Cryptography Reference
In-Depth Information
significant bits were truly random and uncorrelated with the higher
order bits, then there would be equal numbers of 255s and 254s. This
often happens to a lesser degree in many other parts of the image
where only one color may appear completely saturated.
This is just a simple example. Good scientists with a deep knowl-
Chapter 17 offers a
number of basic
statistical tests for
identifying the presence
of steganography.
edge of the physics behind the sensors can often detect more sophis-
ticated patterns. Digital copier manufacturers, for instance, can tune
their toner mechanisms to do a good job with either fine white lines
or fine black lines. Doing well with both is difficult.
All of these subtle statistical patterns can be destroyed when you
replace the least significant bits with your message. Simply pouring
in a well-compressed and encrypted message puts in white noise
with no correlations to the higher order bits.
There is no easy way to avoid this problem. The mimic functions
from Chapter 6 can be used in complicated ways to imitate the pat-
terns, but this is largely a cat-and-mouse, spy-vs-spy game. The at-
tacker may have some model of the statistical correlations in the file.
If you can anticipate this model or come up with your own that en-
compasses it, then you can mold the data in your message to fit it.
If you choose incorrectly or the eavesdropper/attacker changes their
model, your data could stick out like a sore thumb.
There is no solution to winning this game, but it is possible to
minimize the dangers of playing it. The best defense against statis-
tical problems like this is to avoid getting greedy by packing in too
much data. An 800kB file has 800kB least significant bits available
that can store up to 100kB bytes of a message. Using all 100kB of the
channel, however, will completely destroy all statistical correlations
but inserting 1k message will leave 99% of the least significant bits
unchanged. Most of the statistical patterns will also be unchanged
and thus indistinguishable from a pure file.
All of the statistical techniques for detecting steganography usu-
ally become much less sensitive when only a small fraction of the
available bandwidth is used to hold a message.
See Chapter 17 for a
description of some of
these algorithms for
detecting hidden
messages.
Another more sophisticated solution is to embed the information
in several pixels at the same time. A simple way is to just choose
several pixels and embed the information in the parity of these pixels.
Let a zero be encoded by ensuring that there's an even number of 1s
in the least significant bits of the chosen pixels. A one can be encoded
with an odd number of 1s. This spreads out the change.
All of the analytical attacks on steganography work best when
the steganographer gets greedy and saturates the hidden channel.
Leaving most of the image unchanged is the best defense.
