gagan thesis 1
TRANSCRIPT
M.Tech Thesis
on
A novel algorithm and code development for message security using steganography
submitted by
Roll No.:
under guidance of
2008
1
Certificate
2
Acknowledgment
3
List of Figures
Fig.No. Content Page No.
Figure 1: Types of steganography 16
Figure2: Process of embedding data into RGB pixels 21
Figure3: Generic process of encoding and decoding 24
Figure4: Palette gradients 28
Figure5: Original picture 43
Figure6: Image after embedding the data into it 44
4
Table of Contents
Sl.No Content Page No
1. Abstract 6
2. Literature Survey 7-10
3. Chapter 1: Introduction 11-15
4. Chapter 2: Case study – Steganography 16-42
5. Chapter 3: Problem Formulation, Simulation And Testing
43-45
6. Chapter 4: Results And Discussions 46-50
7. Conclusion 51-53
8. References 54-55
9. Appendix…(C code) 56-71
5
Abstract
Informally, steganography refers to the practice of hiding secret messages in
communications over a public channel so that an eavesdropper (who listens to all
communications) cannot even tell that a secret message is being sent. In contrast to the
active literature proposing new concrete steganographic protocols and analyzing aws in
existing protocols, there has been very little work on formalizing steganographic notions
of security, and none giving complete, rigorous proofs of security in a satisfying model.
The thesis initiates the study of steganography from a cryptographic point of view. We
give a precise model of a communication channel and a rigorous definition of
steganographic security, and prove that relative to a channel oracle, secure steganography
exists if and only if one-way functions exist. We give tightly matching upper and lower
bounds on the maximum rate of any secure stego system. We introduce the concept of
steganographic key exchange and public-key steganography, and show that provably
secure protocols for these objectives exist under a variety of standard number-theoretic
assumptions. We consider several notions of active attacks against steganography; show
how to achieve each under standard assumptions, and consider the relationships between
these notions. Finally, we extend the concept of steganography as covert communication
to include the more general concept of covert computation. Also in this work we have
illustrated the fact that pseudo random method of steganography gives less chance for the
hacker to hack the information in the network as compared to LSB method. As in this
method the message is embedded in the picture randomly depending on the free space in
the picture and also the message is scrambled while embedding it in the picture, making
the retrieval of the message by an unknown user tough.
6
Literature Survey
1. Daniel L. Currie, III Fleet Information Warfare Center, Cynthia E. Irvine
Computer Science Department, Surmounting the Effects of Lossy Compression on
Steganography
Abstract: - Steganographic techniques can be used to hide data within digital images with
little or no visible change in the perceived appearance of the image and can be exploited
to export sensitive information. Since images are frequently compressed for storage or
transmission, effective steganography must employ coding techniques to counter the
errors caused by lossy compression algorithms. The Joint Photographic Expert Group
(JPEG) compression algorithm, while producing only a small amount of visual distortion,
introduces a relatively large number of errors in the bitmap data. It is shown that, despite
errors caused by compression, information can be stegano graphically encoded into pixel
data so that it is recoverable after JPEG processing, though not with perfect accuracy.
2. Jonathan Cummins, Patrick Diskin, Samuel Lau and Robert Parlett, School of
Computer Science, The University of Birmingham, Steganography and Digital
watermarking
Abstract: - Steganography is derived from the Greek for covered writing and essentially
means, “to hide in plain sight”. As defined by Cachin steganography is the art and
science of communicating in such a way that the presence of a message cannot be
detected. Simple steganographic techniques have been in use for hundreds of years, but
with the increasing use of files in an electronic format new techniques for information
hiding have become possible. This document will examine some early examples of
steganography and the general principles behind its usage. We will then look at why it
has become such an important issue in recent years. There will then be a discussion of
some specific techniques for hiding information in a variety of files and the attacks that
may be used to bypass steganography.
7
3. White Paper on the contributions of cryptography & steganography to internet
security.
Abstract: - While in the past, cryptography and steganography were mainly used for
military purposes, today they are increasingly being used within the private sector. Even
home users are becoming aware of the importance of protecting sensitive data from
prying eyes. Those who opt to protect their data can choose from several methods, some
of which are more complicated than others. Overall, however, general awareness of data
security, especially among private citizens, is still not widespread. Many computer and
Internet users are still satisfied with the sheer basics of protection, for example the use of
virus protection software. These same people prefer writing e-mail instead of postal
letters, seemingly unaware of the fact that an unencrypted e-mail can be read just as
easily as a postcard. Thus, many of the commercial solutions that have been developed to
protect private as well as business data remain unused.
4. Francesco Queirolo, Steganography in images: Final communication report
Abstract: - Steganography is a very old method of passing messages in secret. This
method of message cloaking goes back to the time of the ancient Greeks. The historian
Herodotus wrote about how an agent wrote a message warning of an invasion on the
wood part of a wax tablet. Since messages were normally inscribed in the wax and not
the wood, the tablet appeared blank to a common observer. There is also the story of a
messenger during the Persian Wars who shaved his head and had a message tattooed on
it. He waited until his hair grew back to make his journey. When he arrived at his
destination, he shaved his head to reveal the message. During WWII spies on both sides
used “invisible” inks. These inks were fluids such as milk, fruit juice, or urine that would
darken when heated. They also sent messages with very small punctures above characters
in a document that formed a message when combined. (McCullah, Feb 7, 2001). It is the
hope of the author of this paper that judicious limits on cryptography and steganography
will be implemented. As I believe that in our current position if terrorists used a good
stego-tool and a solid encryption algorithm it would be very difficult to discover their
8
plans before they are executed. Of course, there will be some that argue encryption
should not be mitigated as it is an academic pursuit and helps preserve privacy. Even so, I
believe we must rely on our government (for they are accountable to the citizens of this
country) to make the correct decisions in the matter because privacy is important but not
to the point where people can use it as shield to kill people.
5. Niels Provo and Peter honeyman university of Michigan, Hide and seek – An
introduction to steganography
Abstract: - Steganography is the art and science of hiding communication; a
steganographic system thus embeds hidden content in unremarkable cover media so as
not to arouse an eavesdropper’s suspicion. In the past, people used hidden tattoos or
invisible ink to convey steganographic content. Today, computer and network
technologies provide easy-to-use communication channels for steganography.
Essentially, the information-hiding process in a steganographic system starts by
identifying a cover medium’s redundant bits (those that can be modified without
destroying that medium’s integrity). The embedding process creates a stego medium by
replacing these redundant bits with data from the hidden message. Modern
steganography’s goal is to keep its mere presence undetectable, but steganographic
systems— because of their invasive nature—leave behind detectable traces in the cover
medium. Even if secret content is not revealed, the existence of it is: modifying the cover
medium changes its statistical properties, so eavesdroppers can detect the distortions in
the resulting stego medium’s statistical properties. The process of finding these
distortions is called statistical steganalysis. This article discusses existing steganographic
systems and presents recent research in detecting them via statistical steganalysis. Other
surveys focus on the general usage of information hiding and watermarking or else
provide an overview of detection algorithms. Here, we present recent research and
discuss the practical application of detection algorithms and the mechanisms for getting
around them.
9
6. Joshua R. Smith and Chris Dodge, Developments in Steganography
Abstract: - This paper presents two main results. The first is a new approach to
steganography in which data is encoded in correlations among the pixels in an image.
Almost all previous steganographic methods encode data in correlations between the
pixels and a known external reference signal. This method hints at the existence of public
key watermarking techniques, which will be defined. The other result is a method for
greatly increasing the capacity of a printed steganographic channel. Because it is specific
to printed images, this method is useful for steganographic problems such as stealth bar
coding, but not for digital watermarking. The two results are complementary in that
higher noise levels are encountered in the intra-image correlation encoding method, but
the second method works by eliminating image-induced noise.
7. Miss K.I. Munro University of the Witwatersrand, Steganography: is it becoming a
double-edged sword in computer security?
Abstract: - The growth of the Internet has stimulated the use and the misuse of
steganography. At its simplest level, steganography the art of hiding secret messages,
within the structure of another media. While legitimate and justifiable applications for
steganography exist, criminally minded people or organizations can also use it for
underground, illicit and deliberately secret communication. The objective, similar to
cryptography is to make it impossible for those without the key to break the code;
however Steganography operates at a more complex level as detection is dependent on
recognizing the underlying hidden data. This paper introduces the topic of steganography
and evaluates the applications, both positive and negative. This paper finds
steganography to be both a helpful and a hindering force in the computing milieu. A more
thorough investigation is needed to aid a variety of stakeholders: law policy makers,
security professionals and the general internet populace.
10
Chapter 1: Introduction
This work focuses on the problem of steganography: how can two communicating
entities send secret messages over a public channel so that a third party cannot detect the
presence of the secret messages? Notice how the goal of steganography is different from
classical encryption, which seeks to conceal the content of secret messages:
steganography is about hiding the very existence of the secret messages. Steganographic \
protocols" have a long and intriguing history that goes back to antiquity. There are stories
of secret messages written in invisible ink or hidden in love letters (the first character of
each sentence can be used to spell a secret, for instance). More recently, steganography
was used by prisoners, spies and soldiers during World War II because mail was carefully
inspected by both the Allied and Axis governments at the time. Postal censors crossed out
anything that looked like sensitive information (e.g. long strings of digits), and they
prosecuted individuals whose mail seemed suspicious. In many cases, censors even
randomly deleted innocent-looking sentences or entire paragraphs in order to prevent
secret messages from being delivered. More recently there has been a great deal of
interest in digital steganography, that is, in hiding secret messages in communications
between computers. The recent interest in digital steganography is fueled by the
increased amount of communication which is mediated by computers and by the
numerous potential commercial applications: hidden information could potentially be
used to detect or limit the unauthorized propagation of the innocent-looking \carrier"
data. Because of this, there have been numerous proposals for protocols to hide data in
channels containing pictures, video, audio, and even typeset text. Many of these protocols
are extremely clever and rely heavily on domain-specific properties of these channels. On
the other hand, the literature on steganography also contains many clever attacks that
detect the use of such protocols.
The rigorous study of provably secure cryptography was initiated by Shannon, who
introduced an information-theoretic definition of security: a cryptosystem is secure if an
adversary who sees the cipher text - the scrambled message sent by a cryptosystem -
receives no additional information about the plaintext - the unscrambled content.
Unfortunately, Shannon also proved that any cryptosystem which is perfectly secure
11
requires that if a sender wishes to transmit N bits of plaintext data, the sender and the
receiver must share at least N bits of random, secret data - the key. This limitation means
that only parties who already possess secure channels (for the exchange of secret keys)
can have secure communications. To address these limitations, researchers introduced a
theory of security against computationally limited adversaries: a cryptosystem is
computationally secure if an adversary who sees the cipher text cannot compute (in, e.g.
polynomial time) any additional information about the plaintext than he could without the
cipher text. Potentially, a cryptosystem which could be proven secure in this way would
allow two parties who initially share a very small number of secret bits (in the case of
public key cryptography, zero) to subsequently transmit an essentially unbounded
number of message bits securely. Proving that a system is secure in the computational
sense has unfortunately proved to be an enormous challenge: doing so would resolve, in
the negative, the open question of whether P = NP. Thus the cryptographic theory
community has borrowed a tool from complexity theory: reductions. To prove a
cryptosystem secure, one starts with a computational problem, which is presumed to be
intractable, and a model of how an adversary may attack a cryptosystem, and proves via
reduction that computing any additional information from a cipher text is equivalent to
solving the computational problem. Since the computational problem is assumed to be
intractable, a computationally limited adversary capable of breaking the cryptosystem
would be a contradiction and thus should not exist. In general, computationally secure
cryptosystems have been shown to exist if and only if \one-way functions," which are
easy to compute but computationally hard to invert, exist. Furthermore, it has been shown
that the difficulty of a wide number of well-investigated number-theoretic problems
would imply the existence of one-way functions, for example the problem of computing
the factors of a product of two large primes, or computing discrete logarithms in a finite
field. Subsequent to these breakthrough ideas, cryptographers have investigated a wide
variety of different ways in which an adversary may attack a cryptosystem. For example,
he may be allowed to make up a plaintext message and ask to see its corresponding
cipher text, (called a chosen-plaintext attack), or even to make up a cipher text and ask to
see what the corresponding plaintext is (called a chosen cipher text attack). Or the
12
adversary may have a different goal entirely - for example, to modify a cipher text so that
if it previously said \Attack" it now reads as \Retreat" and vice-versa.
Previous work on theory of steganography: - The scientific study of steganography in the
open literature began in 1983 when Simmons stated the problem in terms of
communication in a prison. In his formulation, two inmates, Alice and Bob, are trying to
hatch an escape plan. The only way they can communicate with each other is through a
public channel, which is carefully monitored by the warden of the prison, Ward. IfWard
detects any encrypted messages or codes; he will throw both Alice and Bob into solitary
confinement. The problem of steganography is, then: how can Alice and Bob cook up an
escape plan by communicating over the public channel in such a way that Ward doesn't
suspect anything \unusual" is going on. Anderson and Petitcolas posed many of the open
problems resolved in this thesis. The people in this field also pointed out that while it is
easy to give a loose upper bound on the rate at which hidden bits can be embedded in
innocent objects; there was no known lower bound. Since the paper of Anderson and
Petitcolas, several works have addressed information-theoretic definitions of
steganography. Cachin's work formulates the problem as that of designing an encoding
function so that the relative entropy between stegotexts, which encode hidden
information, and independent, identically distributed samples from some innocent-
looking cover text probability distribution, is small. He gives a construction and
concludes that it is computationally intractable; and another construction which is
provably secure but relies critically on the assumption that all orderings of cover texts are
equally likely. Cachin also points out several aws in other published information theoretic
formulations of steganography. All information-theoretic formulations of steganography
are severely limited, however, because it is easy to show that information-theoretically
secure steganography implies information-theoretically secure encryption; thus any
secure stego system with N bits of secret key can encode at most N hidden bits. In
addition, techniques such as public-key steganography and robust steganography are
information-theoretically impossible.
13
Symmetric Key Steganography: -A symmetric key stego system allows two parties with a
shared secret to send hidden messages undetectably over a public channel. We give
cryptographic definitions for symmetric-key stego systems and steganographic secrecy
against a passive adversary in terms of indistinguishability from a probabilistic channel
process. By giving a construction which provably satisfies these definitions, it is observed
that the existence of a one-way function is sufficient for the existence of secure
steganography relative to any channel. It is also shown that this condition is necessary by
demonstrating a construction of a one-way function from any secure stego system.
Public-Key Steganography :-Informally, a public-key steganography protocol allows two
parties, who have never met or exchanged a secret, to send hidden messages over a public
channel so that an adversary cannot even detect that these hidden messages are being
sent. Unlike previous settings in which provable security has been applied to
steganography, public-key steganography is information-theoretically impossible. We
introduce computational security conditions for public-key steganography similar to
those for the symmetric-key setting, and give the first protocols for public-key
steganography and steganographic key exchange that are provably secure under standard
cryptographic assumptions.
Steganography with active adversaries: - We consider the security of a stego system
against an adversary who actively attempts to subvert its operation by introducing new
messages to the communication between Alice and Bob. We consider two classes of such
adversaries: disrupting adversaries and distinguishing adversaries. Disrupting adversaries
attempt to prevent Alice and Bob from communicating stegano graphically, subject to
some set of publicly-known restrictions; we give a formal definition of robustness against
such an attack and give the first construction of a provably robust stego system.
Distinguishing adversaries introduce additional traffic between Alice and Bob in hopes of
tricking them into revealing their use of steganography; we consider the security of
symmetric- and public-key stego systems against active distinguishers and give
constructions, which are secure against such adversaries. We also show that no stego
system can be simultaneously secure against both disrupting and distinguishing active
adversaries.
14
Bounds on steganographic rate: - The rate of a stego system is defined by the (expected)
ratio of hidden text size to stego text size. Prior to this work there was no known lower
bound on the achievable rate (since there were no provably secure stego systems), and
only a trivial upper bound. We give an upper-bound MAX in terms of the number of
samples from a probabilistic channel oracle and the minimum-entropy of the channel, and
show that this upper bound is tight by giving a provably secure symmetric-key stego
system with rate (1 - o(1))MAX. We also give an upper bound RMAX on the rate
achievable by a robust stego system and exhibit a construction of a robust stego system
with rate (1 – e) RMAX for any _ > 0.
Covert Computation: - We introduce the novel concept of covert two-party computation.
Whereas ordinary secure two-party computation only guarantees that no more knowledge
is leaked about the inputs of the individual parties than the result of the computation,
covert two party computations employs steganography to yield the following additional
guarantees:
(A) No outside eavesdropper can determine whether the two parties are performing the
computation or simply communicating as they normally do; (B) before learning f(xA;
xB), neither party can tell whether the other is running the protocol; (C) after the protocol
concludes, each party can only determine if the other ran the protocol insofar as they can
distinguish f(xA; xB) from uniformly chosen random bits. Covert two-party computation
thus allows the construction of protocols that return f(xA; xB) only when it equals a
certain value of interest (such as \Yes, we are romantically interested in each other") but
for which neither party can determine whether the other even ran the protocol whenever
f(xA; xB) does not equal the value of interest.
15
Chapter 2: Steganography
Steganography is a very old method of passing messages in secret. This method of
message cloaking goes back to the time of the ancient Greeks. The historian Herodotus
wrote about how an agent wrote a message warning of an invasion on the wood part of a
wax tablet. Since messages were normally inscribed in the wax and not the wood, the
tablet appeared blank to a common observer. There is also the story of a messenger
during the Persian Wars who shaved his head and had a message tattooed on it. He
waited until his hair grew back to make his journey. When he arrived at his destination,
he shaved his head to reveal the message. During World War II spies on both sides used
“invisible” inks. These inks were fluids such as milk, fruit juice, or urine that would
darken when heated. They also sent messages with very small punctures above characters
in a document that formed a message when combined. Many people lump steganography
with cryptography, and while they are in many cases means to the same ends (not letting
unauthorized persons view data) they are not the same thing. Although, they are often
sibling processes and first encrypting a message then using a stego-tool to hide it is more
effective in hiding a secret message than either method by itself. According to
Dictionary.com: Steganography is:” Hiding a secret message within a larger one in such a
way that others can not discern the presence or contents of the hidden message” and
Cryptography is “The process or skill of communicating in, or deciphering secret writing
or ciphers.” Steganography can be used to cloak hidden messages in image, audio and
even text files.
It is to be mentioned that steganography is derived from the Greek for covered writing
and essentially means “to hide in plain sight”. As defined by Cachin steganography is the
art and science of communicating in such a way that the presence of a message cannot be
detected. Simple steganographic techniques have been in use for hundreds of years, but
with the increasing use of files in an electronic format new techniques for information
hiding have become possible.
16
Figure 1 shows how information hiding can be broken down into different areas.
Steganography can be used to hide a message intended for later retrieval by a specific
individual or group. In this case the aim is to prevent the message being detected by any
other party. The other major area of steganography is copyright marking, where the
message to be inserted is used to assert copyright over a document
Figure 1: - Types of steganography
Steganography and encryption are both used to ensure data confidentiality. However the
main difference between them is that with encryption anybody can see that both parties
are communicating in secret. Steganography hides the existence of a secret message and
in the best case nobody can see that both parties are communicating in secret. This makes
steganography suitable for some tasks for which encryption aren’t, such as copyright
marking. Adding encrypted copyright information to a file could be easy to remove but
embedding it within the contents of the file itself can prevent it being easily identified
and removed.
17
Figure 2 shows a comparison of different techniques for communicating in secret.
Encryption allows secure communication requiring a key to read the information. An
attacker cannot remove the encryption but it is relatively easy to modify the file, making
it unreadable for the intended recipient. Digital signatures allow authorship of a
document to be asserted. The signature can be removed easily but any changes made will
invalidate the signature, therefore integrity is maintained. Steganography provides a
means of secret communication, which cannot be removed without significantly altering
the data in which it is embedded. The embedded data will be confidential unless an
attacker can find a way to detect it.
History: -
How around 440 B.C. Histiaeus shaved the head of his most trusted slave and tattooed it
with a message, which disappeared after the hair had regrown. The purpose of this
message was to instigate a revolt against the Persians. Another slave could be used to
send a reply. During the American Revolution, both the British and Americans to
communicate secretly used invisible ink, which would glow over a flame. Steganography
was also used in both World Wars. German spies hid text by using invisible ink to print
small dots above or below letters and by changing the heights of letter-strokes in cover
texts. In World War I, prisoners of war would hide Morse code messages in letters home
by using the dots and dashes on i, j, t and f. Censors intercepting the messages were often
alerted by the phrasing and could change them in order to alter the message. A message
reading “Father is dead” was modified to read “Father is deceased” and when the reply
“Is Father dead or deceased?” came back the censor was alerted to the hidden message.
During World War II, the Germans would hide data as microdots. This involved
photographing the message to be hidden and reducing the size so that that it could be
used as a period within another document. FBI director J. Edgar Hoover described the use
of microdots as “the enemy’s masterpiece of espionage”. A message sent by a German
spy during World War II read: “Apparently neutral’s protest is thoroughly discounted and
ignored. Isman hard hit. Blockade issue affects for pretext embargo on by-products,
18
ejecting suets and vegetable oils.” By taking the second letter of every word the hidden
message “Pershing sails for NY June 1” can be retrieved. More recent cases of
steganography include using special inks to write hidden messages on bank notes and
also the entertainment industry using digital watermarking and fingerprinting of audio
and video for copyright protection.
Technical Background of Steganography: -
Today’s steganographic methods primarily use image or audio files to hide encrypted
data, thus enhancing overall security. Encrypted data on its own can attract the attention
of hackers through its mere existence; however, if it is embedded in seemingly innocuous
image or audio files, no attempts will be made to break the code or to obtain the secret
key. Using steganographic techniques, the information that needs to be concealed is
dispersed within the least significant bits of a carrier file (e.g., image or audio file), which
serves as a hiding place. It is important that the carrier files not lose their actual
appearance during the embedding process. Most suitable are digital files with 24-bit color
depth, which uses three bytes per dot. Since the secret information is distributed within
the least significant bit of each dot, the human eye from the image containing the
embedded data cannot distinguish the original image. The format of the image is also
critical. It’s important to ensure that the type of compression used doesn’t cause a loss of
data. GIF and BMP files can safely be used for steganography. While gray-scale images
are readily usable, embedding information in 265-color images is only advisable if the
colors are right next to each other in the palette. Otherwise, the appearance of the image
will be noticeably changed. Certain steganographic programs, such as the Steganos
Security Suite, enable users to create suitable image or audio files, or to search their
computers for available files.
In a computer, images are represented as arrays of values. These values represent the
intensities of the three colors R(ed) G (reen) and B (lue), where a value for each of the
three colors describes a pixel. Through varying the intensity of the RGB values, a finite
set of colors spanning the full visible spectrum can be created. In an 8-bit gif image, there
19
can be 28 = 256 colors and in a 24-bit bitmap, there can be 224 = 16777216 colors. Large
images are most desirable for steganography because they have the most space to hide
data in. The best quality hidden image is normally produced using a 24-bit bitmap as a
cover image. Each byte corresponding to one of the three colors and each three-byte
value fully describes the color and luminance values of one pixel. The cons to large
images are that they are cumbersome to both transfer and upload, while running a larger
chance of drawing an “attacker’s” attention due to their uncommon size. As a result,
compression is often used. There are two common compression techniques used to shrink
the file size of a bitmap.
GIF
The first is the GIF (Graphics Interchange Format) format, which will decrease the
number of bits used to represent each pixel from 24 to 8. This is a lossless compression
technique and the data hidden in the message can be recovered without a problem.
JPEG
The JPEG (Joint Photographic Experts Group) is a form of lossy compression. It does a
very nice job of decreasing the file size of the image and retaining a great deal of its
quality. The JPEG transformation takes eight pixels by eight pixel blocks and performs a
64 bit DCT (Discrete Cosine Transformation) does not compute to exact values. With
continuing transforms, the precision of the calculation is decreased and the amount of
error increases. Two methods used to perform a DCT are the Fast Fourier and wavelet
transforms. The downside to JPEG compression is that it may corrupt hidden data.
Widespread use of digitized information in automated information systems has resulted
in a renaissance for steganography. Information, which provides the ideal vehicle for
steganography, is that which is stored with accuracy far greater than necessary for the
data’s use and display. Image, Postscript, and audio files are among those that fall into
this category, while text, database, and executable code files do not. It has been
demonstrated that a significant amount of information can be concealed in bitmapped
image files with little or no visible degradation of the image. This process, called
20
steganography, is accomplished by replacing the least significant bits in the pixel bytes
with the data to be hidden. Since the least significant pixel bits contribute very little to the
overall appearance of the pixel, replacing these bits often has no perceptible effect on the
image.
To illustrate, consider a 24-bit pixel, which uses 8 bits for each of the red, green, and blue
color channels. The pixel is capable of representing 224 or 16,777,216 color values. If we
use the lower 2 bits of each color channel to hide data, the maximum change in any pixel
would be 26 or 64 color values; a minute fraction of the whole color space. This small
change is invisible to the human eye. To continue the example, an image of 735 by 485
pixels could hold 735*485 * 6 bits/pixel * 1byte/8 bits = 267,356 bytes of data.
It is even possible to embed one image inside another. Further, they assert that visual
inspection of an image prior to its being downgraded is insufficient to prevent
unauthorized flow of data from one security level to a lower one. A number of different
formats are widely used to store imagery including BMP, TIFF, GIF, etc. Several of these
image file formats “palletize” images by taking advantage of the fact that the color
veracity of the image is not significantly degraded to the human observer by drastically
reducing the total number of colors available. Instead of over 16 million possible colors,
the color range is reduced and stored in a table. Each pixel, instead of containing a
precise 24-bit color, stores an 8-bit index into the color table. This reduces the size of the
bitmap by 2/3. When a viewer such as “xv” processes the image for display, the indices
stored at the location of each pixel are used to obtain the colors to be displayed from the
color table. It has been demonstrated that steganography is ineffective when images are
stored using the compression algorithm.
21
Figure2:- Process of embedding data into RGB pixels
Despite the relative ease of employing steganography to covertly transport data in an
uncompressed 24-bit image, lossy compression algorithms based on techniques from
digital signal processing, which are very commonly employed in image handling
systems, pose a severe threat to the embedded data. An excellent example of this is the
ubiquitous Joint Photographic Experts Group (JPEG) compression algorithm, which is
the principle compression technique for transmission and storage of images used by
government organizations. It does a quite thorough job of destroying data hidden in the
least significant bits of pixels.
The basics of embedding: -
Three different aspects in information-hiding systems contend with each other: capacity,
security, and robustness. Capacity refers to the amount of information that can be hidden
in the cover medium, security to an eavesdropper’s inability to detect hidden information,
and robustness to the amount of modification the stego medium can withstand before an
adversary can destroy hidden information. Information hiding generally relates to both
watermarking and steganography. A watermarking system’s primary goal is to achieve a
high level of robustness—that is, it should be impossible to remove a watermark without
degrading the data object’s quality. Steganography, on the other hand, strives for high
22
security and capacity, which often entails that the hidden information is fragile. Even
trivial modifications to the stego medium can destroy it. A classical steganographic
system’s security relies on the encoding system’s secrecy. An example of this type of
system is Roman general who shaved a slave’s head and tattooed a message on it. After
the hair grew back, the slave was sent to deliver the now-hidden message. Although such
a system might work for a time, once it is known, it is simple enough to shave the heads
of all the people passing by to check for hidden messages—ultimately, such a
steganographic system fails. Modern steganography attempts to be detectable only if
secret information is known—namely, a secret key. This is similar to Kerckhoffs’
Principle in cryptography, which holds that a cryptographic system’s security should rely
solely on the key material. For steganography to remain undetected, the unmodified cover
medium must be kept secret, because if it is exposed, a comparison between the cover
and stego media immediately reveals the changes. Information theory allows us to be
even more specific on what it means for a system to be perfectly secure. Christian Cachin
proposed an information-theoretic model for steganography that considers the security of
steganographic systems against passive eavesdroppers. In this model, we assume that the
adversary has complete knowledge of the encoding system but does not know the secret
key. His or her task is to devise a model for the probability distribution PC of all possible
cover media and PS of all possible stego media. The adversary can then use detection
theory to decide between hypothesis C (that a message contains no hidden information)
and hypothesis S (that a message carries hidden content). A system is perfectly secure if
no decision rule exists that can perform better than random guessing. Essentially,
steganographic communication senders and receivers agree on a steganographic system
and a shared secret key that determines how a message is encode in the cover medium.
To send a hidden message, for example, Alice creates a new image with a digital camera.
Alice supplies the steganographic system with her shared secret and her message. The
steganographic system uses the shared secret to determine how the hidden message
should be encoded in the redundant bits. The result is a stego image that Alice sends to
Bob. When Bob receives the image, he uses the shared secret and the agreed on
steganographic system to retrieve the hidden message. Figure shows an overview of the
encoding step; statistical analysis can reveal the presence of hidden content.
23
Requirements of hiding data digitally: -
There are many different protocols and embedding techniques that enable us to hide data
in a given object. However, all of the protocols and techniques must satisfy a number of
requirements so that steganography can be applied correctly.
The following is a list of main requirements that steganography techniques must satisfy: -
• The integrity of the hidden information after it has been embedded inside the stego
object must be correct. The secret message must not change in any way, such as
additional information being added, loss of information or changes to the secret
information after it has been hidden. If secret information is changed during
steganography, it would defeat the whole point of the process.
• The stego object must remain unchanged or almost unchanged to the naked eye. If the
stego object changes significantly and can be noticed, a third party may see that
information is being hidden and therefore could attempt to extract or to destroy it.
• In watermarking, changes in the stego object must have no effect on the watermark.
Imagine if you had an illegal copy of an image that you would like to manipulate in
various ways. These manipulations can be simple processes such as resizing, trimming or
rotating the image. The watermark inside the image must survive these manipulations,
otherwise the attackers can very easily remove the watermark and the point of
steganography will be broken.
• Finally, we always assume that the attacker knows that there is hidden information
inside the stego object.
Figure shows a simple representation of the generic embedding and decoding process in
steganography. In this example, a secret image is being embedded inside a cover image to
produce the stego image.
24
The first step in embedding and hiding information is to pass both the secret message and
the cover message into the encoder. Inside the encoder, one or several protocols will be
implemented to embed the secret information into the cover message. The type of
protocol will depend on what information you are trying to embed and what you are
embedding it in. For example, an image protocol to embed information inside images is
being used.
Figure3: - Generic process of encoding and decoding
A key is often needed in the embedding process. This can be in the form of a public or
private key so you can encode the secret message with your private key and the recipient
can decode it using your public key. In embedding the information this way, you can
reduce the chance of a third party attacker getting hold of the stego object and decoding it
to find out the secret information.
25
In general the embedding process inserts a mark, M, in an object, I. A key, K, usually
produced by a random number generator is used in the embedding process and the
resulting marked object, Ĩ, is generated by the mapping: I x K x M → Ĩ.
Having passed through the encoder, a stego object will be produced. A stego object is the
original cover object with the secret information embedded inside. This object should
look almost identical to the cover object as otherwise a third party attacker can see
embedded information. Having produced the stego object, it will then be sent off via
some communications channel, such as email, to the intended recipient for decoding. The
recipient must decode the stego object in order for them to view the secret information.
The decoding process is simply the reverse of the encoding process. It is the extraction of
secret data from a stego object.
In the decoding process, the stego object is fed in to the system. The public or private key
that can decode the original key that is used inside the encoding process is also needed so
that the secret information can be decoded. Depending on the encoding technique,
sometimes the original cover object is also needed in the decoding process. Otherwise,
there may be no way of extracting the secret information from the stego object. After the
decoding process is completed, the secret information embedded in the stego object can
then be extracted and viewed. The generic decoding process again requires a key, K, this
time along with a potentially marked object, Ĩ’. Also required is either the mark, M,
which is being checked for or the original object, I, and the result will be either the
retrieved mark from the object or indication of the likelihood of M being present in Ĩ.
• Private Marking Systems: -
Private marking systems can be divided further into different types but all require the
original image. Type I systems use I to help locate the mark in Ĩ’ and output the mark.
Type II systems also require M and simply give a yes or no answer to the question “does
Ĩ’ contain the mark M?” This can be seen as a mapping: Ĩ’ x I x K x M → {0, 1}. Semi-
private marking systems work like Type II except they don’t require the original image
and simply answer the same question through the mapping: Ĩ’ x K x M → {0, 1}.
26
Private marking systems reveal little information and require the secret key in order to
detect the mark. Many current systems fall into this category and they are often used to
prove ownership of material in court.
• Public Marking Systems (Blind Marking): -
Public marking systems do not require either I or M but extract n bits from Ĩ’ which
represents the mark: Ĩ’ x K → M. Public marking systems have a wider range of
applications and the algorithms can often be used in private systems.
• Asymmetric Marking Systems (Public Key Marking): -
Asymmetric marking systems allow any user to read the mark but prevent them from
removing it
Types of steganography: -
Steganography can be split into two types, these are Fragile and Robust. The following
section describes the definition of these two different types of steganography.
• Fragile:-
Fragile steganography involves embedding information into a file which is destroyed if
the file is modified. This method is unsuitable for recording the copyright holder of the
file since it can be so easily removed, but is useful in situations where it is important to
prove that the file has not been tampered with, such as using a file as evidence in a court
of law, since any tampering would have removed the watermark. Fragile steganography
techniques tend to be easier to implement than robust methods.
• Robust: -
Robust marking aims to embed information into a file, which cannot easily be destroyed.
Although no mark is truly indestructible, a system can be considered robust if the amount
of changes required to remove the mark would render the file useless. Therefore the mark
should be hidden in a part of the file where its removal would be easily perceived.
27
There are two main types of robust marking. Fingerprinting involves hiding a unique
identifier for the customer who originally acquired the file and therefore is allowed to use
it. Should the file be found in the possession of somebody else, the copyright owner can
use the fingerprint to identify the customer violating the license agreement by distributing
a copy of the file. Unlike fingerprints, watermarks identify the copyright owner of the
file, not the customer. Whereas fingerprints are used to identify people who violate the
license agreement watermarks help with prosecuting those who have an illegal copy.
Ideally fingerprinting should be used but for mass production of CDs, DVDs, etc it is not
feasible to give each disk a separate fingerprint. Watermarks are typically hidden to
prevent their detection and removal, they are said to be imperceptible watermarks.
However this need not always is the case. Visible watermarks can be used and often take
the form of a visual pattern overlaid on an image. The use of visible watermarks is
similar to the use of watermarks in non-digital formats (such as the watermark on British
money).
The palette and composition of the image also contribute to how well the stegotool does
its job. An image with gradual color gradients or in grayscale is the best for stenography
because it is easier to insert small “errors” in. The changes also appear more gradually
and as a result are less likely to be detected. Observe the different color palettes below
and how the one on the left changes gradually and is more suitable for a cover image than
the one on the right
28
Figure4: Palette gradients
It is also important to use images that do not contain large blocks of a solid color, as the
changed bits in the solid area are easier to detect.
There are three main ways to conceal the secret message/image. The first way is straight
insertion where you just put the message into the cover image. The next way requires
some analysis to find the variations in color and it puts the message in those areas where
it is less likely to be detected. The last way is to randomly insert the message into the
image.
Essentially, the information-hiding process in a steganographic system starts by
identifying a cover medium’s redundant bits (those that can be modified without
destroying that medium’s integrity).The embedding process creates a stego medium by
replacing these redundant bits with data from the hidden message. Modern
steganography’s goal is to keep its mere presence undetectable, but steganographic
systems— because of their invasive nature—leave behind detectable traces in the cover
medium. Even if secret content is not revealed, the existence of it is: modifying the cover
medium changes its statistical properties, so eavesdroppers can detect the distortions in
the resulting stego medium’s statistical properties. The process of finding these
distortions is called statistical steganalysis.
29
LSB: -
First we will investigate least significant bit insertion, where you literally put the
information in the least significant bits of an image. This is a simple technique but the
down side is that the message is very susceptible to information loss when using lossy
compression techniques. We will now go over an example that involves inserting an A
into 3 pixels of a 24-bit image. Here is the original raster data:
(00100111 11101001 11001000)
(00100111 11001000 11101001)
(11001000 00100111 11101001)
The binary value of A is 10000011 and encoding A into the last bits of this 3 pixel
sequence will change the above sequence to:
(00100111 11101000 11001000)
(00100110 11001000 11101000)
(11001000 00100111 11101001)
Notice that only the underlined bits had to be changed in order to create the A. On the
average only have of the bits would have to be changed in an LSB (Least Significant Bit)
encoding scheme. With such a small variation in the colors it would be very difficult for
the human eye to discern the difference. Next we will do least bit insertion with an 8 bit
value. Since 8 bit values can only have a maximum of 256 colors the image must be
chosen much more carefully. Consider a palette with four colors: white, red, blue, and
green, which have the palette position entries of 0(00), 1(01), 2(10) and 3(11)
respectively. The values of four adjacent pixels with colored white, white, blue, blue
(00 00 10 10). We will try and hide the decimal number 10 represented in binary as 1010.
The resulting raster is: 01 00 11 10, which corresponds to red, white, and green, blue.
30
These large changes in the image are very noticeable in a color image although an 8 bit
grey scale image will produce relatively good results. There are multiple tools that
implement LSB. One tool, EzStego can change around the palate to lessen the frequency
of adjacent colors with too strong of a contrast. S-Tools tries to approximate the cover
image by changing around the palette to make the difference between bits only one and
sometimes causes very noticeable shifts in the palette.
Masking and filtering techniques are mostly used on 24 bit and grey scale images. They
hide info in a way similar to watermarks on actual paper and are sometimes used as
digital watermarks. Masking images entails changing the luminance of the masked area.
The smaller the luminance change, the less of a chance that it can be detected.
Stego-images (images that have been manipulated by steganographic methods) that are
masked will keep a higher fidelity than LSB through compression, cropping and some
image processing. The reason that a stego image encoded with masking degrades less
under JPEG compression is that the secret message is hid in the significant areas of the
picture. There is a tool called JPEG – J steg that takes advantage of the compression of
JPEG while trying to keep high message fidelity. The program takes a secret message and
a lossless cover image as input and outputs a stego image in JPEG format.
Even though stego-images can rarely be spotted by the naked eye, they usually leave
behind some type of fingerprint or statistical hint that they have been modified. It is those
discrepancies, which an analysis tool may be able to detect. Since some techniques and
their effects are commonly known, a statistical analysis of an image can be performed to
check for a hidden message(s) in it. The simplest technique is to measure the entropy of
redundant data and check if its statistical properties have deviated from the data collected
from the original image. Since we do not always have the unaltered cover image readily
available a detection system can compare the amount of 1’s and 0’s to detect the presence
of a stego-image. A similar method of analysis can be used for JPEG’s but the
coefficients of the DCT are looked at instead of individual bits. Yet another method is to
31
create a new color and sort the palette of the image and look for statistical anomalies that
way. These simple methods do not conclusively prove that there is a secret message but is
merely the first step. After a suspected image is found then a dictionary attack must be
conducted to verify that there is a hidden message.
Discrete cosine transform:-
For each color component, the JPEG image format uses a discrete cosine transform
(DCT) to transform successive 8 * 8 pixel blocks of the image into 64 DCT coefficients
each. The DCT coefficients F(u, v) of an 8 * 8 block of image pixels f(x, y) are given by
Where C (x) = 1/ when x equal 0 and C (x) = 1 otherwise. Afterwards, the following
operation quantizes the coefficients:
Where Q (u, v) is a 64-element quantization table.
32
As the above algorithm runs, it sequentially replaces the least-significant bit of discrete
cosine transform (DCT) coefficients with message data. It does not require a shared
secret.
We can use the least-significant bits of the quantized DCT coefficients as redundant bits
in which to embed the hidden message. The modification of a single DCT coefficient
affects all 64-image pixels. In some image formats (such as GIF), an image’s visual
structure exists to some degree in all the image’s bit layers. Steganographic systems that
modify least-significant bits of these image formats are often susceptible to visual
attacks. This is not true for JPEGs. The modifications are in the frequency domain
instead of the spatial domain, so there are no visual attacks against the JPEG image
format. The human eye cannot detect which image holds steganographic content.
Sequential: -
Derek Upham’s JSteg was the first publicly available steganographic system for JPEG
images. Its embedding algorithm sequentially replaces the least-significant bit of DCT
coefficients with the message’s data. The algorithm does not require a shared secret; as a
result, anyone who knows the steganographic system can retrieve the message hidden by
JSteg. Andreas Westfeld and Andreas Pfitzmann noticed that steganographic systems that
change least-significant bits sequentially cause distortions detectable by steganalysis.
They observed that for a given image, the embedding of high-entropy data (often due to
encryption) changed the histogram of color frequencies in a predictable way. In the
simple case, the embedding step changes the least-significant bit of colors in an image.
33
The colors are addressed by their indices i in the color table; we refer to their respective
frequencies before and after embedding as ni and ni *. Given uniformly distributed
message bits, if n2i > n2i+1, then pixels with color 2i are changed more frequently to
color 2i + 1 than pixels with color 2i + 1 are changed to color 2i. As a result, the
following relation is likely to hold:
In other words, embedding uniformly distributed message bits reduces the frequency
difference between adjacent colors. The same is true in the JPEG data format. Instead of
measuring color frequencies, we observe differences in the DCT coefficients’ frequency..
We see a reduction in the frequency difference between coefficient –1 and its adjacent
DCT coefficient –2.
Westfeld and Pfitzmann used a χ2-test to determine whether the observed frequency
distribution yi in an image matches a distribution yi * that shows distortion from
embedding hidden data. Although we do not know the cover image, we know that the
sum of adjacent DCT coefficients remains invariant, which lets us compute the expected
distribution yi * from the stego image. Letting ni be the DCT histogram, we compute the
arithmetic mean to determine the expected distribution and compare it against the
observed distribution.
.
The χ2 value for the difference between the distributions is given as:-
34
Where ν are the degrees of freedom—that is, one less than the number of different
categories in the histogram. It might be necessary to sum adjacent values from the
expected distribution and the observed distribution to ensure that each category has
enough counts. Combining two adjacent categories reduces the degrees of freedom by
one. The probability p that the two distributions are equal is given by the complement of
the cumulative distribution function,
Where Γ is the Euler Gamma function.
The probability of embedding is determined by calculating p for a sample from the DCT
coefficients. The samples start at the beginning of the image; for each measurement the
sample size is increased.
Pseudo random: -
Outguess 0.1 (created by one of us, Niels Provos) is a steganographic system that
improves the encoding step by using a pseudo-random number generator to select DCT
coefficients at random. The least-significant bit of a selected DCT coefficient is replaced
with encrypted message data. The χ2-test for JSteg does not detect data that is randomly
distributed across the redundant data and, for that reason, it cannot find steganographic
content hidden by Outguess 0.1. However, it is possible to extend the χ2- test to be more
sensitive to local distortions in an image. Two identical distributions produce about the
same χ2 values in any part of the distribution. Instead of increasing the sample size and
35
applying the test at a constant position, we use a constant sample size but slide the
position where the samples are taken over the image’s entire range. Using the extended
test, we can detect pseudo-randomly distributed hidden data. Given a constant sample
size, we take samples at the beginning of the image and increase the sample position by 1
percent for every χ2 calculation. We then take the sum of the probability of embedding
for all samples. If the sum is greater than the detection threshold, the test indicates that an
image contains a hidden message. To find an appropriate sample size, we select an
expected distribution for the extended χ2-test that should cause a negative test result.
Instead of calculating the arithmetic mean of coefficients and their adjacent ones, we take
the arithmetic mean of two unrelated coefficients,
A binary search on the sample size helps find a value for which the extended χ2-test does
not show a correlation to the expected distribution derived from unrelated coefficients.
36
As the above algorithm runs, the algorithm replaces the least-significant bit of pseudo-
randomly selected discrete cosine transform (DCT) coefficients with message data.
Subtraction: -
Steganalysis successfully detects steganographic systems that replace the least-significant
bits of DCT coefficients. Let’s turn now to Andreas Westfield’s steganographic system,
F5.Instead of replacing the least-significant bit of a DCT coefficient with message data,
F5 decrements its absolute value in a process called matrix encoding. As a result, there is
no coupling of any fixed pair of DCT coefficients, meaning the χ2-test cannot detect F5.
Matrix encoding computes an appropriate (1, (2k – 1), k) Hamming code by calculating
the message block size k from the message length and the number of nonzero non-DC
coefficients. The Hamming code (1, 2k– 1, k) encodes a k-bit message word m into an n-
bit code word with n = 2k – 1. With matrix encoding, embedding any k-bit message into
any n-bit code word changing it at most by one bit. In other words, we can find a suitable
code word a′ for every code word a and every message word m so that m = f (a′) and d (a,
a′) ≤ 1. First, the DCT coefficients are permuted by a keyed pseudo-random number
generator (PRNG), and then arranged into groups of n while skipping zero and DC
coefficients. The message is split into k-bit blocks. For every message block m, we get an
n-bit code word a by concatenating the least significant bit of the current coefficients’
absolute value. If the coefficient becomes zero, shrinkage happens, and it is discarded
from the coefficient group. The group is filled with the next nonzero coefficient and the
process repeats until the message can be embedded.
Statistics-aware embedding: -
So far, we have presented embedding algorithms that overwrite image data without
directly considering the distortions that the embedding caused. Let’s look at a framework
for an embedding algorithm that uses global image statistics to influence how coefficients
should be changed. To embed a single bit, we can either increment or decrement a DCT
coefficient’s value. This lets us change a DCT coefficient’s least-significant bit in two
different ways. Additionally, we create groups of DCT coefficients and use the parity1 of
37
their least-significant bits as message bits to further increase the number of ways to
embed a single bit. For every DCT block, we search the space of all possible changes to
find a configuration that minimizes the change to image statistics. Currently, we search
for solutions that maintain the blockiness, the block variance, and the coefficient
histogram.
Benefits of Steganography: -
Steganography offers many benefits to society with a large variety of virtuous
applications - it enables communication with a high-level of privacy, provides a safe
repository for business trade secrets, and scores of applications exist for its use on the
internet (it is specifically used for watermarking copyright-protected data). Ho et al
discuss the necessity of digital steganography in various ecommerce applications. Digital
watermarking (used for copyright protection), digital signature authentication (for
validation of electronic documents) and digital data storage and linkage (for binding
digitized photographs with personal attribute information) are all legitimate and valuable
uses of this technique.
Digital Watermarking: - The Internet is a tricky medium for making sure that intellectual
property rights are not violated. One mechanism, which offers some sort of protection to
the copyright holder, is digital watermarking. It enables one to embed either a text or
image watermark (which identifies ownership) over the digitized data, and make it
irremovable and if needs be, invisible.
StegMark is one that is currently available on the market and used for such applications.
Anderson and Petitcolas note that the publishing and broadcasting industries have seen
the use of this technology as a boon to alleviate the fear of the ease of reproduction and
digital distribution over the Internet. This process of steganography makes the
concealment of copyright marks and serial numbers in digital films, audio recordings,
38
books and multimedia products possible. Bender et al explores the less common
legitimate application of anticounterfeiting, made possible by the use of steganography,
or to be more specific, digital watermarks. The massive advances in ink-jet printers and
scanners have provided a perfect mechanism to reproduce high-quality colour copies of
any original document. Criminally minded individuals use such technology to engage in
the creation of counterfeit currency or other valuable documents which look like the ‘real
thing’ if not examined by a professional. By embedding a digital signature into a
document or currency note, this can be detected by a printer (that is obviously
programmed to detect such elements) that can then refuse to complete the print job and
provide an appropriate warning to the perpetrator. It thus means that counterfeiters would
be discouraged from engaging in this illegal activity.
Digital Signature Authentication: -
Steganography can be applied to prevent devious interference with private and
confidential documents. Emails, letters or company memos are often embedded with a
digital signature and a multimedia container password. If the document is tampered with,
this will be detected, and the receiver will immediately be notified of the interference (Ho
et al, 1999). StegSign is one registered brand of software, which provides such digital
signature authentication.
Digital Linkage and Storage: -
StegSafe provides a mechanism to link a digital image with attribute text information.
Personal information such as medical history, law enforcement records and other details
could be linked to digitized copies of ID photos. It is important that the integrity of the
data is maintained, and thus vital to know if details have been modified by an intruder.
Using steganography to link the image and this personal information allows the database
administrator to be notified if any modifications have taken place (Ho et al, 1999).Many
researchers believe the use of steganography has been invaluable in electronic commerce,
and without such high-level encryption, many believe that electronic commerce would
never have taken off like it has.
39
The threats of steganography:-
The use of the technique of steganography, however, presents certain worrying concerns.
One major problem that comes to the fore is that criminals could possibly abuse this tool.
In making this type of encryption technology available to the general public, it means that
criminals too can plot, scheme and plan devious and malicious actions without anyone
being aware. Despite attempts in the US at regulation, the fact, which always remains
constant, is that technology is too pervasive and powerful for governments to simply ban
only the criminals from using these types of computerized tools. Steganography is being
used to aid criminal activities the world over. DeQuendre found that this type of
mechanism is being used to an even greater degree in European countries, such as France,
Germany and England, where encryption is significantly restricted for common use.
Seargent Doyle of the Computer Investigations and Technology department of the New
York Police said at a Computer Security Institute conference held in 1998 that
“steganography and cryptography are increasingly the methods being used by those with
nefarious intentions” (cited in DeQuendre, 1998).
Cryptographic and Steganographic Applications: - Today’s steganographic methods
primarily use image or audio files to hide encrypted data, thus enhancing overall security.
Encrypted data on its own can attract the attention of hackers through its mere existence;
however, if it is embedded in seemingly innocuous image or audio files, no attempts will
be made to break the code or to obtain the secret key. Using steganographic techniques,
the information that needs to be concealed is dispersed within the least significant bits of
a carrier file (e.g., image or audio file), which serves as a hiding place. It is important that
the carrier files not lose their actual appearance during the embedding process. Most
suitable are digital files with 24-bit color depth, which uses three bytes per dot. Since the
secret information is distributed within the least significant bit of each dot, the human eye
from the image containing the embedded data cannot distinguish the original image. The
format of the image is also critical. It’s important to ensure that the type of compression
used doesn’t cause a loss of data. GIF and BMP files can safely be used for
steganography. While gray-scale images are readily usable, embedding information in
265-color images is only advisable if the colors are right next to each other in the palette
40
Otherwise, the appearance of the image will be noticeably changed. Certain
steganographic programs, such as the Steganos Security Suite, enable users to create
suitable image or audio files, or to search their computers for available files. The
increasing use of the Internet has necessitated the development of user-friendly and
highly secures forms of data protection for private users, as well as for companies.
Potential dangers continue to be posed by hackers and virus attacks, which are politically,
socially, technologically or financially motivated. While the encrypting of credit card
numbers has become standard practice for the majority of online businesses, e-mail and
file security is still a largely unaddressed issue. Basic encryption programs have
enhanced data security at only a few large companies. Such programs also can also be of
service to individual users who wants to make sure that their e-mail messages and
personal or financial files stay private and secure. A related technique called
watermarking is applicable to the field of copyrighting. With the help of steganographic
techniques, image and audio files can be furnished with a watermark. The use of digital
watermarks does not prevent unauthorized copying of data; however, it helps to answer
the question of who the original author is.
Digital watermarks serve as an acceptable piece of evidence in court. As with many other
tools, steganography and cryptography can be used for good, as well as for bad purposes.
Encryption technologies can help prevent industrial espionage. On the other hand,
steganography and cryptography can potentially be used for subversive activities. One
good example is the terrorist, who allegedly used steganography in chat rooms, bulletin
boards and on Web sites to disseminate maps and photographs of targets for terrorist
attacks, as well as precise instructions to his followers. Several experts have since sought
to disprove these allegations, however, based on a lack of definitive proof. While certain
elements of the U.S. government and population have recently called for restrictions or
an outright ban on encryption and steganography products, other groups argue that this
would be counter-productive, undemocratic and not effectively enforceable. They also
point out that criminals would continue to use the technology if it were outlawed.
41
While in the past, cryptography and steganography were mainly used for military
purposes; today they are increasingly being used within the private sector. Even home
users are becoming aware of the importance of protecting sensitive data from prying
eyes. Those who opt to protect their data can choose from several methods, some of
which are more complicated than others. Overall, however, general awareness of data
security, especially among private citizens, is still not widespread. Many computer and
Internet users are still satisfied with the sheer basics of protection, for example the use of
virus protection software. These same people prefer writing e-mail instead of postal
letters, seemingly unaware of the fact that an unencrypted e-mail can be read just as
easily as a postcard. Thus, many of the commercial solutions that have been developed to
protect private as well as business data remain unused.
42
Chapter 3:Problem Formulation, Simulation and Testing
Steganography is a high-level type of encryption, and its use results in a mechanism to
implement two of the five key pillars of information security, namely confidentiality and
integrity. The confidentiality of the hidden message is protected due to it being
unrecognizable in its hidden and encrypted form both in the place of storage and during
transmission. Any interceptor would not be aware of the secret message. Only authorized
people would know of its existence and would be able to decrypt the secret message with
the known password. The encrypting of the concealed message protects the integrity of
the data. It must be stressed that the unique feature of steganography is largely to be
attributed to the potential for use in IT security. Not only is the secret message encrypted,
but it is also hidden behind an image, text or music file, making it invisible to ordinary
interceptors.
In this case the data is hidden in the picture in the places where there is non-availability
of pixels (i.e. RGB values zero). In this method of steganography the data is embedded in
the image randomly depending on the picture. It is more beneficial as compared to
sequential type of steganography as in the former case the data is embedded sequentially
in the picture, which increases the probability of hacking. In the pseudo random method
the data is embedded randomly on the encryption side for transmission through the
communication channel. Once the data is embedded on the picture, the picture carrying
the data is sent through the channel so as to receive the same.
Once the data get embedded in the picture, the picture is sent through the channel to the
receiving end so as to retrieve the original data. On the encryption side the data (secret
message is encrypted into the picture. On the decryption side the data is decrypted from
the picture in order to get the original secret message.
43
Simulation and testing: -
Secret message: - INDIA is great~
In the developed code for the pseudo random encryption the secret message is to end with
a tilde sign. (This may act as a key for the message transmission)
Original picture: -
Figure5: - Original picture
Once the secret message is saved, and then the encryption executable file is run in order
to randomly embed the data on the picture.
44
Figure6:- Image after embedding the data into it
This encoded data in the picture is then sent through the channel to the receiver end.
Once the data is obtained at the receiving side the decryption algorithm retrieves the
original information from the picture.
Decoded Text: - INDIA is great
This is the whole procedure of sending message through communication channel using
steganography. The message gets encrypted in the picture on the sending side and on the
receiving side the same original message is decrypted using decryption algorithm.
45
Chapter 5:Results and Discussions
In this particular algorithm of steganography it is seen that the algorithm replaces the
least-significant bit of pseudo-randomly selected discrete cosine transform (DCT)
coefficients with message data. The concept of pseudo randomly results in the encryption
of the data which does not detect data that is randomly distributed across the redundant
data and, for that reason, it cannot find steganographic content hidden by OutGuess 0.1
(Pseudorandom). In case of sequential steganographic algorithm the embedding step
changes the least-significant bit of colors in an image. The colors are addressed by their
indices i in the color table; we refer to their respective frequencies before and after
embedding as ni and ni *.In other words, embedding uniformly distributed message bits
reduces the frequency difference between adjacent colors. The same is true in the JPEG
data format. Instead of measuring color frequencies, we observe differences in the DCT
coefficients’ frequency. It is shown that histogram before and after a hidden message is
embedded in a JPEG image. We see a reduction in the frequency difference between
coefficient –1 and its adjacent DCT coefficient –2.This reduction in the frequency results
in vulnerability of the data in the picture i.e the probability of the information to get
hacked increases.
Limitations:-
There are limitations on the use of steganography. As with encryption, if Alice wants to
communicate secretly with Bob they must first agree on the method being used.
Demeratus, a Greek at the Persian court, sent a warning to Sparta about an imminent
invasion by Xerxes by removing the wax from a writing tablet, writing the message on
the wood and then covering it in wax again. The tablet appeared to be blank and fooled
the customs men but almost fooled the recipient too since he was unaware that the
46
message was being hidden. With encryption, Bob can be reasonably sure that he has
received a secret message when a seemingly meaningless file arrives. It has either been
corrupted or is encrypted. It is not so clear with hidden data; Bob simply receives an
image, for example, and needs to know that there is a hidden message and how to locate
it.
Another limitation is due to the size of the medium being used to hide the data. In order
for steganography to be useful the message should be hidden without any major changes
to the object it is being embedded in. This leaves limited room to embed a message
without noticeably changing the original object.
This is most obvious in compressed files where many of the obvious candidates for
embedding data are lost. What is left is likely to be the most perceptually significant
portions of the file and although hiding data is still possible it may be difficult to avoid
changing the file.
Attacks: - Information hiding techniques still suffer from several limitations leaving
them open to attack and robustness criteria vary between different techniques. Attacks
can be broadly categorized although some attacks will fit into multiple categories.
• Basic Attacks: Basic attacks take advantage of limitations in the design of the
embedding techniques. Simple spread spectrum techniques, for example, are able to
survive amplitude distortion and noise addition but are vulnerable to timing errors.
Synchronization of the chip signal is required in order for the technique to work so
adjusting the synchronization can cause the embedded data to be lost. It is possible to
alter the length of a piece of audio without changing the pitch and this can also be an
effective attack on audio files.
• Robustness Attacks: Robustness attacks attempt to diminish or remove the presence of a
watermark. Although most techniques can survive a variety of transformations,
compression, noise addition, etc they do not cope so easily with combinations of them or
with random geometric distortions. If a series of minor distortions are applied the
47
watermark can be lost while the image remains largely unchanged. What changes have
been made will likely be acceptable to pirates who do not usually require high quality
copies. Since robustness attacks involve the use of common manipulations, they need not
always be malicious but could just be the result of normal usage by licensed users.
Protecting against these attacks can be done by anticipating which transformations pirates
are likely to use. Embedding multiple copies of the mark using inverse transformations
can increase the resistance to these attacks. However, trying to guess potential attacks is
not ideal. The use of benchmarking for evaluating techniques could help to determine
how robust the technique is. StirMark is a tool which applies minor geometric distortions,
followed by a random low frequency deviation based around the centre of the image and
finally a transfer function to introduce error into all sample values similar to the effects of
a scanner. StirMark can serve as a benchmark for image watermarking.
If the echo can be detected then it can be removed by inverting the formula used to add it.
The difficult part is detecting the echo without any knowledge of the original or the echo
parameters. This problem is known as ‘blind echo cancellation’. Finding the echo can be
done using a technique called cepstrum analysis. Other attacks will attempt to identify the
watermark and then remove it. This technique is particularly applicable if the marking
process leaves clues that help the attacker gain information about the mark. For example
an image with a low number of colors, such as a cartoon image, will have sharp peaks in
the color histogram. Some marking algorithms split these and the twin peaks attack takes
advantage of this to identify the marks which can then be removed
• Presentation Attacks: Presentation attacks modify the content of the file in order to
prevent the detection of the watermark. The mosaic attack takes advantage of size
requirements for embedding a watermark. In order for the marked file to be the same size
as the original the file must have some minimum size to accommodate the mark. By
splitting the marked file into small sections the mark detection can be confused. Many
web browsers will draw images together with no visible split enabling the full image to
be effectively restored while hiding the mark. If the minimum size for embedding the
mark is small enough the mosaic attack is not practical. This attack can defeat web
48
crawlers which download pictures from the Internet and check them for the presence of a
client’s watermark.
• Implementation Attacks: As with other areas in computer security the implementation
of a marking system can provide more opportunities for attack than the marking
technique itself. If the mark detection software is vulnerable it may be possible for
attackers to deceive it. Digimarc, one of the most widely used picture marking schemes
was attacked using a weakness in the implementation. Users register an ID and password
with the marking service. A debugger was used to break into the software which checks
these passwords and disable the checking. The attacker can change the ID and this will
change the mark of already marked images. The debugger also allowed bypassing of
checks to see if a mark already existed and therefore allowed marks to be overwritten.
There is a general attack on mark readers which explores an image on the boundary
between no mark having been found and one being detected. An acceptable copy of the
image can be iteratively generated which does not include the mark. Clearly the software
used to implement steganographic techniques needs to be secure and ideas from other
areas of computer security can be used to ensure this.
When steganography is used to hide messages, a certain level of distortion and
degradation may occur in the carrier; however, it might not be easily detected by the
human eye. Comparing the distortion and degradation and space considerations to a
“normal” image could make possible the detection of whether steganographic content
exists or not. What makes steganalysis (the distinguishing and deciphering of messages
with steganographic content) very difficult is not knowing which steganographic tool was
used, and not knowing the stegokey (or encryption password).
Despite the potential uses of steganography to aid criminals in their communication, it
also has many useful applications which are necessary in the growing digitized and
electronic world in which we operate. While some security professionals foresee doom
and gloom with regards to steganography in the future, others see it as merely a phase of
49
technology. It is considered that the future of steganography will be a function of the
evolution and limitations of imaging technology. It is argued that “steganography won’t
evolve very much as it has reached its plateau”. As steganography consumes images to
the fullest, he believes that hiding minimal amounts of information is useless.
50
CONCLUSION & FUTURE SCOPE
CONCLUSION:-
As steganography becomes more widely used in computing there are issues that need to
be resolved. There are a wide variety of different techniques with their own advantages
and disadvantages. Many currently used LSB techniques are not robust enough to prevent
detection and removal of embedded data. The use of benchmarking to evaluate
techniques should become more common and a more standard definition of robustness is
required to help overcome this. The pseudo random method should be employed in order
to make the data more secure.
Peticolas et al. propose a definition of robust similar to that being used by the music
industry. For a system to be considered robust it should have the following properties:
• The quality of the media should not noticeably degrade upon addition of a mark.
• Marks should be undetectable without secret knowledge, typically the key.
• If multiple marks are present they should not interfere with each other.
• The marks should survive attacks that don’t degrade the perceived quality of the work.
As it is observed that in the simple case, the embedding step changes the least-significant
bit of colors in an image. In other words, embedding uniformly distributed message bits
reduces the frequency difference between adjacent colors. The probability of embedding
is determined by calculating p for a sample from the DCT coefficients. The samples start
at the beginning of the image; for each measurement the sample size is increased. The
high probability at the beginning of the image reveals the presence of a hidden message;
the point at which the probability drops indicates the end of the message. In case of
pseudo random it basically improves the encoding step by using a pseudo-random
51
number generator to select DCT coefficients at random. The least-significant bit of a
selected DCT coefficient is replaced with encrypted message data. We improve the
detection rate by using a heuristic that eliminates coefficients likely to lead to false
negatives. Since the pseudo random method improves the encoding step it results in a
better encryption than the prevalent staganographic techniques.
As attacks are found that work against existing techniques, it is likely that new techniques
will be developed that overcome these deficiencies. The continuing use of digital media
will drive development of new techniques and standards for watermarking are likely to be
developed. Meanwhile the pseudo random techniques of steganography used to embed
material will improve as they continue to try and prevent the misuse of steganography.
52
FUTURE SCOPE:-
The emerging mainstream view in IT is that steganography provides yet another
mechanism of cryptography. Clearly the use of steganography is largely an American
concern at present. It does however pose a potential international problem as the internet
operates on a global level. The proliferation of freely available steganographic software
and its detrimental applications do send warning signals in the uncertain and criminally-
active climate in which we operate today. It becomes clear that it is not a security
mechanism to be ignored or avoided – its use could result in serious ramifications and it
desperately needs to be considered by all stakeholders from every angle. There seems
to be vast possibilities for the use of steganography in industrial espionage – getting
information out of organizations without anyone being aware.
Another aspect of this field is Steganalysis which is still in its infancy stages, although
promises to be a reckoning force in the future. One can only hope that steganalysis
research is successful, as criminals might then be reluctant to use this technological
mechanism for fear of being discovered.
For the transmitter, the cover image is not strictly speaking noise, because the transmitter
has exact knowledge of the cover image; for the receiver, it is more accurate to call the
cover image noise. Finally, finding examples of strong public key watermarking schemes,
and another steganographic schemes based on pseudo random methods or proving the
non-existence of such schemes, is the most significant open problem posed by this work.
53
References:-
[1] C. Cachin, “An Information-Theoretic Model for Steganography”, Proceedings of 2nd
Workshops on Information Hiding, MIT Laboratory for Computer Science, May 1998
[2] R. Popa, An Analysis of Steganographic Techniques, The "Politehnica" University of
Timisoara, Faculty of Automatics and Computers, Department of Computer Science and
Software, http://ad.informatik.uni-freiburg.de/mitarbeiter/will/dlib_bookmarks/digital-
watermarking/popa/popa.pdf, 1998
[3] Herodotus, The Hisories, and chap. 5 - The fifth book entitled Terpsichore, 7 - The
seventh book entitled Polymnia, J. M. Dent & Sons, Ltd, 1992
[4] Second Lieutenant J. Caldwell, Steganography, United States Air Force,
http://www.stsc.hill.af.mil/crosstalk/2003/06/caldwell.pdf, June 2003
[5] F. A. P. Petit colas, R. J. Anderson and M. G. Kuhn, “Information Hiding - A
Survey”, Proceedings of the IEEE, vol. 87, no. 7, pp. 1062-1078, July 1999
[6] BBC News, Piracy blamed for CD sales slump, BBC,
http://news.bbc.co.uk/1/hi/entertainment/new_media/1841768.stm, February 2002
[7] M. Kwan, The Snow Home Page, http://www.darkside.com.au/snow/index.html,
March 2001
[8] Compris Intelligence, TextHide, Compris Intelligence,
http://www.compris.com/TextHide/en/
[9] P. Wayner, SpamMimic, http://www.spammimic.com, 2003
54
[10]R. Hipschman, The Secret Language, Exploratory,
http://www.exploratorium.edu/ronh/secret/secret.html, 1995
[11] S. Inoue, K. Makino, I. Murase, O. Takizawa, T. Matsumoto and H. Nakagawa, A
Proposal on Information Hiding Methods using XML,
http://takizawa.gr.jp/lab/nlp_xml.pdf
[12] M. D. Swanson, B. Zhu and A. H. Tewfik, “Robust Data Hiding for Images”, IEEE
Digital Signal Processing Workshop, pp. 37-40, Department of Electrical Engineering,
http://www.assuredigit.com/tech_doc/more/Swanson_dsp96_robust_datahiding.pdf,
September 1996
[13] L.Leurs, JPEG, http://www.prepressure.com/techno/compressionjpeg.htm, 2001
[14] A. K. Chao and C.Chao, Robust Digital Watermarking & Data Hiding, Image
Systems Engineering Program, Stanford University,
http://ise.stanford.edu/class/ee368a_proj00/project7/index.html, May 2000
[15] J. Gailly, comp. Compression Frequently Asked Questions (part 2/3), Internet FAQ
Archives, http://www.faqs.org/faqs/compression-faq/part2/, September 1999
[16] National Academy of Sciences, How do Wavelets work?, National Academy of
Sciences, http://www.beyonddiscovery.org/content/view.page.asp?I=1956, 2003
[17] C. Shoemaker, Hidden Bits: A Survey of Techniques for Digital Watermarking,
http://www.vu.union.edu/~shoemakc/watermarking/watermarking.html#watermark-object,
Virtual Union, 2002
[18] J. Corinna, Steganography, Binary Universe,
http://www.binary-universe.de/articles/5/english/steganodotnet5.html, 2003
[19] J. Glatt, MIDI is the language of gods, http://www.borg.com/~jglatt/
55
APPENDIX
using System;using System.Drawing;using System.Collections;using System.ComponentModel;using System.Windows.Forms;using System.Data;using System.Drawing.Imaging;
namespace StegnoGraphyNewTech{
/// <summary>/// Summary description for Form1./// </summary>public class Form1 : System.Windows.Forms.Form{
private System.Windows.Forms.GroupBox groupBox1;private System.Windows.Forms.Label label1;private System.Windows.Forms.PictureBox pictureBox2;private System.Windows.Forms.Label label2;private System.Windows.Forms.Button button1;private System.Windows.Forms.Button button2;private System.Windows.Forms.Button button3;private System.Windows.Forms.Button button4;private System.Windows.Forms.PictureBox p1;private Bitmap m_Bitmap;private System.Windows.Forms.TextBox t1;private System.Windows.Forms.TextBox t2;private System.Windows.Forms.Button button5;private System.Windows.Forms.Label l1;private AxACTIVEVOICEPROJECTLib.AxDirectSS tts;private AxHSRLib.AxVcommand VoiceCmd;private System.Windows.Forms.Label Detect;
private int My_menu;private System.Windows.Forms.Timer Timer1;private System.ComponentModel.IContainer components;
public Form1(){
//// Required for Windows Form Designer support//InitializeComponent();
//
56
// TODO: Add any constructor code after InitializeComponent call
}/// <summary>/// Clean up any resources being used./// <summary>protected override void Dispose( bool disposing )
{if( disposing )
{if (components != null)
{components.Dispose();
}}
base.Dispose( disposing );}
#region Windows Form Designer generated code/// <summary>/// Required method for Designer support - do not modify/// the contents of this method with the code editor./// <summary>private void InitializeComponent()
{this.components = new System.ComponentModel.Container();
System.Resources.ResourceManager resources = new System.Resources.ResourceManager(typeof(Form1));
this.p1 = new System.Windows.Forms.PictureBox();this.groupBox1 = new System.Windows.Forms.GroupBox();this.button5 = new System.Windows.Forms.Button();this.button2 = new System.Windows.Forms.Button();this.button1 = new System.Windows.Forms.Button();this.label2 = new System.Windows.Forms.Label();this.t2 = new System.Windows.Forms.TextBox();this.label1 = new System.Windows.Forms.Label();this.t1 = new System.Windows.Forms.TextBox();this.pictureBox2 = new System.Windows.Forms.PictureBox();this.button3 = new System.Windows.Forms.Button();this.button4 = new System.Windows.Forms.Button();this.l1 = new System.Windows.Forms.Label();this.tts = new AxACTIVEVOICEPROJECTLib.AxDirectSS();this.VoiceCmd = new AxHSRLib.AxVcommand();this.Detect = new System.Windows.Forms.Label();this.Timer1 = new
System.Windows.Forms.Timer(this.components);
57
this.groupBox1.SuspendLayout();
((System.ComponentModel.ISupportInitialize)(this.tts)).BeginInit();((System.ComponentModel.ISupportInitialize)(this.VoiceCmd)).BeginInit();
this.SuspendLayout();// // p1//
this.p1.BorderStyle = System.Windows.Forms.BorderStyle.FixedSingle;
this.p1.Location = new System.Drawing.Point(32, 32);this.p1.Name = "p1";this.p1.Size = new System.Drawing.Size(288, 376);
this.p1.SizeMode = System.Windows.Forms.PictureBoxSizeMode.StretchImage;
this.p1.TabIndex = 0;this.p1.TabStop = false;// // groupBox1// this.groupBox1.Controls.Add(this.button5);this.groupBox1.Controls.Add(this.button2);this.groupBox1.Controls.Add(this.button1);this.groupBox1.Controls.Add(this.label2);this.groupBox1.Controls.Add(this.t2);this.groupBox1.Controls.Add(this.label1);this.groupBox1.Controls.Add(this.t1);this.groupBox1.Font = new System.Drawing.Font("Microsoft Sans
Serif", 8.25F, System.Drawing.FontStyle.Bold, System.Drawing.GraphicsUnit.Point, ((System.Byte)(0)));
this.groupBox1.ForeColor = System.Drawing.Color.Red;this.groupBox1.Location = new System.Drawing.Point(352, 40);this.groupBox1.Name = "groupBox1";this.groupBox1.Size = new System.Drawing.Size(400, 448);this.groupBox1.TabIndex = 3;this.groupBox1.TabStop = false;this.groupBox1.Text = "Hide the Text";// // button5// this.button5.Location = new System.Drawing.Point(168, 368);this.button5.Name = "button5";this.button5.Size = new System.Drawing.Size(80, 23);this.button5.TabIndex = 9;this.button5.Text = "Clear";
58
this.button5.Click += new System.EventHandler(this.button5_Click);
// // button2// this.button2.Location = new System.Drawing.Point(272, 368);this.button2.Name = "button2";this.button2.Size = new System.Drawing.Size(80, 23);this.button2.TabIndex = 8;this.button2.Text = "Extract";this.button2.Click += new
System.EventHandler(this.button2_Click);// // button1// this.button1.Location = new System.Drawing.Point(48, 368);this.button1.Name = "button1";this.button1.Size = new System.Drawing.Size(80, 23);this.button1.TabIndex = 7;this.button1.Text = "Hide";this.button1.Click += new
System.EventHandler(this.button1_Click);// // label2// this.label2.Location = new System.Drawing.Point(40, 104);this.label2.Name = "label2";this.label2.Size = new System.Drawing.Size(104, 23);this.label2.TabIndex = 6;this.label2.Text = "Message";this.label2.Click += new System.EventHandler(this.label2_Click);// // t2// this.t2.Location = new System.Drawing.Point(40, 136);this.t2.Multiline = true;this.t2.Name = "t2";this.t2.Size = new System.Drawing.Size(312, 216);this.t2.TabIndex = 5;this.t2.Text = "";// // label1// this.label1.Location = new System.Drawing.Point(40, 48);this.label1.Name = "label1";this.label1.Size = new System.Drawing.Size(64, 23);
59
this.label1.TabIndex = 4;this.label1.Text = "Key";this.label1.Click += new System.EventHandler(this.label1_Click);// // t1// this.t1.Location = new System.Drawing.Point(136, 48);this.t1.Name = "t1";this.t1.Size = new System.Drawing.Size(200, 20);this.t1.TabIndex = 3;this.t1.Text = "";// // pictureBox2// this.pictureBox2.BackColor =
System.Drawing.Color.FromArgb(((System.Byte)(185)), ((System.Byte)(240)), ((System.Byte)(247)));
this.pictureBox2.BorderStyle = System.Windows.Forms.BorderStyle.FixedSingle;
this.pictureBox2.Location = new System.Drawing.Point(32, 32);this.pictureBox2.Name = "pictureBox2";this.pictureBox2.Size = new System.Drawing.Size(288, 376);this.pictureBox2.TabIndex = 0;this.pictureBox2.TabStop = false;// // button3// this.button3.Location = new System.Drawing.Point(240, 424);this.button3.Name = "button3";this.button3.Size = new System.Drawing.Size(80, 23);this.button3.TabIndex = 8;this.button3.Text = "Load";this.button3.Click += new
System.EventHandler(this.button3_Click);// // button4// this.button4.Location = new System.Drawing.Point(32, 424);this.button4.Name = "button4";this.button4.Size = new System.Drawing.Size(80, 23);this.button4.TabIndex = 9;this.button4.Text = "Save";this.button4.Click += new
System.EventHandler(this.button4_Click);// // l1
60
// this.l1.Location = new System.Drawing.Point(32, 488);this.l1.Name = "l1";this.l1.Size = new System.Drawing.Size(704, 48);this.l1.TabIndex = 10;this.l1.Visible = false;// // tts// this.tts.Enabled = true;this.tts.Location = new System.Drawing.Point(784, 48);this.tts.Name = "tts";this.tts.OcxState = ((System.Windows.Forms.AxHost.State)
(resources.GetObject("tts.OcxState")));this.tts.Size = new System.Drawing.Size(152, 128);this.tts.TabIndex = 11;// // VoiceCmd// this.VoiceCmd.Enabled = true;this.VoiceCmd.Location = new System.Drawing.Point(840, 192);this.VoiceCmd.Name = "VoiceCmd";this.VoiceCmd.OcxState =
((System.Windows.Forms.AxHost.State)(resources.GetObject("VoiceCmd.OcxState")));this.VoiceCmd.Size = new System.Drawing.Size(32, 32);this.VoiceCmd.TabIndex = 14;this.VoiceCmd.Visible = false;this.VoiceCmd.ClickIn += new AxHSRLib._VcommandEvents_ClickInEventHandler(this.VoiceCmd_ClickIn);this.VoiceCmd.CommandRecognize += new AxHSRLib._VcommandEvents_CommandRecognizeEventHandler(this.VoiceCmd_CommandRecognize);this.VoiceCmd.CommandOther += new AxHSRLib._VcommandEvents_CommandOtherEventHandler(this.VoiceCmd_CommandOther);// // Detect// this.Detect.BackColor = System.Drawing.SystemColors.Control;this.Detect.Cursor = System.Windows.Forms.Cursors.Default;this.Detect.Font = new System.Drawing.Font("Arial", 8F,
System.Drawing.FontStyle.Bold, System.Drawing.GraphicsUnit.Point, ((System.Byte)(0)));
this.Detect.ForeColor = System.Drawing.Color.Red;this.Detect.Location = new System.Drawing.Point(368, 8);
61
this.Detect.Name = "Detect";this.Detect.RightToLeft =
System.Windows.Forms.RightToLeft.No;this.Detect.Size = new System.Drawing.Size(136, 17);this.Detect.TabIndex = 13;this.Detect.Text = "<Nothing>";this.Detect.Click += new System.EventHandler(this.Detect_Click);// // Timer1// this.Timer1.Tick += new System.EventHandler(this.Timer1_Tick);// // Form1// this.AutoScaleBaseSize = new System.Drawing.Size(5, 13);
this.BackColor = System.Drawing.Color.FromArgb(((System.Byte)(222)), ((System.Byte)(253)), ((System.Byte)(254)));
this.ClientSize = new System.Drawing.Size(960, 470);this.Controls.Add(this.VoiceCmd);this.Controls.Add(this.Detect);this.Controls.Add(this.tts);this.Controls.Add(this.l1);this.Controls.Add(this.button4);this.Controls.Add(this.button3);this.Controls.Add(this.groupBox1);this.Controls.Add(this.p1);this.Controls.Add(this.pictureBox2);this.Name = "Form1";this.Text = "Stegnography Encoder Decoder";this.Load += new System.EventHandler(this.Form1_Load);this.groupBox1.ResumeLayout(false);
((System.ComponentModel.ISupportInitialize)(this.tts)).EndInit();((System.ComponentModel.ISupportInitialize)
(this.VoiceCmd)).EndInit(); this.ResumeLayout(false);
}#endregion
/// <summary>/// The main entry point for the application./// </summary>[STAThread]
{Application.Run(new Form1());
62
}
private void Form1_Load(object sender, System.EventArgs e){
VoiceCmd.Initialized = 1;
My_menu = VoiceCmd.get_MenuCreate("My Commands", "commands State",
4);
VoiceCmd.CtlEnabled = 1;
VoiceCmd.SuppressExceptions = 1;
VoiceCmd.AddCommand(My_menu, 1, "hello ", "","voice", 0, "");VoiceCmd.AddCommand(My_menu, 2, "this ", "", "voice", 0, "");VoiceCmd.AddCommand(My_menu, 3, "is ", "", "voice", 0, "");VoiceCmd.AddCommand(My_menu, 4, "test", "", "voice", 0, "");VoiceCmd.AddCommand(My_menu, 5, "for ", "", "voice", 0, "");VoiceCmd.AddCommand(My_menu, 6, "a", "", "voice", 0, "");VoiceCmd.AddCommand(My_menu, 7, "to", "", "voice", 0, "");VoiceCmd.AddCommand(My_menu, 8, "apple ", "", "voice", 0, "");VoiceCmd.AddCommand(My_menu, 2, "he ", "", "voice", 0, "");VoiceCmd.AddCommand(My_menu, 3, "man ", "", "voice", 0, "");VoiceCmd.AddCommand(My_menu, 4, "girl ", "", "voice", 0, "");VoiceCmd.AddCommand(My_menu, 5, "boy ", "", "voice", 0, "");VoiceCmd.AddCommand(My_menu, 6, "jump ", "", "voice", 0, "");VoiceCmd.AddCommand(My_menu, 7, "over ", "", "voice", 0, "");VoiceCmd.Activate(My_menu);
}public static bool StegnoGraphy(Bitmap b,string keys,string Msg){
int keyLength = keys.Length;
int msgLength = Msg.Length ; BitmapData bmData = b.LockBits(new Rectangle(0, 0, b.Width,
b.Height), ImageLockMode.ReadWrite, PixelFormat.Format24bppRgb);int stride = bmData.Stride;System.IntPtr Scan0 = bmData.Scan0;
char[] ms= Msg.ToCharArray();
char[] key= keys.ToCharArray(); int r=0;int t=0; bool flg= false;
63
bool flg1 = false;
unsafe{
byte * p = (byte *)(void *)Scan0;int nOffset = stride - b.Width*3;int nWidth = b.Width * 3;for(int y=0;y<b.Height;++y)
{for(int x=0; x < nWidth; ++x )
{try
{int red =p[2];int green = p[1];int s=0;if(r<keyLength)
{s = Convert.ToByte(key[r++]);
p[0]=(byte)s;
}else
{if(flg==false)
{p[0]=0;flg=true;
}else
{
if(t<msgLength){
s = Convert.ToByte(Msg[t++]);p[0]=(byte)s;
}else
{if(flg1==false)
{p[0]=0;flg1=true;
64
}
}
}
}
++p;
}catch(Exception)
{
}}
p += nOffset;}
}
b.UnlockBits(bmData);
return true;}
private void button3_Click(object sender, System.EventArgs e){
open();}
private void open(){
OpenFileDialog openFileDialog = new OpenFileDialog();
//openFileDialog.InitialDirectory = "c:\\" ;openFileDialog.Filter = "All Image Files (JPEG, GIF, BMP, EPS etc.)|*.jpg;*.jpeg;*.gif;*.bmp;*.tif;*.tiff; *.eps;*.png|JPEG files (*.jpg;*.jpeg)|*.jpg;*.jpeg|GIF Files (*.gif)|*.gif|BMP Files (*.bmp)|*.bmp|TIFF Files (*.tif;*.tiff)|*.tif;*.tiff|PNG Files (*.png)|*.png|EPS Files (*.eps)|*.eps "; openFileDialog.FilterIndex = 2 ;openFileDialog.RestoreDirectory = true ;if(DialogResult.OK == openFileDialog.ShowDialog())
{m_Bitmap = (Bitmap)Bitmap.FromFile(openFileDialog.FileName, false);
65
p1.Image =m_Bitmap;}
}
private void button4_Click(object sender, System.EventArgs e){
SaveFileDialog saveFileDialog = new SaveFileDialog();
saveFileDialog.InitialDirectory = "c:\\" ;saveFileDialog.Filter = "All Image Files (JPEG, GIF, BMP, etc.)|*.jpg;*.jpeg;*.gif;*.bmp;*.tif;*.tiff;*.png|JPEG files (*.jpg;*.jpeg)|*.jpg;*.jpeg|GIF Files (*.gif)|*.gif|BMP Files (*.bmp)|*.bmp|TIFF Files (*.tif;*.tiff)|*.tif;*.tiff|PNG Files (*.png)|*.png|EPS Files (*.eps)|*.eps "; saveFileDialog.FilterIndex = 1 ;saveFileDialog.RestoreDirectory = true ;
if(DialogResult.OK == saveFileDialog.ShowDialog()){
m_Bitmap.Save(saveFileDialog.FileName,ImageFormat.Png);}
}
private void button1_Click(object sender, System.EventArgs e){
if(t1.Text.Length<1){
MessageBox.Show("Length of the key should not Less than 5"); return; }
if(p1.Image==null){
MessageBox.Show("Load the image for Stegnography");return;
}StegnoGraphy(m_Bitmap,t1.Text,t2.Text);
}
private void button5_Click(object sender, System.EventArgs e){
t2.Text = "";}
private void button2_Click(object sender, System.EventArgs e){
66
string key; string msg;if(p1.Image==null)
{MessageBox.Show("Load the image for Extration");return;
}
key = ReadToByte();
if(t1.Text == key){
t2.Text = l1.Text;tts.Speak(t2.Text);
}else MessageBox.Show("Key is not matching");
}
private string ReadToByte(){
BitmapData bmData =m_Bitmap.LockBits(new Rectangle(0, 0, m_Bitmap.Width,m_Bitmap.Height), ImageLockMode.ReadWrite, PixelFormat.Format24bppRgb);
int stride = bmData.Stride;int nOffset = stride - m_Bitmap.Width*3;int nWidth = m_Bitmap.Width * 3;string key =null;l1.Text ="";
System.IntPtr Scan0 = bmData.Scan0;int v=0;int pix=0; key=null;
bool fl=true;
bool fl2 =true;
bool chk=false;
int m=0;
67
unsafe{
byte *p = (byte *)(void *)Scan0;
for(int y=0;y<m_Bitmap.Height;++y){
for(int x=0; x < nWidth; ++x ){
try{
if(v<25){
if(p[0]==0)
{fl=false;
}if(fl==true)key = key + Convert.ToChar(p[0]) ;
v++; }
if(fl==false&&m<150){
if(fl2==true&&chk==true){
l1.Text = l1.Text + Convert.ToChar(p[0]);//t2.Text = t2.Text + p[0];if(p[0]==0) fl2=false;
}
m++;chk=true;
}
++p;
}
catch(Exception){
}
68
}p += nOffset;
}
}
m_Bitmap.UnlockBits(bmData); return key;
}
private void ReadToByte1(){
BitmapData bmData =m_Bitmap.LockBits(new Rectangle(0, 0, m_Bitmap.Width,m_Bitmap.Height), ImageLockMode.ReadWrite, PixelFormat.Format24bppRgb);int key=0;int stride = bmData.Stride;int nOffset = stride - m_Bitmap.Width*3;int nWidth = m_Bitmap.Width * 3;System.IntPtr Scan0 = bmData.Scan0;int v=0;int pix=0;unsafe
{
byte *p = (byte *)(void *)Scan0;
for(int y=0;y<m_Bitmap.Height;++y){
for(int x=0; x < nWidth; ++x ){
try{
if(v<8){
t2.Text = t2.Text + Convert.ToChar(p[0]) ;v++;
69
} ++p;
}
catch(Exception){
}}
p += nOffset;}
}
m_Bitmap.UnlockBits(bmData);
}
private void VoiceCmd_ClickIn(object sender, AxHSRLib._VcommandEvents_ClickInEvent e)
{
}
private void VoiceCmd_CommandOther(object sender, AxHSRLib._VcommandEvents_CommandOtherEvent e)
{Detect.Text = e.command;t2.Text = t2.Text + e.command +" ";
Timer1.Enabled =true;Timer1.Interval =1200;
}
private void VoiceCmd_CommandRecognize(object sender, AxHSRLib._VcommandEvents_CommandRecognizeEvent e)
{Timer1.Enabled = false;Detect.Text = e.command;t2.Text = t2.Text + e.command +" ";
Timer1.Enabled =true;Timer1.Interval =1200;
70
}
private void Timer1_Tick(object sender, System.EventArgs e){
}
private void Detect_Click(object sender, System.EventArgs e){
}
private void label1_Click(object sender, System.EventArgs e){
}
private void label2_Click(object sender, System.EventArgs e){
}}
}
71