| 释义 |
- Architecture Carrier Chain Robustness and cryptography Carrier engine
- Tools comparison
- See also
- Articles
- References
- External links
A steganography software tool allows a user to embed hidden data inside a carrier file, such as an image or video, and later extract that data. It is not necessary to conceal the message in the original file at all. Thus, it is not necessary to modify the original file and thus, it is difficult to detect anything. If a given section is subjected to successive bitwise manipulation to generate the cyphertext, then there is no evidence in the original file to show that it is being used to encrypt a file. ArchitectureCarrierThe carrier is the signal, stream, or data file into which the hidden data is hidden by making subtle modifications. Examples include audio files, image files, documents, and executable files. In practice, the carrier should look and work the same as the original unmodified carrier, and should appear benign to anyone inspecting it. Certain properties can raise suspicion that a file is carrying hidden data: - If the hidden data is large relative to the carrier content, as in an empty document that is a megabyte in size.
- The use of obsolete formats or poorly-supported extensions which break commonly used tools.
It is a cryptographic requirement that the carrier (e.g. photo) is original, not a copy of something publicly available (e.g., downloaded). This is because the publicly available source data could be compared against the version with a hidden message embedded. There is a weaker requirement that the embedded message not change the carrier's statistics (or other metrics) such that the presence of a message is detectable. For instance, if the least-significant-bits of the red camera-pixel channel of an image has a Gaussian distribution given a constant colored field, simple image steganography which produces a random distribution of these bits could allow discrimination of stego images from unchanged ones. The sheer volume of modern (ca 2014) and inane high-bandwidth media (e.g., youtube.com, bittorrent sources. ebay, facebook, spam, etc.) provides ample opportunity for covert communication. ChainHidden data may be split among a set of files, producing a carrier chain, which has the property that all the carriers must be available, unmodified, and processed in the correct order in order to retrieve the hidden data. This additional security feature usually is achieved by: - using a different initialization vector for each carrier and storing it inside processed carriers -> CryptedIVn = Crypt( IVn, CryptedIVn-1 )
- using a different cryptography algorithm for each carrier and choosing it with a chain-order-dependent equiprobabilistic algorithm
Robustness and cryptographySteganography tools aim to ensure robustness against modern forensic methods, such as statistical steganalysis. Such robustness may be achieved by a balanced mix of: - a stream-based cryptography process;
- a data whitening process;
- an encoding process.
If the data is detected, cryptography also helps to minimize the resulting damage, since the data is not exposed, only the fact that a secret was transmitted. The sender may be forced to decrypt the data once it is discovered, but deniable encryption can be leveraged to make the decrypted data appear benign. Strong steganography software relies on a multi-layered architecture with a deep, documented obfuscation process. Carrier engineThe carrier engine is the core of any steganography tool. Different file formats are modified in different ways, in order to covertly insert hidden data inside them. Processing algorithms include: - Injection (suspicious because of the content-unrelated file size increment)
- Generation (suspicious because of the traceability of the generated carriers)
- Ancillary data and metadata substitution
- LSB or adaptive substitution
- Frequency space manipulation
Tools comparisonTools comparison (alphabetical order)| Program | Image files | Audio files | Video files | Document files | Other support | Notes | | Anubis | BMP, JPG | date=December 2016}} | date=December 2016}} | date=December 2016}} | Data being appended to the end of file | Open Source{{Clarify>date=December 2016}} | | BMPSecrets | BMP, JPG, TIFF, GIF | - | - | - | - | - | | DarkCryptTC | BMP, JPG, TIFF, PNG, PSD, TGA, MNG | WAV | - | TXT, HTML, XML, ODT | EXE, DLL, NTFS streams | RSD mode (RNG-based random data distribution), AES encryption supported | | DeepSound | BMP | Audio CD, APE tag, FLAC, MP3, WAV, WMA | - | - | - | AES 256-bit encryption | | ImageSpyer G2 | BMP, TIFF | - | - | - | - | RSD algorithm implemented, plugin for Total Commander (StegoTC G2) | | MP3Stego | - | MP3 | - | - | - | Open source | |
| Mr. Crypto | BMP, PNG, TIFF | - | - | - | - | Freemium; interface on English, Russian and Ukrainian; AES and TripleDES encryption. Using Least Significant Bit for data hiding. | | OpenPuff | BMP, JPEG, PNG, TGA | MP3, WAV | 3gp, MP4, MPEG-1, MPEG-2, VOB, SWF, FLV | Pdf | - | Open source, 256-bit multi-encryption, Carrier chains, Multi-layered obfuscation | | OpenStego | BMP, PNG | - | - | - | - | Open source | | Outguess | JPG | - | - | - | - | Freeware for macOS | | Outguess-rebirth | JPG | - | - | - | - | Portable freeware Windows (based on Outguess for Linux) | | PHP-Class StreamSteganography | PNG | - | - | - | - | - | | QuickStego / QuickCrypto | BMP, JPEG, GIF | - | - | - | - | Windows XP, Vista, 7 | | Red JPEG | JPEG | - | - | - | - | XT for Total Commander, LZMA compression, PRNG-based masking and distribution | | S-Tools | BMP, GIF | Wav | - | - | Unused floppy disk space | - | | Steg | BMP, PNG, JPEG, GIF | - | - | - | - | Symmetric and asymmetric key cryptography, runs on Win/Linux/Mac | | StegaMail | BMP, PNG | - | - | - | - | 56bit encryption, zLib compression | | Steganographic Laboratory (VSL) | BMP, PNG, JPG, TIFF | - | - | - | - | Open source | | Steganography Studio | BMP, PNG, GIF | - | - | - | - | Different hiding methods (LSB, LSB Matching, SLSB), Open source | | SteganPEG | JPEG | - | - | - | - | Windows XP, Vista, 7 | | StegFS | - | - | - | - | Steganographic file system for Linux | - | | Steghide | JPG, BMP | WAV, AU | - | - | - | Open source (GNU General Public License) | | StegoShare | BMP, JPEG, PNG, GIF, TIFF | - | - | - | - | Open source | See also {{col-begin}}{{col-break}}- Steganography
- BPCS-Steganography
{{col-break}}- Steganographic file system
- Steganography detection
{{col-break}}{{Portal|Cryptography}}{{col-end}}Articles- {{Cite journal |url=http://isis.poly.edu/memon/pdf/2006_performance%20study.pdf |accessdate=28 November 2012 |first1=Mehdi |last1=Kharrazi |first2=Husrev T. |last2=Sencar |first3=Nasir |last3=Memon |title=Performance study of common image steganography and steganalysis techniques |journal=Journal of Electronic Imaging |volume=15 |issue=4 |pages=041104 |doi=10.1117/1.2400672|year=2006 }}
- {{Cite web |url=http://www.guillermito2.net/stegano/ |accessdate=28 November 2012 |author=Guillermito |title=Analyzing steganography software}}
- {{Cite journal |url=http://www.cs.ucsb.edu/~ravenben/classes/595n-s07/papers/practical-steg.pdf |accessdate=28 November 2012 |first1=Niels |last1=Provos |first2=Peter |last2=Honeyman |title=Hide and Seek: An Introduction to Steganography |journal=IEEE Security & Privacy |pages=32–44 |doi= 10.1109/msecp.2003.1203220|issn=1540-7993 |volume=1 |issue=3 |year=2003 }}
- {{Cite journal |url=http://www.citi.umich.edu/u/provos/papers/defending.ps |accessdate=28 November 2012 |first=Niels |last=Provos |title=Defending against statistical steganalysis |journal=Proceedings of the 10th Conference on USENIX Security Symposium |pages=24–37 |series=SSYM'01 |volume=10 |publisher=USENIX Association}}
- {{Cite book |url=http://embeddedsw.net/doc/Openpuff_paper_Constructing_good_covering_codes_for_applications_in_steganography.pdf |accessdate=8 March 2017 |first1=Jürgen |last1=Bierbrauer |first2=Jessica |last2=Fridrich |title=Constructing good covering codes for applications in Steganography |journal=Transactions on Data Hiding and Multimedia Security III |pages=1–22 |doi=10.1007/978-3-540-69019-1_1 |isbn=978-3-540-69019-1 |series=Lecture Notes in Computer Science |volume=4920 |publisher=Springer Berlin Heidelberg|year=2008 |citeseerx=10.1.1.72.5242 }}
- {{Citation |url=http://ic.unicamp.br/~rocha/wvu/talks/stegPastPresentFuture-White.pdf |accessdate=8 March 2017 |first1=Anderson |last1=Rocha |first2=Siome |last2=Goldenstein |title=Steganography and Steganalysis: past, present, and future |publisher=First IEEE Workitorial on Vision of the Unseen (WVU'08)}}
ReferencesExternal links- Exhaustive directory of steganography software by Dr. Neil Johnson
- Directory of network steganography software at Stegano.net
- [https://www.geekdashboard.com/best-steganography-tools/ List of steganography tools] to hide sensitive data
{{DEFAULTSORT:Steganography Tools}} 4 : Steganography|Espionage techniques|Applications of cryptography|Cryptographic software |