Steganography Tutorial – Image & Concept

Steganography is a good replica of Cryptography and in some situation steganography is seems to be a best idea than cryptography, we have already discussed the basis of them and their advantages from the point of Information security. In this article I will discuss the working mechanism of steganography.







How
steganography is smart and strong than cryptography?


I
think most of the point of this question has been discussed above
that steganography is smart than cryptography because:
  • It
    does not need any key distributor
  • It
    seems to be a simple communication


What is the
working mechanism of steganography?


There
is no need of a key in steganography this is the general way to
explain or this is the pure steganography but we have different sort
of steganography and some of them need a key, means:


  • Public
    and private key based steganography


The
general working mechanism has been discussed above but there are
different sort and different way to implement steganography and each
way (method) has different working mechanism.
Digital
and modern steganography can be implemented on:


  • Text
    file
  • Images
  • Audio
  • Video
  • Web
    content (protocols)


Text
based steganography is the most famous method of steganography, the
rule is to hide the secret message into to redundant of nth word,
same as the compression method. Secret data means the message that
you want to hide while the covered data means a carrier or a
container that convey the secret data. The final data can be called
stego data. There are mainly three types of steganography:


  • Pure
    steganography (no key)
  • Public
    key steganography
  • Private
    key steganography


Key
has been involved in steganography to increase the level of security,
in pure steganography both parties has to understand that the message
could contain a secret data. There are different sort of
steganography techniques and algorithms has been developed but the
most famous and applicable rule is to hide the message into LSB
(least significant bit), images seems to be best way to use as
steganography because they contain more redundant bits, images are
more popular in steganography subject.
Web
content and protocol steganography means to hide the data into some
protocols of OSI layer model, for example hide your data into TCP/IP
stream.

Image Based
Steganography


To
understand the image based steganography we need to understand the
concept of a digital image. Images are the combination of width and
hight (W*H) that becomes pixel images are based on 8-bit or 24-bit
color combination, if we discuss about 8-bit color than there would
256 colors formed an image because of the basic binary calculation
(2^8= 256). A 24-bit color pattern is more complex and provide more
colors in this case each pixel represent 3 bytes remember 1 byte
contain 8-bits and each byte represent a combination of color that is
RGB (Red, Green and Blue). Let suppose an image has a size of 1200 *
800 pixel than 1200 x 800= 960,000 pixel so for 24-bit scheme that
contain 3 bytes it would become 960,000 x 3 =28,80000 bytes and 1
byte consist of 8 bits so 2880000 x 8 = 23040000 bits


Now
we have calculated that an image of 1200 * 800 pixel is based on
23040000 bits, remember this number is in decimal form we need to
convert it on binary for the depth analysis. So the binary of this
bits would be 0001010111111001000000000000


So
what is the method to hide a message into an image? By using the
above calculation method we can easily get the binary of an image
right side of the binary is called least significant bit (LSB)
because it contain less information while the left side top most is
called most significant bit (MSB) because it contains most of the
information. So the point is that if we replace the LSB (Least
significant bit ) with some other bit that contain some other
information this method does not affect the shape of the image
because we replace LSB that does not contain much information. Lets
consider an example:


Suppose
we have a 16 byte of data:


00110101
00101100 11001001 10010111
00001110
11001011 10011111 00010001


10010111
00000000 11001001 01010110
10101010
01001010 10010100 10000101


Now
we want to hide
Hi in
this bytes, method is simple first of all we need to get the binary
equivalent of word
Hi we
can get the binary by using ASCII to binary conversion and binary of
Hi is


0100100001101001
Put
each bits on the LSB of above bytes:


00110100
0010110
1
1100100
0
1001011
0
00001111
1100101
0
1001111
0
0001000
0


10010110
0000000
1
1100100
1
0101011
0
10101011
0100101
0
1001010
0
1000010
1


We
have successfully hide the word
Hi
into
this bytes.


Steganography
Tutorial

There
has been numerous development made by different researcher and
programmer in steganography, now there are so many tools are
available for image based and audio/video based steganography some
tools are commercial and some are open source means free of cost.
Stepic
is among those tools that are available free of cost, stepic is a
script that is based on python or stepic is python image
steganography.


If
you are using Debian or Ubuntu than you can get stepic by using your
terminal, on the terminal type:
sudo
aptitude install python-stepic


The
alternate way to get stepic is to download from official
website,
let suppose we have an image and a text file and we want to hide this
text into the image so that we can send this secret message to its
destination. Stepic can easily hide the text into image.
Image before process

stepic
-e -i real-image.png -t secretmsg.txt -o stego-image.png

 

Image after process

At
the receiver side we need to retrieve the secret message from this
image, stepic also give you an option to decode an image. The command
will like this:




stepic
-d -i stego-image.png

 



The next part of this article will be publish soon, do not forget to share it.
 

Note: If you want to learn more about Linux and Windows based Penetration testing, you might want to subscribe our RSS feed and Email Subscription  or become our Facebook fan! You will get all the latest updates at both the places.
Ehacking Staff
With more than 50 global partners, we are proud to count the world’s leading cybersecurity training provider. EH Academy is the brainchild of Ehacking, which has been involved in the field of training since the past Five years and continues to help in creating professional IT experts.

Most Popular

Top 10 things to Do After Installing Kali Linux

Kali Linux is considered to be one of the best hacking distribution of this era, it is developed by Offensive Security to give an...

Become a spy in your own right with Xnspy Android spying app

Having become widely popular among parents and employers, spying apps have become quite the norm nowadays. Android spying apps have made it a lot...

e-Services Portals Potentially Expose Government Infrastructure to File-based Attacks

More and more users are embracing technology to perform their day-to-day activities. It’s not only private businesses that are forced to establish digital channels...

What is Nmap? How to use Nmap for Information Gathering

Nmap stands for Network Mapper, a powerful network scanning and host detection tool that is being used to perform reconnaissance in a very first...