Don’t Let a Cute Photo Fool You… Steganography Basics
Expect the unexpected….
What is Stganography?
Steganography is the art of hiding information in plain sight. In much the same way a chameleon blends in with its surroundings to avoid the watchful eyes of predators, steganography ensures that data can only be viewed or heard by those who know it’s there.
Unlike its cousin cryptography, which works to make sure information is not readily understood, steganography’s goal is to conceal information within something else, something innocent, be it audio, images, plaintext and even video files.
In ancient accounts of hidden message techniques, archeologist discovered a form of steganography used by the Roman emperor Histaeus in 500 BC which involved the tattooing of a message on a slave’s head. Once the slave’s hair had grown back fully, they were sent to the message recipient who would then shave the poor slave’s head again to retrieve the message.
Now, things aren’t quite that easy. In the modern era, the assistance of programs has helped steganography move into the digital age.
How is Steganography Used Today
Technological advances have taken steganography to great heights. With the advent of computer programs, steganographic methods can now be used in quite a few ways.
The Least Significant Bit
The Least Significant Bit (LSB) refers to taking the smallest amount of bits in a file and hiding away a piece of data inside of it. The source file to the average user looks completely untouched, the changes nowhere near noticeable unless skimmed with a fine-tooth comb for anything out of place.
LSB can be used to manipulate any file type; video, audio, and images.
Changes using LSB are by far the most noticeable as it can distort the cover file a bit.
In audio tracks
One method of audio steganography is called “backmasking.” In this technique artists would include lyrics to their songs that can only be heard once played in reverse.
An example of this is hidden within a track by Weird Al. In his 1994 track titled I Remember Larry, at the end of the track Weird Al can be heard saying “Wow, you must have an awful lot of free time on your hands.”
Invisible ink messages
During the revolutionary war, the British and American armies used invisible ink, a mix of sulfate and water, to hide their wartime correspondence from prying eyes.
Just picture this… you have in your hands an enemy soldier’s intercepted letter. All seems well, it’s only an innocent love letter, right?
Wrong.
Between the lines of that innocent letter lurks a secret message that details enemy regiment plans for a raid of your camp in a day’s time.
These plans were completely invisible to the naked eye, you would’ve had no way of knowing.
Thus, the letter contents would have to remain unknown.
Well… until the letter’s pages were treated with sulfate solution or warmed-over candlelight by a savvy cadet.
Fun fact… Just 10 years ago, the CIA released [the invisible ink formula used in World War ](https://www.cia.gov/readingroom/collection/cia-declassifies-oldest-documents-us-government-collection) for invisible ink. So, now you can create secret messages on your own.
Be sure to proceed with caution though, don’t want you to burn your house down.
Images
The most common means of hiding text messages is in an image. Because the internet is chalked full of millions of seemly innocent imagery, digging through each file to find malicious messages is like searching for a needle in a hay-stack.
Steganography in Action
On the internet, there are tons of applications that preform steganographic functions. OpenStego, Xiao Steganography, and ImageSteganography are merely a few that I can name off the top of my head, mind you many of these programs are free.
Read more about them here.
I want to take an innocent photo. One that no one would suspect would be anywhere near sinister.
I ended up with this one.
Yes, I know he’s cute.
This cute little guy is going to hide a message for me, Edgar Allen Poe’s Raven in a secret message file.
For this feat, I decided the OpenStego was the best program for the job, as it allows users to hide data in .bmp, gif, .jpeg, .jpg, .png and .wbmp files and outputs .png and .bmp files.
In my “secret” folder stashed on my desktop, I have my message and cover file loaded and ready to go.
I ran over to Openstego and loaded the path names for the above files, being sure to also add the name of my Stego-ed file.
Note: You can also add AES encryption to your hidden message for a layer of added protection to your messages.
I select hide data.
Then…BOOM. Success!
We now have two seemingly identical photos.
Detection
Detecting steganography in a file isn’t too difficult… when you have the original file to compare the modified version to and a program to extract attached file data.
Comparing metadata between the files via Powershell command or in file explorer
In Powershell, we can use the dir command to view the size of files in any given directory. Today, we will use this ability to look at the size of our steganography file and compare it to our original file.
We can also use the Get-filehash command to generate the hash value for each file. A hash value is a mathematically calculated string of alphabetic and numeric characters that ensures the contents of a file have not been modified in anyway.
Because the two files look identical it is expected for the hash value for each file to also be identical. But since they are both completely different we can gather that one file has been modified.
We find the same issue when checking each file in file explorer. After toggling on the details pane in file explorer, I found that there where some not so subtle differences between the two files.
Our original file is 1.49MB.
Our Stego-ed file is 68.6 MB. This is a clear indicator that there is something more attached to this file.
Let us take OpenStego, for example. To extract data, we can input the path of our file and set our destination or where we would like to view the stored data.
Why is this important
Secret messages are pretty cool and for a lot of us shooting a hidden message between friends is the closest we’ll get to feeling like an international spy.
Honestly, you may never need to use Steganography in everyday conversation, but on the off chance you find yourself staring into the unassuming eyes of fluffy puppy of photo you randomly received.
Be sure to think twice and question what may be underneath.
