Author: Mikael Vingaard
You need two files in order to use steganography. The first one is the innocent-looking file, called the “cover file.” A cover file can be in many graphical or audio file formats, such as
The second file is the secret file you want to hide in to the cover file. There are no restrictions on the file format of the secret file.
Cover file formats are often associated with large files sizes, which is important in getting steganography to work properly. To hide a secret text of 200KB, the cover file must often be at least 1MB in size. Most stego applications will deliver a warning if the cover file size is too small to effectively hide the secret text.
A successful steganography file must never raise any alarms when a person looks or listens to the file with the embedded secret file. Without such an alarm, detailed inspection is rare; how often does you inspect the attachments your corporate firewall handles?
Steghide
Steghide is an open source steganography program for Windows and Linux that can hide data in image and audio files. The current version 0.5.1 offers compression, encryption, and an integrity check of the embedded data.
To use Steghide to embed the file secret.txt into example.bmp, you’d use the following command:
$ steghide embed -cf example.bmp -ef secret.txt Enter passphrase: Re-Enter passphrase: embedding "secret.txt" in "example.bmp.". done
The -cf argument specifies the cover file and -ef the embedded file.
The default encryption algorithm is AES/Rijndael with a keysize of 128 bits. However, if you want another encryption algorithm, you can run the steghide encinfo command to see all supported encryption algorithms.
If you have received a cover file that contains a file that has been embedded with Steghide, use the extract command to reveal the hidden file with an -sf argument:
$ steghide extract -sf example.bmp Enter passphrase: wrote extracted data to "secret.txt."
These are just basic examples of how to use Steghide. You can read the project’s documentation to learn about several other useful commands.
mp3stego
MP3Stego is another open source steganography program that uses
To embed the file secret.txt into stego.mp3 using stego.wav as input, go to the Start menu, choose run, and enter cmd to bring up a command-line window. Then use the command:
encode -E secret.txt -P password stego.wav stego.mp3
To decode the file, run:
decode -X -P password stego.mp3
It is virtual impossible to hear that any different between the normal audio file and the same file with steganography embedded.
It’s difficult for IT security staff to detect steganography in action. Only a few products are available to detect stego, and most products can detect it only when it’s embedded in
Conclusion
As we often see with security tools, steganography can be used for either a good or a bad purpose. A good use might be a system administrator embedding a list of passwords for various Web sites and services in a holiday picture. It can also be used to secure and enforce copyrights for an individual by placing a hidden mark in a file. This technique is often referred to as “digital watermarking.” However, steganography can also be use to smuggle highly confidential data out of your company disguised as innocent pictures.
Now might be a good time to familiarize yourself with steganography tools and techniques before you find them used in unacceptable ways on your network.
