2003-07-06 08:42:01 -- One of the few noteworthy aspects of the 2001 movie Along Came A Spider is that it probably marks the debut of steganography in mainstream culture. About six months later, steganography was back in the public spotlight, but for a darker reason: terrorists were using it.
In both cases, steganography was used to pass messages over the Internet using innocuous-looking images. Although you can embed messages in video and audio files, too, steganography usually involves image files such as JPEGs. The common denominator is that, unlike the better-known process of encryption, where a message is garbled but remains in plain view, steganography hides it altogether.
There are multiple ways that steganography embeds data in an image, which is then called a "cover" image. (For would-be steganographers, software such as Dound’s Steganography is widely available on the Internet.) One method is to hide the information in the headers and footers that images typically have. Another is to append the data to the file, although trying to attach too much can be a dead give-away. "There you have unlimited bandwidth, but it would be odd to see a tiny image that’s tremendous," said Neil F. Johnson, an associate at Booz Allen Hamilton, a consulting firm
The most common technique is to change the least significant bit in each pixel. Because it manipulates existing data that makes up an image rather than adding to it, this approach doesn’t swell the file size. "If you’re modifying the least significant bit on a color photograph, the human eye isn’t going to see it," Johnson said.
The bits that make up a photo are created by a computer using binary numbers that are recognized by a program as having meaning. A JPEG image file is made up of pixels, with binary values given for each color: red, green, and blue. The binary value for a pure red pixel would be 1111 0000 0000 (100 percent red, zero percent green, and zero percent blue). A steganographer could insert the tiniest portion of a message in this pixel by adding one bit of information to the blue portion of the pixel, making the binary composition look like 1111 0000 0001. This small change to the image is imperceptible to the eye, but by inserting different bits of information in thousands of pixels, a message can be recorded in the image file.
Manipulating bits has its limits. Suppose that you have an eight-bit image that measures 512 x 512, which gives you a total of 2,097,152 bits to work with. "If you want to hide a message in the least significant bit of each pixel, you can hide 32,768 bits," said Hany Farid, an assistant professor of computer science at Dartmouth College.
"This message will almost certainly be imperceptible to the human eye. If you want to store another 32,768 bits of data, you can do so in the second-to-least-significant bit. The risk is that degradation in the cover may become more noticeable."
How Much Can Be Hidden?
There’s no clear-cut answer to just how much information can be hidden using steganography. One oft-cited example is that it’s possible to hide the text of the King James version of the Bible in the photo of a dollar bill, although the catch is the dollar bill would be the size of your monitor’s screen.
There are, however, two rules of thumb: First, big, "busy" files can hide more information. "The more dynamic the medium is—say, video versus plain images—the more places you have to embed information," Johnson said.
Second, trying to shoehorn too much information runs the risk of detection by distorting the file to the point that the alteration is detectable by steganalysis tools, or even the human eye. "The point at which you risk being discovered depends on the content of the cover image," Farid said. "An image with large areas of uniform color or gray isn’t so good because perturbations will be noticeable. An image with highly textured regions is better."
Inserting a steganographic message into an image file is a lot of work, and corresponding software is necessary to extract the message. Steganography is not child’s play. It is an ultra-sophisticated procedure carried out by those for whom the message, and its secrecy, is of life-and-death importance.
Steganalysis is the name given to the techniques used to identify images that have been altered, but intercepting a steganographic message is hugely difficult. It involves having a knowledge of a suspected sender or recipient, access to the suspect’s computer and/or e-mail account, and an examination of the files on that system—not easy to get done in a free society. It’s enough to keep the good guys awake at night.