Steganography Tutorial - Image & Concept

Steganography is a good replica of Cryptography and in some situation steganography is seems to be a best idea than cryptography, we have already discussed the basis of them and their advantages from the point of Information security. In this article I will discuss the working mechanism of steganography.

How steganography is smart and strong than cryptography?

I think most of the point of this question has been discussed above that steganography is smart than cryptography because:
  • It does not need any key distributor
  • It seems to be a simple communication

What is the working mechanism of steganography?

There is no need of a key in steganography this is the general way to explain or this is the pure steganography but we have different sort of steganography and some of them need a key, means:

  • Public and private key based steganography

The general working mechanism has been discussed above but there are different sort and different way to implement steganography and each way (method) has different working mechanism.
Digital and modern steganography can be implemented on:

  • Text file
  • Images
  • Audio
  • Video
  • Web content (protocols)

Text based steganography is the most famous method of steganography, the rule is to hide the secret message into to redundant of nth word, same as the compression method. Secret data means the message that you want to hide while the covered data means a carrier or a container that convey the secret data. The final data can be called stego data. There are mainly three types of steganography:

  • Pure steganography (no key)
  • Public key steganography
  • Private key steganography

Key has been involved in steganography to increase the level of security, in pure steganography both parties has to understand that the message could contain a secret data. There are different sort of steganography techniques and algorithms has been developed but the most famous and applicable rule is to hide the message into LSB (least significant bit), images seems to be best way to use as steganography because they contain more redundant bits, images are more popular in steganography subject.
Web content and protocol steganography means to hide the data into some protocols of OSI layer model, for example hide your data into TCP/IP stream.

Image Based Steganography

To understand the image based steganography we need to understand the concept of a digital image. Images are the combination of width and hight (W*H) that becomes pixel images are based on 8-bit or 24-bit color combination, if we discuss about 8-bit color than there would 256 colors formed an image because of the basic binary calculation (2^8= 256). A 24-bit color pattern is more complex and provide more colors in this case each pixel represent 3 bytes remember 1 byte contain 8-bits and each byte represent a combination of color that is RGB (Red, Green and Blue). Let suppose an image has a size of 1200 * 800 pixel than 1200 x 800= 960,000 pixel so for 24-bit scheme that contain 3 bytes it would become 960,000 x 3 =28,80000 bytes and 1 byte consist of 8 bits so 2880000 x 8 = 23040000 bits

Now we have calculated that an image of 1200 * 800 pixel is based on 23040000 bits, remember this number is in decimal form we need to convert it on binary for the depth analysis. So the binary of this bits would be 0001010111111001000000000000

So what is the method to hide a message into an image? By using the above calculation method we can easily get the binary of an image right side of the binary is called least significant bit (LSB) because it contain less information while the left side top most is called most significant bit (MSB) because it contains most of the information. So the point is that if we replace the LSB (Least significant bit ) with some other bit that contain some other information this method does not affect the shape of the image because we replace LSB that does not contain much information. Lets consider an example:

Suppose we have a 16 byte of data:

00110101 00101100 11001001 10010111
00001110 11001011 10011111 00010001

10010111 00000000 11001001 01010110
10101010 01001010 10010100 10000101

Now we want to hide Hi in this bytes, method is simple first of all we need to get the binary equivalent of word Hi we can get the binary by using ASCII to binary conversion and binary of Hi is

Put each bits on the LSB of above bytes:

00110100 00101101 11001000 10010110
00001111 11001010 10011110 00010000

10010110 00000001 11001001 01010110
10101011 01001010 10010100 10000101

We have successfully hide the word Hi into this bytes.

Steganography Tutorial

There has been numerous development made by different researcher and programmer in steganography, now there are so many tools are available for image based and audio/video based steganography some tools are commercial and some are open source means free of cost. Stepic is among those tools that are available free of cost, stepic is a script that is based on python or stepic is python image steganography.

If you are using Debian or Ubuntu than you can get stepic by using your terminal, on the terminal type:
sudo aptitude install python-stepic

The alternate way to get stepic is to download from official website, let suppose we have an image and a text file and we want to hide this text into the image so that we can send this secret message to its destination. Stepic can easily hide the text into image.

Image before process

stepic -e -i real-image.png -t secretmsg.txt -o stego-image.png


Image after process

At the receiver side we need to retrieve the secret message from this image, stepic also give you an option to decode an image. The command will like this:

stepic -d -i stego-image.png


The next part of this article will be publish soon, do not forget to share it.

Note: If you want to learn more about Linux and Windows based Penetration testing, you might want to subscribe our RSS feed and Email Subscription  or become our Facebook fan! You will get all the latest updates at both the places.
Steganography Tutorial - Image & Concept Reviewed by Ethical Hacking on 11:53 AM Rating: 5

No comments:

Feel free to ask questions, we love to respond.

All Rights Reserved by The World of IT & Cyber Security: © 2014 - 2015
Powered By Blogger, Designed by Sweetheme

Contact Form


Email *

Message *

Powered by Blogger.