Download - SCSC 455 Computer Security Chapter 2 Symmetric Encryption and Message Confidentiality Dr. Frank Li
SCSC 455 Computer Security Chapter 2 Symmetric Encryption and
Message Confidentiality
Dr. Frank Li
Index
Symmetric encryption principles Symmetric block encryption Random and pseudorandom numbers Stream ciphers and RC4 Cipher block modes of operation
Symmetric encryption principles Five ingredients:
Plaintext Encryption algorithm Secret key Cipher text Decryption algorithm
Kerckhoff’s Principle
Kerckhoff’s Principle (1883) the only secrecy involved with a cryptography system
should be the key; the algorithm should be publicly known;
Good security assumes an eavesdropper knows the cipher, but the key must be kept secret
Cryptography
Cryptographic systems are classified along three independent dimensions: The type of operations used for transforming
Substitution vs. transposition Product systems
The number of keys used Symmetric vs. asymmetric
The way in which the plaintext is processed Block cipher vs. stream cipher
Cryptanalysis
The process of attempting to discover the plaintext or key
Types of cryptanalytic attacks (table 2.1) Cipher text only Known plaintext Chosen plaintext Chosen ciphertext Chosen text
Computationally Secure
A encryption scheme is computationally secure, if the ciphertext generated by the scheme meets one or both of criteria: The cost … The time …
Brute force attack X different keys on average ? Tries
Feistel Cipher Structure Many symmetric block encryption algorithms have a
structure … (figure 2.2) Feistel Structure is a particular example of the more
general structure used by all symmetric block ciphers Parameters and design features
Block size Key size Number of rounds Subkey generation algorithm Round function Fast software encryption/decryption Ease of analysis
Symmetric block encryption algorithms important symmetric block ciphers
DES 3DES AES
DES
Data encryption standard Issued in1977 FIPS 46 by NIST The algorithm is Data encryption algorithm (DEA) What is DES? The strength of DES
Concerns about the algorithm … Concerns about key length …
History of DES (1)
In the early 1970s, the National Institute of Standards and Technology (NIST) invited vendors to submit data encryption algorithms to be used as a cryptographic standard. In 1974, IBM’s 128-bit algorithm Lucifer was submitted and
accepted. The NSA modified Lucifer to use a key size of 64 bits instead of
the original 128 bits, and named it the Data Encryption Algorithm (DEA).
DEA became the algorithm that fulfills the Data Encryption Standard (DES) in 1977.
History of DES (2)
DES has been implemented in a majority of commercial products and in the applications of almost all government agencies
In January 1988, NSA stopped endorsing DES DES had been so popular for so long, it would surely be targeted
for penetration and become useless as an official standard. NSA wanted to move on to a newer, more secure, and less
popular algorithm as the new standard.
History of DES (3)
In 1998, the Electronic Frontier Foundation built a computer system “DES cracker” for $250,000 DES cracker broke DES in three days
uses a brute force attack against the keyspace
Concerns on DES
Concerns on DES Design decisions not public -- mysteries S-box
NSA's involvement in the design, S-boxes may have backdoors
key is too short
Eventually, DES was replaced by the Advanced Encryption Standard (AES) by NIST
Breaking Encryption Algorithm
Breaking an encryption algorithm can take place through brute force attacks or by identifying weaknesses in the algorithm Brute force attacks have increased in potency because
of the increased processing capacity of computers.
An encryption algorithm is broken if someone is able to uncover a key used in an encryption process.
Q: Is a broken algorithm worthless?
Breaking Encryption Algorithm
Ans: If breaking an encryption algorithm by identifying
weakness of the algorithm, the answer is YES;
If breaking an encryption algorithm by brute force attack, the answer depends … In proper implementations, we should be encrypting
data with session keys A session key is good only for that one session
So even if one session key was uncovered, it may be useless to the attacker
DES steps DES is a symmetric block encryption algorithm.
64-bit blocks of plaintext go in, 64-bit blocks of ciphertext come out.
A 64-bit key: 56 bits are the true key, and 8 bits are for parity. DES steps:
1. Divides the message into 64-bit blocks and operates on them one at a time.
2. The blocks are put through 16 rounds of transposition and substitution functions. The order and type of transposition and substitution functions
depend on the value of the key that is used with the algorithm.
3. The result is 64-bit blocks of ciphertext.
DES Modes of operation (section 2.5) DES has several distinct modes of operation
Each mode specifies how a block cipher will operate Each mode are used in different situations for different results
Modes Electronic Code Book (ECB) Cipher Block Chaining (CBC) – the most common Cipher Feedback (CFB) Output Feedback (OFB) Counter Mode (CM)
Cipher Block Chaining Mode (CBC)In CBC, each block of plaintext, the key, and theciphertext from the previous block are processed in theAlgorithm Chaining
IV
Cipher Block Chaining Mode (CBC)
Dependence (Chaining) among the blocks Ciphertext is extracted and used from the previous block of text;
For the first block, we use a 64-bit initialization vector (IV) to add randomness
This chaining effect means that a particular ciphertext block is dependent upon all blocks before it, not just the previous block.
CBC produces different ciphertext when encrypting the same plaintext in different block More random ciphertext less pattern can be revealed from
ciphertext
Initialization vectors (IVs)
Initialization vectors (IVs) are random values that are used with algorithms to ensure that patterns are not created during the encryption process. IVs are used with keys IVs do not need to be encrypted when being sent to the
destination. If IVs are not used, then two identical plaintext values that are
encrypted with the same key will create the same ciphertext.
In CBC, if we choose a different IV each time we encrypt a message, even if it is the same message, the ciphertext will always be unique.
2DES and 3DES
Double-DES has a key length of 112 bitsA specific attack against Double-DES that reduces its
work factor to about the same as DES
Triple-DES is a quick fix to provide more protection for sensitive data. uses 48 rounds in its computation, which makes it
highly resistant to differential cryptanalysis take up to three times longer than DES to perform
encryption and decryption
2DES
There has been interest to provide another algorithm during the transition to AES -- preserve the existing investment in software and hardware, increasing the security
Double DES C=E_K2(E_K1(M)) M=D_K1(D_K2(C))
Q: Is double DES more secure than DES?
Meet-in-the-Middle attack on 2DES
Proposed by Diffie, Hellman (1977) Main observation:
if C=E_K2(E_K1(M)), then X=E_K1(M)=D_K2(C)
Assume we have two pairs of plaintext-ciphertext, 1. Encrypt P for all 2^56 possible keys K12. Store the results in a table and sort the table by the values of
X3. Decrypt C using all possible 2^56 possible keys K24. For each decryption check the result in the table5. In case of match, test the two keys with the second pair of
plaintext-ciphertext. If they match, the correct keys were found
2DES
Q : Is double DES more secure than DES?
Ans: through analysis, 2DES is broken in 2^56 steps with probability larger than 1-2^-16.
The effort is not much bigger than the 2^55 required to break DES
3DES 3DES is incorporated in 1999 with FIPS 46-3
Formula FIPS 46-3 guidelines AES is intended to replace 3DES
3DES
Counter to the meet-in-the-middle attack: use three stages of encryption
3DES can work in different modes: DES-EEE3 E_K3( E_K2 ( E_k1(M) ) ) DES-EDE3 E_K3( D_K2( E_K1(M) ) ) DES-EEE2 E_K1( E_K2 ( E_k1(M) ) ) DES-EDE2 E_K1( D_K2( E_K1(M) ) )
Advanced Encryption Standard (AES) NIST sponsored a competition in 1997 to create a
replacement for DES. The following five algorithms were the finalists:
MARS RC6 Serpent Twofish Rijndael
The winner is the Rijndael algorithm by two Belgians Use three different key lengths: 128 bits, 192 bits, 256
bits was approved for use by U.S. government agencies
in May 2002
AES Features Not a Feistel structure
Process the entire data block in parallel using substitutions and permutation
The key is expanded into an array of 44 32-bit words w[i]. Four distinct words (128 bits) serve as a round key.
Four different stages One permutation and three of substitution
Substitute bytes Shift rows Mix columns Add round key
History of cryptography
The first encryption methods date back to 4000 years ago. Some Egyptian hieroglyphics were encrypted
Atbash Cipher a Hebrew cryptographic method the alphabet to be flipped so that each letter in the original
alphabet was mapped to a different letter in the flipped, alphabet.ABCDEFGHIJKLMNOPQRSTUVWXYZZYXWVUTSRQPONMLKJIHGFEDCBA
e.g.:Encypt “atbash” ?Decrpt “hvxfirgb” ?
32
Scytale Cipher (review)
Scytale cipher 400 B.C. the Spartans Write a message on a sheet of papyrus that was
wrapped around a staff; The papyrus was delivered and wrapped around a
different staff by the recipient; The message was only readable if it was wrapped
around the correct size staff, which would make the letters properly match up
Caesar Cipher (review)
Julius Caesar (100–44 B.C.) developed a simpleencryption method -- shifted the alphabet by threepositions
Standard Alphabet: ABCDEFGHIJKLMNOPQRSTUVWXYZCryptographic Alphabet:DEFGHIJKLMNOPQRSTUVWXYZABC
Example:Encypt “caesar” ?Decrpt “vhfxulwb” ?
Substitution Cipher (review)
Both Atbash cipher and Caesar Cipher are substitution cipher, because each character is replaced with another character. Monoalphabetic substitution cipher: uses only one alphabet, Polyalphabetic substitution cipher: uses multiple alphabets
Q1. Can you formulate them use mathematically?Hint: integers 0 – 25 represent 26 characters;
m: message / plaintext, c: cipher text;encryption: c = E(m) = ?decryption: m = D(c) = ?
Q2. Is Scytale cipher a substitution cipher?
Transposition Cipher (review)
Transposition Cipher: rearrange letters in plaintext
to produce cipher text Scytale cipher is a transposition cipher Rail-Fence cipher is another transposition cipher
Plaintext is HELLO WORLD Encryption: c = E(m) HLOOL
ELWRD
HLOOLELWRD Describe decryption process: m = D(c) = ?
36
Vigenère Cipher The Vigenère cipher is a method of
encryption that uses a series of different Caesar ciphers based on the letters of a keyword.
Appears to be unbreakable.
The Vigenère cipher has been reinvented many times.
The method was originally described by Giovan Batista Belaso in his 1553 book La cifra del. Sig. Giovan Batista Belaso
However, the scheme was later misattributed to Blaise de Vigenère in the 19th century, and is now widely known as the "Vigenère cipher".
Terms in Vigènere Cipher
Vigènere table: a table used to encipher and decipher
Vigènere cipher has key letters on top, plaintext
letters on the left. There are 27 shift alphabets Vigènere cipher is a polyalphabetic substitution cipher. In
contrary, Caesar cipher is a monoalphabetic substitution cipher
Key is used with Vigènere table in encryption / decryption
The Vigènere Table
G I VA G I VB H J WE L M ZH N P CL R T GO U W JS Y A NT Z B OY E H T
A mini exampleEncryption:A key letter V, and a plaintext letter T follow V column down to T row “O”
Decryptioin:A key letter V, and aciphertext letter O “T”
Vigènere Cipher Example
If the message is longer than the key, the key repeats itself E.g. 1: Key: LEMON
Encrypt plaintext: ATTACKATDAWN
Key L E M O N L E M O N L E
m A T T A C K A T D A W N
c
E.g.2, Decrypt ciphertext: P R U U Z L
Q: How to represent Vigènere Cipher in formula?
(Hint: encryption / decryption is done character by character)
Exercise
1) Encrypt a plaintext with the key “lucky”c o m p u t i n g g i v e s i n s i g h t
2) Decrypt a ciphertext with the key “vector”o l k l w j v r g q o d k p g h t k c i x b u v i i t x q z k l g k
Cryptanalysis
Cryptanalysis is the science of studying and breaking the secrecy of encryption processes, compromising authentication schemes, and reverse-engineering protocols. All previously introduced ciphers have been broken.
Basic methods: Statistical analysis Exhaustive search key space
Statistical analysis
Each character has a certain frequency. A.k.a. 1-gram model of English
a 0.080 h 0.060 n 0.070 t 0.090
b 0.015 i 0.065 o 0.080 u 0.030
c 0.030 j 0.005 p 0.020 v 0.010
d 0.040 k 0.005 q 0.002 w 0.015
e 0.130 l 0.035 r 0.065 x 0.005
f 0.020 m 0.030 s 0.060 y 0.020
g 0.015 z 0.002
Statistical Analysis (1)
f(c) frequency of character c in ciphertext
p(x) is frequency of character x in English
(i) correlation of frequency of letters in ciphertext with
corresponding letters in English, assuming key is i
(i) = 0 ≤ c ≤ 25 f(c)p(c – i)
Statistical Attack (2)
E.g., a Caesar cipher : KHOOR ZRUOG
step 1: Compute frequency of each letter in ciphertext:
G 0.1 H 0.1 K 0.1 O 0.3
R 0.2 U 0.1 Z 0.1
Step 2: Compute correlation for key i
(i) = 0.1p(6 – i) + 0.1p(7 – i) + 0.1p(10 – i) + 0.3p(14 – i) + 0.2p(17 – i) + 0.1p(20 – i) + 0.1p(25 – i)
Correlation: (i) for 0 ≤ i ≤ 25
i (i) i (i) i (i) i (i)
0 0.0482 7 0.0442 13 0.0520 19 0.0315
1 0.0364 8 0.0202 14 0.0535 20 0.0302
2 0.0410 9 0.0267 15 0.0226 21 0.0517
3 0.0575 10 0.0635 16 0.0322 22 0.0380
4 0.0252 11 0.0262 17 0.0392 23 0.0370
5 0.0190 12 0.0325 18 0.0299 24 0.0316
6 0.0660 25 0.0430
The Result
Step 3: find the most probable keys, based on : i = 6, (i) = 0.0660
plaintext EBIIL TLOLA i = 10, (i) = 0.0635
plaintext AXEEH PHKEW i = 3, (i) = 0.0575
plaintext HELLO WORLD i = 14, (i) = 0.0535
plaintext WTAAD LDGAS
The only valid English phrase is for i = 3. That’s the key (3 or ‘D’)
Exhaustive search
Exhaustive search If the key space is small enough, try all possible keys
until you find the right one
Q 1: How large is the key space in Caesar cipher ?
Q2: If we use exhaustive search, what is the expected number of trials when breaking Caesar cipher?
Q3: How about the key space of Vigènere Cipher?
Q4: How to break Vigènere Cipher?
Attacking Vigènere Cipher
– Vigenere ciphers were regarded by many as practically unbreakable for 300 years.
– In 1863, a Prussian major named Kasiski proposed a method for breaking it.
– This method was not in fact invented by Kasiski but instead by Charles Babbage;
– Babbage's discovery was used to aid English military campaigns, and was not published until several years later; as a result credit for the development was instead given to Friedrich Kasiski
Statistical analysis of Vigènere Cipher
1. Establish period n (the length of key)
2. Break cipher into n parts, each part being enciphered using the same key letter
3. Solve each part leverage one part from another
We want to break this cipher:
ADQYS MIUSB OXKKT MIBHK IZOOOEQOOG IFBAG KAUMF VVTAA CIDTWMOCIO EQOOG BMBFV ZGGWP CIEKQHSNEW VECNE DLAAV RWKXS VNSVPHCEUT QOIOF MEGJS WTPCH AJMOCHIUIX
Step 1. Establish Period n
Important observation: Repetitions in the ciphertext occur when characters of the key appear over the same characters in the plaintext
e.g.
Key VIGVIGVIGVIGVIGVplain THEBOYHASTHEBALL
cipher OPKWWECIYOPKWIRG
Repetitions in this example cipherLetters Start End Distanc
eFactors
MI 5 15 10 2, 5
OO 22 27 5 5
OEQOOG 24 54 30 2, 3, 5
FV 39 63 24 2, 2, 2, 3
AA 43 87 44 2, 2, 11
MOC 50 122 72 2, 2, 2, 3, 3
QO 56 105 49 7, 7
PC 69 117 48 2, 2, 2, 2, 3
NE 77 83 6 2, 3
SV 94 97 3 3
CH 118 124 6 2, 3
Estimate of Period n
A long repetition “OEQOOG” and “MOC” are probably not coincidence Their distances are 30 and 72. The greatest common
divisor of 30 and 72 is 6.
many other shorter repetitions have 2 and 3 in their factors
Thus the estimate period n = 6 Verify Period n by Friedman test (we skip this part)
Step 2: Break cipher into n parts
Key-1: AIKHOIATTOBGEEERNEOSAIKey-2: DUKKEFUAWEMGKWDWSUFWJUKey-3: QSTIQBMAMQBWQVLKVTMTMIKey-4: YBMZOAFCOOFPHEAXPQEPOXKey-5: SOIOOGVICOVCSVASHOGCCKey-6: MXBOGKVDIGZINNVVCIJHH
Statistical Analysis each part
Counting characters in each partABCDEFGHIJKLMNOPQRSTUVWXYZ
1. 310040113010013001120000002. 100222100130100000104040003. 120000002011400040130210004. 211022010000104310000002115. 105000212000005000300200006. 01110022311012100000030101
Compare with unshifted alphabet frequencies in English:
HMMMHMMHHMMMMHHMLHHHMLLLLL
Solve each part (2)
First part: matches characteristics of unshifted alphabet A A
Third part : I A Sixth part : V A
Substitute into ciphertext:ADIYS RIUKB OCKKL MIGHK AZOTO EIOOL IFTAG PAUEF VATAS CIITW EOCNO EIOOL BMTFV EGGOP CNEKIHSSEW NECSE DDAAA RWCXS ANSNP HHEUL QONOF EEGOS WLPCM AJEOC MIUAX
Solve each part (3) further analysis AJE in last line suggests “ARE”, meaning second
alphabet maps A into S:
ALIYS RICKB OCKSL MIGHS AZOTO
MIOOL INTAG PACEF VATIS CIITE
EOCNO MIOOL BUTFV EGOOP CNESI
HSSEE NECSE LDAAA RECXS ANANP
HHECL QONON EEGOS ELPCM AREOC
MICAX
Solve each part (4) further analysis MICAX in last line suggests “mical” (a common ending
for an adjective), meaning fourth alphabet maps O into A:
QI means that U maps into I, as Q is always followed by U:
ALIMS RICKP OCKSL AIGHS ANOTO MICOL INTOG PACET VATIS QIITE ECCNO MICOL BUTTV EGOOD CNESI VSSEE NSCSE LDOAA RECLS ANAND HHECL EONON ESGOS ELDCM ARECC MICAL
Got It!
ALIME RICKP ACKSL AUGHS ANATO MICAL INTOS PACET HATIS QUITE ECONO MICAL BUTTH EGOOD ONESI VESEE NSOSE LDOMA RECLE ANAND THECL EANON ESSOS ELDOM ARECO MICAL
Note that: Vigenere cipher is easy to break by hand. However, the principle of cryptanalysis hold for more complex ciphers that can be implemented only by computer.
59
The War Machines: The Purple Machine The Purple Machine is developed and used by the
Japanese during World War II Employed techniques discovered by Herbert O. Yardley The code was broken by William Frederick Friedman
Known as the “Father of U.S. Cryptanalysis”
60
The War Machines: Enigma
Enigma is developed by Arthur Scherbius Used by the Germans during World War II Enigma substituted each letter typed by an
operator Substitutions were computed using a key
and a set of switches or rotors The code was broken first by a group of
Polish cryptographers The machine for breaking the code was
called the “Bombe”
61
Design of Enigma Machine
An electrical voltage applied to the Q terminal on the toprow will appear at the L terminal on the bottom row.
62
How to use the Enigma machine?
1. The originator configures the Enigma machine to its initial settings;
1. Type in the first letter of the message, and the machine would substitute the letter with a different letter;
The encryption was done by moving the rotors a predefined number of times
2. Advance the rotors and enter the next letter.
Each time a new letter was to be encrypted, the operator would advance the rotors to a new setting.
Mechanism of the Enigma Machine
The chosen substitution for each letter was dependent upon the rotor setting
Assumption: the operators at each end needed to
know the key - the initial setting, which is the crucial and
secret part of this process And how to advanced the rotors when encrypting and
decrypting a message
Random and Pseudorandom Numbers A number of network security algorithms based on
cryptography Examples: generation of keys for RSA, generation of
stream key for symmetric stream cipher, generation of session key, used in Kerberos for handshaking to prevent replay attacks
Two requirements Randomness unpredictability
Randomness and Unpredictability
Randomness Criterion to validate randomness
Uniform distribution Independence
Tests to demonstrate if a sequence is NOT independent Apply a number of such tests until the confidence that
independence exists is sufficiently strong
Unpredictability “true” random sequence, numbers are unpredictable However, in pseudorandom sequence, care must be
taken for unpredictability
Pseudorandom Numbers
Algorithms are deterministic Numbers generated by algorithm are NOT statistically
random! A good algorithm generates Pseudorandom Numbers
pass many reasonable tests of randomness
TRNG, PRNG, and PRF (page 39 – 40) Entropy source Seed
PRNG algorithms
Purpose-built algorithms: E.g. RC4
Algorithms based on existing cryptographic algorithms Symmetric block cipher Asymmetric cipher Hash functions, and message authentication codes
Stream Cipher
What is stream cipher? Keystream Stream cipher is faster and use less code than block
cipher However this advantage has diminished with the
introduction of AES E.g. IBM AES instruction set
Stream cipher is better encrypt/decrypt of a stream of data over a communication channel
Block cipher can reuse keys, stream cipher cannot.
Stream Cipher
Design considerations for a stream cipher Encryption sequence should have a large period Keystream should approximate the properties of a true
random number stream. The key needs to be sufficiently long >= 128 bits
RC4
Designed in 1987 by Ron Rivest For RSA Security RC4 was kept as trade secret by RSA Security, until
algorithm was anonymously posted on the Interne in 1994
RC4 algorithm is very simple Used in SSL/TLS standards, WEP and WPA
RC4
A variable length key of from 1 to 256 byes is used to initialize a 256-byte state vector S S[0], S[1] .. S[255] contains a permutation of all 8-bit
numbers from 0 to 255. A byte k is generated from S by selecting one of the
255 entries in a systematic fashion. As each value of k is generated, the entries in S are once again permuted.
Initialization of S Stream generation Encrypt and decrypt
RC4 Strength
Not any practical approach against RC4 with a reasonable key length, such as 128 bits
WEP vulnerability is not with RC4 itself, but the way in which keys are generated for use as input to RC4
One-Time Pad
A one-time pad is a perfect encryption scheme because it is considered unbreakable if implemented properly
Is made up of random bits. Is as simple as letter substitution This encryption process uses a binary mathematic
function XOR.
Message stream 1001010111
Keystream 0011101010
Ciphertext stream 1010111101
OTP in action
One-time pads have been used throughout history to protect different types of sensitive data. Today, they are still in place for many types of militaries as
a backup encryption option if current encryption processes are unavailable for reasons of war or attacks.
A Russian One-time pad, captured by MI5
The history of cryptography
(reading assignment -- article 1)
Another way to hide data: Steganography Steganography is a method of hiding data in another media
type so that the very existence of the data is concealed. does not use algorithms or keys to encrypt information. A message can be hidden in a WAV file, in a graphic, or in
unused spaces on a hard drive or sectors that are marked as unusable.
E.g.1 the least significant bit of each byte of the image can be replaced with bits of the secret message. This practice does not affect the graphic enough to be detected.
E.g. 2 can also be used to insert a digital watermark on digital images so that illegal copies of the images can be detected.
Steganography
στεγανός
covered
γραφία
writing
the art and science of writing hidden messages in such a way that no one, apart from the sender and intended recipient, suspects the existence of the message
Steganography in Ancient Greece -- Tattoo message on head
An ancient Greek historian Herodotus reports that messages
were tattooed onto the shaved heads of slaves. Once the hair
grew back, the slaves were sent to the recipient, with the
message hidden “in plain sight”.
Steganography in World War I -- Null Cipher
The message below was sent by the German
embassy in World War I.
PRESIDENT'S EMBARGO RULING SHOULD HAVE IMMEDIATE NOTICE. GRAVE SITUATION AFFECTING INTERNATIONAL LAW. STATEMENT FORESHADOWS RUIN OF MANY NEUTRALS. YELLOW JOURNALS UNIFYING NATIONAL EXCITEMENT IMMENSELY.
Taking the first letter in each word of message reveals the
hidden text: PERSHING SAILS FROM NY JUNE 1.
Steganography in Espionage -- Invisible ink
Spies use milk, fruit juice or urine as invisible inks,
which darken when heated.
An FBI agent is shown using
ultraviolet light to read secret
writing on a paper from a
suspected spy case
Steganography in Modern Days
Digital media lend themselves to steganography because of the large amount of information in certain file types
Steganography Carrier Files: bmp jpeg gif wav mp3 Amongst others…
Steganography Terminology
Carrier File Carrier File withHidden Message
Some Steganography Tools
Steganos S-Tools (GIF, JPEG) StegHide (WAV, BMP) Invisible Secrets (JPEG) JPHide Camouflage Hiderman And many others…
(We will try it today …)
RGB Color Model in Image Files
red, green, and blue light are added together in various ways to reproduce a broad array of colors.
(0, 0, 0) is black (255, 255, 255) is white (255, 0, 0) is red (0, 255, 0) is green (0, 0, 255) is blue (255, 255, 0) is yellow (0, 255, 255) is cyan (255, 0, 255) is magenta
The simplest and most common type of steganography is LSB (least significant bit). The one’s bit of a byte is used to encode the hidden information.
Suppose we want to encode the letter A (ASCII 65 or binary 01000001) in the following 8 bytes of a carrier file.
01011101 11010000 00011100 1010110011100111 10000111 01101011 11100011
becomes
01011100 11010001 00011100 1010110011100110 10000110 01101010 11100011
A Common Technique of Steganography
-- LSB
Left image is original JPEG file Right image is with hidden message
Steganography Application-- UV Watermarking
Steganography Tools
A list of over 100 steganography tools:
http://www.jjtc.com/Steganography/toolmatrix.htm
Some of them run in Linux platform JPHS (JPHide JPSeek, JP hide and seek)
http://linux01.gwdg.de/~alatham/stego.html Steghide Outguess Blindside Gifshuffle GzSteg Etc.
Steganalysis
Steganalysis is the counter-measure against steganography.
Attempts to analyze a data stream to determine whether or not it contains hidden messages.
Steganography is It’s fun to play with Easy to implement but fairly effective. Obviously has a lot of good and bad applications, as
with an technology.