection level scheme and the third one is that in
steganographic system there are two distribution functions of a message within a container
are used The first is responsible for a message samples selection according to some function
G(Q N) and the second function F(P L) is responsible for position selection in a container
for message sample hiding Here Q ndash the size of message block to be inserted N ndash the size (in
bits) of one sample of the message file (see figure The Fourth Protection Level Scheme)
8CONCEALMENT IN DIGITAL IMAGES
Information can be hidden many different ways in images To hide information straight
message insertion may encode every bit of information in the message or selectively embed
the message in ldquonoisyrdquo areas that draw less attention- those areas where there is a great deal
of natural color variation The message may also be scattered randomly throughout the
image Redundant pattern encoding ldquowallpapersrdquo the cover image with the message
Image based Steganography is the most popular method for message concealment In this
paper two techniques are proposed for enhancing the message secrecy using image based
steganography The first technique is based on the use of punctuation marks to encode a
secret message before embedding it into the image file The second technique is based on the
15
use of modified scytale cipher to hide a secret message in an image file Both of these
techniques have been implemented and tested using the S-Tools software package The
original and stego-images both are shown for the purpose of comparison
A number of ways exist to hide information in digital images Common approaches include
1048766 Least significant bit (LSB) insertion
1048766 Masking and filtering
1048766 Algorithms and transformations
81Least significant bit insertion
Least significant Bit insertion is a common simple approach to embedding information in a
cover file To hide an image in the LSBs of each byte of a 24-bit image you can store 3 bits
in each pixel A 1024 768 image has the potential to hide a total of 2359296 bits of
information Ti you compress the message to be hidden before you embed it you can hide a
large amount of information To the human eye the resulting stego-image will look identical
to the cover image
82Masking and Filtering
Masking and filtering techniques usually restricted to 24-bit and tray-scale images hide
information by marking an image in a manner similar to paper watermarks Watermarking
techniques may be applied without fear of image destruction due to lossy compression
because they are more integrated into the image
Visible watermarks are not steganography by definition The difference is primarily one of
intent Traditional steganography conceals information watermarks extend information and
become an attribute of the cover image Digital watermarks may include such information as
copyright ownership or license In steganography the object of communication is the hidden
message In digital watermarking the object of communication is the cover
To create a watermarked image we increase the luminance of the masked area by 15
percent If we were to change the luminance by a smaller percentage the mask would be
undetected by the human eye Now we can use the watermarked image to hide plaintext or
encoded information
Masking is more robust than LSB insertion with respect to compression cropping and some
image processing Masking techniques embed information in more significant areas so that
16
the hidden message is more integral to the cover image than just hiding it in the ldquonoiserdquo level
This makes it more suitable than LSB with lossy JPEG images
83Algorithms and Transformations
LSB manipulation is a quick and easy way to hide information but is vulnerable to small
changes resulting from image processing or lossy compression Such compression is a key
advantage that JPEG images have over other formats High quality images can be stored in
relatively small files using JPEG compression method
One steganographic method that integrates the compression algorithm for hiding the
information is Jpeg-Jsteg Jpeg-Jsteg creates a JPEG stego image from the input of a message
to be hidden and a lossless cover mage
Another method used in Patchwork and similar techniques is the redundant pattern encoding
Here the hidden information is scattered throughout the cover mage These approaches may
help protect against image processing such as cropping and rotations and they hide
information more thoroughly than by simply masking They also support image manipulation
more readily than tools that rely on LSB In using redundant pattern encoding you must trade
off message size against robustness A large message may be embedded only once because it
would occupy a much greater portion of the image area
Other techniques encrypt and scatter the hidden data throughout an image Scattering the
message makes it appear more like noise Proponents of this approach assume that even if the
message bits are extracted they will be useless without the algorithm and stego-key to
decode them Scattering and encryption helps protect against hidden message extraction but
not against message destruction through image processing A scattered message in the
imagersquos LSBs is still as vulnerable to destruction from lossy compression and image
processing as is a clear text message inserted in the LSBs
84 Countermeasures and detection
Detection of physical steganography requires careful physical examination including the use
of magnification developer chemicals and ultraviolet light It is a time-consuming process
with obvious resource implications even in countries where large numbers of people are
employed to spy on their fellow nationals However it is feasible to screen mail of certain
suspected individuals or institutions such as prisons or prisoner-of-war (POW) camps
During World War II a technology used to ease monitoring of POW mail was specially
17
treated paper that would reveal invisible ink An article in the June 24 1948 issue of Paper
Trade Journal by the Technical Director of the United States Government Printing Office
Morris S Kantrowitz describes in general terms the development of this paper three
prototypes of which were named Sensicoat Anilith and Coatalith paper These were for the
manufacture of post cards and stationery to be given to German prisoners of war in the US
and Canada If POWs tried to write a hidden message the special paper would render it
visible At least two US patents were granted related to this technology one to Mr
Kantrowitz No 2515232 Water-Detecting paper and Water-Detecting Coating
Composition Therefor patented July 18 1950 and an earlier one Moisture-Sensitive Paper
and the Manufacture Thereof No 2445586 patented July 20 1948 A similar strategy is to
issue prisoners with writing paper ruled with a water-soluble ink that runs when in contact
with a water-based invisible ink
In computing detection of steganographically encoded packages is called steganalysis The
simplest method to detect modified files however is to compare them to known originals
For example to detect information being moved through the graphics on a website an analyst
can maintain known-clean copies of these materials and compare them against the current
contents of the site The differences assuming the carrier is the same will compose the
payload In general using extremely high compression rate makes steganography difficult
but not impossible While compression errors provide a hiding place for data high
compression reduces the amount of data available to hide the payload in raising the encoding
density and facilitating easier detection (in the extreme case even by casual observation)
9 LEAST SIGNIFICANT BIT (LSB) INSERTION
91Technique basics
Today when converting an analog image to digital format we usually choose between three
different ways of representing colors
1048766 24-bit color every pixel can have one in 2^24 colors and these are represented as different
quantities of three basic colors red (R) green (G) blue (B) given by 8 bits (256 values)
each
18
1048766 8-bit color every pixel can have one in 256 (2^8) colors chosen from a palette or a table
of colors
1048766 8-bit gray-scale every pixel can have one in 256 (2^8) shades of gray
LSB insertion modifies the LSBs of each color in 24-bit images or the LSBs of the 8-bit
value for 8-bit images
92Data Rate
The most basic of LSBs insertion for 24-bit pictures inserts 3 bitspixel Since every pixel is
24 bits we can hide
3 hidden-bitspixel 24 data-bitspixel = 18 hidden-bitsdatabits
So for this case we hide 1 bit of the embedded message for every 8 bits of the cover image If
we pushed the insertion to include the second LSBs the formula would change to
6 hidden-bitspixel 24 data-bitspixel = 28 hidden-bitsdatabits
And we would hide 2 bits of the embedded message for every 8 bits of the cover image
Adding a third-bit insertion we would get
9 hidden-bitspixel 24 data-bitspixel = 38 hidden-bitsdatabits
Acquiring a data rate of 3 embedded bits every 8 bits of the image The data rate for insertion
in 8-bit images is analogous to the 1 LSB insertion in 24-bit images or 1 embedded bit every
8 cover bits We can see the problem in another light and ask how many cover bytes are
needed to send an embedded byte
For 1-LSB insertion in 24-bit images or in 8-bit images this value would be 818 = 8 Bytes
For 2-LSBs insertion in 24-bit pictures it would be 828 = 4 Bytes for 3-LSBs insertion it
would be 838 = 2133 Bytes
93Robustness
LSB insertion is very vulnerable to a lot of transformationseven the most harmless and usual
ones Lossy compression eg JPEG is very likely to destroy it completely The problem is
that the holes in the Human Visual System that LSB insertion tries to exploit ndash little
sensitivity to added noise - are the same that lossy compression algorithms rely on to be able
to reduce the data rate of images
19
Geometrical transformations moving the pixels around and especially message and the only
one that could allow recovery is a simple translation Any other kind of picture
transformation like blurring or other effects usually will destroy the hidden data All in all
LSB insertion is a very little robust technique for data hiding displacing them from the
original grid are likely to destroy the embedded
94Ease of detectionextraction
There is no theoretical outstanding mark of LSB insertion if not a little increase of
background noise Itrsquos very easy instead to extract LSBs even with simple programs and to
check them later to find if they mean something or not
95Suitability for steganography or watermarking
First of all since it is a so vulnerable technique even for simple processing LSB insertion is
almost useless for digital watermarking where it must face malicious attempts at its
destruction plus normal transformations like compressiondecompression or conversion to
analog (printing or visualization)conversion to digital (scanning) Its comparatively high data
rate can point it as a good technique for steganography where robustness is not such an
important constraint
96Problems and possible solutions
Having stated that LSB insertion is good for steganography we can try to improve one of its
major drawbacks the ease of extraction We donrsquot want that a malicious attacker be able to
read everything we are sending
This is usually accomplished with two complementary techniques
Encryption of the message so that who extracts it must also decrypt it before it makes
sense
Randomizing the placement of the bits using a cryptographical random function
(scattering) so that itrsquos almost impossible to rebuild the message without knowing the
seed for the random function
In this way the message is protected by two different keys acquiring much more
confidentiality than before This approach protects also the integrity of the message being
much more difficult (we could say at least computationally infeasible) to counterfeit the
message
20
Anyway since we donrsquot want our message to be only an encrypted and scrambled message
we must go back to the purpose of making the communication hidden
The two most important issues in this problem are
The choice of images
The choice of the format (24-bit or 8-bit compressed or not)
The cover image first of all must seem casual so it must be chosen between a set of subjects
that can have a reason to be exchanged between the source and the receiver Then it must
have quite varying colors it must be noisy so that the added noise is going to be covered
by the already present one Wide solid-color areas imagnify very much any little amount of
noise added to them Second there is a problem with the file size which involves the choice
of the format Unusually big files exchanged between two peers in fact are likely to arise
suspicion
To solve this problem it has been studied a modification to the JPEG algorithm that inserts
LSBs in some of the lossless stages or pilots the rounding of the coefficients of the DCT used
to compress the image to encode the bits Since we need to have small image file sizes we
should resort in using 8-bit images if we want to communicate using LSB insertion because
their size is more likely to be considered as normal
The problem with 256 colors images is that they make use of an indexed palette and
changing a LSB means that we switch a pixel from a position to an adjacent one If there are
adjacent contrasting colors in the palette it can happen that a pixel in the image changes its
color abruptly and the hidden message becomes visible
To solve this problem different methods have been studied like rearranging the palette so
that adjacent colors donrsquot contrast so much or even reducing the palette to a smaller number
of colors and replicating the same entry in the table in adjacent positions so that the
difference after the embedding of the message is not visible at all
Moreover for most images the reduction of colors from for instance 256 to 32 is hardly
visible Most of the experts anyway advise to use 8-bit grayscale images since their palette
is much less varying than the color one so LSB insertion is going to be very hard to detect by
the human eye
21
10SSIS - SPREAD SPECTRUM IMAGE STEGANOGRAPHY
Techniques of error-control coding image restoration and those similar to spread spectrum
communication are combined within the SSIS system The fundamental concept is the
embedding of the hidden information within noise which is then added to a digital cover
image This noise is typical of the noise inherent to the image acquisition process and if kept
at low levels is not perceptible to the human eye or by computer analysis without access to
the original image To successfully decode the message image restoration techniques and
error-control coding are employed Image restoration is used to obtain an approximate
estimate of the original cover image from the stegoimage This promotes the estimation of the
embedded signal that was added to the cover in addition to allowing SSIS to be a blind
steganography scheme
Finally because the noise is of low power and the restoration process is not perfect the
estimation of the embedded signal is poor resulting in an embedded signal bit error rate
(BER) that is rather high To compensate the message signal is processed by a low-rate
error-correcting code before embedding This conglomeration of communication and image
processing techniques provides a method of reliable blind image steganography
The major processes of the stegosystem encoder are portrayed Within the system the
message is optionally encrypted with key 1 and then encoded via a low-rate
errorcorrectingcode producing the encoded message Thesender enters key 2 into a wideband
pseudorandom noise generator producing a real-valued noise sequence sequently the
modulation scheme is used to combine the message with the noise sequence thereby
composing the embedded signal which is then input into an interleaver using key 3 This
signal is now added with the cover image to produce the stegoimage which is appropriately
quantized and clipped to preserve the initial dynamic range of the cover image The
stegoimage is then transmitted in some manner to the recipient At the receiver the
stegoimage is received by the recipient who maintains the same keys as the sender uses the
stegosystem decoder to extract the hidden information The decoder uses image restoration
techniques to produce an estimate of the original cover image from the received
stegoimage The difference between and
is fed into a keyed deinterleaver to construct an estimate of the embedded signal With key
2 the noise sequence is regenerated the encoded message is then demodulated and an
estimate of the encoded message is constructed The estimate of the message is then
22
decoded via the low-rate errorcontrol decoder optionally decrypted using key 1 and revealed
to the recipient
The interleaver in this scheme which reorders the embedded signal before it is added to the
cover image serves a dual function The first is to prevent a group or burst of errors This
allows the errors to occur almost independently within a codeword thus giving the error-
correcting code an equal chance at correcting the errors in all codewords Second since the
interleaver requires a key to stipulate the interleaving algorithm this key can serve as another
level of security to establish the proper order of the embedded signal before decoding
We point out this technique as an example for spread spectrum data-hiding methods Spread
spectrum techniques are now widely used in military radio communications due to their very
high robustness to detection and extraction SSIS is a quite mature process and its aim is to
achieve low detectability ease of extraction high data rate and good robustness to removal It
is based on spread spectrum techniques but it enhances them by adding other encoding steps
FigSSIS encoder
23
FigSSIS decoder
101Technique basics
The core of SSIS is a spread spectrum encoder These devices work by modulating a narrow
band signal over a carrier The carrierrsquos frequency is continually shifted using a
pseudorandom noise generator fed with a secret key In this way the spectral energy of the
signal is spread over a wide band thus decreasing its density usually under the noise level
To extract the embedded message the receiver must use the same key and noise generator to
tune on the right frequencies and demodulate the original signal A casual observer wonrsquot be
able even to detect the hidden communication since it is under the noise level
102Data Rate
The data rate for this technique can be fairly high but it depends on the choices made for the
different parameters of the encoding We can assume that the message will be compressed
before embedding to allow for a higher capacity The ECC encoder instead is going to insert
redundant data into the stream to be able to correct the errors The more errors we want to
correct the more bits will be added Then we have a tradeoff between good retrieval and
capacity If we can allow for small glitches in the recovered message then we can use a
weaker encoding
Moreover the more data we want to insert in the image the more noise we are going to add
to it Then if our cover is not noisy we will be able to hide very little data while if we
choose a noisy one its capacity will be higher Experiments with 512x512 grey scale images
(256 KB) could embed from 500 bytes to 5KB depending on the cover These experiments
used a spread spectrum signal powerful enough to give almost total error-free retrieval
because the compression method adopted didnrsquot allow for any errors This means a data rate
24
varying from 1 hidden-bytes50 cover-bytes to 10 hiddenbytes 50 cover-bytes a rate
surpassed only by LSB insertion
103Robustness
Spread spectrum techniques are usually quite robust Every transformation that adds noise to
the image isnrsquot able to destroy the message Anyway a determined attacker can quite easily
compromise the embedded data using some digital processing like for examplenoise
reduction filters the same that are used in decoding to estimate the original cover
104Ease of detectionextraction
Spread spectrum encoding is widely used in military communications for its robustness
against detection An attacker canrsquot usually even know if the message was embedded and
anyway it will be very hard for him to extract it without knowing the right key2 and key3
105Suitability for steganography or watermarking
Due to its fairly high capacity and low ease of detection and extraction SISS is very good for
steganography
106Problems and possible solutions
The basic tradeoff in using SSIS is between the error rate we can afford and the amount of
informations we want to embed that varies in turn the power of the added noise The ECC is
used to allow for a lower power without increasing the Bit Error Rate as well
Further improvements will deal with improving the original cover estimate stage so that itrsquoll
lead to a lower Bit Error Rate in the recovered signal allowing to use less redundant ECCs
The first is redundant encoding by dividing the cover into blocks and embedding the same
message in each of them so that the hidden data can be extracted even from a part of the
image as big as one block but the more of it we have the more certain we can be about the
result
Moreover they added to the spectrum a template that can through a log-polar transform
applied to the spectrum of the stegoimage determine the original scale factor and orientation
of the image rendering the stego-message virtually immune to scaling and rotation Finally
spread spectrum techniques can add an adaptive perceptual masking filter before the insertion
of the signal so that the added noise is quite sure to be under perceptual limits This
25
however will increase the error rate in the retrieval because it reduces the power of the
embedded signal
11Applications of Steganography
Steganography is applicable to but not limited to the following areas
1) Confidential communication and secret data storing
2) Protection of data alteration
3) Access control system for digital content distribution
4) Media Database systems
The area differs in what feature of the steganography is utilized in each system
111 Confidential communication and secret data storing
The secrecy of the embedded data is essential in this areaHistorically steganography have
been approached in this area Steganography provides us with
(A) Potential capability to hide the existence of confidential data
(B) Hardness of detecting the hidden (ie embedded) data
(C) Strengthening of the secrecy of the encrypted data
In practice when you use some steganography you must first select a vessel data according
to the size of the embedding data The vessel should be innocuous Then you embed the
confidential data by using an embedding program (which is one component of the
steganography software) together with some key When extracting you (or your party) use an
extracting program (another component) to recover the embedded data by the same key
( common key in terms of cryptography) In this case you need a key negotiation before
you start communication
Attaching a stego file to an e-mail message is the simplest example in this application area
But you and your party must do a sending-and-receiving action that could be noticed by a
third party So e-mailing is not a completely secret communication methodThere is an easy
method that has no key-negotiation We have a model of Anonymous Covert Mailing
System There is some other communication method that uses the Internet Webpage In this
26
method you dont need to send anything to your party and no one can detect your
communication
Each secrecy based application needs an embedding process which leaves the smallest
embedding evidence You may follow the following
(A) Choose a large vessel larger the better compared with the embedding data
(B) Discard the original vessel after embedding
For example in the case of Qtech Hide amp View it leaves some latent embedding evidence
even if the vessel has a very large embedding capacity You are recommended to embed only
25 or less (for PNG BMP output) of the maximum capacity or only 3 of the vessel size
(for JPEG output)
112 Protection of data alteration
We take advantage of the fragility of the embedded data in this application area
The embedded data can rather be fragile than be very robust Actually embedded data are
fragile in most steganography programs Especially Qtech Hide amp View program embeds
data in an extremely fragile manner However this fragility opens a new direction toward an
information-alteration protective system such as a Digital Certificate Document System
The most novel point among others is that no authentication bureau is needed If it is
implemented people can send their digital certificate data to any place in the world through
Internet No one can forge alter nor tamper such certificate data If forged altered or
tampered it is easily detected by the extraction program
Stated somewhat more formally the objective for making steganographic encoding difficult
to detect is to ensure that the changes to the carrier (the original signal) due to the injection of
the payload (the signal to covertly embed) are visually (and ideally statistically) negligible
that is to say the changes are indistinguishable from the noise floor of the carrier Any
medium can be a carrier but media with a large amount of redundant or compressible
information are better suited
From an information theoretical point of view this means that the channel must have more
capacity than the surface signal requires that is there must be redundancy For a digital
image this may be noise from the imaging element for digital audio it may be noise from
recording techniques or amplification equipment In general electronics that digitize an
analog signal suffer from several noise sources such as thermal noise flicker noise and shot
27
noise This noise provides enough variation in the captured digital information that it can be
exploited as a noise cover for hidden data In addition lossy compression schemes (such as
JPEG) always introduce some error into the decompressed data it is possible to exploit this
for steganographic use as well
Steganography can be used for digital watermarking where a message (being simply an
identifier) is hidden in an image so that its source can be tracked or verified (for example
Coded Anti-Piracy) or even just to identify an image (as in the EURion constellation)
113 Access control system for digital content distribution
In this area embedded data is hidden but is explained to publicize the contentToday
digital contents are getting more and more commonly distributed by Internet than ever before
For example music companies release new albums on their Webpage in a free or charged
manner However in this case all the contents are equally distributed to the people who
accessed the page So an ordinary Web distribution scheme is not suited for a case-by-case
and selective distribution Of course it is always possible to attach digital content to e-mail
messages and send to the customers But it will takes a lot of cost in time and labor
If you have some valuable content which you think it is okay to provide others if they really
need it and if it is possible to upload such content on the Web in some covert manner And if
you can issue a special access key to extract the content selectively you will be very happy
about it A steganographic scheme can help realize a this type of system
We have developed a prototype of an Access Control System for digital content
distribution through Internet The following steps explain the scheme
(1) A content owner classify hisher digital contents in a folder-by-folder manner and embed
the whole folders in some large vessel according to a steganographic method using folder
access keys and upload the embedded vessel (stego data) on hisher own Webpage
(2) On that Webpage the owner explains the contents in depth and publicize worldwide The
contact information to the owner (post mail address e-mail address phone number etc) will
be posted there
(3) The owner may receive an access-request from a customer who watched that Webpage In
that case the owner may (or may not) creates an access key and provide it to the customer
(free or charged)
28
In this mechanism the most important point is a selective extraction is possible or notWe
have already developed such a selective extraction program to implement the system
114 Media Database systems
In this application area of steganography secrecy is not important but unifying two types of
data into one is the most importantMedia data (photo picture movie music etc) have some
association with other information A photo picture for instance may have the following
(1) The title of the picture and some physical object information
(2) The date and the time when the picture was taken
(3) The camera and the photographers information
Formerly these are annotated beside the each picture in the albumRecently almost all
cameras are digitalized They are cheap in price easy to use quick to shoot They eventually
made people feel reluctant to work on annotating each picture Now most home PCs are
stuck with the huge amount of photo files In this situation it is very hard to find a specific
shot in the piles of pictures A photo album software may help a little You can sort the
pictures and put a couple of annotation words to each photo When you want to find a
specific picture you can make a search by keywords for the target picture However the
annotation data in such software are not unified with the target pictures Each annotation only
has a link to the picture Therefore when you transfer the pictures to a different album
software all the annotation data are lost
This problem is technically referred to as Metadata (eg annotation data) in a media
database system (a photo album software) are separated from the media data (photo data) in
the database managing system (DBMS) This is a big problem
Steganography can solve this problem because a steganography program unifies two types of
data into one by way of embedding operation So metadata can easily be transferred from
one system to another without hitch Specifically you can embed all your goodbad memory
(of your sight-seeing trip) in each snap shot of the digital photo You can either send the
embedded picture to your friend to extract your memory on hisher PC or you may keep it
silent in your own PC to enjoy extracting the memory ten years after If a motion picture
steganography system has been developed in the near future a keyword based movie-scene
retrieving system will be implemented It will be a step to a semantic movie retrieval system
29
12CONCLUSION
In this paper we tried to give an all-round view of steganography both used to exchange
messages and watermarking First we gave an outline of the problem telling also some of the
history of this quickly developing field Then we showed the different techniques invented
from the simplest to the more complex ones trying to evaluate them under many points of
view Major emphasis was put on data hiding in images for the techniques involved are
usually more mature than the corresponding ones for other kinds of informations Image
encoding algorithms can also be representative for manipulation of other types of media like
voice text binary files binary files communication channels etc
The strength of our system resides in the new concept of key image Involving two images
(the cover and the key) in place of only one (the cover) we are able to change the cover
coefficients randomly This opportunity does not give a steganalytic tool the chance of
searching for a predictable set of modifications The proposed approach has many
applications in hiding and coding messages within standard medias such as images or videos
As future work we intend to study steganalytic techniques for ISC and to extend ISC to
mobile video communication
Then we gave an outline of the problems involved with watermarking a field that has come
into light after the development of broadband worldwide digital networks Steganography and
digital watermarking are undergoing a development process similar to that of encryption
Steganographyrsquos niche in security is to supplement cryptography and not to replace it There
is a continuous invention of new techniques for steganography followed by successful
breakings and new improvements of them
30
13REFERENCES
Neil F Johnson Sushil Jajodia George Mason University Exploring
Steganography Seeing the Unseen IEEE Computers February 1998 pp 26-34
W Bender D Gruhl N Morimoto A Lu Techniques for Data Hiding IBM
Systems Journal Vol 35
Ross Anderson Roger Needham Adi Shamir The Steganographic File System 2nd
Information Hiding Workshop 1998
Ross J Anderson Fabien AP Petitcolas On the limits of steganographyrdquo
W Bender D Gruhl N Morimoto and A Lu ldquoTechniques for data hidingrdquo IBM
Syst J vol 35 1996
I J Cox J Kilian T Leighton and T Shamoon ldquoSecure spread spectrum
watermarking for images audio and videordquo in Proc IEEE Int Conf Image
Processing Lausanne Switzerland Sept 1996 vol 111 pp 243ndash246
D Kahn The CodebreakersmdashThe Story of Secret Writing New York Scribner
1967
F Johnson and S Jajodia ldquoExploring steganography Seeing the unseenrdquo IEEE
Computer Mag pp 26ndash34 Feb 1998
B Pfitzmann ldquoTrials of traced traitorsrdquo in Information Hiding First International
Workshop Lecture Notes in Computer Science R Anderson Ed Berlin Germany
Springer-Verlag 1996 vol 1 pp 49ndash64
J R Smith and B O Comisky ldquoModulation and information hiding in imagesrdquo in
Information Hiding First International Workshop Lecture Notes in Computer
Science R Anderson Ed Berlin Germany Springer-Verlag 1996 vol 1174 pp
207ndash226
L M Marvel and C G Boncelet Jr ldquoCapacity of the additive steganographic
channelrdquo submitted for publication
R van Schyndel A Tirkel and C Osborne ldquoA digital watermarkrdquo in Proc IEEE Int
Conf Image Processing 1994 vol 2 pp 86ndash90
R B Wolfgang and E J Delp ldquoA watermark for digital imagesrdquo in Proc IEEE Int
Conf Image Processing Lausanne Switzerland Sept 1996 vol 111 pp 219ndash222
31
- 84 Countermeasures and detection
- Detection of physical steganography requires careful physical examination including the use of magnification developer chemicals and ultraviolet light It is a time-consuming process with obvious resource implications even in countries where large numbers of people are employed to spy on their fellow nationals However it is feasible to screen mail of certain suspected individuals or institutions such as prisons or prisoner-of-war (POW) camps During World War II a technology used to ease monitoring of POW mail was specially treated paper that would reveal invisible ink An article in the June 24 1948 issue of Paper Trade Journal by the Technical Director of the United States Government Printing Office Morris S Kantrowitz describes in general terms the development of this paper three prototypes of which were named Sensicoat Anilith and Coatalith paper These were for the manufacture of post cards and stationery to be given to German prisoners of war in the US and Canada If POWs tried to write a hidden message the special paper would render it visible At least two US patents were granted related to this technology one to Mr Kantrowitz No 2515232 Water-Detecting paper and Water-Detecting Coating Composition Therefor patented July 18 1950 and an earlier one Moisture-Sensitive Paper and the Manufacture Thereof No 2445586 patented July 20 1948 A similar strategy is to issue prisoners with writing paper ruled with a water-soluble ink that runs when in contact with a water-based invisible ink
-
Unfortunately modifying the cover image changes its statistical properties so eavesdroppers
can detect the distortions in the resulting stego imagersquos statistical properties In fact the
embedding of high-entropy data (often due to encryption) changes the histogram of colour
frequencies in a predictable way (Provos and Honeyman 2003 Westfeld and Pfitzmann
1999) Westfeld (Westfeld 2001) proposed F5 an algorithm that does not overwrite LSB and
preserves the stego imagersquos statistical properties (see Sect 52) Since standard
steganographic systems do not provide strong message encryption they recommend to
encrypt M before embedding Because of this we have always to deal with a two-steps
protocol first we must cipher M (obtaining Mrsquo) and then we can embeded M in C
Figure shows the result of such comparison obtained using a JPEG cover set Cset of 20
images (1024 x 768 average size 330 KB) In every image of Cset we have embedded a
canto from Dantersquos Divina Commedia (about 5 KB for each canto) with a JPEG quality
factor set to 80 Only for ISC we also used the images of Cset as key images The mean
difference (in percentage) for every AC coefficient in the interval [minus88] is shown on the
yaxis in Fig 7 in particular the black columns represent the differences introduced by F5
embedding step while the white ones correspond to the number of modifications yielded by
ISC embedding process As one can notice the respective difference values are comparable
Em1 is a simplified version of ISC because actually ISC spreads M over the entire stego
image yielding the same embedding density everywhere In doing this ISC neither uses
permutative straddling nor matrix encoding but simply divides the nonzero coefficients array
in blocks of the same length If necessary only one of the coefficients in each block is
modified Furthermore ISC presents an on-line mechanism for correcting the statistical
deviations created by the embedding step If the message length is sufficiently short (ie it is
less than the number of AC nonzero coefficients) ISC transforms useless coefficients in
order to restore the original statistical properties characterizing the cover medium
As an example if ISC transforms an AC coefficient from -1 into -2 when it encounters the
first unused -2 it transforms this value in -1 in order to reequilibrate the histogram Naturally
the more information we embed in the cover image the less ISC can correct the introduced
modifications If we choose a 24-bit image as cover we can store 3 bits in each pixel To the
human eye the resulting stego image will look identical to the cover image (Johnson and
Jajodia 1998)
8
Fig ISC technique
In the next sections we will present a new all-in one method able to perform steganography
providing strong encryption at the same time Our method has been planned either to work
with bit streams scattered over multiple images (in an online way of functioning) or to work
with still images it yields random outputs in order to make steganalysis more difficult and it
can cipher M in a theoretically secure manner preserving the stego imagersquos statistical
propertiesThe simplicity of our method gives the possibility of using it in real-time
applications such as mobile video communication
4Some history
The first description of the use of steganography dates back to the Greeks Herodotus tells
how a message was passed to the Greeks about Xersesrsquo hostile intentions underneath the wax
of a writing tablet and describes a technique of dotting successive letters in a cover text with
a secret ink due to Aeneas the Tactician Pirate legends tell of the practice of tattooing secret
information such as a map on the head of someone so that the hair would conceal it
Steganography is the art and science of writing hidden messages in such a way that no one
apart from the sender and intended recipient suspects the existence of the message a form of
security through obscurity The word steganography is of Greek origin and means concealed
writing from the Greek words steganos meaning covered or protected and graphei
9
(γραφή) meaning writing The first recorded use of the term was in 1499 by Johannes
Trithemius in his Steganographia a treatise on cryptography and steganography disguised as
a book on magic Generally messages will appear to be something else images articles
shopping lists or some other covertext and classically the hidden message may be in
invisible ink between the visible lines of a private letter
The advantage of steganography over cryptography alone is that messages do not attract
attention to themselves Plainly visible encrypted messagesmdashno matter how unbreakablemdash
will arouse suspicion and may in themselves be incriminating in countries where encryption
is illegal[1] Therefore whereas cryptography protects the contents of a message
steganography can be said to protect both messages and communicating parties
Steganography includes the concealment of information within computer files In digital
steganography electronic communications may include steganographic coding inside of a
transport layer such as a document file image file program or protocol Media files are ideal
for steganographic transmission because of their large size As a simple example a sender
might start with an innocuous image file and adjust the color of every 100th pixel to
correspond to a letter in the alphabet a change so subtle that someone not specifically
looking for it is unlikely to notice it
Kahn tells of a trick used in China of embedding a code ideogram at a prearranged position in
a dispatch a similar idea led to the grille system used in medieval Europe where a wooden
template would be placed over a seemingly innocuous text highlighting an embedded secret
message Invisible ink offered a common form of invisible writing
Early in WWII steganographic technology consisted almost exclusively of these inks With
invisible ink a seemingly innocent letter could contain a very different message written
between the lines During WWII the grille spies used method or some variants In the same
period the Germans developed microdot technology which prints a clear good quality
photograph shrinking it to the size of a dot During the Cold War period USSR and US
wanted to hide their sensors in the enemyrsquos facilities These devices had to send data to their
nations without being spotted
5SOME DEFINITIONS
We give some definitions common to the steganography field
10
Cover medium This is the medium in which we want to hide data it can be an innocent
looking piece of information for steganography or some important medium that must be
protected for copyright or integrity reasons
Embedded message This is the hidden message we want to put in the cover It can be some
data for steganography and some copyright informations or added content for digital
watermarking
Stegokey This is represented by some secret information which is needed in order to extract
the embedded message from the stegomedium
Stego-medium This is the final piece of information that the casual observer can see
We can define this simple formula
Cover-medium + embedded-message = stego-message
6BASIC METHOD BEHIND STEGANOGRAPHY
FigSteganography process
7IMAGE FILES
To a computer an image is an array of numbers that represent an array of numbers that
represent light intensities at various points or pixels These pixels make up the imagersquos raster
data A common image size is 640 480 and 256 colors (or 8 bits per pixel) Such an image
could contain about 300 kb of data Digital images are typically stored as either 24-bit or 8-
11
bit files A 24-bit image provides the most space for hiding information however it can be
quite large except for the JPEG images A 24-bit image of 1024 pixels width and 768 pixels
height has more than two million pixels each having 24-bits which would produce a file
exceeding 2 Mega bytes Such a file would attract attention during transmission File
compression would thus be beneficial if not necessary to transmit such a file
71File compression
There are two types of file compression methods- lossless and lossy Both methods save
storage space but have different results interfering with the hidden information when
information is uncompressed Lossless compression lets us reconstruct the original message
exactly therefore it is preferred when the original information must remain intact (as with
steganographic images) Lossless compression as typical of images saved as GIF and 8-bit
BMP Lossless compression on the other hand saves space but may not maintain the original
imagersquos integrity This method typifies images saved as JPEG Due to the lossy compression
algorithm which we discuss later the JPEG formats provide close approximations to high-
quality digital photographs but not an exact duplicate Hence the term ldquolossy compressionrdquo
72Embedding data
Embedding data which is to be hidden into an image requires two files The first is the
innocent looking image that will hold the hidden information called the cover image The
second file is the message- the information to be hidden A message may be plain text cipher
text other images or anything that can be embedded in a bit stream when combined the
cover image and the embedded message make a stego- image A stego-key (a type of
password) may also be used to hide and then later decode the message
Most steganographic software neither supports not recommends using JPEG images But
recommends instead the use of lossless 24-bit images such as BMP The next best alternative
to 24-bit images is 256- color or gray scale images The most common of these found on the
Internet are GIF files
Every AC coefficient in the interval [minus88] is shown on the yaxis in Fig 7 in particular the
black columns represent the differences introduced by F5 embedding step while the white
ones correspond to the number of modifications yielded by ISC embedding process
12
Fig ISC for JPEG sequence(Embedded step)
FigISC for JPEG sequence(Extracting step)
In 8-bit color images such as GIF files each pixel is represented by a single byte and each
pixel nearly points to a color index able (a palette) with 256 possible colors The pixels value
is between 0 and 255 The software simply paints the indicated color on the screen at the
selected pixel position
Many steganography experts recommend the use of images featuring 256 shades of grapy
Gray scale images are preferred because the shades change very gradually from byte to byte
and the less the value changes between palette entries the better they can hide information
13
When considering an image in which to hide information you must consider the image as
well as the palette Obviously an image with large areas of solid colors is a poor choice as
variances created from the embedded massage will be noticeable in the solid areas
73 Data embedded security system
The choice of embedding algorithm in the most cases is driven by the results of the
steganographic channel robustness analysis One of the areas that improves steganographic
robustness is usage of a key scheme for embedding messagesVarious key steganographic
schemes have various levels of protection Key scheme term means a procedure of how to use
key steganographic system based on the extent of its use However when the steganographic
robustness is increased a bandwidth of the whole embedding system is decreased Therefore
the task of a scheme selection for achieving the optimal values of the steganographic system
is not trivial
Embedding messages in steganographic system can be carried out without use of a key or
with use of a key To improve steganographic robustness key can be used as a verification
option It can make an impact on the distribution of bits of a message within a container as
well as an impact on the procedure of forming a sequence of embedded bits of a message
The first level of protection is determined only by the choice of embedding algorithm This
may be the least significant bits modification algorithm or algorithms for modifying the
frequency or spatial-temporal characteristics of the container The first level of protection is
presented in any steganographic channel Steganographic system in this case can be
represented as shown at The First Protection Level Scheme figure There following notations
are used c - is a container file F - steganographic channel space (frequency orand amplitude
container part that is available for steganographic modification and message signal
transmission) SC - steganographic system m - message to be embedded E - embedding
method ĉ - modified container file
The second protection level of the steganographic system as well as all levels of protection
of the higher orders is characterized by the use of Key (password) via steganographic
modification An example of a simple key scheme which provides a second level of
protection is to write the unmodified or modified password in the top or bottom of the
message or the distribution of the password sign on the entire length of the steganographic
channel Such key schemes do not affect the distribution of messages through the container
and do not use a message preprocessing according to the defined key (see figure The Second
14
Protection Level Scheme) This kind of steganographic systems are used in such tasks as for
instance adding a digital signature for proof of copyright Data embedding performance is
not changed in comparison with the fastest approach of the first protection level usage
Steganographic data channels that use key schemes based distribution of a message through
the container and or preprocessing of an embedded message for data hiding are more secure
When the third protection level key scheme is used it affects the distribution of a message
through the container (see figure The Third Protection Level Scheme where F(P L) ndash
distribution function of a message within a container P ndash minimum number of container
samples that are needed to embed one message sample L ndash step of a message distribution
within a container) Accordingly the performance of container processing will be lower than
in the case of the first and the second key schemes Taking into account that PgeL the
simplest representation of the F(P L) function could be as following
F(P L) = cycleL + stepP
where cycle is a number of the current L section and step is a number of the embedded
message sample
The difference between the fourth protection level scheme and the third one is that in
steganographic system there are two distribution functions of a message within a container
are used The first is responsible for a message samples selection according to some function
G(Q N) and the second function F(P L) is responsible for position selection in a container
for message sample hiding Here Q ndash the size of message block to be inserted N ndash the size (in
bits) of one sample of the message file (see figure The Fourth Protection Level Scheme)
8CONCEALMENT IN DIGITAL IMAGES
Information can be hidden many different ways in images To hide information straight
message insertion may encode every bit of information in the message or selectively embed
the message in ldquonoisyrdquo areas that draw less attention- those areas where there is a great deal
of natural color variation The message may also be scattered randomly throughout the
image Redundant pattern encoding ldquowallpapersrdquo the cover image with the message
Image based Steganography is the most popular method for message concealment In this
paper two techniques are proposed for enhancing the message secrecy using image based
steganography The first technique is based on the use of punctuation marks to encode a
secret message before embedding it into the image file The second technique is based on the
15
use of modified scytale cipher to hide a secret message in an image file Both of these
techniques have been implemented and tested using the S-Tools software package The
original and stego-images both are shown for the purpose of comparison
A number of ways exist to hide information in digital images Common approaches include
1048766 Least significant bit (LSB) insertion
1048766 Masking and filtering
1048766 Algorithms and transformations
81Least significant bit insertion
Least significant Bit insertion is a common simple approach to embedding information in a
cover file To hide an image in the LSBs of each byte of a 24-bit image you can store 3 bits
in each pixel A 1024 768 image has the potential to hide a total of 2359296 bits of
information Ti you compress the message to be hidden before you embed it you can hide a
large amount of information To the human eye the resulting stego-image will look identical
to the cover image
82Masking and Filtering
Masking and filtering techniques usually restricted to 24-bit and tray-scale images hide
information by marking an image in a manner similar to paper watermarks Watermarking
techniques may be applied without fear of image destruction due to lossy compression
because they are more integrated into the image
Visible watermarks are not steganography by definition The difference is primarily one of
intent Traditional steganography conceals information watermarks extend information and
become an attribute of the cover image Digital watermarks may include such information as
copyright ownership or license In steganography the object of communication is the hidden
message In digital watermarking the object of communication is the cover
To create a watermarked image we increase the luminance of the masked area by 15
percent If we were to change the luminance by a smaller percentage the mask would be
undetected by the human eye Now we can use the watermarked image to hide plaintext or
encoded information
Masking is more robust than LSB insertion with respect to compression cropping and some
image processing Masking techniques embed information in more significant areas so that
16
the hidden message is more integral to the cover image than just hiding it in the ldquonoiserdquo level
This makes it more suitable than LSB with lossy JPEG images
83Algorithms and Transformations
LSB manipulation is a quick and easy way to hide information but is vulnerable to small
changes resulting from image processing or lossy compression Such compression is a key
advantage that JPEG images have over other formats High quality images can be stored in
relatively small files using JPEG compression method
One steganographic method that integrates the compression algorithm for hiding the
information is Jpeg-Jsteg Jpeg-Jsteg creates a JPEG stego image from the input of a message
to be hidden and a lossless cover mage
Another method used in Patchwork and similar techniques is the redundant pattern encoding
Here the hidden information is scattered throughout the cover mage These approaches may
help protect against image processing such as cropping and rotations and they hide
information more thoroughly than by simply masking They also support image manipulation
more readily than tools that rely on LSB In using redundant pattern encoding you must trade
off message size against robustness A large message may be embedded only once because it
would occupy a much greater portion of the image area
Other techniques encrypt and scatter the hidden data throughout an image Scattering the
message makes it appear more like noise Proponents of this approach assume that even if the
message bits are extracted they will be useless without the algorithm and stego-key to
decode them Scattering and encryption helps protect against hidden message extraction but
not against message destruction through image processing A scattered message in the
imagersquos LSBs is still as vulnerable to destruction from lossy compression and image
processing as is a clear text message inserted in the LSBs
84 Countermeasures and detection
Detection of physical steganography requires careful physical examination including the use
of magnification developer chemicals and ultraviolet light It is a time-consuming process
with obvious resource implications even in countries where large numbers of people are
employed to spy on their fellow nationals However it is feasible to screen mail of certain
suspected individuals or institutions such as prisons or prisoner-of-war (POW) camps
During World War II a technology used to ease monitoring of POW mail was specially
17
treated paper that would reveal invisible ink An article in the June 24 1948 issue of Paper
Trade Journal by the Technical Director of the United States Government Printing Office
Morris S Kantrowitz describes in general terms the development of this paper three
prototypes of which were named Sensicoat Anilith and Coatalith paper These were for the
manufacture of post cards and stationery to be given to German prisoners of war in the US
and Canada If POWs tried to write a hidden message the special paper would render it
visible At least two US patents were granted related to this technology one to Mr
Kantrowitz No 2515232 Water-Detecting paper and Water-Detecting Coating
Composition Therefor patented July 18 1950 and an earlier one Moisture-Sensitive Paper
and the Manufacture Thereof No 2445586 patented July 20 1948 A similar strategy is to
issue prisoners with writing paper ruled with a water-soluble ink that runs when in contact
with a water-based invisible ink
In computing detection of steganographically encoded packages is called steganalysis The
simplest method to detect modified files however is to compare them to known originals
For example to detect information being moved through the graphics on a website an analyst
can maintain known-clean copies of these materials and compare them against the current
contents of the site The differences assuming the carrier is the same will compose the
payload In general using extremely high compression rate makes steganography difficult
but not impossible While compression errors provide a hiding place for data high
compression reduces the amount of data available to hide the payload in raising the encoding
density and facilitating easier detection (in the extreme case even by casual observation)
9 LEAST SIGNIFICANT BIT (LSB) INSERTION
91Technique basics
Today when converting an analog image to digital format we usually choose between three
different ways of representing colors
1048766 24-bit color every pixel can have one in 2^24 colors and these are represented as different
quantities of three basic colors red (R) green (G) blue (B) given by 8 bits (256 values)
each
18
1048766 8-bit color every pixel can have one in 256 (2^8) colors chosen from a palette or a table
of colors
1048766 8-bit gray-scale every pixel can have one in 256 (2^8) shades of gray
LSB insertion modifies the LSBs of each color in 24-bit images or the LSBs of the 8-bit
value for 8-bit images
92Data Rate
The most basic of LSBs insertion for 24-bit pictures inserts 3 bitspixel Since every pixel is
24 bits we can hide
3 hidden-bitspixel 24 data-bitspixel = 18 hidden-bitsdatabits
So for this case we hide 1 bit of the embedded message for every 8 bits of the cover image If
we pushed the insertion to include the second LSBs the formula would change to
6 hidden-bitspixel 24 data-bitspixel = 28 hidden-bitsdatabits
And we would hide 2 bits of the embedded message for every 8 bits of the cover image
Adding a third-bit insertion we would get
9 hidden-bitspixel 24 data-bitspixel = 38 hidden-bitsdatabits
Acquiring a data rate of 3 embedded bits every 8 bits of the image The data rate for insertion
in 8-bit images is analogous to the 1 LSB insertion in 24-bit images or 1 embedded bit every
8 cover bits We can see the problem in another light and ask how many cover bytes are
needed to send an embedded byte
For 1-LSB insertion in 24-bit images or in 8-bit images this value would be 818 = 8 Bytes
For 2-LSBs insertion in 24-bit pictures it would be 828 = 4 Bytes for 3-LSBs insertion it
would be 838 = 2133 Bytes
93Robustness
LSB insertion is very vulnerable to a lot of transformationseven the most harmless and usual
ones Lossy compression eg JPEG is very likely to destroy it completely The problem is
that the holes in the Human Visual System that LSB insertion tries to exploit ndash little
sensitivity to added noise - are the same that lossy compression algorithms rely on to be able
to reduce the data rate of images
19
Geometrical transformations moving the pixels around and especially message and the only
one that could allow recovery is a simple translation Any other kind of picture
transformation like blurring or other effects usually will destroy the hidden data All in all
LSB insertion is a very little robust technique for data hiding displacing them from the
original grid are likely to destroy the embedded
94Ease of detectionextraction
There is no theoretical outstanding mark of LSB insertion if not a little increase of
background noise Itrsquos very easy instead to extract LSBs even with simple programs and to
check them later to find if they mean something or not
95Suitability for steganography or watermarking
First of all since it is a so vulnerable technique even for simple processing LSB insertion is
almost useless for digital watermarking where it must face malicious attempts at its
destruction plus normal transformations like compressiondecompression or conversion to
analog (printing or visualization)conversion to digital (scanning) Its comparatively high data
rate can point it as a good technique for steganography where robustness is not such an
important constraint
96Problems and possible solutions
Having stated that LSB insertion is good for steganography we can try to improve one of its
major drawbacks the ease of extraction We donrsquot want that a malicious attacker be able to
read everything we are sending
This is usually accomplished with two complementary techniques
Encryption of the message so that who extracts it must also decrypt it before it makes
sense
Randomizing the placement of the bits using a cryptographical random function
(scattering) so that itrsquos almost impossible to rebuild the message without knowing the
seed for the random function
In this way the message is protected by two different keys acquiring much more
confidentiality than before This approach protects also the integrity of the message being
much more difficult (we could say at least computationally infeasible) to counterfeit the
message
20
Anyway since we donrsquot want our message to be only an encrypted and scrambled message
we must go back to the purpose of making the communication hidden
The two most important issues in this problem are
The choice of images
The choice of the format (24-bit or 8-bit compressed or not)
The cover image first of all must seem casual so it must be chosen between a set of subjects
that can have a reason to be exchanged between the source and the receiver Then it must
have quite varying colors it must be noisy so that the added noise is going to be covered
by the already present one Wide solid-color areas imagnify very much any little amount of
noise added to them Second there is a problem with the file size which involves the choice
of the format Unusually big files exchanged between two peers in fact are likely to arise
suspicion
To solve this problem it has been studied a modification to the JPEG algorithm that inserts
LSBs in some of the lossless stages or pilots the rounding of the coefficients of the DCT used
to compress the image to encode the bits Since we need to have small image file sizes we
should resort in using 8-bit images if we want to communicate using LSB insertion because
their size is more likely to be considered as normal
The problem with 256 colors images is that they make use of an indexed palette and
changing a LSB means that we switch a pixel from a position to an adjacent one If there are
adjacent contrasting colors in the palette it can happen that a pixel in the image changes its
color abruptly and the hidden message becomes visible
To solve this problem different methods have been studied like rearranging the palette so
that adjacent colors donrsquot contrast so much or even reducing the palette to a smaller number
of colors and replicating the same entry in the table in adjacent positions so that the
difference after the embedding of the message is not visible at all
Moreover for most images the reduction of colors from for instance 256 to 32 is hardly
visible Most of the experts anyway advise to use 8-bit grayscale images since their palette
is much less varying than the color one so LSB insertion is going to be very hard to detect by
the human eye
21
10SSIS - SPREAD SPECTRUM IMAGE STEGANOGRAPHY
Techniques of error-control coding image restoration and those similar to spread spectrum
communication are combined within the SSIS system The fundamental concept is the
embedding of the hidden information within noise which is then added to a digital cover
image This noise is typical of the noise inherent to the image acquisition process and if kept
at low levels is not perceptible to the human eye or by computer analysis without access to
the original image To successfully decode the message image restoration techniques and
error-control coding are employed Image restoration is used to obtain an approximate
estimate of the original cover image from the stegoimage This promotes the estimation of the
embedded signal that was added to the cover in addition to allowing SSIS to be a blind
steganography scheme
Finally because the noise is of low power and the restoration process is not perfect the
estimation of the embedded signal is poor resulting in an embedded signal bit error rate
(BER) that is rather high To compensate the message signal is processed by a low-rate
error-correcting code before embedding This conglomeration of communication and image
processing techniques provides a method of reliable blind image steganography
The major processes of the stegosystem encoder are portrayed Within the system the
message is optionally encrypted with key 1 and then encoded via a low-rate
errorcorrectingcode producing the encoded message Thesender enters key 2 into a wideband
pseudorandom noise generator producing a real-valued noise sequence sequently the
modulation scheme is used to combine the message with the noise sequence thereby
composing the embedded signal which is then input into an interleaver using key 3 This
signal is now added with the cover image to produce the stegoimage which is appropriately
quantized and clipped to preserve the initial dynamic range of the cover image The
stegoimage is then transmitted in some manner to the recipient At the receiver the
stegoimage is received by the recipient who maintains the same keys as the sender uses the
stegosystem decoder to extract the hidden information The decoder uses image restoration
techniques to produce an estimate of the original cover image from the received
stegoimage The difference between and
is fed into a keyed deinterleaver to construct an estimate of the embedded signal With key
2 the noise sequence is regenerated the encoded message is then demodulated and an
estimate of the encoded message is constructed The estimate of the message is then
22
decoded via the low-rate errorcontrol decoder optionally decrypted using key 1 and revealed
to the recipient
The interleaver in this scheme which reorders the embedded signal before it is added to the
cover image serves a dual function The first is to prevent a group or burst of errors This
allows the errors to occur almost independently within a codeword thus giving the error-
correcting code an equal chance at correcting the errors in all codewords Second since the
interleaver requires a key to stipulate the interleaving algorithm this key can serve as another
level of security to establish the proper order of the embedded signal before decoding
We point out this technique as an example for spread spectrum data-hiding methods Spread
spectrum techniques are now widely used in military radio communications due to their very
high robustness to detection and extraction SSIS is a quite mature process and its aim is to
achieve low detectability ease of extraction high data rate and good robustness to removal It
is based on spread spectrum techniques but it enhances them by adding other encoding steps
FigSSIS encoder
23
FigSSIS decoder
101Technique basics
The core of SSIS is a spread spectrum encoder These devices work by modulating a narrow
band signal over a carrier The carrierrsquos frequency is continually shifted using a
pseudorandom noise generator fed with a secret key In this way the spectral energy of the
signal is spread over a wide band thus decreasing its density usually under the noise level
To extract the embedded message the receiver must use the same key and noise generator to
tune on the right frequencies and demodulate the original signal A casual observer wonrsquot be
able even to detect the hidden communication since it is under the noise level
102Data Rate
The data rate for this technique can be fairly high but it depends on the choices made for the
different parameters of the encoding We can assume that the message will be compressed
before embedding to allow for a higher capacity The ECC encoder instead is going to insert
redundant data into the stream to be able to correct the errors The more errors we want to
correct the more bits will be added Then we have a tradeoff between good retrieval and
capacity If we can allow for small glitches in the recovered message then we can use a
weaker encoding
Moreover the more data we want to insert in the image the more noise we are going to add
to it Then if our cover is not noisy we will be able to hide very little data while if we
choose a noisy one its capacity will be higher Experiments with 512x512 grey scale images
(256 KB) could embed from 500 bytes to 5KB depending on the cover These experiments
used a spread spectrum signal powerful enough to give almost total error-free retrieval
because the compression method adopted didnrsquot allow for any errors This means a data rate
24
varying from 1 hidden-bytes50 cover-bytes to 10 hiddenbytes 50 cover-bytes a rate
surpassed only by LSB insertion
103Robustness
Spread spectrum techniques are usually quite robust Every transformation that adds noise to
the image isnrsquot able to destroy the message Anyway a determined attacker can quite easily
compromise the embedded data using some digital processing like for examplenoise
reduction filters the same that are used in decoding to estimate the original cover
104Ease of detectionextraction
Spread spectrum encoding is widely used in military communications for its robustness
against detection An attacker canrsquot usually even know if the message was embedded and
anyway it will be very hard for him to extract it without knowing the right key2 and key3
105Suitability for steganography or watermarking
Due to its fairly high capacity and low ease of detection and extraction SISS is very good for
steganography
106Problems and possible solutions
The basic tradeoff in using SSIS is between the error rate we can afford and the amount of
informations we want to embed that varies in turn the power of the added noise The ECC is
used to allow for a lower power without increasing the Bit Error Rate as well
Further improvements will deal with improving the original cover estimate stage so that itrsquoll
lead to a lower Bit Error Rate in the recovered signal allowing to use less redundant ECCs
The first is redundant encoding by dividing the cover into blocks and embedding the same
message in each of them so that the hidden data can be extracted even from a part of the
image as big as one block but the more of it we have the more certain we can be about the
result
Moreover they added to the spectrum a template that can through a log-polar transform
applied to the spectrum of the stegoimage determine the original scale factor and orientation
of the image rendering the stego-message virtually immune to scaling and rotation Finally
spread spectrum techniques can add an adaptive perceptual masking filter before the insertion
of the signal so that the added noise is quite sure to be under perceptual limits This
25
however will increase the error rate in the retrieval because it reduces the power of the
embedded signal
11Applications of Steganography
Steganography is applicable to but not limited to the following areas
1) Confidential communication and secret data storing
2) Protection of data alteration
3) Access control system for digital content distribution
4) Media Database systems
The area differs in what feature of the steganography is utilized in each system
111 Confidential communication and secret data storing
The secrecy of the embedded data is essential in this areaHistorically steganography have
been approached in this area Steganography provides us with
(A) Potential capability to hide the existence of confidential data
(B) Hardness of detecting the hidden (ie embedded) data
(C) Strengthening of the secrecy of the encrypted data
In practice when you use some steganography you must first select a vessel data according
to the size of the embedding data The vessel should be innocuous Then you embed the
confidential data by using an embedding program (which is one component of the
steganography software) together with some key When extracting you (or your party) use an
extracting program (another component) to recover the embedded data by the same key
( common key in terms of cryptography) In this case you need a key negotiation before
you start communication
Attaching a stego file to an e-mail message is the simplest example in this application area
But you and your party must do a sending-and-receiving action that could be noticed by a
third party So e-mailing is not a completely secret communication methodThere is an easy
method that has no key-negotiation We have a model of Anonymous Covert Mailing
System There is some other communication method that uses the Internet Webpage In this
26
method you dont need to send anything to your party and no one can detect your
communication
Each secrecy based application needs an embedding process which leaves the smallest
embedding evidence You may follow the following
(A) Choose a large vessel larger the better compared with the embedding data
(B) Discard the original vessel after embedding
For example in the case of Qtech Hide amp View it leaves some latent embedding evidence
even if the vessel has a very large embedding capacity You are recommended to embed only
25 or less (for PNG BMP output) of the maximum capacity or only 3 of the vessel size
(for JPEG output)
112 Protection of data alteration
We take advantage of the fragility of the embedded data in this application area
The embedded data can rather be fragile than be very robust Actually embedded data are
fragile in most steganography programs Especially Qtech Hide amp View program embeds
data in an extremely fragile manner However this fragility opens a new direction toward an
information-alteration protective system such as a Digital Certificate Document System
The most novel point among others is that no authentication bureau is needed If it is
implemented people can send their digital certificate data to any place in the world through
Internet No one can forge alter nor tamper such certificate data If forged altered or
tampered it is easily detected by the extraction program
Stated somewhat more formally the objective for making steganographic encoding difficult
to detect is to ensure that the changes to the carrier (the original signal) due to the injection of
the payload (the signal to covertly embed) are visually (and ideally statistically) negligible
that is to say the changes are indistinguishable from the noise floor of the carrier Any
medium can be a carrier but media with a large amount of redundant or compressible
information are better suited
From an information theoretical point of view this means that the channel must have more
capacity than the surface signal requires that is there must be redundancy For a digital
image this may be noise from the imaging element for digital audio it may be noise from
recording techniques or amplification equipment In general electronics that digitize an
analog signal suffer from several noise sources such as thermal noise flicker noise and shot
27
noise This noise provides enough variation in the captured digital information that it can be
exploited as a noise cover for hidden data In addition lossy compression schemes (such as
JPEG) always introduce some error into the decompressed data it is possible to exploit this
for steganographic use as well
Steganography can be used for digital watermarking where a message (being simply an
identifier) is hidden in an image so that its source can be tracked or verified (for example
Coded Anti-Piracy) or even just to identify an image (as in the EURion constellation)
113 Access control system for digital content distribution
In this area embedded data is hidden but is explained to publicize the contentToday
digital contents are getting more and more commonly distributed by Internet than ever before
For example music companies release new albums on their Webpage in a free or charged
manner However in this case all the contents are equally distributed to the people who
accessed the page So an ordinary Web distribution scheme is not suited for a case-by-case
and selective distribution Of course it is always possible to attach digital content to e-mail
messages and send to the customers But it will takes a lot of cost in time and labor
If you have some valuable content which you think it is okay to provide others if they really
need it and if it is possible to upload such content on the Web in some covert manner And if
you can issue a special access key to extract the content selectively you will be very happy
about it A steganographic scheme can help realize a this type of system
We have developed a prototype of an Access Control System for digital content
distribution through Internet The following steps explain the scheme
(1) A content owner classify hisher digital contents in a folder-by-folder manner and embed
the whole folders in some large vessel according to a steganographic method using folder
access keys and upload the embedded vessel (stego data) on hisher own Webpage
(2) On that Webpage the owner explains the contents in depth and publicize worldwide The
contact information to the owner (post mail address e-mail address phone number etc) will
be posted there
(3) The owner may receive an access-request from a customer who watched that Webpage In
that case the owner may (or may not) creates an access key and provide it to the customer
(free or charged)
28
In this mechanism the most important point is a selective extraction is possible or notWe
have already developed such a selective extraction program to implement the system
114 Media Database systems
In this application area of steganography secrecy is not important but unifying two types of
data into one is the most importantMedia data (photo picture movie music etc) have some
association with other information A photo picture for instance may have the following
(1) The title of the picture and some physical object information
(2) The date and the time when the picture was taken
(3) The camera and the photographers information
Formerly these are annotated beside the each picture in the albumRecently almost all
cameras are digitalized They are cheap in price easy to use quick to shoot They eventually
made people feel reluctant to work on annotating each picture Now most home PCs are
stuck with the huge amount of photo files In this situation it is very hard to find a specific
shot in the piles of pictures A photo album software may help a little You can sort the
pictures and put a couple of annotation words to each photo When you want to find a
specific picture you can make a search by keywords for the target picture However the
annotation data in such software are not unified with the target pictures Each annotation only
has a link to the picture Therefore when you transfer the pictures to a different album
software all the annotation data are lost
This problem is technically referred to as Metadata (eg annotation data) in a media
database system (a photo album software) are separated from the media data (photo data) in
the database managing system (DBMS) This is a big problem
Steganography can solve this problem because a steganography program unifies two types of
data into one by way of embedding operation So metadata can easily be transferred from
one system to another without hitch Specifically you can embed all your goodbad memory
(of your sight-seeing trip) in each snap shot of the digital photo You can either send the
embedded picture to your friend to extract your memory on hisher PC or you may keep it
silent in your own PC to enjoy extracting the memory ten years after If a motion picture
steganography system has been developed in the near future a keyword based movie-scene
retrieving system will be implemented It will be a step to a semantic movie retrieval system
29
12CONCLUSION
In this paper we tried to give an all-round view of steganography both used to exchange
messages and watermarking First we gave an outline of the problem telling also some of the
history of this quickly developing field Then we showed the different techniques invented
from the simplest to the more complex ones trying to evaluate them under many points of
view Major emphasis was put on data hiding in images for the techniques involved are
usually more mature than the corresponding ones for other kinds of informations Image
encoding algorithms can also be representative for manipulation of other types of media like
voice text binary files binary files communication channels etc
The strength of our system resides in the new concept of key image Involving two images
(the cover and the key) in place of only one (the cover) we are able to change the cover
coefficients randomly This opportunity does not give a steganalytic tool the chance of
searching for a predictable set of modifications The proposed approach has many
applications in hiding and coding messages within standard medias such as images or videos
As future work we intend to study steganalytic techniques for ISC and to extend ISC to
mobile video communication
Then we gave an outline of the problems involved with watermarking a field that has come
into light after the development of broadband worldwide digital networks Steganography and
digital watermarking are undergoing a development process similar to that of encryption
Steganographyrsquos niche in security is to supplement cryptography and not to replace it There
is a continuous invention of new techniques for steganography followed by successful
breakings and new improvements of them
30
13REFERENCES
Neil F Johnson Sushil Jajodia George Mason University Exploring
Steganography Seeing the Unseen IEEE Computers February 1998 pp 26-34
W Bender D Gruhl N Morimoto A Lu Techniques for Data Hiding IBM
Systems Journal Vol 35
Ross Anderson Roger Needham Adi Shamir The Steganographic File System 2nd
Information Hiding Workshop 1998
Ross J Anderson Fabien AP Petitcolas On the limits of steganographyrdquo
W Bender D Gruhl N Morimoto and A Lu ldquoTechniques for data hidingrdquo IBM
Syst J vol 35 1996
I J Cox J Kilian T Leighton and T Shamoon ldquoSecure spread spectrum
watermarking for images audio and videordquo in Proc IEEE Int Conf Image
Processing Lausanne Switzerland Sept 1996 vol 111 pp 243ndash246
D Kahn The CodebreakersmdashThe Story of Secret Writing New York Scribner
1967
F Johnson and S Jajodia ldquoExploring steganography Seeing the unseenrdquo IEEE
Computer Mag pp 26ndash34 Feb 1998
B Pfitzmann ldquoTrials of traced traitorsrdquo in Information Hiding First International
Workshop Lecture Notes in Computer Science R Anderson Ed Berlin Germany
Springer-Verlag 1996 vol 1 pp 49ndash64
J R Smith and B O Comisky ldquoModulation and information hiding in imagesrdquo in
Information Hiding First International Workshop Lecture Notes in Computer
Science R Anderson Ed Berlin Germany Springer-Verlag 1996 vol 1174 pp
207ndash226
L M Marvel and C G Boncelet Jr ldquoCapacity of the additive steganographic
channelrdquo submitted for publication
R van Schyndel A Tirkel and C Osborne ldquoA digital watermarkrdquo in Proc IEEE Int
Conf Image Processing 1994 vol 2 pp 86ndash90
R B Wolfgang and E J Delp ldquoA watermark for digital imagesrdquo in Proc IEEE Int
Conf Image Processing Lausanne Switzerland Sept 1996 vol 111 pp 219ndash222
31
- 84 Countermeasures and detection
- Detection of physical steganography requires careful physical examination including the use of magnification developer chemicals and ultraviolet light It is a time-consuming process with obvious resource implications even in countries where large numbers of people are employed to spy on their fellow nationals However it is feasible to screen mail of certain suspected individuals or institutions such as prisons or prisoner-of-war (POW) camps During World War II a technology used to ease monitoring of POW mail was specially treated paper that would reveal invisible ink An article in the June 24 1948 issue of Paper Trade Journal by the Technical Director of the United States Government Printing Office Morris S Kantrowitz describes in general terms the development of this paper three prototypes of which were named Sensicoat Anilith and Coatalith paper These were for the manufacture of post cards and stationery to be given to German prisoners of war in the US and Canada If POWs tried to write a hidden message the special paper would render it visible At least two US patents were granted related to this technology one to Mr Kantrowitz No 2515232 Water-Detecting paper and Water-Detecting Coating Composition Therefor patented July 18 1950 and an earlier one Moisture-Sensitive Paper and the Manufacture Thereof No 2445586 patented July 20 1948 A similar strategy is to issue prisoners with writing paper ruled with a water-soluble ink that runs when in contact with a water-based invisible ink
-
Fig ISC technique
In the next sections we will present a new all-in one method able to perform steganography
providing strong encryption at the same time Our method has been planned either to work
with bit streams scattered over multiple images (in an online way of functioning) or to work
with still images it yields random outputs in order to make steganalysis more difficult and it
can cipher M in a theoretically secure manner preserving the stego imagersquos statistical
propertiesThe simplicity of our method gives the possibility of using it in real-time
applications such as mobile video communication
4Some history
The first description of the use of steganography dates back to the Greeks Herodotus tells
how a message was passed to the Greeks about Xersesrsquo hostile intentions underneath the wax
of a writing tablet and describes a technique of dotting successive letters in a cover text with
a secret ink due to Aeneas the Tactician Pirate legends tell of the practice of tattooing secret
information such as a map on the head of someone so that the hair would conceal it
Steganography is the art and science of writing hidden messages in such a way that no one
apart from the sender and intended recipient suspects the existence of the message a form of
security through obscurity The word steganography is of Greek origin and means concealed
writing from the Greek words steganos meaning covered or protected and graphei
9
(γραφή) meaning writing The first recorded use of the term was in 1499 by Johannes
Trithemius in his Steganographia a treatise on cryptography and steganography disguised as
a book on magic Generally messages will appear to be something else images articles
shopping lists or some other covertext and classically the hidden message may be in
invisible ink between the visible lines of a private letter
The advantage of steganography over cryptography alone is that messages do not attract
attention to themselves Plainly visible encrypted messagesmdashno matter how unbreakablemdash
will arouse suspicion and may in themselves be incriminating in countries where encryption
is illegal[1] Therefore whereas cryptography protects the contents of a message
steganography can be said to protect both messages and communicating parties
Steganography includes the concealment of information within computer files In digital
steganography electronic communications may include steganographic coding inside of a
transport layer such as a document file image file program or protocol Media files are ideal
for steganographic transmission because of their large size As a simple example a sender
might start with an innocuous image file and adjust the color of every 100th pixel to
correspond to a letter in the alphabet a change so subtle that someone not specifically
looking for it is unlikely to notice it
Kahn tells of a trick used in China of embedding a code ideogram at a prearranged position in
a dispatch a similar idea led to the grille system used in medieval Europe where a wooden
template would be placed over a seemingly innocuous text highlighting an embedded secret
message Invisible ink offered a common form of invisible writing
Early in WWII steganographic technology consisted almost exclusively of these inks With
invisible ink a seemingly innocent letter could contain a very different message written
between the lines During WWII the grille spies used method or some variants In the same
period the Germans developed microdot technology which prints a clear good quality
photograph shrinking it to the size of a dot During the Cold War period USSR and US
wanted to hide their sensors in the enemyrsquos facilities These devices had to send data to their
nations without being spotted
5SOME DEFINITIONS
We give some definitions common to the steganography field
10
Cover medium This is the medium in which we want to hide data it can be an innocent
looking piece of information for steganography or some important medium that must be
protected for copyright or integrity reasons
Embedded message This is the hidden message we want to put in the cover It can be some
data for steganography and some copyright informations or added content for digital
watermarking
Stegokey This is represented by some secret information which is needed in order to extract
the embedded message from the stegomedium
Stego-medium This is the final piece of information that the casual observer can see
We can define this simple formula
Cover-medium + embedded-message = stego-message
6BASIC METHOD BEHIND STEGANOGRAPHY
FigSteganography process
7IMAGE FILES
To a computer an image is an array of numbers that represent an array of numbers that
represent light intensities at various points or pixels These pixels make up the imagersquos raster
data A common image size is 640 480 and 256 colors (or 8 bits per pixel) Such an image
could contain about 300 kb of data Digital images are typically stored as either 24-bit or 8-
11
bit files A 24-bit image provides the most space for hiding information however it can be
quite large except for the JPEG images A 24-bit image of 1024 pixels width and 768 pixels
height has more than two million pixels each having 24-bits which would produce a file
exceeding 2 Mega bytes Such a file would attract attention during transmission File
compression would thus be beneficial if not necessary to transmit such a file
71File compression
There are two types of file compression methods- lossless and lossy Both methods save
storage space but have different results interfering with the hidden information when
information is uncompressed Lossless compression lets us reconstruct the original message
exactly therefore it is preferred when the original information must remain intact (as with
steganographic images) Lossless compression as typical of images saved as GIF and 8-bit
BMP Lossless compression on the other hand saves space but may not maintain the original
imagersquos integrity This method typifies images saved as JPEG Due to the lossy compression
algorithm which we discuss later the JPEG formats provide close approximations to high-
quality digital photographs but not an exact duplicate Hence the term ldquolossy compressionrdquo
72Embedding data
Embedding data which is to be hidden into an image requires two files The first is the
innocent looking image that will hold the hidden information called the cover image The
second file is the message- the information to be hidden A message may be plain text cipher
text other images or anything that can be embedded in a bit stream when combined the
cover image and the embedded message make a stego- image A stego-key (a type of
password) may also be used to hide and then later decode the message
Most steganographic software neither supports not recommends using JPEG images But
recommends instead the use of lossless 24-bit images such as BMP The next best alternative
to 24-bit images is 256- color or gray scale images The most common of these found on the
Internet are GIF files
Every AC coefficient in the interval [minus88] is shown on the yaxis in Fig 7 in particular the
black columns represent the differences introduced by F5 embedding step while the white
ones correspond to the number of modifications yielded by ISC embedding process
12
Fig ISC for JPEG sequence(Embedded step)
FigISC for JPEG sequence(Extracting step)
In 8-bit color images such as GIF files each pixel is represented by a single byte and each
pixel nearly points to a color index able (a palette) with 256 possible colors The pixels value
is between 0 and 255 The software simply paints the indicated color on the screen at the
selected pixel position
Many steganography experts recommend the use of images featuring 256 shades of grapy
Gray scale images are preferred because the shades change very gradually from byte to byte
and the less the value changes between palette entries the better they can hide information
13
When considering an image in which to hide information you must consider the image as
well as the palette Obviously an image with large areas of solid colors is a poor choice as
variances created from the embedded massage will be noticeable in the solid areas
73 Data embedded security system
The choice of embedding algorithm in the most cases is driven by the results of the
steganographic channel robustness analysis One of the areas that improves steganographic
robustness is usage of a key scheme for embedding messagesVarious key steganographic
schemes have various levels of protection Key scheme term means a procedure of how to use
key steganographic system based on the extent of its use However when the steganographic
robustness is increased a bandwidth of the whole embedding system is decreased Therefore
the task of a scheme selection for achieving the optimal values of the steganographic system
is not trivial
Embedding messages in steganographic system can be carried out without use of a key or
with use of a key To improve steganographic robustness key can be used as a verification
option It can make an impact on the distribution of bits of a message within a container as
well as an impact on the procedure of forming a sequence of embedded bits of a message
The first level of protection is determined only by the choice of embedding algorithm This
may be the least significant bits modification algorithm or algorithms for modifying the
frequency or spatial-temporal characteristics of the container The first level of protection is
presented in any steganographic channel Steganographic system in this case can be
represented as shown at The First Protection Level Scheme figure There following notations
are used c - is a container file F - steganographic channel space (frequency orand amplitude
container part that is available for steganographic modification and message signal
transmission) SC - steganographic system m - message to be embedded E - embedding
method ĉ - modified container file
The second protection level of the steganographic system as well as all levels of protection
of the higher orders is characterized by the use of Key (password) via steganographic
modification An example of a simple key scheme which provides a second level of
protection is to write the unmodified or modified password in the top or bottom of the
message or the distribution of the password sign on the entire length of the steganographic
channel Such key schemes do not affect the distribution of messages through the container
and do not use a message preprocessing according to the defined key (see figure The Second
14
Protection Level Scheme) This kind of steganographic systems are used in such tasks as for
instance adding a digital signature for proof of copyright Data embedding performance is
not changed in comparison with the fastest approach of the first protection level usage
Steganographic data channels that use key schemes based distribution of a message through
the container and or preprocessing of an embedded message for data hiding are more secure
When the third protection level key scheme is used it affects the distribution of a message
through the container (see figure The Third Protection Level Scheme where F(P L) ndash
distribution function of a message within a container P ndash minimum number of container
samples that are needed to embed one message sample L ndash step of a message distribution
within a container) Accordingly the performance of container processing will be lower than
in the case of the first and the second key schemes Taking into account that PgeL the
simplest representation of the F(P L) function could be as following
F(P L) = cycleL + stepP
where cycle is a number of the current L section and step is a number of the embedded
message sample
The difference between the fourth protection level scheme and the third one is that in
steganographic system there are two distribution functions of a message within a container
are used The first is responsible for a message samples selection according to some function
G(Q N) and the second function F(P L) is responsible for position selection in a container
for message sample hiding Here Q ndash the size of message block to be inserted N ndash the size (in
bits) of one sample of the message file (see figure The Fourth Protection Level Scheme)
8CONCEALMENT IN DIGITAL IMAGES
Information can be hidden many different ways in images To hide information straight
message insertion may encode every bit of information in the message or selectively embed
the message in ldquonoisyrdquo areas that draw less attention- those areas where there is a great deal
of natural color variation The message may also be scattered randomly throughout the
image Redundant pattern encoding ldquowallpapersrdquo the cover image with the message
Image based Steganography is the most popular method for message concealment In this
paper two techniques are proposed for enhancing the message secrecy using image based
steganography The first technique is based on the use of punctuation marks to encode a
secret message before embedding it into the image file The second technique is based on the
15
use of modified scytale cipher to hide a secret message in an image file Both of these
techniques have been implemented and tested using the S-Tools software package The
original and stego-images both are shown for the purpose of comparison
A number of ways exist to hide information in digital images Common approaches include
1048766 Least significant bit (LSB) insertion
1048766 Masking and filtering
1048766 Algorithms and transformations
81Least significant bit insertion
Least significant Bit insertion is a common simple approach to embedding information in a
cover file To hide an image in the LSBs of each byte of a 24-bit image you can store 3 bits
in each pixel A 1024 768 image has the potential to hide a total of 2359296 bits of
information Ti you compress the message to be hidden before you embed it you can hide a
large amount of information To the human eye the resulting stego-image will look identical
to the cover image
82Masking and Filtering
Masking and filtering techniques usually restricted to 24-bit and tray-scale images hide
information by marking an image in a manner similar to paper watermarks Watermarking
techniques may be applied without fear of image destruction due to lossy compression
because they are more integrated into the image
Visible watermarks are not steganography by definition The difference is primarily one of
intent Traditional steganography conceals information watermarks extend information and
become an attribute of the cover image Digital watermarks may include such information as
copyright ownership or license In steganography the object of communication is the hidden
message In digital watermarking the object of communication is the cover
To create a watermarked image we increase the luminance of the masked area by 15
percent If we were to change the luminance by a smaller percentage the mask would be
undetected by the human eye Now we can use the watermarked image to hide plaintext or
encoded information
Masking is more robust than LSB insertion with respect to compression cropping and some
image processing Masking techniques embed information in more significant areas so that
16
the hidden message is more integral to the cover image than just hiding it in the ldquonoiserdquo level
This makes it more suitable than LSB with lossy JPEG images
83Algorithms and Transformations
LSB manipulation is a quick and easy way to hide information but is vulnerable to small
changes resulting from image processing or lossy compression Such compression is a key
advantage that JPEG images have over other formats High quality images can be stored in
relatively small files using JPEG compression method
One steganographic method that integrates the compression algorithm for hiding the
information is Jpeg-Jsteg Jpeg-Jsteg creates a JPEG stego image from the input of a message
to be hidden and a lossless cover mage
Another method used in Patchwork and similar techniques is the redundant pattern encoding
Here the hidden information is scattered throughout the cover mage These approaches may
help protect against image processing such as cropping and rotations and they hide
information more thoroughly than by simply masking They also support image manipulation
more readily than tools that rely on LSB In using redundant pattern encoding you must trade
off message size against robustness A large message may be embedded only once because it
would occupy a much greater portion of the image area
Other techniques encrypt and scatter the hidden data throughout an image Scattering the
message makes it appear more like noise Proponents of this approach assume that even if the
message bits are extracted they will be useless without the algorithm and stego-key to
decode them Scattering and encryption helps protect against hidden message extraction but
not against message destruction through image processing A scattered message in the
imagersquos LSBs is still as vulnerable to destruction from lossy compression and image
processing as is a clear text message inserted in the LSBs
84 Countermeasures and detection
Detection of physical steganography requires careful physical examination including the use
of magnification developer chemicals and ultraviolet light It is a time-consuming process
with obvious resource implications even in countries where large numbers of people are
employed to spy on their fellow nationals However it is feasible to screen mail of certain
suspected individuals or institutions such as prisons or prisoner-of-war (POW) camps
During World War II a technology used to ease monitoring of POW mail was specially
17
treated paper that would reveal invisible ink An article in the June 24 1948 issue of Paper
Trade Journal by the Technical Director of the United States Government Printing Office
Morris S Kantrowitz describes in general terms the development of this paper three
prototypes of which were named Sensicoat Anilith and Coatalith paper These were for the
manufacture of post cards and stationery to be given to German prisoners of war in the US
and Canada If POWs tried to write a hidden message the special paper would render it
visible At least two US patents were granted related to this technology one to Mr
Kantrowitz No 2515232 Water-Detecting paper and Water-Detecting Coating
Composition Therefor patented July 18 1950 and an earlier one Moisture-Sensitive Paper
and the Manufacture Thereof No 2445586 patented July 20 1948 A similar strategy is to
issue prisoners with writing paper ruled with a water-soluble ink that runs when in contact
with a water-based invisible ink
In computing detection of steganographically encoded packages is called steganalysis The
simplest method to detect modified files however is to compare them to known originals
For example to detect information being moved through the graphics on a website an analyst
can maintain known-clean copies of these materials and compare them against the current
contents of the site The differences assuming the carrier is the same will compose the
payload In general using extremely high compression rate makes steganography difficult
but not impossible While compression errors provide a hiding place for data high
compression reduces the amount of data available to hide the payload in raising the encoding
density and facilitating easier detection (in the extreme case even by casual observation)
9 LEAST SIGNIFICANT BIT (LSB) INSERTION
91Technique basics
Today when converting an analog image to digital format we usually choose between three
different ways of representing colors
1048766 24-bit color every pixel can have one in 2^24 colors and these are represented as different
quantities of three basic colors red (R) green (G) blue (B) given by 8 bits (256 values)
each
18
1048766 8-bit color every pixel can have one in 256 (2^8) colors chosen from a palette or a table
of colors
1048766 8-bit gray-scale every pixel can have one in 256 (2^8) shades of gray
LSB insertion modifies the LSBs of each color in 24-bit images or the LSBs of the 8-bit
value for 8-bit images
92Data Rate
The most basic of LSBs insertion for 24-bit pictures inserts 3 bitspixel Since every pixel is
24 bits we can hide
3 hidden-bitspixel 24 data-bitspixel = 18 hidden-bitsdatabits
So for this case we hide 1 bit of the embedded message for every 8 bits of the cover image If
we pushed the insertion to include the second LSBs the formula would change to
6 hidden-bitspixel 24 data-bitspixel = 28 hidden-bitsdatabits
And we would hide 2 bits of the embedded message for every 8 bits of the cover image
Adding a third-bit insertion we would get
9 hidden-bitspixel 24 data-bitspixel = 38 hidden-bitsdatabits
Acquiring a data rate of 3 embedded bits every 8 bits of the image The data rate for insertion
in 8-bit images is analogous to the 1 LSB insertion in 24-bit images or 1 embedded bit every
8 cover bits We can see the problem in another light and ask how many cover bytes are
needed to send an embedded byte
For 1-LSB insertion in 24-bit images or in 8-bit images this value would be 818 = 8 Bytes
For 2-LSBs insertion in 24-bit pictures it would be 828 = 4 Bytes for 3-LSBs insertion it
would be 838 = 2133 Bytes
93Robustness
LSB insertion is very vulnerable to a lot of transformationseven the most harmless and usual
ones Lossy compression eg JPEG is very likely to destroy it completely The problem is
that the holes in the Human Visual System that LSB insertion tries to exploit ndash little
sensitivity to added noise - are the same that lossy compression algorithms rely on to be able
to reduce the data rate of images
19
Geometrical transformations moving the pixels around and especially message and the only
one that could allow recovery is a simple translation Any other kind of picture
transformation like blurring or other effects usually will destroy the hidden data All in all
LSB insertion is a very little robust technique for data hiding displacing them from the
original grid are likely to destroy the embedded
94Ease of detectionextraction
There is no theoretical outstanding mark of LSB insertion if not a little increase of
background noise Itrsquos very easy instead to extract LSBs even with simple programs and to
check them later to find if they mean something or not
95Suitability for steganography or watermarking
First of all since it is a so vulnerable technique even for simple processing LSB insertion is
almost useless for digital watermarking where it must face malicious attempts at its
destruction plus normal transformations like compressiondecompression or conversion to
analog (printing or visualization)conversion to digital (scanning) Its comparatively high data
rate can point it as a good technique for steganography where robustness is not such an
important constraint
96Problems and possible solutions
Having stated that LSB insertion is good for steganography we can try to improve one of its
major drawbacks the ease of extraction We donrsquot want that a malicious attacker be able to
read everything we are sending
This is usually accomplished with two complementary techniques
Encryption of the message so that who extracts it must also decrypt it before it makes
sense
Randomizing the placement of the bits using a cryptographical random function
(scattering) so that itrsquos almost impossible to rebuild the message without knowing the
seed for the random function
In this way the message is protected by two different keys acquiring much more
confidentiality than before This approach protects also the integrity of the message being
much more difficult (we could say at least computationally infeasible) to counterfeit the
message
20
Anyway since we donrsquot want our message to be only an encrypted and scrambled message
we must go back to the purpose of making the communication hidden
The two most important issues in this problem are
The choice of images
The choice of the format (24-bit or 8-bit compressed or not)
The cover image first of all must seem casual so it must be chosen between a set of subjects
that can have a reason to be exchanged between the source and the receiver Then it must
have quite varying colors it must be noisy so that the added noise is going to be covered
by the already present one Wide solid-color areas imagnify very much any little amount of
noise added to them Second there is a problem with the file size which involves the choice
of the format Unusually big files exchanged between two peers in fact are likely to arise
suspicion
To solve this problem it has been studied a modification to the JPEG algorithm that inserts
LSBs in some of the lossless stages or pilots the rounding of the coefficients of the DCT used
to compress the image to encode the bits Since we need to have small image file sizes we
should resort in using 8-bit images if we want to communicate using LSB insertion because
their size is more likely to be considered as normal
The problem with 256 colors images is that they make use of an indexed palette and
changing a LSB means that we switch a pixel from a position to an adjacent one If there are
adjacent contrasting colors in the palette it can happen that a pixel in the image changes its
color abruptly and the hidden message becomes visible
To solve this problem different methods have been studied like rearranging the palette so
that adjacent colors donrsquot contrast so much or even reducing the palette to a smaller number
of colors and replicating the same entry in the table in adjacent positions so that the
difference after the embedding of the message is not visible at all
Moreover for most images the reduction of colors from for instance 256 to 32 is hardly
visible Most of the experts anyway advise to use 8-bit grayscale images since their palette
is much less varying than the color one so LSB insertion is going to be very hard to detect by
the human eye
21
10SSIS - SPREAD SPECTRUM IMAGE STEGANOGRAPHY
Techniques of error-control coding image restoration and those similar to spread spectrum
communication are combined within the SSIS system The fundamental concept is the
embedding of the hidden information within noise which is then added to a digital cover
image This noise is typical of the noise inherent to the image acquisition process and if kept
at low levels is not perceptible to the human eye or by computer analysis without access to
the original image To successfully decode the message image restoration techniques and
error-control coding are employed Image restoration is used to obtain an approximate
estimate of the original cover image from the stegoimage This promotes the estimation of the
embedded signal that was added to the cover in addition to allowing SSIS to be a blind
steganography scheme
Finally because the noise is of low power and the restoration process is not perfect the
estimation of the embedded signal is poor resulting in an embedded signal bit error rate
(BER) that is rather high To compensate the message signal is processed by a low-rate
error-correcting code before embedding This conglomeration of communication and image
processing techniques provides a method of reliable blind image steganography
The major processes of the stegosystem encoder are portrayed Within the system the
message is optionally encrypted with key 1 and then encoded via a low-rate
errorcorrectingcode producing the encoded message Thesender enters key 2 into a wideband
pseudorandom noise generator producing a real-valued noise sequence sequently the
modulation scheme is used to combine the message with the noise sequence thereby
composing the embedded signal which is then input into an interleaver using key 3 This
signal is now added with the cover image to produce the stegoimage which is appropriately
quantized and clipped to preserve the initial dynamic range of the cover image The
stegoimage is then transmitted in some manner to the recipient At the receiver the
stegoimage is received by the recipient who maintains the same keys as the sender uses the
stegosystem decoder to extract the hidden information The decoder uses image restoration
techniques to produce an estimate of the original cover image from the received
stegoimage The difference between and
is fed into a keyed deinterleaver to construct an estimate of the embedded signal With key
2 the noise sequence is regenerated the encoded message is then demodulated and an
estimate of the encoded message is constructed The estimate of the message is then
22
decoded via the low-rate errorcontrol decoder optionally decrypted using key 1 and revealed
to the recipient
The interleaver in this scheme which reorders the embedded signal before it is added to the
cover image serves a dual function The first is to prevent a group or burst of errors This
allows the errors to occur almost independently within a codeword thus giving the error-
correcting code an equal chance at correcting the errors in all codewords Second since the
interleaver requires a key to stipulate the interleaving algorithm this key can serve as another
level of security to establish the proper order of the embedded signal before decoding
We point out this technique as an example for spread spectrum data-hiding methods Spread
spectrum techniques are now widely used in military radio communications due to their very
high robustness to detection and extraction SSIS is a quite mature process and its aim is to
achieve low detectability ease of extraction high data rate and good robustness to removal It
is based on spread spectrum techniques but it enhances them by adding other encoding steps
FigSSIS encoder
23
FigSSIS decoder
101Technique basics
The core of SSIS is a spread spectrum encoder These devices work by modulating a narrow
band signal over a carrier The carrierrsquos frequency is continually shifted using a
pseudorandom noise generator fed with a secret key In this way the spectral energy of the
signal is spread over a wide band thus decreasing its density usually under the noise level
To extract the embedded message the receiver must use the same key and noise generator to
tune on the right frequencies and demodulate the original signal A casual observer wonrsquot be
able even to detect the hidden communication since it is under the noise level
102Data Rate
The data rate for this technique can be fairly high but it depends on the choices made for the
different parameters of the encoding We can assume that the message will be compressed
before embedding to allow for a higher capacity The ECC encoder instead is going to insert
redundant data into the stream to be able to correct the errors The more errors we want to
correct the more bits will be added Then we have a tradeoff between good retrieval and
capacity If we can allow for small glitches in the recovered message then we can use a
weaker encoding
Moreover the more data we want to insert in the image the more noise we are going to add
to it Then if our cover is not noisy we will be able to hide very little data while if we
choose a noisy one its capacity will be higher Experiments with 512x512 grey scale images
(256 KB) could embed from 500 bytes to 5KB depending on the cover These experiments
used a spread spectrum signal powerful enough to give almost total error-free retrieval
because the compression method adopted didnrsquot allow for any errors This means a data rate
24
varying from 1 hidden-bytes50 cover-bytes to 10 hiddenbytes 50 cover-bytes a rate
surpassed only by LSB insertion
103Robustness
Spread spectrum techniques are usually quite robust Every transformation that adds noise to
the image isnrsquot able to destroy the message Anyway a determined attacker can quite easily
compromise the embedded data using some digital processing like for examplenoise
reduction filters the same that are used in decoding to estimate the original cover
104Ease of detectionextraction
Spread spectrum encoding is widely used in military communications for its robustness
against detection An attacker canrsquot usually even know if the message was embedded and
anyway it will be very hard for him to extract it without knowing the right key2 and key3
105Suitability for steganography or watermarking
Due to its fairly high capacity and low ease of detection and extraction SISS is very good for
steganography
106Problems and possible solutions
The basic tradeoff in using SSIS is between the error rate we can afford and the amount of
informations we want to embed that varies in turn the power of the added noise The ECC is
used to allow for a lower power without increasing the Bit Error Rate as well
Further improvements will deal with improving the original cover estimate stage so that itrsquoll
lead to a lower Bit Error Rate in the recovered signal allowing to use less redundant ECCs
The first is redundant encoding by dividing the cover into blocks and embedding the same
message in each of them so that the hidden data can be extracted even from a part of the
image as big as one block but the more of it we have the more certain we can be about the
result
Moreover they added to the spectrum a template that can through a log-polar transform
applied to the spectrum of the stegoimage determine the original scale factor and orientation
of the image rendering the stego-message virtually immune to scaling and rotation Finally
spread spectrum techniques can add an adaptive perceptual masking filter before the insertion
of the signal so that the added noise is quite sure to be under perceptual limits This
25
however will increase the error rate in the retrieval because it reduces the power of the
embedded signal
11Applications of Steganography
Steganography is applicable to but not limited to the following areas
1) Confidential communication and secret data storing
2) Protection of data alteration
3) Access control system for digital content distribution
4) Media Database systems
The area differs in what feature of the steganography is utilized in each system
111 Confidential communication and secret data storing
The secrecy of the embedded data is essential in this areaHistorically steganography have
been approached in this area Steganography provides us with
(A) Potential capability to hide the existence of confidential data
(B) Hardness of detecting the hidden (ie embedded) data
(C) Strengthening of the secrecy of the encrypted data
In practice when you use some steganography you must first select a vessel data according
to the size of the embedding data The vessel should be innocuous Then you embed the
confidential data by using an embedding program (which is one component of the
steganography software) together with some key When extracting you (or your party) use an
extracting program (another component) to recover the embedded data by the same key
( common key in terms of cryptography) In this case you need a key negotiation before
you start communication
Attaching a stego file to an e-mail message is the simplest example in this application area
But you and your party must do a sending-and-receiving action that could be noticed by a
third party So e-mailing is not a completely secret communication methodThere is an easy
method that has no key-negotiation We have a model of Anonymous Covert Mailing
System There is some other communication method that uses the Internet Webpage In this
26
method you dont need to send anything to your party and no one can detect your
communication
Each secrecy based application needs an embedding process which leaves the smallest
embedding evidence You may follow the following
(A) Choose a large vessel larger the better compared with the embedding data
(B) Discard the original vessel after embedding
For example in the case of Qtech Hide amp View it leaves some latent embedding evidence
even if the vessel has a very large embedding capacity You are recommended to embed only
25 or less (for PNG BMP output) of the maximum capacity or only 3 of the vessel size
(for JPEG output)
112 Protection of data alteration
We take advantage of the fragility of the embedded data in this application area
The embedded data can rather be fragile than be very robust Actually embedded data are
fragile in most steganography programs Especially Qtech Hide amp View program embeds
data in an extremely fragile manner However this fragility opens a new direction toward an
information-alteration protective system such as a Digital Certificate Document System
The most novel point among others is that no authentication bureau is needed If it is
implemented people can send their digital certificate data to any place in the world through
Internet No one can forge alter nor tamper such certificate data If forged altered or
tampered it is easily detected by the extraction program
Stated somewhat more formally the objective for making steganographic encoding difficult
to detect is to ensure that the changes to the carrier (the original signal) due to the injection of
the payload (the signal to covertly embed) are visually (and ideally statistically) negligible
that is to say the changes are indistinguishable from the noise floor of the carrier Any
medium can be a carrier but media with a large amount of redundant or compressible
information are better suited
From an information theoretical point of view this means that the channel must have more
capacity than the surface signal requires that is there must be redundancy For a digital
image this may be noise from the imaging element for digital audio it may be noise from
recording techniques or amplification equipment In general electronics that digitize an
analog signal suffer from several noise sources such as thermal noise flicker noise and shot
27
noise This noise provides enough variation in the captured digital information that it can be
exploited as a noise cover for hidden data In addition lossy compression schemes (such as
JPEG) always introduce some error into the decompressed data it is possible to exploit this
for steganographic use as well
Steganography can be used for digital watermarking where a message (being simply an
identifier) is hidden in an image so that its source can be tracked or verified (for example
Coded Anti-Piracy) or even just to identify an image (as in the EURion constellation)
113 Access control system for digital content distribution
In this area embedded data is hidden but is explained to publicize the contentToday
digital contents are getting more and more commonly distributed by Internet than ever before
For example music companies release new albums on their Webpage in a free or charged
manner However in this case all the contents are equally distributed to the people who
accessed the page So an ordinary Web distribution scheme is not suited for a case-by-case
and selective distribution Of course it is always possible to attach digital content to e-mail
messages and send to the customers But it will takes a lot of cost in time and labor
If you have some valuable content which you think it is okay to provide others if they really
need it and if it is possible to upload such content on the Web in some covert manner And if
you can issue a special access key to extract the content selectively you will be very happy
about it A steganographic scheme can help realize a this type of system
We have developed a prototype of an Access Control System for digital content
distribution through Internet The following steps explain the scheme
(1) A content owner classify hisher digital contents in a folder-by-folder manner and embed
the whole folders in some large vessel according to a steganographic method using folder
access keys and upload the embedded vessel (stego data) on hisher own Webpage
(2) On that Webpage the owner explains the contents in depth and publicize worldwide The
contact information to the owner (post mail address e-mail address phone number etc) will
be posted there
(3) The owner may receive an access-request from a customer who watched that Webpage In
that case the owner may (or may not) creates an access key and provide it to the customer
(free or charged)
28
In this mechanism the most important point is a selective extraction is possible or notWe
have already developed such a selective extraction program to implement the system
114 Media Database systems
In this application area of steganography secrecy is not important but unifying two types of
data into one is the most importantMedia data (photo picture movie music etc) have some
association with other information A photo picture for instance may have the following
(1) The title of the picture and some physical object information
(2) The date and the time when the picture was taken
(3) The camera and the photographers information
Formerly these are annotated beside the each picture in the albumRecently almost all
cameras are digitalized They are cheap in price easy to use quick to shoot They eventually
made people feel reluctant to work on annotating each picture Now most home PCs are
stuck with the huge amount of photo files In this situation it is very hard to find a specific
shot in the piles of pictures A photo album software may help a little You can sort the
pictures and put a couple of annotation words to each photo When you want to find a
specific picture you can make a search by keywords for the target picture However the
annotation data in such software are not unified with the target pictures Each annotation only
has a link to the picture Therefore when you transfer the pictures to a different album
software all the annotation data are lost
This problem is technically referred to as Metadata (eg annotation data) in a media
database system (a photo album software) are separated from the media data (photo data) in
the database managing system (DBMS) This is a big problem
Steganography can solve this problem because a steganography program unifies two types of
data into one by way of embedding operation So metadata can easily be transferred from
one system to another without hitch Specifically you can embed all your goodbad memory
(of your sight-seeing trip) in each snap shot of the digital photo You can either send the
embedded picture to your friend to extract your memory on hisher PC or you may keep it
silent in your own PC to enjoy extracting the memory ten years after If a motion picture
steganography system has been developed in the near future a keyword based movie-scene
retrieving system will be implemented It will be a step to a semantic movie retrieval system
29
12CONCLUSION
In this paper we tried to give an all-round view of steganography both used to exchange
messages and watermarking First we gave an outline of the problem telling also some of the
history of this quickly developing field Then we showed the different techniques invented
from the simplest to the more complex ones trying to evaluate them under many points of
view Major emphasis was put on data hiding in images for the techniques involved are
usually more mature than the corresponding ones for other kinds of informations Image
encoding algorithms can also be representative for manipulation of other types of media like
voice text binary files binary files communication channels etc
The strength of our system resides in the new concept of key image Involving two images
(the cover and the key) in place of only one (the cover) we are able to change the cover
coefficients randomly This opportunity does not give a steganalytic tool the chance of
searching for a predictable set of modifications The proposed approach has many
applications in hiding and coding messages within standard medias such as images or videos
As future work we intend to study steganalytic techniques for ISC and to extend ISC to
mobile video communication
Then we gave an outline of the problems involved with watermarking a field that has come
into light after the development of broadband worldwide digital networks Steganography and
digital watermarking are undergoing a development process similar to that of encryption
Steganographyrsquos niche in security is to supplement cryptography and not to replace it There
is a continuous invention of new techniques for steganography followed by successful
breakings and new improvements of them
30
13REFERENCES
Neil F Johnson Sushil Jajodia George Mason University Exploring
Steganography Seeing the Unseen IEEE Computers February 1998 pp 26-34
W Bender D Gruhl N Morimoto A Lu Techniques for Data Hiding IBM
Systems Journal Vol 35
Ross Anderson Roger Needham Adi Shamir The Steganographic File System 2nd
Information Hiding Workshop 1998
Ross J Anderson Fabien AP Petitcolas On the limits of steganographyrdquo
W Bender D Gruhl N Morimoto and A Lu ldquoTechniques for data hidingrdquo IBM
Syst J vol 35 1996
I J Cox J Kilian T Leighton and T Shamoon ldquoSecure spread spectrum
watermarking for images audio and videordquo in Proc IEEE Int Conf Image
Processing Lausanne Switzerland Sept 1996 vol 111 pp 243ndash246
D Kahn The CodebreakersmdashThe Story of Secret Writing New York Scribner
1967
F Johnson and S Jajodia ldquoExploring steganography Seeing the unseenrdquo IEEE
Computer Mag pp 26ndash34 Feb 1998
B Pfitzmann ldquoTrials of traced traitorsrdquo in Information Hiding First International
Workshop Lecture Notes in Computer Science R Anderson Ed Berlin Germany
Springer-Verlag 1996 vol 1 pp 49ndash64
J R Smith and B O Comisky ldquoModulation and information hiding in imagesrdquo in
Information Hiding First International Workshop Lecture Notes in Computer
Science R Anderson Ed Berlin Germany Springer-Verlag 1996 vol 1174 pp
207ndash226
L M Marvel and C G Boncelet Jr ldquoCapacity of the additive steganographic
channelrdquo submitted for publication
R van Schyndel A Tirkel and C Osborne ldquoA digital watermarkrdquo in Proc IEEE Int
Conf Image Processing 1994 vol 2 pp 86ndash90
R B Wolfgang and E J Delp ldquoA watermark for digital imagesrdquo in Proc IEEE Int
Conf Image Processing Lausanne Switzerland Sept 1996 vol 111 pp 219ndash222
31
- 84 Countermeasures and detection
- Detection of physical steganography requires careful physical examination including the use of magnification developer chemicals and ultraviolet light It is a time-consuming process with obvious resource implications even in countries where large numbers of people are employed to spy on their fellow nationals However it is feasible to screen mail of certain suspected individuals or institutions such as prisons or prisoner-of-war (POW) camps During World War II a technology used to ease monitoring of POW mail was specially treated paper that would reveal invisible ink An article in the June 24 1948 issue of Paper Trade Journal by the Technical Director of the United States Government Printing Office Morris S Kantrowitz describes in general terms the development of this paper three prototypes of which were named Sensicoat Anilith and Coatalith paper These were for the manufacture of post cards and stationery to be given to German prisoners of war in the US and Canada If POWs tried to write a hidden message the special paper would render it visible At least two US patents were granted related to this technology one to Mr Kantrowitz No 2515232 Water-Detecting paper and Water-Detecting Coating Composition Therefor patented July 18 1950 and an earlier one Moisture-Sensitive Paper and the Manufacture Thereof No 2445586 patented July 20 1948 A similar strategy is to issue prisoners with writing paper ruled with a water-soluble ink that runs when in contact with a water-based invisible ink
-
(γραφή) meaning writing The first recorded use of the term was in 1499 by Johannes
Trithemius in his Steganographia a treatise on cryptography and steganography disguised as
a book on magic Generally messages will appear to be something else images articles
shopping lists or some other covertext and classically the hidden message may be in
invisible ink between the visible lines of a private letter
The advantage of steganography over cryptography alone is that messages do not attract
attention to themselves Plainly visible encrypted messagesmdashno matter how unbreakablemdash
will arouse suspicion and may in themselves be incriminating in countries where encryption
is illegal[1] Therefore whereas cryptography protects the contents of a message
steganography can be said to protect both messages and communicating parties
Steganography includes the concealment of information within computer files In digital
steganography electronic communications may include steganographic coding inside of a
transport layer such as a document file image file program or protocol Media files are ideal
for steganographic transmission because of their large size As a simple example a sender
might start with an innocuous image file and adjust the color of every 100th pixel to
correspond to a letter in the alphabet a change so subtle that someone not specifically
looking for it is unlikely to notice it
Kahn tells of a trick used in China of embedding a code ideogram at a prearranged position in
a dispatch a similar idea led to the grille system used in medieval Europe where a wooden
template would be placed over a seemingly innocuous text highlighting an embedded secret
message Invisible ink offered a common form of invisible writing
Early in WWII steganographic technology consisted almost exclusively of these inks With
invisible ink a seemingly innocent letter could contain a very different message written
between the lines During WWII the grille spies used method or some variants In the same
period the Germans developed microdot technology which prints a clear good quality
photograph shrinking it to the size of a dot During the Cold War period USSR and US
wanted to hide their sensors in the enemyrsquos facilities These devices had to send data to their
nations without being spotted
5SOME DEFINITIONS
We give some definitions common to the steganography field
10
Cover medium This is the medium in which we want to hide data it can be an innocent
looking piece of information for steganography or some important medium that must be
protected for copyright or integrity reasons
Embedded message This is the hidden message we want to put in the cover It can be some
data for steganography and some copyright informations or added content for digital
watermarking
Stegokey This is represented by some secret information which is needed in order to extract
the embedded message from the stegomedium
Stego-medium This is the final piece of information that the casual observer can see
We can define this simple formula
Cover-medium + embedded-message = stego-message
6BASIC METHOD BEHIND STEGANOGRAPHY
FigSteganography process
7IMAGE FILES
To a computer an image is an array of numbers that represent an array of numbers that
represent light intensities at various points or pixels These pixels make up the imagersquos raster
data A common image size is 640 480 and 256 colors (or 8 bits per pixel) Such an image
could contain about 300 kb of data Digital images are typically stored as either 24-bit or 8-
11
bit files A 24-bit image provides the most space for hiding information however it can be
quite large except for the JPEG images A 24-bit image of 1024 pixels width and 768 pixels
height has more than two million pixels each having 24-bits which would produce a file
exceeding 2 Mega bytes Such a file would attract attention during transmission File
compression would thus be beneficial if not necessary to transmit such a file
71File compression
There are two types of file compression methods- lossless and lossy Both methods save
storage space but have different results interfering with the hidden information when
information is uncompressed Lossless compression lets us reconstruct the original message
exactly therefore it is preferred when the original information must remain intact (as with
steganographic images) Lossless compression as typical of images saved as GIF and 8-bit
BMP Lossless compression on the other hand saves space but may not maintain the original
imagersquos integrity This method typifies images saved as JPEG Due to the lossy compression
algorithm which we discuss later the JPEG formats provide close approximations to high-
quality digital photographs but not an exact duplicate Hence the term ldquolossy compressionrdquo
72Embedding data
Embedding data which is to be hidden into an image requires two files The first is the
innocent looking image that will hold the hidden information called the cover image The
second file is the message- the information to be hidden A message may be plain text cipher
text other images or anything that can be embedded in a bit stream when combined the
cover image and the embedded message make a stego- image A stego-key (a type of
password) may also be used to hide and then later decode the message
Most steganographic software neither supports not recommends using JPEG images But
recommends instead the use of lossless 24-bit images such as BMP The next best alternative
to 24-bit images is 256- color or gray scale images The most common of these found on the
Internet are GIF files
Every AC coefficient in the interval [minus88] is shown on the yaxis in Fig 7 in particular the
black columns represent the differences introduced by F5 embedding step while the white
ones correspond to the number of modifications yielded by ISC embedding process
12
Fig ISC for JPEG sequence(Embedded step)
FigISC for JPEG sequence(Extracting step)
In 8-bit color images such as GIF files each pixel is represented by a single byte and each
pixel nearly points to a color index able (a palette) with 256 possible colors The pixels value
is between 0 and 255 The software simply paints the indicated color on the screen at the
selected pixel position
Many steganography experts recommend the use of images featuring 256 shades of grapy
Gray scale images are preferred because the shades change very gradually from byte to byte
and the less the value changes between palette entries the better they can hide information
13
When considering an image in which to hide information you must consider the image as
well as the palette Obviously an image with large areas of solid colors is a poor choice as
variances created from the embedded massage will be noticeable in the solid areas
73 Data embedded security system
The choice of embedding algorithm in the most cases is driven by the results of the
steganographic channel robustness analysis One of the areas that improves steganographic
robustness is usage of a key scheme for embedding messagesVarious key steganographic
schemes have various levels of protection Key scheme term means a procedure of how to use
key steganographic system based on the extent of its use However when the steganographic
robustness is increased a bandwidth of the whole embedding system is decreased Therefore
the task of a scheme selection for achieving the optimal values of the steganographic system
is not trivial
Embedding messages in steganographic system can be carried out without use of a key or
with use of a key To improve steganographic robustness key can be used as a verification
option It can make an impact on the distribution of bits of a message within a container as
well as an impact on the procedure of forming a sequence of embedded bits of a message
The first level of protection is determined only by the choice of embedding algorithm This
may be the least significant bits modification algorithm or algorithms for modifying the
frequency or spatial-temporal characteristics of the container The first level of protection is
presented in any steganographic channel Steganographic system in this case can be
represented as shown at The First Protection Level Scheme figure There following notations
are used c - is a container file F - steganographic channel space (frequency orand amplitude
container part that is available for steganographic modification and message signal
transmission) SC - steganographic system m - message to be embedded E - embedding
method ĉ - modified container file
The second protection level of the steganographic system as well as all levels of protection
of the higher orders is characterized by the use of Key (password) via steganographic
modification An example of a simple key scheme which provides a second level of
protection is to write the unmodified or modified password in the top or bottom of the
message or the distribution of the password sign on the entire length of the steganographic
channel Such key schemes do not affect the distribution of messages through the container
and do not use a message preprocessing according to the defined key (see figure The Second
14
Protection Level Scheme) This kind of steganographic systems are used in such tasks as for
instance adding a digital signature for proof of copyright Data embedding performance is
not changed in comparison with the fastest approach of the first protection level usage
Steganographic data channels that use key schemes based distribution of a message through
the container and or preprocessing of an embedded message for data hiding are more secure
When the third protection level key scheme is used it affects the distribution of a message
through the container (see figure The Third Protection Level Scheme where F(P L) ndash
distribution function of a message within a container P ndash minimum number of container
samples that are needed to embed one message sample L ndash step of a message distribution
within a container) Accordingly the performance of container processing will be lower than
in the case of the first and the second key schemes Taking into account that PgeL the
simplest representation of the F(P L) function could be as following
F(P L) = cycleL + stepP
where cycle is a number of the current L section and step is a number of the embedded
message sample
The difference between the fourth protection level scheme and the third one is that in
steganographic system there are two distribution functions of a message within a container
are used The first is responsible for a message samples selection according to some function
G(Q N) and the second function F(P L) is responsible for position selection in a container
for message sample hiding Here Q ndash the size of message block to be inserted N ndash the size (in
bits) of one sample of the message file (see figure The Fourth Protection Level Scheme)
8CONCEALMENT IN DIGITAL IMAGES
Information can be hidden many different ways in images To hide information straight
message insertion may encode every bit of information in the message or selectively embed
the message in ldquonoisyrdquo areas that draw less attention- those areas where there is a great deal
of natural color variation The message may also be scattered randomly throughout the
image Redundant pattern encoding ldquowallpapersrdquo the cover image with the message
Image based Steganography is the most popular method for message concealment In this
paper two techniques are proposed for enhancing the message secrecy using image based
steganography The first technique is based on the use of punctuation marks to encode a
secret message before embedding it into the image file The second technique is based on the
15
use of modified scytale cipher to hide a secret message in an image file Both of these
techniques have been implemented and tested using the S-Tools software package The
original and stego-images both are shown for the purpose of comparison
A number of ways exist to hide information in digital images Common approaches include
1048766 Least significant bit (LSB) insertion
1048766 Masking and filtering
1048766 Algorithms and transformations
81Least significant bit insertion
Least significant Bit insertion is a common simple approach to embedding information in a
cover file To hide an image in the LSBs of each byte of a 24-bit image you can store 3 bits
in each pixel A 1024 768 image has the potential to hide a total of 2359296 bits of
information Ti you compress the message to be hidden before you embed it you can hide a
large amount of information To the human eye the resulting stego-image will look identical
to the cover image
82Masking and Filtering
Masking and filtering techniques usually restricted to 24-bit and tray-scale images hide
information by marking an image in a manner similar to paper watermarks Watermarking
techniques may be applied without fear of image destruction due to lossy compression
because they are more integrated into the image
Visible watermarks are not steganography by definition The difference is primarily one of
intent Traditional steganography conceals information watermarks extend information and
become an attribute of the cover image Digital watermarks may include such information as
copyright ownership or license In steganography the object of communication is the hidden
message In digital watermarking the object of communication is the cover
To create a watermarked image we increase the luminance of the masked area by 15
percent If we were to change the luminance by a smaller percentage the mask would be
undetected by the human eye Now we can use the watermarked image to hide plaintext or
encoded information
Masking is more robust than LSB insertion with respect to compression cropping and some
image processing Masking techniques embed information in more significant areas so that
16
the hidden message is more integral to the cover image than just hiding it in the ldquonoiserdquo level
This makes it more suitable than LSB with lossy JPEG images
83Algorithms and Transformations
LSB manipulation is a quick and easy way to hide information but is vulnerable to small
changes resulting from image processing or lossy compression Such compression is a key
advantage that JPEG images have over other formats High quality images can be stored in
relatively small files using JPEG compression method
One steganographic method that integrates the compression algorithm for hiding the
information is Jpeg-Jsteg Jpeg-Jsteg creates a JPEG stego image from the input of a message
to be hidden and a lossless cover mage
Another method used in Patchwork and similar techniques is the redundant pattern encoding
Here the hidden information is scattered throughout the cover mage These approaches may
help protect against image processing such as cropping and rotations and they hide
information more thoroughly than by simply masking They also support image manipulation
more readily than tools that rely on LSB In using redundant pattern encoding you must trade
off message size against robustness A large message may be embedded only once because it
would occupy a much greater portion of the image area
Other techniques encrypt and scatter the hidden data throughout an image Scattering the
message makes it appear more like noise Proponents of this approach assume that even if the
message bits are extracted they will be useless without the algorithm and stego-key to
decode them Scattering and encryption helps protect against hidden message extraction but
not against message destruction through image processing A scattered message in the
imagersquos LSBs is still as vulnerable to destruction from lossy compression and image
processing as is a clear text message inserted in the LSBs
84 Countermeasures and detection
Detection of physical steganography requires careful physical examination including the use
of magnification developer chemicals and ultraviolet light It is a time-consuming process
with obvious resource implications even in countries where large numbers of people are
employed to spy on their fellow nationals However it is feasible to screen mail of certain
suspected individuals or institutions such as prisons or prisoner-of-war (POW) camps
During World War II a technology used to ease monitoring of POW mail was specially
17
treated paper that would reveal invisible ink An article in the June 24 1948 issue of Paper
Trade Journal by the Technical Director of the United States Government Printing Office
Morris S Kantrowitz describes in general terms the development of this paper three
prototypes of which were named Sensicoat Anilith and Coatalith paper These were for the
manufacture of post cards and stationery to be given to German prisoners of war in the US
and Canada If POWs tried to write a hidden message the special paper would render it
visible At least two US patents were granted related to this technology one to Mr
Kantrowitz No 2515232 Water-Detecting paper and Water-Detecting Coating
Composition Therefor patented July 18 1950 and an earlier one Moisture-Sensitive Paper
and the Manufacture Thereof No 2445586 patented July 20 1948 A similar strategy is to
issue prisoners with writing paper ruled with a water-soluble ink that runs when in contact
with a water-based invisible ink
In computing detection of steganographically encoded packages is called steganalysis The
simplest method to detect modified files however is to compare them to known originals
For example to detect information being moved through the graphics on a website an analyst
can maintain known-clean copies of these materials and compare them against the current
contents of the site The differences assuming the carrier is the same will compose the
payload In general using extremely high compression rate makes steganography difficult
but not impossible While compression errors provide a hiding place for data high
compression reduces the amount of data available to hide the payload in raising the encoding
density and facilitating easier detection (in the extreme case even by casual observation)
9 LEAST SIGNIFICANT BIT (LSB) INSERTION
91Technique basics
Today when converting an analog image to digital format we usually choose between three
different ways of representing colors
1048766 24-bit color every pixel can have one in 2^24 colors and these are represented as different
quantities of three basic colors red (R) green (G) blue (B) given by 8 bits (256 values)
each
18
1048766 8-bit color every pixel can have one in 256 (2^8) colors chosen from a palette or a table
of colors
1048766 8-bit gray-scale every pixel can have one in 256 (2^8) shades of gray
LSB insertion modifies the LSBs of each color in 24-bit images or the LSBs of the 8-bit
value for 8-bit images
92Data Rate
The most basic of LSBs insertion for 24-bit pictures inserts 3 bitspixel Since every pixel is
24 bits we can hide
3 hidden-bitspixel 24 data-bitspixel = 18 hidden-bitsdatabits
So for this case we hide 1 bit of the embedded message for every 8 bits of the cover image If
we pushed the insertion to include the second LSBs the formula would change to
6 hidden-bitspixel 24 data-bitspixel = 28 hidden-bitsdatabits
And we would hide 2 bits of the embedded message for every 8 bits of the cover image
Adding a third-bit insertion we would get
9 hidden-bitspixel 24 data-bitspixel = 38 hidden-bitsdatabits
Acquiring a data rate of 3 embedded bits every 8 bits of the image The data rate for insertion
in 8-bit images is analogous to the 1 LSB insertion in 24-bit images or 1 embedded bit every
8 cover bits We can see the problem in another light and ask how many cover bytes are
needed to send an embedded byte
For 1-LSB insertion in 24-bit images or in 8-bit images this value would be 818 = 8 Bytes
For 2-LSBs insertion in 24-bit pictures it would be 828 = 4 Bytes for 3-LSBs insertion it
would be 838 = 2133 Bytes
93Robustness
LSB insertion is very vulnerable to a lot of transformationseven the most harmless and usual
ones Lossy compression eg JPEG is very likely to destroy it completely The problem is
that the holes in the Human Visual System that LSB insertion tries to exploit ndash little
sensitivity to added noise - are the same that lossy compression algorithms rely on to be able
to reduce the data rate of images
19
Geometrical transformations moving the pixels around and especially message and the only
one that could allow recovery is a simple translation Any other kind of picture
transformation like blurring or other effects usually will destroy the hidden data All in all
LSB insertion is a very little robust technique for data hiding displacing them from the
original grid are likely to destroy the embedded
94Ease of detectionextraction
There is no theoretical outstanding mark of LSB insertion if not a little increase of
background noise Itrsquos very easy instead to extract LSBs even with simple programs and to
check them later to find if they mean something or not
95Suitability for steganography or watermarking
First of all since it is a so vulnerable technique even for simple processing LSB insertion is
almost useless for digital watermarking where it must face malicious attempts at its
destruction plus normal transformations like compressiondecompression or conversion to
analog (printing or visualization)conversion to digital (scanning) Its comparatively high data
rate can point it as a good technique for steganography where robustness is not such an
important constraint
96Problems and possible solutions
Having stated that LSB insertion is good for steganography we can try to improve one of its
major drawbacks the ease of extraction We donrsquot want that a malicious attacker be able to
read everything we are sending
This is usually accomplished with two complementary techniques
Encryption of the message so that who extracts it must also decrypt it before it makes
sense
Randomizing the placement of the bits using a cryptographical random function
(scattering) so that itrsquos almost impossible to rebuild the message without knowing the
seed for the random function
In this way the message is protected by two different keys acquiring much more
confidentiality than before This approach protects also the integrity of the message being
much more difficult (we could say at least computationally infeasible) to counterfeit the
message
20
Anyway since we donrsquot want our message to be only an encrypted and scrambled message
we must go back to the purpose of making the communication hidden
The two most important issues in this problem are
The choice of images
The choice of the format (24-bit or 8-bit compressed or not)
The cover image first of all must seem casual so it must be chosen between a set of subjects
that can have a reason to be exchanged between the source and the receiver Then it must
have quite varying colors it must be noisy so that the added noise is going to be covered
by the already present one Wide solid-color areas imagnify very much any little amount of
noise added to them Second there is a problem with the file size which involves the choice
of the format Unusually big files exchanged between two peers in fact are likely to arise
suspicion
To solve this problem it has been studied a modification to the JPEG algorithm that inserts
LSBs in some of the lossless stages or pilots the rounding of the coefficients of the DCT used
to compress the image to encode the bits Since we need to have small image file sizes we
should resort in using 8-bit images if we want to communicate using LSB insertion because
their size is more likely to be considered as normal
The problem with 256 colors images is that they make use of an indexed palette and
changing a LSB means that we switch a pixel from a position to an adjacent one If there are
adjacent contrasting colors in the palette it can happen that a pixel in the image changes its
color abruptly and the hidden message becomes visible
To solve this problem different methods have been studied like rearranging the palette so
that adjacent colors donrsquot contrast so much or even reducing the palette to a smaller number
of colors and replicating the same entry in the table in adjacent positions so that the
difference after the embedding of the message is not visible at all
Moreover for most images the reduction of colors from for instance 256 to 32 is hardly
visible Most of the experts anyway advise to use 8-bit grayscale images since their palette
is much less varying than the color one so LSB insertion is going to be very hard to detect by
the human eye
21
10SSIS - SPREAD SPECTRUM IMAGE STEGANOGRAPHY
Techniques of error-control coding image restoration and those similar to spread spectrum
communication are combined within the SSIS system The fundamental concept is the
embedding of the hidden information within noise which is then added to a digital cover
image This noise is typical of the noise inherent to the image acquisition process and if kept
at low levels is not perceptible to the human eye or by computer analysis without access to
the original image To successfully decode the message image restoration techniques and
error-control coding are employed Image restoration is used to obtain an approximate
estimate of the original cover image from the stegoimage This promotes the estimation of the
embedded signal that was added to the cover in addition to allowing SSIS to be a blind
steganography scheme
Finally because the noise is of low power and the restoration process is not perfect the
estimation of the embedded signal is poor resulting in an embedded signal bit error rate
(BER) that is rather high To compensate the message signal is processed by a low-rate
error-correcting code before embedding This conglomeration of communication and image
processing techniques provides a method of reliable blind image steganography
The major processes of the stegosystem encoder are portrayed Within the system the
message is optionally encrypted with key 1 and then encoded via a low-rate
errorcorrectingcode producing the encoded message Thesender enters key 2 into a wideband
pseudorandom noise generator producing a real-valued noise sequence sequently the
modulation scheme is used to combine the message with the noise sequence thereby
composing the embedded signal which is then input into an interleaver using key 3 This
signal is now added with the cover image to produce the stegoimage which is appropriately
quantized and clipped to preserve the initial dynamic range of the cover image The
stegoimage is then transmitted in some manner to the recipient At the receiver the
stegoimage is received by the recipient who maintains the same keys as the sender uses the
stegosystem decoder to extract the hidden information The decoder uses image restoration
techniques to produce an estimate of the original cover image from the received
stegoimage The difference between and
is fed into a keyed deinterleaver to construct an estimate of the embedded signal With key
2 the noise sequence is regenerated the encoded message is then demodulated and an
estimate of the encoded message is constructed The estimate of the message is then
22
decoded via the low-rate errorcontrol decoder optionally decrypted using key 1 and revealed
to the recipient
The interleaver in this scheme which reorders the embedded signal before it is added to the
cover image serves a dual function The first is to prevent a group or burst of errors This
allows the errors to occur almost independently within a codeword thus giving the error-
correcting code an equal chance at correcting the errors in all codewords Second since the
interleaver requires a key to stipulate the interleaving algorithm this key can serve as another
level of security to establish the proper order of the embedded signal before decoding
We point out this technique as an example for spread spectrum data-hiding methods Spread
spectrum techniques are now widely used in military radio communications due to their very
high robustness to detection and extraction SSIS is a quite mature process and its aim is to
achieve low detectability ease of extraction high data rate and good robustness to removal It
is based on spread spectrum techniques but it enhances them by adding other encoding steps
FigSSIS encoder
23
FigSSIS decoder
101Technique basics
The core of SSIS is a spread spectrum encoder These devices work by modulating a narrow
band signal over a carrier The carrierrsquos frequency is continually shifted using a
pseudorandom noise generator fed with a secret key In this way the spectral energy of the
signal is spread over a wide band thus decreasing its density usually under the noise level
To extract the embedded message the receiver must use the same key and noise generator to
tune on the right frequencies and demodulate the original signal A casual observer wonrsquot be
able even to detect the hidden communication since it is under the noise level
102Data Rate
The data rate for this technique can be fairly high but it depends on the choices made for the
different parameters of the encoding We can assume that the message will be compressed
before embedding to allow for a higher capacity The ECC encoder instead is going to insert
redundant data into the stream to be able to correct the errors The more errors we want to
correct the more bits will be added Then we have a tradeoff between good retrieval and
capacity If we can allow for small glitches in the recovered message then we can use a
weaker encoding
Moreover the more data we want to insert in the image the more noise we are going to add
to it Then if our cover is not noisy we will be able to hide very little data while if we
choose a noisy one its capacity will be higher Experiments with 512x512 grey scale images
(256 KB) could embed from 500 bytes to 5KB depending on the cover These experiments
used a spread spectrum signal powerful enough to give almost total error-free retrieval
because the compression method adopted didnrsquot allow for any errors This means a data rate
24
varying from 1 hidden-bytes50 cover-bytes to 10 hiddenbytes 50 cover-bytes a rate
surpassed only by LSB insertion
103Robustness
Spread spectrum techniques are usually quite robust Every transformation that adds noise to
the image isnrsquot able to destroy the message Anyway a determined attacker can quite easily
compromise the embedded data using some digital processing like for examplenoise
reduction filters the same that are used in decoding to estimate the original cover
104Ease of detectionextraction
Spread spectrum encoding is widely used in military communications for its robustness
against detection An attacker canrsquot usually even know if the message was embedded and
anyway it will be very hard for him to extract it without knowing the right key2 and key3
105Suitability for steganography or watermarking
Due to its fairly high capacity and low ease of detection and extraction SISS is very good for
steganography
106Problems and possible solutions
The basic tradeoff in using SSIS is between the error rate we can afford and the amount of
informations we want to embed that varies in turn the power of the added noise The ECC is
used to allow for a lower power without increasing the Bit Error Rate as well
Further improvements will deal with improving the original cover estimate stage so that itrsquoll
lead to a lower Bit Error Rate in the recovered signal allowing to use less redundant ECCs
The first is redundant encoding by dividing the cover into blocks and embedding the same
message in each of them so that the hidden data can be extracted even from a part of the
image as big as one block but the more of it we have the more certain we can be about the
result
Moreover they added to the spectrum a template that can through a log-polar transform
applied to the spectrum of the stegoimage determine the original scale factor and orientation
of the image rendering the stego-message virtually immune to scaling and rotation Finally
spread spectrum techniques can add an adaptive perceptual masking filter before the insertion
of the signal so that the added noise is quite sure to be under perceptual limits This
25
however will increase the error rate in the retrieval because it reduces the power of the
embedded signal
11Applications of Steganography
Steganography is applicable to but not limited to the following areas
1) Confidential communication and secret data storing
2) Protection of data alteration
3) Access control system for digital content distribution
4) Media Database systems
The area differs in what feature of the steganography is utilized in each system
111 Confidential communication and secret data storing
The secrecy of the embedded data is essential in this areaHistorically steganography have
been approached in this area Steganography provides us with
(A) Potential capability to hide the existence of confidential data
(B) Hardness of detecting the hidden (ie embedded) data
(C) Strengthening of the secrecy of the encrypted data
In practice when you use some steganography you must first select a vessel data according
to the size of the embedding data The vessel should be innocuous Then you embed the
confidential data by using an embedding program (which is one component of the
steganography software) together with some key When extracting you (or your party) use an
extracting program (another component) to recover the embedded data by the same key
( common key in terms of cryptography) In this case you need a key negotiation before
you start communication
Attaching a stego file to an e-mail message is the simplest example in this application area
But you and your party must do a sending-and-receiving action that could be noticed by a
third party So e-mailing is not a completely secret communication methodThere is an easy
method that has no key-negotiation We have a model of Anonymous Covert Mailing
System There is some other communication method that uses the Internet Webpage In this
26
method you dont need to send anything to your party and no one can detect your
communication
Each secrecy based application needs an embedding process which leaves the smallest
embedding evidence You may follow the following
(A) Choose a large vessel larger the better compared with the embedding data
(B) Discard the original vessel after embedding
For example in the case of Qtech Hide amp View it leaves some latent embedding evidence
even if the vessel has a very large embedding capacity You are recommended to embed only
25 or less (for PNG BMP output) of the maximum capacity or only 3 of the vessel size
(for JPEG output)
112 Protection of data alteration
We take advantage of the fragility of the embedded data in this application area
The embedded data can rather be fragile than be very robust Actually embedded data are
fragile in most steganography programs Especially Qtech Hide amp View program embeds
data in an extremely fragile manner However this fragility opens a new direction toward an
information-alteration protective system such as a Digital Certificate Document System
The most novel point among others is that no authentication bureau is needed If it is
implemented people can send their digital certificate data to any place in the world through
Internet No one can forge alter nor tamper such certificate data If forged altered or
tampered it is easily detected by the extraction program
Stated somewhat more formally the objective for making steganographic encoding difficult
to detect is to ensure that the changes to the carrier (the original signal) due to the injection of
the payload (the signal to covertly embed) are visually (and ideally statistically) negligible
that is to say the changes are indistinguishable from the noise floor of the carrier Any
medium can be a carrier but media with a large amount of redundant or compressible
information are better suited
From an information theoretical point of view this means that the channel must have more
capacity than the surface signal requires that is there must be redundancy For a digital
image this may be noise from the imaging element for digital audio it may be noise from
recording techniques or amplification equipment In general electronics that digitize an
analog signal suffer from several noise sources such as thermal noise flicker noise and shot
27
noise This noise provides enough variation in the captured digital information that it can be
exploited as a noise cover for hidden data In addition lossy compression schemes (such as
JPEG) always introduce some error into the decompressed data it is possible to exploit this
for steganographic use as well
Steganography can be used for digital watermarking where a message (being simply an
identifier) is hidden in an image so that its source can be tracked or verified (for example
Coded Anti-Piracy) or even just to identify an image (as in the EURion constellation)
113 Access control system for digital content distribution
In this area embedded data is hidden but is explained to publicize the contentToday
digital contents are getting more and more commonly distributed by Internet than ever before
For example music companies release new albums on their Webpage in a free or charged
manner However in this case all the contents are equally distributed to the people who
accessed the page So an ordinary Web distribution scheme is not suited for a case-by-case
and selective distribution Of course it is always possible to attach digital content to e-mail
messages and send to the customers But it will takes a lot of cost in time and labor
If you have some valuable content which you think it is okay to provide others if they really
need it and if it is possible to upload such content on the Web in some covert manner And if
you can issue a special access key to extract the content selectively you will be very happy
about it A steganographic scheme can help realize a this type of system
We have developed a prototype of an Access Control System for digital content
distribution through Internet The following steps explain the scheme
(1) A content owner classify hisher digital contents in a folder-by-folder manner and embed
the whole folders in some large vessel according to a steganographic method using folder
access keys and upload the embedded vessel (stego data) on hisher own Webpage
(2) On that Webpage the owner explains the contents in depth and publicize worldwide The
contact information to the owner (post mail address e-mail address phone number etc) will
be posted there
(3) The owner may receive an access-request from a customer who watched that Webpage In
that case the owner may (or may not) creates an access key and provide it to the customer
(free or charged)
28
In this mechanism the most important point is a selective extraction is possible or notWe
have already developed such a selective extraction program to implement the system
114 Media Database systems
In this application area of steganography secrecy is not important but unifying two types of
data into one is the most importantMedia data (photo picture movie music etc) have some
association with other information A photo picture for instance may have the following
(1) The title of the picture and some physical object information
(2) The date and the time when the picture was taken
(3) The camera and the photographers information
Formerly these are annotated beside the each picture in the albumRecently almost all
cameras are digitalized They are cheap in price easy to use quick to shoot They eventually
made people feel reluctant to work on annotating each picture Now most home PCs are
stuck with the huge amount of photo files In this situation it is very hard to find a specific
shot in the piles of pictures A photo album software may help a little You can sort the
pictures and put a couple of annotation words to each photo When you want to find a
specific picture you can make a search by keywords for the target picture However the
annotation data in such software are not unified with the target pictures Each annotation only
has a link to the picture Therefore when you transfer the pictures to a different album
software all the annotation data are lost
This problem is technically referred to as Metadata (eg annotation data) in a media
database system (a photo album software) are separated from the media data (photo data) in
the database managing system (DBMS) This is a big problem
Steganography can solve this problem because a steganography program unifies two types of
data into one by way of embedding operation So metadata can easily be transferred from
one system to another without hitch Specifically you can embed all your goodbad memory
(of your sight-seeing trip) in each snap shot of the digital photo You can either send the
embedded picture to your friend to extract your memory on hisher PC or you may keep it
silent in your own PC to enjoy extracting the memory ten years after If a motion picture
steganography system has been developed in the near future a keyword based movie-scene
retrieving system will be implemented It will be a step to a semantic movie retrieval system
29
12CONCLUSION
In this paper we tried to give an all-round view of steganography both used to exchange
messages and watermarking First we gave an outline of the problem telling also some of the
history of this quickly developing field Then we showed the different techniques invented
from the simplest to the more complex ones trying to evaluate them under many points of
view Major emphasis was put on data hiding in images for the techniques involved are
usually more mature than the corresponding ones for other kinds of informations Image
encoding algorithms can also be representative for manipulation of other types of media like
voice text binary files binary files communication channels etc
The strength of our system resides in the new concept of key image Involving two images
(the cover and the key) in place of only one (the cover) we are able to change the cover
coefficients randomly This opportunity does not give a steganalytic tool the chance of
searching for a predictable set of modifications The proposed approach has many
applications in hiding and coding messages within standard medias such as images or videos
As future work we intend to study steganalytic techniques for ISC and to extend ISC to
mobile video communication
Then we gave an outline of the problems involved with watermarking a field that has come
into light after the development of broadband worldwide digital networks Steganography and
digital watermarking are undergoing a development process similar to that of encryption
Steganographyrsquos niche in security is to supplement cryptography and not to replace it There
is a continuous invention of new techniques for steganography followed by successful
breakings and new improvements of them
30
13REFERENCES
Neil F Johnson Sushil Jajodia George Mason University Exploring
Steganography Seeing the Unseen IEEE Computers February 1998 pp 26-34
W Bender D Gruhl N Morimoto A Lu Techniques for Data Hiding IBM
Systems Journal Vol 35
Ross Anderson Roger Needham Adi Shamir The Steganographic File System 2nd
Information Hiding Workshop 1998
Ross J Anderson Fabien AP Petitcolas On the limits of steganographyrdquo
W Bender D Gruhl N Morimoto and A Lu ldquoTechniques for data hidingrdquo IBM
Syst J vol 35 1996
I J Cox J Kilian T Leighton and T Shamoon ldquoSecure spread spectrum
watermarking for images audio and videordquo in Proc IEEE Int Conf Image
Processing Lausanne Switzerland Sept 1996 vol 111 pp 243ndash246
D Kahn The CodebreakersmdashThe Story of Secret Writing New York Scribner
1967
F Johnson and S Jajodia ldquoExploring steganography Seeing the unseenrdquo IEEE
Computer Mag pp 26ndash34 Feb 1998
B Pfitzmann ldquoTrials of traced traitorsrdquo in Information Hiding First International
Workshop Lecture Notes in Computer Science R Anderson Ed Berlin Germany
Springer-Verlag 1996 vol 1 pp 49ndash64
J R Smith and B O Comisky ldquoModulation and information hiding in imagesrdquo in
Information Hiding First International Workshop Lecture Notes in Computer
Science R Anderson Ed Berlin Germany Springer-Verlag 1996 vol 1174 pp
207ndash226
L M Marvel and C G Boncelet Jr ldquoCapacity of the additive steganographic
channelrdquo submitted for publication
R van Schyndel A Tirkel and C Osborne ldquoA digital watermarkrdquo in Proc IEEE Int
Conf Image Processing 1994 vol 2 pp 86ndash90
R B Wolfgang and E J Delp ldquoA watermark for digital imagesrdquo in Proc IEEE Int
Conf Image Processing Lausanne Switzerland Sept 1996 vol 111 pp 219ndash222
31
- 84 Countermeasures and detection
- Detection of physical steganography requires careful physical examination including the use of magnification developer chemicals and ultraviolet light It is a time-consuming process with obvious resource implications even in countries where large numbers of people are employed to spy on their fellow nationals However it is feasible to screen mail of certain suspected individuals or institutions such as prisons or prisoner-of-war (POW) camps During World War II a technology used to ease monitoring of POW mail was specially treated paper that would reveal invisible ink An article in the June 24 1948 issue of Paper Trade Journal by the Technical Director of the United States Government Printing Office Morris S Kantrowitz describes in general terms the development of this paper three prototypes of which were named Sensicoat Anilith and Coatalith paper These were for the manufacture of post cards and stationery to be given to German prisoners of war in the US and Canada If POWs tried to write a hidden message the special paper would render it visible At least two US patents were granted related to this technology one to Mr Kantrowitz No 2515232 Water-Detecting paper and Water-Detecting Coating Composition Therefor patented July 18 1950 and an earlier one Moisture-Sensitive Paper and the Manufacture Thereof No 2445586 patented July 20 1948 A similar strategy is to issue prisoners with writing paper ruled with a water-soluble ink that runs when in contact with a water-based invisible ink
-
Cover medium This is the medium in which we want to hide data it can be an innocent
looking piece of information for steganography or some important medium that must be
protected for copyright or integrity reasons
Embedded message This is the hidden message we want to put in the cover It can be some
data for steganography and some copyright informations or added content for digital
watermarking
Stegokey This is represented by some secret information which is needed in order to extract
the embedded message from the stegomedium
Stego-medium This is the final piece of information that the casual observer can see
We can define this simple formula
Cover-medium + embedded-message = stego-message
6BASIC METHOD BEHIND STEGANOGRAPHY
FigSteganography process
7IMAGE FILES
To a computer an image is an array of numbers that represent an array of numbers that
represent light intensities at various points or pixels These pixels make up the imagersquos raster
data A common image size is 640 480 and 256 colors (or 8 bits per pixel) Such an image
could contain about 300 kb of data Digital images are typically stored as either 24-bit or 8-
11
bit files A 24-bit image provides the most space for hiding information however it can be
quite large except for the JPEG images A 24-bit image of 1024 pixels width and 768 pixels
height has more than two million pixels each having 24-bits which would produce a file
exceeding 2 Mega bytes Such a file would attract attention during transmission File
compression would thus be beneficial if not necessary to transmit such a file
71File compression
There are two types of file compression methods- lossless and lossy Both methods save
storage space but have different results interfering with the hidden information when
information is uncompressed Lossless compression lets us reconstruct the original message
exactly therefore it is preferred when the original information must remain intact (as with
steganographic images) Lossless compression as typical of images saved as GIF and 8-bit
BMP Lossless compression on the other hand saves space but may not maintain the original
imagersquos integrity This method typifies images saved as JPEG Due to the lossy compression
algorithm which we discuss later the JPEG formats provide close approximations to high-
quality digital photographs but not an exact duplicate Hence the term ldquolossy compressionrdquo
72Embedding data
Embedding data which is to be hidden into an image requires two files The first is the
innocent looking image that will hold the hidden information called the cover image The
second file is the message- the information to be hidden A message may be plain text cipher
text other images or anything that can be embedded in a bit stream when combined the
cover image and the embedded message make a stego- image A stego-key (a type of
password) may also be used to hide and then later decode the message
Most steganographic software neither supports not recommends using JPEG images But
recommends instead the use of lossless 24-bit images such as BMP The next best alternative
to 24-bit images is 256- color or gray scale images The most common of these found on the
Internet are GIF files
Every AC coefficient in the interval [minus88] is shown on the yaxis in Fig 7 in particular the
black columns represent the differences introduced by F5 embedding step while the white
ones correspond to the number of modifications yielded by ISC embedding process
12
Fig ISC for JPEG sequence(Embedded step)
FigISC for JPEG sequence(Extracting step)
In 8-bit color images such as GIF files each pixel is represented by a single byte and each
pixel nearly points to a color index able (a palette) with 256 possible colors The pixels value
is between 0 and 255 The software simply paints the indicated color on the screen at the
selected pixel position
Many steganography experts recommend the use of images featuring 256 shades of grapy
Gray scale images are preferred because the shades change very gradually from byte to byte
and the less the value changes between palette entries the better they can hide information
13
When considering an image in which to hide information you must consider the image as
well as the palette Obviously an image with large areas of solid colors is a poor choice as
variances created from the embedded massage will be noticeable in the solid areas
73 Data embedded security system
The choice of embedding algorithm in the most cases is driven by the results of the
steganographic channel robustness analysis One of the areas that improves steganographic
robustness is usage of a key scheme for embedding messagesVarious key steganographic
schemes have various levels of protection Key scheme term means a procedure of how to use
key steganographic system based on the extent of its use However when the steganographic
robustness is increased a bandwidth of the whole embedding system is decreased Therefore
the task of a scheme selection for achieving the optimal values of the steganographic system
is not trivial
Embedding messages in steganographic system can be carried out without use of a key or
with use of a key To improve steganographic robustness key can be used as a verification
option It can make an impact on the distribution of bits of a message within a container as
well as an impact on the procedure of forming a sequence of embedded bits of a message
The first level of protection is determined only by the choice of embedding algorithm This
may be the least significant bits modification algorithm or algorithms for modifying the
frequency or spatial-temporal characteristics of the container The first level of protection is
presented in any steganographic channel Steganographic system in this case can be
represented as shown at The First Protection Level Scheme figure There following notations
are used c - is a container file F - steganographic channel space (frequency orand amplitude
container part that is available for steganographic modification and message signal
transmission) SC - steganographic system m - message to be embedded E - embedding
method ĉ - modified container file
The second protection level of the steganographic system as well as all levels of protection
of the higher orders is characterized by the use of Key (password) via steganographic
modification An example of a simple key scheme which provides a second level of
protection is to write the unmodified or modified password in the top or bottom of the
message or the distribution of the password sign on the entire length of the steganographic
channel Such key schemes do not affect the distribution of messages through the container
and do not use a message preprocessing according to the defined key (see figure The Second
14
Protection Level Scheme) This kind of steganographic systems are used in such tasks as for
instance adding a digital signature for proof of copyright Data embedding performance is
not changed in comparison with the fastest approach of the first protection level usage
Steganographic data channels that use key schemes based distribution of a message through
the container and or preprocessing of an embedded message for data hiding are more secure
When the third protection level key scheme is used it affects the distribution of a message
through the container (see figure The Third Protection Level Scheme where F(P L) ndash
distribution function of a message within a container P ndash minimum number of container
samples that are needed to embed one message sample L ndash step of a message distribution
within a container) Accordingly the performance of container processing will be lower than
in the case of the first and the second key schemes Taking into account that PgeL the
simplest representation of the F(P L) function could be as following
F(P L) = cycleL + stepP
where cycle is a number of the current L section and step is a number of the embedded
message sample
The difference between the fourth protection level scheme and the third one is that in
steganographic system there are two distribution functions of a message within a container
are used The first is responsible for a message samples selection according to some function
G(Q N) and the second function F(P L) is responsible for position selection in a container
for message sample hiding Here Q ndash the size of message block to be inserted N ndash the size (in
bits) of one sample of the message file (see figure The Fourth Protection Level Scheme)
8CONCEALMENT IN DIGITAL IMAGES
Information can be hidden many different ways in images To hide information straight
message insertion may encode every bit of information in the message or selectively embed
the message in ldquonoisyrdquo areas that draw less attention- those areas where there is a great deal
of natural color variation The message may also be scattered randomly throughout the
image Redundant pattern encoding ldquowallpapersrdquo the cover image with the message
Image based Steganography is the most popular method for message concealment In this
paper two techniques are proposed for enhancing the message secrecy using image based
steganography The first technique is based on the use of punctuation marks to encode a
secret message before embedding it into the image file The second technique is based on the
15
use of modified scytale cipher to hide a secret message in an image file Both of these
techniques have been implemented and tested using the S-Tools software package The
original and stego-images both are shown for the purpose of comparison
A number of ways exist to hide information in digital images Common approaches include
1048766 Least significant bit (LSB) insertion
1048766 Masking and filtering
1048766 Algorithms and transformations
81Least significant bit insertion
Least significant Bit insertion is a common simple approach to embedding information in a
cover file To hide an image in the LSBs of each byte of a 24-bit image you can store 3 bits
in each pixel A 1024 768 image has the potential to hide a total of 2359296 bits of
information Ti you compress the message to be hidden before you embed it you can hide a
large amount of information To the human eye the resulting stego-image will look identical
to the cover image
82Masking and Filtering
Masking and filtering techniques usually restricted to 24-bit and tray-scale images hide
information by marking an image in a manner similar to paper watermarks Watermarking
techniques may be applied without fear of image destruction due to lossy compression
because they are more integrated into the image
Visible watermarks are not steganography by definition The difference is primarily one of
intent Traditional steganography conceals information watermarks extend information and
become an attribute of the cover image Digital watermarks may include such information as
copyright ownership or license In steganography the object of communication is the hidden
message In digital watermarking the object of communication is the cover
To create a watermarked image we increase the luminance of the masked area by 15
percent If we were to change the luminance by a smaller percentage the mask would be
undetected by the human eye Now we can use the watermarked image to hide plaintext or
encoded information
Masking is more robust than LSB insertion with respect to compression cropping and some
image processing Masking techniques embed information in more significant areas so that
16
the hidden message is more integral to the cover image than just hiding it in the ldquonoiserdquo level
This makes it more suitable than LSB with lossy JPEG images
83Algorithms and Transformations
LSB manipulation is a quick and easy way to hide information but is vulnerable to small
changes resulting from image processing or lossy compression Such compression is a key
advantage that JPEG images have over other formats High quality images can be stored in
relatively small files using JPEG compression method
One steganographic method that integrates the compression algorithm for hiding the
information is Jpeg-Jsteg Jpeg-Jsteg creates a JPEG stego image from the input of a message
to be hidden and a lossless cover mage
Another method used in Patchwork and similar techniques is the redundant pattern encoding
Here the hidden information is scattered throughout the cover mage These approaches may
help protect against image processing such as cropping and rotations and they hide
information more thoroughly than by simply masking They also support image manipulation
more readily than tools that rely on LSB In using redundant pattern encoding you must trade
off message size against robustness A large message may be embedded only once because it
would occupy a much greater portion of the image area
Other techniques encrypt and scatter the hidden data throughout an image Scattering the
message makes it appear more like noise Proponents of this approach assume that even if the
message bits are extracted they will be useless without the algorithm and stego-key to
decode them Scattering and encryption helps protect against hidden message extraction but
not against message destruction through image processing A scattered message in the
imagersquos LSBs is still as vulnerable to destruction from lossy compression and image
processing as is a clear text message inserted in the LSBs
84 Countermeasures and detection
Detection of physical steganography requires careful physical examination including the use
of magnification developer chemicals and ultraviolet light It is a time-consuming process
with obvious resource implications even in countries where large numbers of people are
employed to spy on their fellow nationals However it is feasible to screen mail of certain
suspected individuals or institutions such as prisons or prisoner-of-war (POW) camps
During World War II a technology used to ease monitoring of POW mail was specially
17
treated paper that would reveal invisible ink An article in the June 24 1948 issue of Paper
Trade Journal by the Technical Director of the United States Government Printing Office
Morris S Kantrowitz describes in general terms the development of this paper three
prototypes of which were named Sensicoat Anilith and Coatalith paper These were for the
manufacture of post cards and stationery to be given to German prisoners of war in the US
and Canada If POWs tried to write a hidden message the special paper would render it
visible At least two US patents were granted related to this technology one to Mr
Kantrowitz No 2515232 Water-Detecting paper and Water-Detecting Coating
Composition Therefor patented July 18 1950 and an earlier one Moisture-Sensitive Paper
and the Manufacture Thereof No 2445586 patented July 20 1948 A similar strategy is to
issue prisoners with writing paper ruled with a water-soluble ink that runs when in contact
with a water-based invisible ink
In computing detection of steganographically encoded packages is called steganalysis The
simplest method to detect modified files however is to compare them to known originals
For example to detect information being moved through the graphics on a website an analyst
can maintain known-clean copies of these materials and compare them against the current
contents of the site The differences assuming the carrier is the same will compose the
payload In general using extremely high compression rate makes steganography difficult
but not impossible While compression errors provide a hiding place for data high
compression reduces the amount of data available to hide the payload in raising the encoding
density and facilitating easier detection (in the extreme case even by casual observation)
9 LEAST SIGNIFICANT BIT (LSB) INSERTION
91Technique basics
Today when converting an analog image to digital format we usually choose between three
different ways of representing colors
1048766 24-bit color every pixel can have one in 2^24 colors and these are represented as different
quantities of three basic colors red (R) green (G) blue (B) given by 8 bits (256 values)
each
18
1048766 8-bit color every pixel can have one in 256 (2^8) colors chosen from a palette or a table
of colors
1048766 8-bit gray-scale every pixel can have one in 256 (2^8) shades of gray
LSB insertion modifies the LSBs of each color in 24-bit images or the LSBs of the 8-bit
value for 8-bit images
92Data Rate
The most basic of LSBs insertion for 24-bit pictures inserts 3 bitspixel Since every pixel is
24 bits we can hide
3 hidden-bitspixel 24 data-bitspixel = 18 hidden-bitsdatabits
So for this case we hide 1 bit of the embedded message for every 8 bits of the cover image If
we pushed the insertion to include the second LSBs the formula would change to
6 hidden-bitspixel 24 data-bitspixel = 28 hidden-bitsdatabits
And we would hide 2 bits of the embedded message for every 8 bits of the cover image
Adding a third-bit insertion we would get
9 hidden-bitspixel 24 data-bitspixel = 38 hidden-bitsdatabits
Acquiring a data rate of 3 embedded bits every 8 bits of the image The data rate for insertion
in 8-bit images is analogous to the 1 LSB insertion in 24-bit images or 1 embedded bit every
8 cover bits We can see the problem in another light and ask how many cover bytes are
needed to send an embedded byte
For 1-LSB insertion in 24-bit images or in 8-bit images this value would be 818 = 8 Bytes
For 2-LSBs insertion in 24-bit pictures it would be 828 = 4 Bytes for 3-LSBs insertion it
would be 838 = 2133 Bytes
93Robustness
LSB insertion is very vulnerable to a lot of transformationseven the most harmless and usual
ones Lossy compression eg JPEG is very likely to destroy it completely The problem is
that the holes in the Human Visual System that LSB insertion tries to exploit ndash little
sensitivity to added noise - are the same that lossy compression algorithms rely on to be able
to reduce the data rate of images
19
Geometrical transformations moving the pixels around and especially message and the only
one that could allow recovery is a simple translation Any other kind of picture
transformation like blurring or other effects usually will destroy the hidden data All in all
LSB insertion is a very little robust technique for data hiding displacing them from the
original grid are likely to destroy the embedded
94Ease of detectionextraction
There is no theoretical outstanding mark of LSB insertion if not a little increase of
background noise Itrsquos very easy instead to extract LSBs even with simple programs and to
check them later to find if they mean something or not
95Suitability for steganography or watermarking
First of all since it is a so vulnerable technique even for simple processing LSB insertion is
almost useless for digital watermarking where it must face malicious attempts at its
destruction plus normal transformations like compressiondecompression or conversion to
analog (printing or visualization)conversion to digital (scanning) Its comparatively high data
rate can point it as a good technique for steganography where robustness is not such an
important constraint
96Problems and possible solutions
Having stated that LSB insertion is good for steganography we can try to improve one of its
major drawbacks the ease of extraction We donrsquot want that a malicious attacker be able to
read everything we are sending
This is usually accomplished with two complementary techniques
Encryption of the message so that who extracts it must also decrypt it before it makes
sense
Randomizing the placement of the bits using a cryptographical random function
(scattering) so that itrsquos almost impossible to rebuild the message without knowing the
seed for the random function
In this way the message is protected by two different keys acquiring much more
confidentiality than before This approach protects also the integrity of the message being
much more difficult (we could say at least computationally infeasible) to counterfeit the
message
20
Anyway since we donrsquot want our message to be only an encrypted and scrambled message
we must go back to the purpose of making the communication hidden
The two most important issues in this problem are
The choice of images
The choice of the format (24-bit or 8-bit compressed or not)
The cover image first of all must seem casual so it must be chosen between a set of subjects
that can have a reason to be exchanged between the source and the receiver Then it must
have quite varying colors it must be noisy so that the added noise is going to be covered
by the already present one Wide solid-color areas imagnify very much any little amount of
noise added to them Second there is a problem with the file size which involves the choice
of the format Unusually big files exchanged between two peers in fact are likely to arise
suspicion
To solve this problem it has been studied a modification to the JPEG algorithm that inserts
LSBs in some of the lossless stages or pilots the rounding of the coefficients of the DCT used
to compress the image to encode the bits Since we need to have small image file sizes we
should resort in using 8-bit images if we want to communicate using LSB insertion because
their size is more likely to be considered as normal
The problem with 256 colors images is that they make use of an indexed palette and
changing a LSB means that we switch a pixel from a position to an adjacent one If there are
adjacent contrasting colors in the palette it can happen that a pixel in the image changes its
color abruptly and the hidden message becomes visible
To solve this problem different methods have been studied like rearranging the palette so
that adjacent colors donrsquot contrast so much or even reducing the palette to a smaller number
of colors and replicating the same entry in the table in adjacent positions so that the
difference after the embedding of the message is not visible at all
Moreover for most images the reduction of colors from for instance 256 to 32 is hardly
visible Most of the experts anyway advise to use 8-bit grayscale images since their palette
is much less varying than the color one so LSB insertion is going to be very hard to detect by
the human eye
21
10SSIS - SPREAD SPECTRUM IMAGE STEGANOGRAPHY
Techniques of error-control coding image restoration and those similar to spread spectrum
communication are combined within the SSIS system The fundamental concept is the
embedding of the hidden information within noise which is then added to a digital cover
image This noise is typical of the noise inherent to the image acquisition process and if kept
at low levels is not perceptible to the human eye or by computer analysis without access to
the original image To successfully decode the message image restoration techniques and
error-control coding are employed Image restoration is used to obtain an approximate
estimate of the original cover image from the stegoimage This promotes the estimation of the
embedded signal that was added to the cover in addition to allowing SSIS to be a blind
steganography scheme
Finally because the noise is of low power and the restoration process is not perfect the
estimation of the embedded signal is poor resulting in an embedded signal bit error rate
(BER) that is rather high To compensate the message signal is processed by a low-rate
error-correcting code before embedding This conglomeration of communication and image
processing techniques provides a method of reliable blind image steganography
The major processes of the stegosystem encoder are portrayed Within the system the
message is optionally encrypted with key 1 and then encoded via a low-rate
errorcorrectingcode producing the encoded message Thesender enters key 2 into a wideband
pseudorandom noise generator producing a real-valued noise sequence sequently the
modulation scheme is used to combine the message with the noise sequence thereby
composing the embedded signal which is then input into an interleaver using key 3 This
signal is now added with the cover image to produce the stegoimage which is appropriately
quantized and clipped to preserve the initial dynamic range of the cover image The
stegoimage is then transmitted in some manner to the recipient At the receiver the
stegoimage is received by the recipient who maintains the same keys as the sender uses the
stegosystem decoder to extract the hidden information The decoder uses image restoration
techniques to produce an estimate of the original cover image from the received
stegoimage The difference between and
is fed into a keyed deinterleaver to construct an estimate of the embedded signal With key
2 the noise sequence is regenerated the encoded message is then demodulated and an
estimate of the encoded message is constructed The estimate of the message is then
22
decoded via the low-rate errorcontrol decoder optionally decrypted using key 1 and revealed
to the recipient
The interleaver in this scheme which reorders the embedded signal before it is added to the
cover image serves a dual function The first is to prevent a group or burst of errors This
allows the errors to occur almost independently within a codeword thus giving the error-
correcting code an equal chance at correcting the errors in all codewords Second since the
interleaver requires a key to stipulate the interleaving algorithm this key can serve as another
level of security to establish the proper order of the embedded signal before decoding
We point out this technique as an example for spread spectrum data-hiding methods Spread
spectrum techniques are now widely used in military radio communications due to their very
high robustness to detection and extraction SSIS is a quite mature process and its aim is to
achieve low detectability ease of extraction high data rate and good robustness to removal It
is based on spread spectrum techniques but it enhances them by adding other encoding steps
FigSSIS encoder
23
FigSSIS decoder
101Technique basics
The core of SSIS is a spread spectrum encoder These devices work by modulating a narrow
band signal over a carrier The carrierrsquos frequency is continually shifted using a
pseudorandom noise generator fed with a secret key In this way the spectral energy of the
signal is spread over a wide band thus decreasing its density usually under the noise level
To extract the embedded message the receiver must use the same key and noise generator to
tune on the right frequencies and demodulate the original signal A casual observer wonrsquot be
able even to detect the hidden communication since it is under the noise level
102Data Rate
The data rate for this technique can be fairly high but it depends on the choices made for the
different parameters of the encoding We can assume that the message will be compressed
before embedding to allow for a higher capacity The ECC encoder instead is going to insert
redundant data into the stream to be able to correct the errors The more errors we want to
correct the more bits will be added Then we have a tradeoff between good retrieval and
capacity If we can allow for small glitches in the recovered message then we can use a
weaker encoding
Moreover the more data we want to insert in the image the more noise we are going to add
to it Then if our cover is not noisy we will be able to hide very little data while if we
choose a noisy one its capacity will be higher Experiments with 512x512 grey scale images
(256 KB) could embed from 500 bytes to 5KB depending on the cover These experiments
used a spread spectrum signal powerful enough to give almost total error-free retrieval
because the compression method adopted didnrsquot allow for any errors This means a data rate
24
varying from 1 hidden-bytes50 cover-bytes to 10 hiddenbytes 50 cover-bytes a rate
surpassed only by LSB insertion
103Robustness
Spread spectrum techniques are usually quite robust Every transformation that adds noise to
the image isnrsquot able to destroy the message Anyway a determined attacker can quite easily
compromise the embedded data using some digital processing like for examplenoise
reduction filters the same that are used in decoding to estimate the original cover
104Ease of detectionextraction
Spread spectrum encoding is widely used in military communications for its robustness
against detection An attacker canrsquot usually even know if the message was embedded and
anyway it will be very hard for him to extract it without knowing the right key2 and key3
105Suitability for steganography or watermarking
Due to its fairly high capacity and low ease of detection and extraction SISS is very good for
steganography
106Problems and possible solutions
The basic tradeoff in using SSIS is between the error rate we can afford and the amount of
informations we want to embed that varies in turn the power of the added noise The ECC is
used to allow for a lower power without increasing the Bit Error Rate as well
Further improvements will deal with improving the original cover estimate stage so that itrsquoll
lead to a lower Bit Error Rate in the recovered signal allowing to use less redundant ECCs
The first is redundant encoding by dividing the cover into blocks and embedding the same
message in each of them so that the hidden data can be extracted even from a part of the
image as big as one block but the more of it we have the more certain we can be about the
result
Moreover they added to the spectrum a template that can through a log-polar transform
applied to the spectrum of the stegoimage determine the original scale factor and orientation
of the image rendering the stego-message virtually immune to scaling and rotation Finally
spread spectrum techniques can add an adaptive perceptual masking filter before the insertion
of the signal so that the added noise is quite sure to be under perceptual limits This
25
however will increase the error rate in the retrieval because it reduces the power of the
embedded signal
11Applications of Steganography
Steganography is applicable to but not limited to the following areas
1) Confidential communication and secret data storing
2) Protection of data alteration
3) Access control system for digital content distribution
4) Media Database systems
The area differs in what feature of the steganography is utilized in each system
111 Confidential communication and secret data storing
The secrecy of the embedded data is essential in this areaHistorically steganography have
been approached in this area Steganography provides us with
(A) Potential capability to hide the existence of confidential data
(B) Hardness of detecting the hidden (ie embedded) data
(C) Strengthening of the secrecy of the encrypted data
In practice when you use some steganography you must first select a vessel data according
to the size of the embedding data The vessel should be innocuous Then you embed the
confidential data by using an embedding program (which is one component of the
steganography software) together with some key When extracting you (or your party) use an
extracting program (another component) to recover the embedded data by the same key
( common key in terms of cryptography) In this case you need a key negotiation before
you start communication
Attaching a stego file to an e-mail message is the simplest example in this application area
But you and your party must do a sending-and-receiving action that could be noticed by a
third party So e-mailing is not a completely secret communication methodThere is an easy
method that has no key-negotiation We have a model of Anonymous Covert Mailing
System There is some other communication method that uses the Internet Webpage In this
26
method you dont need to send anything to your party and no one can detect your
communication
Each secrecy based application needs an embedding process which leaves the smallest
embedding evidence You may follow the following
(A) Choose a large vessel larger the better compared with the embedding data
(B) Discard the original vessel after embedding
For example in the case of Qtech Hide amp View it leaves some latent embedding evidence
even if the vessel has a very large embedding capacity You are recommended to embed only
25 or less (for PNG BMP output) of the maximum capacity or only 3 of the vessel size
(for JPEG output)
112 Protection of data alteration
We take advantage of the fragility of the embedded data in this application area
The embedded data can rather be fragile than be very robust Actually embedded data are
fragile in most steganography programs Especially Qtech Hide amp View program embeds
data in an extremely fragile manner However this fragility opens a new direction toward an
information-alteration protective system such as a Digital Certificate Document System
The most novel point among others is that no authentication bureau is needed If it is
implemented people can send their digital certificate data to any place in the world through
Internet No one can forge alter nor tamper such certificate data If forged altered or
tampered it is easily detected by the extraction program
Stated somewhat more formally the objective for making steganographic encoding difficult
to detect is to ensure that the changes to the carrier (the original signal) due to the injection of
the payload (the signal to covertly embed) are visually (and ideally statistically) negligible
that is to say the changes are indistinguishable from the noise floor of the carrier Any
medium can be a carrier but media with a large amount of redundant or compressible
information are better suited
From an information theoretical point of view this means that the channel must have more
capacity than the surface signal requires that is there must be redundancy For a digital
image this may be noise from the imaging element for digital audio it may be noise from
recording techniques or amplification equipment In general electronics that digitize an
analog signal suffer from several noise sources such as thermal noise flicker noise and shot
27
noise This noise provides enough variation in the captured digital information that it can be
exploited as a noise cover for hidden data In addition lossy compression schemes (such as
JPEG) always introduce some error into the decompressed data it is possible to exploit this
for steganographic use as well
Steganography can be used for digital watermarking where a message (being simply an
identifier) is hidden in an image so that its source can be tracked or verified (for example
Coded Anti-Piracy) or even just to identify an image (as in the EURion constellation)
113 Access control system for digital content distribution
In this area embedded data is hidden but is explained to publicize the contentToday
digital contents are getting more and more commonly distributed by Internet than ever before
For example music companies release new albums on their Webpage in a free or charged
manner However in this case all the contents are equally distributed to the people who
accessed the page So an ordinary Web distribution scheme is not suited for a case-by-case
and selective distribution Of course it is always possible to attach digital content to e-mail
messages and send to the customers But it will takes a lot of cost in time and labor
If you have some valuable content which you think it is okay to provide others if they really
need it and if it is possible to upload such content on the Web in some covert manner And if
you can issue a special access key to extract the content selectively you will be very happy
about it A steganographic scheme can help realize a this type of system
We have developed a prototype of an Access Control System for digital content
distribution through Internet The following steps explain the scheme
(1) A content owner classify hisher digital contents in a folder-by-folder manner and embed
the whole folders in some large vessel according to a steganographic method using folder
access keys and upload the embedded vessel (stego data) on hisher own Webpage
(2) On that Webpage the owner explains the contents in depth and publicize worldwide The
contact information to the owner (post mail address e-mail address phone number etc) will
be posted there
(3) The owner may receive an access-request from a customer who watched that Webpage In
that case the owner may (or may not) creates an access key and provide it to the customer
(free or charged)
28
In this mechanism the most important point is a selective extraction is possible or notWe
have already developed such a selective extraction program to implement the system
114 Media Database systems
In this application area of steganography secrecy is not important but unifying two types of
data into one is the most importantMedia data (photo picture movie music etc) have some
association with other information A photo picture for instance may have the following
(1) The title of the picture and some physical object information
(2) The date and the time when the picture was taken
(3) The camera and the photographers information
Formerly these are annotated beside the each picture in the albumRecently almost all
cameras are digitalized They are cheap in price easy to use quick to shoot They eventually
made people feel reluctant to work on annotating each picture Now most home PCs are
stuck with the huge amount of photo files In this situation it is very hard to find a specific
shot in the piles of pictures A photo album software may help a little You can sort the
pictures and put a couple of annotation words to each photo When you want to find a
specific picture you can make a search by keywords for the target picture However the
annotation data in such software are not unified with the target pictures Each annotation only
has a link to the picture Therefore when you transfer the pictures to a different album
software all the annotation data are lost
This problem is technically referred to as Metadata (eg annotation data) in a media
database system (a photo album software) are separated from the media data (photo data) in
the database managing system (DBMS) This is a big problem
Steganography can solve this problem because a steganography program unifies two types of
data into one by way of embedding operation So metadata can easily be transferred from
one system to another without hitch Specifically you can embed all your goodbad memory
(of your sight-seeing trip) in each snap shot of the digital photo You can either send the
embedded picture to your friend to extract your memory on hisher PC or you may keep it
silent in your own PC to enjoy extracting the memory ten years after If a motion picture
steganography system has been developed in the near future a keyword based movie-scene
retrieving system will be implemented It will be a step to a semantic movie retrieval system
29
12CONCLUSION
In this paper we tried to give an all-round view of steganography both used to exchange
messages and watermarking First we gave an outline of the problem telling also some of the
history of this quickly developing field Then we showed the different techniques invented
from the simplest to the more complex ones trying to evaluate them under many points of
view Major emphasis was put on data hiding in images for the techniques involved are
usually more mature than the corresponding ones for other kinds of informations Image
encoding algorithms can also be representative for manipulation of other types of media like
voice text binary files binary files communication channels etc
The strength of our system resides in the new concept of key image Involving two images
(the cover and the key) in place of only one (the cover) we are able to change the cover
coefficients randomly This opportunity does not give a steganalytic tool the chance of
searching for a predictable set of modifications The proposed approach has many
applications in hiding and coding messages within standard medias such as images or videos
As future work we intend to study steganalytic techniques for ISC and to extend ISC to
mobile video communication
Then we gave an outline of the problems involved with watermarking a field that has come
into light after the development of broadband worldwide digital networks Steganography and
digital watermarking are undergoing a development process similar to that of encryption
Steganographyrsquos niche in security is to supplement cryptography and not to replace it There
is a continuous invention of new techniques for steganography followed by successful
breakings and new improvements of them
30
13REFERENCES
Neil F Johnson Sushil Jajodia George Mason University Exploring
Steganography Seeing the Unseen IEEE Computers February 1998 pp 26-34
W Bender D Gruhl N Morimoto A Lu Techniques for Data Hiding IBM
Systems Journal Vol 35
Ross Anderson Roger Needham Adi Shamir The Steganographic File System 2nd
Information Hiding Workshop 1998
Ross J Anderson Fabien AP Petitcolas On the limits of steganographyrdquo
W Bender D Gruhl N Morimoto and A Lu ldquoTechniques for data hidingrdquo IBM
Syst J vol 35 1996
I J Cox J Kilian T Leighton and T Shamoon ldquoSecure spread spectrum
watermarking for images audio and videordquo in Proc IEEE Int Conf Image
Processing Lausanne Switzerland Sept 1996 vol 111 pp 243ndash246
D Kahn The CodebreakersmdashThe Story of Secret Writing New York Scribner
1967
F Johnson and S Jajodia ldquoExploring steganography Seeing the unseenrdquo IEEE
Computer Mag pp 26ndash34 Feb 1998
B Pfitzmann ldquoTrials of traced traitorsrdquo in Information Hiding First International
Workshop Lecture Notes in Computer Science R Anderson Ed Berlin Germany
Springer-Verlag 1996 vol 1 pp 49ndash64
J R Smith and B O Comisky ldquoModulation and information hiding in imagesrdquo in
Information Hiding First International Workshop Lecture Notes in Computer
Science R Anderson Ed Berlin Germany Springer-Verlag 1996 vol 1174 pp
207ndash226
L M Marvel and C G Boncelet Jr ldquoCapacity of the additive steganographic
channelrdquo submitted for publication
R van Schyndel A Tirkel and C Osborne ldquoA digital watermarkrdquo in Proc IEEE Int
Conf Image Processing 1994 vol 2 pp 86ndash90
R B Wolfgang and E J Delp ldquoA watermark for digital imagesrdquo in Proc IEEE Int
Conf Image Processing Lausanne Switzerland Sept 1996 vol 111 pp 219ndash222
31
- 84 Countermeasures and detection
- Detection of physical steganography requires careful physical examination including the use of magnification developer chemicals and ultraviolet light It is a time-consuming process with obvious resource implications even in countries where large numbers of people are employed to spy on their fellow nationals However it is feasible to screen mail of certain suspected individuals or institutions such as prisons or prisoner-of-war (POW) camps During World War II a technology used to ease monitoring of POW mail was specially treated paper that would reveal invisible ink An article in the June 24 1948 issue of Paper Trade Journal by the Technical Director of the United States Government Printing Office Morris S Kantrowitz describes in general terms the development of this paper three prototypes of which were named Sensicoat Anilith and Coatalith paper These were for the manufacture of post cards and stationery to be given to German prisoners of war in the US and Canada If POWs tried to write a hidden message the special paper would render it visible At least two US patents were granted related to this technology one to Mr Kantrowitz No 2515232 Water-Detecting paper and Water-Detecting Coating Composition Therefor patented July 18 1950 and an earlier one Moisture-Sensitive Paper and the Manufacture Thereof No 2445586 patented July 20 1948 A similar strategy is to issue prisoners with writing paper ruled with a water-soluble ink that runs when in contact with a water-based invisible ink
-
bit files A 24-bit image provides the most space for hiding information however it can be
quite large except for the JPEG images A 24-bit image of 1024 pixels width and 768 pixels
height has more than two million pixels each having 24-bits which would produce a file
exceeding 2 Mega bytes Such a file would attract attention during transmission File
compression would thus be beneficial if not necessary to transmit such a file
71File compression
There are two types of file compression methods- lossless and lossy Both methods save
storage space but have different results interfering with the hidden information when
information is uncompressed Lossless compression lets us reconstruct the original message
exactly therefore it is preferred when the original information must remain intact (as with
steganographic images) Lossless compression as typical of images saved as GIF and 8-bit
BMP Lossless compression on the other hand saves space but may not maintain the original
imagersquos integrity This method typifies images saved as JPEG Due to the lossy compression
algorithm which we discuss later the JPEG formats provide close approximations to high-
quality digital photographs but not an exact duplicate Hence the term ldquolossy compressionrdquo
72Embedding data
Embedding data which is to be hidden into an image requires two files The first is the
innocent looking image that will hold the hidden information called the cover image The
second file is the message- the information to be hidden A message may be plain text cipher
text other images or anything that can be embedded in a bit stream when combined the
cover image and the embedded message make a stego- image A stego-key (a type of
password) may also be used to hide and then later decode the message
Most steganographic software neither supports not recommends using JPEG images But
recommends instead the use of lossless 24-bit images such as BMP The next best alternative
to 24-bit images is 256- color or gray scale images The most common of these found on the
Internet are GIF files
Every AC coefficient in the interval [minus88] is shown on the yaxis in Fig 7 in particular the
black columns represent the differences introduced by F5 embedding step while the white
ones correspond to the number of modifications yielded by ISC embedding process
12
Fig ISC for JPEG sequence(Embedded step)
FigISC for JPEG sequence(Extracting step)
In 8-bit color images such as GIF files each pixel is represented by a single byte and each
pixel nearly points to a color index able (a palette) with 256 possible colors The pixels value
is between 0 and 255 The software simply paints the indicated color on the screen at the
selected pixel position
Many steganography experts recommend the use of images featuring 256 shades of grapy
Gray scale images are preferred because the shades change very gradually from byte to byte
and the less the value changes between palette entries the better they can hide information
13
When considering an image in which to hide information you must consider the image as
well as the palette Obviously an image with large areas of solid colors is a poor choice as
variances created from the embedded massage will be noticeable in the solid areas
73 Data embedded security system
The choice of embedding algorithm in the most cases is driven by the results of the
steganographic channel robustness analysis One of the areas that improves steganographic
robustness is usage of a key scheme for embedding messagesVarious key steganographic
schemes have various levels of protection Key scheme term means a procedure of how to use
key steganographic system based on the extent of its use However when the steganographic
robustness is increased a bandwidth of the whole embedding system is decreased Therefore
the task of a scheme selection for achieving the optimal values of the steganographic system
is not trivial
Embedding messages in steganographic system can be carried out without use of a key or
with use of a key To improve steganographic robustness key can be used as a verification
option It can make an impact on the distribution of bits of a message within a container as
well as an impact on the procedure of forming a sequence of embedded bits of a message
The first level of protection is determined only by the choice of embedding algorithm This
may be the least significant bits modification algorithm or algorithms for modifying the
frequency or spatial-temporal characteristics of the container The first level of protection is
presented in any steganographic channel Steganographic system in this case can be
represented as shown at The First Protection Level Scheme figure There following notations
are used c - is a container file F - steganographic channel space (frequency orand amplitude
container part that is available for steganographic modification and message signal
transmission) SC - steganographic system m - message to be embedded E - embedding
method ĉ - modified container file
The second protection level of the steganographic system as well as all levels of protection
of the higher orders is characterized by the use of Key (password) via steganographic
modification An example of a simple key scheme which provides a second level of
protection is to write the unmodified or modified password in the top or bottom of the
message or the distribution of the password sign on the entire length of the steganographic
channel Such key schemes do not affect the distribution of messages through the container
and do not use a message preprocessing according to the defined key (see figure The Second
14
Protection Level Scheme) This kind of steganographic systems are used in such tasks as for
instance adding a digital signature for proof of copyright Data embedding performance is
not changed in comparison with the fastest approach of the first protection level usage
Steganographic data channels that use key schemes based distribution of a message through
the container and or preprocessing of an embedded message for data hiding are more secure
When the third protection level key scheme is used it affects the distribution of a message
through the container (see figure The Third Protection Level Scheme where F(P L) ndash
distribution function of a message within a container P ndash minimum number of container
samples that are needed to embed one message sample L ndash step of a message distribution
within a container) Accordingly the performance of container processing will be lower than
in the case of the first and the second key schemes Taking into account that PgeL the
simplest representation of the F(P L) function could be as following
F(P L) = cycleL + stepP
where cycle is a number of the current L section and step is a number of the embedded
message sample
The difference between the fourth protection level scheme and the third one is that in
steganographic system there are two distribution functions of a message within a container
are used The first is responsible for a message samples selection according to some function
G(Q N) and the second function F(P L) is responsible for position selection in a container
for message sample hiding Here Q ndash the size of message block to be inserted N ndash the size (in
bits) of one sample of the message file (see figure The Fourth Protection Level Scheme)
8CONCEALMENT IN DIGITAL IMAGES
Information can be hidden many different ways in images To hide information straight
message insertion may encode every bit of information in the message or selectively embed
the message in ldquonoisyrdquo areas that draw less attention- those areas where there is a great deal
of natural color variation The message may also be scattered randomly throughout the
image Redundant pattern encoding ldquowallpapersrdquo the cover image with the message
Image based Steganography is the most popular method for message concealment In this
paper two techniques are proposed for enhancing the message secrecy using image based
steganography The first technique is based on the use of punctuation marks to encode a
secret message before embedding it into the image file The second technique is based on the
15
use of modified scytale cipher to hide a secret message in an image file Both of these
techniques have been implemented and tested using the S-Tools software package The
original and stego-images both are shown for the purpose of comparison
A number of ways exist to hide information in digital images Common approaches include
1048766 Least significant bit (LSB) insertion
1048766 Masking and filtering
1048766 Algorithms and transformations
81Least significant bit insertion
Least significant Bit insertion is a common simple approach to embedding information in a
cover file To hide an image in the LSBs of each byte of a 24-bit image you can store 3 bits
in each pixel A 1024 768 image has the potential to hide a total of 2359296 bits of
information Ti you compress the message to be hidden before you embed it you can hide a
large amount of information To the human eye the resulting stego-image will look identical
to the cover image
82Masking and Filtering
Masking and filtering techniques usually restricted to 24-bit and tray-scale images hide
information by marking an image in a manner similar to paper watermarks Watermarking
techniques may be applied without fear of image destruction due to lossy compression
because they are more integrated into the image
Visible watermarks are not steganography by definition The difference is primarily one of
intent Traditional steganography conceals information watermarks extend information and
become an attribute of the cover image Digital watermarks may include such information as
copyright ownership or license In steganography the object of communication is the hidden
message In digital watermarking the object of communication is the cover
To create a watermarked image we increase the luminance of the masked area by 15
percent If we were to change the luminance by a smaller percentage the mask would be
undetected by the human eye Now we can use the watermarked image to hide plaintext or
encoded information
Masking is more robust than LSB insertion with respect to compression cropping and some
image processing Masking techniques embed information in more significant areas so that
16
the hidden message is more integral to the cover image than just hiding it in the ldquonoiserdquo level
This makes it more suitable than LSB with lossy JPEG images
83Algorithms and Transformations
LSB manipulation is a quick and easy way to hide information but is vulnerable to small
changes resulting from image processing or lossy compression Such compression is a key
advantage that JPEG images have over other formats High quality images can be stored in
relatively small files using JPEG compression method
One steganographic method that integrates the compression algorithm for hiding the
information is Jpeg-Jsteg Jpeg-Jsteg creates a JPEG stego image from the input of a message
to be hidden and a lossless cover mage
Another method used in Patchwork and similar techniques is the redundant pattern encoding
Here the hidden information is scattered throughout the cover mage These approaches may
help protect against image processing such as cropping and rotations and they hide
information more thoroughly than by simply masking They also support image manipulation
more readily than tools that rely on LSB In using redundant pattern encoding you must trade
off message size against robustness A large message may be embedded only once because it
would occupy a much greater portion of the image area
Other techniques encrypt and scatter the hidden data throughout an image Scattering the
message makes it appear more like noise Proponents of this approach assume that even if the
message bits are extracted they will be useless without the algorithm and stego-key to
decode them Scattering and encryption helps protect against hidden message extraction but
not against message destruction through image processing A scattered message in the
imagersquos LSBs is still as vulnerable to destruction from lossy compression and image
processing as is a clear text message inserted in the LSBs
84 Countermeasures and detection
Detection of physical steganography requires careful physical examination including the use
of magnification developer chemicals and ultraviolet light It is a time-consuming process
with obvious resource implications even in countries where large numbers of people are
employed to spy on their fellow nationals However it is feasible to screen mail of certain
suspected individuals or institutions such as prisons or prisoner-of-war (POW) camps
During World War II a technology used to ease monitoring of POW mail was specially
17
treated paper that would reveal invisible ink An article in the June 24 1948 issue of Paper
Trade Journal by the Technical Director of the United States Government Printing Office
Morris S Kantrowitz describes in general terms the development of this paper three
prototypes of which were named Sensicoat Anilith and Coatalith paper These were for the
manufacture of post cards and stationery to be given to German prisoners of war in the US
and Canada If POWs tried to write a hidden message the special paper would render it
visible At least two US patents were granted related to this technology one to Mr
Kantrowitz No 2515232 Water-Detecting paper and Water-Detecting Coating
Composition Therefor patented July 18 1950 and an earlier one Moisture-Sensitive Paper
and the Manufacture Thereof No 2445586 patented July 20 1948 A similar strategy is to
issue prisoners with writing paper ruled with a water-soluble ink that runs when in contact
with a water-based invisible ink
In computing detection of steganographically encoded packages is called steganalysis The
simplest method to detect modified files however is to compare them to known originals
For example to detect information being moved through the graphics on a website an analyst
can maintain known-clean copies of these materials and compare them against the current
contents of the site The differences assuming the carrier is the same will compose the
payload In general using extremely high compression rate makes steganography difficult
but not impossible While compression errors provide a hiding place for data high
compression reduces the amount of data available to hide the payload in raising the encoding
density and facilitating easier detection (in the extreme case even by casual observation)
9 LEAST SIGNIFICANT BIT (LSB) INSERTION
91Technique basics
Today when converting an analog image to digital format we usually choose between three
different ways of representing colors
1048766 24-bit color every pixel can have one in 2^24 colors and these are represented as different
quantities of three basic colors red (R) green (G) blue (B) given by 8 bits (256 values)
each
18
1048766 8-bit color every pixel can have one in 256 (2^8) colors chosen from a palette or a table
of colors
1048766 8-bit gray-scale every pixel can have one in 256 (2^8) shades of gray
LSB insertion modifies the LSBs of each color in 24-bit images or the LSBs of the 8-bit
value for 8-bit images
92Data Rate
The most basic of LSBs insertion for 24-bit pictures inserts 3 bitspixel Since every pixel is
24 bits we can hide
3 hidden-bitspixel 24 data-bitspixel = 18 hidden-bitsdatabits
So for this case we hide 1 bit of the embedded message for every 8 bits of the cover image If
we pushed the insertion to include the second LSBs the formula would change to
6 hidden-bitspixel 24 data-bitspixel = 28 hidden-bitsdatabits
And we would hide 2 bits of the embedded message for every 8 bits of the cover image
Adding a third-bit insertion we would get
9 hidden-bitspixel 24 data-bitspixel = 38 hidden-bitsdatabits
Acquiring a data rate of 3 embedded bits every 8 bits of the image The data rate for insertion
in 8-bit images is analogous to the 1 LSB insertion in 24-bit images or 1 embedded bit every
8 cover bits We can see the problem in another light and ask how many cover bytes are
needed to send an embedded byte
For 1-LSB insertion in 24-bit images or in 8-bit images this value would be 818 = 8 Bytes
For 2-LSBs insertion in 24-bit pictures it would be 828 = 4 Bytes for 3-LSBs insertion it
would be 838 = 2133 Bytes
93Robustness
LSB insertion is very vulnerable to a lot of transformationseven the most harmless and usual
ones Lossy compression eg JPEG is very likely to destroy it completely The problem is
that the holes in the Human Visual System that LSB insertion tries to exploit ndash little
sensitivity to added noise - are the same that lossy compression algorithms rely on to be able
to reduce the data rate of images
19
Geometrical transformations moving the pixels around and especially message and the only
one that could allow recovery is a simple translation Any other kind of picture
transformation like blurring or other effects usually will destroy the hidden data All in all
LSB insertion is a very little robust technique for data hiding displacing them from the
original grid are likely to destroy the embedded
94Ease of detectionextraction
There is no theoretical outstanding mark of LSB insertion if not a little increase of
background noise Itrsquos very easy instead to extract LSBs even with simple programs and to
check them later to find if they mean something or not
95Suitability for steganography or watermarking
First of all since it is a so vulnerable technique even for simple processing LSB insertion is
almost useless for digital watermarking where it must face malicious attempts at its
destruction plus normal transformations like compressiondecompression or conversion to
analog (printing or visualization)conversion to digital (scanning) Its comparatively high data
rate can point it as a good technique for steganography where robustness is not such an
important constraint
96Problems and possible solutions
Having stated that LSB insertion is good for steganography we can try to improve one of its
major drawbacks the ease of extraction We donrsquot want that a malicious attacker be able to
read everything we are sending
This is usually accomplished with two complementary techniques
Encryption of the message so that who extracts it must also decrypt it before it makes
sense
Randomizing the placement of the bits using a cryptographical random function
(scattering) so that itrsquos almost impossible to rebuild the message without knowing the
seed for the random function
In this way the message is protected by two different keys acquiring much more
confidentiality than before This approach protects also the integrity of the message being
much more difficult (we could say at least computationally infeasible) to counterfeit the
message
20
Anyway since we donrsquot want our message to be only an encrypted and scrambled message
we must go back to the purpose of making the communication hidden
The two most important issues in this problem are
The choice of images
The choice of the format (24-bit or 8-bit compressed or not)
The cover image first of all must seem casual so it must be chosen between a set of subjects
that can have a reason to be exchanged between the source and the receiver Then it must
have quite varying colors it must be noisy so that the added noise is going to be covered
by the already present one Wide solid-color areas imagnify very much any little amount of
noise added to them Second there is a problem with the file size which involves the choice
of the format Unusually big files exchanged between two peers in fact are likely to arise
suspicion
To solve this problem it has been studied a modification to the JPEG algorithm that inserts
LSBs in some of the lossless stages or pilots the rounding of the coefficients of the DCT used
to compress the image to encode the bits Since we need to have small image file sizes we
should resort in using 8-bit images if we want to communicate using LSB insertion because
their size is more likely to be considered as normal
The problem with 256 colors images is that they make use of an indexed palette and
changing a LSB means that we switch a pixel from a position to an adjacent one If there are
adjacent contrasting colors in the palette it can happen that a pixel in the image changes its
color abruptly and the hidden message becomes visible
To solve this problem different methods have been studied like rearranging the palette so
that adjacent colors donrsquot contrast so much or even reducing the palette to a smaller number
of colors and replicating the same entry in the table in adjacent positions so that the
difference after the embedding of the message is not visible at all
Moreover for most images the reduction of colors from for instance 256 to 32 is hardly
visible Most of the experts anyway advise to use 8-bit grayscale images since their palette
is much less varying than the color one so LSB insertion is going to be very hard to detect by
the human eye
21
10SSIS - SPREAD SPECTRUM IMAGE STEGANOGRAPHY
Techniques of error-control coding image restoration and those similar to spread spectrum
communication are combined within the SSIS system The fundamental concept is the
embedding of the hidden information within noise which is then added to a digital cover
image This noise is typical of the noise inherent to the image acquisition process and if kept
at low levels is not perceptible to the human eye or by computer analysis without access to
the original image To successfully decode the message image restoration techniques and
error-control coding are employed Image restoration is used to obtain an approximate
estimate of the original cover image from the stegoimage This promotes the estimation of the
embedded signal that was added to the cover in addition to allowing SSIS to be a blind
steganography scheme
Finally because the noise is of low power and the restoration process is not perfect the
estimation of the embedded signal is poor resulting in an embedded signal bit error rate
(BER) that is rather high To compensate the message signal is processed by a low-rate
error-correcting code before embedding This conglomeration of communication and image
processing techniques provides a method of reliable blind image steganography
The major processes of the stegosystem encoder are portrayed Within the system the
message is optionally encrypted with key 1 and then encoded via a low-rate
errorcorrectingcode producing the encoded message Thesender enters key 2 into a wideband
pseudorandom noise generator producing a real-valued noise sequence sequently the
modulation scheme is used to combine the message with the noise sequence thereby
composing the embedded signal which is then input into an interleaver using key 3 This
signal is now added with the cover image to produce the stegoimage which is appropriately
quantized and clipped to preserve the initial dynamic range of the cover image The
stegoimage is then transmitted in some manner to the recipient At the receiver the
stegoimage is received by the recipient who maintains the same keys as the sender uses the
stegosystem decoder to extract the hidden information The decoder uses image restoration
techniques to produce an estimate of the original cover image from the received
stegoimage The difference between and
is fed into a keyed deinterleaver to construct an estimate of the embedded signal With key
2 the noise sequence is regenerated the encoded message is then demodulated and an
estimate of the encoded message is constructed The estimate of the message is then
22
decoded via the low-rate errorcontrol decoder optionally decrypted using key 1 and revealed
to the recipient
The interleaver in this scheme which reorders the embedded signal before it is added to the
cover image serves a dual function The first is to prevent a group or burst of errors This
allows the errors to occur almost independently within a codeword thus giving the error-
correcting code an equal chance at correcting the errors in all codewords Second since the
interleaver requires a key to stipulate the interleaving algorithm this key can serve as another
level of security to establish the proper order of the embedded signal before decoding
We point out this technique as an example for spread spectrum data-hiding methods Spread
spectrum techniques are now widely used in military radio communications due to their very
high robustness to detection and extraction SSIS is a quite mature process and its aim is to
achieve low detectability ease of extraction high data rate and good robustness to removal It
is based on spread spectrum techniques but it enhances them by adding other encoding steps
FigSSIS encoder
23
FigSSIS decoder
101Technique basics
The core of SSIS is a spread spectrum encoder These devices work by modulating a narrow
band signal over a carrier The carrierrsquos frequency is continually shifted using a
pseudorandom noise generator fed with a secret key In this way the spectral energy of the
signal is spread over a wide band thus decreasing its density usually under the noise level
To extract the embedded message the receiver must use the same key and noise generator to
tune on the right frequencies and demodulate the original signal A casual observer wonrsquot be
able even to detect the hidden communication since it is under the noise level
102Data Rate
The data rate for this technique can be fairly high but it depends on the choices made for the
different parameters of the encoding We can assume that the message will be compressed
before embedding to allow for a higher capacity The ECC encoder instead is going to insert
redundant data into the stream to be able to correct the errors The more errors we want to
correct the more bits will be added Then we have a tradeoff between good retrieval and
capacity If we can allow for small glitches in the recovered message then we can use a
weaker encoding
Moreover the more data we want to insert in the image the more noise we are going to add
to it Then if our cover is not noisy we will be able to hide very little data while if we
choose a noisy one its capacity will be higher Experiments with 512x512 grey scale images
(256 KB) could embed from 500 bytes to 5KB depending on the cover These experiments
used a spread spectrum signal powerful enough to give almost total error-free retrieval
because the compression method adopted didnrsquot allow for any errors This means a data rate
24
varying from 1 hidden-bytes50 cover-bytes to 10 hiddenbytes 50 cover-bytes a rate
surpassed only by LSB insertion
103Robustness
Spread spectrum techniques are usually quite robust Every transformation that adds noise to
the image isnrsquot able to destroy the message Anyway a determined attacker can quite easily
compromise the embedded data using some digital processing like for examplenoise
reduction filters the same that are used in decoding to estimate the original cover
104Ease of detectionextraction
Spread spectrum encoding is widely used in military communications for its robustness
against detection An attacker canrsquot usually even know if the message was embedded and
anyway it will be very hard for him to extract it without knowing the right key2 and key3
105Suitability for steganography or watermarking
Due to its fairly high capacity and low ease of detection and extraction SISS is very good for
steganography
106Problems and possible solutions
The basic tradeoff in using SSIS is between the error rate we can afford and the amount of
informations we want to embed that varies in turn the power of the added noise The ECC is
used to allow for a lower power without increasing the Bit Error Rate as well
Further improvements will deal with improving the original cover estimate stage so that itrsquoll
lead to a lower Bit Error Rate in the recovered signal allowing to use less redundant ECCs
The first is redundant encoding by dividing the cover into blocks and embedding the same
message in each of them so that the hidden data can be extracted even from a part of the
image as big as one block but the more of it we have the more certain we can be about the
result
Moreover they added to the spectrum a template that can through a log-polar transform
applied to the spectrum of the stegoimage determine the original scale factor and orientation
of the image rendering the stego-message virtually immune to scaling and rotation Finally
spread spectrum techniques can add an adaptive perceptual masking filter before the insertion
of the signal so that the added noise is quite sure to be under perceptual limits This
25
however will increase the error rate in the retrieval because it reduces the power of the
embedded signal
11Applications of Steganography
Steganography is applicable to but not limited to the following areas
1) Confidential communication and secret data storing
2) Protection of data alteration
3) Access control system for digital content distribution
4) Media Database systems
The area differs in what feature of the steganography is utilized in each system
111 Confidential communication and secret data storing
The secrecy of the embedded data is essential in this areaHistorically steganography have
been approached in this area Steganography provides us with
(A) Potential capability to hide the existence of confidential data
(B) Hardness of detecting the hidden (ie embedded) data
(C) Strengthening of the secrecy of the encrypted data
In practice when you use some steganography you must first select a vessel data according
to the size of the embedding data The vessel should be innocuous Then you embed the
confidential data by using an embedding program (which is one component of the
steganography software) together with some key When extracting you (or your party) use an
extracting program (another component) to recover the embedded data by the same key
( common key in terms of cryptography) In this case you need a key negotiation before
you start communication
Attaching a stego file to an e-mail message is the simplest example in this application area
But you and your party must do a sending-and-receiving action that could be noticed by a
third party So e-mailing is not a completely secret communication methodThere is an easy
method that has no key-negotiation We have a model of Anonymous Covert Mailing
System There is some other communication method that uses the Internet Webpage In this
26
method you dont need to send anything to your party and no one can detect your
communication
Each secrecy based application needs an embedding process which leaves the smallest
embedding evidence You may follow the following
(A) Choose a large vessel larger the better compared with the embedding data
(B) Discard the original vessel after embedding
For example in the case of Qtech Hide amp View it leaves some latent embedding evidence
even if the vessel has a very large embedding capacity You are recommended to embed only
25 or less (for PNG BMP output) of the maximum capacity or only 3 of the vessel size
(for JPEG output)
112 Protection of data alteration
We take advantage of the fragility of the embedded data in this application area
The embedded data can rather be fragile than be very robust Actually embedded data are
fragile in most steganography programs Especially Qtech Hide amp View program embeds
data in an extremely fragile manner However this fragility opens a new direction toward an
information-alteration protective system such as a Digital Certificate Document System
The most novel point among others is that no authentication bureau is needed If it is
implemented people can send their digital certificate data to any place in the world through
Internet No one can forge alter nor tamper such certificate data If forged altered or
tampered it is easily detected by the extraction program
Stated somewhat more formally the objective for making steganographic encoding difficult
to detect is to ensure that the changes to the carrier (the original signal) due to the injection of
the payload (the signal to covertly embed) are visually (and ideally statistically) negligible
that is to say the changes are indistinguishable from the noise floor of the carrier Any
medium can be a carrier but media with a large amount of redundant or compressible
information are better suited
From an information theoretical point of view this means that the channel must have more
capacity than the surface signal requires that is there must be redundancy For a digital
image this may be noise from the imaging element for digital audio it may be noise from
recording techniques or amplification equipment In general electronics that digitize an
analog signal suffer from several noise sources such as thermal noise flicker noise and shot
27
noise This noise provides enough variation in the captured digital information that it can be
exploited as a noise cover for hidden data In addition lossy compression schemes (such as
JPEG) always introduce some error into the decompressed data it is possible to exploit this
for steganographic use as well
Steganography can be used for digital watermarking where a message (being simply an
identifier) is hidden in an image so that its source can be tracked or verified (for example
Coded Anti-Piracy) or even just to identify an image (as in the EURion constellation)
113 Access control system for digital content distribution
In this area embedded data is hidden but is explained to publicize the contentToday
digital contents are getting more and more commonly distributed by Internet than ever before
For example music companies release new albums on their Webpage in a free or charged
manner However in this case all the contents are equally distributed to the people who
accessed the page So an ordinary Web distribution scheme is not suited for a case-by-case
and selective distribution Of course it is always possible to attach digital content to e-mail
messages and send to the customers But it will takes a lot of cost in time and labor
If you have some valuable content which you think it is okay to provide others if they really
need it and if it is possible to upload such content on the Web in some covert manner And if
you can issue a special access key to extract the content selectively you will be very happy
about it A steganographic scheme can help realize a this type of system
We have developed a prototype of an Access Control System for digital content
distribution through Internet The following steps explain the scheme
(1) A content owner classify hisher digital contents in a folder-by-folder manner and embed
the whole folders in some large vessel according to a steganographic method using folder
access keys and upload the embedded vessel (stego data) on hisher own Webpage
(2) On that Webpage the owner explains the contents in depth and publicize worldwide The
contact information to the owner (post mail address e-mail address phone number etc) will
be posted there
(3) The owner may receive an access-request from a customer who watched that Webpage In
that case the owner may (or may not) creates an access key and provide it to the customer
(free or charged)
28
In this mechanism the most important point is a selective extraction is possible or notWe
have already developed such a selective extraction program to implement the system
114 Media Database systems
In this application area of steganography secrecy is not important but unifying two types of
data into one is the most importantMedia data (photo picture movie music etc) have some
association with other information A photo picture for instance may have the following
(1) The title of the picture and some physical object information
(2) The date and the time when the picture was taken
(3) The camera and the photographers information
Formerly these are annotated beside the each picture in the albumRecently almost all
cameras are digitalized They are cheap in price easy to use quick to shoot They eventually
made people feel reluctant to work on annotating each picture Now most home PCs are
stuck with the huge amount of photo files In this situation it is very hard to find a specific
shot in the piles of pictures A photo album software may help a little You can sort the
pictures and put a couple of annotation words to each photo When you want to find a
specific picture you can make a search by keywords for the target picture However the
annotation data in such software are not unified with the target pictures Each annotation only
has a link to the picture Therefore when you transfer the pictures to a different album
software all the annotation data are lost
This problem is technically referred to as Metadata (eg annotation data) in a media
database system (a photo album software) are separated from the media data (photo data) in
the database managing system (DBMS) This is a big problem
Steganography can solve this problem because a steganography program unifies two types of
data into one by way of embedding operation So metadata can easily be transferred from
one system to another without hitch Specifically you can embed all your goodbad memory
(of your sight-seeing trip) in each snap shot of the digital photo You can either send the
embedded picture to your friend to extract your memory on hisher PC or you may keep it
silent in your own PC to enjoy extracting the memory ten years after If a motion picture
steganography system has been developed in the near future a keyword based movie-scene
retrieving system will be implemented It will be a step to a semantic movie retrieval system
29
12CONCLUSION
In this paper we tried to give an all-round view of steganography both used to exchange
messages and watermarking First we gave an outline of the problem telling also some of the
history of this quickly developing field Then we showed the different techniques invented
from the simplest to the more complex ones trying to evaluate them under many points of
view Major emphasis was put on data hiding in images for the techniques involved are
usually more mature than the corresponding ones for other kinds of informations Image
encoding algorithms can also be representative for manipulation of other types of media like
voice text binary files binary files communication channels etc
The strength of our system resides in the new concept of key image Involving two images
(the cover and the key) in place of only one (the cover) we are able to change the cover
coefficients randomly This opportunity does not give a steganalytic tool the chance of
searching for a predictable set of modifications The proposed approach has many
applications in hiding and coding messages within standard medias such as images or videos
As future work we intend to study steganalytic techniques for ISC and to extend ISC to
mobile video communication
Then we gave an outline of the problems involved with watermarking a field that has come
into light after the development of broadband worldwide digital networks Steganography and
digital watermarking are undergoing a development process similar to that of encryption
Steganographyrsquos niche in security is to supplement cryptography and not to replace it There
is a continuous invention of new techniques for steganography followed by successful
breakings and new improvements of them
30
13REFERENCES
Neil F Johnson Sushil Jajodia George Mason University Exploring
Steganography Seeing the Unseen IEEE Computers February 1998 pp 26-34
W Bender D Gruhl N Morimoto A Lu Techniques for Data Hiding IBM
Systems Journal Vol 35
Ross Anderson Roger Needham Adi Shamir The Steganographic File System 2nd
Information Hiding Workshop 1998
Ross J Anderson Fabien AP Petitcolas On the limits of steganographyrdquo
W Bender D Gruhl N Morimoto and A Lu ldquoTechniques for data hidingrdquo IBM
Syst J vol 35 1996
I J Cox J Kilian T Leighton and T Shamoon ldquoSecure spread spectrum
watermarking for images audio and videordquo in Proc IEEE Int Conf Image
Processing Lausanne Switzerland Sept 1996 vol 111 pp 243ndash246
D Kahn The CodebreakersmdashThe Story of Secret Writing New York Scribner
1967
F Johnson and S Jajodia ldquoExploring steganography Seeing the unseenrdquo IEEE
Computer Mag pp 26ndash34 Feb 1998
B Pfitzmann ldquoTrials of traced traitorsrdquo in Information Hiding First International
Workshop Lecture Notes in Computer Science R Anderson Ed Berlin Germany
Springer-Verlag 1996 vol 1 pp 49ndash64
J R Smith and B O Comisky ldquoModulation and information hiding in imagesrdquo in
Information Hiding First International Workshop Lecture Notes in Computer
Science R Anderson Ed Berlin Germany Springer-Verlag 1996 vol 1174 pp
207ndash226
L M Marvel and C G Boncelet Jr ldquoCapacity of the additive steganographic
channelrdquo submitted for publication
R van Schyndel A Tirkel and C Osborne ldquoA digital watermarkrdquo in Proc IEEE Int
Conf Image Processing 1994 vol 2 pp 86ndash90
R B Wolfgang and E J Delp ldquoA watermark for digital imagesrdquo in Proc IEEE Int
Conf Image Processing Lausanne Switzerland Sept 1996 vol 111 pp 219ndash222
31
- 84 Countermeasures and detection
- Detection of physical steganography requires careful physical examination including the use of magnification developer chemicals and ultraviolet light It is a time-consuming process with obvious resource implications even in countries where large numbers of people are employed to spy on their fellow nationals However it is feasible to screen mail of certain suspected individuals or institutions such as prisons or prisoner-of-war (POW) camps During World War II a technology used to ease monitoring of POW mail was specially treated paper that would reveal invisible ink An article in the June 24 1948 issue of Paper Trade Journal by the Technical Director of the United States Government Printing Office Morris S Kantrowitz describes in general terms the development of this paper three prototypes of which were named Sensicoat Anilith and Coatalith paper These were for the manufacture of post cards and stationery to be given to German prisoners of war in the US and Canada If POWs tried to write a hidden message the special paper would render it visible At least two US patents were granted related to this technology one to Mr Kantrowitz No 2515232 Water-Detecting paper and Water-Detecting Coating Composition Therefor patented July 18 1950 and an earlier one Moisture-Sensitive Paper and the Manufacture Thereof No 2445586 patented July 20 1948 A similar strategy is to issue prisoners with writing paper ruled with a water-soluble ink that runs when in contact with a water-based invisible ink
-
Fig ISC for JPEG sequence(Embedded step)
FigISC for JPEG sequence(Extracting step)
In 8-bit color images such as GIF files each pixel is represented by a single byte and each
pixel nearly points to a color index able (a palette) with 256 possible colors The pixels value
is between 0 and 255 The software simply paints the indicated color on the screen at the
selected pixel position
Many steganography experts recommend the use of images featuring 256 shades of grapy
Gray scale images are preferred because the shades change very gradually from byte to byte
and the less the value changes between palette entries the better they can hide information
13
When considering an image in which to hide information you must consider the image as
well as the palette Obviously an image with large areas of solid colors is a poor choice as
variances created from the embedded massage will be noticeable in the solid areas
73 Data embedded security system
The choice of embedding algorithm in the most cases is driven by the results of the
steganographic channel robustness analysis One of the areas that improves steganographic
robustness is usage of a key scheme for embedding messagesVarious key steganographic
schemes have various levels of protection Key scheme term means a procedure of how to use
key steganographic system based on the extent of its use However when the steganographic
robustness is increased a bandwidth of the whole embedding system is decreased Therefore
the task of a scheme selection for achieving the optimal values of the steganographic system
is not trivial
Embedding messages in steganographic system can be carried out without use of a key or
with use of a key To improve steganographic robustness key can be used as a verification
option It can make an impact on the distribution of bits of a message within a container as
well as an impact on the procedure of forming a sequence of embedded bits of a message
The first level of protection is determined only by the choice of embedding algorithm This
may be the least significant bits modification algorithm or algorithms for modifying the
frequency or spatial-temporal characteristics of the container The first level of protection is
presented in any steganographic channel Steganographic system in this case can be
represented as shown at The First Protection Level Scheme figure There following notations
are used c - is a container file F - steganographic channel space (frequency orand amplitude
container part that is available for steganographic modification and message signal
transmission) SC - steganographic system m - message to be embedded E - embedding
method ĉ - modified container file
The second protection level of the steganographic system as well as all levels of protection
of the higher orders is characterized by the use of Key (password) via steganographic
modification An example of a simple key scheme which provides a second level of
protection is to write the unmodified or modified password in the top or bottom of the
message or the distribution of the password sign on the entire length of the steganographic
channel Such key schemes do not affect the distribution of messages through the container
and do not use a message preprocessing according to the defined key (see figure The Second
14
Protection Level Scheme) This kind of steganographic systems are used in such tasks as for
instance adding a digital signature for proof of copyright Data embedding performance is
not changed in comparison with the fastest approach of the first protection level usage
Steganographic data channels that use key schemes based distribution of a message through
the container and or preprocessing of an embedded message for data hiding are more secure
When the third protection level key scheme is used it affects the distribution of a message
through the container (see figure The Third Protection Level Scheme where F(P L) ndash
distribution function of a message within a container P ndash minimum number of container
samples that are needed to embed one message sample L ndash step of a message distribution
within a container) Accordingly the performance of container processing will be lower than
in the case of the first and the second key schemes Taking into account that PgeL the
simplest representation of the F(P L) function could be as following
F(P L) = cycleL + stepP
where cycle is a number of the current L section and step is a number of the embedded
message sample
The difference between the fourth protection level scheme and the third one is that in
steganographic system there are two distribution functions of a message within a container
are used The first is responsible for a message samples selection according to some function
G(Q N) and the second function F(P L) is responsible for position selection in a container
for message sample hiding Here Q ndash the size of message block to be inserted N ndash the size (in
bits) of one sample of the message file (see figure The Fourth Protection Level Scheme)
8CONCEALMENT IN DIGITAL IMAGES
Information can be hidden many different ways in images To hide information straight
message insertion may encode every bit of information in the message or selectively embed
the message in ldquonoisyrdquo areas that draw less attention- those areas where there is a great deal
of natural color variation The message may also be scattered randomly throughout the
image Redundant pattern encoding ldquowallpapersrdquo the cover image with the message
Image based Steganography is the most popular method for message concealment In this
paper two techniques are proposed for enhancing the message secrecy using image based
steganography The first technique is based on the use of punctuation marks to encode a
secret message before embedding it into the image file The second technique is based on the
15
use of modified scytale cipher to hide a secret message in an image file Both of these
techniques have been implemented and tested using the S-Tools software package The
original and stego-images both are shown for the purpose of comparison
A number of ways exist to hide information in digital images Common approaches include
1048766 Least significant bit (LSB) insertion
1048766 Masking and filtering
1048766 Algorithms and transformations
81Least significant bit insertion
Least significant Bit insertion is a common simple approach to embedding information in a
cover file To hide an image in the LSBs of each byte of a 24-bit image you can store 3 bits
in each pixel A 1024 768 image has the potential to hide a total of 2359296 bits of
information Ti you compress the message to be hidden before you embed it you can hide a
large amount of information To the human eye the resulting stego-image will look identical
to the cover image
82Masking and Filtering
Masking and filtering techniques usually restricted to 24-bit and tray-scale images hide
information by marking an image in a manner similar to paper watermarks Watermarking
techniques may be applied without fear of image destruction due to lossy compression
because they are more integrated into the image
Visible watermarks are not steganography by definition The difference is primarily one of
intent Traditional steganography conceals information watermarks extend information and
become an attribute of the cover image Digital watermarks may include such information as
copyright ownership or license In steganography the object of communication is the hidden
message In digital watermarking the object of communication is the cover
To create a watermarked image we increase the luminance of the masked area by 15
percent If we were to change the luminance by a smaller percentage the mask would be
undetected by the human eye Now we can use the watermarked image to hide plaintext or
encoded information
Masking is more robust than LSB insertion with respect to compression cropping and some
image processing Masking techniques embed information in more significant areas so that
16
the hidden message is more integral to the cover image than just hiding it in the ldquonoiserdquo level
This makes it more suitable than LSB with lossy JPEG images
83Algorithms and Transformations
LSB manipulation is a quick and easy way to hide information but is vulnerable to small
changes resulting from image processing or lossy compression Such compression is a key
advantage that JPEG images have over other formats High quality images can be stored in
relatively small files using JPEG compression method
One steganographic method that integrates the compression algorithm for hiding the
information is Jpeg-Jsteg Jpeg-Jsteg creates a JPEG stego image from the input of a message
to be hidden and a lossless cover mage
Another method used in Patchwork and similar techniques is the redundant pattern encoding
Here the hidden information is scattered throughout the cover mage These approaches may
help protect against image processing such as cropping and rotations and they hide
information more thoroughly than by simply masking They also support image manipulation
more readily than tools that rely on LSB In using redundant pattern encoding you must trade
off message size against robustness A large message may be embedded only once because it
would occupy a much greater portion of the image area
Other techniques encrypt and scatter the hidden data throughout an image Scattering the
message makes it appear more like noise Proponents of this approach assume that even if the
message bits are extracted they will be useless without the algorithm and stego-key to
decode them Scattering and encryption helps protect against hidden message extraction but
not against message destruction through image processing A scattered message in the
imagersquos LSBs is still as vulnerable to destruction from lossy compression and image
processing as is a clear text message inserted in the LSBs
84 Countermeasures and detection
Detection of physical steganography requires careful physical examination including the use
of magnification developer chemicals and ultraviolet light It is a time-consuming process
with obvious resource implications even in countries where large numbers of people are
employed to spy on their fellow nationals However it is feasible to screen mail of certain
suspected individuals or institutions such as prisons or prisoner-of-war (POW) camps
During World War II a technology used to ease monitoring of POW mail was specially
17
treated paper that would reveal invisible ink An article in the June 24 1948 issue of Paper
Trade Journal by the Technical Director of the United States Government Printing Office
Morris S Kantrowitz describes in general terms the development of this paper three
prototypes of which were named Sensicoat Anilith and Coatalith paper These were for the
manufacture of post cards and stationery to be given to German prisoners of war in the US
and Canada If POWs tried to write a hidden message the special paper would render it
visible At least two US patents were granted related to this technology one to Mr
Kantrowitz No 2515232 Water-Detecting paper and Water-Detecting Coating
Composition Therefor patented July 18 1950 and an earlier one Moisture-Sensitive Paper
and the Manufacture Thereof No 2445586 patented July 20 1948 A similar strategy is to
issue prisoners with writing paper ruled with a water-soluble ink that runs when in contact
with a water-based invisible ink
In computing detection of steganographically encoded packages is called steganalysis The
simplest method to detect modified files however is to compare them to known originals
For example to detect information being moved through the graphics on a website an analyst
can maintain known-clean copies of these materials and compare them against the current
contents of the site The differences assuming the carrier is the same will compose the
payload In general using extremely high compression rate makes steganography difficult
but not impossible While compression errors provide a hiding place for data high
compression reduces the amount of data available to hide the payload in raising the encoding
density and facilitating easier detection (in the extreme case even by casual observation)
9 LEAST SIGNIFICANT BIT (LSB) INSERTION
91Technique basics
Today when converting an analog image to digital format we usually choose between three
different ways of representing colors
1048766 24-bit color every pixel can have one in 2^24 colors and these are represented as different
quantities of three basic colors red (R) green (G) blue (B) given by 8 bits (256 values)
each
18
1048766 8-bit color every pixel can have one in 256 (2^8) colors chosen from a palette or a table
of colors
1048766 8-bit gray-scale every pixel can have one in 256 (2^8) shades of gray
LSB insertion modifies the LSBs of each color in 24-bit images or the LSBs of the 8-bit
value for 8-bit images
92Data Rate
The most basic of LSBs insertion for 24-bit pictures inserts 3 bitspixel Since every pixel is
24 bits we can hide
3 hidden-bitspixel 24 data-bitspixel = 18 hidden-bitsdatabits
So for this case we hide 1 bit of the embedded message for every 8 bits of the cover image If
we pushed the insertion to include the second LSBs the formula would change to
6 hidden-bitspixel 24 data-bitspixel = 28 hidden-bitsdatabits
And we would hide 2 bits of the embedded message for every 8 bits of the cover image
Adding a third-bit insertion we would get
9 hidden-bitspixel 24 data-bitspixel = 38 hidden-bitsdatabits
Acquiring a data rate of 3 embedded bits every 8 bits of the image The data rate for insertion
in 8-bit images is analogous to the 1 LSB insertion in 24-bit images or 1 embedded bit every
8 cover bits We can see the problem in another light and ask how many cover bytes are
needed to send an embedded byte
For 1-LSB insertion in 24-bit images or in 8-bit images this value would be 818 = 8 Bytes
For 2-LSBs insertion in 24-bit pictures it would be 828 = 4 Bytes for 3-LSBs insertion it
would be 838 = 2133 Bytes
93Robustness
LSB insertion is very vulnerable to a lot of transformationseven the most harmless and usual
ones Lossy compression eg JPEG is very likely to destroy it completely The problem is
that the holes in the Human Visual System that LSB insertion tries to exploit ndash little
sensitivity to added noise - are the same that lossy compression algorithms rely on to be able
to reduce the data rate of images
19
Geometrical transformations moving the pixels around and especially message and the only
one that could allow recovery is a simple translation Any other kind of picture
transformation like blurring or other effects usually will destroy the hidden data All in all
LSB insertion is a very little robust technique for data hiding displacing them from the
original grid are likely to destroy the embedded
94Ease of detectionextraction
There is no theoretical outstanding mark of LSB insertion if not a little increase of
background noise Itrsquos very easy instead to extract LSBs even with simple programs and to
check them later to find if they mean something or not
95Suitability for steganography or watermarking
First of all since it is a so vulnerable technique even for simple processing LSB insertion is
almost useless for digital watermarking where it must face malicious attempts at its
destruction plus normal transformations like compressiondecompression or conversion to
analog (printing or visualization)conversion to digital (scanning) Its comparatively high data
rate can point it as a good technique for steganography where robustness is not such an
important constraint
96Problems and possible solutions
Having stated that LSB insertion is good for steganography we can try to improve one of its
major drawbacks the ease of extraction We donrsquot want that a malicious attacker be able to
read everything we are sending
This is usually accomplished with two complementary techniques
Encryption of the message so that who extracts it must also decrypt it before it makes
sense
Randomizing the placement of the bits using a cryptographical random function
(scattering) so that itrsquos almost impossible to rebuild the message without knowing the
seed for the random function
In this way the message is protected by two different keys acquiring much more
confidentiality than before This approach protects also the integrity of the message being
much more difficult (we could say at least computationally infeasible) to counterfeit the
message
20
Anyway since we donrsquot want our message to be only an encrypted and scrambled message
we must go back to the purpose of making the communication hidden
The two most important issues in this problem are
The choice of images
The choice of the format (24-bit or 8-bit compressed or not)
The cover image first of all must seem casual so it must be chosen between a set of subjects
that can have a reason to be exchanged between the source and the receiver Then it must
have quite varying colors it must be noisy so that the added noise is going to be covered
by the already present one Wide solid-color areas imagnify very much any little amount of
noise added to them Second there is a problem with the file size which involves the choice
of the format Unusually big files exchanged between two peers in fact are likely to arise
suspicion
To solve this problem it has been studied a modification to the JPEG algorithm that inserts
LSBs in some of the lossless stages or pilots the rounding of the coefficients of the DCT used
to compress the image to encode the bits Since we need to have small image file sizes we
should resort in using 8-bit images if we want to communicate using LSB insertion because
their size is more likely to be considered as normal
The problem with 256 colors images is that they make use of an indexed palette and
changing a LSB means that we switch a pixel from a position to an adjacent one If there are
adjacent contrasting colors in the palette it can happen that a pixel in the image changes its
color abruptly and the hidden message becomes visible
To solve this problem different methods have been studied like rearranging the palette so
that adjacent colors donrsquot contrast so much or even reducing the palette to a smaller number
of colors and replicating the same entry in the table in adjacent positions so that the
difference after the embedding of the message is not visible at all
Moreover for most images the reduction of colors from for instance 256 to 32 is hardly
visible Most of the experts anyway advise to use 8-bit grayscale images since their palette
is much less varying than the color one so LSB insertion is going to be very hard to detect by
the human eye
21
10SSIS - SPREAD SPECTRUM IMAGE STEGANOGRAPHY
Techniques of error-control coding image restoration and those similar to spread spectrum
communication are combined within the SSIS system The fundamental concept is the
embedding of the hidden information within noise which is then added to a digital cover
image This noise is typical of the noise inherent to the image acquisition process and if kept
at low levels is not perceptible to the human eye or by computer analysis without access to
the original image To successfully decode the message image restoration techniques and
error-control coding are employed Image restoration is used to obtain an approximate
estimate of the original cover image from the stegoimage This promotes the estimation of the
embedded signal that was added to the cover in addition to allowing SSIS to be a blind
steganography scheme
Finally because the noise is of low power and the restoration process is not perfect the
estimation of the embedded signal is poor resulting in an embedded signal bit error rate
(BER) that is rather high To compensate the message signal is processed by a low-rate
error-correcting code before embedding This conglomeration of communication and image
processing techniques provides a method of reliable blind image steganography
The major processes of the stegosystem encoder are portrayed Within the system the
message is optionally encrypted with key 1 and then encoded via a low-rate
errorcorrectingcode producing the encoded message Thesender enters key 2 into a wideband
pseudorandom noise generator producing a real-valued noise sequence sequently the
modulation scheme is used to combine the message with the noise sequence thereby
composing the embedded signal which is then input into an interleaver using key 3 This
signal is now added with the cover image to produce the stegoimage which is appropriately
quantized and clipped to preserve the initial dynamic range of the cover image The
stegoimage is then transmitted in some manner to the recipient At the receiver the
stegoimage is received by the recipient who maintains the same keys as the sender uses the
stegosystem decoder to extract the hidden information The decoder uses image restoration
techniques to produce an estimate of the original cover image from the received
stegoimage The difference between and
is fed into a keyed deinterleaver to construct an estimate of the embedded signal With key
2 the noise sequence is regenerated the encoded message is then demodulated and an
estimate of the encoded message is constructed The estimate of the message is then
22
decoded via the low-rate errorcontrol decoder optionally decrypted using key 1 and revealed
to the recipient
The interleaver in this scheme which reorders the embedded signal before it is added to the
cover image serves a dual function The first is to prevent a group or burst of errors This
allows the errors to occur almost independently within a codeword thus giving the error-
correcting code an equal chance at correcting the errors in all codewords Second since the
interleaver requires a key to stipulate the interleaving algorithm this key can serve as another
level of security to establish the proper order of the embedded signal before decoding
We point out this technique as an example for spread spectrum data-hiding methods Spread
spectrum techniques are now widely used in military radio communications due to their very
high robustness to detection and extraction SSIS is a quite mature process and its aim is to
achieve low detectability ease of extraction high data rate and good robustness to removal It
is based on spread spectrum techniques but it enhances them by adding other encoding steps
FigSSIS encoder
23
FigSSIS decoder
101Technique basics
The core of SSIS is a spread spectrum encoder These devices work by modulating a narrow
band signal over a carrier The carrierrsquos frequency is continually shifted using a
pseudorandom noise generator fed with a secret key In this way the spectral energy of the
signal is spread over a wide band thus decreasing its density usually under the noise level
To extract the embedded message the receiver must use the same key and noise generator to
tune on the right frequencies and demodulate the original signal A casual observer wonrsquot be
able even to detect the hidden communication since it is under the noise level
102Data Rate
The data rate for this technique can be fairly high but it depends on the choices made for the
different parameters of the encoding We can assume that the message will be compressed
before embedding to allow for a higher capacity The ECC encoder instead is going to insert
redundant data into the stream to be able to correct the errors The more errors we want to
correct the more bits will be added Then we have a tradeoff between good retrieval and
capacity If we can allow for small glitches in the recovered message then we can use a
weaker encoding
Moreover the more data we want to insert in the image the more noise we are going to add
to it Then if our cover is not noisy we will be able to hide very little data while if we
choose a noisy one its capacity will be higher Experiments with 512x512 grey scale images
(256 KB) could embed from 500 bytes to 5KB depending on the cover These experiments
used a spread spectrum signal powerful enough to give almost total error-free retrieval
because the compression method adopted didnrsquot allow for any errors This means a data rate
24
varying from 1 hidden-bytes50 cover-bytes to 10 hiddenbytes 50 cover-bytes a rate
surpassed only by LSB insertion
103Robustness
Spread spectrum techniques are usually quite robust Every transformation that adds noise to
the image isnrsquot able to destroy the message Anyway a determined attacker can quite easily
compromise the embedded data using some digital processing like for examplenoise
reduction filters the same that are used in decoding to estimate the original cover
104Ease of detectionextraction
Spread spectrum encoding is widely used in military communications for its robustness
against detection An attacker canrsquot usually even know if the message was embedded and
anyway it will be very hard for him to extract it without knowing the right key2 and key3
105Suitability for steganography or watermarking
Due to its fairly high capacity and low ease of detection and extraction SISS is very good for
steganography
106Problems and possible solutions
The basic tradeoff in using SSIS is between the error rate we can afford and the amount of
informations we want to embed that varies in turn the power of the added noise The ECC is
used to allow for a lower power without increasing the Bit Error Rate as well
Further improvements will deal with improving the original cover estimate stage so that itrsquoll
lead to a lower Bit Error Rate in the recovered signal allowing to use less redundant ECCs
The first is redundant encoding by dividing the cover into blocks and embedding the same
message in each of them so that the hidden data can be extracted even from a part of the
image as big as one block but the more of it we have the more certain we can be about the
result
Moreover they added to the spectrum a template that can through a log-polar transform
applied to the spectrum of the stegoimage determine the original scale factor and orientation
of the image rendering the stego-message virtually immune to scaling and rotation Finally
spread spectrum techniques can add an adaptive perceptual masking filter before the insertion
of the signal so that the added noise is quite sure to be under perceptual limits This
25
however will increase the error rate in the retrieval because it reduces the power of the
embedded signal
11Applications of Steganography
Steganography is applicable to but not limited to the following areas
1) Confidential communication and secret data storing
2) Protection of data alteration
3) Access control system for digital content distribution
4) Media Database systems
The area differs in what feature of the steganography is utilized in each system
111 Confidential communication and secret data storing
The secrecy of the embedded data is essential in this areaHistorically steganography have
been approached in this area Steganography provides us with
(A) Potential capability to hide the existence of confidential data
(B) Hardness of detecting the hidden (ie embedded) data
(C) Strengthening of the secrecy of the encrypted data
In practice when you use some steganography you must first select a vessel data according
to the size of the embedding data The vessel should be innocuous Then you embed the
confidential data by using an embedding program (which is one component of the
steganography software) together with some key When extracting you (or your party) use an
extracting program (another component) to recover the embedded data by the same key
( common key in terms of cryptography) In this case you need a key negotiation before
you start communication
Attaching a stego file to an e-mail message is the simplest example in this application area
But you and your party must do a sending-and-receiving action that could be noticed by a
third party So e-mailing is not a completely secret communication methodThere is an easy
method that has no key-negotiation We have a model of Anonymous Covert Mailing
System There is some other communication method that uses the Internet Webpage In this
26
method you dont need to send anything to your party and no one can detect your
communication
Each secrecy based application needs an embedding process which leaves the smallest
embedding evidence You may follow the following
(A) Choose a large vessel larger the better compared with the embedding data
(B) Discard the original vessel after embedding
For example in the case of Qtech Hide amp View it leaves some latent embedding evidence
even if the vessel has a very large embedding capacity You are recommended to embed only
25 or less (for PNG BMP output) of the maximum capacity or only 3 of the vessel size
(for JPEG output)
112 Protection of data alteration
We take advantage of the fragility of the embedded data in this application area
The embedded data can rather be fragile than be very robust Actually embedded data are
fragile in most steganography programs Especially Qtech Hide amp View program embeds
data in an extremely fragile manner However this fragility opens a new direction toward an
information-alteration protective system such as a Digital Certificate Document System
The most novel point among others is that no authentication bureau is needed If it is
implemented people can send their digital certificate data to any place in the world through
Internet No one can forge alter nor tamper such certificate data If forged altered or
tampered it is easily detected by the extraction program
Stated somewhat more formally the objective for making steganographic encoding difficult
to detect is to ensure that the changes to the carrier (the original signal) due to the injection of
the payload (the signal to covertly embed) are visually (and ideally statistically) negligible
that is to say the changes are indistinguishable from the noise floor of the carrier Any
medium can be a carrier but media with a large amount of redundant or compressible
information are better suited
From an information theoretical point of view this means that the channel must have more
capacity than the surface signal requires that is there must be redundancy For a digital
image this may be noise from the imaging element for digital audio it may be noise from
recording techniques or amplification equipment In general electronics that digitize an
analog signal suffer from several noise sources such as thermal noise flicker noise and shot
27
noise This noise provides enough variation in the captured digital information that it can be
exploited as a noise cover for hidden data In addition lossy compression schemes (such as
JPEG) always introduce some error into the decompressed data it is possible to exploit this
for steganographic use as well
Steganography can be used for digital watermarking where a message (being simply an
identifier) is hidden in an image so that its source can be tracked or verified (for example
Coded Anti-Piracy) or even just to identify an image (as in the EURion constellation)
113 Access control system for digital content distribution
In this area embedded data is hidden but is explained to publicize the contentToday
digital contents are getting more and more commonly distributed by Internet than ever before
For example music companies release new albums on their Webpage in a free or charged
manner However in this case all the contents are equally distributed to the people who
accessed the page So an ordinary Web distribution scheme is not suited for a case-by-case
and selective distribution Of course it is always possible to attach digital content to e-mail
messages and send to the customers But it will takes a lot of cost in time and labor
If you have some valuable content which you think it is okay to provide others if they really
need it and if it is possible to upload such content on the Web in some covert manner And if
you can issue a special access key to extract the content selectively you will be very happy
about it A steganographic scheme can help realize a this type of system
We have developed a prototype of an Access Control System for digital content
distribution through Internet The following steps explain the scheme
(1) A content owner classify hisher digital contents in a folder-by-folder manner and embed
the whole folders in some large vessel according to a steganographic method using folder
access keys and upload the embedded vessel (stego data) on hisher own Webpage
(2) On that Webpage the owner explains the contents in depth and publicize worldwide The
contact information to the owner (post mail address e-mail address phone number etc) will
be posted there
(3) The owner may receive an access-request from a customer who watched that Webpage In
that case the owner may (or may not) creates an access key and provide it to the customer
(free or charged)
28
In this mechanism the most important point is a selective extraction is possible or notWe
have already developed such a selective extraction program to implement the system
114 Media Database systems
In this application area of steganography secrecy is not important but unifying two types of
data into one is the most importantMedia data (photo picture movie music etc) have some
association with other information A photo picture for instance may have the following
(1) The title of the picture and some physical object information
(2) The date and the time when the picture was taken
(3) The camera and the photographers information
Formerly these are annotated beside the each picture in the albumRecently almost all
cameras are digitalized They are cheap in price easy to use quick to shoot They eventually
made people feel reluctant to work on annotating each picture Now most home PCs are
stuck with the huge amount of photo files In this situation it is very hard to find a specific
shot in the piles of pictures A photo album software may help a little You can sort the
pictures and put a couple of annotation words to each photo When you want to find a
specific picture you can make a search by keywords for the target picture However the
annotation data in such software are not unified with the target pictures Each annotation only
has a link to the picture Therefore when you transfer the pictures to a different album
software all the annotation data are lost
This problem is technically referred to as Metadata (eg annotation data) in a media
database system (a photo album software) are separated from the media data (photo data) in
the database managing system (DBMS) This is a big problem
Steganography can solve this problem because a steganography program unifies two types of
data into one by way of embedding operation So metadata can easily be transferred from
one system to another without hitch Specifically you can embed all your goodbad memory
(of your sight-seeing trip) in each snap shot of the digital photo You can either send the
embedded picture to your friend to extract your memory on hisher PC or you may keep it
silent in your own PC to enjoy extracting the memory ten years after If a motion picture
steganography system has been developed in the near future a keyword based movie-scene
retrieving system will be implemented It will be a step to a semantic movie retrieval system
29
12CONCLUSION
In this paper we tried to give an all-round view of steganography both used to exchange
messages and watermarking First we gave an outline of the problem telling also some of the
history of this quickly developing field Then we showed the different techniques invented
from the simplest to the more complex ones trying to evaluate them under many points of
view Major emphasis was put on data hiding in images for the techniques involved are
usually more mature than the corresponding ones for other kinds of informations Image
encoding algorithms can also be representative for manipulation of other types of media like
voice text binary files binary files communication channels etc
The strength of our system resides in the new concept of key image Involving two images
(the cover and the key) in place of only one (the cover) we are able to change the cover
coefficients randomly This opportunity does not give a steganalytic tool the chance of
searching for a predictable set of modifications The proposed approach has many
applications in hiding and coding messages within standard medias such as images or videos
As future work we intend to study steganalytic techniques for ISC and to extend ISC to
mobile video communication
Then we gave an outline of the problems involved with watermarking a field that has come
into light after the development of broadband worldwide digital networks Steganography and
digital watermarking are undergoing a development process similar to that of encryption
Steganographyrsquos niche in security is to supplement cryptography and not to replace it There
is a continuous invention of new techniques for steganography followed by successful
breakings and new improvements of them
30
13REFERENCES
Neil F Johnson Sushil Jajodia George Mason University Exploring
Steganography Seeing the Unseen IEEE Computers February 1998 pp 26-34
W Bender D Gruhl N Morimoto A Lu Techniques for Data Hiding IBM
Systems Journal Vol 35
Ross Anderson Roger Needham Adi Shamir The Steganographic File System 2nd
Information Hiding Workshop 1998
Ross J Anderson Fabien AP Petitcolas On the limits of steganographyrdquo
W Bender D Gruhl N Morimoto and A Lu ldquoTechniques for data hidingrdquo IBM
Syst J vol 35 1996
I J Cox J Kilian T Leighton and T Shamoon ldquoSecure spread spectrum
watermarking for images audio and videordquo in Proc IEEE Int Conf Image
Processing Lausanne Switzerland Sept 1996 vol 111 pp 243ndash246
D Kahn The CodebreakersmdashThe Story of Secret Writing New York Scribner
1967
F Johnson and S Jajodia ldquoExploring steganography Seeing the unseenrdquo IEEE
Computer Mag pp 26ndash34 Feb 1998
B Pfitzmann ldquoTrials of traced traitorsrdquo in Information Hiding First International
Workshop Lecture Notes in Computer Science R Anderson Ed Berlin Germany
Springer-Verlag 1996 vol 1 pp 49ndash64
J R Smith and B O Comisky ldquoModulation and information hiding in imagesrdquo in
Information Hiding First International Workshop Lecture Notes in Computer
Science R Anderson Ed Berlin Germany Springer-Verlag 1996 vol 1174 pp
207ndash226
L M Marvel and C G Boncelet Jr ldquoCapacity of the additive steganographic
channelrdquo submitted for publication
R van Schyndel A Tirkel and C Osborne ldquoA digital watermarkrdquo in Proc IEEE Int
Conf Image Processing 1994 vol 2 pp 86ndash90
R B Wolfgang and E J Delp ldquoA watermark for digital imagesrdquo in Proc IEEE Int
Conf Image Processing Lausanne Switzerland Sept 1996 vol 111 pp 219ndash222
31
- 84 Countermeasures and detection
- Detection of physical steganography requires careful physical examination including the use of magnification developer chemicals and ultraviolet light It is a time-consuming process with obvious resource implications even in countries where large numbers of people are employed to spy on their fellow nationals However it is feasible to screen mail of certain suspected individuals or institutions such as prisons or prisoner-of-war (POW) camps During World War II a technology used to ease monitoring of POW mail was specially treated paper that would reveal invisible ink An article in the June 24 1948 issue of Paper Trade Journal by the Technical Director of the United States Government Printing Office Morris S Kantrowitz describes in general terms the development of this paper three prototypes of which were named Sensicoat Anilith and Coatalith paper These were for the manufacture of post cards and stationery to be given to German prisoners of war in the US and Canada If POWs tried to write a hidden message the special paper would render it visible At least two US patents were granted related to this technology one to Mr Kantrowitz No 2515232 Water-Detecting paper and Water-Detecting Coating Composition Therefor patented July 18 1950 and an earlier one Moisture-Sensitive Paper and the Manufacture Thereof No 2445586 patented July 20 1948 A similar strategy is to issue prisoners with writing paper ruled with a water-soluble ink that runs when in contact with a water-based invisible ink
-
When considering an image in which to hide information you must consider the image as
well as the palette Obviously an image with large areas of solid colors is a poor choice as
variances created from the embedded massage will be noticeable in the solid areas
73 Data embedded security system
The choice of embedding algorithm in the most cases is driven by the results of the
steganographic channel robustness analysis One of the areas that improves steganographic
robustness is usage of a key scheme for embedding messagesVarious key steganographic
schemes have various levels of protection Key scheme term means a procedure of how to use
key steganographic system based on the extent of its use However when the steganographic
robustness is increased a bandwidth of the whole embedding system is decreased Therefore
the task of a scheme selection for achieving the optimal values of the steganographic system
is not trivial
Embedding messages in steganographic system can be carried out without use of a key or
with use of a key To improve steganographic robustness key can be used as a verification
option It can make an impact on the distribution of bits of a message within a container as
well as an impact on the procedure of forming a sequence of embedded bits of a message
The first level of protection is determined only by the choice of embedding algorithm This
may be the least significant bits modification algorithm or algorithms for modifying the
frequency or spatial-temporal characteristics of the container The first level of protection is
presented in any steganographic channel Steganographic system in this case can be
represented as shown at The First Protection Level Scheme figure There following notations
are used c - is a container file F - steganographic channel space (frequency orand amplitude
container part that is available for steganographic modification and message signal
transmission) SC - steganographic system m - message to be embedded E - embedding
method ĉ - modified container file
The second protection level of the steganographic system as well as all levels of protection
of the higher orders is characterized by the use of Key (password) via steganographic
modification An example of a simple key scheme which provides a second level of
protection is to write the unmodified or modified password in the top or bottom of the
message or the distribution of the password sign on the entire length of the steganographic
channel Such key schemes do not affect the distribution of messages through the container
and do not use a message preprocessing according to the defined key (see figure The Second
14
Protection Level Scheme) This kind of steganographic systems are used in such tasks as for
instance adding a digital signature for proof of copyright Data embedding performance is
not changed in comparison with the fastest approach of the first protection level usage
Steganographic data channels that use key schemes based distribution of a message through
the container and or preprocessing of an embedded message for data hiding are more secure
When the third protection level key scheme is used it affects the distribution of a message
through the container (see figure The Third Protection Level Scheme where F(P L) ndash
distribution function of a message within a container P ndash minimum number of container
samples that are needed to embed one message sample L ndash step of a message distribution
within a container) Accordingly the performance of container processing will be lower than
in the case of the first and the second key schemes Taking into account that PgeL the
simplest representation of the F(P L) function could be as following
F(P L) = cycleL + stepP
where cycle is a number of the current L section and step is a number of the embedded
message sample
The difference between the fourth protection level scheme and the third one is that in
steganographic system there are two distribution functions of a message within a container
are used The first is responsible for a message samples selection according to some function
G(Q N) and the second function F(P L) is responsible for position selection in a container
for message sample hiding Here Q ndash the size of message block to be inserted N ndash the size (in
bits) of one sample of the message file (see figure The Fourth Protection Level Scheme)
8CONCEALMENT IN DIGITAL IMAGES
Information can be hidden many different ways in images To hide information straight
message insertion may encode every bit of information in the message or selectively embed
the message in ldquonoisyrdquo areas that draw less attention- those areas where there is a great deal
of natural color variation The message may also be scattered randomly throughout the
image Redundant pattern encoding ldquowallpapersrdquo the cover image with the message
Image based Steganography is the most popular method for message concealment In this
paper two techniques are proposed for enhancing the message secrecy using image based
steganography The first technique is based on the use of punctuation marks to encode a
secret message before embedding it into the image file The second technique is based on the
15
use of modified scytale cipher to hide a secret message in an image file Both of these
techniques have been implemented and tested using the S-Tools software package The
original and stego-images both are shown for the purpose of comparison
A number of ways exist to hide information in digital images Common approaches include
1048766 Least significant bit (LSB) insertion
1048766 Masking and filtering
1048766 Algorithms and transformations
81Least significant bit insertion
Least significant Bit insertion is a common simple approach to embedding information in a
cover file To hide an image in the LSBs of each byte of a 24-bit image you can store 3 bits
in each pixel A 1024 768 image has the potential to hide a total of 2359296 bits of
information Ti you compress the message to be hidden before you embed it you can hide a
large amount of information To the human eye the resulting stego-image will look identical
to the cover image
82Masking and Filtering
Masking and filtering techniques usually restricted to 24-bit and tray-scale images hide
information by marking an image in a manner similar to paper watermarks Watermarking
techniques may be applied without fear of image destruction due to lossy compression
because they are more integrated into the image
Visible watermarks are not steganography by definition The difference is primarily one of
intent Traditional steganography conceals information watermarks extend information and
become an attribute of the cover image Digital watermarks may include such information as
copyright ownership or license In steganography the object of communication is the hidden
message In digital watermarking the object of communication is the cover
To create a watermarked image we increase the luminance of the masked area by 15
percent If we were to change the luminance by a smaller percentage the mask would be
undetected by the human eye Now we can use the watermarked image to hide plaintext or
encoded information
Masking is more robust than LSB insertion with respect to compression cropping and some
image processing Masking techniques embed information in more significant areas so that
16
the hidden message is more integral to the cover image than just hiding it in the ldquonoiserdquo level
This makes it more suitable than LSB with lossy JPEG images
83Algorithms and Transformations
LSB manipulation is a quick and easy way to hide information but is vulnerable to small
changes resulting from image processing or lossy compression Such compression is a key
advantage that JPEG images have over other formats High quality images can be stored in
relatively small files using JPEG compression method
One steganographic method that integrates the compression algorithm for hiding the
information is Jpeg-Jsteg Jpeg-Jsteg creates a JPEG stego image from the input of a message
to be hidden and a lossless cover mage
Another method used in Patchwork and similar techniques is the redundant pattern encoding
Here the hidden information is scattered throughout the cover mage These approaches may
help protect against image processing such as cropping and rotations and they hide
information more thoroughly than by simply masking They also support image manipulation
more readily than tools that rely on LSB In using redundant pattern encoding you must trade
off message size against robustness A large message may be embedded only once because it
would occupy a much greater portion of the image area
Other techniques encrypt and scatter the hidden data throughout an image Scattering the
message makes it appear more like noise Proponents of this approach assume that even if the
message bits are extracted they will be useless without the algorithm and stego-key to
decode them Scattering and encryption helps protect against hidden message extraction but
not against message destruction through image processing A scattered message in the
imagersquos LSBs is still as vulnerable to destruction from lossy compression and image
processing as is a clear text message inserted in the LSBs
84 Countermeasures and detection
Detection of physical steganography requires careful physical examination including the use
of magnification developer chemicals and ultraviolet light It is a time-consuming process
with obvious resource implications even in countries where large numbers of people are
employed to spy on their fellow nationals However it is feasible to screen mail of certain
suspected individuals or institutions such as prisons or prisoner-of-war (POW) camps
During World War II a technology used to ease monitoring of POW mail was specially
17
treated paper that would reveal invisible ink An article in the June 24 1948 issue of Paper
Trade Journal by the Technical Director of the United States Government Printing Office
Morris S Kantrowitz describes in general terms the development of this paper three
prototypes of which were named Sensicoat Anilith and Coatalith paper These were for the
manufacture of post cards and stationery to be given to German prisoners of war in the US
and Canada If POWs tried to write a hidden message the special paper would render it
visible At least two US patents were granted related to this technology one to Mr
Kantrowitz No 2515232 Water-Detecting paper and Water-Detecting Coating
Composition Therefor patented July 18 1950 and an earlier one Moisture-Sensitive Paper
and the Manufacture Thereof No 2445586 patented July 20 1948 A similar strategy is to
issue prisoners with writing paper ruled with a water-soluble ink that runs when in contact
with a water-based invisible ink
In computing detection of steganographically encoded packages is called steganalysis The
simplest method to detect modified files however is to compare them to known originals
For example to detect information being moved through the graphics on a website an analyst
can maintain known-clean copies of these materials and compare them against the current
contents of the site The differences assuming the carrier is the same will compose the
payload In general using extremely high compression rate makes steganography difficult
but not impossible While compression errors provide a hiding place for data high
compression reduces the amount of data available to hide the payload in raising the encoding
density and facilitating easier detection (in the extreme case even by casual observation)
9 LEAST SIGNIFICANT BIT (LSB) INSERTION
91Technique basics
Today when converting an analog image to digital format we usually choose between three
different ways of representing colors
1048766 24-bit color every pixel can have one in 2^24 colors and these are represented as different
quantities of three basic colors red (R) green (G) blue (B) given by 8 bits (256 values)
each
18
1048766 8-bit color every pixel can have one in 256 (2^8) colors chosen from a palette or a table
of colors
1048766 8-bit gray-scale every pixel can have one in 256 (2^8) shades of gray
LSB insertion modifies the LSBs of each color in 24-bit images or the LSBs of the 8-bit
value for 8-bit images
92Data Rate
The most basic of LSBs insertion for 24-bit pictures inserts 3 bitspixel Since every pixel is
24 bits we can hide
3 hidden-bitspixel 24 data-bitspixel = 18 hidden-bitsdatabits
So for this case we hide 1 bit of the embedded message for every 8 bits of the cover image If
we pushed the insertion to include the second LSBs the formula would change to
6 hidden-bitspixel 24 data-bitspixel = 28 hidden-bitsdatabits
And we would hide 2 bits of the embedded message for every 8 bits of the cover image
Adding a third-bit insertion we would get
9 hidden-bitspixel 24 data-bitspixel = 38 hidden-bitsdatabits
Acquiring a data rate of 3 embedded bits every 8 bits of the image The data rate for insertion
in 8-bit images is analogous to the 1 LSB insertion in 24-bit images or 1 embedded bit every
8 cover bits We can see the problem in another light and ask how many cover bytes are
needed to send an embedded byte
For 1-LSB insertion in 24-bit images or in 8-bit images this value would be 818 = 8 Bytes
For 2-LSBs insertion in 24-bit pictures it would be 828 = 4 Bytes for 3-LSBs insertion it
would be 838 = 2133 Bytes
93Robustness
LSB insertion is very vulnerable to a lot of transformationseven the most harmless and usual
ones Lossy compression eg JPEG is very likely to destroy it completely The problem is
that the holes in the Human Visual System that LSB insertion tries to exploit ndash little
sensitivity to added noise - are the same that lossy compression algorithms rely on to be able
to reduce the data rate of images
19
Geometrical transformations moving the pixels around and especially message and the only
one that could allow recovery is a simple translation Any other kind of picture
transformation like blurring or other effects usually will destroy the hidden data All in all
LSB insertion is a very little robust technique for data hiding displacing them from the
original grid are likely to destroy the embedded
94Ease of detectionextraction
There is no theoretical outstanding mark of LSB insertion if not a little increase of
background noise Itrsquos very easy instead to extract LSBs even with simple programs and to
check them later to find if they mean something or not
95Suitability for steganography or watermarking
First of all since it is a so vulnerable technique even for simple processing LSB insertion is
almost useless for digital watermarking where it must face malicious attempts at its
destruction plus normal transformations like compressiondecompression or conversion to
analog (printing or visualization)conversion to digital (scanning) Its comparatively high data
rate can point it as a good technique for steganography where robustness is not such an
important constraint
96Problems and possible solutions
Having stated that LSB insertion is good for steganography we can try to improve one of its
major drawbacks the ease of extraction We donrsquot want that a malicious attacker be able to
read everything we are sending
This is usually accomplished with two complementary techniques
Encryption of the message so that who extracts it must also decrypt it before it makes
sense
Randomizing the placement of the bits using a cryptographical random function
(scattering) so that itrsquos almost impossible to rebuild the message without knowing the
seed for the random function
In this way the message is protected by two different keys acquiring much more
confidentiality than before This approach protects also the integrity of the message being
much more difficult (we could say at least computationally infeasible) to counterfeit the
message
20
Anyway since we donrsquot want our message to be only an encrypted and scrambled message
we must go back to the purpose of making the communication hidden
The two most important issues in this problem are
The choice of images
The choice of the format (24-bit or 8-bit compressed or not)
The cover image first of all must seem casual so it must be chosen between a set of subjects
that can have a reason to be exchanged between the source and the receiver Then it must
have quite varying colors it must be noisy so that the added noise is going to be covered
by the already present one Wide solid-color areas imagnify very much any little amount of
noise added to them Second there is a problem with the file size which involves the choice
of the format Unusually big files exchanged between two peers in fact are likely to arise
suspicion
To solve this problem it has been studied a modification to the JPEG algorithm that inserts
LSBs in some of the lossless stages or pilots the rounding of the coefficients of the DCT used
to compress the image to encode the bits Since we need to have small image file sizes we
should resort in using 8-bit images if we want to communicate using LSB insertion because
their size is more likely to be considered as normal
The problem with 256 colors images is that they make use of an indexed palette and
changing a LSB means that we switch a pixel from a position to an adjacent one If there are
adjacent contrasting colors in the palette it can happen that a pixel in the image changes its
color abruptly and the hidden message becomes visible
To solve this problem different methods have been studied like rearranging the palette so
that adjacent colors donrsquot contrast so much or even reducing the palette to a smaller number
of colors and replicating the same entry in the table in adjacent positions so that the
difference after the embedding of the message is not visible at all
Moreover for most images the reduction of colors from for instance 256 to 32 is hardly
visible Most of the experts anyway advise to use 8-bit grayscale images since their palette
is much less varying than the color one so LSB insertion is going to be very hard to detect by
the human eye
21
10SSIS - SPREAD SPECTRUM IMAGE STEGANOGRAPHY
Techniques of error-control coding image restoration and those similar to spread spectrum
communication are combined within the SSIS system The fundamental concept is the
embedding of the hidden information within noise which is then added to a digital cover
image This noise is typical of the noise inherent to the image acquisition process and if kept
at low levels is not perceptible to the human eye or by computer analysis without access to
the original image To successfully decode the message image restoration techniques and
error-control coding are employed Image restoration is used to obtain an approximate
estimate of the original cover image from the stegoimage This promotes the estimation of the
embedded signal that was added to the cover in addition to allowing SSIS to be a blind
steganography scheme
Finally because the noise is of low power and the restoration process is not perfect the
estimation of the embedded signal is poor resulting in an embedded signal bit error rate
(BER) that is rather high To compensate the message signal is processed by a low-rate
error-correcting code before embedding This conglomeration of communication and image
processing techniques provides a method of reliable blind image steganography
The major processes of the stegosystem encoder are portrayed Within the system the
message is optionally encrypted with key 1 and then encoded via a low-rate
errorcorrectingcode producing the encoded message Thesender enters key 2 into a wideband
pseudorandom noise generator producing a real-valued noise sequence sequently the
modulation scheme is used to combine the message with the noise sequence thereby
composing the embedded signal which is then input into an interleaver using key 3 This
signal is now added with the cover image to produce the stegoimage which is appropriately
quantized and clipped to preserve the initial dynamic range of the cover image The
stegoimage is then transmitted in some manner to the recipient At the receiver the
stegoimage is received by the recipient who maintains the same keys as the sender uses the
stegosystem decoder to extract the hidden information The decoder uses image restoration
techniques to produce an estimate of the original cover image from the received
stegoimage The difference between and
is fed into a keyed deinterleaver to construct an estimate of the embedded signal With key
2 the noise sequence is regenerated the encoded message is then demodulated and an
estimate of the encoded message is constructed The estimate of the message is then
22
decoded via the low-rate errorcontrol decoder optionally decrypted using key 1 and revealed
to the recipient
The interleaver in this scheme which reorders the embedded signal before it is added to the
cover image serves a dual function The first is to prevent a group or burst of errors This
allows the errors to occur almost independently within a codeword thus giving the error-
correcting code an equal chance at correcting the errors in all codewords Second since the
interleaver requires a key to stipulate the interleaving algorithm this key can serve as another
level of security to establish the proper order of the embedded signal before decoding
We point out this technique as an example for spread spectrum data-hiding methods Spread
spectrum techniques are now widely used in military radio communications due to their very
high robustness to detection and extraction SSIS is a quite mature process and its aim is to
achieve low detectability ease of extraction high data rate and good robustness to removal It
is based on spread spectrum techniques but it enhances them by adding other encoding steps
FigSSIS encoder
23
FigSSIS decoder
101Technique basics
The core of SSIS is a spread spectrum encoder These devices work by modulating a narrow
band signal over a carrier The carrierrsquos frequency is continually shifted using a
pseudorandom noise generator fed with a secret key In this way the spectral energy of the
signal is spread over a wide band thus decreasing its density usually under the noise level
To extract the embedded message the receiver must use the same key and noise generator to
tune on the right frequencies and demodulate the original signal A casual observer wonrsquot be
able even to detect the hidden communication since it is under the noise level
102Data Rate
The data rate for this technique can be fairly high but it depends on the choices made for the
different parameters of the encoding We can assume that the message will be compressed
before embedding to allow for a higher capacity The ECC encoder instead is going to insert
redundant data into the stream to be able to correct the errors The more errors we want to
correct the more bits will be added Then we have a tradeoff between good retrieval and
capacity If we can allow for small glitches in the recovered message then we can use a
weaker encoding
Moreover the more data we want to insert in the image the more noise we are going to add
to it Then if our cover is not noisy we will be able to hide very little data while if we
choose a noisy one its capacity will be higher Experiments with 512x512 grey scale images
(256 KB) could embed from 500 bytes to 5KB depending on the cover These experiments
used a spread spectrum signal powerful enough to give almost total error-free retrieval
because the compression method adopted didnrsquot allow for any errors This means a data rate
24
varying from 1 hidden-bytes50 cover-bytes to 10 hiddenbytes 50 cover-bytes a rate
surpassed only by LSB insertion
103Robustness
Spread spectrum techniques are usually quite robust Every transformation that adds noise to
the image isnrsquot able to destroy the message Anyway a determined attacker can quite easily
compromise the embedded data using some digital processing like for examplenoise
reduction filters the same that are used in decoding to estimate the original cover
104Ease of detectionextraction
Spread spectrum encoding is widely used in military communications for its robustness
against detection An attacker canrsquot usually even know if the message was embedded and
anyway it will be very hard for him to extract it without knowing the right key2 and key3
105Suitability for steganography or watermarking
Due to its fairly high capacity and low ease of detection and extraction SISS is very good for
steganography
106Problems and possible solutions
The basic tradeoff in using SSIS is between the error rate we can afford and the amount of
informations we want to embed that varies in turn the power of the added noise The ECC is
used to allow for a lower power without increasing the Bit Error Rate as well
Further improvements will deal with improving the original cover estimate stage so that itrsquoll
lead to a lower Bit Error Rate in the recovered signal allowing to use less redundant ECCs
The first is redundant encoding by dividing the cover into blocks and embedding the same
message in each of them so that the hidden data can be extracted even from a part of the
image as big as one block but the more of it we have the more certain we can be about the
result
Moreover they added to the spectrum a template that can through a log-polar transform
applied to the spectrum of the stegoimage determine the original scale factor and orientation
of the image rendering the stego-message virtually immune to scaling and rotation Finally
spread spectrum techniques can add an adaptive perceptual masking filter before the insertion
of the signal so that the added noise is quite sure to be under perceptual limits This
25
however will increase the error rate in the retrieval because it reduces the power of the
embedded signal
11Applications of Steganography
Steganography is applicable to but not limited to the following areas
1) Confidential communication and secret data storing
2) Protection of data alteration
3) Access control system for digital content distribution
4) Media Database systems
The area differs in what feature of the steganography is utilized in each system
111 Confidential communication and secret data storing
The secrecy of the embedded data is essential in this areaHistorically steganography have
been approached in this area Steganography provides us with
(A) Potential capability to hide the existence of confidential data
(B) Hardness of detecting the hidden (ie embedded) data
(C) Strengthening of the secrecy of the encrypted data
In practice when you use some steganography you must first select a vessel data according
to the size of the embedding data The vessel should be innocuous Then you embed the
confidential data by using an embedding program (which is one component of the
steganography software) together with some key When extracting you (or your party) use an
extracting program (another component) to recover the embedded data by the same key
( common key in terms of cryptography) In this case you need a key negotiation before
you start communication
Attaching a stego file to an e-mail message is the simplest example in this application area
But you and your party must do a sending-and-receiving action that could be noticed by a
third party So e-mailing is not a completely secret communication methodThere is an easy
method that has no key-negotiation We have a model of Anonymous Covert Mailing
System There is some other communication method that uses the Internet Webpage In this
26
method you dont need to send anything to your party and no one can detect your
communication
Each secrecy based application needs an embedding process which leaves the smallest
embedding evidence You may follow the following
(A) Choose a large vessel larger the better compared with the embedding data
(B) Discard the original vessel after embedding
For example in the case of Qtech Hide amp View it leaves some latent embedding evidence
even if the vessel has a very large embedding capacity You are recommended to embed only
25 or less (for PNG BMP output) of the maximum capacity or only 3 of the vessel size
(for JPEG output)
112 Protection of data alteration
We take advantage of the fragility of the embedded data in this application area
The embedded data can rather be fragile than be very robust Actually embedded data are
fragile in most steganography programs Especially Qtech Hide amp View program embeds
data in an extremely fragile manner However this fragility opens a new direction toward an
information-alteration protective system such as a Digital Certificate Document System
The most novel point among others is that no authentication bureau is needed If it is
implemented people can send their digital certificate data to any place in the world through
Internet No one can forge alter nor tamper such certificate data If forged altered or
tampered it is easily detected by the extraction program
Stated somewhat more formally the objective for making steganographic encoding difficult
to detect is to ensure that the changes to the carrier (the original signal) due to the injection of
the payload (the signal to covertly embed) are visually (and ideally statistically) negligible
that is to say the changes are indistinguishable from the noise floor of the carrier Any
medium can be a carrier but media with a large amount of redundant or compressible
information are better suited
From an information theoretical point of view this means that the channel must have more
capacity than the surface signal requires that is there must be redundancy For a digital
image this may be noise from the imaging element for digital audio it may be noise from
recording techniques or amplification equipment In general electronics that digitize an
analog signal suffer from several noise sources such as thermal noise flicker noise and shot
27
noise This noise provides enough variation in the captured digital information that it can be
exploited as a noise cover for hidden data In addition lossy compression schemes (such as
JPEG) always introduce some error into the decompressed data it is possible to exploit this
for steganographic use as well
Steganography can be used for digital watermarking where a message (being simply an
identifier) is hidden in an image so that its source can be tracked or verified (for example
Coded Anti-Piracy) or even just to identify an image (as in the EURion constellation)
113 Access control system for digital content distribution
In this area embedded data is hidden but is explained to publicize the contentToday
digital contents are getting more and more commonly distributed by Internet than ever before
For example music companies release new albums on their Webpage in a free or charged
manner However in this case all the contents are equally distributed to the people who
accessed the page So an ordinary Web distribution scheme is not suited for a case-by-case
and selective distribution Of course it is always possible to attach digital content to e-mail
messages and send to the customers But it will takes a lot of cost in time and labor
If you have some valuable content which you think it is okay to provide others if they really
need it and if it is possible to upload such content on the Web in some covert manner And if
you can issue a special access key to extract the content selectively you will be very happy
about it A steganographic scheme can help realize a this type of system
We have developed a prototype of an Access Control System for digital content
distribution through Internet The following steps explain the scheme
(1) A content owner classify hisher digital contents in a folder-by-folder manner and embed
the whole folders in some large vessel according to a steganographic method using folder
access keys and upload the embedded vessel (stego data) on hisher own Webpage
(2) On that Webpage the owner explains the contents in depth and publicize worldwide The
contact information to the owner (post mail address e-mail address phone number etc) will
be posted there
(3) The owner may receive an access-request from a customer who watched that Webpage In
that case the owner may (or may not) creates an access key and provide it to the customer
(free or charged)
28
In this mechanism the most important point is a selective extraction is possible or notWe
have already developed such a selective extraction program to implement the system
114 Media Database systems
In this application area of steganography secrecy is not important but unifying two types of
data into one is the most importantMedia data (photo picture movie music etc) have some
association with other information A photo picture for instance may have the following
(1) The title of the picture and some physical object information
(2) The date and the time when the picture was taken
(3) The camera and the photographers information
Formerly these are annotated beside the each picture in the albumRecently almost all
cameras are digitalized They are cheap in price easy to use quick to shoot They eventually
made people feel reluctant to work on annotating each picture Now most home PCs are
stuck with the huge amount of photo files In this situation it is very hard to find a specific
shot in the piles of pictures A photo album software may help a little You can sort the
pictures and put a couple of annotation words to each photo When you want to find a
specific picture you can make a search by keywords for the target picture However the
annotation data in such software are not unified with the target pictures Each annotation only
has a link to the picture Therefore when you transfer the pictures to a different album
software all the annotation data are lost
This problem is technically referred to as Metadata (eg annotation data) in a media
database system (a photo album software) are separated from the media data (photo data) in
the database managing system (DBMS) This is a big problem
Steganography can solve this problem because a steganography program unifies two types of
data into one by way of embedding operation So metadata can easily be transferred from
one system to another without hitch Specifically you can embed all your goodbad memory
(of your sight-seeing trip) in each snap shot of the digital photo You can either send the
embedded picture to your friend to extract your memory on hisher PC or you may keep it
silent in your own PC to enjoy extracting the memory ten years after If a motion picture
steganography system has been developed in the near future a keyword based movie-scene
retrieving system will be implemented It will be a step to a semantic movie retrieval system
29
12CONCLUSION
In this paper we tried to give an all-round view of steganography both used to exchange
messages and watermarking First we gave an outline of the problem telling also some of the
history of this quickly developing field Then we showed the different techniques invented
from the simplest to the more complex ones trying to evaluate them under many points of
view Major emphasis was put on data hiding in images for the techniques involved are
usually more mature than the corresponding ones for other kinds of informations Image
encoding algorithms can also be representative for manipulation of other types of media like
voice text binary files binary files communication channels etc
The strength of our system resides in the new concept of key image Involving two images
(the cover and the key) in place of only one (the cover) we are able to change the cover
coefficients randomly This opportunity does not give a steganalytic tool the chance of
searching for a predictable set of modifications The proposed approach has many
applications in hiding and coding messages within standard medias such as images or videos
As future work we intend to study steganalytic techniques for ISC and to extend ISC to
mobile video communication
Then we gave an outline of the problems involved with watermarking a field that has come
into light after the development of broadband worldwide digital networks Steganography and
digital watermarking are undergoing a development process similar to that of encryption
Steganographyrsquos niche in security is to supplement cryptography and not to replace it There
is a continuous invention of new techniques for steganography followed by successful
breakings and new improvements of them
30
13REFERENCES
Neil F Johnson Sushil Jajodia George Mason University Exploring
Steganography Seeing the Unseen IEEE Computers February 1998 pp 26-34
W Bender D Gruhl N Morimoto A Lu Techniques for Data Hiding IBM
Systems Journal Vol 35
Ross Anderson Roger Needham Adi Shamir The Steganographic File System 2nd
Information Hiding Workshop 1998
Ross J Anderson Fabien AP Petitcolas On the limits of steganographyrdquo
W Bender D Gruhl N Morimoto and A Lu ldquoTechniques for data hidingrdquo IBM
Syst J vol 35 1996
I J Cox J Kilian T Leighton and T Shamoon ldquoSecure spread spectrum
watermarking for images audio and videordquo in Proc IEEE Int Conf Image
Processing Lausanne Switzerland Sept 1996 vol 111 pp 243ndash246
D Kahn The CodebreakersmdashThe Story of Secret Writing New York Scribner
1967
F Johnson and S Jajodia ldquoExploring steganography Seeing the unseenrdquo IEEE
Computer Mag pp 26ndash34 Feb 1998
B Pfitzmann ldquoTrials of traced traitorsrdquo in Information Hiding First International
Workshop Lecture Notes in Computer Science R Anderson Ed Berlin Germany
Springer-Verlag 1996 vol 1 pp 49ndash64
J R Smith and B O Comisky ldquoModulation and information hiding in imagesrdquo in
Information Hiding First International Workshop Lecture Notes in Computer
Science R Anderson Ed Berlin Germany Springer-Verlag 1996 vol 1174 pp
207ndash226
L M Marvel and C G Boncelet Jr ldquoCapacity of the additive steganographic
channelrdquo submitted for publication
R van Schyndel A Tirkel and C Osborne ldquoA digital watermarkrdquo in Proc IEEE Int
Conf Image Processing 1994 vol 2 pp 86ndash90
R B Wolfgang and E J Delp ldquoA watermark for digital imagesrdquo in Proc IEEE Int
Conf Image Processing Lausanne Switzerland Sept 1996 vol 111 pp 219ndash222
31
- 84 Countermeasures and detection
- Detection of physical steganography requires careful physical examination including the use of magnification developer chemicals and ultraviolet light It is a time-consuming process with obvious resource implications even in countries where large numbers of people are employed to spy on their fellow nationals However it is feasible to screen mail of certain suspected individuals or institutions such as prisons or prisoner-of-war (POW) camps During World War II a technology used to ease monitoring of POW mail was specially treated paper that would reveal invisible ink An article in the June 24 1948 issue of Paper Trade Journal by the Technical Director of the United States Government Printing Office Morris S Kantrowitz describes in general terms the development of this paper three prototypes of which were named Sensicoat Anilith and Coatalith paper These were for the manufacture of post cards and stationery to be given to German prisoners of war in the US and Canada If POWs tried to write a hidden message the special paper would render it visible At least two US patents were granted related to this technology one to Mr Kantrowitz No 2515232 Water-Detecting paper and Water-Detecting Coating Composition Therefor patented July 18 1950 and an earlier one Moisture-Sensitive Paper and the Manufacture Thereof No 2445586 patented July 20 1948 A similar strategy is to issue prisoners with writing paper ruled with a water-soluble ink that runs when in contact with a water-based invisible ink
-
Protection Level Scheme) This kind of steganographic systems are used in such tasks as for
instance adding a digital signature for proof of copyright Data embedding performance is
not changed in comparison with the fastest approach of the first protection level usage
Steganographic data channels that use key schemes based distribution of a message through
the container and or preprocessing of an embedded message for data hiding are more secure
When the third protection level key scheme is used it affects the distribution of a message
through the container (see figure The Third Protection Level Scheme where F(P L) ndash
distribution function of a message within a container P ndash minimum number of container
samples that are needed to embed one message sample L ndash step of a message distribution
within a container) Accordingly the performance of container processing will be lower than
in the case of the first and the second key schemes Taking into account that PgeL the
simplest representation of the F(P L) function could be as following
F(P L) = cycleL + stepP
where cycle is a number of the current L section and step is a number of the embedded
message sample
The difference between the fourth protection level scheme and the third one is that in
steganographic system there are two distribution functions of a message within a container
are used The first is responsible for a message samples selection according to some function
G(Q N) and the second function F(P L) is responsible for position selection in a container
for message sample hiding Here Q ndash the size of message block to be inserted N ndash the size (in
bits) of one sample of the message file (see figure The Fourth Protection Level Scheme)
8CONCEALMENT IN DIGITAL IMAGES
Information can be hidden many different ways in images To hide information straight
message insertion may encode every bit of information in the message or selectively embed
the message in ldquonoisyrdquo areas that draw less attention- those areas where there is a great deal
of natural color variation The message may also be scattered randomly throughout the
image Redundant pattern encoding ldquowallpapersrdquo the cover image with the message
Image based Steganography is the most popular method for message concealment In this
paper two techniques are proposed for enhancing the message secrecy using image based
steganography The first technique is based on the use of punctuation marks to encode a
secret message before embedding it into the image file The second technique is based on the
15
use of modified scytale cipher to hide a secret message in an image file Both of these
techniques have been implemented and tested using the S-Tools software package The
original and stego-images both are shown for the purpose of comparison
A number of ways exist to hide information in digital images Common approaches include
1048766 Least significant bit (LSB) insertion
1048766 Masking and filtering
1048766 Algorithms and transformations
81Least significant bit insertion
Least significant Bit insertion is a common simple approach to embedding information in a
cover file To hide an image in the LSBs of each byte of a 24-bit image you can store 3 bits
in each pixel A 1024 768 image has the potential to hide a total of 2359296 bits of
information Ti you compress the message to be hidden before you embed it you can hide a
large amount of information To the human eye the resulting stego-image will look identical
to the cover image
82Masking and Filtering
Masking and filtering techniques usually restricted to 24-bit and tray-scale images hide
information by marking an image in a manner similar to paper watermarks Watermarking
techniques may be applied without fear of image destruction due to lossy compression
because they are more integrated into the image
Visible watermarks are not steganography by definition The difference is primarily one of
intent Traditional steganography conceals information watermarks extend information and
become an attribute of the cover image Digital watermarks may include such information as
copyright ownership or license In steganography the object of communication is the hidden
message In digital watermarking the object of communication is the cover
To create a watermarked image we increase the luminance of the masked area by 15
percent If we were to change the luminance by a smaller percentage the mask would be
undetected by the human eye Now we can use the watermarked image to hide plaintext or
encoded information
Masking is more robust than LSB insertion with respect to compression cropping and some
image processing Masking techniques embed information in more significant areas so that
16
the hidden message is more integral to the cover image than just hiding it in the ldquonoiserdquo level
This makes it more suitable than LSB with lossy JPEG images
83Algorithms and Transformations
LSB manipulation is a quick and easy way to hide information but is vulnerable to small
changes resulting from image processing or lossy compression Such compression is a key
advantage that JPEG images have over other formats High quality images can be stored in
relatively small files using JPEG compression method
One steganographic method that integrates the compression algorithm for hiding the
information is Jpeg-Jsteg Jpeg-Jsteg creates a JPEG stego image from the input of a message
to be hidden and a lossless cover mage
Another method used in Patchwork and similar techniques is the redundant pattern encoding
Here the hidden information is scattered throughout the cover mage These approaches may
help protect against image processing such as cropping and rotations and they hide
information more thoroughly than by simply masking They also support image manipulation
more readily than tools that rely on LSB In using redundant pattern encoding you must trade
off message size against robustness A large message may be embedded only once because it
would occupy a much greater portion of the image area
Other techniques encrypt and scatter the hidden data throughout an image Scattering the
message makes it appear more like noise Proponents of this approach assume that even if the
message bits are extracted they will be useless without the algorithm and stego-key to
decode them Scattering and encryption helps protect against hidden message extraction but
not against message destruction through image processing A scattered message in the
imagersquos LSBs is still as vulnerable to destruction from lossy compression and image
processing as is a clear text message inserted in the LSBs
84 Countermeasures and detection
Detection of physical steganography requires careful physical examination including the use
of magnification developer chemicals and ultraviolet light It is a time-consuming process
with obvious resource implications even in countries where large numbers of people are
employed to spy on their fellow nationals However it is feasible to screen mail of certain
suspected individuals or institutions such as prisons or prisoner-of-war (POW) camps
During World War II a technology used to ease monitoring of POW mail was specially
17
treated paper that would reveal invisible ink An article in the June 24 1948 issue of Paper
Trade Journal by the Technical Director of the United States Government Printing Office
Morris S Kantrowitz describes in general terms the development of this paper three
prototypes of which were named Sensicoat Anilith and Coatalith paper These were for the
manufacture of post cards and stationery to be given to German prisoners of war in the US
and Canada If POWs tried to write a hidden message the special paper would render it
visible At least two US patents were granted related to this technology one to Mr
Kantrowitz No 2515232 Water-Detecting paper and Water-Detecting Coating
Composition Therefor patented July 18 1950 and an earlier one Moisture-Sensitive Paper
and the Manufacture Thereof No 2445586 patented July 20 1948 A similar strategy is to
issue prisoners with writing paper ruled with a water-soluble ink that runs when in contact
with a water-based invisible ink
In computing detection of steganographically encoded packages is called steganalysis The
simplest method to detect modified files however is to compare them to known originals
For example to detect information being moved through the graphics on a website an analyst
can maintain known-clean copies of these materials and compare them against the current
contents of the site The differences assuming the carrier is the same will compose the
payload In general using extremely high compression rate makes steganography difficult
but not impossible While compression errors provide a hiding place for data high
compression reduces the amount of data available to hide the payload in raising the encoding
density and facilitating easier detection (in the extreme case even by casual observation)
9 LEAST SIGNIFICANT BIT (LSB) INSERTION
91Technique basics
Today when converting an analog image to digital format we usually choose between three
different ways of representing colors
1048766 24-bit color every pixel can have one in 2^24 colors and these are represented as different
quantities of three basic colors red (R) green (G) blue (B) given by 8 bits (256 values)
each
18
1048766 8-bit color every pixel can have one in 256 (2^8) colors chosen from a palette or a table
of colors
1048766 8-bit gray-scale every pixel can have one in 256 (2^8) shades of gray
LSB insertion modifies the LSBs of each color in 24-bit images or the LSBs of the 8-bit
value for 8-bit images
92Data Rate
The most basic of LSBs insertion for 24-bit pictures inserts 3 bitspixel Since every pixel is
24 bits we can hide
3 hidden-bitspixel 24 data-bitspixel = 18 hidden-bitsdatabits
So for this case we hide 1 bit of the embedded message for every 8 bits of the cover image If
we pushed the insertion to include the second LSBs the formula would change to
6 hidden-bitspixel 24 data-bitspixel = 28 hidden-bitsdatabits
And we would hide 2 bits of the embedded message for every 8 bits of the cover image
Adding a third-bit insertion we would get
9 hidden-bitspixel 24 data-bitspixel = 38 hidden-bitsdatabits
Acquiring a data rate of 3 embedded bits every 8 bits of the image The data rate for insertion
in 8-bit images is analogous to the 1 LSB insertion in 24-bit images or 1 embedded bit every
8 cover bits We can see the problem in another light and ask how many cover bytes are
needed to send an embedded byte
For 1-LSB insertion in 24-bit images or in 8-bit images this value would be 818 = 8 Bytes
For 2-LSBs insertion in 24-bit pictures it would be 828 = 4 Bytes for 3-LSBs insertion it
would be 838 = 2133 Bytes
93Robustness
LSB insertion is very vulnerable to a lot of transformationseven the most harmless and usual
ones Lossy compression eg JPEG is very likely to destroy it completely The problem is
that the holes in the Human Visual System that LSB insertion tries to exploit ndash little
sensitivity to added noise - are the same that lossy compression algorithms rely on to be able
to reduce the data rate of images
19
Geometrical transformations moving the pixels around and especially message and the only
one that could allow recovery is a simple translation Any other kind of picture
transformation like blurring or other effects usually will destroy the hidden data All in all
LSB insertion is a very little robust technique for data hiding displacing them from the
original grid are likely to destroy the embedded
94Ease of detectionextraction
There is no theoretical outstanding mark of LSB insertion if not a little increase of
background noise Itrsquos very easy instead to extract LSBs even with simple programs and to
check them later to find if they mean something or not
95Suitability for steganography or watermarking
First of all since it is a so vulnerable technique even for simple processing LSB insertion is
almost useless for digital watermarking where it must face malicious attempts at its
destruction plus normal transformations like compressiondecompression or conversion to
analog (printing or visualization)conversion to digital (scanning) Its comparatively high data
rate can point it as a good technique for steganography where robustness is not such an
important constraint
96Problems and possible solutions
Having stated that LSB insertion is good for steganography we can try to improve one of its
major drawbacks the ease of extraction We donrsquot want that a malicious attacker be able to
read everything we are sending
This is usually accomplished with two complementary techniques
Encryption of the message so that who extracts it must also decrypt it before it makes
sense
Randomizing the placement of the bits using a cryptographical random function
(scattering) so that itrsquos almost impossible to rebuild the message without knowing the
seed for the random function
In this way the message is protected by two different keys acquiring much more
confidentiality than before This approach protects also the integrity of the message being
much more difficult (we could say at least computationally infeasible) to counterfeit the
message
20
Anyway since we donrsquot want our message to be only an encrypted and scrambled message
we must go back to the purpose of making the communication hidden
The two most important issues in this problem are
The choice of images
The choice of the format (24-bit or 8-bit compressed or not)
The cover image first of all must seem casual so it must be chosen between a set of subjects
that can have a reason to be exchanged between the source and the receiver Then it must
have quite varying colors it must be noisy so that the added noise is going to be covered
by the already present one Wide solid-color areas imagnify very much any little amount of
noise added to them Second there is a problem with the file size which involves the choice
of the format Unusually big files exchanged between two peers in fact are likely to arise
suspicion
To solve this problem it has been studied a modification to the JPEG algorithm that inserts
LSBs in some of the lossless stages or pilots the rounding of the coefficients of the DCT used
to compress the image to encode the bits Since we need to have small image file sizes we
should resort in using 8-bit images if we want to communicate using LSB insertion because
their size is more likely to be considered as normal
The problem with 256 colors images is that they make use of an indexed palette and
changing a LSB means that we switch a pixel from a position to an adjacent one If there are
adjacent contrasting colors in the palette it can happen that a pixel in the image changes its
color abruptly and the hidden message becomes visible
To solve this problem different methods have been studied like rearranging the palette so
that adjacent colors donrsquot contrast so much or even reducing the palette to a smaller number
of colors and replicating the same entry in the table in adjacent positions so that the
difference after the embedding of the message is not visible at all
Moreover for most images the reduction of colors from for instance 256 to 32 is hardly
visible Most of the experts anyway advise to use 8-bit grayscale images since their palette
is much less varying than the color one so LSB insertion is going to be very hard to detect by
the human eye
21
10SSIS - SPREAD SPECTRUM IMAGE STEGANOGRAPHY
Techniques of error-control coding image restoration and those similar to spread spectrum
communication are combined within the SSIS system The fundamental concept is the
embedding of the hidden information within noise which is then added to a digital cover
image This noise is typical of the noise inherent to the image acquisition process and if kept
at low levels is not perceptible to the human eye or by computer analysis without access to
the original image To successfully decode the message image restoration techniques and
error-control coding are employed Image restoration is used to obtain an approximate
estimate of the original cover image from the stegoimage This promotes the estimation of the
embedded signal that was added to the cover in addition to allowing SSIS to be a blind
steganography scheme
Finally because the noise is of low power and the restoration process is not perfect the
estimation of the embedded signal is poor resulting in an embedded signal bit error rate
(BER) that is rather high To compensate the message signal is processed by a low-rate
error-correcting code before embedding This conglomeration of communication and image
processing techniques provides a method of reliable blind image steganography
The major processes of the stegosystem encoder are portrayed Within the system the
message is optionally encrypted with key 1 and then encoded via a low-rate
errorcorrectingcode producing the encoded message Thesender enters key 2 into a wideband
pseudorandom noise generator producing a real-valued noise sequence sequently the
modulation scheme is used to combine the message with the noise sequence thereby
composing the embedded signal which is then input into an interleaver using key 3 This
signal is now added with the cover image to produce the stegoimage which is appropriately
quantized and clipped to preserve the initial dynamic range of the cover image The
stegoimage is then transmitted in some manner to the recipient At the receiver the
stegoimage is received by the recipient who maintains the same keys as the sender uses the
stegosystem decoder to extract the hidden information The decoder uses image restoration
techniques to produce an estimate of the original cover image from the received
stegoimage The difference between and
is fed into a keyed deinterleaver to construct an estimate of the embedded signal With key
2 the noise sequence is regenerated the encoded message is then demodulated and an
estimate of the encoded message is constructed The estimate of the message is then
22
decoded via the low-rate errorcontrol decoder optionally decrypted using key 1 and revealed
to the recipient
The interleaver in this scheme which reorders the embedded signal before it is added to the
cover image serves a dual function The first is to prevent a group or burst of errors This
allows the errors to occur almost independently within a codeword thus giving the error-
correcting code an equal chance at correcting the errors in all codewords Second since the
interleaver requires a key to stipulate the interleaving algorithm this key can serve as another
level of security to establish the proper order of the embedded signal before decoding
We point out this technique as an example for spread spectrum data-hiding methods Spread
spectrum techniques are now widely used in military radio communications due to their very
high robustness to detection and extraction SSIS is a quite mature process and its aim is to
achieve low detectability ease of extraction high data rate and good robustness to removal It
is based on spread spectrum techniques but it enhances them by adding other encoding steps
FigSSIS encoder
23
FigSSIS decoder
101Technique basics
The core of SSIS is a spread spectrum encoder These devices work by modulating a narrow
band signal over a carrier The carrierrsquos frequency is continually shifted using a
pseudorandom noise generator fed with a secret key In this way the spectral energy of the
signal is spread over a wide band thus decreasing its density usually under the noise level
To extract the embedded message the receiver must use the same key and noise generator to
tune on the right frequencies and demodulate the original signal A casual observer wonrsquot be
able even to detect the hidden communication since it is under the noise level
102Data Rate
The data rate for this technique can be fairly high but it depends on the choices made for the
different parameters of the encoding We can assume that the message will be compressed
before embedding to allow for a higher capacity The ECC encoder instead is going to insert
redundant data into the stream to be able to correct the errors The more errors we want to
correct the more bits will be added Then we have a tradeoff between good retrieval and
capacity If we can allow for small glitches in the recovered message then we can use a
weaker encoding
Moreover the more data we want to insert in the image the more noise we are going to add
to it Then if our cover is not noisy we will be able to hide very little data while if we
choose a noisy one its capacity will be higher Experiments with 512x512 grey scale images
(256 KB) could embed from 500 bytes to 5KB depending on the cover These experiments
used a spread spectrum signal powerful enough to give almost total error-free retrieval
because the compression method adopted didnrsquot allow for any errors This means a data rate
24
varying from 1 hidden-bytes50 cover-bytes to 10 hiddenbytes 50 cover-bytes a rate
surpassed only by LSB insertion
103Robustness
Spread spectrum techniques are usually quite robust Every transformation that adds noise to
the image isnrsquot able to destroy the message Anyway a determined attacker can quite easily
compromise the embedded data using some digital processing like for examplenoise
reduction filters the same that are used in decoding to estimate the original cover
104Ease of detectionextraction
Spread spectrum encoding is widely used in military communications for its robustness
against detection An attacker canrsquot usually even know if the message was embedded and
anyway it will be very hard for him to extract it without knowing the right key2 and key3
105Suitability for steganography or watermarking
Due to its fairly high capacity and low ease of detection and extraction SISS is very good for
steganography
106Problems and possible solutions
The basic tradeoff in using SSIS is between the error rate we can afford and the amount of
informations we want to embed that varies in turn the power of the added noise The ECC is
used to allow for a lower power without increasing the Bit Error Rate as well
Further improvements will deal with improving the original cover estimate stage so that itrsquoll
lead to a lower Bit Error Rate in the recovered signal allowing to use less redundant ECCs
The first is redundant encoding by dividing the cover into blocks and embedding the same
message in each of them so that the hidden data can be extracted even from a part of the
image as big as one block but the more of it we have the more certain we can be about the
result
Moreover they added to the spectrum a template that can through a log-polar transform
applied to the spectrum of the stegoimage determine the original scale factor and orientation
of the image rendering the stego-message virtually immune to scaling and rotation Finally
spread spectrum techniques can add an adaptive perceptual masking filter before the insertion
of the signal so that the added noise is quite sure to be under perceptual limits This
25
however will increase the error rate in the retrieval because it reduces the power of the
embedded signal
11Applications of Steganography
Steganography is applicable to but not limited to the following areas
1) Confidential communication and secret data storing
2) Protection of data alteration
3) Access control system for digital content distribution
4) Media Database systems
The area differs in what feature of the steganography is utilized in each system
111 Confidential communication and secret data storing
The secrecy of the embedded data is essential in this areaHistorically steganography have
been approached in this area Steganography provides us with
(A) Potential capability to hide the existence of confidential data
(B) Hardness of detecting the hidden (ie embedded) data
(C) Strengthening of the secrecy of the encrypted data
In practice when you use some steganography you must first select a vessel data according
to the size of the embedding data The vessel should be innocuous Then you embed the
confidential data by using an embedding program (which is one component of the
steganography software) together with some key When extracting you (or your party) use an
extracting program (another component) to recover the embedded data by the same key
( common key in terms of cryptography) In this case you need a key negotiation before
you start communication
Attaching a stego file to an e-mail message is the simplest example in this application area
But you and your party must do a sending-and-receiving action that could be noticed by a
third party So e-mailing is not a completely secret communication methodThere is an easy
method that has no key-negotiation We have a model of Anonymous Covert Mailing
System There is some other communication method that uses the Internet Webpage In this
26
method you dont need to send anything to your party and no one can detect your
communication
Each secrecy based application needs an embedding process which leaves the smallest
embedding evidence You may follow the following
(A) Choose a large vessel larger the better compared with the embedding data
(B) Discard the original vessel after embedding
For example in the case of Qtech Hide amp View it leaves some latent embedding evidence
even if the vessel has a very large embedding capacity You are recommended to embed only
25 or less (for PNG BMP output) of the maximum capacity or only 3 of the vessel size
(for JPEG output)
112 Protection of data alteration
We take advantage of the fragility of the embedded data in this application area
The embedded data can rather be fragile than be very robust Actually embedded data are
fragile in most steganography programs Especially Qtech Hide amp View program embeds
data in an extremely fragile manner However this fragility opens a new direction toward an
information-alteration protective system such as a Digital Certificate Document System
The most novel point among others is that no authentication bureau is needed If it is
implemented people can send their digital certificate data to any place in the world through
Internet No one can forge alter nor tamper such certificate data If forged altered or
tampered it is easily detected by the extraction program
Stated somewhat more formally the objective for making steganographic encoding difficult
to detect is to ensure that the changes to the carrier (the original signal) due to the injection of
the payload (the signal to covertly embed) are visually (and ideally statistically) negligible
that is to say the changes are indistinguishable from the noise floor of the carrier Any
medium can be a carrier but media with a large amount of redundant or compressible
information are better suited
From an information theoretical point of view this means that the channel must have more
capacity than the surface signal requires that is there must be redundancy For a digital
image this may be noise from the imaging element for digital audio it may be noise from
recording techniques or amplification equipment In general electronics that digitize an
analog signal suffer from several noise sources such as thermal noise flicker noise and shot
27
noise This noise provides enough variation in the captured digital information that it can be
exploited as a noise cover for hidden data In addition lossy compression schemes (such as
JPEG) always introduce some error into the decompressed data it is possible to exploit this
for steganographic use as well
Steganography can be used for digital watermarking where a message (being simply an
identifier) is hidden in an image so that its source can be tracked or verified (for example
Coded Anti-Piracy) or even just to identify an image (as in the EURion constellation)
113 Access control system for digital content distribution
In this area embedded data is hidden but is explained to publicize the contentToday
digital contents are getting more and more commonly distributed by Internet than ever before
For example music companies release new albums on their Webpage in a free or charged
manner However in this case all the contents are equally distributed to the people who
accessed the page So an ordinary Web distribution scheme is not suited for a case-by-case
and selective distribution Of course it is always possible to attach digital content to e-mail
messages and send to the customers But it will takes a lot of cost in time and labor
If you have some valuable content which you think it is okay to provide others if they really
need it and if it is possible to upload such content on the Web in some covert manner And if
you can issue a special access key to extract the content selectively you will be very happy
about it A steganographic scheme can help realize a this type of system
We have developed a prototype of an Access Control System for digital content
distribution through Internet The following steps explain the scheme
(1) A content owner classify hisher digital contents in a folder-by-folder manner and embed
the whole folders in some large vessel according to a steganographic method using folder
access keys and upload the embedded vessel (stego data) on hisher own Webpage
(2) On that Webpage the owner explains the contents in depth and publicize worldwide The
contact information to the owner (post mail address e-mail address phone number etc) will
be posted there
(3) The owner may receive an access-request from a customer who watched that Webpage In
that case the owner may (or may not) creates an access key and provide it to the customer
(free or charged)
28
In this mechanism the most important point is a selective extraction is possible or notWe
have already developed such a selective extraction program to implement the system
114 Media Database systems
In this application area of steganography secrecy is not important but unifying two types of
data into one is the most importantMedia data (photo picture movie music etc) have some
association with other information A photo picture for instance may have the following
(1) The title of the picture and some physical object information
(2) The date and the time when the picture was taken
(3) The camera and the photographers information
Formerly these are annotated beside the each picture in the albumRecently almost all
cameras are digitalized They are cheap in price easy to use quick to shoot They eventually
made people feel reluctant to work on annotating each picture Now most home PCs are
stuck with the huge amount of photo files In this situation it is very hard to find a specific
shot in the piles of pictures A photo album software may help a little You can sort the
pictures and put a couple of annotation words to each photo When you want to find a
specific picture you can make a search by keywords for the target picture However the
annotation data in such software are not unified with the target pictures Each annotation only
has a link to the picture Therefore when you transfer the pictures to a different album
software all the annotation data are lost
This problem is technically referred to as Metadata (eg annotation data) in a media
database system (a photo album software) are separated from the media data (photo data) in
the database managing system (DBMS) This is a big problem
Steganography can solve this problem because a steganography program unifies two types of
data into one by way of embedding operation So metadata can easily be transferred from
one system to another without hitch Specifically you can embed all your goodbad memory
(of your sight-seeing trip) in each snap shot of the digital photo You can either send the
embedded picture to your friend to extract your memory on hisher PC or you may keep it
silent in your own PC to enjoy extracting the memory ten years after If a motion picture
steganography system has been developed in the near future a keyword based movie-scene
retrieving system will be implemented It will be a step to a semantic movie retrieval system
29
12CONCLUSION
In this paper we tried to give an all-round view of steganography both used to exchange
messages and watermarking First we gave an outline of the problem telling also some of the
history of this quickly developing field Then we showed the different techniques invented
from the simplest to the more complex ones trying to evaluate them under many points of
view Major emphasis was put on data hiding in images for the techniques involved are
usually more mature than the corresponding ones for other kinds of informations Image
encoding algorithms can also be representative for manipulation of other types of media like
voice text binary files binary files communication channels etc
The strength of our system resides in the new concept of key image Involving two images
(the cover and the key) in place of only one (the cover) we are able to change the cover
coefficients randomly This opportunity does not give a steganalytic tool the chance of
searching for a predictable set of modifications The proposed approach has many
applications in hiding and coding messages within standard medias such as images or videos
As future work we intend to study steganalytic techniques for ISC and to extend ISC to
mobile video communication
Then we gave an outline of the problems involved with watermarking a field that has come
into light after the development of broadband worldwide digital networks Steganography and
digital watermarking are undergoing a development process similar to that of encryption
Steganographyrsquos niche in security is to supplement cryptography and not to replace it There
is a continuous invention of new techniques for steganography followed by successful
breakings and new improvements of them
30
13REFERENCES
Neil F Johnson Sushil Jajodia George Mason University Exploring
Steganography Seeing the Unseen IEEE Computers February 1998 pp 26-34
W Bender D Gruhl N Morimoto A Lu Techniques for Data Hiding IBM
Systems Journal Vol 35
Ross Anderson Roger Needham Adi Shamir The Steganographic File System 2nd
Information Hiding Workshop 1998
Ross J Anderson Fabien AP Petitcolas On the limits of steganographyrdquo
W Bender D Gruhl N Morimoto and A Lu ldquoTechniques for data hidingrdquo IBM
Syst J vol 35 1996
I J Cox J Kilian T Leighton and T Shamoon ldquoSecure spread spectrum
watermarking for images audio and videordquo in Proc IEEE Int Conf Image
Processing Lausanne Switzerland Sept 1996 vol 111 pp 243ndash246
D Kahn The CodebreakersmdashThe Story of Secret Writing New York Scribner
1967
F Johnson and S Jajodia ldquoExploring steganography Seeing the unseenrdquo IEEE
Computer Mag pp 26ndash34 Feb 1998
B Pfitzmann ldquoTrials of traced traitorsrdquo in Information Hiding First International
Workshop Lecture Notes in Computer Science R Anderson Ed Berlin Germany
Springer-Verlag 1996 vol 1 pp 49ndash64
J R Smith and B O Comisky ldquoModulation and information hiding in imagesrdquo in
Information Hiding First International Workshop Lecture Notes in Computer
Science R Anderson Ed Berlin Germany Springer-Verlag 1996 vol 1174 pp
207ndash226
L M Marvel and C G Boncelet Jr ldquoCapacity of the additive steganographic
channelrdquo submitted for publication
R van Schyndel A Tirkel and C Osborne ldquoA digital watermarkrdquo in Proc IEEE Int
Conf Image Processing 1994 vol 2 pp 86ndash90
R B Wolfgang and E J Delp ldquoA watermark for digital imagesrdquo in Proc IEEE Int
Conf Image Processing Lausanne Switzerland Sept 1996 vol 111 pp 219ndash222
31
- 84 Countermeasures and detection
- Detection of physical steganography requires careful physical examination including the use of magnification developer chemicals and ultraviolet light It is a time-consuming process with obvious resource implications even in countries where large numbers of people are employed to spy on their fellow nationals However it is feasible to screen mail of certain suspected individuals or institutions such as prisons or prisoner-of-war (POW) camps During World War II a technology used to ease monitoring of POW mail was specially treated paper that would reveal invisible ink An article in the June 24 1948 issue of Paper Trade Journal by the Technical Director of the United States Government Printing Office Morris S Kantrowitz describes in general terms the development of this paper three prototypes of which were named Sensicoat Anilith and Coatalith paper These were for the manufacture of post cards and stationery to be given to German prisoners of war in the US and Canada If POWs tried to write a hidden message the special paper would render it visible At least two US patents were granted related to this technology one to Mr Kantrowitz No 2515232 Water-Detecting paper and Water-Detecting Coating Composition Therefor patented July 18 1950 and an earlier one Moisture-Sensitive Paper and the Manufacture Thereof No 2445586 patented July 20 1948 A similar strategy is to issue prisoners with writing paper ruled with a water-soluble ink that runs when in contact with a water-based invisible ink
-
use of modified scytale cipher to hide a secret message in an image file Both of these
techniques have been implemented and tested using the S-Tools software package The
original and stego-images both are shown for the purpose of comparison
A number of ways exist to hide information in digital images Common approaches include
1048766 Least significant bit (LSB) insertion
1048766 Masking and filtering
1048766 Algorithms and transformations
81Least significant bit insertion
Least significant Bit insertion is a common simple approach to embedding information in a
cover file To hide an image in the LSBs of each byte of a 24-bit image you can store 3 bits
in each pixel A 1024 768 image has the potential to hide a total of 2359296 bits of
information Ti you compress the message to be hidden before you embed it you can hide a
large amount of information To the human eye the resulting stego-image will look identical
to the cover image
82Masking and Filtering
Masking and filtering techniques usually restricted to 24-bit and tray-scale images hide
information by marking an image in a manner similar to paper watermarks Watermarking
techniques may be applied without fear of image destruction due to lossy compression
because they are more integrated into the image
Visible watermarks are not steganography by definition The difference is primarily one of
intent Traditional steganography conceals information watermarks extend information and
become an attribute of the cover image Digital watermarks may include such information as
copyright ownership or license In steganography the object of communication is the hidden
message In digital watermarking the object of communication is the cover
To create a watermarked image we increase the luminance of the masked area by 15
percent If we were to change the luminance by a smaller percentage the mask would be
undetected by the human eye Now we can use the watermarked image to hide plaintext or
encoded information
Masking is more robust than LSB insertion with respect to compression cropping and some
image processing Masking techniques embed information in more significant areas so that
16
the hidden message is more integral to the cover image than just hiding it in the ldquonoiserdquo level
This makes it more suitable than LSB with lossy JPEG images
83Algorithms and Transformations
LSB manipulation is a quick and easy way to hide information but is vulnerable to small
changes resulting from image processing or lossy compression Such compression is a key
advantage that JPEG images have over other formats High quality images can be stored in
relatively small files using JPEG compression method
One steganographic method that integrates the compression algorithm for hiding the
information is Jpeg-Jsteg Jpeg-Jsteg creates a JPEG stego image from the input of a message
to be hidden and a lossless cover mage
Another method used in Patchwork and similar techniques is the redundant pattern encoding
Here the hidden information is scattered throughout the cover mage These approaches may
help protect against image processing such as cropping and rotations and they hide
information more thoroughly than by simply masking They also support image manipulation
more readily than tools that rely on LSB In using redundant pattern encoding you must trade
off message size against robustness A large message may be embedded only once because it
would occupy a much greater portion of the image area
Other techniques encrypt and scatter the hidden data throughout an image Scattering the
message makes it appear more like noise Proponents of this approach assume that even if the
message bits are extracted they will be useless without the algorithm and stego-key to
decode them Scattering and encryption helps protect against hidden message extraction but
not against message destruction through image processing A scattered message in the
imagersquos LSBs is still as vulnerable to destruction from lossy compression and image
processing as is a clear text message inserted in the LSBs
84 Countermeasures and detection
Detection of physical steganography requires careful physical examination including the use
of magnification developer chemicals and ultraviolet light It is a time-consuming process
with obvious resource implications even in countries where large numbers of people are
employed to spy on their fellow nationals However it is feasible to screen mail of certain
suspected individuals or institutions such as prisons or prisoner-of-war (POW) camps
During World War II a technology used to ease monitoring of POW mail was specially
17
treated paper that would reveal invisible ink An article in the June 24 1948 issue of Paper
Trade Journal by the Technical Director of the United States Government Printing Office
Morris S Kantrowitz describes in general terms the development of this paper three
prototypes of which were named Sensicoat Anilith and Coatalith paper These were for the
manufacture of post cards and stationery to be given to German prisoners of war in the US
and Canada If POWs tried to write a hidden message the special paper would render it
visible At least two US patents were granted related to this technology one to Mr
Kantrowitz No 2515232 Water-Detecting paper and Water-Detecting Coating
Composition Therefor patented July 18 1950 and an earlier one Moisture-Sensitive Paper
and the Manufacture Thereof No 2445586 patented July 20 1948 A similar strategy is to
issue prisoners with writing paper ruled with a water-soluble ink that runs when in contact
with a water-based invisible ink
In computing detection of steganographically encoded packages is called steganalysis The
simplest method to detect modified files however is to compare them to known originals
For example to detect information being moved through the graphics on a website an analyst
can maintain known-clean copies of these materials and compare them against the current
contents of the site The differences assuming the carrier is the same will compose the
payload In general using extremely high compression rate makes steganography difficult
but not impossible While compression errors provide a hiding place for data high
compression reduces the amount of data available to hide the payload in raising the encoding
density and facilitating easier detection (in the extreme case even by casual observation)
9 LEAST SIGNIFICANT BIT (LSB) INSERTION
91Technique basics
Today when converting an analog image to digital format we usually choose between three
different ways of representing colors
1048766 24-bit color every pixel can have one in 2^24 colors and these are represented as different
quantities of three basic colors red (R) green (G) blue (B) given by 8 bits (256 values)
each
18
1048766 8-bit color every pixel can have one in 256 (2^8) colors chosen from a palette or a table
of colors
1048766 8-bit gray-scale every pixel can have one in 256 (2^8) shades of gray
LSB insertion modifies the LSBs of each color in 24-bit images or the LSBs of the 8-bit
value for 8-bit images
92Data Rate
The most basic of LSBs insertion for 24-bit pictures inserts 3 bitspixel Since every pixel is
24 bits we can hide
3 hidden-bitspixel 24 data-bitspixel = 18 hidden-bitsdatabits
So for this case we hide 1 bit of the embedded message for every 8 bits of the cover image If
we pushed the insertion to include the second LSBs the formula would change to
6 hidden-bitspixel 24 data-bitspixel = 28 hidden-bitsdatabits
And we would hide 2 bits of the embedded message for every 8 bits of the cover image
Adding a third-bit insertion we would get
9 hidden-bitspixel 24 data-bitspixel = 38 hidden-bitsdatabits
Acquiring a data rate of 3 embedded bits every 8 bits of the image The data rate for insertion
in 8-bit images is analogous to the 1 LSB insertion in 24-bit images or 1 embedded bit every
8 cover bits We can see the problem in another light and ask how many cover bytes are
needed to send an embedded byte
For 1-LSB insertion in 24-bit images or in 8-bit images this value would be 818 = 8 Bytes
For 2-LSBs insertion in 24-bit pictures it would be 828 = 4 Bytes for 3-LSBs insertion it
would be 838 = 2133 Bytes
93Robustness
LSB insertion is very vulnerable to a lot of transformationseven the most harmless and usual
ones Lossy compression eg JPEG is very likely to destroy it completely The problem is
that the holes in the Human Visual System that LSB insertion tries to exploit ndash little
sensitivity to added noise - are the same that lossy compression algorithms rely on to be able
to reduce the data rate of images
19
Geometrical transformations moving the pixels around and especially message and the only
one that could allow recovery is a simple translation Any other kind of picture
transformation like blurring or other effects usually will destroy the hidden data All in all
LSB insertion is a very little robust technique for data hiding displacing them from the
original grid are likely to destroy the embedded
94Ease of detectionextraction
There is no theoretical outstanding mark of LSB insertion if not a little increase of
background noise Itrsquos very easy instead to extract LSBs even with simple programs and to
check them later to find if they mean something or not
95Suitability for steganography or watermarking
First of all since it is a so vulnerable technique even for simple processing LSB insertion is
almost useless for digital watermarking where it must face malicious attempts at its
destruction plus normal transformations like compressiondecompression or conversion to
analog (printing or visualization)conversion to digital (scanning) Its comparatively high data
rate can point it as a good technique for steganography where robustness is not such an
important constraint
96Problems and possible solutions
Having stated that LSB insertion is good for steganography we can try to improve one of its
major drawbacks the ease of extraction We donrsquot want that a malicious attacker be able to
read everything we are sending
This is usually accomplished with two complementary techniques
Encryption of the message so that who extracts it must also decrypt it before it makes
sense
Randomizing the placement of the bits using a cryptographical random function
(scattering) so that itrsquos almost impossible to rebuild the message without knowing the
seed for the random function
In this way the message is protected by two different keys acquiring much more
confidentiality than before This approach protects also the integrity of the message being
much more difficult (we could say at least computationally infeasible) to counterfeit the
message
20
Anyway since we donrsquot want our message to be only an encrypted and scrambled message
we must go back to the purpose of making the communication hidden
The two most important issues in this problem are
The choice of images
The choice of the format (24-bit or 8-bit compressed or not)
The cover image first of all must seem casual so it must be chosen between a set of subjects
that can have a reason to be exchanged between the source and the receiver Then it must
have quite varying colors it must be noisy so that the added noise is going to be covered
by the already present one Wide solid-color areas imagnify very much any little amount of
noise added to them Second there is a problem with the file size which involves the choice
of the format Unusually big files exchanged between two peers in fact are likely to arise
suspicion
To solve this problem it has been studied a modification to the JPEG algorithm that inserts
LSBs in some of the lossless stages or pilots the rounding of the coefficients of the DCT used
to compress the image to encode the bits Since we need to have small image file sizes we
should resort in using 8-bit images if we want to communicate using LSB insertion because
their size is more likely to be considered as normal
The problem with 256 colors images is that they make use of an indexed palette and
changing a LSB means that we switch a pixel from a position to an adjacent one If there are
adjacent contrasting colors in the palette it can happen that a pixel in the image changes its
color abruptly and the hidden message becomes visible
To solve this problem different methods have been studied like rearranging the palette so
that adjacent colors donrsquot contrast so much or even reducing the palette to a smaller number
of colors and replicating the same entry in the table in adjacent positions so that the
difference after the embedding of the message is not visible at all
Moreover for most images the reduction of colors from for instance 256 to 32 is hardly
visible Most of the experts anyway advise to use 8-bit grayscale images since their palette
is much less varying than the color one so LSB insertion is going to be very hard to detect by
the human eye
21
10SSIS - SPREAD SPECTRUM IMAGE STEGANOGRAPHY
Techniques of error-control coding image restoration and those similar to spread spectrum
communication are combined within the SSIS system The fundamental concept is the
embedding of the hidden information within noise which is then added to a digital cover
image This noise is typical of the noise inherent to the image acquisition process and if kept
at low levels is not perceptible to the human eye or by computer analysis without access to
the original image To successfully decode the message image restoration techniques and
error-control coding are employed Image restoration is used to obtain an approximate
estimate of the original cover image from the stegoimage This promotes the estimation of the
embedded signal that was added to the cover in addition to allowing SSIS to be a blind
steganography scheme
Finally because the noise is of low power and the restoration process is not perfect the
estimation of the embedded signal is poor resulting in an embedded signal bit error rate
(BER) that is rather high To compensate the message signal is processed by a low-rate
error-correcting code before embedding This conglomeration of communication and image
processing techniques provides a method of reliable blind image steganography
The major processes of the stegosystem encoder are portrayed Within the system the
message is optionally encrypted with key 1 and then encoded via a low-rate
errorcorrectingcode producing the encoded message Thesender enters key 2 into a wideband
pseudorandom noise generator producing a real-valued noise sequence sequently the
modulation scheme is used to combine the message with the noise sequence thereby
composing the embedded signal which is then input into an interleaver using key 3 This
signal is now added with the cover image to produce the stegoimage which is appropriately
quantized and clipped to preserve the initial dynamic range of the cover image The
stegoimage is then transmitted in some manner to the recipient At the receiver the
stegoimage is received by the recipient who maintains the same keys as the sender uses the
stegosystem decoder to extract the hidden information The decoder uses image restoration
techniques to produce an estimate of the original cover image from the received
stegoimage The difference between and
is fed into a keyed deinterleaver to construct an estimate of the embedded signal With key
2 the noise sequence is regenerated the encoded message is then demodulated and an
estimate of the encoded message is constructed The estimate of the message is then
22
decoded via the low-rate errorcontrol decoder optionally decrypted using key 1 and revealed
to the recipient
The interleaver in this scheme which reorders the embedded signal before it is added to the
cover image serves a dual function The first is to prevent a group or burst of errors This
allows the errors to occur almost independently within a codeword thus giving the error-
correcting code an equal chance at correcting the errors in all codewords Second since the
interleaver requires a key to stipulate the interleaving algorithm this key can serve as another
level of security to establish the proper order of the embedded signal before decoding
We point out this technique as an example for spread spectrum data-hiding methods Spread
spectrum techniques are now widely used in military radio communications due to their very
high robustness to detection and extraction SSIS is a quite mature process and its aim is to
achieve low detectability ease of extraction high data rate and good robustness to removal It
is based on spread spectrum techniques but it enhances them by adding other encoding steps
FigSSIS encoder
23
FigSSIS decoder
101Technique basics
The core of SSIS is a spread spectrum encoder These devices work by modulating a narrow
band signal over a carrier The carrierrsquos frequency is continually shifted using a
pseudorandom noise generator fed with a secret key In this way the spectral energy of the
signal is spread over a wide band thus decreasing its density usually under the noise level
To extract the embedded message the receiver must use the same key and noise generator to
tune on the right frequencies and demodulate the original signal A casual observer wonrsquot be
able even to detect the hidden communication since it is under the noise level
102Data Rate
The data rate for this technique can be fairly high but it depends on the choices made for the
different parameters of the encoding We can assume that the message will be compressed
before embedding to allow for a higher capacity The ECC encoder instead is going to insert
redundant data into the stream to be able to correct the errors The more errors we want to
correct the more bits will be added Then we have a tradeoff between good retrieval and
capacity If we can allow for small glitches in the recovered message then we can use a
weaker encoding
Moreover the more data we want to insert in the image the more noise we are going to add
to it Then if our cover is not noisy we will be able to hide very little data while if we
choose a noisy one its capacity will be higher Experiments with 512x512 grey scale images
(256 KB) could embed from 500 bytes to 5KB depending on the cover These experiments
used a spread spectrum signal powerful enough to give almost total error-free retrieval
because the compression method adopted didnrsquot allow for any errors This means a data rate
24
varying from 1 hidden-bytes50 cover-bytes to 10 hiddenbytes 50 cover-bytes a rate
surpassed only by LSB insertion
103Robustness
Spread spectrum techniques are usually quite robust Every transformation that adds noise to
the image isnrsquot able to destroy the message Anyway a determined attacker can quite easily
compromise the embedded data using some digital processing like for examplenoise
reduction filters the same that are used in decoding to estimate the original cover
104Ease of detectionextraction
Spread spectrum encoding is widely used in military communications for its robustness
against detection An attacker canrsquot usually even know if the message was embedded and
anyway it will be very hard for him to extract it without knowing the right key2 and key3
105Suitability for steganography or watermarking
Due to its fairly high capacity and low ease of detection and extraction SISS is very good for
steganography
106Problems and possible solutions
The basic tradeoff in using SSIS is between the error rate we can afford and the amount of
informations we want to embed that varies in turn the power of the added noise The ECC is
used to allow for a lower power without increasing the Bit Error Rate as well
Further improvements will deal with improving the original cover estimate stage so that itrsquoll
lead to a lower Bit Error Rate in the recovered signal allowing to use less redundant ECCs
The first is redundant encoding by dividing the cover into blocks and embedding the same
message in each of them so that the hidden data can be extracted even from a part of the
image as big as one block but the more of it we have the more certain we can be about the
result
Moreover they added to the spectrum a template that can through a log-polar transform
applied to the spectrum of the stegoimage determine the original scale factor and orientation
of the image rendering the stego-message virtually immune to scaling and rotation Finally
spread spectrum techniques can add an adaptive perceptual masking filter before the insertion
of the signal so that the added noise is quite sure to be under perceptual limits This
25
however will increase the error rate in the retrieval because it reduces the power of the
embedded signal
11Applications of Steganography
Steganography is applicable to but not limited to the following areas
1) Confidential communication and secret data storing
2) Protection of data alteration
3) Access control system for digital content distribution
4) Media Database systems
The area differs in what feature of the steganography is utilized in each system
111 Confidential communication and secret data storing
The secrecy of the embedded data is essential in this areaHistorically steganography have
been approached in this area Steganography provides us with
(A) Potential capability to hide the existence of confidential data
(B) Hardness of detecting the hidden (ie embedded) data
(C) Strengthening of the secrecy of the encrypted data
In practice when you use some steganography you must first select a vessel data according
to the size of the embedding data The vessel should be innocuous Then you embed the
confidential data by using an embedding program (which is one component of the
steganography software) together with some key When extracting you (or your party) use an
extracting program (another component) to recover the embedded data by the same key
( common key in terms of cryptography) In this case you need a key negotiation before
you start communication
Attaching a stego file to an e-mail message is the simplest example in this application area
But you and your party must do a sending-and-receiving action that could be noticed by a
third party So e-mailing is not a completely secret communication methodThere is an easy
method that has no key-negotiation We have a model of Anonymous Covert Mailing
System There is some other communication method that uses the Internet Webpage In this
26
method you dont need to send anything to your party and no one can detect your
communication
Each secrecy based application needs an embedding process which leaves the smallest
embedding evidence You may follow the following
(A) Choose a large vessel larger the better compared with the embedding data
(B) Discard the original vessel after embedding
For example in the case of Qtech Hide amp View it leaves some latent embedding evidence
even if the vessel has a very large embedding capacity You are recommended to embed only
25 or less (for PNG BMP output) of the maximum capacity or only 3 of the vessel size
(for JPEG output)
112 Protection of data alteration
We take advantage of the fragility of the embedded data in this application area
The embedded data can rather be fragile than be very robust Actually embedded data are
fragile in most steganography programs Especially Qtech Hide amp View program embeds
data in an extremely fragile manner However this fragility opens a new direction toward an
information-alteration protective system such as a Digital Certificate Document System
The most novel point among others is that no authentication bureau is needed If it is
implemented people can send their digital certificate data to any place in the world through
Internet No one can forge alter nor tamper such certificate data If forged altered or
tampered it is easily detected by the extraction program
Stated somewhat more formally the objective for making steganographic encoding difficult
to detect is to ensure that the changes to the carrier (the original signal) due to the injection of
the payload (the signal to covertly embed) are visually (and ideally statistically) negligible
that is to say the changes are indistinguishable from the noise floor of the carrier Any
medium can be a carrier but media with a large amount of redundant or compressible
information are better suited
From an information theoretical point of view this means that the channel must have more
capacity than the surface signal requires that is there must be redundancy For a digital
image this may be noise from the imaging element for digital audio it may be noise from
recording techniques or amplification equipment In general electronics that digitize an
analog signal suffer from several noise sources such as thermal noise flicker noise and shot
27
noise This noise provides enough variation in the captured digital information that it can be
exploited as a noise cover for hidden data In addition lossy compression schemes (such as
JPEG) always introduce some error into the decompressed data it is possible to exploit this
for steganographic use as well
Steganography can be used for digital watermarking where a message (being simply an
identifier) is hidden in an image so that its source can be tracked or verified (for example
Coded Anti-Piracy) or even just to identify an image (as in the EURion constellation)
113 Access control system for digital content distribution
In this area embedded data is hidden but is explained to publicize the contentToday
digital contents are getting more and more commonly distributed by Internet than ever before
For example music companies release new albums on their Webpage in a free or charged
manner However in this case all the contents are equally distributed to the people who
accessed the page So an ordinary Web distribution scheme is not suited for a case-by-case
and selective distribution Of course it is always possible to attach digital content to e-mail
messages and send to the customers But it will takes a lot of cost in time and labor
If you have some valuable content which you think it is okay to provide others if they really
need it and if it is possible to upload such content on the Web in some covert manner And if
you can issue a special access key to extract the content selectively you will be very happy
about it A steganographic scheme can help realize a this type of system
We have developed a prototype of an Access Control System for digital content
distribution through Internet The following steps explain the scheme
(1) A content owner classify hisher digital contents in a folder-by-folder manner and embed
the whole folders in some large vessel according to a steganographic method using folder
access keys and upload the embedded vessel (stego data) on hisher own Webpage
(2) On that Webpage the owner explains the contents in depth and publicize worldwide The
contact information to the owner (post mail address e-mail address phone number etc) will
be posted there
(3) The owner may receive an access-request from a customer who watched that Webpage In
that case the owner may (or may not) creates an access key and provide it to the customer
(free or charged)
28
In this mechanism the most important point is a selective extraction is possible or notWe
have already developed such a selective extraction program to implement the system
114 Media Database systems
In this application area of steganography secrecy is not important but unifying two types of
data into one is the most importantMedia data (photo picture movie music etc) have some
association with other information A photo picture for instance may have the following
(1) The title of the picture and some physical object information
(2) The date and the time when the picture was taken
(3) The camera and the photographers information
Formerly these are annotated beside the each picture in the albumRecently almost all
cameras are digitalized They are cheap in price easy to use quick to shoot They eventually
made people feel reluctant to work on annotating each picture Now most home PCs are
stuck with the huge amount of photo files In this situation it is very hard to find a specific
shot in the piles of pictures A photo album software may help a little You can sort the
pictures and put a couple of annotation words to each photo When you want to find a
specific picture you can make a search by keywords for the target picture However the
annotation data in such software are not unified with the target pictures Each annotation only
has a link to the picture Therefore when you transfer the pictures to a different album
software all the annotation data are lost
This problem is technically referred to as Metadata (eg annotation data) in a media
database system (a photo album software) are separated from the media data (photo data) in
the database managing system (DBMS) This is a big problem
Steganography can solve this problem because a steganography program unifies two types of
data into one by way of embedding operation So metadata can easily be transferred from
one system to another without hitch Specifically you can embed all your goodbad memory
(of your sight-seeing trip) in each snap shot of the digital photo You can either send the
embedded picture to your friend to extract your memory on hisher PC or you may keep it
silent in your own PC to enjoy extracting the memory ten years after If a motion picture
steganography system has been developed in the near future a keyword based movie-scene
retrieving system will be implemented It will be a step to a semantic movie retrieval system
29
12CONCLUSION
In this paper we tried to give an all-round view of steganography both used to exchange
messages and watermarking First we gave an outline of the problem telling also some of the
history of this quickly developing field Then we showed the different techniques invented
from the simplest to the more complex ones trying to evaluate them under many points of
view Major emphasis was put on data hiding in images for the techniques involved are
usually more mature than the corresponding ones for other kinds of informations Image
encoding algorithms can also be representative for manipulation of other types of media like
voice text binary files binary files communication channels etc
The strength of our system resides in the new concept of key image Involving two images
(the cover and the key) in place of only one (the cover) we are able to change the cover
coefficients randomly This opportunity does not give a steganalytic tool the chance of
searching for a predictable set of modifications The proposed approach has many
applications in hiding and coding messages within standard medias such as images or videos
As future work we intend to study steganalytic techniques for ISC and to extend ISC to
mobile video communication
Then we gave an outline of the problems involved with watermarking a field that has come
into light after the development of broadband worldwide digital networks Steganography and
digital watermarking are undergoing a development process similar to that of encryption
Steganographyrsquos niche in security is to supplement cryptography and not to replace it There
is a continuous invention of new techniques for steganography followed by successful
breakings and new improvements of them
30
13REFERENCES
Neil F Johnson Sushil Jajodia George Mason University Exploring
Steganography Seeing the Unseen IEEE Computers February 1998 pp 26-34
W Bender D Gruhl N Morimoto A Lu Techniques for Data Hiding IBM
Systems Journal Vol 35
Ross Anderson Roger Needham Adi Shamir The Steganographic File System 2nd
Information Hiding Workshop 1998
Ross J Anderson Fabien AP Petitcolas On the limits of steganographyrdquo
W Bender D Gruhl N Morimoto and A Lu ldquoTechniques for data hidingrdquo IBM
Syst J vol 35 1996
I J Cox J Kilian T Leighton and T Shamoon ldquoSecure spread spectrum
watermarking for images audio and videordquo in Proc IEEE Int Conf Image
Processing Lausanne Switzerland Sept 1996 vol 111 pp 243ndash246
D Kahn The CodebreakersmdashThe Story of Secret Writing New York Scribner
1967
F Johnson and S Jajodia ldquoExploring steganography Seeing the unseenrdquo IEEE
Computer Mag pp 26ndash34 Feb 1998
B Pfitzmann ldquoTrials of traced traitorsrdquo in Information Hiding First International
Workshop Lecture Notes in Computer Science R Anderson Ed Berlin Germany
Springer-Verlag 1996 vol 1 pp 49ndash64
J R Smith and B O Comisky ldquoModulation and information hiding in imagesrdquo in
Information Hiding First International Workshop Lecture Notes in Computer
Science R Anderson Ed Berlin Germany Springer-Verlag 1996 vol 1174 pp
207ndash226
L M Marvel and C G Boncelet Jr ldquoCapacity of the additive steganographic
channelrdquo submitted for publication
R van Schyndel A Tirkel and C Osborne ldquoA digital watermarkrdquo in Proc IEEE Int
Conf Image Processing 1994 vol 2 pp 86ndash90
R B Wolfgang and E J Delp ldquoA watermark for digital imagesrdquo in Proc IEEE Int
Conf Image Processing Lausanne Switzerland Sept 1996 vol 111 pp 219ndash222
31
- 84 Countermeasures and detection
- Detection of physical steganography requires careful physical examination including the use of magnification developer chemicals and ultraviolet light It is a time-consuming process with obvious resource implications even in countries where large numbers of people are employed to spy on their fellow nationals However it is feasible to screen mail of certain suspected individuals or institutions such as prisons or prisoner-of-war (POW) camps During World War II a technology used to ease monitoring of POW mail was specially treated paper that would reveal invisible ink An article in the June 24 1948 issue of Paper Trade Journal by the Technical Director of the United States Government Printing Office Morris S Kantrowitz describes in general terms the development of this paper three prototypes of which were named Sensicoat Anilith and Coatalith paper These were for the manufacture of post cards and stationery to be given to German prisoners of war in the US and Canada If POWs tried to write a hidden message the special paper would render it visible At least two US patents were granted related to this technology one to Mr Kantrowitz No 2515232 Water-Detecting paper and Water-Detecting Coating Composition Therefor patented July 18 1950 and an earlier one Moisture-Sensitive Paper and the Manufacture Thereof No 2445586 patented July 20 1948 A similar strategy is to issue prisoners with writing paper ruled with a water-soluble ink that runs when in contact with a water-based invisible ink
-
the hidden message is more integral to the cover image than just hiding it in the ldquonoiserdquo level
This makes it more suitable than LSB with lossy JPEG images
83Algorithms and Transformations
LSB manipulation is a quick and easy way to hide information but is vulnerable to small
changes resulting from image processing or lossy compression Such compression is a key
advantage that JPEG images have over other formats High quality images can be stored in
relatively small files using JPEG compression method
One steganographic method that integrates the compression algorithm for hiding the
information is Jpeg-Jsteg Jpeg-Jsteg creates a JPEG stego image from the input of a message
to be hidden and a lossless cover mage
Another method used in Patchwork and similar techniques is the redundant pattern encoding
Here the hidden information is scattered throughout the cover mage These approaches may
help protect against image processing such as cropping and rotations and they hide
information more thoroughly than by simply masking They also support image manipulation
more readily than tools that rely on LSB In using redundant pattern encoding you must trade
off message size against robustness A large message may be embedded only once because it
would occupy a much greater portion of the image area
Other techniques encrypt and scatter the hidden data throughout an image Scattering the
message makes it appear more like noise Proponents of this approach assume that even if the
message bits are extracted they will be useless without the algorithm and stego-key to
decode them Scattering and encryption helps protect against hidden message extraction but
not against message destruction through image processing A scattered message in the
imagersquos LSBs is still as vulnerable to destruction from lossy compression and image
processing as is a clear text message inserted in the LSBs
84 Countermeasures and detection
Detection of physical steganography requires careful physical examination including the use
of magnification developer chemicals and ultraviolet light It is a time-consuming process
with obvious resource implications even in countries where large numbers of people are
employed to spy on their fellow nationals However it is feasible to screen mail of certain
suspected individuals or institutions such as prisons or prisoner-of-war (POW) camps
During World War II a technology used to ease monitoring of POW mail was specially
17
treated paper that would reveal invisible ink An article in the June 24 1948 issue of Paper
Trade Journal by the Technical Director of the United States Government Printing Office
Morris S Kantrowitz describes in general terms the development of this paper three
prototypes of which were named Sensicoat Anilith and Coatalith paper These were for the
manufacture of post cards and stationery to be given to German prisoners of war in the US
and Canada If POWs tried to write a hidden message the special paper would render it
visible At least two US patents were granted related to this technology one to Mr
Kantrowitz No 2515232 Water-Detecting paper and Water-Detecting Coating
Composition Therefor patented July 18 1950 and an earlier one Moisture-Sensitive Paper
and the Manufacture Thereof No 2445586 patented July 20 1948 A similar strategy is to
issue prisoners with writing paper ruled with a water-soluble ink that runs when in contact
with a water-based invisible ink
In computing detection of steganographically encoded packages is called steganalysis The
simplest method to detect modified files however is to compare them to known originals
For example to detect information being moved through the graphics on a website an analyst
can maintain known-clean copies of these materials and compare them against the current
contents of the site The differences assuming the carrier is the same will compose the
payload In general using extremely high compression rate makes steganography difficult
but not impossible While compression errors provide a hiding place for data high
compression reduces the amount of data available to hide the payload in raising the encoding
density and facilitating easier detection (in the extreme case even by casual observation)
9 LEAST SIGNIFICANT BIT (LSB) INSERTION
91Technique basics
Today when converting an analog image to digital format we usually choose between three
different ways of representing colors
1048766 24-bit color every pixel can have one in 2^24 colors and these are represented as different
quantities of three basic colors red (R) green (G) blue (B) given by 8 bits (256 values)
each
18
1048766 8-bit color every pixel can have one in 256 (2^8) colors chosen from a palette or a table
of colors
1048766 8-bit gray-scale every pixel can have one in 256 (2^8) shades of gray
LSB insertion modifies the LSBs of each color in 24-bit images or the LSBs of the 8-bit
value for 8-bit images
92Data Rate
The most basic of LSBs insertion for 24-bit pictures inserts 3 bitspixel Since every pixel is
24 bits we can hide
3 hidden-bitspixel 24 data-bitspixel = 18 hidden-bitsdatabits
So for this case we hide 1 bit of the embedded message for every 8 bits of the cover image If
we pushed the insertion to include the second LSBs the formula would change to
6 hidden-bitspixel 24 data-bitspixel = 28 hidden-bitsdatabits
And we would hide 2 bits of the embedded message for every 8 bits of the cover image
Adding a third-bit insertion we would get
9 hidden-bitspixel 24 data-bitspixel = 38 hidden-bitsdatabits
Acquiring a data rate of 3 embedded bits every 8 bits of the image The data rate for insertion
in 8-bit images is analogous to the 1 LSB insertion in 24-bit images or 1 embedded bit every
8 cover bits We can see the problem in another light and ask how many cover bytes are
needed to send an embedded byte
For 1-LSB insertion in 24-bit images or in 8-bit images this value would be 818 = 8 Bytes
For 2-LSBs insertion in 24-bit pictures it would be 828 = 4 Bytes for 3-LSBs insertion it
would be 838 = 2133 Bytes
93Robustness
LSB insertion is very vulnerable to a lot of transformationseven the most harmless and usual
ones Lossy compression eg JPEG is very likely to destroy it completely The problem is
that the holes in the Human Visual System that LSB insertion tries to exploit ndash little
sensitivity to added noise - are the same that lossy compression algorithms rely on to be able
to reduce the data rate of images
19
Geometrical transformations moving the pixels around and especially message and the only
one that could allow recovery is a simple translation Any other kind of picture
transformation like blurring or other effects usually will destroy the hidden data All in all
LSB insertion is a very little robust technique for data hiding displacing them from the
original grid are likely to destroy the embedded
94Ease of detectionextraction
There is no theoretical outstanding mark of LSB insertion if not a little increase of
background noise Itrsquos very easy instead to extract LSBs even with simple programs and to
check them later to find if they mean something or not
95Suitability for steganography or watermarking
First of all since it is a so vulnerable technique even for simple processing LSB insertion is
almost useless for digital watermarking where it must face malicious attempts at its
destruction plus normal transformations like compressiondecompression or conversion to
analog (printing or visualization)conversion to digital (scanning) Its comparatively high data
rate can point it as a good technique for steganography where robustness is not such an
important constraint
96Problems and possible solutions
Having stated that LSB insertion is good for steganography we can try to improve one of its
major drawbacks the ease of extraction We donrsquot want that a malicious attacker be able to
read everything we are sending
This is usually accomplished with two complementary techniques
Encryption of the message so that who extracts it must also decrypt it before it makes
sense
Randomizing the placement of the bits using a cryptographical random function
(scattering) so that itrsquos almost impossible to rebuild the message without knowing the
seed for the random function
In this way the message is protected by two different keys acquiring much more
confidentiality than before This approach protects also the integrity of the message being
much more difficult (we could say at least computationally infeasible) to counterfeit the
message
20
Anyway since we donrsquot want our message to be only an encrypted and scrambled message
we must go back to the purpose of making the communication hidden
The two most important issues in this problem are
The choice of images
The choice of the format (24-bit or 8-bit compressed or not)
The cover image first of all must seem casual so it must be chosen between a set of subjects
that can have a reason to be exchanged between the source and the receiver Then it must
have quite varying colors it must be noisy so that the added noise is going to be covered
by the already present one Wide solid-color areas imagnify very much any little amount of
noise added to them Second there is a problem with the file size which involves the choice
of the format Unusually big files exchanged between two peers in fact are likely to arise
suspicion
To solve this problem it has been studied a modification to the JPEG algorithm that inserts
LSBs in some of the lossless stages or pilots the rounding of the coefficients of the DCT used
to compress the image to encode the bits Since we need to have small image file sizes we
should resort in using 8-bit images if we want to communicate using LSB insertion because
their size is more likely to be considered as normal
The problem with 256 colors images is that they make use of an indexed palette and
changing a LSB means that we switch a pixel from a position to an adjacent one If there are
adjacent contrasting colors in the palette it can happen that a pixel in the image changes its
color abruptly and the hidden message becomes visible
To solve this problem different methods have been studied like rearranging the palette so
that adjacent colors donrsquot contrast so much or even reducing the palette to a smaller number
of colors and replicating the same entry in the table in adjacent positions so that the
difference after the embedding of the message is not visible at all
Moreover for most images the reduction of colors from for instance 256 to 32 is hardly
visible Most of the experts anyway advise to use 8-bit grayscale images since their palette
is much less varying than the color one so LSB insertion is going to be very hard to detect by
the human eye
21
10SSIS - SPREAD SPECTRUM IMAGE STEGANOGRAPHY
Techniques of error-control coding image restoration and those similar to spread spectrum
communication are combined within the SSIS system The fundamental concept is the
embedding of the hidden information within noise which is then added to a digital cover
image This noise is typical of the noise inherent to the image acquisition process and if kept
at low levels is not perceptible to the human eye or by computer analysis without access to
the original image To successfully decode the message image restoration techniques and
error-control coding are employed Image restoration is used to obtain an approximate
estimate of the original cover image from the stegoimage This promotes the estimation of the
embedded signal that was added to the cover in addition to allowing SSIS to be a blind
steganography scheme
Finally because the noise is of low power and the restoration process is not perfect the
estimation of the embedded signal is poor resulting in an embedded signal bit error rate
(BER) that is rather high To compensate the message signal is processed by a low-rate
error-correcting code before embedding This conglomeration of communication and image
processing techniques provides a method of reliable blind image steganography
The major processes of the stegosystem encoder are portrayed Within the system the
message is optionally encrypted with key 1 and then encoded via a low-rate
errorcorrectingcode producing the encoded message Thesender enters key 2 into a wideband
pseudorandom noise generator producing a real-valued noise sequence sequently the
modulation scheme is used to combine the message with the noise sequence thereby
composing the embedded signal which is then input into an interleaver using key 3 This
signal is now added with the cover image to produce the stegoimage which is appropriately
quantized and clipped to preserve the initial dynamic range of the cover image The
stegoimage is then transmitted in some manner to the recipient At the receiver the
stegoimage is received by the recipient who maintains the same keys as the sender uses the
stegosystem decoder to extract the hidden information The decoder uses image restoration
techniques to produce an estimate of the original cover image from the received
stegoimage The difference between and
is fed into a keyed deinterleaver to construct an estimate of the embedded signal With key
2 the noise sequence is regenerated the encoded message is then demodulated and an
estimate of the encoded message is constructed The estimate of the message is then
22
decoded via the low-rate errorcontrol decoder optionally decrypted using key 1 and revealed
to the recipient
The interleaver in this scheme which reorders the embedded signal before it is added to the
cover image serves a dual function The first is to prevent a group or burst of errors This
allows the errors to occur almost independently within a codeword thus giving the error-
correcting code an equal chance at correcting the errors in all codewords Second since the
interleaver requires a key to stipulate the interleaving algorithm this key can serve as another
level of security to establish the proper order of the embedded signal before decoding
We point out this technique as an example for spread spectrum data-hiding methods Spread
spectrum techniques are now widely used in military radio communications due to their very
high robustness to detection and extraction SSIS is a quite mature process and its aim is to
achieve low detectability ease of extraction high data rate and good robustness to removal It
is based on spread spectrum techniques but it enhances them by adding other encoding steps
FigSSIS encoder
23
FigSSIS decoder
101Technique basics
The core of SSIS is a spread spectrum encoder These devices work by modulating a narrow
band signal over a carrier The carrierrsquos frequency is continually shifted using a
pseudorandom noise generator fed with a secret key In this way the spectral energy of the
signal is spread over a wide band thus decreasing its density usually under the noise level
To extract the embedded message the receiver must use the same key and noise generator to
tune on the right frequencies and demodulate the original signal A casual observer wonrsquot be
able even to detect the hidden communication since it is under the noise level
102Data Rate
The data rate for this technique can be fairly high but it depends on the choices made for the
different parameters of the encoding We can assume that the message will be compressed
before embedding to allow for a higher capacity The ECC encoder instead is going to insert
redundant data into the stream to be able to correct the errors The more errors we want to
correct the more bits will be added Then we have a tradeoff between good retrieval and
capacity If we can allow for small glitches in the recovered message then we can use a
weaker encoding
Moreover the more data we want to insert in the image the more noise we are going to add
to it Then if our cover is not noisy we will be able to hide very little data while if we
choose a noisy one its capacity will be higher Experiments with 512x512 grey scale images
(256 KB) could embed from 500 bytes to 5KB depending on the cover These experiments
used a spread spectrum signal powerful enough to give almost total error-free retrieval
because the compression method adopted didnrsquot allow for any errors This means a data rate
24
varying from 1 hidden-bytes50 cover-bytes to 10 hiddenbytes 50 cover-bytes a rate
surpassed only by LSB insertion
103Robustness
Spread spectrum techniques are usually quite robust Every transformation that adds noise to
the image isnrsquot able to destroy the message Anyway a determined attacker can quite easily
compromise the embedded data using some digital processing like for examplenoise
reduction filters the same that are used in decoding to estimate the original cover
104Ease of detectionextraction
Spread spectrum encoding is widely used in military communications for its robustness
against detection An attacker canrsquot usually even know if the message was embedded and
anyway it will be very hard for him to extract it without knowing the right key2 and key3
105Suitability for steganography or watermarking
Due to its fairly high capacity and low ease of detection and extraction SISS is very good for
steganography
106Problems and possible solutions
The basic tradeoff in using SSIS is between the error rate we can afford and the amount of
informations we want to embed that varies in turn the power of the added noise The ECC is
used to allow for a lower power without increasing the Bit Error Rate as well
Further improvements will deal with improving the original cover estimate stage so that itrsquoll
lead to a lower Bit Error Rate in the recovered signal allowing to use less redundant ECCs
The first is redundant encoding by dividing the cover into blocks and embedding the same
message in each of them so that the hidden data can be extracted even from a part of the
image as big as one block but the more of it we have the more certain we can be about the
result
Moreover they added to the spectrum a template that can through a log-polar transform
applied to the spectrum of the stegoimage determine the original scale factor and orientation
of the image rendering the stego-message virtually immune to scaling and rotation Finally
spread spectrum techniques can add an adaptive perceptual masking filter before the insertion
of the signal so that the added noise is quite sure to be under perceptual limits This
25
however will increase the error rate in the retrieval because it reduces the power of the
embedded signal
11Applications of Steganography
Steganography is applicable to but not limited to the following areas
1) Confidential communication and secret data storing
2) Protection of data alteration
3) Access control system for digital content distribution
4) Media Database systems
The area differs in what feature of the steganography is utilized in each system
111 Confidential communication and secret data storing
The secrecy of the embedded data is essential in this areaHistorically steganography have
been approached in this area Steganography provides us with
(A) Potential capability to hide the existence of confidential data
(B) Hardness of detecting the hidden (ie embedded) data
(C) Strengthening of the secrecy of the encrypted data
In practice when you use some steganography you must first select a vessel data according
to the size of the embedding data The vessel should be innocuous Then you embed the
confidential data by using an embedding program (which is one component of the
steganography software) together with some key When extracting you (or your party) use an
extracting program (another component) to recover the embedded data by the same key
( common key in terms of cryptography) In this case you need a key negotiation before
you start communication
Attaching a stego file to an e-mail message is the simplest example in this application area
But you and your party must do a sending-and-receiving action that could be noticed by a
third party So e-mailing is not a completely secret communication methodThere is an easy
method that has no key-negotiation We have a model of Anonymous Covert Mailing
System There is some other communication method that uses the Internet Webpage In this
26
method you dont need to send anything to your party and no one can detect your
communication
Each secrecy based application needs an embedding process which leaves the smallest
embedding evidence You may follow the following
(A) Choose a large vessel larger the better compared with the embedding data
(B) Discard the original vessel after embedding
For example in the case of Qtech Hide amp View it leaves some latent embedding evidence
even if the vessel has a very large embedding capacity You are recommended to embed only
25 or less (for PNG BMP output) of the maximum capacity or only 3 of the vessel size
(for JPEG output)
112 Protection of data alteration
We take advantage of the fragility of the embedded data in this application area
The embedded data can rather be fragile than be very robust Actually embedded data are
fragile in most steganography programs Especially Qtech Hide amp View program embeds
data in an extremely fragile manner However this fragility opens a new direction toward an
information-alteration protective system such as a Digital Certificate Document System
The most novel point among others is that no authentication bureau is needed If it is
implemented people can send their digital certificate data to any place in the world through
Internet No one can forge alter nor tamper such certificate data If forged altered or
tampered it is easily detected by the extraction program
Stated somewhat more formally the objective for making steganographic encoding difficult
to detect is to ensure that the changes to the carrier (the original signal) due to the injection of
the payload (the signal to covertly embed) are visually (and ideally statistically) negligible
that is to say the changes are indistinguishable from the noise floor of the carrier Any
medium can be a carrier but media with a large amount of redundant or compressible
information are better suited
From an information theoretical point of view this means that the channel must have more
capacity than the surface signal requires that is there must be redundancy For a digital
image this may be noise from the imaging element for digital audio it may be noise from
recording techniques or amplification equipment In general electronics that digitize an
analog signal suffer from several noise sources such as thermal noise flicker noise and shot
27
noise This noise provides enough variation in the captured digital information that it can be
exploited as a noise cover for hidden data In addition lossy compression schemes (such as
JPEG) always introduce some error into the decompressed data it is possible to exploit this
for steganographic use as well
Steganography can be used for digital watermarking where a message (being simply an
identifier) is hidden in an image so that its source can be tracked or verified (for example
Coded Anti-Piracy) or even just to identify an image (as in the EURion constellation)
113 Access control system for digital content distribution
In this area embedded data is hidden but is explained to publicize the contentToday
digital contents are getting more and more commonly distributed by Internet than ever before
For example music companies release new albums on their Webpage in a free or charged
manner However in this case all the contents are equally distributed to the people who
accessed the page So an ordinary Web distribution scheme is not suited for a case-by-case
and selective distribution Of course it is always possible to attach digital content to e-mail
messages and send to the customers But it will takes a lot of cost in time and labor
If you have some valuable content which you think it is okay to provide others if they really
need it and if it is possible to upload such content on the Web in some covert manner And if
you can issue a special access key to extract the content selectively you will be very happy
about it A steganographic scheme can help realize a this type of system
We have developed a prototype of an Access Control System for digital content
distribution through Internet The following steps explain the scheme
(1) A content owner classify hisher digital contents in a folder-by-folder manner and embed
the whole folders in some large vessel according to a steganographic method using folder
access keys and upload the embedded vessel (stego data) on hisher own Webpage
(2) On that Webpage the owner explains the contents in depth and publicize worldwide The
contact information to the owner (post mail address e-mail address phone number etc) will
be posted there
(3) The owner may receive an access-request from a customer who watched that Webpage In
that case the owner may (or may not) creates an access key and provide it to the customer
(free or charged)
28
In this mechanism the most important point is a selective extraction is possible or notWe
have already developed such a selective extraction program to implement the system
114 Media Database systems
In this application area of steganography secrecy is not important but unifying two types of
data into one is the most importantMedia data (photo picture movie music etc) have some
association with other information A photo picture for instance may have the following
(1) The title of the picture and some physical object information
(2) The date and the time when the picture was taken
(3) The camera and the photographers information
Formerly these are annotated beside the each picture in the albumRecently almost all
cameras are digitalized They are cheap in price easy to use quick to shoot They eventually
made people feel reluctant to work on annotating each picture Now most home PCs are
stuck with the huge amount of photo files In this situation it is very hard to find a specific
shot in the piles of pictures A photo album software may help a little You can sort the
pictures and put a couple of annotation words to each photo When you want to find a
specific picture you can make a search by keywords for the target picture However the
annotation data in such software are not unified with the target pictures Each annotation only
has a link to the picture Therefore when you transfer the pictures to a different album
software all the annotation data are lost
This problem is technically referred to as Metadata (eg annotation data) in a media
database system (a photo album software) are separated from the media data (photo data) in
the database managing system (DBMS) This is a big problem
Steganography can solve this problem because a steganography program unifies two types of
data into one by way of embedding operation So metadata can easily be transferred from
one system to another without hitch Specifically you can embed all your goodbad memory
(of your sight-seeing trip) in each snap shot of the digital photo You can either send the
embedded picture to your friend to extract your memory on hisher PC or you may keep it
silent in your own PC to enjoy extracting the memory ten years after If a motion picture
steganography system has been developed in the near future a keyword based movie-scene
retrieving system will be implemented It will be a step to a semantic movie retrieval system
29
12CONCLUSION
In this paper we tried to give an all-round view of steganography both used to exchange
messages and watermarking First we gave an outline of the problem telling also some of the
history of this quickly developing field Then we showed the different techniques invented
from the simplest to the more complex ones trying to evaluate them under many points of
view Major emphasis was put on data hiding in images for the techniques involved are
usually more mature than the corresponding ones for other kinds of informations Image
encoding algorithms can also be representative for manipulation of other types of media like
voice text binary files binary files communication channels etc
The strength of our system resides in the new concept of key image Involving two images
(the cover and the key) in place of only one (the cover) we are able to change the cover
coefficients randomly This opportunity does not give a steganalytic tool the chance of
searching for a predictable set of modifications The proposed approach has many
applications in hiding and coding messages within standard medias such as images or videos
As future work we intend to study steganalytic techniques for ISC and to extend ISC to
mobile video communication
Then we gave an outline of the problems involved with watermarking a field that has come
into light after the development of broadband worldwide digital networks Steganography and
digital watermarking are undergoing a development process similar to that of encryption
Steganographyrsquos niche in security is to supplement cryptography and not to replace it There
is a continuous invention of new techniques for steganography followed by successful
breakings and new improvements of them
30
13REFERENCES
Neil F Johnson Sushil Jajodia George Mason University Exploring
Steganography Seeing the Unseen IEEE Computers February 1998 pp 26-34
W Bender D Gruhl N Morimoto A Lu Techniques for Data Hiding IBM
Systems Journal Vol 35
Ross Anderson Roger Needham Adi Shamir The Steganographic File System 2nd
Information Hiding Workshop 1998
Ross J Anderson Fabien AP Petitcolas On the limits of steganographyrdquo
W Bender D Gruhl N Morimoto and A Lu ldquoTechniques for data hidingrdquo IBM
Syst J vol 35 1996
I J Cox J Kilian T Leighton and T Shamoon ldquoSecure spread spectrum
watermarking for images audio and videordquo in Proc IEEE Int Conf Image
Processing Lausanne Switzerland Sept 1996 vol 111 pp 243ndash246
D Kahn The CodebreakersmdashThe Story of Secret Writing New York Scribner
1967
F Johnson and S Jajodia ldquoExploring steganography Seeing the unseenrdquo IEEE
Computer Mag pp 26ndash34 Feb 1998
B Pfitzmann ldquoTrials of traced traitorsrdquo in Information Hiding First International
Workshop Lecture Notes in Computer Science R Anderson Ed Berlin Germany
Springer-Verlag 1996 vol 1 pp 49ndash64
J R Smith and B O Comisky ldquoModulation and information hiding in imagesrdquo in
Information Hiding First International Workshop Lecture Notes in Computer
Science R Anderson Ed Berlin Germany Springer-Verlag 1996 vol 1174 pp
207ndash226
L M Marvel and C G Boncelet Jr ldquoCapacity of the additive steganographic
channelrdquo submitted for publication
R van Schyndel A Tirkel and C Osborne ldquoA digital watermarkrdquo in Proc IEEE Int
Conf Image Processing 1994 vol 2 pp 86ndash90
R B Wolfgang and E J Delp ldquoA watermark for digital imagesrdquo in Proc IEEE Int
Conf Image Processing Lausanne Switzerland Sept 1996 vol 111 pp 219ndash222
31
- 84 Countermeasures and detection
- Detection of physical steganography requires careful physical examination including the use of magnification developer chemicals and ultraviolet light It is a time-consuming process with obvious resource implications even in countries where large numbers of people are employed to spy on their fellow nationals However it is feasible to screen mail of certain suspected individuals or institutions such as prisons or prisoner-of-war (POW) camps During World War II a technology used to ease monitoring of POW mail was specially treated paper that would reveal invisible ink An article in the June 24 1948 issue of Paper Trade Journal by the Technical Director of the United States Government Printing Office Morris S Kantrowitz describes in general terms the development of this paper three prototypes of which were named Sensicoat Anilith and Coatalith paper These were for the manufacture of post cards and stationery to be given to German prisoners of war in the US and Canada If POWs tried to write a hidden message the special paper would render it visible At least two US patents were granted related to this technology one to Mr Kantrowitz No 2515232 Water-Detecting paper and Water-Detecting Coating Composition Therefor patented July 18 1950 and an earlier one Moisture-Sensitive Paper and the Manufacture Thereof No 2445586 patented July 20 1948 A similar strategy is to issue prisoners with writing paper ruled with a water-soluble ink that runs when in contact with a water-based invisible ink
-
treated paper that would reveal invisible ink An article in the June 24 1948 issue of Paper
Trade Journal by the Technical Director of the United States Government Printing Office
Morris S Kantrowitz describes in general terms the development of this paper three
prototypes of which were named Sensicoat Anilith and Coatalith paper These were for the
manufacture of post cards and stationery to be given to German prisoners of war in the US
and Canada If POWs tried to write a hidden message the special paper would render it
visible At least two US patents were granted related to this technology one to Mr
Kantrowitz No 2515232 Water-Detecting paper and Water-Detecting Coating
Composition Therefor patented July 18 1950 and an earlier one Moisture-Sensitive Paper
and the Manufacture Thereof No 2445586 patented July 20 1948 A similar strategy is to
issue prisoners with writing paper ruled with a water-soluble ink that runs when in contact
with a water-based invisible ink
In computing detection of steganographically encoded packages is called steganalysis The
simplest method to detect modified files however is to compare them to known originals
For example to detect information being moved through the graphics on a website an analyst
can maintain known-clean copies of these materials and compare them against the current
contents of the site The differences assuming the carrier is the same will compose the
payload In general using extremely high compression rate makes steganography difficult
but not impossible While compression errors provide a hiding place for data high
compression reduces the amount of data available to hide the payload in raising the encoding
density and facilitating easier detection (in the extreme case even by casual observation)
9 LEAST SIGNIFICANT BIT (LSB) INSERTION
91Technique basics
Today when converting an analog image to digital format we usually choose between three
different ways of representing colors
1048766 24-bit color every pixel can have one in 2^24 colors and these are represented as different
quantities of three basic colors red (R) green (G) blue (B) given by 8 bits (256 values)
each
18
1048766 8-bit color every pixel can have one in 256 (2^8) colors chosen from a palette or a table
of colors
1048766 8-bit gray-scale every pixel can have one in 256 (2^8) shades of gray
LSB insertion modifies the LSBs of each color in 24-bit images or the LSBs of the 8-bit
value for 8-bit images
92Data Rate
The most basic of LSBs insertion for 24-bit pictures inserts 3 bitspixel Since every pixel is
24 bits we can hide
3 hidden-bitspixel 24 data-bitspixel = 18 hidden-bitsdatabits
So for this case we hide 1 bit of the embedded message for every 8 bits of the cover image If
we pushed the insertion to include the second LSBs the formula would change to
6 hidden-bitspixel 24 data-bitspixel = 28 hidden-bitsdatabits
And we would hide 2 bits of the embedded message for every 8 bits of the cover image
Adding a third-bit insertion we would get
9 hidden-bitspixel 24 data-bitspixel = 38 hidden-bitsdatabits
Acquiring a data rate of 3 embedded bits every 8 bits of the image The data rate for insertion
in 8-bit images is analogous to the 1 LSB insertion in 24-bit images or 1 embedded bit every
8 cover bits We can see the problem in another light and ask how many cover bytes are
needed to send an embedded byte
For 1-LSB insertion in 24-bit images or in 8-bit images this value would be 818 = 8 Bytes
For 2-LSBs insertion in 24-bit pictures it would be 828 = 4 Bytes for 3-LSBs insertion it
would be 838 = 2133 Bytes
93Robustness
LSB insertion is very vulnerable to a lot of transformationseven the most harmless and usual
ones Lossy compression eg JPEG is very likely to destroy it completely The problem is
that the holes in the Human Visual System that LSB insertion tries to exploit ndash little
sensitivity to added noise - are the same that lossy compression algorithms rely on to be able
to reduce the data rate of images
19
Geometrical transformations moving the pixels around and especially message and the only
one that could allow recovery is a simple translation Any other kind of picture
transformation like blurring or other effects usually will destroy the hidden data All in all
LSB insertion is a very little robust technique for data hiding displacing them from the
original grid are likely to destroy the embedded
94Ease of detectionextraction
There is no theoretical outstanding mark of LSB insertion if not a little increase of
background noise Itrsquos very easy instead to extract LSBs even with simple programs and to
check them later to find if they mean something or not
95Suitability for steganography or watermarking
First of all since it is a so vulnerable technique even for simple processing LSB insertion is
almost useless for digital watermarking where it must face malicious attempts at its
destruction plus normal transformations like compressiondecompression or conversion to
analog (printing or visualization)conversion to digital (scanning) Its comparatively high data
rate can point it as a good technique for steganography where robustness is not such an
important constraint
96Problems and possible solutions
Having stated that LSB insertion is good for steganography we can try to improve one of its
major drawbacks the ease of extraction We donrsquot want that a malicious attacker be able to
read everything we are sending
This is usually accomplished with two complementary techniques
Encryption of the message so that who extracts it must also decrypt it before it makes
sense
Randomizing the placement of the bits using a cryptographical random function
(scattering) so that itrsquos almost impossible to rebuild the message without knowing the
seed for the random function
In this way the message is protected by two different keys acquiring much more
confidentiality than before This approach protects also the integrity of the message being
much more difficult (we could say at least computationally infeasible) to counterfeit the
message
20
Anyway since we donrsquot want our message to be only an encrypted and scrambled message
we must go back to the purpose of making the communication hidden
The two most important issues in this problem are
The choice of images
The choice of the format (24-bit or 8-bit compressed or not)
The cover image first of all must seem casual so it must be chosen between a set of subjects
that can have a reason to be exchanged between the source and the receiver Then it must
have quite varying colors it must be noisy so that the added noise is going to be covered
by the already present one Wide solid-color areas imagnify very much any little amount of
noise added to them Second there is a problem with the file size which involves the choice
of the format Unusually big files exchanged between two peers in fact are likely to arise
suspicion
To solve this problem it has been studied a modification to the JPEG algorithm that inserts
LSBs in some of the lossless stages or pilots the rounding of the coefficients of the DCT used
to compress the image to encode the bits Since we need to have small image file sizes we
should resort in using 8-bit images if we want to communicate using LSB insertion because
their size is more likely to be considered as normal
The problem with 256 colors images is that they make use of an indexed palette and
changing a LSB means that we switch a pixel from a position to an adjacent one If there are
adjacent contrasting colors in the palette it can happen that a pixel in the image changes its
color abruptly and the hidden message becomes visible
To solve this problem different methods have been studied like rearranging the palette so
that adjacent colors donrsquot contrast so much or even reducing the palette to a smaller number
of colors and replicating the same entry in the table in adjacent positions so that the
difference after the embedding of the message is not visible at all
Moreover for most images the reduction of colors from for instance 256 to 32 is hardly
visible Most of the experts anyway advise to use 8-bit grayscale images since their palette
is much less varying than the color one so LSB insertion is going to be very hard to detect by
the human eye
21
10SSIS - SPREAD SPECTRUM IMAGE STEGANOGRAPHY
Techniques of error-control coding image restoration and those similar to spread spectrum
communication are combined within the SSIS system The fundamental concept is the
embedding of the hidden information within noise which is then added to a digital cover
image This noise is typical of the noise inherent to the image acquisition process and if kept
at low levels is not perceptible to the human eye or by computer analysis without access to
the original image To successfully decode the message image restoration techniques and
error-control coding are employed Image restoration is used to obtain an approximate
estimate of the original cover image from the stegoimage This promotes the estimation of the
embedded signal that was added to the cover in addition to allowing SSIS to be a blind
steganography scheme
Finally because the noise is of low power and the restoration process is not perfect the
estimation of the embedded signal is poor resulting in an embedded signal bit error rate
(BER) that is rather high To compensate the message signal is processed by a low-rate
error-correcting code before embedding This conglomeration of communication and image
processing techniques provides a method of reliable blind image steganography
The major processes of the stegosystem encoder are portrayed Within the system the
message is optionally encrypted with key 1 and then encoded via a low-rate
errorcorrectingcode producing the encoded message Thesender enters key 2 into a wideband
pseudorandom noise generator producing a real-valued noise sequence sequently the
modulation scheme is used to combine the message with the noise sequence thereby
composing the embedded signal which is then input into an interleaver using key 3 This
signal is now added with the cover image to produce the stegoimage which is appropriately
quantized and clipped to preserve the initial dynamic range of the cover image The
stegoimage is then transmitted in some manner to the recipient At the receiver the
stegoimage is received by the recipient who maintains the same keys as the sender uses the
stegosystem decoder to extract the hidden information The decoder uses image restoration
techniques to produce an estimate of the original cover image from the received
stegoimage The difference between and
is fed into a keyed deinterleaver to construct an estimate of the embedded signal With key
2 the noise sequence is regenerated the encoded message is then demodulated and an
estimate of the encoded message is constructed The estimate of the message is then
22
decoded via the low-rate errorcontrol decoder optionally decrypted using key 1 and revealed
to the recipient
The interleaver in this scheme which reorders the embedded signal before it is added to the
cover image serves a dual function The first is to prevent a group or burst of errors This
allows the errors to occur almost independently within a codeword thus giving the error-
correcting code an equal chance at correcting the errors in all codewords Second since the
interleaver requires a key to stipulate the interleaving algorithm this key can serve as another
level of security to establish the proper order of the embedded signal before decoding
We point out this technique as an example for spread spectrum data-hiding methods Spread
spectrum techniques are now widely used in military radio communications due to their very
high robustness to detection and extraction SSIS is a quite mature process and its aim is to
achieve low detectability ease of extraction high data rate and good robustness to removal It
is based on spread spectrum techniques but it enhances them by adding other encoding steps
FigSSIS encoder
23
FigSSIS decoder
101Technique basics
The core of SSIS is a spread spectrum encoder These devices work by modulating a narrow
band signal over a carrier The carrierrsquos frequency is continually shifted using a
pseudorandom noise generator fed with a secret key In this way the spectral energy of the
signal is spread over a wide band thus decreasing its density usually under the noise level
To extract the embedded message the receiver must use the same key and noise generator to
tune on the right frequencies and demodulate the original signal A casual observer wonrsquot be
able even to detect the hidden communication since it is under the noise level
102Data Rate
The data rate for this technique can be fairly high but it depends on the choices made for the
different parameters of the encoding We can assume that the message will be compressed
before embedding to allow for a higher capacity The ECC encoder instead is going to insert
redundant data into the stream to be able to correct the errors The more errors we want to
correct the more bits will be added Then we have a tradeoff between good retrieval and
capacity If we can allow for small glitches in the recovered message then we can use a
weaker encoding
Moreover the more data we want to insert in the image the more noise we are going to add
to it Then if our cover is not noisy we will be able to hide very little data while if we
choose a noisy one its capacity will be higher Experiments with 512x512 grey scale images
(256 KB) could embed from 500 bytes to 5KB depending on the cover These experiments
used a spread spectrum signal powerful enough to give almost total error-free retrieval
because the compression method adopted didnrsquot allow for any errors This means a data rate
24
varying from 1 hidden-bytes50 cover-bytes to 10 hiddenbytes 50 cover-bytes a rate
surpassed only by LSB insertion
103Robustness
Spread spectrum techniques are usually quite robust Every transformation that adds noise to
the image isnrsquot able to destroy the message Anyway a determined attacker can quite easily
compromise the embedded data using some digital processing like for examplenoise
reduction filters the same that are used in decoding to estimate the original cover
104Ease of detectionextraction
Spread spectrum encoding is widely used in military communications for its robustness
against detection An attacker canrsquot usually even know if the message was embedded and
anyway it will be very hard for him to extract it without knowing the right key2 and key3
105Suitability for steganography or watermarking
Due to its fairly high capacity and low ease of detection and extraction SISS is very good for
steganography
106Problems and possible solutions
The basic tradeoff in using SSIS is between the error rate we can afford and the amount of
informations we want to embed that varies in turn the power of the added noise The ECC is
used to allow for a lower power without increasing the Bit Error Rate as well
Further improvements will deal with improving the original cover estimate stage so that itrsquoll
lead to a lower Bit Error Rate in the recovered signal allowing to use less redundant ECCs
The first is redundant encoding by dividing the cover into blocks and embedding the same
message in each of them so that the hidden data can be extracted even from a part of the
image as big as one block but the more of it we have the more certain we can be about the
result
Moreover they added to the spectrum a template that can through a log-polar transform
applied to the spectrum of the stegoimage determine the original scale factor and orientation
of the image rendering the stego-message virtually immune to scaling and rotation Finally
spread spectrum techniques can add an adaptive perceptual masking filter before the insertion
of the signal so that the added noise is quite sure to be under perceptual limits This
25
however will increase the error rate in the retrieval because it reduces the power of the
embedded signal
11Applications of Steganography
Steganography is applicable to but not limited to the following areas
1) Confidential communication and secret data storing
2) Protection of data alteration
3) Access control system for digital content distribution
4) Media Database systems
The area differs in what feature of the steganography is utilized in each system
111 Confidential communication and secret data storing
The secrecy of the embedded data is essential in this areaHistorically steganography have
been approached in this area Steganography provides us with
(A) Potential capability to hide the existence of confidential data
(B) Hardness of detecting the hidden (ie embedded) data
(C) Strengthening of the secrecy of the encrypted data
In practice when you use some steganography you must first select a vessel data according
to the size of the embedding data The vessel should be innocuous Then you embed the
confidential data by using an embedding program (which is one component of the
steganography software) together with some key When extracting you (or your party) use an
extracting program (another component) to recover the embedded data by the same key
( common key in terms of cryptography) In this case you need a key negotiation before
you start communication
Attaching a stego file to an e-mail message is the simplest example in this application area
But you and your party must do a sending-and-receiving action that could be noticed by a
third party So e-mailing is not a completely secret communication methodThere is an easy
method that has no key-negotiation We have a model of Anonymous Covert Mailing
System There is some other communication method that uses the Internet Webpage In this
26
method you dont need to send anything to your party and no one can detect your
communication
Each secrecy based application needs an embedding process which leaves the smallest
embedding evidence You may follow the following
(A) Choose a large vessel larger the better compared with the embedding data
(B) Discard the original vessel after embedding
For example in the case of Qtech Hide amp View it leaves some latent embedding evidence
even if the vessel has a very large embedding capacity You are recommended to embed only
25 or less (for PNG BMP output) of the maximum capacity or only 3 of the vessel size
(for JPEG output)
112 Protection of data alteration
We take advantage of the fragility of the embedded data in this application area
The embedded data can rather be fragile than be very robust Actually embedded data are
fragile in most steganography programs Especially Qtech Hide amp View program embeds
data in an extremely fragile manner However this fragility opens a new direction toward an
information-alteration protective system such as a Digital Certificate Document System
The most novel point among others is that no authentication bureau is needed If it is
implemented people can send their digital certificate data to any place in the world through
Internet No one can forge alter nor tamper such certificate data If forged altered or
tampered it is easily detected by the extraction program
Stated somewhat more formally the objective for making steganographic encoding difficult
to detect is to ensure that the changes to the carrier (the original signal) due to the injection of
the payload (the signal to covertly embed) are visually (and ideally statistically) negligible
that is to say the changes are indistinguishable from the noise floor of the carrier Any
medium can be a carrier but media with a large amount of redundant or compressible
information are better suited
From an information theoretical point of view this means that the channel must have more
capacity than the surface signal requires that is there must be redundancy For a digital
image this may be noise from the imaging element for digital audio it may be noise from
recording techniques or amplification equipment In general electronics that digitize an
analog signal suffer from several noise sources such as thermal noise flicker noise and shot
27
noise This noise provides enough variation in the captured digital information that it can be
exploited as a noise cover for hidden data In addition lossy compression schemes (such as
JPEG) always introduce some error into the decompressed data it is possible to exploit this
for steganographic use as well
Steganography can be used for digital watermarking where a message (being simply an
identifier) is hidden in an image so that its source can be tracked or verified (for example
Coded Anti-Piracy) or even just to identify an image (as in the EURion constellation)
113 Access control system for digital content distribution
In this area embedded data is hidden but is explained to publicize the contentToday
digital contents are getting more and more commonly distributed by Internet than ever before
For example music companies release new albums on their Webpage in a free or charged
manner However in this case all the contents are equally distributed to the people who
accessed the page So an ordinary Web distribution scheme is not suited for a case-by-case
and selective distribution Of course it is always possible to attach digital content to e-mail
messages and send to the customers But it will takes a lot of cost in time and labor
If you have some valuable content which you think it is okay to provide others if they really
need it and if it is possible to upload such content on the Web in some covert manner And if
you can issue a special access key to extract the content selectively you will be very happy
about it A steganographic scheme can help realize a this type of system
We have developed a prototype of an Access Control System for digital content
distribution through Internet The following steps explain the scheme
(1) A content owner classify hisher digital contents in a folder-by-folder manner and embed
the whole folders in some large vessel according to a steganographic method using folder
access keys and upload the embedded vessel (stego data) on hisher own Webpage
(2) On that Webpage the owner explains the contents in depth and publicize worldwide The
contact information to the owner (post mail address e-mail address phone number etc) will
be posted there
(3) The owner may receive an access-request from a customer who watched that Webpage In
that case the owner may (or may not) creates an access key and provide it to the customer
(free or charged)
28
In this mechanism the most important point is a selective extraction is possible or notWe
have already developed such a selective extraction program to implement the system
114 Media Database systems
In this application area of steganography secrecy is not important but unifying two types of
data into one is the most importantMedia data (photo picture movie music etc) have some
association with other information A photo picture for instance may have the following
(1) The title of the picture and some physical object information
(2) The date and the time when the picture was taken
(3) The camera and the photographers information
Formerly these are annotated beside the each picture in the albumRecently almost all
cameras are digitalized They are cheap in price easy to use quick to shoot They eventually
made people feel reluctant to work on annotating each picture Now most home PCs are
stuck with the huge amount of photo files In this situation it is very hard to find a specific
shot in the piles of pictures A photo album software may help a little You can sort the
pictures and put a couple of annotation words to each photo When you want to find a
specific picture you can make a search by keywords for the target picture However the
annotation data in such software are not unified with the target pictures Each annotation only
has a link to the picture Therefore when you transfer the pictures to a different album
software all the annotation data are lost
This problem is technically referred to as Metadata (eg annotation data) in a media
database system (a photo album software) are separated from the media data (photo data) in
the database managing system (DBMS) This is a big problem
Steganography can solve this problem because a steganography program unifies two types of
data into one by way of embedding operation So metadata can easily be transferred from
one system to another without hitch Specifically you can embed all your goodbad memory
(of your sight-seeing trip) in each snap shot of the digital photo You can either send the
embedded picture to your friend to extract your memory on hisher PC or you may keep it
silent in your own PC to enjoy extracting the memory ten years after If a motion picture
steganography system has been developed in the near future a keyword based movie-scene
retrieving system will be implemented It will be a step to a semantic movie retrieval system
29
12CONCLUSION
In this paper we tried to give an all-round view of steganography both used to exchange
messages and watermarking First we gave an outline of the problem telling also some of the
history of this quickly developing field Then we showed the different techniques invented
from the simplest to the more complex ones trying to evaluate them under many points of
view Major emphasis was put on data hiding in images for the techniques involved are
usually more mature than the corresponding ones for other kinds of informations Image
encoding algorithms can also be representative for manipulation of other types of media like
voice text binary files binary files communication channels etc
The strength of our system resides in the new concept of key image Involving two images
(the cover and the key) in place of only one (the cover) we are able to change the cover
coefficients randomly This opportunity does not give a steganalytic tool the chance of
searching for a predictable set of modifications The proposed approach has many
applications in hiding and coding messages within standard medias such as images or videos
As future work we intend to study steganalytic techniques for ISC and to extend ISC to
mobile video communication
Then we gave an outline of the problems involved with watermarking a field that has come
into light after the development of broadband worldwide digital networks Steganography and
digital watermarking are undergoing a development process similar to that of encryption
Steganographyrsquos niche in security is to supplement cryptography and not to replace it There
is a continuous invention of new techniques for steganography followed by successful
breakings and new improvements of them
30
13REFERENCES
Neil F Johnson Sushil Jajodia George Mason University Exploring
Steganography Seeing the Unseen IEEE Computers February 1998 pp 26-34
W Bender D Gruhl N Morimoto A Lu Techniques for Data Hiding IBM
Systems Journal Vol 35
Ross Anderson Roger Needham Adi Shamir The Steganographic File System 2nd
Information Hiding Workshop 1998
Ross J Anderson Fabien AP Petitcolas On the limits of steganographyrdquo
W Bender D Gruhl N Morimoto and A Lu ldquoTechniques for data hidingrdquo IBM
Syst J vol 35 1996
I J Cox J Kilian T Leighton and T Shamoon ldquoSecure spread spectrum
watermarking for images audio and videordquo in Proc IEEE Int Conf Image
Processing Lausanne Switzerland Sept 1996 vol 111 pp 243ndash246
D Kahn The CodebreakersmdashThe Story of Secret Writing New York Scribner
1967
F Johnson and S Jajodia ldquoExploring steganography Seeing the unseenrdquo IEEE
Computer Mag pp 26ndash34 Feb 1998
B Pfitzmann ldquoTrials of traced traitorsrdquo in Information Hiding First International
Workshop Lecture Notes in Computer Science R Anderson Ed Berlin Germany
Springer-Verlag 1996 vol 1 pp 49ndash64
J R Smith and B O Comisky ldquoModulation and information hiding in imagesrdquo in
Information Hiding First International Workshop Lecture Notes in Computer
Science R Anderson Ed Berlin Germany Springer-Verlag 1996 vol 1174 pp
207ndash226
L M Marvel and C G Boncelet Jr ldquoCapacity of the additive steganographic
channelrdquo submitted for publication
R van Schyndel A Tirkel and C Osborne ldquoA digital watermarkrdquo in Proc IEEE Int
Conf Image Processing 1994 vol 2 pp 86ndash90
R B Wolfgang and E J Delp ldquoA watermark for digital imagesrdquo in Proc IEEE Int
Conf Image Processing Lausanne Switzerland Sept 1996 vol 111 pp 219ndash222
31
- 84 Countermeasures and detection
- Detection of physical steganography requires careful physical examination including the use of magnification developer chemicals and ultraviolet light It is a time-consuming process with obvious resource implications even in countries where large numbers of people are employed to spy on their fellow nationals However it is feasible to screen mail of certain suspected individuals or institutions such as prisons or prisoner-of-war (POW) camps During World War II a technology used to ease monitoring of POW mail was specially treated paper that would reveal invisible ink An article in the June 24 1948 issue of Paper Trade Journal by the Technical Director of the United States Government Printing Office Morris S Kantrowitz describes in general terms the development of this paper three prototypes of which were named Sensicoat Anilith and Coatalith paper These were for the manufacture of post cards and stationery to be given to German prisoners of war in the US and Canada If POWs tried to write a hidden message the special paper would render it visible At least two US patents were granted related to this technology one to Mr Kantrowitz No 2515232 Water-Detecting paper and Water-Detecting Coating Composition Therefor patented July 18 1950 and an earlier one Moisture-Sensitive Paper and the Manufacture Thereof No 2445586 patented July 20 1948 A similar strategy is to issue prisoners with writing paper ruled with a water-soluble ink that runs when in contact with a water-based invisible ink
-
1048766 8-bit color every pixel can have one in 256 (2^8) colors chosen from a palette or a table
of colors
1048766 8-bit gray-scale every pixel can have one in 256 (2^8) shades of gray
LSB insertion modifies the LSBs of each color in 24-bit images or the LSBs of the 8-bit
value for 8-bit images
92Data Rate
The most basic of LSBs insertion for 24-bit pictures inserts 3 bitspixel Since every pixel is
24 bits we can hide
3 hidden-bitspixel 24 data-bitspixel = 18 hidden-bitsdatabits
So for this case we hide 1 bit of the embedded message for every 8 bits of the cover image If
we pushed the insertion to include the second LSBs the formula would change to
6 hidden-bitspixel 24 data-bitspixel = 28 hidden-bitsdatabits
And we would hide 2 bits of the embedded message for every 8 bits of the cover image
Adding a third-bit insertion we would get
9 hidden-bitspixel 24 data-bitspixel = 38 hidden-bitsdatabits
Acquiring a data rate of 3 embedded bits every 8 bits of the image The data rate for insertion
in 8-bit images is analogous to the 1 LSB insertion in 24-bit images or 1 embedded bit every
8 cover bits We can see the problem in another light and ask how many cover bytes are
needed to send an embedded byte
For 1-LSB insertion in 24-bit images or in 8-bit images this value would be 818 = 8 Bytes
For 2-LSBs insertion in 24-bit pictures it would be 828 = 4 Bytes for 3-LSBs insertion it
would be 838 = 2133 Bytes
93Robustness
LSB insertion is very vulnerable to a lot of transformationseven the most harmless and usual
ones Lossy compression eg JPEG is very likely to destroy it completely The problem is
that the holes in the Human Visual System that LSB insertion tries to exploit ndash little
sensitivity to added noise - are the same that lossy compression algorithms rely on to be able
to reduce the data rate of images
19
Geometrical transformations moving the pixels around and especially message and the only
one that could allow recovery is a simple translation Any other kind of picture
transformation like blurring or other effects usually will destroy the hidden data All in all
LSB insertion is a very little robust technique for data hiding displacing them from the
original grid are likely to destroy the embedded
94Ease of detectionextraction
There is no theoretical outstanding mark of LSB insertion if not a little increase of
background noise Itrsquos very easy instead to extract LSBs even with simple programs and to
check them later to find if they mean something or not
95Suitability for steganography or watermarking
First of all since it is a so vulnerable technique even for simple processing LSB insertion is
almost useless for digital watermarking where it must face malicious attempts at its
destruction plus normal transformations like compressiondecompression or conversion to
analog (printing or visualization)conversion to digital (scanning) Its comparatively high data
rate can point it as a good technique for steganography where robustness is not such an
important constraint
96Problems and possible solutions
Having stated that LSB insertion is good for steganography we can try to improve one of its
major drawbacks the ease of extraction We donrsquot want that a malicious attacker be able to
read everything we are sending
This is usually accomplished with two complementary techniques
Encryption of the message so that who extracts it must also decrypt it before it makes
sense
Randomizing the placement of the bits using a cryptographical random function
(scattering) so that itrsquos almost impossible to rebuild the message without knowing the
seed for the random function
In this way the message is protected by two different keys acquiring much more
confidentiality than before This approach protects also the integrity of the message being
much more difficult (we could say at least computationally infeasible) to counterfeit the
message
20
Anyway since we donrsquot want our message to be only an encrypted and scrambled message
we must go back to the purpose of making the communication hidden
The two most important issues in this problem are
The choice of images
The choice of the format (24-bit or 8-bit compressed or not)
The cover image first of all must seem casual so it must be chosen between a set of subjects
that can have a reason to be exchanged between the source and the receiver Then it must
have quite varying colors it must be noisy so that the added noise is going to be covered
by the already present one Wide solid-color areas imagnify very much any little amount of
noise added to them Second there is a problem with the file size which involves the choice
of the format Unusually big files exchanged between two peers in fact are likely to arise
suspicion
To solve this problem it has been studied a modification to the JPEG algorithm that inserts
LSBs in some of the lossless stages or pilots the rounding of the coefficients of the DCT used
to compress the image to encode the bits Since we need to have small image file sizes we
should resort in using 8-bit images if we want to communicate using LSB insertion because
their size is more likely to be considered as normal
The problem with 256 colors images is that they make use of an indexed palette and
changing a LSB means that we switch a pixel from a position to an adjacent one If there are
adjacent contrasting colors in the palette it can happen that a pixel in the image changes its
color abruptly and the hidden message becomes visible
To solve this problem different methods have been studied like rearranging the palette so
that adjacent colors donrsquot contrast so much or even reducing the palette to a smaller number
of colors and replicating the same entry in the table in adjacent positions so that the
difference after the embedding of the message is not visible at all
Moreover for most images the reduction of colors from for instance 256 to 32 is hardly
visible Most of the experts anyway advise to use 8-bit grayscale images since their palette
is much less varying than the color one so LSB insertion is going to be very hard to detect by
the human eye
21
10SSIS - SPREAD SPECTRUM IMAGE STEGANOGRAPHY
Techniques of error-control coding image restoration and those similar to spread spectrum
communication are combined within the SSIS system The fundamental concept is the
embedding of the hidden information within noise which is then added to a digital cover
image This noise is typical of the noise inherent to the image acquisition process and if kept
at low levels is not perceptible to the human eye or by computer analysis without access to
the original image To successfully decode the message image restoration techniques and
error-control coding are employed Image restoration is used to obtain an approximate
estimate of the original cover image from the stegoimage This promotes the estimation of the
embedded signal that was added to the cover in addition to allowing SSIS to be a blind
steganography scheme
Finally because the noise is of low power and the restoration process is not perfect the
estimation of the embedded signal is poor resulting in an embedded signal bit error rate
(BER) that is rather high To compensate the message signal is processed by a low-rate
error-correcting code before embedding This conglomeration of communication and image
processing techniques provides a method of reliable blind image steganography
The major processes of the stegosystem encoder are portrayed Within the system the
message is optionally encrypted with key 1 and then encoded via a low-rate
errorcorrectingcode producing the encoded message Thesender enters key 2 into a wideband
pseudorandom noise generator producing a real-valued noise sequence sequently the
modulation scheme is used to combine the message with the noise sequence thereby
composing the embedded signal which is then input into an interleaver using key 3 This
signal is now added with the cover image to produce the stegoimage which is appropriately
quantized and clipped to preserve the initial dynamic range of the cover image The
stegoimage is then transmitted in some manner to the recipient At the receiver the
stegoimage is received by the recipient who maintains the same keys as the sender uses the
stegosystem decoder to extract the hidden information The decoder uses image restoration
techniques to produce an estimate of the original cover image from the received
stegoimage The difference between and
is fed into a keyed deinterleaver to construct an estimate of the embedded signal With key
2 the noise sequence is regenerated the encoded message is then demodulated and an
estimate of the encoded message is constructed The estimate of the message is then
22
decoded via the low-rate errorcontrol decoder optionally decrypted using key 1 and revealed
to the recipient
The interleaver in this scheme which reorders the embedded signal before it is added to the
cover image serves a dual function The first is to prevent a group or burst of errors This
allows the errors to occur almost independently within a codeword thus giving the error-
correcting code an equal chance at correcting the errors in all codewords Second since the
interleaver requires a key to stipulate the interleaving algorithm this key can serve as another
level of security to establish the proper order of the embedded signal before decoding
We point out this technique as an example for spread spectrum data-hiding methods Spread
spectrum techniques are now widely used in military radio communications due to their very
high robustness to detection and extraction SSIS is a quite mature process and its aim is to
achieve low detectability ease of extraction high data rate and good robustness to removal It
is based on spread spectrum techniques but it enhances them by adding other encoding steps
FigSSIS encoder
23
FigSSIS decoder
101Technique basics
The core of SSIS is a spread spectrum encoder These devices work by modulating a narrow
band signal over a carrier The carrierrsquos frequency is continually shifted using a
pseudorandom noise generator fed with a secret key In this way the spectral energy of the
signal is spread over a wide band thus decreasing its density usually under the noise level
To extract the embedded message the receiver must use the same key and noise generator to
tune on the right frequencies and demodulate the original signal A casual observer wonrsquot be
able even to detect the hidden communication since it is under the noise level
102Data Rate
The data rate for this technique can be fairly high but it depends on the choices made for the
different parameters of the encoding We can assume that the message will be compressed
before embedding to allow for a higher capacity The ECC encoder instead is going to insert
redundant data into the stream to be able to correct the errors The more errors we want to
correct the more bits will be added Then we have a tradeoff between good retrieval and
capacity If we can allow for small glitches in the recovered message then we can use a
weaker encoding
Moreover the more data we want to insert in the image the more noise we are going to add
to it Then if our cover is not noisy we will be able to hide very little data while if we
choose a noisy one its capacity will be higher Experiments with 512x512 grey scale images
(256 KB) could embed from 500 bytes to 5KB depending on the cover These experiments
used a spread spectrum signal powerful enough to give almost total error-free retrieval
because the compression method adopted didnrsquot allow for any errors This means a data rate
24
varying from 1 hidden-bytes50 cover-bytes to 10 hiddenbytes 50 cover-bytes a rate
surpassed only by LSB insertion
103Robustness
Spread spectrum techniques are usually quite robust Every transformation that adds noise to
the image isnrsquot able to destroy the message Anyway a determined attacker can quite easily
compromise the embedded data using some digital processing like for examplenoise
reduction filters the same that are used in decoding to estimate the original cover
104Ease of detectionextraction
Spread spectrum encoding is widely used in military communications for its robustness
against detection An attacker canrsquot usually even know if the message was embedded and
anyway it will be very hard for him to extract it without knowing the right key2 and key3
105Suitability for steganography or watermarking
Due to its fairly high capacity and low ease of detection and extraction SISS is very good for
steganography
106Problems and possible solutions
The basic tradeoff in using SSIS is between the error rate we can afford and the amount of
informations we want to embed that varies in turn the power of the added noise The ECC is
used to allow for a lower power without increasing the Bit Error Rate as well
Further improvements will deal with improving the original cover estimate stage so that itrsquoll
lead to a lower Bit Error Rate in the recovered signal allowing to use less redundant ECCs
The first is redundant encoding by dividing the cover into blocks and embedding the same
message in each of them so that the hidden data can be extracted even from a part of the
image as big as one block but the more of it we have the more certain we can be about the
result
Moreover they added to the spectrum a template that can through a log-polar transform
applied to the spectrum of the stegoimage determine the original scale factor and orientation
of the image rendering the stego-message virtually immune to scaling and rotation Finally
spread spectrum techniques can add an adaptive perceptual masking filter before the insertion
of the signal so that the added noise is quite sure to be under perceptual limits This
25
however will increase the error rate in the retrieval because it reduces the power of the
embedded signal
11Applications of Steganography
Steganography is applicable to but not limited to the following areas
1) Confidential communication and secret data storing
2) Protection of data alteration
3) Access control system for digital content distribution
4) Media Database systems
The area differs in what feature of the steganography is utilized in each system
111 Confidential communication and secret data storing
The secrecy of the embedded data is essential in this areaHistorically steganography have
been approached in this area Steganography provides us with
(A) Potential capability to hide the existence of confidential data
(B) Hardness of detecting the hidden (ie embedded) data
(C) Strengthening of the secrecy of the encrypted data
In practice when you use some steganography you must first select a vessel data according
to the size of the embedding data The vessel should be innocuous Then you embed the
confidential data by using an embedding program (which is one component of the
steganography software) together with some key When extracting you (or your party) use an
extracting program (another component) to recover the embedded data by the same key
( common key in terms of cryptography) In this case you need a key negotiation before
you start communication
Attaching a stego file to an e-mail message is the simplest example in this application area
But you and your party must do a sending-and-receiving action that could be noticed by a
third party So e-mailing is not a completely secret communication methodThere is an easy
method that has no key-negotiation We have a model of Anonymous Covert Mailing
System There is some other communication method that uses the Internet Webpage In this
26
method you dont need to send anything to your party and no one can detect your
communication
Each secrecy based application needs an embedding process which leaves the smallest
embedding evidence You may follow the following
(A) Choose a large vessel larger the better compared with the embedding data
(B) Discard the original vessel after embedding
For example in the case of Qtech Hide amp View it leaves some latent embedding evidence
even if the vessel has a very large embedding capacity You are recommended to embed only
25 or less (for PNG BMP output) of the maximum capacity or only 3 of the vessel size
(for JPEG output)
112 Protection of data alteration
We take advantage of the fragility of the embedded data in this application area
The embedded data can rather be fragile than be very robust Actually embedded data are
fragile in most steganography programs Especially Qtech Hide amp View program embeds
data in an extremely fragile manner However this fragility opens a new direction toward an
information-alteration protective system such as a Digital Certificate Document System
The most novel point among others is that no authentication bureau is needed If it is
implemented people can send their digital certificate data to any place in the world through
Internet No one can forge alter nor tamper such certificate data If forged altered or
tampered it is easily detected by the extraction program
Stated somewhat more formally the objective for making steganographic encoding difficult
to detect is to ensure that the changes to the carrier (the original signal) due to the injection of
the payload (the signal to covertly embed) are visually (and ideally statistically) negligible
that is to say the changes are indistinguishable from the noise floor of the carrier Any
medium can be a carrier but media with a large amount of redundant or compressible
information are better suited
From an information theoretical point of view this means that the channel must have more
capacity than the surface signal requires that is there must be redundancy For a digital
image this may be noise from the imaging element for digital audio it may be noise from
recording techniques or amplification equipment In general electronics that digitize an
analog signal suffer from several noise sources such as thermal noise flicker noise and shot
27
noise This noise provides enough variation in the captured digital information that it can be
exploited as a noise cover for hidden data In addition lossy compression schemes (such as
JPEG) always introduce some error into the decompressed data it is possible to exploit this
for steganographic use as well
Steganography can be used for digital watermarking where a message (being simply an
identifier) is hidden in an image so that its source can be tracked or verified (for example
Coded Anti-Piracy) or even just to identify an image (as in the EURion constellation)
113 Access control system for digital content distribution
In this area embedded data is hidden but is explained to publicize the contentToday
digital contents are getting more and more commonly distributed by Internet than ever before
For example music companies release new albums on their Webpage in a free or charged
manner However in this case all the contents are equally distributed to the people who
accessed the page So an ordinary Web distribution scheme is not suited for a case-by-case
and selective distribution Of course it is always possible to attach digital content to e-mail
messages and send to the customers But it will takes a lot of cost in time and labor
If you have some valuable content which you think it is okay to provide others if they really
need it and if it is possible to upload such content on the Web in some covert manner And if
you can issue a special access key to extract the content selectively you will be very happy
about it A steganographic scheme can help realize a this type of system
We have developed a prototype of an Access Control System for digital content
distribution through Internet The following steps explain the scheme
(1) A content owner classify hisher digital contents in a folder-by-folder manner and embed
the whole folders in some large vessel according to a steganographic method using folder
access keys and upload the embedded vessel (stego data) on hisher own Webpage
(2) On that Webpage the owner explains the contents in depth and publicize worldwide The
contact information to the owner (post mail address e-mail address phone number etc) will
be posted there
(3) The owner may receive an access-request from a customer who watched that Webpage In
that case the owner may (or may not) creates an access key and provide it to the customer
(free or charged)
28
In this mechanism the most important point is a selective extraction is possible or notWe
have already developed such a selective extraction program to implement the system
114 Media Database systems
In this application area of steganography secrecy is not important but unifying two types of
data into one is the most importantMedia data (photo picture movie music etc) have some
association with other information A photo picture for instance may have the following
(1) The title of the picture and some physical object information
(2) The date and the time when the picture was taken
(3) The camera and the photographers information
Formerly these are annotated beside the each picture in the albumRecently almost all
cameras are digitalized They are cheap in price easy to use quick to shoot They eventually
made people feel reluctant to work on annotating each picture Now most home PCs are
stuck with the huge amount of photo files In this situation it is very hard to find a specific
shot in the piles of pictures A photo album software may help a little You can sort the
pictures and put a couple of annotation words to each photo When you want to find a
specific picture you can make a search by keywords for the target picture However the
annotation data in such software are not unified with the target pictures Each annotation only
has a link to the picture Therefore when you transfer the pictures to a different album
software all the annotation data are lost
This problem is technically referred to as Metadata (eg annotation data) in a media
database system (a photo album software) are separated from the media data (photo data) in
the database managing system (DBMS) This is a big problem
Steganography can solve this problem because a steganography program unifies two types of
data into one by way of embedding operation So metadata can easily be transferred from
one system to another without hitch Specifically you can embed all your goodbad memory
(of your sight-seeing trip) in each snap shot of the digital photo You can either send the
embedded picture to your friend to extract your memory on hisher PC or you may keep it
silent in your own PC to enjoy extracting the memory ten years after If a motion picture
steganography system has been developed in the near future a keyword based movie-scene
retrieving system will be implemented It will be a step to a semantic movie retrieval system
29
12CONCLUSION
In this paper we tried to give an all-round view of steganography both used to exchange
messages and watermarking First we gave an outline of the problem telling also some of the
history of this quickly developing field Then we showed the different techniques invented
from the simplest to the more complex ones trying to evaluate them under many points of
view Major emphasis was put on data hiding in images for the techniques involved are
usually more mature than the corresponding ones for other kinds of informations Image
encoding algorithms can also be representative for manipulation of other types of media like
voice text binary files binary files communication channels etc
The strength of our system resides in the new concept of key image Involving two images
(the cover and the key) in place of only one (the cover) we are able to change the cover
coefficients randomly This opportunity does not give a steganalytic tool the chance of
searching for a predictable set of modifications The proposed approach has many
applications in hiding and coding messages within standard medias such as images or videos
As future work we intend to study steganalytic techniques for ISC and to extend ISC to
mobile video communication
Then we gave an outline of the problems involved with watermarking a field that has come
into light after the development of broadband worldwide digital networks Steganography and
digital watermarking are undergoing a development process similar to that of encryption
Steganographyrsquos niche in security is to supplement cryptography and not to replace it There
is a continuous invention of new techniques for steganography followed by successful
breakings and new improvements of them
30
13REFERENCES
Neil F Johnson Sushil Jajodia George Mason University Exploring
Steganography Seeing the Unseen IEEE Computers February 1998 pp 26-34
W Bender D Gruhl N Morimoto A Lu Techniques for Data Hiding IBM
Systems Journal Vol 35
Ross Anderson Roger Needham Adi Shamir The Steganographic File System 2nd
Information Hiding Workshop 1998
Ross J Anderson Fabien AP Petitcolas On the limits of steganographyrdquo
W Bender D Gruhl N Morimoto and A Lu ldquoTechniques for data hidingrdquo IBM
Syst J vol 35 1996
I J Cox J Kilian T Leighton and T Shamoon ldquoSecure spread spectrum
watermarking for images audio and videordquo in Proc IEEE Int Conf Image
Processing Lausanne Switzerland Sept 1996 vol 111 pp 243ndash246
D Kahn The CodebreakersmdashThe Story of Secret Writing New York Scribner
1967
F Johnson and S Jajodia ldquoExploring steganography Seeing the unseenrdquo IEEE
Computer Mag pp 26ndash34 Feb 1998
B Pfitzmann ldquoTrials of traced traitorsrdquo in Information Hiding First International
Workshop Lecture Notes in Computer Science R Anderson Ed Berlin Germany
Springer-Verlag 1996 vol 1 pp 49ndash64
J R Smith and B O Comisky ldquoModulation and information hiding in imagesrdquo in
Information Hiding First International Workshop Lecture Notes in Computer
Science R Anderson Ed Berlin Germany Springer-Verlag 1996 vol 1174 pp
207ndash226
L M Marvel and C G Boncelet Jr ldquoCapacity of the additive steganographic
channelrdquo submitted for publication
R van Schyndel A Tirkel and C Osborne ldquoA digital watermarkrdquo in Proc IEEE Int
Conf Image Processing 1994 vol 2 pp 86ndash90
R B Wolfgang and E J Delp ldquoA watermark for digital imagesrdquo in Proc IEEE Int
Conf Image Processing Lausanne Switzerland Sept 1996 vol 111 pp 219ndash222
31
- 84 Countermeasures and detection
- Detection of physical steganography requires careful physical examination including the use of magnification developer chemicals and ultraviolet light It is a time-consuming process with obvious resource implications even in countries where large numbers of people are employed to spy on their fellow nationals However it is feasible to screen mail of certain suspected individuals or institutions such as prisons or prisoner-of-war (POW) camps During World War II a technology used to ease monitoring of POW mail was specially treated paper that would reveal invisible ink An article in the June 24 1948 issue of Paper Trade Journal by the Technical Director of the United States Government Printing Office Morris S Kantrowitz describes in general terms the development of this paper three prototypes of which were named Sensicoat Anilith and Coatalith paper These were for the manufacture of post cards and stationery to be given to German prisoners of war in the US and Canada If POWs tried to write a hidden message the special paper would render it visible At least two US patents were granted related to this technology one to Mr Kantrowitz No 2515232 Water-Detecting paper and Water-Detecting Coating Composition Therefor patented July 18 1950 and an earlier one Moisture-Sensitive Paper and the Manufacture Thereof No 2445586 patented July 20 1948 A similar strategy is to issue prisoners with writing paper ruled with a water-soluble ink that runs when in contact with a water-based invisible ink
-
Geometrical transformations moving the pixels around and especially message and the only
one that could allow recovery is a simple translation Any other kind of picture
transformation like blurring or other effects usually will destroy the hidden data All in all
LSB insertion is a very little robust technique for data hiding displacing them from the
original grid are likely to destroy the embedded
94Ease of detectionextraction
There is no theoretical outstanding mark of LSB insertion if not a little increase of
background noise Itrsquos very easy instead to extract LSBs even with simple programs and to
check them later to find if they mean something or not
95Suitability for steganography or watermarking
First of all since it is a so vulnerable technique even for simple processing LSB insertion is
almost useless for digital watermarking where it must face malicious attempts at its
destruction plus normal transformations like compressiondecompression or conversion to
analog (printing or visualization)conversion to digital (scanning) Its comparatively high data
rate can point it as a good technique for steganography where robustness is not such an
important constraint
96Problems and possible solutions
Having stated that LSB insertion is good for steganography we can try to improve one of its
major drawbacks the ease of extraction We donrsquot want that a malicious attacker be able to
read everything we are sending
This is usually accomplished with two complementary techniques
Encryption of the message so that who extracts it must also decrypt it before it makes
sense
Randomizing the placement of the bits using a cryptographical random function
(scattering) so that itrsquos almost impossible to rebuild the message without knowing the
seed for the random function
In this way the message is protected by two different keys acquiring much more
confidentiality than before This approach protects also the integrity of the message being
much more difficult (we could say at least computationally infeasible) to counterfeit the
message
20
Anyway since we donrsquot want our message to be only an encrypted and scrambled message
we must go back to the purpose of making the communication hidden
The two most important issues in this problem are
The choice of images
The choice of the format (24-bit or 8-bit compressed or not)
The cover image first of all must seem casual so it must be chosen between a set of subjects
that can have a reason to be exchanged between the source and the receiver Then it must
have quite varying colors it must be noisy so that the added noise is going to be covered
by the already present one Wide solid-color areas imagnify very much any little amount of
noise added to them Second there is a problem with the file size which involves the choice
of the format Unusually big files exchanged between two peers in fact are likely to arise
suspicion
To solve this problem it has been studied a modification to the JPEG algorithm that inserts
LSBs in some of the lossless stages or pilots the rounding of the coefficients of the DCT used
to compress the image to encode the bits Since we need to have small image file sizes we
should resort in using 8-bit images if we want to communicate using LSB insertion because
their size is more likely to be considered as normal
The problem with 256 colors images is that they make use of an indexed palette and
changing a LSB means that we switch a pixel from a position to an adjacent one If there are
adjacent contrasting colors in the palette it can happen that a pixel in the image changes its
color abruptly and the hidden message becomes visible
To solve this problem different methods have been studied like rearranging the palette so
that adjacent colors donrsquot contrast so much or even reducing the palette to a smaller number
of colors and replicating the same entry in the table in adjacent positions so that the
difference after the embedding of the message is not visible at all
Moreover for most images the reduction of colors from for instance 256 to 32 is hardly
visible Most of the experts anyway advise to use 8-bit grayscale images since their palette
is much less varying than the color one so LSB insertion is going to be very hard to detect by
the human eye
21
10SSIS - SPREAD SPECTRUM IMAGE STEGANOGRAPHY
Techniques of error-control coding image restoration and those similar to spread spectrum
communication are combined within the SSIS system The fundamental concept is the
embedding of the hidden information within noise which is then added to a digital cover
image This noise is typical of the noise inherent to the image acquisition process and if kept
at low levels is not perceptible to the human eye or by computer analysis without access to
the original image To successfully decode the message image restoration techniques and
error-control coding are employed Image restoration is used to obtain an approximate
estimate of the original cover image from the stegoimage This promotes the estimation of the
embedded signal that was added to the cover in addition to allowing SSIS to be a blind
steganography scheme
Finally because the noise is of low power and the restoration process is not perfect the
estimation of the embedded signal is poor resulting in an embedded signal bit error rate
(BER) that is rather high To compensate the message signal is processed by a low-rate
error-correcting code before embedding This conglomeration of communication and image
processing techniques provides a method of reliable blind image steganography
The major processes of the stegosystem encoder are portrayed Within the system the
message is optionally encrypted with key 1 and then encoded via a low-rate
errorcorrectingcode producing the encoded message Thesender enters key 2 into a wideband
pseudorandom noise generator producing a real-valued noise sequence sequently the
modulation scheme is used to combine the message with the noise sequence thereby
composing the embedded signal which is then input into an interleaver using key 3 This
signal is now added with the cover image to produce the stegoimage which is appropriately
quantized and clipped to preserve the initial dynamic range of the cover image The
stegoimage is then transmitted in some manner to the recipient At the receiver the
stegoimage is received by the recipient who maintains the same keys as the sender uses the
stegosystem decoder to extract the hidden information The decoder uses image restoration
techniques to produce an estimate of the original cover image from the received
stegoimage The difference between and
is fed into a keyed deinterleaver to construct an estimate of the embedded signal With key
2 the noise sequence is regenerated the encoded message is then demodulated and an
estimate of the encoded message is constructed The estimate of the message is then
22
decoded via the low-rate errorcontrol decoder optionally decrypted using key 1 and revealed
to the recipient
The interleaver in this scheme which reorders the embedded signal before it is added to the
cover image serves a dual function The first is to prevent a group or burst of errors This
allows the errors to occur almost independently within a codeword thus giving the error-
correcting code an equal chance at correcting the errors in all codewords Second since the
interleaver requires a key to stipulate the interleaving algorithm this key can serve as another
level of security to establish the proper order of the embedded signal before decoding
We point out this technique as an example for spread spectrum data-hiding methods Spread
spectrum techniques are now widely used in military radio communications due to their very
high robustness to detection and extraction SSIS is a quite mature process and its aim is to
achieve low detectability ease of extraction high data rate and good robustness to removal It
is based on spread spectrum techniques but it enhances them by adding other encoding steps
FigSSIS encoder
23
FigSSIS decoder
101Technique basics
The core of SSIS is a spread spectrum encoder These devices work by modulating a narrow
band signal over a carrier The carrierrsquos frequency is continually shifted using a
pseudorandom noise generator fed with a secret key In this way the spectral energy of the
signal is spread over a wide band thus decreasing its density usually under the noise level
To extract the embedded message the receiver must use the same key and noise generator to
tune on the right frequencies and demodulate the original signal A casual observer wonrsquot be
able even to detect the hidden communication since it is under the noise level
102Data Rate
The data rate for this technique can be fairly high but it depends on the choices made for the
different parameters of the encoding We can assume that the message will be compressed
before embedding to allow for a higher capacity The ECC encoder instead is going to insert
redundant data into the stream to be able to correct the errors The more errors we want to
correct the more bits will be added Then we have a tradeoff between good retrieval and
capacity If we can allow for small glitches in the recovered message then we can use a
weaker encoding
Moreover the more data we want to insert in the image the more noise we are going to add
to it Then if our cover is not noisy we will be able to hide very little data while if we
choose a noisy one its capacity will be higher Experiments with 512x512 grey scale images
(256 KB) could embed from 500 bytes to 5KB depending on the cover These experiments
used a spread spectrum signal powerful enough to give almost total error-free retrieval
because the compression method adopted didnrsquot allow for any errors This means a data rate
24
varying from 1 hidden-bytes50 cover-bytes to 10 hiddenbytes 50 cover-bytes a rate
surpassed only by LSB insertion
103Robustness
Spread spectrum techniques are usually quite robust Every transformation that adds noise to
the image isnrsquot able to destroy the message Anyway a determined attacker can quite easily
compromise the embedded data using some digital processing like for examplenoise
reduction filters the same that are used in decoding to estimate the original cover
104Ease of detectionextraction
Spread spectrum encoding is widely used in military communications for its robustness
against detection An attacker canrsquot usually even know if the message was embedded and
anyway it will be very hard for him to extract it without knowing the right key2 and key3
105Suitability for steganography or watermarking
Due to its fairly high capacity and low ease of detection and extraction SISS is very good for
steganography
106Problems and possible solutions
The basic tradeoff in using SSIS is between the error rate we can afford and the amount of
informations we want to embed that varies in turn the power of the added noise The ECC is
used to allow for a lower power without increasing the Bit Error Rate as well
Further improvements will deal with improving the original cover estimate stage so that itrsquoll
lead to a lower Bit Error Rate in the recovered signal allowing to use less redundant ECCs
The first is redundant encoding by dividing the cover into blocks and embedding the same
message in each of them so that the hidden data can be extracted even from a part of the
image as big as one block but the more of it we have the more certain we can be about the
result
Moreover they added to the spectrum a template that can through a log-polar transform
applied to the spectrum of the stegoimage determine the original scale factor and orientation
of the image rendering the stego-message virtually immune to scaling and rotation Finally
spread spectrum techniques can add an adaptive perceptual masking filter before the insertion
of the signal so that the added noise is quite sure to be under perceptual limits This
25
however will increase the error rate in the retrieval because it reduces the power of the
embedded signal
11Applications of Steganography
Steganography is applicable to but not limited to the following areas
1) Confidential communication and secret data storing
2) Protection of data alteration
3) Access control system for digital content distribution
4) Media Database systems
The area differs in what feature of the steganography is utilized in each system
111 Confidential communication and secret data storing
The secrecy of the embedded data is essential in this areaHistorically steganography have
been approached in this area Steganography provides us with
(A) Potential capability to hide the existence of confidential data
(B) Hardness of detecting the hidden (ie embedded) data
(C) Strengthening of the secrecy of the encrypted data
In practice when you use some steganography you must first select a vessel data according
to the size of the embedding data The vessel should be innocuous Then you embed the
confidential data by using an embedding program (which is one component of the
steganography software) together with some key When extracting you (or your party) use an
extracting program (another component) to recover the embedded data by the same key
( common key in terms of cryptography) In this case you need a key negotiation before
you start communication
Attaching a stego file to an e-mail message is the simplest example in this application area
But you and your party must do a sending-and-receiving action that could be noticed by a
third party So e-mailing is not a completely secret communication methodThere is an easy
method that has no key-negotiation We have a model of Anonymous Covert Mailing
System There is some other communication method that uses the Internet Webpage In this
26
method you dont need to send anything to your party and no one can detect your
communication
Each secrecy based application needs an embedding process which leaves the smallest
embedding evidence You may follow the following
(A) Choose a large vessel larger the better compared with the embedding data
(B) Discard the original vessel after embedding
For example in the case of Qtech Hide amp View it leaves some latent embedding evidence
even if the vessel has a very large embedding capacity You are recommended to embed only
25 or less (for PNG BMP output) of the maximum capacity or only 3 of the vessel size
(for JPEG output)
112 Protection of data alteration
We take advantage of the fragility of the embedded data in this application area
The embedded data can rather be fragile than be very robust Actually embedded data are
fragile in most steganography programs Especially Qtech Hide amp View program embeds
data in an extremely fragile manner However this fragility opens a new direction toward an
information-alteration protective system such as a Digital Certificate Document System
The most novel point among others is that no authentication bureau is needed If it is
implemented people can send their digital certificate data to any place in the world through
Internet No one can forge alter nor tamper such certificate data If forged altered or
tampered it is easily detected by the extraction program
Stated somewhat more formally the objective for making steganographic encoding difficult
to detect is to ensure that the changes to the carrier (the original signal) due to the injection of
the payload (the signal to covertly embed) are visually (and ideally statistically) negligible
that is to say the changes are indistinguishable from the noise floor of the carrier Any
medium can be a carrier but media with a large amount of redundant or compressible
information are better suited
From an information theoretical point of view this means that the channel must have more
capacity than the surface signal requires that is there must be redundancy For a digital
image this may be noise from the imaging element for digital audio it may be noise from
recording techniques or amplification equipment In general electronics that digitize an
analog signal suffer from several noise sources such as thermal noise flicker noise and shot
27
noise This noise provides enough variation in the captured digital information that it can be
exploited as a noise cover for hidden data In addition lossy compression schemes (such as
JPEG) always introduce some error into the decompressed data it is possible to exploit this
for steganographic use as well
Steganography can be used for digital watermarking where a message (being simply an
identifier) is hidden in an image so that its source can be tracked or verified (for example
Coded Anti-Piracy) or even just to identify an image (as in the EURion constellation)
113 Access control system for digital content distribution
In this area embedded data is hidden but is explained to publicize the contentToday
digital contents are getting more and more commonly distributed by Internet than ever before
For example music companies release new albums on their Webpage in a free or charged
manner However in this case all the contents are equally distributed to the people who
accessed the page So an ordinary Web distribution scheme is not suited for a case-by-case
and selective distribution Of course it is always possible to attach digital content to e-mail
messages and send to the customers But it will takes a lot of cost in time and labor
If you have some valuable content which you think it is okay to provide others if they really
need it and if it is possible to upload such content on the Web in some covert manner And if
you can issue a special access key to extract the content selectively you will be very happy
about it A steganographic scheme can help realize a this type of system
We have developed a prototype of an Access Control System for digital content
distribution through Internet The following steps explain the scheme
(1) A content owner classify hisher digital contents in a folder-by-folder manner and embed
the whole folders in some large vessel according to a steganographic method using folder
access keys and upload the embedded vessel (stego data) on hisher own Webpage
(2) On that Webpage the owner explains the contents in depth and publicize worldwide The
contact information to the owner (post mail address e-mail address phone number etc) will
be posted there
(3) The owner may receive an access-request from a customer who watched that Webpage In
that case the owner may (or may not) creates an access key and provide it to the customer
(free or charged)
28
In this mechanism the most important point is a selective extraction is possible or notWe
have already developed such a selective extraction program to implement the system
114 Media Database systems
In this application area of steganography secrecy is not important but unifying two types of
data into one is the most importantMedia data (photo picture movie music etc) have some
association with other information A photo picture for instance may have the following
(1) The title of the picture and some physical object information
(2) The date and the time when the picture was taken
(3) The camera and the photographers information
Formerly these are annotated beside the each picture in the albumRecently almost all
cameras are digitalized They are cheap in price easy to use quick to shoot They eventually
made people feel reluctant to work on annotating each picture Now most home PCs are
stuck with the huge amount of photo files In this situation it is very hard to find a specific
shot in the piles of pictures A photo album software may help a little You can sort the
pictures and put a couple of annotation words to each photo When you want to find a
specific picture you can make a search by keywords for the target picture However the
annotation data in such software are not unified with the target pictures Each annotation only
has a link to the picture Therefore when you transfer the pictures to a different album
software all the annotation data are lost
This problem is technically referred to as Metadata (eg annotation data) in a media
database system (a photo album software) are separated from the media data (photo data) in
the database managing system (DBMS) This is a big problem
Steganography can solve this problem because a steganography program unifies two types of
data into one by way of embedding operation So metadata can easily be transferred from
one system to another without hitch Specifically you can embed all your goodbad memory
(of your sight-seeing trip) in each snap shot of the digital photo You can either send the
embedded picture to your friend to extract your memory on hisher PC or you may keep it
silent in your own PC to enjoy extracting the memory ten years after If a motion picture
steganography system has been developed in the near future a keyword based movie-scene
retrieving system will be implemented It will be a step to a semantic movie retrieval system
29
12CONCLUSION
In this paper we tried to give an all-round view of steganography both used to exchange
messages and watermarking First we gave an outline of the problem telling also some of the
history of this quickly developing field Then we showed the different techniques invented
from the simplest to the more complex ones trying to evaluate them under many points of
view Major emphasis was put on data hiding in images for the techniques involved are
usually more mature than the corresponding ones for other kinds of informations Image
encoding algorithms can also be representative for manipulation of other types of media like
voice text binary files binary files communication channels etc
The strength of our system resides in the new concept of key image Involving two images
(the cover and the key) in place of only one (the cover) we are able to change the cover
coefficients randomly This opportunity does not give a steganalytic tool the chance of
searching for a predictable set of modifications The proposed approach has many
applications in hiding and coding messages within standard medias such as images or videos
As future work we intend to study steganalytic techniques for ISC and to extend ISC to
mobile video communication
Then we gave an outline of the problems involved with watermarking a field that has come
into light after the development of broadband worldwide digital networks Steganography and
digital watermarking are undergoing a development process similar to that of encryption
Steganographyrsquos niche in security is to supplement cryptography and not to replace it There
is a continuous invention of new techniques for steganography followed by successful
breakings and new improvements of them
30
13REFERENCES
Neil F Johnson Sushil Jajodia George Mason University Exploring
Steganography Seeing the Unseen IEEE Computers February 1998 pp 26-34
W Bender D Gruhl N Morimoto A Lu Techniques for Data Hiding IBM
Systems Journal Vol 35
Ross Anderson Roger Needham Adi Shamir The Steganographic File System 2nd
Information Hiding Workshop 1998
Ross J Anderson Fabien AP Petitcolas On the limits of steganographyrdquo
W Bender D Gruhl N Morimoto and A Lu ldquoTechniques for data hidingrdquo IBM
Syst J vol 35 1996
I J Cox J Kilian T Leighton and T Shamoon ldquoSecure spread spectrum
watermarking for images audio and videordquo in Proc IEEE Int Conf Image
Processing Lausanne Switzerland Sept 1996 vol 111 pp 243ndash246
D Kahn The CodebreakersmdashThe Story of Secret Writing New York Scribner
1967
F Johnson and S Jajodia ldquoExploring steganography Seeing the unseenrdquo IEEE
Computer Mag pp 26ndash34 Feb 1998
B Pfitzmann ldquoTrials of traced traitorsrdquo in Information Hiding First International
Workshop Lecture Notes in Computer Science R Anderson Ed Berlin Germany
Springer-Verlag 1996 vol 1 pp 49ndash64
J R Smith and B O Comisky ldquoModulation and information hiding in imagesrdquo in
Information Hiding First International Workshop Lecture Notes in Computer
Science R Anderson Ed Berlin Germany Springer-Verlag 1996 vol 1174 pp
207ndash226
L M Marvel and C G Boncelet Jr ldquoCapacity of the additive steganographic
channelrdquo submitted for publication
R van Schyndel A Tirkel and C Osborne ldquoA digital watermarkrdquo in Proc IEEE Int
Conf Image Processing 1994 vol 2 pp 86ndash90
R B Wolfgang and E J Delp ldquoA watermark for digital imagesrdquo in Proc IEEE Int
Conf Image Processing Lausanne Switzerland Sept 1996 vol 111 pp 219ndash222
31
- 84 Countermeasures and detection
- Detection of physical steganography requires careful physical examination including the use of magnification developer chemicals and ultraviolet light It is a time-consuming process with obvious resource implications even in countries where large numbers of people are employed to spy on their fellow nationals However it is feasible to screen mail of certain suspected individuals or institutions such as prisons or prisoner-of-war (POW) camps During World War II a technology used to ease monitoring of POW mail was specially treated paper that would reveal invisible ink An article in the June 24 1948 issue of Paper Trade Journal by the Technical Director of the United States Government Printing Office Morris S Kantrowitz describes in general terms the development of this paper three prototypes of which were named Sensicoat Anilith and Coatalith paper These were for the manufacture of post cards and stationery to be given to German prisoners of war in the US and Canada If POWs tried to write a hidden message the special paper would render it visible At least two US patents were granted related to this technology one to Mr Kantrowitz No 2515232 Water-Detecting paper and Water-Detecting Coating Composition Therefor patented July 18 1950 and an earlier one Moisture-Sensitive Paper and the Manufacture Thereof No 2445586 patented July 20 1948 A similar strategy is to issue prisoners with writing paper ruled with a water-soluble ink that runs when in contact with a water-based invisible ink
-
Anyway since we donrsquot want our message to be only an encrypted and scrambled message
we must go back to the purpose of making the communication hidden
The two most important issues in this problem are
The choice of images
The choice of the format (24-bit or 8-bit compressed or not)
The cover image first of all must seem casual so it must be chosen between a set of subjects
that can have a reason to be exchanged between the source and the receiver Then it must
have quite varying colors it must be noisy so that the added noise is going to be covered
by the already present one Wide solid-color areas imagnify very much any little amount of
noise added to them Second there is a problem with the file size which involves the choice
of the format Unusually big files exchanged between two peers in fact are likely to arise
suspicion
To solve this problem it has been studied a modification to the JPEG algorithm that inserts
LSBs in some of the lossless stages or pilots the rounding of the coefficients of the DCT used
to compress the image to encode the bits Since we need to have small image file sizes we
should resort in using 8-bit images if we want to communicate using LSB insertion because
their size is more likely to be considered as normal
The problem with 256 colors images is that they make use of an indexed palette and
changing a LSB means that we switch a pixel from a position to an adjacent one If there are
adjacent contrasting colors in the palette it can happen that a pixel in the image changes its
color abruptly and the hidden message becomes visible
To solve this problem different methods have been studied like rearranging the palette so
that adjacent colors donrsquot contrast so much or even reducing the palette to a smaller number
of colors and replicating the same entry in the table in adjacent positions so that the
difference after the embedding of the message is not visible at all
Moreover for most images the reduction of colors from for instance 256 to 32 is hardly
visible Most of the experts anyway advise to use 8-bit grayscale images since their palette
is much less varying than the color one so LSB insertion is going to be very hard to detect by
the human eye
21
10SSIS - SPREAD SPECTRUM IMAGE STEGANOGRAPHY
Techniques of error-control coding image restoration and those similar to spread spectrum
communication are combined within the SSIS system The fundamental concept is the
embedding of the hidden information within noise which is then added to a digital cover
image This noise is typical of the noise inherent to the image acquisition process and if kept
at low levels is not perceptible to the human eye or by computer analysis without access to
the original image To successfully decode the message image restoration techniques and
error-control coding are employed Image restoration is used to obtain an approximate
estimate of the original cover image from the stegoimage This promotes the estimation of the
embedded signal that was added to the cover in addition to allowing SSIS to be a blind
steganography scheme
Finally because the noise is of low power and the restoration process is not perfect the
estimation of the embedded signal is poor resulting in an embedded signal bit error rate
(BER) that is rather high To compensate the message signal is processed by a low-rate
error-correcting code before embedding This conglomeration of communication and image
processing techniques provides a method of reliable blind image steganography
The major processes of the stegosystem encoder are portrayed Within the system the
message is optionally encrypted with key 1 and then encoded via a low-rate
errorcorrectingcode producing the encoded message Thesender enters key 2 into a wideband
pseudorandom noise generator producing a real-valued noise sequence sequently the
modulation scheme is used to combine the message with the noise sequence thereby
composing the embedded signal which is then input into an interleaver using key 3 This
signal is now added with the cover image to produce the stegoimage which is appropriately
quantized and clipped to preserve the initial dynamic range of the cover image The
stegoimage is then transmitted in some manner to the recipient At the receiver the
stegoimage is received by the recipient who maintains the same keys as the sender uses the
stegosystem decoder to extract the hidden information The decoder uses image restoration
techniques to produce an estimate of the original cover image from the received
stegoimage The difference between and
is fed into a keyed deinterleaver to construct an estimate of the embedded signal With key
2 the noise sequence is regenerated the encoded message is then demodulated and an
estimate of the encoded message is constructed The estimate of the message is then
22
decoded via the low-rate errorcontrol decoder optionally decrypted using key 1 and revealed
to the recipient
The interleaver in this scheme which reorders the embedded signal before it is added to the
cover image serves a dual function The first is to prevent a group or burst of errors This
allows the errors to occur almost independently within a codeword thus giving the error-
correcting code an equal chance at correcting the errors in all codewords Second since the
interleaver requires a key to stipulate the interleaving algorithm this key can serve as another
level of security to establish the proper order of the embedded signal before decoding
We point out this technique as an example for spread spectrum data-hiding methods Spread
spectrum techniques are now widely used in military radio communications due to their very
high robustness to detection and extraction SSIS is a quite mature process and its aim is to
achieve low detectability ease of extraction high data rate and good robustness to removal It
is based on spread spectrum techniques but it enhances them by adding other encoding steps
FigSSIS encoder
23
FigSSIS decoder
101Technique basics
The core of SSIS is a spread spectrum encoder These devices work by modulating a narrow
band signal over a carrier The carrierrsquos frequency is continually shifted using a
pseudorandom noise generator fed with a secret key In this way the spectral energy of the
signal is spread over a wide band thus decreasing its density usually under the noise level
To extract the embedded message the receiver must use the same key and noise generator to
tune on the right frequencies and demodulate the original signal A casual observer wonrsquot be
able even to detect the hidden communication since it is under the noise level
102Data Rate
The data rate for this technique can be fairly high but it depends on the choices made for the
different parameters of the encoding We can assume that the message will be compressed
before embedding to allow for a higher capacity The ECC encoder instead is going to insert
redundant data into the stream to be able to correct the errors The more errors we want to
correct the more bits will be added Then we have a tradeoff between good retrieval and
capacity If we can allow for small glitches in the recovered message then we can use a
weaker encoding
Moreover the more data we want to insert in the image the more noise we are going to add
to it Then if our cover is not noisy we will be able to hide very little data while if we
choose a noisy one its capacity will be higher Experiments with 512x512 grey scale images
(256 KB) could embed from 500 bytes to 5KB depending on the cover These experiments
used a spread spectrum signal powerful enough to give almost total error-free retrieval
because the compression method adopted didnrsquot allow for any errors This means a data rate
24
varying from 1 hidden-bytes50 cover-bytes to 10 hiddenbytes 50 cover-bytes a rate
surpassed only by LSB insertion
103Robustness
Spread spectrum techniques are usually quite robust Every transformation that adds noise to
the image isnrsquot able to destroy the message Anyway a determined attacker can quite easily
compromise the embedded data using some digital processing like for examplenoise
reduction filters the same that are used in decoding to estimate the original cover
104Ease of detectionextraction
Spread spectrum encoding is widely used in military communications for its robustness
against detection An attacker canrsquot usually even know if the message was embedded and
anyway it will be very hard for him to extract it without knowing the right key2 and key3
105Suitability for steganography or watermarking
Due to its fairly high capacity and low ease of detection and extraction SISS is very good for
steganography
106Problems and possible solutions
The basic tradeoff in using SSIS is between the error rate we can afford and the amount of
informations we want to embed that varies in turn the power of the added noise The ECC is
used to allow for a lower power without increasing the Bit Error Rate as well
Further improvements will deal with improving the original cover estimate stage so that itrsquoll
lead to a lower Bit Error Rate in the recovered signal allowing to use less redundant ECCs
The first is redundant encoding by dividing the cover into blocks and embedding the same
message in each of them so that the hidden data can be extracted even from a part of the
image as big as one block but the more of it we have the more certain we can be about the
result
Moreover they added to the spectrum a template that can through a log-polar transform
applied to the spectrum of the stegoimage determine the original scale factor and orientation
of the image rendering the stego-message virtually immune to scaling and rotation Finally
spread spectrum techniques can add an adaptive perceptual masking filter before the insertion
of the signal so that the added noise is quite sure to be under perceptual limits This
25
however will increase the error rate in the retrieval because it reduces the power of the
embedded signal
11Applications of Steganography
Steganography is applicable to but not limited to the following areas
1) Confidential communication and secret data storing
2) Protection of data alteration
3) Access control system for digital content distribution
4) Media Database systems
The area differs in what feature of the steganography is utilized in each system
111 Confidential communication and secret data storing
The secrecy of the embedded data is essential in this areaHistorically steganography have
been approached in this area Steganography provides us with
(A) Potential capability to hide the existence of confidential data
(B) Hardness of detecting the hidden (ie embedded) data
(C) Strengthening of the secrecy of the encrypted data
In practice when you use some steganography you must first select a vessel data according
to the size of the embedding data The vessel should be innocuous Then you embed the
confidential data by using an embedding program (which is one component of the
steganography software) together with some key When extracting you (or your party) use an
extracting program (another component) to recover the embedded data by the same key
( common key in terms of cryptography) In this case you need a key negotiation before
you start communication
Attaching a stego file to an e-mail message is the simplest example in this application area
But you and your party must do a sending-and-receiving action that could be noticed by a
third party So e-mailing is not a completely secret communication methodThere is an easy
method that has no key-negotiation We have a model of Anonymous Covert Mailing
System There is some other communication method that uses the Internet Webpage In this
26
method you dont need to send anything to your party and no one can detect your
communication
Each secrecy based application needs an embedding process which leaves the smallest
embedding evidence You may follow the following
(A) Choose a large vessel larger the better compared with the embedding data
(B) Discard the original vessel after embedding
For example in the case of Qtech Hide amp View it leaves some latent embedding evidence
even if the vessel has a very large embedding capacity You are recommended to embed only
25 or less (for PNG BMP output) of the maximum capacity or only 3 of the vessel size
(for JPEG output)
112 Protection of data alteration
We take advantage of the fragility of the embedded data in this application area
The embedded data can rather be fragile than be very robust Actually embedded data are
fragile in most steganography programs Especially Qtech Hide amp View program embeds
data in an extremely fragile manner However this fragility opens a new direction toward an
information-alteration protective system such as a Digital Certificate Document System
The most novel point among others is that no authentication bureau is needed If it is
implemented people can send their digital certificate data to any place in the world through
Internet No one can forge alter nor tamper such certificate data If forged altered or
tampered it is easily detected by the extraction program
Stated somewhat more formally the objective for making steganographic encoding difficult
to detect is to ensure that the changes to the carrier (the original signal) due to the injection of
the payload (the signal to covertly embed) are visually (and ideally statistically) negligible
that is to say the changes are indistinguishable from the noise floor of the carrier Any
medium can be a carrier but media with a large amount of redundant or compressible
information are better suited
From an information theoretical point of view this means that the channel must have more
capacity than the surface signal requires that is there must be redundancy For a digital
image this may be noise from the imaging element for digital audio it may be noise from
recording techniques or amplification equipment In general electronics that digitize an
analog signal suffer from several noise sources such as thermal noise flicker noise and shot
27
noise This noise provides enough variation in the captured digital information that it can be
exploited as a noise cover for hidden data In addition lossy compression schemes (such as
JPEG) always introduce some error into the decompressed data it is possible to exploit this
for steganographic use as well
Steganography can be used for digital watermarking where a message (being simply an
identifier) is hidden in an image so that its source can be tracked or verified (for example
Coded Anti-Piracy) or even just to identify an image (as in the EURion constellation)
113 Access control system for digital content distribution
In this area embedded data is hidden but is explained to publicize the contentToday
digital contents are getting more and more commonly distributed by Internet than ever before
For example music companies release new albums on their Webpage in a free or charged
manner However in this case all the contents are equally distributed to the people who
accessed the page So an ordinary Web distribution scheme is not suited for a case-by-case
and selective distribution Of course it is always possible to attach digital content to e-mail
messages and send to the customers But it will takes a lot of cost in time and labor
If you have some valuable content which you think it is okay to provide others if they really
need it and if it is possible to upload such content on the Web in some covert manner And if
you can issue a special access key to extract the content selectively you will be very happy
about it A steganographic scheme can help realize a this type of system
We have developed a prototype of an Access Control System for digital content
distribution through Internet The following steps explain the scheme
(1) A content owner classify hisher digital contents in a folder-by-folder manner and embed
the whole folders in some large vessel according to a steganographic method using folder
access keys and upload the embedded vessel (stego data) on hisher own Webpage
(2) On that Webpage the owner explains the contents in depth and publicize worldwide The
contact information to the owner (post mail address e-mail address phone number etc) will
be posted there
(3) The owner may receive an access-request from a customer who watched that Webpage In
that case the owner may (or may not) creates an access key and provide it to the customer
(free or charged)
28
In this mechanism the most important point is a selective extraction is possible or notWe
have already developed such a selective extraction program to implement the system
114 Media Database systems
In this application area of steganography secrecy is not important but unifying two types of
data into one is the most importantMedia data (photo picture movie music etc) have some
association with other information A photo picture for instance may have the following
(1) The title of the picture and some physical object information
(2) The date and the time when the picture was taken
(3) The camera and the photographers information
Formerly these are annotated beside the each picture in the albumRecently almost all
cameras are digitalized They are cheap in price easy to use quick to shoot They eventually
made people feel reluctant to work on annotating each picture Now most home PCs are
stuck with the huge amount of photo files In this situation it is very hard to find a specific
shot in the piles of pictures A photo album software may help a little You can sort the
pictures and put a couple of annotation words to each photo When you want to find a
specific picture you can make a search by keywords for the target picture However the
annotation data in such software are not unified with the target pictures Each annotation only
has a link to the picture Therefore when you transfer the pictures to a different album
software all the annotation data are lost
This problem is technically referred to as Metadata (eg annotation data) in a media
database system (a photo album software) are separated from the media data (photo data) in
the database managing system (DBMS) This is a big problem
Steganography can solve this problem because a steganography program unifies two types of
data into one by way of embedding operation So metadata can easily be transferred from
one system to another without hitch Specifically you can embed all your goodbad memory
(of your sight-seeing trip) in each snap shot of the digital photo You can either send the
embedded picture to your friend to extract your memory on hisher PC or you may keep it
silent in your own PC to enjoy extracting the memory ten years after If a motion picture
steganography system has been developed in the near future a keyword based movie-scene
retrieving system will be implemented It will be a step to a semantic movie retrieval system
29
12CONCLUSION
In this paper we tried to give an all-round view of steganography both used to exchange
messages and watermarking First we gave an outline of the problem telling also some of the
history of this quickly developing field Then we showed the different techniques invented
from the simplest to the more complex ones trying to evaluate them under many points of
view Major emphasis was put on data hiding in images for the techniques involved are
usually more mature than the corresponding ones for other kinds of informations Image
encoding algorithms can also be representative for manipulation of other types of media like
voice text binary files binary files communication channels etc
The strength of our system resides in the new concept of key image Involving two images
(the cover and the key) in place of only one (the cover) we are able to change the cover
coefficients randomly This opportunity does not give a steganalytic tool the chance of
searching for a predictable set of modifications The proposed approach has many
applications in hiding and coding messages within standard medias such as images or videos
As future work we intend to study steganalytic techniques for ISC and to extend ISC to
mobile video communication
Then we gave an outline of the problems involved with watermarking a field that has come
into light after the development of broadband worldwide digital networks Steganography and
digital watermarking are undergoing a development process similar to that of encryption
Steganographyrsquos niche in security is to supplement cryptography and not to replace it There
is a continuous invention of new techniques for steganography followed by successful
breakings and new improvements of them
30
13REFERENCES
Neil F Johnson Sushil Jajodia George Mason University Exploring
Steganography Seeing the Unseen IEEE Computers February 1998 pp 26-34
W Bender D Gruhl N Morimoto A Lu Techniques for Data Hiding IBM
Systems Journal Vol 35
Ross Anderson Roger Needham Adi Shamir The Steganographic File System 2nd
Information Hiding Workshop 1998
Ross J Anderson Fabien AP Petitcolas On the limits of steganographyrdquo
W Bender D Gruhl N Morimoto and A Lu ldquoTechniques for data hidingrdquo IBM
Syst J vol 35 1996
I J Cox J Kilian T Leighton and T Shamoon ldquoSecure spread spectrum
watermarking for images audio and videordquo in Proc IEEE Int Conf Image
Processing Lausanne Switzerland Sept 1996 vol 111 pp 243ndash246
D Kahn The CodebreakersmdashThe Story of Secret Writing New York Scribner
1967
F Johnson and S Jajodia ldquoExploring steganography Seeing the unseenrdquo IEEE
Computer Mag pp 26ndash34 Feb 1998
B Pfitzmann ldquoTrials of traced traitorsrdquo in Information Hiding First International
Workshop Lecture Notes in Computer Science R Anderson Ed Berlin Germany
Springer-Verlag 1996 vol 1 pp 49ndash64
J R Smith and B O Comisky ldquoModulation and information hiding in imagesrdquo in
Information Hiding First International Workshop Lecture Notes in Computer
Science R Anderson Ed Berlin Germany Springer-Verlag 1996 vol 1174 pp
207ndash226
L M Marvel and C G Boncelet Jr ldquoCapacity of the additive steganographic
channelrdquo submitted for publication
R van Schyndel A Tirkel and C Osborne ldquoA digital watermarkrdquo in Proc IEEE Int
Conf Image Processing 1994 vol 2 pp 86ndash90
R B Wolfgang and E J Delp ldquoA watermark for digital imagesrdquo in Proc IEEE Int
Conf Image Processing Lausanne Switzerland Sept 1996 vol 111 pp 219ndash222
31
- 84 Countermeasures and detection
- Detection of physical steganography requires careful physical examination including the use of magnification developer chemicals and ultraviolet light It is a time-consuming process with obvious resource implications even in countries where large numbers of people are employed to spy on their fellow nationals However it is feasible to screen mail of certain suspected individuals or institutions such as prisons or prisoner-of-war (POW) camps During World War II a technology used to ease monitoring of POW mail was specially treated paper that would reveal invisible ink An article in the June 24 1948 issue of Paper Trade Journal by the Technical Director of the United States Government Printing Office Morris S Kantrowitz describes in general terms the development of this paper three prototypes of which were named Sensicoat Anilith and Coatalith paper These were for the manufacture of post cards and stationery to be given to German prisoners of war in the US and Canada If POWs tried to write a hidden message the special paper would render it visible At least two US patents were granted related to this technology one to Mr Kantrowitz No 2515232 Water-Detecting paper and Water-Detecting Coating Composition Therefor patented July 18 1950 and an earlier one Moisture-Sensitive Paper and the Manufacture Thereof No 2445586 patented July 20 1948 A similar strategy is to issue prisoners with writing paper ruled with a water-soluble ink that runs when in contact with a water-based invisible ink
-
10SSIS - SPREAD SPECTRUM IMAGE STEGANOGRAPHY
Techniques of error-control coding image restoration and those similar to spread spectrum
communication are combined within the SSIS system The fundamental concept is the
embedding of the hidden information within noise which is then added to a digital cover
image This noise is typical of the noise inherent to the image acquisition process and if kept
at low levels is not perceptible to the human eye or by computer analysis without access to
the original image To successfully decode the message image restoration techniques and
error-control coding are employed Image restoration is used to obtain an approximate
estimate of the original cover image from the stegoimage This promotes the estimation of the
embedded signal that was added to the cover in addition to allowing SSIS to be a blind
steganography scheme
Finally because the noise is of low power and the restoration process is not perfect the
estimation of the embedded signal is poor resulting in an embedded signal bit error rate
(BER) that is rather high To compensate the message signal is processed by a low-rate
error-correcting code before embedding This conglomeration of communication and image
processing techniques provides a method of reliable blind image steganography
The major processes of the stegosystem encoder are portrayed Within the system the
message is optionally encrypted with key 1 and then encoded via a low-rate
errorcorrectingcode producing the encoded message Thesender enters key 2 into a wideband
pseudorandom noise generator producing a real-valued noise sequence sequently the
modulation scheme is used to combine the message with the noise sequence thereby
composing the embedded signal which is then input into an interleaver using key 3 This
signal is now added with the cover image to produce the stegoimage which is appropriately
quantized and clipped to preserve the initial dynamic range of the cover image The
stegoimage is then transmitted in some manner to the recipient At the receiver the
stegoimage is received by the recipient who maintains the same keys as the sender uses the
stegosystem decoder to extract the hidden information The decoder uses image restoration
techniques to produce an estimate of the original cover image from the received
stegoimage The difference between and
is fed into a keyed deinterleaver to construct an estimate of the embedded signal With key
2 the noise sequence is regenerated the encoded message is then demodulated and an
estimate of the encoded message is constructed The estimate of the message is then
22
decoded via the low-rate errorcontrol decoder optionally decrypted using key 1 and revealed
to the recipient
The interleaver in this scheme which reorders the embedded signal before it is added to the
cover image serves a dual function The first is to prevent a group or burst of errors This
allows the errors to occur almost independently within a codeword thus giving the error-
correcting code an equal chance at correcting the errors in all codewords Second since the
interleaver requires a key to stipulate the interleaving algorithm this key can serve as another
level of security to establish the proper order of the embedded signal before decoding
We point out this technique as an example for spread spectrum data-hiding methods Spread
spectrum techniques are now widely used in military radio communications due to their very
high robustness to detection and extraction SSIS is a quite mature process and its aim is to
achieve low detectability ease of extraction high data rate and good robustness to removal It
is based on spread spectrum techniques but it enhances them by adding other encoding steps
FigSSIS encoder
23
FigSSIS decoder
101Technique basics
The core of SSIS is a spread spectrum encoder These devices work by modulating a narrow
band signal over a carrier The carrierrsquos frequency is continually shifted using a
pseudorandom noise generator fed with a secret key In this way the spectral energy of the
signal is spread over a wide band thus decreasing its density usually under the noise level
To extract the embedded message the receiver must use the same key and noise generator to
tune on the right frequencies and demodulate the original signal A casual observer wonrsquot be
able even to detect the hidden communication since it is under the noise level
102Data Rate
The data rate for this technique can be fairly high but it depends on the choices made for the
different parameters of the encoding We can assume that the message will be compressed
before embedding to allow for a higher capacity The ECC encoder instead is going to insert
redundant data into the stream to be able to correct the errors The more errors we want to
correct the more bits will be added Then we have a tradeoff between good retrieval and
capacity If we can allow for small glitches in the recovered message then we can use a
weaker encoding
Moreover the more data we want to insert in the image the more noise we are going to add
to it Then if our cover is not noisy we will be able to hide very little data while if we
choose a noisy one its capacity will be higher Experiments with 512x512 grey scale images
(256 KB) could embed from 500 bytes to 5KB depending on the cover These experiments
used a spread spectrum signal powerful enough to give almost total error-free retrieval
because the compression method adopted didnrsquot allow for any errors This means a data rate
24
varying from 1 hidden-bytes50 cover-bytes to 10 hiddenbytes 50 cover-bytes a rate
surpassed only by LSB insertion
103Robustness
Spread spectrum techniques are usually quite robust Every transformation that adds noise to
the image isnrsquot able to destroy the message Anyway a determined attacker can quite easily
compromise the embedded data using some digital processing like for examplenoise
reduction filters the same that are used in decoding to estimate the original cover
104Ease of detectionextraction
Spread spectrum encoding is widely used in military communications for its robustness
against detection An attacker canrsquot usually even know if the message was embedded and
anyway it will be very hard for him to extract it without knowing the right key2 and key3
105Suitability for steganography or watermarking
Due to its fairly high capacity and low ease of detection and extraction SISS is very good for
steganography
106Problems and possible solutions
The basic tradeoff in using SSIS is between the error rate we can afford and the amount of
informations we want to embed that varies in turn the power of the added noise The ECC is
used to allow for a lower power without increasing the Bit Error Rate as well
Further improvements will deal with improving the original cover estimate stage so that itrsquoll
lead to a lower Bit Error Rate in the recovered signal allowing to use less redundant ECCs
The first is redundant encoding by dividing the cover into blocks and embedding the same
message in each of them so that the hidden data can be extracted even from a part of the
image as big as one block but the more of it we have the more certain we can be about the
result
Moreover they added to the spectrum a template that can through a log-polar transform
applied to the spectrum of the stegoimage determine the original scale factor and orientation
of the image rendering the stego-message virtually immune to scaling and rotation Finally
spread spectrum techniques can add an adaptive perceptual masking filter before the insertion
of the signal so that the added noise is quite sure to be under perceptual limits This
25
however will increase the error rate in the retrieval because it reduces the power of the
embedded signal
11Applications of Steganography
Steganography is applicable to but not limited to the following areas
1) Confidential communication and secret data storing
2) Protection of data alteration
3) Access control system for digital content distribution
4) Media Database systems
The area differs in what feature of the steganography is utilized in each system
111 Confidential communication and secret data storing
The secrecy of the embedded data is essential in this areaHistorically steganography have
been approached in this area Steganography provides us with
(A) Potential capability to hide the existence of confidential data
(B) Hardness of detecting the hidden (ie embedded) data
(C) Strengthening of the secrecy of the encrypted data
In practice when you use some steganography you must first select a vessel data according
to the size of the embedding data The vessel should be innocuous Then you embed the
confidential data by using an embedding program (which is one component of the
steganography software) together with some key When extracting you (or your party) use an
extracting program (another component) to recover the embedded data by the same key
( common key in terms of cryptography) In this case you need a key negotiation before
you start communication
Attaching a stego file to an e-mail message is the simplest example in this application area
But you and your party must do a sending-and-receiving action that could be noticed by a
third party So e-mailing is not a completely secret communication methodThere is an easy
method that has no key-negotiation We have a model of Anonymous Covert Mailing
System There is some other communication method that uses the Internet Webpage In this
26
method you dont need to send anything to your party and no one can detect your
communication
Each secrecy based application needs an embedding process which leaves the smallest
embedding evidence You may follow the following
(A) Choose a large vessel larger the better compared with the embedding data
(B) Discard the original vessel after embedding
For example in the case of Qtech Hide amp View it leaves some latent embedding evidence
even if the vessel has a very large embedding capacity You are recommended to embed only
25 or less (for PNG BMP output) of the maximum capacity or only 3 of the vessel size
(for JPEG output)
112 Protection of data alteration
We take advantage of the fragility of the embedded data in this application area
The embedded data can rather be fragile than be very robust Actually embedded data are
fragile in most steganography programs Especially Qtech Hide amp View program embeds
data in an extremely fragile manner However this fragility opens a new direction toward an
information-alteration protective system such as a Digital Certificate Document System
The most novel point among others is that no authentication bureau is needed If it is
implemented people can send their digital certificate data to any place in the world through
Internet No one can forge alter nor tamper such certificate data If forged altered or
tampered it is easily detected by the extraction program
Stated somewhat more formally the objective for making steganographic encoding difficult
to detect is to ensure that the changes to the carrier (the original signal) due to the injection of
the payload (the signal to covertly embed) are visually (and ideally statistically) negligible
that is to say the changes are indistinguishable from the noise floor of the carrier Any
medium can be a carrier but media with a large amount of redundant or compressible
information are better suited
From an information theoretical point of view this means that the channel must have more
capacity than the surface signal requires that is there must be redundancy For a digital
image this may be noise from the imaging element for digital audio it may be noise from
recording techniques or amplification equipment In general electronics that digitize an
analog signal suffer from several noise sources such as thermal noise flicker noise and shot
27
noise This noise provides enough variation in the captured digital information that it can be
exploited as a noise cover for hidden data In addition lossy compression schemes (such as
JPEG) always introduce some error into the decompressed data it is possible to exploit this
for steganographic use as well
Steganography can be used for digital watermarking where a message (being simply an
identifier) is hidden in an image so that its source can be tracked or verified (for example
Coded Anti-Piracy) or even just to identify an image (as in the EURion constellation)
113 Access control system for digital content distribution
In this area embedded data is hidden but is explained to publicize the contentToday
digital contents are getting more and more commonly distributed by Internet than ever before
For example music companies release new albums on their Webpage in a free or charged
manner However in this case all the contents are equally distributed to the people who
accessed the page So an ordinary Web distribution scheme is not suited for a case-by-case
and selective distribution Of course it is always possible to attach digital content to e-mail
messages and send to the customers But it will takes a lot of cost in time and labor
If you have some valuable content which you think it is okay to provide others if they really
need it and if it is possible to upload such content on the Web in some covert manner And if
you can issue a special access key to extract the content selectively you will be very happy
about it A steganographic scheme can help realize a this type of system
We have developed a prototype of an Access Control System for digital content
distribution through Internet The following steps explain the scheme
(1) A content owner classify hisher digital contents in a folder-by-folder manner and embed
the whole folders in some large vessel according to a steganographic method using folder
access keys and upload the embedded vessel (stego data) on hisher own Webpage
(2) On that Webpage the owner explains the contents in depth and publicize worldwide The
contact information to the owner (post mail address e-mail address phone number etc) will
be posted there
(3) The owner may receive an access-request from a customer who watched that Webpage In
that case the owner may (or may not) creates an access key and provide it to the customer
(free or charged)
28
In this mechanism the most important point is a selective extraction is possible or notWe
have already developed such a selective extraction program to implement the system
114 Media Database systems
In this application area of steganography secrecy is not important but unifying two types of
data into one is the most importantMedia data (photo picture movie music etc) have some
association with other information A photo picture for instance may have the following
(1) The title of the picture and some physical object information
(2) The date and the time when the picture was taken
(3) The camera and the photographers information
Formerly these are annotated beside the each picture in the albumRecently almost all
cameras are digitalized They are cheap in price easy to use quick to shoot They eventually
made people feel reluctant to work on annotating each picture Now most home PCs are
stuck with the huge amount of photo files In this situation it is very hard to find a specific
shot in the piles of pictures A photo album software may help a little You can sort the
pictures and put a couple of annotation words to each photo When you want to find a
specific picture you can make a search by keywords for the target picture However the
annotation data in such software are not unified with the target pictures Each annotation only
has a link to the picture Therefore when you transfer the pictures to a different album
software all the annotation data are lost
This problem is technically referred to as Metadata (eg annotation data) in a media
database system (a photo album software) are separated from the media data (photo data) in
the database managing system (DBMS) This is a big problem
Steganography can solve this problem because a steganography program unifies two types of
data into one by way of embedding operation So metadata can easily be transferred from
one system to another without hitch Specifically you can embed all your goodbad memory
(of your sight-seeing trip) in each snap shot of the digital photo You can either send the
embedded picture to your friend to extract your memory on hisher PC or you may keep it
silent in your own PC to enjoy extracting the memory ten years after If a motion picture
steganography system has been developed in the near future a keyword based movie-scene
retrieving system will be implemented It will be a step to a semantic movie retrieval system
29
12CONCLUSION
In this paper we tried to give an all-round view of steganography both used to exchange
messages and watermarking First we gave an outline of the problem telling also some of the
history of this quickly developing field Then we showed the different techniques invented
from the simplest to the more complex ones trying to evaluate them under many points of
view Major emphasis was put on data hiding in images for the techniques involved are
usually more mature than the corresponding ones for other kinds of informations Image
encoding algorithms can also be representative for manipulation of other types of media like
voice text binary files binary files communication channels etc
The strength of our system resides in the new concept of key image Involving two images
(the cover and the key) in place of only one (the cover) we are able to change the cover
coefficients randomly This opportunity does not give a steganalytic tool the chance of
searching for a predictable set of modifications The proposed approach has many
applications in hiding and coding messages within standard medias such as images or videos
As future work we intend to study steganalytic techniques for ISC and to extend ISC to
mobile video communication
Then we gave an outline of the problems involved with watermarking a field that has come
into light after the development of broadband worldwide digital networks Steganography and
digital watermarking are undergoing a development process similar to that of encryption
Steganographyrsquos niche in security is to supplement cryptography and not to replace it There
is a continuous invention of new techniques for steganography followed by successful
breakings and new improvements of them
30
13REFERENCES
Neil F Johnson Sushil Jajodia George Mason University Exploring
Steganography Seeing the Unseen IEEE Computers February 1998 pp 26-34
W Bender D Gruhl N Morimoto A Lu Techniques for Data Hiding IBM
Systems Journal Vol 35
Ross Anderson Roger Needham Adi Shamir The Steganographic File System 2nd
Information Hiding Workshop 1998
Ross J Anderson Fabien AP Petitcolas On the limits of steganographyrdquo
W Bender D Gruhl N Morimoto and A Lu ldquoTechniques for data hidingrdquo IBM
Syst J vol 35 1996
I J Cox J Kilian T Leighton and T Shamoon ldquoSecure spread spectrum
watermarking for images audio and videordquo in Proc IEEE Int Conf Image
Processing Lausanne Switzerland Sept 1996 vol 111 pp 243ndash246
D Kahn The CodebreakersmdashThe Story of Secret Writing New York Scribner
1967
F Johnson and S Jajodia ldquoExploring steganography Seeing the unseenrdquo IEEE
Computer Mag pp 26ndash34 Feb 1998
B Pfitzmann ldquoTrials of traced traitorsrdquo in Information Hiding First International
Workshop Lecture Notes in Computer Science R Anderson Ed Berlin Germany
Springer-Verlag 1996 vol 1 pp 49ndash64
J R Smith and B O Comisky ldquoModulation and information hiding in imagesrdquo in
Information Hiding First International Workshop Lecture Notes in Computer
Science R Anderson Ed Berlin Germany Springer-Verlag 1996 vol 1174 pp
207ndash226
L M Marvel and C G Boncelet Jr ldquoCapacity of the additive steganographic
channelrdquo submitted for publication
R van Schyndel A Tirkel and C Osborne ldquoA digital watermarkrdquo in Proc IEEE Int
Conf Image Processing 1994 vol 2 pp 86ndash90
R B Wolfgang and E J Delp ldquoA watermark for digital imagesrdquo in Proc IEEE Int
Conf Image Processing Lausanne Switzerland Sept 1996 vol 111 pp 219ndash222
31
- 84 Countermeasures and detection
- Detection of physical steganography requires careful physical examination including the use of magnification developer chemicals and ultraviolet light It is a time-consuming process with obvious resource implications even in countries where large numbers of people are employed to spy on their fellow nationals However it is feasible to screen mail of certain suspected individuals or institutions such as prisons or prisoner-of-war (POW) camps During World War II a technology used to ease monitoring of POW mail was specially treated paper that would reveal invisible ink An article in the June 24 1948 issue of Paper Trade Journal by the Technical Director of the United States Government Printing Office Morris S Kantrowitz describes in general terms the development of this paper three prototypes of which were named Sensicoat Anilith and Coatalith paper These were for the manufacture of post cards and stationery to be given to German prisoners of war in the US and Canada If POWs tried to write a hidden message the special paper would render it visible At least two US patents were granted related to this technology one to Mr Kantrowitz No 2515232 Water-Detecting paper and Water-Detecting Coating Composition Therefor patented July 18 1950 and an earlier one Moisture-Sensitive Paper and the Manufacture Thereof No 2445586 patented July 20 1948 A similar strategy is to issue prisoners with writing paper ruled with a water-soluble ink that runs when in contact with a water-based invisible ink
-
decoded via the low-rate errorcontrol decoder optionally decrypted using key 1 and revealed
to the recipient
The interleaver in this scheme which reorders the embedded signal before it is added to the
cover image serves a dual function The first is to prevent a group or burst of errors This
allows the errors to occur almost independently within a codeword thus giving the error-
correcting code an equal chance at correcting the errors in all codewords Second since the
interleaver requires a key to stipulate the interleaving algorithm this key can serve as another
level of security to establish the proper order of the embedded signal before decoding
We point out this technique as an example for spread spectrum data-hiding methods Spread
spectrum techniques are now widely used in military radio communications due to their very
high robustness to detection and extraction SSIS is a quite mature process and its aim is to
achieve low detectability ease of extraction high data rate and good robustness to removal It
is based on spread spectrum techniques but it enhances them by adding other encoding steps
FigSSIS encoder
23
FigSSIS decoder
101Technique basics
The core of SSIS is a spread spectrum encoder These devices work by modulating a narrow
band signal over a carrier The carrierrsquos frequency is continually shifted using a
pseudorandom noise generator fed with a secret key In this way the spectral energy of the
signal is spread over a wide band thus decreasing its density usually under the noise level
To extract the embedded message the receiver must use the same key and noise generator to
tune on the right frequencies and demodulate the original signal A casual observer wonrsquot be
able even to detect the hidden communication since it is under the noise level
102Data Rate
The data rate for this technique can be fairly high but it depends on the choices made for the
different parameters of the encoding We can assume that the message will be compressed
before embedding to allow for a higher capacity The ECC encoder instead is going to insert
redundant data into the stream to be able to correct the errors The more errors we want to
correct the more bits will be added Then we have a tradeoff between good retrieval and
capacity If we can allow for small glitches in the recovered message then we can use a
weaker encoding
Moreover the more data we want to insert in the image the more noise we are going to add
to it Then if our cover is not noisy we will be able to hide very little data while if we
choose a noisy one its capacity will be higher Experiments with 512x512 grey scale images
(256 KB) could embed from 500 bytes to 5KB depending on the cover These experiments
used a spread spectrum signal powerful enough to give almost total error-free retrieval
because the compression method adopted didnrsquot allow for any errors This means a data rate
24
varying from 1 hidden-bytes50 cover-bytes to 10 hiddenbytes 50 cover-bytes a rate
surpassed only by LSB insertion
103Robustness
Spread spectrum techniques are usually quite robust Every transformation that adds noise to
the image isnrsquot able to destroy the message Anyway a determined attacker can quite easily
compromise the embedded data using some digital processing like for examplenoise
reduction filters the same that are used in decoding to estimate the original cover
104Ease of detectionextraction
Spread spectrum encoding is widely used in military communications for its robustness
against detection An attacker canrsquot usually even know if the message was embedded and
anyway it will be very hard for him to extract it without knowing the right key2 and key3
105Suitability for steganography or watermarking
Due to its fairly high capacity and low ease of detection and extraction SISS is very good for
steganography
106Problems and possible solutions
The basic tradeoff in using SSIS is between the error rate we can afford and the amount of
informations we want to embed that varies in turn the power of the added noise The ECC is
used to allow for a lower power without increasing the Bit Error Rate as well
Further improvements will deal with improving the original cover estimate stage so that itrsquoll
lead to a lower Bit Error Rate in the recovered signal allowing to use less redundant ECCs
The first is redundant encoding by dividing the cover into blocks and embedding the same
message in each of them so that the hidden data can be extracted even from a part of the
image as big as one block but the more of it we have the more certain we can be about the
result
Moreover they added to the spectrum a template that can through a log-polar transform
applied to the spectrum of the stegoimage determine the original scale factor and orientation
of the image rendering the stego-message virtually immune to scaling and rotation Finally
spread spectrum techniques can add an adaptive perceptual masking filter before the insertion
of the signal so that the added noise is quite sure to be under perceptual limits This
25
however will increase the error rate in the retrieval because it reduces the power of the
embedded signal
11Applications of Steganography
Steganography is applicable to but not limited to the following areas
1) Confidential communication and secret data storing
2) Protection of data alteration
3) Access control system for digital content distribution
4) Media Database systems
The area differs in what feature of the steganography is utilized in each system
111 Confidential communication and secret data storing
The secrecy of the embedded data is essential in this areaHistorically steganography have
been approached in this area Steganography provides us with
(A) Potential capability to hide the existence of confidential data
(B) Hardness of detecting the hidden (ie embedded) data
(C) Strengthening of the secrecy of the encrypted data
In practice when you use some steganography you must first select a vessel data according
to the size of the embedding data The vessel should be innocuous Then you embed the
confidential data by using an embedding program (which is one component of the
steganography software) together with some key When extracting you (or your party) use an
extracting program (another component) to recover the embedded data by the same key
( common key in terms of cryptography) In this case you need a key negotiation before
you start communication
Attaching a stego file to an e-mail message is the simplest example in this application area
But you and your party must do a sending-and-receiving action that could be noticed by a
third party So e-mailing is not a completely secret communication methodThere is an easy
method that has no key-negotiation We have a model of Anonymous Covert Mailing
System There is some other communication method that uses the Internet Webpage In this
26
method you dont need to send anything to your party and no one can detect your
communication
Each secrecy based application needs an embedding process which leaves the smallest
embedding evidence You may follow the following
(A) Choose a large vessel larger the better compared with the embedding data
(B) Discard the original vessel after embedding
For example in the case of Qtech Hide amp View it leaves some latent embedding evidence
even if the vessel has a very large embedding capacity You are recommended to embed only
25 or less (for PNG BMP output) of the maximum capacity or only 3 of the vessel size
(for JPEG output)
112 Protection of data alteration
We take advantage of the fragility of the embedded data in this application area
The embedded data can rather be fragile than be very robust Actually embedded data are
fragile in most steganography programs Especially Qtech Hide amp View program embeds
data in an extremely fragile manner However this fragility opens a new direction toward an
information-alteration protective system such as a Digital Certificate Document System
The most novel point among others is that no authentication bureau is needed If it is
implemented people can send their digital certificate data to any place in the world through
Internet No one can forge alter nor tamper such certificate data If forged altered or
tampered it is easily detected by the extraction program
Stated somewhat more formally the objective for making steganographic encoding difficult
to detect is to ensure that the changes to the carrier (the original signal) due to the injection of
the payload (the signal to covertly embed) are visually (and ideally statistically) negligible
that is to say the changes are indistinguishable from the noise floor of the carrier Any
medium can be a carrier but media with a large amount of redundant or compressible
information are better suited
From an information theoretical point of view this means that the channel must have more
capacity than the surface signal requires that is there must be redundancy For a digital
image this may be noise from the imaging element for digital audio it may be noise from
recording techniques or amplification equipment In general electronics that digitize an
analog signal suffer from several noise sources such as thermal noise flicker noise and shot
27
noise This noise provides enough variation in the captured digital information that it can be
exploited as a noise cover for hidden data In addition lossy compression schemes (such as
JPEG) always introduce some error into the decompressed data it is possible to exploit this
for steganographic use as well
Steganography can be used for digital watermarking where a message (being simply an
identifier) is hidden in an image so that its source can be tracked or verified (for example
Coded Anti-Piracy) or even just to identify an image (as in the EURion constellation)
113 Access control system for digital content distribution
In this area embedded data is hidden but is explained to publicize the contentToday
digital contents are getting more and more commonly distributed by Internet than ever before
For example music companies release new albums on their Webpage in a free or charged
manner However in this case all the contents are equally distributed to the people who
accessed the page So an ordinary Web distribution scheme is not suited for a case-by-case
and selective distribution Of course it is always possible to attach digital content to e-mail
messages and send to the customers But it will takes a lot of cost in time and labor
If you have some valuable content which you think it is okay to provide others if they really
need it and if it is possible to upload such content on the Web in some covert manner And if
you can issue a special access key to extract the content selectively you will be very happy
about it A steganographic scheme can help realize a this type of system
We have developed a prototype of an Access Control System for digital content
distribution through Internet The following steps explain the scheme
(1) A content owner classify hisher digital contents in a folder-by-folder manner and embed
the whole folders in some large vessel according to a steganographic method using folder
access keys and upload the embedded vessel (stego data) on hisher own Webpage
(2) On that Webpage the owner explains the contents in depth and publicize worldwide The
contact information to the owner (post mail address e-mail address phone number etc) will
be posted there
(3) The owner may receive an access-request from a customer who watched that Webpage In
that case the owner may (or may not) creates an access key and provide it to the customer
(free or charged)
28
In this mechanism the most important point is a selective extraction is possible or notWe
have already developed such a selective extraction program to implement the system
114 Media Database systems
In this application area of steganography secrecy is not important but unifying two types of
data into one is the most importantMedia data (photo picture movie music etc) have some
association with other information A photo picture for instance may have the following
(1) The title of the picture and some physical object information
(2) The date and the time when the picture was taken
(3) The camera and the photographers information
Formerly these are annotated beside the each picture in the albumRecently almost all
cameras are digitalized They are cheap in price easy to use quick to shoot They eventually
made people feel reluctant to work on annotating each picture Now most home PCs are
stuck with the huge amount of photo files In this situation it is very hard to find a specific
shot in the piles of pictures A photo album software may help a little You can sort the
pictures and put a couple of annotation words to each photo When you want to find a
specific picture you can make a search by keywords for the target picture However the
annotation data in such software are not unified with the target pictures Each annotation only
has a link to the picture Therefore when you transfer the pictures to a different album
software all the annotation data are lost
This problem is technically referred to as Metadata (eg annotation data) in a media
database system (a photo album software) are separated from the media data (photo data) in
the database managing system (DBMS) This is a big problem
Steganography can solve this problem because a steganography program unifies two types of
data into one by way of embedding operation So metadata can easily be transferred from
one system to another without hitch Specifically you can embed all your goodbad memory
(of your sight-seeing trip) in each snap shot of the digital photo You can either send the
embedded picture to your friend to extract your memory on hisher PC or you may keep it
silent in your own PC to enjoy extracting the memory ten years after If a motion picture
steganography system has been developed in the near future a keyword based movie-scene
retrieving system will be implemented It will be a step to a semantic movie retrieval system
29
12CONCLUSION
In this paper we tried to give an all-round view of steganography both used to exchange
messages and watermarking First we gave an outline of the problem telling also some of the
history of this quickly developing field Then we showed the different techniques invented
from the simplest to the more complex ones trying to evaluate them under many points of
view Major emphasis was put on data hiding in images for the techniques involved are
usually more mature than the corresponding ones for other kinds of informations Image
encoding algorithms can also be representative for manipulation of other types of media like
voice text binary files binary files communication channels etc
The strength of our system resides in the new concept of key image Involving two images
(the cover and the key) in place of only one (the cover) we are able to change the cover
coefficients randomly This opportunity does not give a steganalytic tool the chance of
searching for a predictable set of modifications The proposed approach has many
applications in hiding and coding messages within standard medias such as images or videos
As future work we intend to study steganalytic techniques for ISC and to extend ISC to
mobile video communication
Then we gave an outline of the problems involved with watermarking a field that has come
into light after the development of broadband worldwide digital networks Steganography and
digital watermarking are undergoing a development process similar to that of encryption
Steganographyrsquos niche in security is to supplement cryptography and not to replace it There
is a continuous invention of new techniques for steganography followed by successful
breakings and new improvements of them
30
13REFERENCES
Neil F Johnson Sushil Jajodia George Mason University Exploring
Steganography Seeing the Unseen IEEE Computers February 1998 pp 26-34
W Bender D Gruhl N Morimoto A Lu Techniques for Data Hiding IBM
Systems Journal Vol 35
Ross Anderson Roger Needham Adi Shamir The Steganographic File System 2nd
Information Hiding Workshop 1998
Ross J Anderson Fabien AP Petitcolas On the limits of steganographyrdquo
W Bender D Gruhl N Morimoto and A Lu ldquoTechniques for data hidingrdquo IBM
Syst J vol 35 1996
I J Cox J Kilian T Leighton and T Shamoon ldquoSecure spread spectrum
watermarking for images audio and videordquo in Proc IEEE Int Conf Image
Processing Lausanne Switzerland Sept 1996 vol 111 pp 243ndash246
D Kahn The CodebreakersmdashThe Story of Secret Writing New York Scribner
1967
F Johnson and S Jajodia ldquoExploring steganography Seeing the unseenrdquo IEEE
Computer Mag pp 26ndash34 Feb 1998
B Pfitzmann ldquoTrials of traced traitorsrdquo in Information Hiding First International
Workshop Lecture Notes in Computer Science R Anderson Ed Berlin Germany
Springer-Verlag 1996 vol 1 pp 49ndash64
J R Smith and B O Comisky ldquoModulation and information hiding in imagesrdquo in
Information Hiding First International Workshop Lecture Notes in Computer
Science R Anderson Ed Berlin Germany Springer-Verlag 1996 vol 1174 pp
207ndash226
L M Marvel and C G Boncelet Jr ldquoCapacity of the additive steganographic
channelrdquo submitted for publication
R van Schyndel A Tirkel and C Osborne ldquoA digital watermarkrdquo in Proc IEEE Int
Conf Image Processing 1994 vol 2 pp 86ndash90
R B Wolfgang and E J Delp ldquoA watermark for digital imagesrdquo in Proc IEEE Int
Conf Image Processing Lausanne Switzerland Sept 1996 vol 111 pp 219ndash222
31
- 84 Countermeasures and detection
- Detection of physical steganography requires careful physical examination including the use of magnification developer chemicals and ultraviolet light It is a time-consuming process with obvious resource implications even in countries where large numbers of people are employed to spy on their fellow nationals However it is feasible to screen mail of certain suspected individuals or institutions such as prisons or prisoner-of-war (POW) camps During World War II a technology used to ease monitoring of POW mail was specially treated paper that would reveal invisible ink An article in the June 24 1948 issue of Paper Trade Journal by the Technical Director of the United States Government Printing Office Morris S Kantrowitz describes in general terms the development of this paper three prototypes of which were named Sensicoat Anilith and Coatalith paper These were for the manufacture of post cards and stationery to be given to German prisoners of war in the US and Canada If POWs tried to write a hidden message the special paper would render it visible At least two US patents were granted related to this technology one to Mr Kantrowitz No 2515232 Water-Detecting paper and Water-Detecting Coating Composition Therefor patented July 18 1950 and an earlier one Moisture-Sensitive Paper and the Manufacture Thereof No 2445586 patented July 20 1948 A similar strategy is to issue prisoners with writing paper ruled with a water-soluble ink that runs when in contact with a water-based invisible ink
-
FigSSIS decoder
101Technique basics
The core of SSIS is a spread spectrum encoder These devices work by modulating a narrow
band signal over a carrier The carrierrsquos frequency is continually shifted using a
pseudorandom noise generator fed with a secret key In this way the spectral energy of the
signal is spread over a wide band thus decreasing its density usually under the noise level
To extract the embedded message the receiver must use the same key and noise generator to
tune on the right frequencies and demodulate the original signal A casual observer wonrsquot be
able even to detect the hidden communication since it is under the noise level
102Data Rate
The data rate for this technique can be fairly high but it depends on the choices made for the
different parameters of the encoding We can assume that the message will be compressed
before embedding to allow for a higher capacity The ECC encoder instead is going to insert
redundant data into the stream to be able to correct the errors The more errors we want to
correct the more bits will be added Then we have a tradeoff between good retrieval and
capacity If we can allow for small glitches in the recovered message then we can use a
weaker encoding
Moreover the more data we want to insert in the image the more noise we are going to add
to it Then if our cover is not noisy we will be able to hide very little data while if we
choose a noisy one its capacity will be higher Experiments with 512x512 grey scale images
(256 KB) could embed from 500 bytes to 5KB depending on the cover These experiments
used a spread spectrum signal powerful enough to give almost total error-free retrieval
because the compression method adopted didnrsquot allow for any errors This means a data rate
24
varying from 1 hidden-bytes50 cover-bytes to 10 hiddenbytes 50 cover-bytes a rate
surpassed only by LSB insertion
103Robustness
Spread spectrum techniques are usually quite robust Every transformation that adds noise to
the image isnrsquot able to destroy the message Anyway a determined attacker can quite easily
compromise the embedded data using some digital processing like for examplenoise
reduction filters the same that are used in decoding to estimate the original cover
104Ease of detectionextraction
Spread spectrum encoding is widely used in military communications for its robustness
against detection An attacker canrsquot usually even know if the message was embedded and
anyway it will be very hard for him to extract it without knowing the right key2 and key3
105Suitability for steganography or watermarking
Due to its fairly high capacity and low ease of detection and extraction SISS is very good for
steganography
106Problems and possible solutions
The basic tradeoff in using SSIS is between the error rate we can afford and the amount of
informations we want to embed that varies in turn the power of the added noise The ECC is
used to allow for a lower power without increasing the Bit Error Rate as well
Further improvements will deal with improving the original cover estimate stage so that itrsquoll
lead to a lower Bit Error Rate in the recovered signal allowing to use less redundant ECCs
The first is redundant encoding by dividing the cover into blocks and embedding the same
message in each of them so that the hidden data can be extracted even from a part of the
image as big as one block but the more of it we have the more certain we can be about the
result
Moreover they added to the spectrum a template that can through a log-polar transform
applied to the spectrum of the stegoimage determine the original scale factor and orientation
of the image rendering the stego-message virtually immune to scaling and rotation Finally
spread spectrum techniques can add an adaptive perceptual masking filter before the insertion
of the signal so that the added noise is quite sure to be under perceptual limits This
25
however will increase the error rate in the retrieval because it reduces the power of the
embedded signal
11Applications of Steganography
Steganography is applicable to but not limited to the following areas
1) Confidential communication and secret data storing
2) Protection of data alteration
3) Access control system for digital content distribution
4) Media Database systems
The area differs in what feature of the steganography is utilized in each system
111 Confidential communication and secret data storing
The secrecy of the embedded data is essential in this areaHistorically steganography have
been approached in this area Steganography provides us with
(A) Potential capability to hide the existence of confidential data
(B) Hardness of detecting the hidden (ie embedded) data
(C) Strengthening of the secrecy of the encrypted data
In practice when you use some steganography you must first select a vessel data according
to the size of the embedding data The vessel should be innocuous Then you embed the
confidential data by using an embedding program (which is one component of the
steganography software) together with some key When extracting you (or your party) use an
extracting program (another component) to recover the embedded data by the same key
( common key in terms of cryptography) In this case you need a key negotiation before
you start communication
Attaching a stego file to an e-mail message is the simplest example in this application area
But you and your party must do a sending-and-receiving action that could be noticed by a
third party So e-mailing is not a completely secret communication methodThere is an easy
method that has no key-negotiation We have a model of Anonymous Covert Mailing
System There is some other communication method that uses the Internet Webpage In this
26
method you dont need to send anything to your party and no one can detect your
communication
Each secrecy based application needs an embedding process which leaves the smallest
embedding evidence You may follow the following
(A) Choose a large vessel larger the better compared with the embedding data
(B) Discard the original vessel after embedding
For example in the case of Qtech Hide amp View it leaves some latent embedding evidence
even if the vessel has a very large embedding capacity You are recommended to embed only
25 or less (for PNG BMP output) of the maximum capacity or only 3 of the vessel size
(for JPEG output)
112 Protection of data alteration
We take advantage of the fragility of the embedded data in this application area
The embedded data can rather be fragile than be very robust Actually embedded data are
fragile in most steganography programs Especially Qtech Hide amp View program embeds
data in an extremely fragile manner However this fragility opens a new direction toward an
information-alteration protective system such as a Digital Certificate Document System
The most novel point among others is that no authentication bureau is needed If it is
implemented people can send their digital certificate data to any place in the world through
Internet No one can forge alter nor tamper such certificate data If forged altered or
tampered it is easily detected by the extraction program
Stated somewhat more formally the objective for making steganographic encoding difficult
to detect is to ensure that the changes to the carrier (the original signal) due to the injection of
the payload (the signal to covertly embed) are visually (and ideally statistically) negligible
that is to say the changes are indistinguishable from the noise floor of the carrier Any
medium can be a carrier but media with a large amount of redundant or compressible
information are better suited
From an information theoretical point of view this means that the channel must have more
capacity than the surface signal requires that is there must be redundancy For a digital
image this may be noise from the imaging element for digital audio it may be noise from
recording techniques or amplification equipment In general electronics that digitize an
analog signal suffer from several noise sources such as thermal noise flicker noise and shot
27
noise This noise provides enough variation in the captured digital information that it can be
exploited as a noise cover for hidden data In addition lossy compression schemes (such as
JPEG) always introduce some error into the decompressed data it is possible to exploit this
for steganographic use as well
Steganography can be used for digital watermarking where a message (being simply an
identifier) is hidden in an image so that its source can be tracked or verified (for example
Coded Anti-Piracy) or even just to identify an image (as in the EURion constellation)
113 Access control system for digital content distribution
In this area embedded data is hidden but is explained to publicize the contentToday
digital contents are getting more and more commonly distributed by Internet than ever before
For example music companies release new albums on their Webpage in a free or charged
manner However in this case all the contents are equally distributed to the people who
accessed the page So an ordinary Web distribution scheme is not suited for a case-by-case
and selective distribution Of course it is always possible to attach digital content to e-mail
messages and send to the customers But it will takes a lot of cost in time and labor
If you have some valuable content which you think it is okay to provide others if they really
need it and if it is possible to upload such content on the Web in some covert manner And if
you can issue a special access key to extract the content selectively you will be very happy
about it A steganographic scheme can help realize a this type of system
We have developed a prototype of an Access Control System for digital content
distribution through Internet The following steps explain the scheme
(1) A content owner classify hisher digital contents in a folder-by-folder manner and embed
the whole folders in some large vessel according to a steganographic method using folder
access keys and upload the embedded vessel (stego data) on hisher own Webpage
(2) On that Webpage the owner explains the contents in depth and publicize worldwide The
contact information to the owner (post mail address e-mail address phone number etc) will
be posted there
(3) The owner may receive an access-request from a customer who watched that Webpage In
that case the owner may (or may not) creates an access key and provide it to the customer
(free or charged)
28
In this mechanism the most important point is a selective extraction is possible or notWe
have already developed such a selective extraction program to implement the system
114 Media Database systems
In this application area of steganography secrecy is not important but unifying two types of
data into one is the most importantMedia data (photo picture movie music etc) have some
association with other information A photo picture for instance may have the following
(1) The title of the picture and some physical object information
(2) The date and the time when the picture was taken
(3) The camera and the photographers information
Formerly these are annotated beside the each picture in the albumRecently almost all
cameras are digitalized They are cheap in price easy to use quick to shoot They eventually
made people feel reluctant to work on annotating each picture Now most home PCs are
stuck with the huge amount of photo files In this situation it is very hard to find a specific
shot in the piles of pictures A photo album software may help a little You can sort the
pictures and put a couple of annotation words to each photo When you want to find a
specific picture you can make a search by keywords for the target picture However the
annotation data in such software are not unified with the target pictures Each annotation only
has a link to the picture Therefore when you transfer the pictures to a different album
software all the annotation data are lost
This problem is technically referred to as Metadata (eg annotation data) in a media
database system (a photo album software) are separated from the media data (photo data) in
the database managing system (DBMS) This is a big problem
Steganography can solve this problem because a steganography program unifies two types of
data into one by way of embedding operation So metadata can easily be transferred from
one system to another without hitch Specifically you can embed all your goodbad memory
(of your sight-seeing trip) in each snap shot of the digital photo You can either send the
embedded picture to your friend to extract your memory on hisher PC or you may keep it
silent in your own PC to enjoy extracting the memory ten years after If a motion picture
steganography system has been developed in the near future a keyword based movie-scene
retrieving system will be implemented It will be a step to a semantic movie retrieval system
29
12CONCLUSION
In this paper we tried to give an all-round view of steganography both used to exchange
messages and watermarking First we gave an outline of the problem telling also some of the
history of this quickly developing field Then we showed the different techniques invented
from the simplest to the more complex ones trying to evaluate them under many points of
view Major emphasis was put on data hiding in images for the techniques involved are
usually more mature than the corresponding ones for other kinds of informations Image
encoding algorithms can also be representative for manipulation of other types of media like
voice text binary files binary files communication channels etc
The strength of our system resides in the new concept of key image Involving two images
(the cover and the key) in place of only one (the cover) we are able to change the cover
coefficients randomly This opportunity does not give a steganalytic tool the chance of
searching for a predictable set of modifications The proposed approach has many
applications in hiding and coding messages within standard medias such as images or videos
As future work we intend to study steganalytic techniques for ISC and to extend ISC to
mobile video communication
Then we gave an outline of the problems involved with watermarking a field that has come
into light after the development of broadband worldwide digital networks Steganography and
digital watermarking are undergoing a development process similar to that of encryption
Steganographyrsquos niche in security is to supplement cryptography and not to replace it There
is a continuous invention of new techniques for steganography followed by successful
breakings and new improvements of them
30
13REFERENCES
Neil F Johnson Sushil Jajodia George Mason University Exploring
Steganography Seeing the Unseen IEEE Computers February 1998 pp 26-34
W Bender D Gruhl N Morimoto A Lu Techniques for Data Hiding IBM
Systems Journal Vol 35
Ross Anderson Roger Needham Adi Shamir The Steganographic File System 2nd
Information Hiding Workshop 1998
Ross J Anderson Fabien AP Petitcolas On the limits of steganographyrdquo
W Bender D Gruhl N Morimoto and A Lu ldquoTechniques for data hidingrdquo IBM
Syst J vol 35 1996
I J Cox J Kilian T Leighton and T Shamoon ldquoSecure spread spectrum
watermarking for images audio and videordquo in Proc IEEE Int Conf Image
Processing Lausanne Switzerland Sept 1996 vol 111 pp 243ndash246
D Kahn The CodebreakersmdashThe Story of Secret Writing New York Scribner
1967
F Johnson and S Jajodia ldquoExploring steganography Seeing the unseenrdquo IEEE
Computer Mag pp 26ndash34 Feb 1998
B Pfitzmann ldquoTrials of traced traitorsrdquo in Information Hiding First International
Workshop Lecture Notes in Computer Science R Anderson Ed Berlin Germany
Springer-Verlag 1996 vol 1 pp 49ndash64
J R Smith and B O Comisky ldquoModulation and information hiding in imagesrdquo in
Information Hiding First International Workshop Lecture Notes in Computer
Science R Anderson Ed Berlin Germany Springer-Verlag 1996 vol 1174 pp
207ndash226
L M Marvel and C G Boncelet Jr ldquoCapacity of the additive steganographic
channelrdquo submitted for publication
R van Schyndel A Tirkel and C Osborne ldquoA digital watermarkrdquo in Proc IEEE Int
Conf Image Processing 1994 vol 2 pp 86ndash90
R B Wolfgang and E J Delp ldquoA watermark for digital imagesrdquo in Proc IEEE Int
Conf Image Processing Lausanne Switzerland Sept 1996 vol 111 pp 219ndash222
31
- 84 Countermeasures and detection
- Detection of physical steganography requires careful physical examination including the use of magnification developer chemicals and ultraviolet light It is a time-consuming process with obvious resource implications even in countries where large numbers of people are employed to spy on their fellow nationals However it is feasible to screen mail of certain suspected individuals or institutions such as prisons or prisoner-of-war (POW) camps During World War II a technology used to ease monitoring of POW mail was specially treated paper that would reveal invisible ink An article in the June 24 1948 issue of Paper Trade Journal by the Technical Director of the United States Government Printing Office Morris S Kantrowitz describes in general terms the development of this paper three prototypes of which were named Sensicoat Anilith and Coatalith paper These were for the manufacture of post cards and stationery to be given to German prisoners of war in the US and Canada If POWs tried to write a hidden message the special paper would render it visible At least two US patents were granted related to this technology one to Mr Kantrowitz No 2515232 Water-Detecting paper and Water-Detecting Coating Composition Therefor patented July 18 1950 and an earlier one Moisture-Sensitive Paper and the Manufacture Thereof No 2445586 patented July 20 1948 A similar strategy is to issue prisoners with writing paper ruled with a water-soluble ink that runs when in contact with a water-based invisible ink
-
varying from 1 hidden-bytes50 cover-bytes to 10 hiddenbytes 50 cover-bytes a rate
surpassed only by LSB insertion
103Robustness
Spread spectrum techniques are usually quite robust Every transformation that adds noise to
the image isnrsquot able to destroy the message Anyway a determined attacker can quite easily
compromise the embedded data using some digital processing like for examplenoise
reduction filters the same that are used in decoding to estimate the original cover
104Ease of detectionextraction
Spread spectrum encoding is widely used in military communications for its robustness
against detection An attacker canrsquot usually even know if the message was embedded and
anyway it will be very hard for him to extract it without knowing the right key2 and key3
105Suitability for steganography or watermarking
Due to its fairly high capacity and low ease of detection and extraction SISS is very good for
steganography
106Problems and possible solutions
The basic tradeoff in using SSIS is between the error rate we can afford and the amount of
informations we want to embed that varies in turn the power of the added noise The ECC is
used to allow for a lower power without increasing the Bit Error Rate as well
Further improvements will deal with improving the original cover estimate stage so that itrsquoll
lead to a lower Bit Error Rate in the recovered signal allowing to use less redundant ECCs
The first is redundant encoding by dividing the cover into blocks and embedding the same
message in each of them so that the hidden data can be extracted even from a part of the
image as big as one block but the more of it we have the more certain we can be about the
result
Moreover they added to the spectrum a template that can through a log-polar transform
applied to the spectrum of the stegoimage determine the original scale factor and orientation
of the image rendering the stego-message virtually immune to scaling and rotation Finally
spread spectrum techniques can add an adaptive perceptual masking filter before the insertion
of the signal so that the added noise is quite sure to be under perceptual limits This
25
however will increase the error rate in the retrieval because it reduces the power of the
embedded signal
11Applications of Steganography
Steganography is applicable to but not limited to the following areas
1) Confidential communication and secret data storing
2) Protection of data alteration
3) Access control system for digital content distribution
4) Media Database systems
The area differs in what feature of the steganography is utilized in each system
111 Confidential communication and secret data storing
The secrecy of the embedded data is essential in this areaHistorically steganography have
been approached in this area Steganography provides us with
(A) Potential capability to hide the existence of confidential data
(B) Hardness of detecting the hidden (ie embedded) data
(C) Strengthening of the secrecy of the encrypted data
In practice when you use some steganography you must first select a vessel data according
to the size of the embedding data The vessel should be innocuous Then you embed the
confidential data by using an embedding program (which is one component of the
steganography software) together with some key When extracting you (or your party) use an
extracting program (another component) to recover the embedded data by the same key
( common key in terms of cryptography) In this case you need a key negotiation before
you start communication
Attaching a stego file to an e-mail message is the simplest example in this application area
But you and your party must do a sending-and-receiving action that could be noticed by a
third party So e-mailing is not a completely secret communication methodThere is an easy
method that has no key-negotiation We have a model of Anonymous Covert Mailing
System There is some other communication method that uses the Internet Webpage In this
26
method you dont need to send anything to your party and no one can detect your
communication
Each secrecy based application needs an embedding process which leaves the smallest
embedding evidence You may follow the following
(A) Choose a large vessel larger the better compared with the embedding data
(B) Discard the original vessel after embedding
For example in the case of Qtech Hide amp View it leaves some latent embedding evidence
even if the vessel has a very large embedding capacity You are recommended to embed only
25 or less (for PNG BMP output) of the maximum capacity or only 3 of the vessel size
(for JPEG output)
112 Protection of data alteration
We take advantage of the fragility of the embedded data in this application area
The embedded data can rather be fragile than be very robust Actually embedded data are
fragile in most steganography programs Especially Qtech Hide amp View program embeds
data in an extremely fragile manner However this fragility opens a new direction toward an
information-alteration protective system such as a Digital Certificate Document System
The most novel point among others is that no authentication bureau is needed If it is
implemented people can send their digital certificate data to any place in the world through
Internet No one can forge alter nor tamper such certificate data If forged altered or
tampered it is easily detected by the extraction program
Stated somewhat more formally the objective for making steganographic encoding difficult
to detect is to ensure that the changes to the carrier (the original signal) due to the injection of
the payload (the signal to covertly embed) are visually (and ideally statistically) negligible
that is to say the changes are indistinguishable from the noise floor of the carrier Any
medium can be a carrier but media with a large amount of redundant or compressible
information are better suited
From an information theoretical point of view this means that the channel must have more
capacity than the surface signal requires that is there must be redundancy For a digital
image this may be noise from the imaging element for digital audio it may be noise from
recording techniques or amplification equipment In general electronics that digitize an
analog signal suffer from several noise sources such as thermal noise flicker noise and shot
27
noise This noise provides enough variation in the captured digital information that it can be
exploited as a noise cover for hidden data In addition lossy compression schemes (such as
JPEG) always introduce some error into the decompressed data it is possible to exploit this
for steganographic use as well
Steganography can be used for digital watermarking where a message (being simply an
identifier) is hidden in an image so that its source can be tracked or verified (for example
Coded Anti-Piracy) or even just to identify an image (as in the EURion constellation)
113 Access control system for digital content distribution
In this area embedded data is hidden but is explained to publicize the contentToday
digital contents are getting more and more commonly distributed by Internet than ever before
For example music companies release new albums on their Webpage in a free or charged
manner However in this case all the contents are equally distributed to the people who
accessed the page So an ordinary Web distribution scheme is not suited for a case-by-case
and selective distribution Of course it is always possible to attach digital content to e-mail
messages and send to the customers But it will takes a lot of cost in time and labor
If you have some valuable content which you think it is okay to provide others if they really
need it and if it is possible to upload such content on the Web in some covert manner And if
you can issue a special access key to extract the content selectively you will be very happy
about it A steganographic scheme can help realize a this type of system
We have developed a prototype of an Access Control System for digital content
distribution through Internet The following steps explain the scheme
(1) A content owner classify hisher digital contents in a folder-by-folder manner and embed
the whole folders in some large vessel according to a steganographic method using folder
access keys and upload the embedded vessel (stego data) on hisher own Webpage
(2) On that Webpage the owner explains the contents in depth and publicize worldwide The
contact information to the owner (post mail address e-mail address phone number etc) will
be posted there
(3) The owner may receive an access-request from a customer who watched that Webpage In
that case the owner may (or may not) creates an access key and provide it to the customer
(free or charged)
28
In this mechanism the most important point is a selective extraction is possible or notWe
have already developed such a selective extraction program to implement the system
114 Media Database systems
In this application area of steganography secrecy is not important but unifying two types of
data into one is the most importantMedia data (photo picture movie music etc) have some
association with other information A photo picture for instance may have the following
(1) The title of the picture and some physical object information
(2) The date and the time when the picture was taken
(3) The camera and the photographers information
Formerly these are annotated beside the each picture in the albumRecently almost all
cameras are digitalized They are cheap in price easy to use quick to shoot They eventually
made people feel reluctant to work on annotating each picture Now most home PCs are
stuck with the huge amount of photo files In this situation it is very hard to find a specific
shot in the piles of pictures A photo album software may help a little You can sort the
pictures and put a couple of annotation words to each photo When you want to find a
specific picture you can make a search by keywords for the target picture However the
annotation data in such software are not unified with the target pictures Each annotation only
has a link to the picture Therefore when you transfer the pictures to a different album
software all the annotation data are lost
This problem is technically referred to as Metadata (eg annotation data) in a media
database system (a photo album software) are separated from the media data (photo data) in
the database managing system (DBMS) This is a big problem
Steganography can solve this problem because a steganography program unifies two types of
data into one by way of embedding operation So metadata can easily be transferred from
one system to another without hitch Specifically you can embed all your goodbad memory
(of your sight-seeing trip) in each snap shot of the digital photo You can either send the
embedded picture to your friend to extract your memory on hisher PC or you may keep it
silent in your own PC to enjoy extracting the memory ten years after If a motion picture
steganography system has been developed in the near future a keyword based movie-scene
retrieving system will be implemented It will be a step to a semantic movie retrieval system
29
12CONCLUSION
In this paper we tried to give an all-round view of steganography both used to exchange
messages and watermarking First we gave an outline of the problem telling also some of the
history of this quickly developing field Then we showed the different techniques invented
from the simplest to the more complex ones trying to evaluate them under many points of
view Major emphasis was put on data hiding in images for the techniques involved are
usually more mature than the corresponding ones for other kinds of informations Image
encoding algorithms can also be representative for manipulation of other types of media like
voice text binary files binary files communication channels etc
The strength of our system resides in the new concept of key image Involving two images
(the cover and the key) in place of only one (the cover) we are able to change the cover
coefficients randomly This opportunity does not give a steganalytic tool the chance of
searching for a predictable set of modifications The proposed approach has many
applications in hiding and coding messages within standard medias such as images or videos
As future work we intend to study steganalytic techniques for ISC and to extend ISC to
mobile video communication
Then we gave an outline of the problems involved with watermarking a field that has come
into light after the development of broadband worldwide digital networks Steganography and
digital watermarking are undergoing a development process similar to that of encryption
Steganographyrsquos niche in security is to supplement cryptography and not to replace it There
is a continuous invention of new techniques for steganography followed by successful
breakings and new improvements of them
30
13REFERENCES
Neil F Johnson Sushil Jajodia George Mason University Exploring
Steganography Seeing the Unseen IEEE Computers February 1998 pp 26-34
W Bender D Gruhl N Morimoto A Lu Techniques for Data Hiding IBM
Systems Journal Vol 35
Ross Anderson Roger Needham Adi Shamir The Steganographic File System 2nd
Information Hiding Workshop 1998
Ross J Anderson Fabien AP Petitcolas On the limits of steganographyrdquo
W Bender D Gruhl N Morimoto and A Lu ldquoTechniques for data hidingrdquo IBM
Syst J vol 35 1996
I J Cox J Kilian T Leighton and T Shamoon ldquoSecure spread spectrum
watermarking for images audio and videordquo in Proc IEEE Int Conf Image
Processing Lausanne Switzerland Sept 1996 vol 111 pp 243ndash246
D Kahn The CodebreakersmdashThe Story of Secret Writing New York Scribner
1967
F Johnson and S Jajodia ldquoExploring steganography Seeing the unseenrdquo IEEE
Computer Mag pp 26ndash34 Feb 1998
B Pfitzmann ldquoTrials of traced traitorsrdquo in Information Hiding First International
Workshop Lecture Notes in Computer Science R Anderson Ed Berlin Germany
Springer-Verlag 1996 vol 1 pp 49ndash64
J R Smith and B O Comisky ldquoModulation and information hiding in imagesrdquo in
Information Hiding First International Workshop Lecture Notes in Computer
Science R Anderson Ed Berlin Germany Springer-Verlag 1996 vol 1174 pp
207ndash226
L M Marvel and C G Boncelet Jr ldquoCapacity of the additive steganographic
channelrdquo submitted for publication
R van Schyndel A Tirkel and C Osborne ldquoA digital watermarkrdquo in Proc IEEE Int
Conf Image Processing 1994 vol 2 pp 86ndash90
R B Wolfgang and E J Delp ldquoA watermark for digital imagesrdquo in Proc IEEE Int
Conf Image Processing Lausanne Switzerland Sept 1996 vol 111 pp 219ndash222
31
- 84 Countermeasures and detection
- Detection of physical steganography requires careful physical examination including the use of magnification developer chemicals and ultraviolet light It is a time-consuming process with obvious resource implications even in countries where large numbers of people are employed to spy on their fellow nationals However it is feasible to screen mail of certain suspected individuals or institutions such as prisons or prisoner-of-war (POW) camps During World War II a technology used to ease monitoring of POW mail was specially treated paper that would reveal invisible ink An article in the June 24 1948 issue of Paper Trade Journal by the Technical Director of the United States Government Printing Office Morris S Kantrowitz describes in general terms the development of this paper three prototypes of which were named Sensicoat Anilith and Coatalith paper These were for the manufacture of post cards and stationery to be given to German prisoners of war in the US and Canada If POWs tried to write a hidden message the special paper would render it visible At least two US patents were granted related to this technology one to Mr Kantrowitz No 2515232 Water-Detecting paper and Water-Detecting Coating Composition Therefor patented July 18 1950 and an earlier one Moisture-Sensitive Paper and the Manufacture Thereof No 2445586 patented July 20 1948 A similar strategy is to issue prisoners with writing paper ruled with a water-soluble ink that runs when in contact with a water-based invisible ink
-
however will increase the error rate in the retrieval because it reduces the power of the
embedded signal
11Applications of Steganography
Steganography is applicable to but not limited to the following areas
1) Confidential communication and secret data storing
2) Protection of data alteration
3) Access control system for digital content distribution
4) Media Database systems
The area differs in what feature of the steganography is utilized in each system
111 Confidential communication and secret data storing
The secrecy of the embedded data is essential in this areaHistorically steganography have
been approached in this area Steganography provides us with
(A) Potential capability to hide the existence of confidential data
(B) Hardness of detecting the hidden (ie embedded) data
(C) Strengthening of the secrecy of the encrypted data
In practice when you use some steganography you must first select a vessel data according
to the size of the embedding data The vessel should be innocuous Then you embed the
confidential data by using an embedding program (which is one component of the
steganography software) together with some key When extracting you (or your party) use an
extracting program (another component) to recover the embedded data by the same key
( common key in terms of cryptography) In this case you need a key negotiation before
you start communication
Attaching a stego file to an e-mail message is the simplest example in this application area
But you and your party must do a sending-and-receiving action that could be noticed by a
third party So e-mailing is not a completely secret communication methodThere is an easy
method that has no key-negotiation We have a model of Anonymous Covert Mailing
System There is some other communication method that uses the Internet Webpage In this
26
method you dont need to send anything to your party and no one can detect your
communication
Each secrecy based application needs an embedding process which leaves the smallest
embedding evidence You may follow the following
(A) Choose a large vessel larger the better compared with the embedding data
(B) Discard the original vessel after embedding
For example in the case of Qtech Hide amp View it leaves some latent embedding evidence
even if the vessel has a very large embedding capacity You are recommended to embed only
25 or less (for PNG BMP output) of the maximum capacity or only 3 of the vessel size
(for JPEG output)
112 Protection of data alteration
We take advantage of the fragility of the embedded data in this application area
The embedded data can rather be fragile than be very robust Actually embedded data are
fragile in most steganography programs Especially Qtech Hide amp View program embeds
data in an extremely fragile manner However this fragility opens a new direction toward an
information-alteration protective system such as a Digital Certificate Document System
The most novel point among others is that no authentication bureau is needed If it is
implemented people can send their digital certificate data to any place in the world through
Internet No one can forge alter nor tamper such certificate data If forged altered or
tampered it is easily detected by the extraction program
Stated somewhat more formally the objective for making steganographic encoding difficult
to detect is to ensure that the changes to the carrier (the original signal) due to the injection of
the payload (the signal to covertly embed) are visually (and ideally statistically) negligible
that is to say the changes are indistinguishable from the noise floor of the carrier Any
medium can be a carrier but media with a large amount of redundant or compressible
information are better suited
From an information theoretical point of view this means that the channel must have more
capacity than the surface signal requires that is there must be redundancy For a digital
image this may be noise from the imaging element for digital audio it may be noise from
recording techniques or amplification equipment In general electronics that digitize an
analog signal suffer from several noise sources such as thermal noise flicker noise and shot
27
noise This noise provides enough variation in the captured digital information that it can be
exploited as a noise cover for hidden data In addition lossy compression schemes (such as
JPEG) always introduce some error into the decompressed data it is possible to exploit this
for steganographic use as well
Steganography can be used for digital watermarking where a message (being simply an
identifier) is hidden in an image so that its source can be tracked or verified (for example
Coded Anti-Piracy) or even just to identify an image (as in the EURion constellation)
113 Access control system for digital content distribution
In this area embedded data is hidden but is explained to publicize the contentToday
digital contents are getting more and more commonly distributed by Internet than ever before
For example music companies release new albums on their Webpage in a free or charged
manner However in this case all the contents are equally distributed to the people who
accessed the page So an ordinary Web distribution scheme is not suited for a case-by-case
and selective distribution Of course it is always possible to attach digital content to e-mail
messages and send to the customers But it will takes a lot of cost in time and labor
If you have some valuable content which you think it is okay to provide others if they really
need it and if it is possible to upload such content on the Web in some covert manner And if
you can issue a special access key to extract the content selectively you will be very happy
about it A steganographic scheme can help realize a this type of system
We have developed a prototype of an Access Control System for digital content
distribution through Internet The following steps explain the scheme
(1) A content owner classify hisher digital contents in a folder-by-folder manner and embed
the whole folders in some large vessel according to a steganographic method using folder
access keys and upload the embedded vessel (stego data) on hisher own Webpage
(2) On that Webpage the owner explains the contents in depth and publicize worldwide The
contact information to the owner (post mail address e-mail address phone number etc) will
be posted there
(3) The owner may receive an access-request from a customer who watched that Webpage In
that case the owner may (or may not) creates an access key and provide it to the customer
(free or charged)
28
In this mechanism the most important point is a selective extraction is possible or notWe
have already developed such a selective extraction program to implement the system
114 Media Database systems
In this application area of steganography secrecy is not important but unifying two types of
data into one is the most importantMedia data (photo picture movie music etc) have some
association with other information A photo picture for instance may have the following
(1) The title of the picture and some physical object information
(2) The date and the time when the picture was taken
(3) The camera and the photographers information
Formerly these are annotated beside the each picture in the albumRecently almost all
cameras are digitalized They are cheap in price easy to use quick to shoot They eventually
made people feel reluctant to work on annotating each picture Now most home PCs are
stuck with the huge amount of photo files In this situation it is very hard to find a specific
shot in the piles of pictures A photo album software may help a little You can sort the
pictures and put a couple of annotation words to each photo When you want to find a
specific picture you can make a search by keywords for the target picture However the
annotation data in such software are not unified with the target pictures Each annotation only
has a link to the picture Therefore when you transfer the pictures to a different album
software all the annotation data are lost
This problem is technically referred to as Metadata (eg annotation data) in a media
database system (a photo album software) are separated from the media data (photo data) in
the database managing system (DBMS) This is a big problem
Steganography can solve this problem because a steganography program unifies two types of
data into one by way of embedding operation So metadata can easily be transferred from
one system to another without hitch Specifically you can embed all your goodbad memory
(of your sight-seeing trip) in each snap shot of the digital photo You can either send the
embedded picture to your friend to extract your memory on hisher PC or you may keep it
silent in your own PC to enjoy extracting the memory ten years after If a motion picture
steganography system has been developed in the near future a keyword based movie-scene
retrieving system will be implemented It will be a step to a semantic movie retrieval system
29
12CONCLUSION
In this paper we tried to give an all-round view of steganography both used to exchange
messages and watermarking First we gave an outline of the problem telling also some of the
history of this quickly developing field Then we showed the different techniques invented
from the simplest to the more complex ones trying to evaluate them under many points of
view Major emphasis was put on data hiding in images for the techniques involved are
usually more mature than the corresponding ones for other kinds of informations Image
encoding algorithms can also be representative for manipulation of other types of media like
voice text binary files binary files communication channels etc
The strength of our system resides in the new concept of key image Involving two images
(the cover and the key) in place of only one (the cover) we are able to change the cover
coefficients randomly This opportunity does not give a steganalytic tool the chance of
searching for a predictable set of modifications The proposed approach has many
applications in hiding and coding messages within standard medias such as images or videos
As future work we intend to study steganalytic techniques for ISC and to extend ISC to
mobile video communication
Then we gave an outline of the problems involved with watermarking a field that has come
into light after the development of broadband worldwide digital networks Steganography and
digital watermarking are undergoing a development process similar to that of encryption
Steganographyrsquos niche in security is to supplement cryptography and not to replace it There
is a continuous invention of new techniques for steganography followed by successful
breakings and new improvements of them
30
13REFERENCES
Neil F Johnson Sushil Jajodia George Mason University Exploring
Steganography Seeing the Unseen IEEE Computers February 1998 pp 26-34
W Bender D Gruhl N Morimoto A Lu Techniques for Data Hiding IBM
Systems Journal Vol 35
Ross Anderson Roger Needham Adi Shamir The Steganographic File System 2nd
Information Hiding Workshop 1998
Ross J Anderson Fabien AP Petitcolas On the limits of steganographyrdquo
W Bender D Gruhl N Morimoto and A Lu ldquoTechniques for data hidingrdquo IBM
Syst J vol 35 1996
I J Cox J Kilian T Leighton and T Shamoon ldquoSecure spread spectrum
watermarking for images audio and videordquo in Proc IEEE Int Conf Image
Processing Lausanne Switzerland Sept 1996 vol 111 pp 243ndash246
D Kahn The CodebreakersmdashThe Story of Secret Writing New York Scribner
1967
F Johnson and S Jajodia ldquoExploring steganography Seeing the unseenrdquo IEEE
Computer Mag pp 26ndash34 Feb 1998
B Pfitzmann ldquoTrials of traced traitorsrdquo in Information Hiding First International
Workshop Lecture Notes in Computer Science R Anderson Ed Berlin Germany
Springer-Verlag 1996 vol 1 pp 49ndash64
J R Smith and B O Comisky ldquoModulation and information hiding in imagesrdquo in
Information Hiding First International Workshop Lecture Notes in Computer
Science R Anderson Ed Berlin Germany Springer-Verlag 1996 vol 1174 pp
207ndash226
L M Marvel and C G Boncelet Jr ldquoCapacity of the additive steganographic
channelrdquo submitted for publication
R van Schyndel A Tirkel and C Osborne ldquoA digital watermarkrdquo in Proc IEEE Int
Conf Image Processing 1994 vol 2 pp 86ndash90
R B Wolfgang and E J Delp ldquoA watermark for digital imagesrdquo in Proc IEEE Int
Conf Image Processing Lausanne Switzerland Sept 1996 vol 111 pp 219ndash222
31
- 84 Countermeasures and detection
- Detection of physical steganography requires careful physical examination including the use of magnification developer chemicals and ultraviolet light It is a time-consuming process with obvious resource implications even in countries where large numbers of people are employed to spy on their fellow nationals However it is feasible to screen mail of certain suspected individuals or institutions such as prisons or prisoner-of-war (POW) camps During World War II a technology used to ease monitoring of POW mail was specially treated paper that would reveal invisible ink An article in the June 24 1948 issue of Paper Trade Journal by the Technical Director of the United States Government Printing Office Morris S Kantrowitz describes in general terms the development of this paper three prototypes of which were named Sensicoat Anilith and Coatalith paper These were for the manufacture of post cards and stationery to be given to German prisoners of war in the US and Canada If POWs tried to write a hidden message the special paper would render it visible At least two US patents were granted related to this technology one to Mr Kantrowitz No 2515232 Water-Detecting paper and Water-Detecting Coating Composition Therefor patented July 18 1950 and an earlier one Moisture-Sensitive Paper and the Manufacture Thereof No 2445586 patented July 20 1948 A similar strategy is to issue prisoners with writing paper ruled with a water-soluble ink that runs when in contact with a water-based invisible ink
-
method you dont need to send anything to your party and no one can detect your
communication
Each secrecy based application needs an embedding process which leaves the smallest
embedding evidence You may follow the following
(A) Choose a large vessel larger the better compared with the embedding data
(B) Discard the original vessel after embedding
For example in the case of Qtech Hide amp View it leaves some latent embedding evidence
even if the vessel has a very large embedding capacity You are recommended to embed only
25 or less (for PNG BMP output) of the maximum capacity or only 3 of the vessel size
(for JPEG output)
112 Protection of data alteration
We take advantage of the fragility of the embedded data in this application area
The embedded data can rather be fragile than be very robust Actually embedded data are
fragile in most steganography programs Especially Qtech Hide amp View program embeds
data in an extremely fragile manner However this fragility opens a new direction toward an
information-alteration protective system such as a Digital Certificate Document System
The most novel point among others is that no authentication bureau is needed If it is
implemented people can send their digital certificate data to any place in the world through
Internet No one can forge alter nor tamper such certificate data If forged altered or
tampered it is easily detected by the extraction program
Stated somewhat more formally the objective for making steganographic encoding difficult
to detect is to ensure that the changes to the carrier (the original signal) due to the injection of
the payload (the signal to covertly embed) are visually (and ideally statistically) negligible
that is to say the changes are indistinguishable from the noise floor of the carrier Any
medium can be a carrier but media with a large amount of redundant or compressible
information are better suited
From an information theoretical point of view this means that the channel must have more
capacity than the surface signal requires that is there must be redundancy For a digital
image this may be noise from the imaging element for digital audio it may be noise from
recording techniques or amplification equipment In general electronics that digitize an
analog signal suffer from several noise sources such as thermal noise flicker noise and shot
27
noise This noise provides enough variation in the captured digital information that it can be
exploited as a noise cover for hidden data In addition lossy compression schemes (such as
JPEG) always introduce some error into the decompressed data it is possible to exploit this
for steganographic use as well
Steganography can be used for digital watermarking where a message (being simply an
identifier) is hidden in an image so that its source can be tracked or verified (for example
Coded Anti-Piracy) or even just to identify an image (as in the EURion constellation)
113 Access control system for digital content distribution
In this area embedded data is hidden but is explained to publicize the contentToday
digital contents are getting more and more commonly distributed by Internet than ever before
For example music companies release new albums on their Webpage in a free or charged
manner However in this case all the contents are equally distributed to the people who
accessed the page So an ordinary Web distribution scheme is not suited for a case-by-case
and selective distribution Of course it is always possible to attach digital content to e-mail
messages and send to the customers But it will takes a lot of cost in time and labor
If you have some valuable content which you think it is okay to provide others if they really
need it and if it is possible to upload such content on the Web in some covert manner And if
you can issue a special access key to extract the content selectively you will be very happy
about it A steganographic scheme can help realize a this type of system
We have developed a prototype of an Access Control System for digital content
distribution through Internet The following steps explain the scheme
(1) A content owner classify hisher digital contents in a folder-by-folder manner and embed
the whole folders in some large vessel according to a steganographic method using folder
access keys and upload the embedded vessel (stego data) on hisher own Webpage
(2) On that Webpage the owner explains the contents in depth and publicize worldwide The
contact information to the owner (post mail address e-mail address phone number etc) will
be posted there
(3) The owner may receive an access-request from a customer who watched that Webpage In
that case the owner may (or may not) creates an access key and provide it to the customer
(free or charged)
28
In this mechanism the most important point is a selective extraction is possible or notWe
have already developed such a selective extraction program to implement the system
114 Media Database systems
In this application area of steganography secrecy is not important but unifying two types of
data into one is the most importantMedia data (photo picture movie music etc) have some
association with other information A photo picture for instance may have the following
(1) The title of the picture and some physical object information
(2) The date and the time when the picture was taken
(3) The camera and the photographers information
Formerly these are annotated beside the each picture in the albumRecently almost all
cameras are digitalized They are cheap in price easy to use quick to shoot They eventually
made people feel reluctant to work on annotating each picture Now most home PCs are
stuck with the huge amount of photo files In this situation it is very hard to find a specific
shot in the piles of pictures A photo album software may help a little You can sort the
pictures and put a couple of annotation words to each photo When you want to find a
specific picture you can make a search by keywords for the target picture However the
annotation data in such software are not unified with the target pictures Each annotation only
has a link to the picture Therefore when you transfer the pictures to a different album
software all the annotation data are lost
This problem is technically referred to as Metadata (eg annotation data) in a media
database system (a photo album software) are separated from the media data (photo data) in
the database managing system (DBMS) This is a big problem
Steganography can solve this problem because a steganography program unifies two types of
data into one by way of embedding operation So metadata can easily be transferred from
one system to another without hitch Specifically you can embed all your goodbad memory
(of your sight-seeing trip) in each snap shot of the digital photo You can either send the
embedded picture to your friend to extract your memory on hisher PC or you may keep it
silent in your own PC to enjoy extracting the memory ten years after If a motion picture
steganography system has been developed in the near future a keyword based movie-scene
retrieving system will be implemented It will be a step to a semantic movie retrieval system
29
12CONCLUSION
In this paper we tried to give an all-round view of steganography both used to exchange
messages and watermarking First we gave an outline of the problem telling also some of the
history of this quickly developing field Then we showed the different techniques invented
from the simplest to the more complex ones trying to evaluate them under many points of
view Major emphasis was put on data hiding in images for the techniques involved are
usually more mature than the corresponding ones for other kinds of informations Image
encoding algorithms can also be representative for manipulation of other types of media like
voice text binary files binary files communication channels etc
The strength of our system resides in the new concept of key image Involving two images
(the cover and the key) in place of only one (the cover) we are able to change the cover
coefficients randomly This opportunity does not give a steganalytic tool the chance of
searching for a predictable set of modifications The proposed approach has many
applications in hiding and coding messages within standard medias such as images or videos
As future work we intend to study steganalytic techniques for ISC and to extend ISC to
mobile video communication
Then we gave an outline of the problems involved with watermarking a field that has come
into light after the development of broadband worldwide digital networks Steganography and
digital watermarking are undergoing a development process similar to that of encryption
Steganographyrsquos niche in security is to supplement cryptography and not to replace it There
is a continuous invention of new techniques for steganography followed by successful
breakings and new improvements of them
30
13REFERENCES
Neil F Johnson Sushil Jajodia George Mason University Exploring
Steganography Seeing the Unseen IEEE Computers February 1998 pp 26-34
W Bender D Gruhl N Morimoto A Lu Techniques for Data Hiding IBM
Systems Journal Vol 35
Ross Anderson Roger Needham Adi Shamir The Steganographic File System 2nd
Information Hiding Workshop 1998
Ross J Anderson Fabien AP Petitcolas On the limits of steganographyrdquo
W Bender D Gruhl N Morimoto and A Lu ldquoTechniques for data hidingrdquo IBM
Syst J vol 35 1996
I J Cox J Kilian T Leighton and T Shamoon ldquoSecure spread spectrum
watermarking for images audio and videordquo in Proc IEEE Int Conf Image
Processing Lausanne Switzerland Sept 1996 vol 111 pp 243ndash246
D Kahn The CodebreakersmdashThe Story of Secret Writing New York Scribner
1967
F Johnson and S Jajodia ldquoExploring steganography Seeing the unseenrdquo IEEE
Computer Mag pp 26ndash34 Feb 1998
B Pfitzmann ldquoTrials of traced traitorsrdquo in Information Hiding First International
Workshop Lecture Notes in Computer Science R Anderson Ed Berlin Germany
Springer-Verlag 1996 vol 1 pp 49ndash64
J R Smith and B O Comisky ldquoModulation and information hiding in imagesrdquo in
Information Hiding First International Workshop Lecture Notes in Computer
Science R Anderson Ed Berlin Germany Springer-Verlag 1996 vol 1174 pp
207ndash226
L M Marvel and C G Boncelet Jr ldquoCapacity of the additive steganographic
channelrdquo submitted for publication
R van Schyndel A Tirkel and C Osborne ldquoA digital watermarkrdquo in Proc IEEE Int
Conf Image Processing 1994 vol 2 pp 86ndash90
R B Wolfgang and E J Delp ldquoA watermark for digital imagesrdquo in Proc IEEE Int
Conf Image Processing Lausanne Switzerland Sept 1996 vol 111 pp 219ndash222
31
- 84 Countermeasures and detection
- Detection of physical steganography requires careful physical examination including the use of magnification developer chemicals and ultraviolet light It is a time-consuming process with obvious resource implications even in countries where large numbers of people are employed to spy on their fellow nationals However it is feasible to screen mail of certain suspected individuals or institutions such as prisons or prisoner-of-war (POW) camps During World War II a technology used to ease monitoring of POW mail was specially treated paper that would reveal invisible ink An article in the June 24 1948 issue of Paper Trade Journal by the Technical Director of the United States Government Printing Office Morris S Kantrowitz describes in general terms the development of this paper three prototypes of which were named Sensicoat Anilith and Coatalith paper These were for the manufacture of post cards and stationery to be given to German prisoners of war in the US and Canada If POWs tried to write a hidden message the special paper would render it visible At least two US patents were granted related to this technology one to Mr Kantrowitz No 2515232 Water-Detecting paper and Water-Detecting Coating Composition Therefor patented July 18 1950 and an earlier one Moisture-Sensitive Paper and the Manufacture Thereof No 2445586 patented July 20 1948 A similar strategy is to issue prisoners with writing paper ruled with a water-soluble ink that runs when in contact with a water-based invisible ink
-
noise This noise provides enough variation in the captured digital information that it can be
exploited as a noise cover for hidden data In addition lossy compression schemes (such as
JPEG) always introduce some error into the decompressed data it is possible to exploit this
for steganographic use as well
Steganography can be used for digital watermarking where a message (being simply an
identifier) is hidden in an image so that its source can be tracked or verified (for example
Coded Anti-Piracy) or even just to identify an image (as in the EURion constellation)
113 Access control system for digital content distribution
In this area embedded data is hidden but is explained to publicize the contentToday
digital contents are getting more and more commonly distributed by Internet than ever before
For example music companies release new albums on their Webpage in a free or charged
manner However in this case all the contents are equally distributed to the people who
accessed the page So an ordinary Web distribution scheme is not suited for a case-by-case
and selective distribution Of course it is always possible to attach digital content to e-mail
messages and send to the customers But it will takes a lot of cost in time and labor
If you have some valuable content which you think it is okay to provide others if they really
need it and if it is possible to upload such content on the Web in some covert manner And if
you can issue a special access key to extract the content selectively you will be very happy
about it A steganographic scheme can help realize a this type of system
We have developed a prototype of an Access Control System for digital content
distribution through Internet The following steps explain the scheme
(1) A content owner classify hisher digital contents in a folder-by-folder manner and embed
the whole folders in some large vessel according to a steganographic method using folder
access keys and upload the embedded vessel (stego data) on hisher own Webpage
(2) On that Webpage the owner explains the contents in depth and publicize worldwide The
contact information to the owner (post mail address e-mail address phone number etc) will
be posted there
(3) The owner may receive an access-request from a customer who watched that Webpage In
that case the owner may (or may not) creates an access key and provide it to the customer
(free or charged)
28
In this mechanism the most important point is a selective extraction is possible or notWe
have already developed such a selective extraction program to implement the system
114 Media Database systems
In this application area of steganography secrecy is not important but unifying two types of
data into one is the most importantMedia data (photo picture movie music etc) have some
association with other information A photo picture for instance may have the following
(1) The title of the picture and some physical object information
(2) The date and the time when the picture was taken
(3) The camera and the photographers information
Formerly these are annotated beside the each picture in the albumRecently almost all
cameras are digitalized They are cheap in price easy to use quick to shoot They eventually
made people feel reluctant to work on annotating each picture Now most home PCs are
stuck with the huge amount of photo files In this situation it is very hard to find a specific
shot in the piles of pictures A photo album software may help a little You can sort the
pictures and put a couple of annotation words to each photo When you want to find a
specific picture you can make a search by keywords for the target picture However the
annotation data in such software are not unified with the target pictures Each annotation only
has a link to the picture Therefore when you transfer the pictures to a different album
software all the annotation data are lost
This problem is technically referred to as Metadata (eg annotation data) in a media
database system (a photo album software) are separated from the media data (photo data) in
the database managing system (DBMS) This is a big problem
Steganography can solve this problem because a steganography program unifies two types of
data into one by way of embedding operation So metadata can easily be transferred from
one system to another without hitch Specifically you can embed all your goodbad memory
(of your sight-seeing trip) in each snap shot of the digital photo You can either send the
embedded picture to your friend to extract your memory on hisher PC or you may keep it
silent in your own PC to enjoy extracting the memory ten years after If a motion picture
steganography system has been developed in the near future a keyword based movie-scene
retrieving system will be implemented It will be a step to a semantic movie retrieval system
29
12CONCLUSION
In this paper we tried to give an all-round view of steganography both used to exchange
messages and watermarking First we gave an outline of the problem telling also some of the
history of this quickly developing field Then we showed the different techniques invented
from the simplest to the more complex ones trying to evaluate them under many points of
view Major emphasis was put on data hiding in images for the techniques involved are
usually more mature than the corresponding ones for other kinds of informations Image
encoding algorithms can also be representative for manipulation of other types of media like
voice text binary files binary files communication channels etc
The strength of our system resides in the new concept of key image Involving two images
(the cover and the key) in place of only one (the cover) we are able to change the cover
coefficients randomly This opportunity does not give a steganalytic tool the chance of
searching for a predictable set of modifications The proposed approach has many
applications in hiding and coding messages within standard medias such as images or videos
As future work we intend to study steganalytic techniques for ISC and to extend ISC to
mobile video communication
Then we gave an outline of the problems involved with watermarking a field that has come
into light after the development of broadband worldwide digital networks Steganography and
digital watermarking are undergoing a development process similar to that of encryption
Steganographyrsquos niche in security is to supplement cryptography and not to replace it There
is a continuous invention of new techniques for steganography followed by successful
breakings and new improvements of them
30
13REFERENCES
Neil F Johnson Sushil Jajodia George Mason University Exploring
Steganography Seeing the Unseen IEEE Computers February 1998 pp 26-34
W Bender D Gruhl N Morimoto A Lu Techniques for Data Hiding IBM
Systems Journal Vol 35
Ross Anderson Roger Needham Adi Shamir The Steganographic File System 2nd
Information Hiding Workshop 1998
Ross J Anderson Fabien AP Petitcolas On the limits of steganographyrdquo
W Bender D Gruhl N Morimoto and A Lu ldquoTechniques for data hidingrdquo IBM
Syst J vol 35 1996
I J Cox J Kilian T Leighton and T Shamoon ldquoSecure spread spectrum
watermarking for images audio and videordquo in Proc IEEE Int Conf Image
Processing Lausanne Switzerland Sept 1996 vol 111 pp 243ndash246
D Kahn The CodebreakersmdashThe Story of Secret Writing New York Scribner
1967
F Johnson and S Jajodia ldquoExploring steganography Seeing the unseenrdquo IEEE
Computer Mag pp 26ndash34 Feb 1998
B Pfitzmann ldquoTrials of traced traitorsrdquo in Information Hiding First International
Workshop Lecture Notes in Computer Science R Anderson Ed Berlin Germany
Springer-Verlag 1996 vol 1 pp 49ndash64
J R Smith and B O Comisky ldquoModulation and information hiding in imagesrdquo in
Information Hiding First International Workshop Lecture Notes in Computer
Science R Anderson Ed Berlin Germany Springer-Verlag 1996 vol 1174 pp
207ndash226
L M Marvel and C G Boncelet Jr ldquoCapacity of the additive steganographic
channelrdquo submitted for publication
R van Schyndel A Tirkel and C Osborne ldquoA digital watermarkrdquo in Proc IEEE Int
Conf Image Processing 1994 vol 2 pp 86ndash90
R B Wolfgang and E J Delp ldquoA watermark for digital imagesrdquo in Proc IEEE Int
Conf Image Processing Lausanne Switzerland Sept 1996 vol 111 pp 219ndash222
31
- 84 Countermeasures and detection
- Detection of physical steganography requires careful physical examination including the use of magnification developer chemicals and ultraviolet light It is a time-consuming process with obvious resource implications even in countries where large numbers of people are employed to spy on their fellow nationals However it is feasible to screen mail of certain suspected individuals or institutions such as prisons or prisoner-of-war (POW) camps During World War II a technology used to ease monitoring of POW mail was specially treated paper that would reveal invisible ink An article in the June 24 1948 issue of Paper Trade Journal by the Technical Director of the United States Government Printing Office Morris S Kantrowitz describes in general terms the development of this paper three prototypes of which were named Sensicoat Anilith and Coatalith paper These were for the manufacture of post cards and stationery to be given to German prisoners of war in the US and Canada If POWs tried to write a hidden message the special paper would render it visible At least two US patents were granted related to this technology one to Mr Kantrowitz No 2515232 Water-Detecting paper and Water-Detecting Coating Composition Therefor patented July 18 1950 and an earlier one Moisture-Sensitive Paper and the Manufacture Thereof No 2445586 patented July 20 1948 A similar strategy is to issue prisoners with writing paper ruled with a water-soluble ink that runs when in contact with a water-based invisible ink
-
In this mechanism the most important point is a selective extraction is possible or notWe
have already developed such a selective extraction program to implement the system
114 Media Database systems
In this application area of steganography secrecy is not important but unifying two types of
data into one is the most importantMedia data (photo picture movie music etc) have some
association with other information A photo picture for instance may have the following
(1) The title of the picture and some physical object information
(2) The date and the time when the picture was taken
(3) The camera and the photographers information
Formerly these are annotated beside the each picture in the albumRecently almost all
cameras are digitalized They are cheap in price easy to use quick to shoot They eventually
made people feel reluctant to work on annotating each picture Now most home PCs are
stuck with the huge amount of photo files In this situation it is very hard to find a specific
shot in the piles of pictures A photo album software may help a little You can sort the
pictures and put a couple of annotation words to each photo When you want to find a
specific picture you can make a search by keywords for the target picture However the
annotation data in such software are not unified with the target pictures Each annotation only
has a link to the picture Therefore when you transfer the pictures to a different album
software all the annotation data are lost
This problem is technically referred to as Metadata (eg annotation data) in a media
database system (a photo album software) are separated from the media data (photo data) in
the database managing system (DBMS) This is a big problem
Steganography can solve this problem because a steganography program unifies two types of
data into one by way of embedding operation So metadata can easily be transferred from
one system to another without hitch Specifically you can embed all your goodbad memory
(of your sight-seeing trip) in each snap shot of the digital photo You can either send the
embedded picture to your friend to extract your memory on hisher PC or you may keep it
silent in your own PC to enjoy extracting the memory ten years after If a motion picture
steganography system has been developed in the near future a keyword based movie-scene
retrieving system will be implemented It will be a step to a semantic movie retrieval system
29
12CONCLUSION
In this paper we tried to give an all-round view of steganography both used to exchange
messages and watermarking First we gave an outline of the problem telling also some of the
history of this quickly developing field Then we showed the different techniques invented
from the simplest to the more complex ones trying to evaluate them under many points of
view Major emphasis was put on data hiding in images for the techniques involved are
usually more mature than the corresponding ones for other kinds of informations Image
encoding algorithms can also be representative for manipulation of other types of media like
voice text binary files binary files communication channels etc
The strength of our system resides in the new concept of key image Involving two images
(the cover and the key) in place of only one (the cover) we are able to change the cover
coefficients randomly This opportunity does not give a steganalytic tool the chance of
searching for a predictable set of modifications The proposed approach has many
applications in hiding and coding messages within standard medias such as images or videos
As future work we intend to study steganalytic techniques for ISC and to extend ISC to
mobile video communication
Then we gave an outline of the problems involved with watermarking a field that has come
into light after the development of broadband worldwide digital networks Steganography and
digital watermarking are undergoing a development process similar to that of encryption
Steganographyrsquos niche in security is to supplement cryptography and not to replace it There
is a continuous invention of new techniques for steganography followed by successful
breakings and new improvements of them
30
13REFERENCES
Neil F Johnson Sushil Jajodia George Mason University Exploring
Steganography Seeing the Unseen IEEE Computers February 1998 pp 26-34
W Bender D Gruhl N Morimoto A Lu Techniques for Data Hiding IBM
Systems Journal Vol 35
Ross Anderson Roger Needham Adi Shamir The Steganographic File System 2nd
Information Hiding Workshop 1998
Ross J Anderson Fabien AP Petitcolas On the limits of steganographyrdquo
W Bender D Gruhl N Morimoto and A Lu ldquoTechniques for data hidingrdquo IBM
Syst J vol 35 1996
I J Cox J Kilian T Leighton and T Shamoon ldquoSecure spread spectrum
watermarking for images audio and videordquo in Proc IEEE Int Conf Image
Processing Lausanne Switzerland Sept 1996 vol 111 pp 243ndash246
D Kahn The CodebreakersmdashThe Story of Secret Writing New York Scribner
1967
F Johnson and S Jajodia ldquoExploring steganography Seeing the unseenrdquo IEEE
Computer Mag pp 26ndash34 Feb 1998
B Pfitzmann ldquoTrials of traced traitorsrdquo in Information Hiding First International
Workshop Lecture Notes in Computer Science R Anderson Ed Berlin Germany
Springer-Verlag 1996 vol 1 pp 49ndash64
J R Smith and B O Comisky ldquoModulation and information hiding in imagesrdquo in
Information Hiding First International Workshop Lecture Notes in Computer
Science R Anderson Ed Berlin Germany Springer-Verlag 1996 vol 1174 pp
207ndash226
L M Marvel and C G Boncelet Jr ldquoCapacity of the additive steganographic
channelrdquo submitted for publication
R van Schyndel A Tirkel and C Osborne ldquoA digital watermarkrdquo in Proc IEEE Int
Conf Image Processing 1994 vol 2 pp 86ndash90
R B Wolfgang and E J Delp ldquoA watermark for digital imagesrdquo in Proc IEEE Int
Conf Image Processing Lausanne Switzerland Sept 1996 vol 111 pp 219ndash222
31
- 84 Countermeasures and detection
- Detection of physical steganography requires careful physical examination including the use of magnification developer chemicals and ultraviolet light It is a time-consuming process with obvious resource implications even in countries where large numbers of people are employed to spy on their fellow nationals However it is feasible to screen mail of certain suspected individuals or institutions such as prisons or prisoner-of-war (POW) camps During World War II a technology used to ease monitoring of POW mail was specially treated paper that would reveal invisible ink An article in the June 24 1948 issue of Paper Trade Journal by the Technical Director of the United States Government Printing Office Morris S Kantrowitz describes in general terms the development of this paper three prototypes of which were named Sensicoat Anilith and Coatalith paper These were for the manufacture of post cards and stationery to be given to German prisoners of war in the US and Canada If POWs tried to write a hidden message the special paper would render it visible At least two US patents were granted related to this technology one to Mr Kantrowitz No 2515232 Water-Detecting paper and Water-Detecting Coating Composition Therefor patented July 18 1950 and an earlier one Moisture-Sensitive Paper and the Manufacture Thereof No 2445586 patented July 20 1948 A similar strategy is to issue prisoners with writing paper ruled with a water-soluble ink that runs when in contact with a water-based invisible ink
-
12CONCLUSION
In this paper we tried to give an all-round view of steganography both used to exchange
messages and watermarking First we gave an outline of the problem telling also some of the
history of this quickly developing field Then we showed the different techniques invented
from the simplest to the more complex ones trying to evaluate them under many points of
view Major emphasis was put on data hiding in images for the techniques involved are
usually more mature than the corresponding ones for other kinds of informations Image
encoding algorithms can also be representative for manipulation of other types of media like
voice text binary files binary files communication channels etc
The strength of our system resides in the new concept of key image Involving two images
(the cover and the key) in place of only one (the cover) we are able to change the cover
coefficients randomly This opportunity does not give a steganalytic tool the chance of
searching for a predictable set of modifications The proposed approach has many
applications in hiding and coding messages within standard medias such as images or videos
As future work we intend to study steganalytic techniques for ISC and to extend ISC to
mobile video communication
Then we gave an outline of the problems involved with watermarking a field that has come
into light after the development of broadband worldwide digital networks Steganography and
digital watermarking are undergoing a development process similar to that of encryption
Steganographyrsquos niche in security is to supplement cryptography and not to replace it There
is a continuous invention of new techniques for steganography followed by successful
breakings and new improvements of them
30
13REFERENCES
Neil F Johnson Sushil Jajodia George Mason University Exploring
Steganography Seeing the Unseen IEEE Computers February 1998 pp 26-34
W Bender D Gruhl N Morimoto A Lu Techniques for Data Hiding IBM
Systems Journal Vol 35
Ross Anderson Roger Needham Adi Shamir The Steganographic File System 2nd
Information Hiding Workshop 1998
Ross J Anderson Fabien AP Petitcolas On the limits of steganographyrdquo
W Bender D Gruhl N Morimoto and A Lu ldquoTechniques for data hidingrdquo IBM
Syst J vol 35 1996
I J Cox J Kilian T Leighton and T Shamoon ldquoSecure spread spectrum
watermarking for images audio and videordquo in Proc IEEE Int Conf Image
Processing Lausanne Switzerland Sept 1996 vol 111 pp 243ndash246
D Kahn The CodebreakersmdashThe Story of Secret Writing New York Scribner
1967
F Johnson and S Jajodia ldquoExploring steganography Seeing the unseenrdquo IEEE
Computer Mag pp 26ndash34 Feb 1998
B Pfitzmann ldquoTrials of traced traitorsrdquo in Information Hiding First International
Workshop Lecture Notes in Computer Science R Anderson Ed Berlin Germany
Springer-Verlag 1996 vol 1 pp 49ndash64
J R Smith and B O Comisky ldquoModulation and information hiding in imagesrdquo in
Information Hiding First International Workshop Lecture Notes in Computer
Science R Anderson Ed Berlin Germany Springer-Verlag 1996 vol 1174 pp
207ndash226
L M Marvel and C G Boncelet Jr ldquoCapacity of the additive steganographic
channelrdquo submitted for publication
R van Schyndel A Tirkel and C Osborne ldquoA digital watermarkrdquo in Proc IEEE Int
Conf Image Processing 1994 vol 2 pp 86ndash90
R B Wolfgang and E J Delp ldquoA watermark for digital imagesrdquo in Proc IEEE Int
Conf Image Processing Lausanne Switzerland Sept 1996 vol 111 pp 219ndash222
31
- 84 Countermeasures and detection
- Detection of physical steganography requires careful physical examination including the use of magnification developer chemicals and ultraviolet light It is a time-consuming process with obvious resource implications even in countries where large numbers of people are employed to spy on their fellow nationals However it is feasible to screen mail of certain suspected individuals or institutions such as prisons or prisoner-of-war (POW) camps During World War II a technology used to ease monitoring of POW mail was specially treated paper that would reveal invisible ink An article in the June 24 1948 issue of Paper Trade Journal by the Technical Director of the United States Government Printing Office Morris S Kantrowitz describes in general terms the development of this paper three prototypes of which were named Sensicoat Anilith and Coatalith paper These were for the manufacture of post cards and stationery to be given to German prisoners of war in the US and Canada If POWs tried to write a hidden message the special paper would render it visible At least two US patents were granted related to this technology one to Mr Kantrowitz No 2515232 Water-Detecting paper and Water-Detecting Coating Composition Therefor patented July 18 1950 and an earlier one Moisture-Sensitive Paper and the Manufacture Thereof No 2445586 patented July 20 1948 A similar strategy is to issue prisoners with writing paper ruled with a water-soluble ink that runs when in contact with a water-based invisible ink
-
13REFERENCES
Neil F Johnson Sushil Jajodia George Mason University Exploring
Steganography Seeing the Unseen IEEE Computers February 1998 pp 26-34
W Bender D Gruhl N Morimoto A Lu Techniques for Data Hiding IBM
Systems Journal Vol 35
Ross Anderson Roger Needham Adi Shamir The Steganographic File System 2nd
Information Hiding Workshop 1998
Ross J Anderson Fabien AP Petitcolas On the limits of steganographyrdquo
W Bender D Gruhl N Morimoto and A Lu ldquoTechniques for data hidingrdquo IBM
Syst J vol 35 1996
I J Cox J Kilian T Leighton and T Shamoon ldquoSecure spread spectrum
watermarking for images audio and videordquo in Proc IEEE Int Conf Image
Processing Lausanne Switzerland Sept 1996 vol 111 pp 243ndash246
D Kahn The CodebreakersmdashThe Story of Secret Writing New York Scribner
1967
F Johnson and S Jajodia ldquoExploring steganography Seeing the unseenrdquo IEEE
Computer Mag pp 26ndash34 Feb 1998
B Pfitzmann ldquoTrials of traced traitorsrdquo in Information Hiding First International
Workshop Lecture Notes in Computer Science R Anderson Ed Berlin Germany
Springer-Verlag 1996 vol 1 pp 49ndash64
J R Smith and B O Comisky ldquoModulation and information hiding in imagesrdquo in
Information Hiding First International Workshop Lecture Notes in Computer
Science R Anderson Ed Berlin Germany Springer-Verlag 1996 vol 1174 pp
207ndash226
L M Marvel and C G Boncelet Jr ldquoCapacity of the additive steganographic
channelrdquo submitted for publication
R van Schyndel A Tirkel and C Osborne ldquoA digital watermarkrdquo in Proc IEEE Int
Conf Image Processing 1994 vol 2 pp 86ndash90
R B Wolfgang and E J Delp ldquoA watermark for digital imagesrdquo in Proc IEEE Int
Conf Image Processing Lausanne Switzerland Sept 1996 vol 111 pp 219ndash222
31
- 84 Countermeasures and detection
- Detection of physical steganography requires careful physical examination including the use of magnification developer chemicals and ultraviolet light It is a time-consuming process with obvious resource implications even in countries where large numbers of people are employed to spy on their fellow nationals However it is feasible to screen mail of certain suspected individuals or institutions such as prisons or prisoner-of-war (POW) camps During World War II a technology used to ease monitoring of POW mail was specially treated paper that would reveal invisible ink An article in the June 24 1948 issue of Paper Trade Journal by the Technical Director of the United States Government Printing Office Morris S Kantrowitz describes in general terms the development of this paper three prototypes of which were named Sensicoat Anilith and Coatalith paper These were for the manufacture of post cards and stationery to be given to German prisoners of war in the US and Canada If POWs tried to write a hidden message the special paper would render it visible At least two US patents were granted related to this technology one to Mr Kantrowitz No 2515232 Water-Detecting paper and Water-Detecting Coating Composition Therefor patented July 18 1950 and an earlier one Moisture-Sensitive Paper and the Manufacture Thereof No 2445586 patented July 20 1948 A similar strategy is to issue prisoners with writing paper ruled with a water-soluble ink that runs when in contact with a water-based invisible ink
-