CS 577 Cryptography Lab Topic: Steganography

Prof. Dietrich August 30, 2012

Group size: 2-3 Setup needed: Windows/MacOS X, Unix hosts

General description

The purpose of steganography (concealed writing), as dierent from cryptography, is to hide the fact that a message is even being sent. In ancient times, generals would shave a soldiers head, write on their scalp, and let the hair regrow. The recipient would then shave the soldiers head and read the message. We will be doing the computer science equivalent using embedding functions, e.g. by changing the nth bit in a digital image, audio le, or even a network protocol.

File with samples and results

The les are in lab-stego.zip. It contains the tools (steghide, vecna, stegdetect, stegsecret), sample (images, audio) les, and text. Also inside are network steganography tools using TCP/IP header (covert.tcp.tar.gz).

Hiding/extracting information

Refer to steganography primers for background. The basic principle is to use redundant bits in the cover medium to embed information that is not to be found. Cover media include text, images (GIF, BMP, JPG), audio les (e.g. MP3, WAV), video les (e.g. MPEG4). The goal is to produce output les that do not give the appearance of containing additional information.

3.1

Requirement

You should use the tools provided in the le. If for some reason, you choose not to, please justify your choice. Your output should contain les that have embedded information in them, with or without passphrases (depending on the algorithm). If you used a passphrase, you must submit it as well.

3.2
3.2.1

Tasks
Embedding information into les

Create a sample image le. Embed some information in the le: 1. another image 2. a sound le (e.g. a cricket chirp le) 3. a short text 4. a long text Embed into each of the items (1-4) above another item (1-4). Prepare a report of your ndings. 3.2.2 Embedding information into network trac

Create two endpoint hosts with the network steganography tool installed 1. Document the active connection with tcpdump data (pcap) 2. Transmit the information (e.g. text, a session) Prepare a report of your ndings.

Capacity for steganography tools and steganalysis

The nal part of this lab consists of two sections: measuring the capacity of each le, that is how much can be embedded, and nding possible embedding in existing les. 1. Depending on the tool in use, you will be given an estimate on how much information (size in bytes) can be embedded into the destination le. Express that in percentage of the le in use, and specify the type of le used (image, audio, video, etc.) Try to embed more information in an already encoded le (eectively chaining the steganographic technique). 2. Analyze your and your group partners (pick a group to work with) created les with steganalysis tools (see above) to detect hidden content. Prepare a report of your observations in the format requested under Deliverables (section 6).

Word Problems
1. Summarize the embedding techniques used by the tools. 2. Summarize the detection techniques used by the steganalysis tools. 3. To what extent are the embedding techniques composable? 4. How would you thwart the other groups steganographic eorts if you could be in the middle of the transmission, i.e. you take the role of an active warden?

Deliverables
1. A report describing all your ndings above. 2. A zip le containing: The source and embedded les, including the particular technique and passphrases used, if any. Answers to all word problems in Part 5. 3. Submit by next class, September 6, 2012.

Grading

Points will be subtracted if any of the pieces of the deliverables are missing or incomplete.