@

General scheme of Today's Steganography

(KIT-STEGROUP)


<Steganography is ...>

If you have some secret data, you should encrypt it to make it unreadable for the third party. Data encryption is a solution to keep secret information very safe. It is based on data scrambling by using some type of  secret key.

However, data encrypting will draw much more attention of the near-by people than not encrypting it. So, the owner of the encrypted data will be easily known that he/she is hiding something. Therefore, encrypting is not enough.

There is another solution which is called steganography. Steganography today is like the following.

In steganography you will have two types of data. One is the secret data itself that is very valuable to you. The other one is a type of media data called "vessel", "carrier", or "dummy" data. Such vessel data is essential, but is not so valuable. It is the data in which the valuable data is "embedded." An "already embedded" vessel data is called "stego data." When you want to recover the valuable (or secret) data, you can "extract" it from the stego data. For embedding and extracting you need a special program and a key.

A typical vessel is an image data with Red, Green, and Blue color components in a 24 bits pixel structure. The illustration below shows a general scheme of steganography.

General scheme of steganography

Steganography is a technique to hide secret data by embedding it in some innocent looking media data like Mona Lisa here. The embedded data is very safe because steganography hide both the content and the location of the secret information. There are many different methods to embed data in the media data. It is impossible to detect which method is used for embedding. Steganography can co-operate with cryptography in the sense that it can embed the encrypted secret data to make it much safer.

The most important point in steganography is that the stego data does not leave any evidence that some extra data is embedded there. In other words, the vessel data and the stego data must be very similar. A user of steganography should discard the original vessel data after embedding in order not to allow anyone to compare the stego and the original data.

One stego data must be re-usable as a vessel data for another embedding in any steganographic method. If not, that embedding changes the structure of the original vessel intrinsically, and it is not called "steganography" anymore. In other words, all vessel data must be repeatedly "re-usable" in any steganography. But only the "last-embed secret data" can be extracted.

It is important that the embedding capacity is large. The larger the better. For image steganography we are confident that BPCS method is still the best of all currently available image steganographic methods.

<File deception is ...>

"File deception" or "file camouflage" is a technique to hide secret data in a computer file which looks like almost a steganography. But actually, it is a trick to disguise a secret-data-added file as a normal file. This can be possible because most computer file formats have some "don't-care portion" in one file. For example, a JPEG, MPEG3, or Word file allows any "extra" data to be added to the end of a regular file. Even if such extra data (which can be encrypted) are added, the JPEG, MPEG3, or Word file looks (sounds) like the original image, sound, or document on the computer. Some people might have misunderstood that such a trick is a type of steganography.

However, such tricked files may have an extra-lengthy file sizes, and they can be easily detected by most computer engineers. So, file deception is definitely different from steganographic technique we are discussing here.

Many "steganography software" on the market today is based on the file deception. If you find a steganography program that increases the output file size (i.e., the stego file size) by the amount you have embedded, the program is obviously a file deception.

@

Back to Home

(Updated on Jan. 20, 2015  by Eiji Kawaguchi)