Prev: An application of indirectness and variability
Next: bad client public DH value
From: jmorton123 on 25 Apr 2010 20:14
Steganography Software

In two to four weeks I will complete steganography software that will
embedd encrypted data into 24-bit bitmap images.

It will determine the image data length of the bitmap.
It will determine the length of the message to embed.
It will XOR each bit of the message with the LSB of randomly selected
unique bitmap bytes until the entire message has been embedded into
the bitmap.

Of course you must not use this technique on vector graphic images.
You should use this technique only on RAW digital camera images
converted to bitmap images and these images should be of natural
scenes with a great deal of color variability.
You cannot tell the encrypted data image from the original image by
just looking at it.
You cannot tell the encrypted data image from an examination of the
LSB byte information because on average only half of the bits will be
flipped and you won't know which bytes to examine because they will
be chosen at random.
As SOP you should encrypt the message before you embed it into the
bitmap image.
I am determining what percentage maximum of the bitmap image should
contain the embedded encrypted message for added security.

JM
From: Gordon Burditt on 26 Apr 2010 02:29
>Steganography Software
>
>In two to four weeks I will complete steganography software that will
>embedd encrypted data into 24-bit bitmap images.
>
>It will determine the image data length of the bitmap.
>It will determine the length of the message to embed.
>It will XOR each bit of the message with the LSB of randomly selected
>unique bitmap bytes until the entire message has been embedded into
>the bitmap.

So how do you decrypt it?

It seems there are three possibilities:
(1) You need the original photograph also, which isn't normally how
steganography is done. Having two not-quite-identical photos get
captured can raise suspicions that you are hiding messages in them.

(2) You can determine what the low-order bits of the photo "should
be" from the rest of the photo, which I don't believe is realistic,
and is somewhat the antithesis of steganography: you aren't supposed
to be able to tell that there's a message there.

(3) You don't really XOR each bit of the message with the image
data, you *REPLACE* the image data low-order bit with the message
bit. If the message is compressed and encrypted, and is kept a
low percentage of the low-order bits, the bit distribution should
be indistinguishable from that of the original photograph, given
it's a nice scene, not a picture of a black&white TV image.

>You cannot tell the encrypted data image from the original image by
>just looking at it.

Rules out #2, unless you're talking only about eyeballing the image,
not dumping all the bits. Even if you DO look at all the bits, you
shouldn't be able to tell the encrypted image from the original.

>You cannot tell the encrypted data image from an examination of the
>LSB byte information because on average only half of the bits will be
>flipped and you won't know which bytes to examine because they will
>be chosen at random.

So how does the recipient know which random bits to look at? I
presume it is a function of (a) image dimensions and (b) some kind
of pre-shared key (to a PRNG?) that determines which bits are used
in what order.


>As SOP you should encrypt the message before you embed it into the
>bitmap image.
And, of course, the key for that has to be pre-shared.

Especially if you're doing #3, encrypting helps ensure that the
message bits have about 50-50 distribution.

>I am determining what percentage maximum of the bitmap image should
>contain the embedded encrypted message for added security.

From: Mok-Kong Shen on 26 Apr 2010 04:10
jmorton123 wrote:

> In two to four weeks I will complete steganography software that will
> embedd encrypted data into 24-bit bitmap images. [snip]

Question: Would your stego info survive a compression?

M. K. Shen

From: Maaartin on 26 Apr 2010 06:14
On Apr 26, 8:29 am, gordonb.21...(a)burditt.org (Gordon Burditt) wrote:
> So how does the recipient know which random bits to look at? I
> presume it is a function of (a) image dimensions and (b) some kind
> of pre-shared key (to a PRNG?) that determines which bits are used
> in what order.

I'd suggest (c) all image bits except for the LSB.

On Apr 26, 10:10 am, Mok-Kong Shen <mok-kong.s...(a)t-online.de> wrote:
> Question: Would your stego info survive a compression?

Compressions like gif or png are lossless, so it surely will.
Surviving something like jpg is quite improbable, although there are
watermarking schemes and maybe even stego claimed to do so.
From: Mok-Kong Shen on 26 Apr 2010 06:32
Maaartin wrote:
> gordonb.21...(a)burditt.org (Gordon Burditt) wrote:
>> So how does the recipient know which random bits to look at? I
>> presume it is a function of (a) image dimensions and (b) some kind
>> of pre-shared key (to a PRNG?) that determines which bits are used
>> in what order.
>
> I'd suggest (c) all image bits except for the LSB.

I am confused. Why "excepting" LSB? (Most schemes exploit "particularly"
the LSB, if I don't err.)

Thanks.

M. K. Shen
 |  Next  |  Last
Pages: 1 2
Prev: An application of indirectness and variability
Next: bad client public DH value