Cryptography Reference
In-Depth Information
Attacking steganographic algorithms is very similar to attack-
ing cryptographic algorithms and many of the same techniques ap-
ply. Of course, steganographic algorithms promise some additional
stealth in addition to security so they are also vulnerable to addi-
tional attacks.
Here's a list of some possible attacks:
File Only
The attacker has access to the file and must determine if it
holds a hiddenmessage. This is the weakest form of attack, but
it is also the minimum threshold for successful steganography.
Many of these basic attacks rely on a statistical analysis of digi-
tal images or sound files to reveal the presence of a message in
the file. This type of attack is often more of an art than a sci-
ence because the person hiding the message can try to counter
an attack by adjusting the statistics.
File and Original Copy
In some cases, the attacker may have a copy
of the file with the encoded message and a copy of the original,
pre-encoded file. Clearly, detecting some hidden message is a
trivial operation. If the two files are different, there must be
some new information hidden inside of it.
The real question is what the attacker may try to do with the
data. The attacker may try to destroy the hidden information,
something that can be accomplished by replacing it with the
original. The attacker may try to extract the information or
even replace it with their own. The best algorithms try to de-
fend against someone trying to forge hidden information in a
way that it looks like it was created by someone else. This is of-
ten imagined in the world of watermarks, where the hidden in-
formation might identify the rightful owner. An attacker might
try to remove the watermark from a legitimate owner and re-
place it with a watermark giving themselves all of the rights and
privileges associated with ownership.
Multiple Encoded Files
The attacker gets
n
different copies of the
files with
different messages. One of them may or may not
be the original unchanged file. This situation may occur if a
company is inserting different tracking information into each
file and the attacker is able to gather a number of different ver-
sions. If music companies sell digital sound files with person-
alized watermarks, then several fans with legitimate copies can
get together and compare their files.
Some attackers may try to destroy the tracking information or
to replace it with their own version of the information. One of
n
