"Steganography Steganography Learning Objectives"
Steganography Learning Objectives: Understand the concepts and definition of Steganography Use Steganography tools to embed information Use Steganography tools to recover hidden information Analyze files to find hidden information Utilize a dictionary attack to break a weak encryption used in Steganography Requirements: Windows XP System with Administrative rights Stegdetect and Stegbreak freeware software (found on Website) Jphide and Jpseek freeware software (found on Website) S-Tools freeware software (found on Website) Access to Professor Steffen’s website for Steganography files Background Information: Steganography Steganography is a special kind of cryptography that hides one piece of information inside of another. This is the art and science of conveying information in such a way that the presence of one object within the other is unnoticeable. It comes from the Greek words steganós steganos (covered) and graptos graptos (writing), literally covered writing, in the sense of a hidden thing. In steganography the text or image in question is invisible although it resides in the interior of an apparently normal piece of other information, like a text an image or a soundtrack. Unlike cryptography where the message is clearly visible although you need the key to decipher it, in this case the information cannot be seen unless the correct procedure is applied to the text or image where it resides. In most circumstances, the security is heightened by a required key to reverse the Steganography process. JPHIDE and JPSEEK JPHIDE and JPSEEK are programs which allow you to hide a file in a jpeg visual image. This suite of software consists of three files: JPHIDE.EXE is a DOS program to hide a data file in a jpeg file. JPSEEK.EXE is a DOS program to recover a file hidden with JPHIDE.EXE JPHSWIN.EXE is a Windows program which performs the same functions as the two programs above. Given a typical visual image, a low insertion rate (under 5%) and the absence of the original file, it is not possible to conclude with any worthwhile certainty that the host file contains inserted data. The hidden files must be small compared to the host file. Above 15% the effects begin to become visible to the naked eye. Of course some images are much better than others when used a host file. A host file that contains lots of detail is best for ensuring best quality of picture. JPHIDE and JPSEEK are easy to use products but the algorithm is well known and can be resolved with a dictionary attack and the right software. (See Below) Stegdetect and Stegbreak Stegdetect is an automated tool for detecting steganographic content in images. It is capable of detecting several different steganographic methods to embed hidden information in JPEG images. Stegbreak is used to launch dictionary attacks against software such as JSteg-Shell, JPHide and OutGuess. Any standard word file dictionary can be used in association with Stegbreak to compromise the hidden key in these Steganography packages. S-Tools Steganography S-Tools are steganography tools that hide files in BMP, GIF, and WAV files. This uses a process of drag and drop. You can drag a host file into S-Tools and then drop the file to be hidden into the host. You can hide multiple files in one sound/picture and your data is compressed before being encrypted then hidden. Multiple choices of Encryption methods are made available further strengthening the Steganography process. Experiment: 1.) Download and Install all three tools discussed above. 2.) Use JPSEEK with the key “first” to find the hidden message in Image 1. (refer to website for all images) 3.) Use JPHIDE with the key “second” and hide text file with “Your full name and what grade you want on this laboratory” in Image 2. Save this new file as “MyFile1.jpg” 4.) Now use Stegdetect to see if there is hidden information in Images 3, 4 and 5. 5.) If Stegdetect found hidden information in any of the Images 3, 4 or 5, use Stegbreak to find the key. Then use the key to find the hidden message. a. Stegbreak works on a dictionary attack. You’ll to download the dictionary to perform this task. b. The hidden images could be text or image. 6.) Use S-Tools to find the hidden messages in Wave 1 file and Image 6. The key in each of these cases is “fourth”. The hidden files could be text or image. Assignment: Questions from the Experiment 1.) What is the hidden message in step 2 of the experiment? 2.) What file(s) in step 4 of the experiment have hidden information? 3.) What is the hidden phrase(s)/image(s) in the file(s) in step 4 of the experiment? 4.) How many files have hidden messages at http://www.etcs.ipfw.edu/~steffen/cpet364/steganography/stegano.htm General Questions 1.) Explain how steganography could be used in espionage and terrorism. 2.) Explain how steganography could be used in a productive way. 3.) What determines how secure a steganography method is? 4.) Explain what would happen if the hidden file is larger than the host file. 5.) Construct an algorithm in pseudo code that would implement your own steganography method. (make sure to explain your method) 6.) Write a brief summary that describes a system that could be used to check steganography on files leaving your network. Documentation 1.) Submit a report containing “Questions from the Experiment” and “General Questions” also include any images or tables if needed. 2.) Submit MyFile1.jpg created during the experiment. Additional Steganography Software Downloads: http://www.stegoarchive.com/