2. My Dilemma:
The Beginning
• My friend Mark is very interested in the e-
book market. E-books are sold over the
internet for anywhere from $2 to $500
• E-books usually are distributed as PDFs,
sometimes password-protected, and
sometimes in proprietary formats that
require a special reader and password
3. My Dilemma:
WTF, PDF
• Passwords can be cracked using brute-force
methods with cheap software on the
internet
• Raster images from e-books delivered
through proprietary readers can be
captured via screenshots and bundled as
unlocked PDFs
4. My Dilemma:
Yarr.
• Unlocked PDFs can be pirated with
increasing ease due to the advent of P2P
technologies such as BitTorrent
• Although a long-term solution may be to
find alternative, piracy-friendly economic
models, this is a problem!
5. My Dilemma:
A Idea Springs Forth
• What you need to do is code the
information so that you have a unique way
of identifying a signature, while at the same
time not significantly shift the information
any way (as to avoid arousing suspicion)!
The text itself (content) must be structured
in a way that you can infer extra
information: a signature
• The signature will be the id of the
purchaser
6. Surprise!
• Apparently I’m not the first
person to consider this problem
• Steganography is the art and science of writing
hidden messages so that none but sender and
recipient realize there is a hidden message
7. F.Y.I.; BTW
• Cryptography (not the same thing)
obscures the meaning of a message
without concealing the message
This is Bill Nye the Science Guy. I was going for a
itself
“Did you know that?...Now you know!” vibe
9. Cryptography
Quick Tangent
• Message can be plaintext and then
converted into ciphertext for added
security before it becomes stegotext
• This requires an encryption algorithm
10. Humanity and HVS
• Most steganography methods take
advantage of human psychology and the
human visual system.
• Think “Change blindness”
11. Covertext
• A covertext can be anything if you’re clever
enough about it. We’ll look at ways to be
clever with a few different types of media.
• text (.doc, .txt, .html, newspapers)
• images (pictures, periods)
• sounds (.mp3, radio transmissions)
• human being
12. Text
• Line shifting (as little as .003 in.)
• Word shifting (spaces between words)
• Change features of characters (b, d, T, i, etc.)
• Ordering (xml)
• Word choice (esp. spam messages!)
• Words map to a dictionary
• nth character significant
• Problem: easy to normalize text
13. Images
• LSB encoding: least significant bit. 3 bits
available for 24-bit images, 1 bit available for
8 bit images (R - 255, G - 255, B - 255)
• You can do this without the HVS detecting,
but it is very vulnerable to attacks as simple
as changing formatting from GIF to JPEG
14. Images
LSB Encoding Example
• Host pixel: 10110001
• Secret pixel: 00111111
• New Image pixel: 10110011
• Transform 10110011 into 00110000
• Uses only 4 bits, fairly low loss for host
and secret
15. Images
LSB Encoding Outcome
• Changing the
number of bits used
has an effect on
quality of both the
original and secret
image
• The sweet spot may
be around 4 bits
16. Images
You’d Never Expect It
• Microdot techniques take an image and
reduce it to the size of a grammatical unit
such as a period. Any arbitrary covertext
can be used as long as it contains periods.
• J. Edgar Hoover described their use as “the
enemy’s masterpiece of espionage”
17. Images
Other Techniques
• Embed a digital watermark
• Direct Cosine Transformations
• This extends the data of the original image
as opposed to hiding information inside the
data
• Scatter black pixels, disguised as noise, in
even or odd blocks
18. Sound
Fun Techniques
• Binary data can be encoded as noise, but
recognized with a proper decoding key
• Encoding data in mp3 files requires you to
store data in the parity bit during the
compression process
• decompress and read all parity bits
19. Human Being
• 1. Shave the head of a human being,
preferably a slave
• 2. Tattoo a message on his head
• 3. Wait for the hair to grow back
20. Defeating Steg
Steganalysis
• Color histogram, eliminate spikes
• Bitmap images and near-duplicate colors
• color table, LSB creates dupes, arouses
supicion
21. Defeating Steg
The Battle
• Anticipate with inverse transformations
• Error correcting codes, redundancy
• Normalize the image
• Change the format
• D+W+W’
22. Defeating Steg
StirMark
• StirMark applies geometric
distortions, a random low
frequency deviation based around
the center of the image, and a
transfer function to introduce
error into all the sample values
• The change in the image is nearly
impossible to detect but any
watermark is likely destroyed
23. The Bottom Line
• Steganography is useful but has its
drawbacks
• Normalization, confusion
• Best when combined with cryptography
24. My Dilemma:
Proposed Resolutions
• Subtle changes in the spacing of the image
might be possible to detect using a diff
program, or by comparing the hashes of
two instances of a copyrighted e-book
• They could be defeated by scanning the
text, normalizing it, and binding it as a plain
PDF
• Change kerning to interfere with OCR
25. The Media
• Al Qaeda rumors: eBay, pornography
• Pedophiles using stego to hide their images
26. Remember the picture
on the front page?
• I didn’t think so.
• (Maybe you did; after all, this was a
presentation about steganography and it
may have appeared pretty conspicuous...)
27. Catty Title
• If you remove all but the last 2 bits of every
color component in the first image, you get
an almost completely black image.
You weren’t expecting this, were you.
• When you make it 85 times brighter,
though, kittens start to purr.
28. Conclusions:
The Future been Stego
• It probably would have of more
appropriate to have a space-age
stegosaurus for the picture, but whatever
• Criticism: “it only works when nobody
expects it”
• New techniques being researched
• DNA
• Sometimes the best place to hide
something may be in plain sight