Pixels are Fun
This entry will contain information on pixels and color gradient, as soon as I retrieve my notes from work.
In the meantime, graphics:
« September 2009 | Main | November 2009 »
October 31, 2009
Pitfalls of Steganography
There are many drawbacks to using steg files to communicate covertly.
First, easy to use, easy to find freeware is also easy to detect. Many programs, like F5, leave telltale signs of being an altered file like a signature in the code. Good steg programs (ie the ones you pay for) will make headers and footers match the file, and conceal the changes made to the file.
Second, some steganography software may also degrade the quality of the file, especially audio and video files. This isn’t as common with static digital images, because it is easy to insert a payload into this type of channel.
Third, as the FBI’s Overview of Steganography for Computer Forensics Examiners points out, steganography hides the covert message but not the fact that two parties are communicating with each other. If two parties wanted to convey a message covertly, they still must devise an innocuous excuse for their need to communicate, which may not be enough to exclude their communication from being identified as candidates for steg. Thus steganography may not be suitable for groups requiring totally anonymous communication, like terrorists.
Finally, this highlights a fundamental problem of steganography; the problem of hiding in plain sight. Steganography derives its security from obscurity. Meaning payloads are hidden among millions of other innocuous looking digital pictures online. It is unlikely that an adversary would stumble onto the exact location of a steg file and also recognize it as something other than what it appears to be. It is the equivalent of hiding a blade of grass in Nebraska or a piece of paper in the Library of Congress. The likelihood of someone finding it and recognizing it as unusual is nil. However, if an adversary knew where to look, or that files uploaded by a certain username were suspect, then steganography would lose much of its security.
October 25, 2009
The Media's Take on Steganography
Following the terrorist attacks of 9/11, many journalists and national security commentators speculated (perhaps prematurely) that al-Qaeda had used steganography, or steg, to communicate with one another and coordinate attacks. I’d like to explore this idea in subsequent blog posts. Several newspaper articles in the past eight years have investigated this theory, while many other journalists and subject matter experts have countered the idea.
USA TODAY: Terror groups hide behind Web encryption
http://www.usatoday.com/tech/news/2001-02-05-binladen.htm
The USAToday article contains many logical leaps and stretches of the imagination. For example, it mentions Al-Qaeda’s purchase of computers with funds raised through charity.
“U.S. officials say bin Laden’s organization, al-Qaeda, uses money from Muslim sympathizers to purchase computers from stores or by mail.”
“All the Islamists and terrorist groups are now using the Internet to spread their messages.Hamas, Hezbollah and bin Laden’s groups have very sophisticated, well-educated people. Their technical equipment is good, and they have the bright, young minds to operate them.”
Smart people using the Internet and an interest in purchasing laptops do not indicate an understanding of steganography, or its widespread use to communicate covertly.
Furthermore, the evidence relied upon in the article comes from mid-level US officials commenting on the usefulness of steg as a tool and the possible effects of its adoption by organizations like. al-Qaeda.
This article and others like it make it difficult to determine if the US Government has concrete examples of the regular use of steg to facilitate terrorist activities or if it is just another possibility proposed by academics and cubicle dwellers at the NSA.
On a side note, this quote is a great example of journalism giving credence to alarmists and doomsayers in order to scare their audience:
“You very well could have a photograph and image with the time and information of an attack sitting on your computer, and you would never know it,” Venzke says. “It will look no different than a photograph exchanged between two friends or family members.”
This article makes it seem like al-Qaeda has stolen your family vacation photos and hidden the blueprints for their next attack inside them.
October 24, 2009
How does Steganography work?
I interviewed a friend at the NSA to help me understand how content can be added to files in a covert way without noticeably changing or degrading the original. I also asked about the government’s use of steganalysis and academic work on steganalysis, more on that topic in subsequent posts.
Understanding steganography requires at least a cursory knowledge of mathematics, binary, and the characteristics of popular file types like jpeg. Using steg to convey information covertly doesn’t require any of this. Google and wikipedia have more than enough information to help even the least technical person encrypt a file.
Insert more later…. left my notes at work….
Channels: The easiest channel for creating steg files is static digital images. JPEGs, for example, are large files with a great deal of repetitive content. Audio, video, and text files are more difficult to encrypt without noticeably degrading the file. One technique for adding steg to audio files adds covert information to the background or “white noise” on an original audio file. While encrypting audio, video, and text files is more difficult, fewer techniques exists for detecting steg files using these channels.
October 17, 2009
Types of Steganography
Steganography can be divided into categories by the kind of technique used to encrypt a message, as demonstrated by this handy chart found in the FBI’s Overview of Steganography for Computer Forensics Examiner:
Technical Steg: uses methods like invisible ink and microdots to hide a message
Linguistic Steg: hides a message in a nonobvious way like within another file
Semagrams: hiding a message using signs or symbols that look innocuous
Open Codes: hiding a message in a legitimate looking carrier, sometimes called overt communication
Jargon Code: communicating using language that is meaningless to outsiders but is understood by those intended to receive the message.
Covered Ciphers: hides a message openly so that anyone aware of its existence or how to decrypt it can recover the message.
For this blog, I’m focusing on linguistic steganography using open codes, which may or may not be further encrypted using jargon code or covered ciphers.
October 15, 2009
Definitions
In 2006, the National Science and Technology Council published the Federal Plan for Cyber Security and Information Assurance Research and Development which included a section called “Detection of Hidden Information and Covert Information Flows.” It explores the potential use of stenography for transmitting encoded messages which are extremely difficult to detect without prior knowledge of their existence.
http://www.nitrd.gov/Pubs/csia/csia_federal_plan.pdf
It also gives useful definitions as a starting point for understanding steganography:
The word steganography is derived from the ancient Greek words for “covered writing,” (Hence the similarly named stegosaurus.) See clever graphic below.
Most simply, steganography can be defined as the “art and science of writing hidden messages in such a way that no one apart from the intended recipient knows of the existence of the message.” (NSTC 57)
Other useful terms and definitions include:
Payload: the message to be encrypted
Covert file/Stego: the altered file
Carrier: Original file
Channel: the type imput, ex jpeg
Candidate: a file identified as potentially altered
Suspect: a file containing steg
October 11, 2009
Lolcats and Steganography
To view the text within the picture, save the image below and upload to http://utilitymill.com/utility/Steganography_Decode
