Recently, numerous novel algorithms have been proposed in the fields of steganography and visual cryptography with the goals of improving security, reliability, and efficiency. This paper discusses and compares the two methodologies. Some similarities and differences are presented, in addition to discussing some of the best known algorithms for each. Lastly, an idea for a possible algorithm which combines the use of both steganography and visual cryptography is suggested. There are several ways of hiding data in files of different formats, leaving various signs of hidden data. Can data hidden in an original image be detected after it undergoes visual cryptography? Would that be a scenario which computer forensic investigators and forensic software developers have to account for?
Keywords-Visual Cryptography, Steganography, Computer Forensics, Anti-forensics, Data Hiding, Secrecy, Novel Visual Cryptographic and Steganographic Methods, Forensic Investigation.
Throughout history, a multiple of methods and variations have been used to hide information. David Kahn’s The Codebreakers provides an excellent accounting of this history. Bruce Norman recounts numerous tales of cryptography and steganography during times of war in Secret Warfare: The Battle of Codes and Ciphers.
In ancient Greece, text was written on wax covered tablets. In one story Demeratus wanted to notify Sparta that Xerxes intended to invade Greece. To avoid capture, he scraped the wax off of the tablets and wrote a message on the underlying
wood. He then covered the tablets with wax again. The tablets appeared to be blank and unused so they passed inspection by sentries without question.
Another ingenious method was to shave the head of a messenger and tattoo a message or image on the messengers head. After allowing his hair to grow, the message would be undetected until the head was shaved again.
Another common form of invisible writing is through the use of Invisible inks. Such inks were used with much success as recently as WWII. An innocent letter may contain a very different message written between the lines. Early in WWII steganographic technology consisted almost exclusively of invisible inks. Common sources for invisible inks are milk, vinegar, fruit juices and urine. All of these darken when heated
Null ciphers (unencrypted messages) were also used. An example of a message containing such a null cipher from is:
Fishing freshwater bends and saltwater
coasts rewards anyone feeling stressed.
Resourceful anglers usually find masterful
leapers fun and admit swordfish rank
By taking the third letter in each word, the following message emerges:
Send Lawyers, Guns, and Money.
The Germans developed microdot technology which FBI Director J. Edgar Hoover referred to as “the enemy’s masterpiece of espionage.” Microdots are photographs the size of a printed period having the clarity of standard-sized typewritten pages. The first microdots were discovered masquerading as a period on a typed envelope carried by a German agent in 1941. The message was not hidden, nor encrypted. It was just so small as to not draw attention to itself (for a while). Besides being so small, microdots permitted the transmission of large amounts of data including drawings and photographs.
Steganography is the art and science of writing hidden messages in such a way that no one apart from the intended recipient knows of the existence of the message; this is in contrast to cryptography, where the existence of the message itself is not disguised, but the content is obscured. The word “Steganography” is of Greek origin and means “covered or hidden writing”. Generally, a steganographic message will appear to be something else: a picture, an article, a or some other message – the cover text.The advantage of steganography over cryptography alone is that messages do not attract attention to themselves, to messengers, or to recipients. An unhidden coded message, no matter how unbreakable it is, will arouse suspicion and may in itself be incriminating. In some countries encryption is illegal. Steganography uses in electronic communication include steganographic coding inside of a transport layer, such as an MP3 file, or a protocol, such as UDP.Today, computer and network technologies provide easy-to-use communication channels for steganography. Essentially, the information-hiding process in a steganographic system starts by identifying a cover medium’s redundant bits 1 the embedding process creates a stegomedium by replacing these redundant bits with data from the hidden message. Modern steganography’s goal is to keep its mere presence undetectable, but steganographic systems-because of their invasive nature-leave behind detectable traces in the cover medium. Even if secret content is not revealed, the existence of it is: modifying the cover medium changes its statistical properties, so eavesdroppers can detect the distortions in the resulting stego medium’s statistical properties. The process of finding these distortions is called statistical steganalysis. This article discusses existing steganographic systems and presents recent research in detecting them via statistical steganalysis. Other surveys focus on the general usage of information hiding.
3.How Steganography works?
When using steganography on a computer, you actually hide a message within another file. That resulting file is called a “stego file.” The trick to computer steganography is to choose a file capable of hiding a message.
Figure 1: working of steganography
A picture, audio, or video file is ideal for several reasons: These types of files are already compressed by an algorithm. For example, .jpeg, .mp3, .mp4, and .wav formats are all examples of compression algorithms. These files tend to be large, making it easier to find spots capable of hiding some text. These files make excellent destructors. That is, few people expect a text message to be hidden within a picture or an audio clip. If the steganographic utility does its job well, a user shouldn’t notice a difference in the quality of the image or sound, even though some of the bits have been changed in order to make room for the hidden message.
4.Uses of Steganography
Steganography is a means of storing information in a way that hides that information’s existence. Paired with existing communication methods, steganography can be used to carry out hidden exchanges. Governments are interested in two types of hidden communications: those that support national security and those that do not. Digital steganography provides vast potential for both types. Businesses may have similar concerns regarding trade secrets or new product information. Avoiding communication in well-known forms greatly reduces the risk of information being leaked in transit. Businesses have increasingly taken advantage of another form of steganography, called watermarking. Watermarking is used primarily for identification and entails embedding a unique piece of information within a medium without noticeably altering the medium. (For details, see Katzenbeisser and Petitcolas1 and BarA?n et al.2) For example, if I create a digital image, I can embed in the image a watermark that identifies me as the image’s creator. I would achieve this by manipulating the image data using steganography, such that the result contains data representing my name without noticeably altering the image itself. Others who obtain my digital image cannot visibly determine that any extra information is hidden within it. If someone attempts to use my image without permission, I can prove it is mine by extracting the watermark. Watermarking is commonly used to protect copyrighted digital media, such as Web page art and audio files. Steganography can also enhance individual privacy. Although not a substitute for encryption, digital steganography provides a means of communicating privately. Of course, this is effective only if the hidden communication is not detected. If a person simply wants to communicate without being subjected to his or her employer’s monitoring syst then digital steganography is a good solution – the most private communication is the one that never existed!
Accordingly, with the development and release of tools to steganographically hide infomation within images, various tools have also been developed and released to detect steganographic content. Most of these tools use statistical analysis to detect steganographic content. Once an image is suspected to have information hidden within it, the majority of tools launch a dictionary attack to determine the passphrase that was used to encrypt the hidden information. Although most of the initially available tools generated output that could be easily defeated by simple statistical analysis, various tools have appeared recently with more sophisticated information hiding and encryption algorithms that can escape simple forms of statistical analysis. For example, content encoded using the latest version of Outguess, a freely available tool on the Internet, is not detectable using most available tools to detect steganographic content. Similar to encryption technologies, new encoding techniques are being developed at the same rate as techniques to detect them. Figure 3 shows two seemingly identical images. The left one contains steganographic information, in this case the first page of this document in ASCII format. . The information was encoded into the left image using JPHide, a freeware steganography tool available for Windows. Approximately 4KB of information is hidden within the image on the left. It took approximately 1 minute to hide the information and write out the new JPEG file using the tool’s point and click user interface.
Figure 2: one of these images contains embedded information.
Subsequent extraction of the information from the image is also a simple point and click operation.
5.1 STEGANOGRAPHY GOES MAINSTREAM
Even with easily accessible means to steganographically hide information within an image, one does not necessarily need sophisticated methods to encode information. Historic use of steganography has shown that low technology solutions have been highly effective. In late September 2001, several posters appeared in Bangladesh and in Pakistan that raised the eyebrows of people familiar with the television show, “Sesame Street.” Bert, one of the characters on “Sesame Street” could be seen in one small corner of the poster. At first, various “experts” on terrorism claimed that the image of Bert was deliberately planted as a hidden message to sleeper terrorist cells in the United States. A Bangladesh entrepreneur subsequently claimed that he had created the poster by piecing together random images of Osama bin Laden he had found off the Internet. Strangely, the appearance of this poster in photos taken at Pakistan protests occurring on the same day as the protests in Bangladesh were never explained. One of the fallouts of this incident, along with other similar perceived threats of encoded messages from unreviewed video transmissions from Osama bin Laden, caused the United States government to request that United States media refrain from showing unreviewed video originating from the Middle East.
Figure 3: bert and osama bin laden
The appearance of the character Bert on posters in Bangladesh coupled with the theories that this was a secret message caused mainstream media to scramble to explain steganography to the general public. Articles appeared in mainstream United States media outlets, such as Time Magazine and ABC News. In October, the ABC television show, “Primetime Live”, addressed the issue of steganography on the Internet with live televised examples of decoding steganographic images. Unfortunately, the broadcast did not clearly state that these images were fabricated for demonstrations purposes and were not, as implied, images found “in the wild” on the Internet.
5.2 IMAGE STEGANOGRAPHY
Image steganography has been widely studied by researchers. There are a variety of methods using which information can be hidden in images.
5.2.1 THE IMPLEMENTATION LOGIC
In order to support plausible deniability two factors need to be considered in the proposed hypothetical solution. First, stego object should be able to decrypt to the plain text i.e. when we embed data in the cipher text using a steganographic algorithm, that algorithm or the decryption algorithm should be able to decrypt the stego object properly to the plaintext. Second, reencryption of the plaintext should generate the stego object. Example:
Step 1: To encrypt plaintext we need a cryptographic algorithm (hypothetical).
Plaintext + Encryption Key = Ciphertext
Step 2: To embed data in the ciphertext we need a steganographic algorithm. This creates a stego object which is the ciphertext embedded with hidden data.
Ciphertext + Embedded Data + Stego Key = Stego Object
Step 3: To unhide the embedded data from the stego object we use the steganographic algorithm with the stego key.
Stego Object + Stego Key = Hidden Message
Step 4: To support plausible deniability we assume a (hypothetic) decryption algorithm which takes the stego object (which looks like ciphertext) as input and generates the plain text.
Stego Object + Decryption Key = Plaintext
Step 5: In the same way we need a (hypothetic) encryption algorithm which would again encrypt the plain text generated in Step 4 to the stego object (which looks like ciphertext) generated in Step 2 to achieve complete plausible deniability.
Plaintext + (Re) Encryption Key = Stego Object
Suppose transmitted ciphertext is intercepted by censorship authorities and they are suspicious of the encrypted content, and demand the decryption key to reveal the plain text. In such a situation we need a (hypothetic) decryption algorithm which could convert the stego object (generated in Step 2) to plaintext used in Step 1. Doing this we partially support plausible deniability because the authorities are now (partly) convinced that the encrypted content doesn’t contain any secret data. But what if the authorities try to act smart and re-encrypt the plaintext (generated in Step 4) to match it with the ciphertext (actually the stego object) we supplied for decryption. Because the plaintext won’t yield the stego object because the ciphertext is not embedded with the secret information, we need the hypothetic encryption algorithm. This algorithm would take the plaintext and generate an equivalent stego object (ciphertext + embedded data)
Figure-4: image streganography
6. ENCODING SECRET MESSAGES IN IMAGES
Coding secret messages in digital images is by far the most widely used of all methods in the digital world of today. This is because it can take advantage of the limited power of the human visual system (HVS). Almost any plain text, cipher text, image and any other media that can be encoded into a bit stream can be hidden in a digital image. With the continued growth of strong graphics power in computers and the research being put into image based Steganography, this field will continue to grow at a very rapid pace. Before diving into coding techniques for digital images, a brief explanation of digital image architecture and digital image compression techniques should be explained. As Duncan Sellars explains “To a computer, an image is an array of numbers that represent light intensities at various points, or pixels. These pixels make up the images raster data.” When dealing with digital images for use with Steganography, 8-bit and 24-bit per pixel image files are typical. Both have advantages and disadvantages, as we will explain below. 8-bit images are a great format to use because of their relatively small size. The drawback is that only 256 possible colors can be used which can be a potential problem during encoding. Usually a gray scale color palette is used when dealing with 8-bit images such as (.GIF) because its gradual change in color will be harder to detect after the image has been encoded with the secret message. 24-bit images offer much more flexibility when used for Steganography. The large numbers of colors (over 16 million) that can be used go well beyond the human visual system (HVS), which makes it very hard to detect once a secret message, has been encoded. The other benefit is that a much larger amount of hidden data can be encoded into a 24-bit digital image as opposed to an 8-bit digital image. The one major drawback to 24-bit digital images is their large size (usually in MB) makes them more suspect than the much smaller 8-bit digital images (usually in KB) when sent over an open system such as the Internet. Digital image compression is a good solution to large digital images such as the 24-bit images mentioned earlier. There are two types of compression used in digital images, lossy and lossless. Lossy compression such as (.JPEG) greatly reduces the size of a digital image by removing excess image data and calculating a close approximation of the original image. Lossy compression is usually used with 24-bit digital images to reduce its size, but it does carry one major drawback. Lossy compression techniques increase the possibility that the uncompressed secret message will lose parts of its contents because of the fact that lossy compression removes what it sees as excess image data. Lossless compression techniques, as the name suggests, keeps the original digital image in tact without the chance of loss. It is for this reason that it is the compression technique of choice for steganographic uses. Examples of lossless compression techniques are (.GIF and .BMP). The only drawback to lossless image compression is that it doesn’t do a very good job at compressing the size of the image data. We will now discuss a couple of the more popular digital image encoding techniques used today. They are least significant bit (LSB) encoding and masking and filtering techniques. Least significant bit (LSB) encoding is by far the most popular of the coding techniques used for digital images. By using the LSB of each byte (8 bits) in an image for a secret message, you can store 3 bits of data in each pixel for 24-bit images and 1 bit in each pixel for 8-bit images. As you can see, much more information can be stored in a 24-bit image file. Depending on the color palette used for the cover image (i.e., all gray), it is possible to take 2 LSB’s from one byte without the human visual system (HVS) being able to tell the difference. The only problem with this technique is that it is very vulnerable to attacks such as image changes and formatting (i.e., changing from .GIF to .JPEG). Masking and filtering techniques for digital image encoding such as Digital Watermarking (i.e.- integrating a companies logo on there web content) are more popular with lossy compression techniques such as (.JPEG). This technique actually extends images data by masking the secret data over the original data as opposed to hiding information inside of the data. Some experts argue that this is definitely a form of Information Hiding, but not technically Steganography. The beauty of Masking and filtering techniques are that they are immune to image manipulation which makes there possible uses very robust. As a side note, there are many other techniques that are not covered in this paper that should be researched by anyone interested in using digital images for steganographic purposes. Techniques that use complex algorithms, image transformation techniques and image encryption techniques are still relatively new, but show promise to be more secure and robust ways to use digital images in Steganography.
8.A NEW VISUAL CRYPTOGRAPHY SCHEME FOR COLOR IMAGES
Visual cryptography is a cryptographic technique which allows visual information (pictures, text, etc) to be encrypted in such a way that the decryption can be performed by the human visual system without the aid of computers. As network technology has been greatly advanced, much information is transmitted via the Internet conveniently and rapidly. At the same time, the security issue is a crucial problem in the transmission process. For example, the information may be intercepted from transmission process. This method aims to build a cryptosystem that would be able to encrypt any image in any standard format, so that the encrypted image when perceived by the naked eye or intercepted by any person with malicious intentions during the time of transmission of the image is unable to decipher the image. Firstly an image and key is fed into cryptosystem. The encryption algorithm produces a cipher image which is sent into receiver through a communication channel. When the cipher image reaches the destination, the receiver enters the key and the original image is decrypted. Figure 1 shows the block diagram of the cryptosystem. The key we used is the symmetric key with minimum size of 47 bits. Two important factors are used to determine the efficiency of any cryptographic scheme , namely: 1) the quality of the reconstructed image and 2) the resizing factor (“fac”). Any loss of information during the reconstruction phase leads to reduction in the quality of the recovered image. On the other hand resizing factor refers to enlarging or reducing the original image. To enlarge an image, specify resizing factor greater than 1. To reduce an image, specify resizing factor between 0 and 1.For bandwidth constrained communication channels it is desirable to keep resizing factor (“fac”) as small as possible. For color images, reducing resizing factor is of paramount importance since they occupy more space and consume more band width compared to grayscale and binary images.
Figure 5: block diagram of our cryptosystem
A color image is usually represented in the RGB color space, because most of the computer input and output devices use this color system. Each vector consists of three components, which are the intensity values in the Red, Green and Blue channel. The combination of these values delivers one particular color. A change in the intensity value will change the information stored in the picture. So by performing some changes in intensity values we can encrypt the image and doing the reverse in decryption. If the changes are performed separately on Red, Green and Blue layers, we can have more robust visual cryptographic system. This is because of the fact that when an intruder goes for complete analysis of the image will try to know these basic intensity values. These intensity values will help him to generate the original image. So if the encryption is done at this basic level then it will be hard to break the system. All the changes in the intensity values are performed using a mathematical function.
The function used in this cryptosystem should have a bijective mapping i.e. the function should have one-one and onto mapping. This indicates the inverse of the function exists. Hence the original information of the image can be retrieved back during decryption without any error. The function is given as
g(u)= abs(1/log(tan((exp(k) * cos(exp(1)) * sin(exp(U)))))) here ‘k’ and’ l’ are the keys and ‘U’ is the gcd of the two keys which are used for encryption.
10 ENCRYPTION ALGORITHM
Step 1: Ask for the image and the keys X1 and Y1 and the resizing factor “fac”.
Step 2: Generate the function g( ) which will contain the values generated from a function in an array.
Step 3: Find the absolute value of the function g( ). Here U=gcd(X1,Y1).
Step 4: Pass it through a low pass filter.
Step 5: Resize the image using bi-cubic interpolation and get the RGB layer in a separate matrix with the factor “fac”.
Step 6: Multiply the pixel values with the absolute values calculated.
Step 7: Flip the new formed Red matrix upside-down.
Step 8: Flip the new formed Green matrix left-side right.
Step 9: Rotate the Blue matrix by twice of the “fac”.
Step 10: Generate the image again save it in .bmp format. (The image is saved in .bmp format because actual values of the pixel are retained and the number of pixels is also the same which is in contrast with the other compressed images like jpeg, gif, etc.)
Step 11: Send the image with the resizing factor to the receiver.
11 DECRYPTION ALGORITHM
Decryption is just the reverse process of encryption. The aim of decryption is to make the encrypted information readable again (i.e. to make it unencrypted).
Step 1: Receive the image and ask for the key and resizing factor.
Step 2: Break the received image into Red Green and Blue parts/layers.
Step 3: Flip the new formed Red matrix upside-down.
Step 4: Flip the new formed Green matrix left-side right.
Step 5: Rotate the Blue matrix by twice of the “fac”.
Step 6: Generate the function depending upon the keys. Here U=gcd(X1,Y1).
Step 7: Find the absolute value of function and pass it through low pass filter.
Step 8: Divide the pixel values of the received image with the absolute value of the function.
Step 9: Form the image.
Step 10: Resize the image by multiplying its r ows and column with the “fac” using bi-cubic interpolation
12 HOW TO WORK?
This section presents the simulation results illustrating the performance of the proposed cryptosystem. The test image employed here is the true color image “parrot” with 290A?-290 pixels. The key size is of 47 bits. The encryption and decryption algorithm are implemented in MATLAB 7.0 in core2duo of 2.66 GHz machine. The decryption algorithm takes 40 seconds to get executed. Now if an intruder goes for the exhaustive search for the keys then it will take around 2.2*1022 years to get the keys. This is the long time for secret information to lose its secrecy. Hence the proposed system is a strong one. If the key length is increased the system will become more secure. The results for our system are shown in figure 12.1 and in figure 12.2.
Original image (b) Encrypted image (c) Decrypted image
Figure 6: encryption and decryption process
(a) Original image (b) Encrypted image (c) Decrypted image
Figure 7: encryption and decryption process
As stated earlier, the efficiency of any cryptosystem depends on the quality of the reconstructed image. We used the Structural Similarity (SSIM) index for measuring the quality between two images. The SSIM index can be viewed as a quality measure of one of the images being compared provided the other image is regarded as of perfect quality. The quality measures are calculated between the original image and the encrypted/decrypted image. Table 1 shows the quality measures of the images in figure 12.1 and in figure 12.2.
TABLE 1: SSIM INDEX
13 STEGANOGRPHY AND VISUAL CRYPTOGRAPHY:
Next the RIVC (Region Incrementing Visual Cryptography) method. In RIVC, the original image is sectioned into ‘n’ number of secrets and then ‘n+1’ number of shares are then created. Any ‘n’ number of 27 shares stacked would reveal ‘n-1’ number of secrets . The advantage to this method is that a user can pick which region of the secret image to assign to a secrecy level, and thus it makes it flexible and accommodating to user preferences. As this method may not seem to be as secure as other methods because of the fact that some levels of secrecy can still be revealed even if one doesn’t have all the shares, it is hard for the person who is trying to reveal the secret data to know if the shares that they have are all the shares or if they’re missing any. So if someone has 3 out of 5 shares and sees some data revealed, they may think that they’ve found the secret and stop looking for the other two. But if someone is using this method to hide a certain secret in a certain level, but decides to create other secrets as decoy, this doesn’t guarantee the hider that others won’t be able to reveal that secret if they happen to obtain the right shares. This is definitely an interesting method because it can be used in many ways and it is challenging to tell which shares reveal the real secret and which shares reveal decoy secrets. The ‘colour image secret sharing’ is one of the newer proposed methods which are capable of encrypting a color image. Its author claims that using the decryption module, perfect reconstruction can be achieved. Encryption of the image happens at the bit level of the blocks of the image. The result is a set of color-noise-like image shares. Because the encryption happens at the vector level, the shares have no correlation to the original image, which makes them resistant to brute force attacks that attempt to decrypt them. With this method, overlaying of shares doesn’t reveal any data; the decryption module has to decrypt the shares for the data to be revealed. This is good for added security since only those with software which implements this algorithm are capable of revealing the secret image. Two advantages of this method are that it decrypts the image shares without altering the secret image or effecting its quality or dimensions, and that the decryption satisfies the perfect reconstruction property. This means that after decryption, one would obtain a revealed image that is identical in look and content to the original secret images.
Figure 8: proposed algorithm using both steganography and VISUAL CRYPTOGRAPHY with perfect reconstruction
Steganography and visual cryptography have many similarities and differences, and thus have various uses in the digital and real worlds. Different algorithms for steganography and visual cryptography have different advantages and power, as well as disadvantages and weaknesses. So we notice that certain methods are easier to detect than others. But generally, the job of forensic and security investigators is not easy. When steganography and visual cryptography detection tools are used exclusively, it is almost impossible for investigators to uncover hidden or encrypted data. On the other hand, if these detection tools are used in conjunction with other tools and factors that narrow down the search to a somewhat smaller data set, then it makes the lives of investigators much easier and gives them a better chance of detecting suspicious data. It would be very interesting to learn how detectable data is after applying visual cryptography with perfect reconstruction to an image with hidden data. Also, an interesting detection question is whether we can reconstruct a set of ‘n’ shares into a meaningful image that is different than the image used to create those shares by omitting some of the n original shares and by including an additional share specifically constructed for such purpose. Basically this is a question about the uniqueness of the shares created by different visual cryptography algorithms.