STEGANOGRAPHY

Steganography is the art and science of hiding information such that only the sender and recipient can read that hidden piece of information. While the cryptography is focussed on making message unreadable, steganography focusses on data hiding and hence combination of both can give better security in most cases.

As mentioned earlier, steganography is the art of hiding information and can be done in many ways. For instance, simplest forms of steganography would be to insert each character of hidden message in the (n)x position of each word in a sentence so that recipient takes the(n)x position letter of each words to reconstruct the message. While this was very basic example, steganography has no bounds and one can hide messages within images, audios, videos, source codes, etc and this involves some sort of creation to increase the obscurity of the hidden message. Wikipedia entry gives far much deeper information on steganography tool and I would like to recommend you to read it.

To make digital steganography easier, numerous tools have been developed and I’m listing some of them here.

1) Hide in Picture: Hide In Picture is a program that allows you to conceal files inside bitmap pictures, using a password. The pictures look like normal images, so people will not suspect there is hidden data in them.

2) wbStego: wbStego4 offers steganography in bitmaps, text files, HTML files and PDF files. It is has two very user-friendly interfaces and is ideal for securely transmitting data online or adding copyright information, especially with the copyright information manager.

3) Hide4PGP: Hide4PGP is a freeware program distributed as source code in ANSI C and precompiled executables for DOS (any version but 1.x), OS/2 (Warp and up), and the Win32 console (9x and NT). It’s purpose is to hide any data in a way that the viewer or listener does not recognize any difference. It supports BMP, WAV and VOC file formats.

4) MP3Stego: Hide files within mp3 files. MP3Stego will hide information in MP3 files during the compression process. The data is first compressed, encrypted and then hidden in the MP3 bit stream.

5) TextHide: Simple text steganography

6) GifShuffle: gifshuffle is used to conceal messages in GIF images by shuffling the colourmap, which leaves the image visibly unchanged. gifshuffle works with all GIF images, including those with transparency and animation, and in addition provides compression and encryption of the concealed message.

7) Snow: snow is used to conceal messages in ASCII text by appending whitespace to the end of lines. Because spaces and tabs are generally not visible in text viewers, the message is effectively hidden from casual observers. And if the built-in encryption is used, the message cannot be read even if it is detected.

8) Camouflage: Camouflage allows you to hide files by scrambling them and then attaching them to the file of your choice. This camouflaged file then looks and behaves like a normal file, and can be stored, used or emailed without attracting attention.

9) OpenPuff: OpenPuff is a professional steganography tool, with unique features you won’t find among any other free or commercial software. OpenPuff is 100% free and suitable for highly sensitive data covert transmission. Its very advanced tool with support to images, audios, videos, flash, adobe.

10) SteganRTP: Steganography tool which establishes a full-duplex steganographic data transfer protocol utilizing Real-time Transfer Protocol (RTP) packet payloads as the cover medium. The tool provides interactive chat, file transfer, and remote shell access. A network steganographic tool.

Advertisements

About ₪

The Future Is NOT What It Used To Be
This entry was posted in Social and tagged . Bookmark the permalink.

One Response to STEGANOGRAPHY

  1. says:

    Cryptography mostly concerns itself with secure communications and includes hiding information from adversaries and authentication of individuals.
    Hashes, asymmetric encryption, and symmetric encryption are often used together to allow for secure communications. In popular cryptographic systems, like PGP, OTR, and VPNs, different algorithms are often used together, including:
    Hash functions that allow us to identify files, text, and keys conveniently
    Asymmetric encryption functions to securely exchange encryption keys over insecure channels
    Symmetric encryption functions to efficiently encrypt large amounts of data
    Key exchange functions to securely negotiate encryption keys over insecure channels
    Zero-knowledge proofs are encryption schemes used to prove that you know something without revealing the what it is. For example, you can show without a doubt that you know the answer to a puzzle without actually disclosing the solution.
    Zero-knowledge proofs are still relatively new and have only found a common use-case recently in cryptocurrencies.
    Interactive zero-knowledge proofs
    Interactive zero-knowledge proofs require interaction between the individual (or computer system) proving their knowledge and the individual validating the proof.
    The system creates one additional interesting characteristic for a zero-knowledge proof: Not only are you proving you know something without disclosing what you know, but you are also just revealing it to the individual with which you interact. Somebody who merely observes you will not be able to verify your claim.
    Though this is good for additional privacy, it can also come with considerable extra effort and cost when trying to prove something to multiple individuals.
    How zero-knowledge proofs work
    The situation:
    Imagine an odorless, tasteless, and colorless poisonous liquid that looks and feels exactly like water. What if someone places this glass next to an identical glass full of water? You have no way of distinguishing the two liquids from each other. Indeed, you may not even know they are different from each other.
    The claim:
    Somebody claims they have an extraordinary vision that allows them to tell the two glasses apart. They do not want to tell you which is which, though. How can you verify their claim without finding out which glass is poison, and which is water?
    The proof:
    You (the verifier) blindfold the person that claims to tell the two glasses apart (the prover) and randomly decide to switch the glasses or not. After the removing the blindfold, you ask the prover if the glasses have changed position.
    If they really can easily tell the two liquids apart, they will be able to tell you if they have switched places. Otherwise, they will be wrong with a 50% chance.
    If you then repeat the experiment, the prover(if they are only guessing) will be wrong with a cumulative 75% chance.
    After repeating the test 10 times, if the prover is correct each time, there is already a 99.9% chance they did not guess, and it’s likely that they do indeed have a way to distinguish the two glasses. After repeating the test n times:
    1 – 0.5^n *100%
    Of course, our example here has a few practical weaknesses. They could be security cameras or motion sensors installed, but in the abstract world of mathematics, we can be sure.
    Why zero-knowledge proofs work
    You, the verifier, can now be convinced with 99.9% certainty that the other person really does have a way of identifying the glasses, though you still don’t know which glass is full of poison, and which one is full of water.
    Somebody who observed you and the prover, however, is not convinced. In theory, the verifier and the prover could have colluded with each other and put on a show with predetermined moves.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s