"One of the best ways to get yourself a reputation as a dangerous citizen these days is to go about repeating the very phrases which our founding fathers used in the great struggle for independence." --Charles Austin Beard
EDIT: Sorry about the images, you'll need to copy & paste into the browser.. the IMG tag doesn't work. Maybe I can get a ZIP file up here at some point...
Steganography is "the art and science of writing hidden messages in such a way that no one, apart from the sender and intended recipient, suspects the existance of the message". Anyone who is interested in cryptography and/or history has probably heard of the ancient Greeks who used various physical methods to hide messages: one common story is of messengers engraving secrets on a wooden tablet which was then covered in wax. Anyone who stopped the messanger to inspect his posessions simply saw a blank wax-covered tablet, or a wax-covered tablet with mundane information. Upon arrival at his destination, the recipient would scrape the top layer of wax off, revealing the message hidden underneath. Another method was to write the secret message on the shaved head of a messanger, and then wait until his hair grew back. This obviously took quite a while, but it was normal for messages to take days or weeks to arrive during that time. Another example with which we're all probably familiar with is invisible ink. The Revolutionary War-era Culper spy ring was known to use this technique, and according to all accounts that I've read, invisible ink is still used today in intelligence circles.
I should also distinguish cryptography from steganography with a couple thoughts:
1) Steganography hides text in plain sight, while cryptography scrambles plaintext (original message) into ciphertext (coded message)
2) Even though a message is hidden, you should always encrypt it as well (my opinion, anyway)
3) Every once in a while, you'll hear someone distinguish between a "code" and a "cipher". In the cryptography world, they're two different things, but are basically the same for purposes of this article.
4) You can easily hide messages in digital images with the most basic software out there (Hex editors, MS Paint, etc)
5) Other media types lend themselves to steganography, too. Messages can be hidden in audio/video files, or even plain text!
6) US government bureaus are well aware of the use of steganography, and there are fancy programs out there to detect steganography in various files.
If you're wondering why that list was unnecessarily long and perhaps even a bit random, take a look at the first capital letter of each item, including the "I" in the first sentance. That's another method of steganography, with a popular example being Lewis Carrol (of Alice in Wonderland fame). He often hid messages in his poems, using the first (or last) letter in each line.
Now that I've bored you with a very brief history and introduction, now on to the modern-day application of stegnaography in digital images. There are several different techniques that I'll discuss here, and as long as you're creative, I'm sure you can come up with a few of your own.
1. Hiding the text in the image
This is a very basic technique. Take a look at the image you see here, then download it to your computer and open it with any image editing software. You don't need anything fancy for this - MS paint will do. It looks like a normal Starbucks logo, but I used the eyedropper tool to find the RGB value of the green border, then increased the "Green" value from 94 to 100. Go ahead, open it up in paint. Now, take the paint bucket tool (or whatever your program uses to fill an area), choose "White", then fill the green border. You should see a message appear:
This works well for short messages, or images with a single background color. You can use it on more complex images, but you'll have to re-color each letter to match the background.
What are RGB values, you ask? Well, the computer uses varying levels of the three primary colors for light (Red, Green, Blue). The values for each range from 0-255, indicating the level of each color. (In HTML/CSS, you'll see these as hexidecimal values, which is just the RGB values translated from decimal to hex.) A value of all zeros (0-0-0, or #000000) is black, and values of 255-255-255 or #FFFFFF are white. (As a side note, whenever the values are all equal, you'll get a shade of gray.)
The RGB values play a role in our next method: LSB replacement.
2. Least-significant bit replacement
LSB replacement is probably the most popular method for steganography. Why? Because it's simple, efficient, and easy to do! For the casual user, I recommend looking into QUICK STEGO. It's free, lightweight, and does the job well for basic purposes. You can also skip the math and technical stuff that follows. For a technical article on one program's methodology, see: http://www.csjournals.com/IJCSC/PDF1-2/24..pdf
For anyone still reading, LSB begins with taking the binary equivalent to the RGB value. Let's use MS Paint's standard "red" color (237-28-36) or #ED1C24. Open up Calculator (Windows), and select "Programmer" from the "View" menu. Enter 237 in decimal mode, then change to binary (8 digits). Repeat for 28 and 36. You should get:
11101101 00011100 00100100 **Note that I padded the leading zeroes for 28 and 36 to make 8 bits (or one byte).
Let's take a breather here. A byte is made up of 8 bits, with a bit being either a 1 or 0. Since we have three bytes (or 3x8 bits), we are using 24-bit color.
Now from this point on, each stego program uses their own method of encryption. I'm going to encode "X", using the unicode value 58 (111010).
Now, we're going to take the LEAST SIGNIFICANT BIT(s) - which are the ones on the right in each byte, and replace the last two bits with our message.
11101101 00011100 00100100 -- Initial RGB values
------11 ------10 ------10 -- Unicode Character 58, in binary format
11101111 00011110 00100110 -- New RGB values
239 30 38 239-30-38 (RGB)
EF 1E 26 #EF1E26 (Hex)
Compare these values to the originals: (237-28-36) or #ED1C24... it's not a difference that can be noticed to the human eye when done on one pixel only. In the image here, you'll see the "standard red" background, with the random circles in our "coded red" color. Yes, the difference is noticible, but again - you would only be doing this in one pixel. Now try and find that one stray pixel that's been encoded.
Now, if we were to continue to encode this manually, we would have to:
1) Translate each character of our message into ASCII, Unicode, etc, then to binary
2a) Figure out which pixels to perform the operation on (lets say every 7th pixel)
2b) Calculate the binary value for each pixel
3) Complete the LSB replacement
4) Re-color the pixel to match the value in step 3
To decode, we would:
1) Use the eyedropper tool to get the RGB value of every 7th pixel, calculate the binary value, and take the two last digits.
2) Re-compose the values from step 1 into a single value
3) Translate from binary to decimal
4) Look up the equivalent value (ASCII/Unicode)
5) Put the message back together again
This method I've just described is a painstakingly tedious method, and probably not useful for all intents and purposes. But you get the basic idea. As I said before, each program has their own algorithm, and several use logical operators on the different bits. That being said, most stego programs will only decode certain algorithms, and for best results both sender and recipient should use the same program.
3. USING A HEX EDITOR
Assuming you have an image of a suitable size and complexity, this is a pretty quick method. Simply open the file in a hex editor, scroll down until you find the random characters, and type your message. "Save As" another image, and make sure you didn't trash the file by over-writing something important. See the two lighthouse pictures for an example. If you compare the two, you'll notice a difference in the far bottom-right corner, due to overwriting image data with the hex editor. Take notice of the smiley face picture - I wrote a message using a hex editor, and screwed the image up pretty good!
If you are suspecting a hidden message, it's pretty much a dead giveaway. But suppose you uploaded the lighthouse picture to your favorite social media webiste - I'm willing to bet that most of your friends wouldn't think twice about the little blotch on the bottom (if they even notice it!).
Cast your vote on this article 10 - Highest, 1 - Lowest
Comments: Published: 11 comments.
HackThisSite is is the collective work of the HackThisSite staff, licensed under a CC BY-NC license.
We ask that you inform us upon sharing or distributing.