Steganography/Introduction

Basics

edit

As a result of the debate on the control over the export of encryption technology, steganography is a good method for concealing the type of data being transmitted.

Main components of the steganographic system (with public key):

  • Secret messages: A message that must be forwarded.
  • Cover (c): file or data used to embed a secret message.
  • Embedding (e): process hiding stegotext in cover
  • extracting (ex): process recovery hiding information
  • stegosystem
  • Secret key (k): the key required to embed a secret message (pure steganography does not meet Kerckhoffs rule)


Pros

edit

Steganography is an extremely useful tool when the interested parties have an unsecured communication path. Users can then communicate without fear of government or corporate interference, being a dissident or an illegal activist. But even if we do not do anything illegal, steganography can protect our privacy in an unfavorable environment - for example, facebook by 2015 had an XMPP service running, thanks to which it was possible to connect to the messenger via this universal protocol. Testing the service for the ability to encrypt messages using OTR / GPG came to naught and was blocked by a MiTM attack on facebook and the only solution in this case could be to use steganography.

Cons

edit

The first negative aspect of steganography is that although the information will be hidden, it can be read by anyone who knows about it and knows the method of hiding. This problem can be easily resolved by applying the principle of in-depth protection and encrypting the message before hiding it. Even if someone found the message, he would not be able to read it. Best combination: steganography in public key + digital watermark + encryption = perfectly. Hovewer undoubtedly, the amount of secret information hidden by this method is quite severely limited.

Magic triangle

edit

The magic triangle was originally introduced by J. Fridrich - it allows to systematize the research according to qualitative features, such as undetectability, bit rate, and persistence of the message.