• Cryptography and stenography. Steganographic methods of information security. Binary cryptography (based on open press materials)

    Priorities and main directions of foreign policy of the Russian Federation.

    The process of globalization and the main trends in the development of international relations.

    Neoliberal, Realistic, Liberal, Neorealistic

    v Formation of a multipolar world. After the collapse of the Soviet Union, the division of the world into two main centers disappeared. New centers of power are emerging, including in Asia. There is a de-ideologization of international relations - the struggle of capitalism with the socialist camp ceases (at least, no open confrontation is observed);

    v Globalization of international relations. This process is due to the interpenetration of national economies and cultures. Countries interact in various areas, and a change in one of them can affect the state of others. This is manifested not only in the cooperation of countries, but also in the creation of influential international economic and political organizations that establish uniform rules of conduct for participating countries.

    v Exacerbation of global problems. Along with technical progress problems have arisen that can be roughly divided into political, economic, environmental and social. Problems such as international terrorism and environmental conservation cannot be solved by each country on its own. New common problems have emerged in social sphere. These include serious illnesses, harmful addictions, etc. The problem of the gap in the standard of living of the population of different countries of the world is also acute. The crime rate is rising.

    v Increasing differences between the part of the world that lives well and the part where the situation is unstable. Most of the world's population lives in an unstable zone. These are countries in Africa, Latin America, Asia and part of the countries formed after the collapse of the USSR. The life expectancy of people in such countries is lower than the world average, the economy is poorly developed, and the political situation is significantly different from democracy in the countries of Western Europe, Canada, Japan, etc.

    v Democratization.

    v Desovereignization of modern states - states lose their sovereignty and become virtually dependent on the will of other countries, or so-called “failed” states appear - those states that have not found their national basis due to territorial or cultural-civilizational problems (for example, Transnistria, Nagorno-Karabakh etc.)

    v strengthening the role of non-traditional actors in international relations

    1. Establishment trust relationships with countries of the West and East. Those. For Western European countries, Russia will supply oil, gas, chemicals. products, lumber. For the countries of the Middle East, South and Southeast Asia, Russia can become an industrial and cultural partner.
    2. Protection of the rights of 25 million Russians who found themselves immigrants in new sovereign states.
    3. Solving global problems of our time.



    But the most important condition for gaining a worthy status in international relations is strengthening the integrity of the Russian Federation, as well as economic development.

    Foreign policy at present should be focused on avoiding isolation and joining the world community as a sovereign, self-respecting power. Russia must take its rightful place in the system of international relations based on equality of parties, mutual respect, and mutually beneficial cooperation.

    Professor, Faculty of Global Processes

    Doctor of Cultural Studies V.I. Bazhukov

    Ways to solve the problem of secret transmission of information:

    1. Create an absolutely reliable communication channel between subscribers, inaccessible to others.

    2. Use a public communication channel, but hide the very fact of transmitting information.

    3. Use a public communication channel, but transmit over it necessary information in a transformed form, such that only the addressee could restore it.

    The second problem is solved by steganography, and the third by cryptography.

    Cryptography is the science of searching and researching mathematical methods for converting (encrypting) information in order to protect it from illegal users.

    Plain text – information in its original form.

    Cipher text– information subject to an encryption algorithm.

    Algorithm– A method used to convert plaintext into ciphertext.

    Key– input data through which the algorithm converts plaintext into encrypted text or vice versa.

    Encryption– the process of converting plaintext into cipher.

    Decryption– the process of converting a cipher into plaintext.

    Cryptography is the science of ways to transform information in order to protect it from illegal users.

    Cryptographer– a person involved in cryptography.

    Cryptanalysis– the art of analyzing cryptographic algorithms for vulnerabilities.

    Cryptanalyst– a person who uses cryptanalysis to identify and exploit vulnerabilities in cryptographic algorithms.

    Objectives of cryptography: to ensure: confidentiality, integrity, authentication, impossibility of non-repudiation.

    Permutation ciphers use rearrangement of plaintext fragments.

    Replacement ciphers use transformations in which fragments of plaintext are replaced by some characters or groups of characters in the ciphertext.

    Based on the relationship between the encryption and decryption keys, replacement ciphers are divided into: With symmetrical (single-key systems that use the same secret key to encrypt and decrypt text) and asymmetrical (two-key systems that use different keys to encrypt and decrypt text).

    If it is possible to change the cryptographic algorithm during the encryption process, replacement ciphers are divided into: mono-alphabetic (each cipher value is replaced by a cipher value according to an unchanged algorithm) and multi-alphabetic (each cipher value can be replaced by cipher values ​​using several algorithms).

    Based on the minimum size of a plaintext fragment, replacement ciphers are divided into: stream ciphers (one character is processed at a time) and block ciphers (a block of fixed-length characters is processed at a time).

    Based on the number of possible replacements of plaintext fragments, replacement ciphers are divided into: unambiguous (each cipher value can be replaced by only one cipher value) and polysemantic (each cipher value can be replaced by one of several cipher values).

    Based on the number of possible plaintext variants obtained from the ciphertext, replacement ciphers are divided into: equivalent (from the ciphertext one version of the plaintext is obtained) and mixed (from the ciphertext several versions of the plaintext are obtained).

    Composition ciphers represent the sequential application of several encryption procedures of different types.

    Cryptogram(cipher - text) - encrypted message, i.e. protected information to which the encryption process has been applied.

    Steganography is a science that studies methods of organizing the transmission of secret messages that hide the very fact of transmitting information (disguising information).

    Message- secret information, the presence of which in the container must be hidden.

    Container- any information intended to conceal secret messages.

    Key- a secret key necessary to hide information.

    Application areas of steganography:

    1. hiding data (messages). Hiding embedded data, which in most cases is large, places serious demands on the container: the size of the container must be several times larger than the size of the embedded data;

    2. Digital watermarks are used to protect copyright or property rights in digital images, photographs or other digitized works of art. The main requirements for such embedded data are reliability and resistance to distortion.

    3. headers are used mainly for labeling images in large electronic repositories (libraries) digital images, audio and video files. In this case, steganographic methods are used not only to introduce an identifying header, but also other individual characteristics of the file. Headings should introduce minor distortions and be resistant to basic geometric transformations.

    Steganographic methods of information protection:

    1. Slight modification of images (Image Domain) is assumed. Image Domain methods - sometimes called Bit Wise Methods - typically use bitwise modification, such as changing the least significant bit (LSB). These methods are considered simple, they are easier to decode and allow the loss of information during certain transformations of the carrier file, for example, during compression. Of the three most popular image compression algorithms - Windows Bitmap (BMP), Graphic Interchange Format (GIF) and Joint Photographic Experts Group (JPEG) - BMP and GIF, which are characterized by lower losses, are more often used. The most common tools that implement Image Domain methods are Hide and Seek, Mandelsteg, Steganos, StegoDos, S-TOOLS and White Noise Storm.

    2. Use image transformation (Transform Domain). Transform Domain methods use discrete cosine transformation (DCT) or wavelet transformation. These methods are more stable; the embedded information is not lost during any transformations, so they are most often used when creating digital watermarks. Typically, JPEG files are used; Some of the most popular tools include Jpeg-Jsteg, JPHide, Outguess, PictureMarc, and SysCop.

    Currently, computer steganography methods are developing in two main directions:

    Methods based on the use of special properties computer formats;

    Methods based on redundancy of audio and visual information.

    Attacks on stegosystems:

    Attack on a known full container- the attacker has one or more stego messages. In the case of several stego messages, it is considered that the recording of hidden information was carried out by the sender in the same way. The attacker's task is to detect the existence of a stego channel, as well as access to it or determine the key. With the key, other stego messages can be revealed.

    Attack based on a well-known mathematical model of a container- the attacker determines the difference between the suspicious message and the model known to him. For example, let the bits within an image sample be correlated. Then the lack of correlation can serve as a signal of the presence of a hidden message. In this case, the task of the message implementer is not to violate the statistical laws in the container.

    Known empty container attack- if an attacker knows an empty container, then by comparing it with the intended stego, the presence of a channel stego can be established. Despite the apparent simplicity of the method, there is a theoretical justification for the effectiveness of this method. Of particular interest is the case when the container is known to us with some error (this is possible when noise is added to it).

    Steganography has been the subject of much debate in recent years, with speculation in particular that terrorists may have used it in the September 11 attacks. But since there was no evidence of this, interest in steganography as a effective remedy data hiding continues to grow. Of course, along with encryption, steganography is one of the main methods of preserving confidential information. This article is a brief introduction into steganography and answers the questions: what is steganography, how it can be used, and its importance for information security.

    F5 was developed by Andreas Westfield and runs as a DOS client. A couple of GUIs have also been developed: the first utility is "Frontend", created by Christian Wohne, and the second is "Stegano", whose author is Thomas Biel. We tested F5, beta version 12. It turned out to be very easy to encode a message in JPEG format, even when the release is German. The user can do this very easily by following the wizard's instructions, specifying the path to the picture (we used a simple text file created in Notepad), and entering a keyword. As you can see for yourself, it is difficult to tell from the next two images whether they contain an embedded message or not.

    Fig.1 Without message

    Fig.2 with attached file

    Of course, the attached file was very small (consisting of just one line "This is a test. This is only a test."), so not too many pixels had to be replaced to hide the message. What happens if we try to hide a larger document? F5 only works with text files. When I tried to hide a larger Word file, although the program accepted it, it was unable to restore it. However, it seems that large files can also be attached to images, just like small ones.

    SecurEngine doesn't look like a professional utility that can hide text in an image. When we hid our little message in a larger text file, we discovered an extra character ("I") at the end of the encrypted file. There was no such symbol in the original. SecurEngine only allows users to hide the image and/or encrypt it. The test sentence was encoded and decoded without any problems. SecurEngine also includes tools for more secure file destruction.

    The MP3Stego utility, which allows you to hide data in MP3 files, worked very well. The encryption process works like this: you encrypt a file (text, for example) as a .WAV file, which is then converted to MP3 format. The only problem that has arisen is that in order to encrypt large data, you need to have a file proportional to the amount of data. For example, the small message that we used in previous experiments turned out to be too large for a WAV file (the size of a WAV file was 121KB, and the size of a text file was 36 bytes). To complete the experiment, I had to reduce the text file to 5 bytes - only the word “test”. We found a corresponding file with a size of 627 KB. The final MP3 file took 57KW.

    Steganos Suite is a commercial package that combines many utilities. In addition to a nifty destructive trace function (for the Internet) and a file destruction utility, the program also has a so-called file manager that allows users to encrypt and hide files on their hard drive. The user selects a folder or file that should be hidden and the file is the “carrier” of information - necessarily graphic or musical. The program also allows users to create files themselves using a microphone or scanner. If you don't have a suitable file, the built-in file manager can search for the desired file on your hard drive. This utility, unlike those we tested, is capable of working with different file formats (dll, dib). So, if you need a quality encryption product, you will have to shell out money for a commercial package.

    Steganography and security

    As previously mentioned, steganography is an effective method of hiding data and protecting it from unauthorized or unwanted viewing. But still, this is only one way to protect information. Perhaps it would be better to use steganography in conjunction with other data hiding methods, which would make multi-layered security possible. The following are some of the alternative methods of hiding data.

      Encryption- the process of transforming information through a series of mathematical operations. The result of encryption is ciphertext. Encrypted data can only be read if the necessary key is available. Encryption does not hide the data, but it does make it harder to read.

      Hidden directories (Windows)- Windows offers the ability to hide files. Using this feature is very easy: just set the “hidden” attribute in the properties of a folder or file and hope that no one displays all types of files in the explorer.

      Hidden directories (Unix)– on platforms Unix in existing directories containing many files, such as /dev, or by creating your own directory, in the name of which you use three dots (usually one or two are used).

      Hidden channels– Some utilities are used to transfer valuable data that looks like ordinary network traffic. One of these utilities, Loki, is capable of hiding data in ICMP traffic.

    Steganography protection

    Unfortunately, all the methods we talked about can also be used for the purpose of illegal, unauthorized or unwanted actions. The ability to detect or prevent information leakage is not a trivial task. If someone decides to use steganography to hide data, then the only way to detect it is through active monitoring of special files and luck. Sometimes active security measures can answer the question - strict policies against the installation of unauthorized software.

    Using existing utilities to control network traffic can also be useful. Intrusion detection systems can help the administrator to identify normal traffic and thus see anomalies, for example, when large pictures are transmitted over the network. If an administrator is prepared for this type of anomalous activity, it may help in further investigation. Intrusion detection systems located on each machine can also help detect anomalous accumulation of images and/or video files.

    A study conducted by Stefan Hetzl on his website talks about two methods of steganography, which in turn are means of detecting it. This is a visual and statistical attack. “The idea of ​​a statistical attack is to compare the frequency of color distribution for a possible carrier of hidden information and the theoretically expected frequency of color distribution for a file that carries hidden information.” This may not be the fastest method of protection, but if there is suspicion about this type of activity, then this method may be the most effective. There is a utility specifically for JPEG files that can detect steganography traces in these files. A related utility to , called Stegbreak, is capable of decrypting and finding possible information in a suspicious file.

    Conclusion

    Steganography is one of the most fascinating and effective methods hiding data that has been used throughout human history. Methods that can expose the cunning tactics of attackers are imperfect, but the good news is that such methods exist. There are many reasons why you should use steganography (signatures, passwords, keys), but the main one is ease of use and difficulty in detection. The more you know about steganography techniques, the more likely you are to avoid getting into trouble.

    Steganography (from the Greek στεγανός - hidden and Greek γράφω - I write, literally “secret writing”) is the science of the hidden transmission of information by keeping the very fact of transmission secret.

    Unlike cryptography, which hides the contents of a secret message, steganography hides its very existence. Steganography is usually used in conjunction with cryptography methods, thus complementing it.

    Classification of steganographic methods of information security

    At the end of the 90s of the twentieth century, several areas of steganography were formed:

    • Classic steganography
    • Computer steganography
    • Digital steganography

    Classic steganography

    Steganography in the Ancient World

    There is a version that the ancient Sumerians were among the first to use steganography, since many clay cuneiform tablets were found in which one entry was covered with a layer of clay, and another was written on the second layer. However, opponents of this version believe that this was not at all an attempt to hide information, but just a practical need.

    In the works of the ancient Greek historian Herodotus, there is a description of two more methods of hiding information: the necessary message was written on the shaved head of a slave, and when his hair grew back, he went to the addressee, who shaved his head again and read the delivered message. The second method was as follows: the message was applied to a wooden tablet, and then it was covered with wax, and thus did not arouse any suspicion. Then the wax was scraped off and the message became visible.

    cute ink

    One of the most common methods of classical steganography is the use of sympathetic (invisible) ink. Text written with such ink appears only under certain conditions (heating, lighting, chemical developer, etc.) Invented back in the 1st century AD. Philo of Alexandria, they continued to be used both in the Middle Ages and in modern times, for example, in letters from Russian revolutionaries from prison. In the Soviet school curriculum, the literature course taught the story of how Vladimir Lenin wrote with milk on paper between the lines, see Stories about Lenin. The milk developed when heated over a flame.

    There are also inks with chemically unstable pigments. What is written with this ink looks like something written with a regular pen, but certain time the unstable pigment decomposes, and not a trace remains of the text. Although when using a regular ballpoint pen, the text can be reconstructed from the deformation of the paper, this disadvantage can be eliminated by using a soft writing unit, like a felt-tip pen.

    Other steganographic methods

    During World War II, microdots were actively used - microscopic photographs pasted into the text of letters and telegrams.

    There are also a number of alternative methods of hiding information:

    • writing on the side of a deck of cards arranged in the agreed order;
    • recording inside a boiled egg;
    • “slang ciphers”, where words have a different determined meaning;
    • stencils, which, when placed on the text, leave only significant letters visible;
    • knots on threads, etc.

    Currently, steganography most often refers to hiding information in text, graphic or audio files using special software.

    Computer steganography

    Computer steganography is a branch of classical steganography based on the features of the computer platform. Examples: steganographic file system StegFS for Linux, hiding data by writing information in unused areas of file formats, character substitution in file names, text steganography, etc. Another example of the implementation of computer steganography in conjunction with cryptography is the TrueCrypt application, which implements the so-called technology. "hidden encrypted volumes".

    Digital steganography

    Digital steganography is a branch of classical steganography based on concealment or injection additional information into digital objects. As a rule, these objects are multimedia objects (images, video or audio files, textures of 3D objects), changes to which cause only minor distortions that are below the sensitivity threshold of the average person, which does not lead to noticeable changes in these objects.

    Implementation of digital steganography using Linux Ubuntu OS

    In all OS distributions without exception Linux Ubuntu The steghide application is included to allow you to hide text files in image files.

    Suppose we want to “hide” a text file with a quote from the Bible: “The prudent sees disaster and takes cover, but the inexperienced go forward and are punished” in a file with a photo of a tiger (see right).

    Let's create a directory in the current user's home directory in which we will save both files - text and graphic:

    Mkdir ~/steg

    Let's move to the created directory:

    Wget http://site/wp-content/uploads/2014/10/bible..jpg

    If the steghide application is not yet installed on the system, you should install it:

    Sudo apt-get install steghide

    In order to embed the text file bible.txt into the graphic file tiger.jpg, you should run the following command in the terminal:

    Steghide embed -ef bible.txt -cf tiger.jpg -sf tiger_with_text.jpg

    During the execution of the last command, the user will be prompted twice to enter a password, with which the text file itself will also be encrypted before the text file is embedded with a graphic. cryptographic methods(block cipher), which will make it practically impossible for persons for whom the text information is not intended to retrieve the file. The embedding process itself will look like this in the terminal:

    :~/steg$ steghide embed -ef bible.txt -cf tiger.jpg -sf tiger_with_text.jpg Enter passphrase: Re-Enter passphrase: embedding "bible.txt" in "tiger.jpg"... done writing stego file " tiger_with_text.jpg"... done :~/steg$

    The result of executing the command will be a file tiger_with_text.jpg, which differs from the original one in that, unlike the original one, it contains hidden text (see the image on the right). Please note that the resulting file with a photograph of a tiger with embedded text is no different in appearance from the original photograph of the tiger.

    Let's take a closer look at the command to embed a text file. The embed option tells the steghide application that the user wants to embed a text file into a graphic file. The -ef option specifies a text file to be embedded in the graphic; the -cf option indicates the graphic file into which the text file will be embedded, the -sf option indicates the name of the graphic file into which the result of the application will be saved, i.e. graphic file with embedded ciphertext.

    Now let's look at the process of extracting a text file from a photo of a tiger. Delete the text file and make sure the text file is not in the ~/steg directory:

    Rm -rf ~/steg/bible.txt ll ~/steg

    To extract a text file from a graphic file, run the command:

    When executing the command, the user must enter a password to decrypt the text file. As a result, a text file bible.txt will be created in the ~/steg directory, containing text information extracted from the graphic file.

    Let's look at the options in the last command in more detail. The extract option tells the steghide application that the user wants to extract text from a graphic file; the -sf option points to a graphic file containing hidden text information; the -xf option specifies the name of the text file into which the text information extracted from the photo will be written.

    You can also try downloading a file with embedded text information from here:

    Wget http://site/wp-content/uploads/2014/10/tiger_with_text.jpg

    and, using the password: 123456, extract text information from the photo:

    Steghide extract -sf tiger_with_text.jpg -xf bible.txt

    The resulting graphic files with embedded text information can be transmitted using any open channels communications, for example, via email or other Internet services.

    UDC 004.056.5

    Steganographic method for hiding information based on sequences of special points in an image

    scientific supervisor Ph.D. physics and mathematics sciences

    Sterlitamak State Pedagogical Academy named after. Zainab Biisheva

    Currently, along with the widespread use digital formats multimedia and existing problems of digital resource management, research in the field of steganography is becoming increasingly relevant. Solving the problem of hiding information is also an important issue in the context of a developed network communication infrastructure for users of global computer networks, with the development of which it has become possible to quickly and economically transfer electronic documents to different parts of the planet. At the same time, significant volumes of transmitted materials are often accompanied by illegal copying and distribution. As a result, this forces us to look for ways to hide copyright information in various text, graphic, audio, video, and other types of files.

    Today, there are quite a lot of software products used for steganography purposes and implementing methods for introducing confidential data into various types of files.

    The classic task of steganography is to organize the transmission of a secret message in such a way that both the content of the message and the fact of its transmission are hidden from everyone except interested parties. To solve this problem, a message called a container (stego container) is used, into which the secret message required for transmission is embedded. At the same time, developers of steganographic methods must organize the transparency of transmitted confidential data: changing a certain number of information bits in the container should not lead to significant losses in its quality (there should be no embedding visualization artifacts). The most common containers are files containing digital photographs, text, music, and video. So, for example, when using graphic files as a container for third-party observers, the process of transmitting messages will be perceived as a normal exchange of digital graphic files. At the same time, it is important to remember the importance of observing one condition: no one should have access to both the source file selected as the container and the file containing the hidden message, since in this case a simple comparison of the files will immediately reveal the presence of the message.

    As noted above, in computer steganography almost any container can serve as a container. file format, however, the most common media type is BMP image files. This is explained by the fact that for the purposes of steganography, the most preferred file formats are those that use lossless compression methods (such types of compression are typical for images in the BMP, TIFF, PNG, TGA, etc. formats). Also, a positive side in favor of choosing the BMP format is the high image quality and simplicity of the format.

    It's worth noting that when working with file formats that use lossy compression, such as JPEG, it is common to still convert the JPEG data stream to a BMP data stream. From the standpoint of steganography files of this format allow you to hide relatively large amounts of information.

    In this work, a 24-bit raster image in the RGB color system is considered as a container. Each color combination of a tone (pixel) is a combination of brightness values ​​of three component colors - red (R), green (G) and blue (B), which each occupy 1 byte (a total of 3 bytes per pixel). Thus, the brightness of each component is written as an 8-bit number and can vary in the range from 0 to 255 (the combination (0, 0, 0) corresponds to black, the combination (255, 255, 255) to white). The use of BMP files in this work is due only to the simplicity of their software processing - all the results obtained can easily be transferred to the case of images in files of other formats.

    The most common steganographic hiding method today is the least significant bit (LSB) substitution method. The idea of ​​the method is to replace from one to four low-order bits in the bytes of the color representation of the points of the original image with bits of the hidden message. There are also a number of works devoted to the synthesis of steganography systems, which make it possible to increase the volume of hidden information several times compared to the LSB method.

    Traditionally, LSB methods are implemented according to the following scheme: the transmitted message is encrypted using secret key, after which the bits of the encrypted message are written in place of the least significant bits of the color components of the image. In the simplest case, recording is carried out sequentially in each component of the color of the point, but it can also be done in some other order, specified on the basis of the same secret key. Visually, no distortions will be noticeable in such an image (the human eye most likely will not notice the differences even if there is a source file for comparison). However computer methods steganalysis will be able to determine the presence of an embedded message (for example, the steganalysis method proposed and belonging to the class of universal methods). Therefore, a number of works propose variants of LSB methods that are more resistant to steganalysis. This is, for example, a method that takes into account the statistics of the least significant bits of the image.

    This paper proposes a method that uses the distribution of some special points in the image (shades absent in the original image).

    At the first stage, it is necessary to prepare the container to receive the hidden message - in the original image file, the components (shades) of three colors with values ​​of 255 are changed to 254. At the same stage, the hidden message is translated into a binary sequence.

    At the second stage, the container file is analyzed for the presence of points that satisfy the following condition: in the entire image, two shades of the color of the points (for example, blue (B) and green (G)) coincide, and the third shade (in this case, red (R)) Let's denote its numerical value by X) such that in the entire image there are no points for which the value of this hue is X+1, X-1, or X-2. Among all the points found in this way, a sequence of points with the maximum length is selected. This sequence is used to store the hidden message: the corresponding value from the binary representation of the message is added to the X value of the third shade. In this case, the first three bytes of the message contain information about the length of the message. The first point from the found sequence should be left unchanged.

    It is obvious that for each potential container file, the distribution of points that satisfy the above-mentioned requirement for shades is completely random. Due to this this method does not introduce significant deviations into the statistics of the distribution of the least significant bits of the image, and should be quite resistant to steganalysis methods.

    Once a message is added to a container file, the original empty container is no longer needed and can be deleted. Thus, this method allows you to use only one file for transmission (and subsequent recovery) of a hidden message. Message recovery is based on searching the entire image for points for which two shades of color are the same, and the third shade is such that there are no points in the entire image for which the value of this shade is equal to X-1 or X-2.

    With this method of hiding information, the maximum amount of information that can be placed in a container file depends entirely on the image file: some images will allow you to save more information, some less (or not at all). In addition, the very location of the hidden message in the container file will also depend on the specific image.

    Obviously, if the method used to place the information in the container is known, then it is easy to derive the hidden message from it. This is a disadvantage not only of the method described here, but also of any other. That is why it is necessary to provide for such a change in the method that, even knowing the algorithm for its implementation, it is impossible to extract the hidden message (only the one to whom it is addressed should extract the message). To do this, the secret message is usually compressed and encrypted before being embedded in a container, in order to increase security and compactness. Various algorithms can be used for compression, for example algorithms of the LZ or BWT family. In addition, when embedding a message into a container, you can use an additional secret key, which will determine the order in which the message is embedded.

    The described method, of course, allows for all sorts of modifications. For example, to increase the capacity of a container, you can use not only a sequence of points maximum length, but also all other sequences of points that satisfy the above condition. Along with the use of a secret key, this will increase the algorithm’s resistance to steganalysis.

    References

    1. , Basics of steganalysis.// Information protection. Confidential. – St. Petersburg: 2000, No. 3. – P. 38-41.

    2. ,Digital steganography. – M.: Solon-Press, 2002. – 272 p.

    3. , Fionov based stegosystem raster images taking into account the statistics of the least significant bits // Bulletin of SibGUTI. – 2009. No. 1. – P. 67-84.

    4. Computer steganography. Theory and practice. – K.: MK-Press, 2006. – 288 p.

    5. Zhilkin graphic data based on compression methods // Bulletin of SibGUTI. – 2008. No. 2. – P. 62–66.

    6. Kuvshinov and algorithms for hiding large amounts of data based on steganography / Dissertation for the degree of candidate of technical sciences. - Saint Petersburg. 2010. – 116 p.

    I think everyone has heard of steganography at least once. Steganography (τεγανός - hidden + γράφω - I write, literally “hidden writing”) is interdisciplinary the science and art of transmitting hidden data, inside others, not hidden data. The hidden data is usually called stego message, and the data that contains stego message called container.

    There are countless steganographic methods. At the time of this writing, at least 95 steganography patents have already been published in the United States, and at least 29 patents have been published in Russia. Most of all I liked the patent Kursh K. And Lav R. Varchney "Food steganography"(“Food steganography”, PDF)

    A picture from a “food” patent to attract attention:

    However, after reading a decent number of articles and works devoted to steganography, I wanted to systematize my ideas and knowledge in this area. This article is purely theoretical and I would like to discuss the following questions:

    1. Purposes of Steganography- in fact there are three of them, not one.
    2. Practical application of steganography- I counted 15.
    3. The place of steganography in the 21st century- I believe that from a technical point of view modern world already prepared, but "socially" Steganography is still “lagging.”

    I tried to summarize my research on this issue. (This means there is a lot of text)
    I hope for reasonable criticism and advice from the habro community.

    Purposes of Steganography

    Target is an abstract task regarding which a scientific theory and methodology for achieving this goal are developed. No need to be confused target And application. Target extremely abstract, unlike applications.

    As I said before, there are three goals in steganography.

    Digital fingerprints (Digital Fingerprint)

    This type of steganography implies the presence various steganographic message tags for each copy container. For example, COs may be applicable to protect an exclusive right. If, using some algorithm, the adversary is able to extract the CO from the container, then it is impossible to identify the enemy, but until the adversary learns to forge the CO, he will not be able to distribute the protected container without detection.

    Thus, when extracting a CO, a third party (i.e., an adversary) can pursue two goals:

    1. removing the central heating unit from the container ( "weak target");
    2. replacement of one central heating center with another central heating center ( "strong goal").

    An example of a CO is sales e-books(for example in *.PDF format). When paying for a book and sending it to the recipient, you can *.pdf insert information about e-mail; IP; data entered by the user, etc. Of course, these are not fingerprints or DNA analysis, but, you see, this is better than nothing. Perhaps in Russia, due to a different culture and a different, historically established, attitude towards exclusive rights, this use of steganography is irrelevant; but, for example, in Japan, where downloading torrent files can lead to imprisonment, the use of steganographic centers is more likely.

    Steganographic watermarks (SVZ) (Stego Watermarking)

    Unlike the CO, the SVZ implies the presence identical tags for each copy container. In particular, SVZ can be used to confirm copyright. For example, when recording on a video camera, you can intersperse information about the recording time, video camera model, and/or the name of the video camera operator into each frame.
    If the footage falls into the hands of a competing company, you can try to use the SVZ to confirm the authorship of the recording. If the key is kept secret from the camera owner, then using the SVZ you can confirm the authenticity of photos and/or video images. By the way, our colleague in the shop, Dmitry Vitalievich Sklyarov, successfully . The problem was really a hardware one, Dmitry Vitalievich did not touch the quilt itself, nevertheless, he steganographically “proved” the authenticity of Stalin with the iPhone.

    Photo of Stalin with an iPhone, taken by D.V. Sklyarov (with correct SVZ)


    Hidden Data Transfer (SDT)

    This is the “classical” goal of steganography, known since the time of Aeneas Tacticus (Αινείας ο Τακτικός, see his work containing simple steganographic techniques:). The task is to transmit data so that the enemy does not realize that the message has appeared.

    In modern Russian-language works devoted to steganography, the term is often used DWW (Digital Watermarks). This term means either SVZ or central heating center. (And sometimes SVZ and DH at the same time, and even in one article!) Nevertheless, when implementing DH and SVZ, the problems and tasks that arise are fundamentally different! Indeed, the SVZ on all copies of an electronic document is the same, and the CO on all copies of documents is different. For this reason, for example, conspiracy attack fundamentally impossible in SVZ! At least for this reason, it is necessary to distinguish between SVZ and CO. I strongly advise anyone who is going to work in the field of steganography not to use the term digital signature in their speech.

    This seemingly obvious idea still causes confusion among many. A similar point of view on the need to distinguish between SVZ and CO was expressed by such well-known “steganographers” in narrow circles as Cachin, Petitcolas, Katzenbeisser.

    For each of these three goals, you should develop your own criteria for the strength of a steganographic system and formal information-theoretical models for achieving them, because The meaning of using steganography is different. The fundamental difference between SVZ and CO is written above. But maybe it makes sense to combine SPD with the central heating center or with SVZ? No! The point is that the meaning of the SOP is the hidden data transfer itself, and the CO and SVZ are intended to protect the container itself. Moreover, the very fact of the existence of a CO or SVZ may not be secret, unlike most tasks for SPD. In particular, for this reason, talking about the possibility of constructing a perfect stegosystem (according to Cachen) for the implementation of central or central control for most practical problems does not make any practical sense.

    4. Protection of the exclusive right (PR)

    A possible application is the Holographic Versatile Disc (HVD). (However, there is a point of view that this technology was initially “stillborn”) The HVBs currently being developed can contain up to 200 GB of data per cartridge. These technologies are supposed to be used by television and radio broadcasting companies to store video and audio information. The presence of a central center inside the correction codes of these disks can be used as the main or additional means to protect licensing rights.

    Another example, as I wrote earlier, is online sales information resources. This could be books, films, music, etc. Each copy must contain a CO for personal identification (at least indirectly) or a special mark to verify whether it is a licensed copy or not.

    The company amazon.com tried to realize this goal in 2007-2011. Quote from the article:

    In Russian: the downloaded file will contain a unique purchase identifier, date/time of purchase and other information (...).

    It was not possible to download these compositions directly (Amazon swears and says that it can only sell them in the United States). I had to ask my American friends and after a while I had the same song in my hands, but downloaded independently by two different people from different Amazon accounts. The files looked exactly the same, the size was the same down to the byte.

    But because Amazon wrote that it includes a download identifier in each mp3 and some other data. I decided to check the two existing files bit by bit and immediately found differences.

    5. Copyright protection (CPR)

    In this case, each copy of the content is protected with one sign. For example, this could be a photograph. If a photograph is published without the photographer’s permission, saying that he is not the author of this work, the photographer can try to prove his authorship using steganography. In this case, each photograph should include information about serial number camera and/or any other data that allows you to “link” a photograph to one single camera; and through the camera, the photographer can try to indirectly prove that he is the author of the photograph.

    6. Protection of document authenticity (POA)

    The technology may be the same as for copyright protection. Only in this case, steganography is used not to confirm authorship, but to confirm the authenticity of the document. A document that does not contain a CVZ is considered “not real”, i.e. fake. Dmitry Sklyarov, already mentioned above, was solving the opposite problem. He found a vulnerability in a Cannon camera and was able to fake the authenticity of a photo of Stalin with an iPhone.

    7. Individual fingerprint in EDMS (CO)

    IN electronic document management system(EDMS) you can use an individual fingerprint inside *.odt, *.docx and other documents when the user works with them. For this purpose it must be written special applications and/or drivers that are installed and running on the system. If this task is completed, then using individual fingerprint it will be possible to identify who worked with the document and who did not. Of course, in this case it is stupid to make steganography the only criterion, but as an additional factor in identifying participants working with a document, it can be useful.

    8. Watermark in DLP systems (SVZ)

    Steganography can be used for preventing information leaks(Data Leak Prevention, DLP). Unlike individual fingerprint in EDMS, in this application of steganography, when creating a document containing a confidential nature, a certain mark is inserted. In this case, the label does not change, regardless of the number of copies and/or revisions of the document.

    In order to remove the tag you need a key. The stegokey, of course, is kept secret. The DLP system, before approving or refusing to release a document externally, checks the presence or absence of a watermark. If the sign is present, then the system does not allow sending the document outside the system.

    9. Hidden transmission of control signal (SPT)

    Let's assume that the recipient is some system (for example, a satellite); and the sender is the operator. In this case, steganography can be used to deliver any control signal to the system. If the system can be in different states and we want the enemy not to even realize that the system has moved to another state, we can use steganography. Using only cryptography, without steganography, can give the enemy information that something has changed and provoke him into unwanted actions.

    I think no one will argue that in the military sphere this task is incredibly relevant. This task may also be relevant for criminal organizations. Accordingly, law enforcement agencies should be armed with a certain theory on this issue and promote the development of programs, algorithms and systems to counter this use of steganography.

    10. Steganographic botnet networks (SBN)

    To be pedantic, this application can be considered a special case hidden transmission control signal. However, I decided to highlight this application separately. My colleague from TSU sent me a very interesting article by some Shishir Nagaraja, Amir Houmansadr, Pratch Piyawongwisal, Vijit Singh, Pragya Agarwal And Nikita Borisov"and “Stegobot: a covert social network botnet”. I’m not an expert on botnet networks. I can’t say whether this is a crapshoot or an interesting feature. I’ll just hear the opinion of the habra community!

    11. Confirmation of the reliability of the transmitted information (CO).

    The stego message in this case contains data confirming the correctness of the transmitted container data. As an example, this could be a checksum or a hash function (digest). The task of verifying validity is relevant if the adversary has a need to falsify container data; for this reason this application should not be confused with document authenticity protection! For example, if we are talking about a photograph, then the protection of authenticity is proof that this photograph is real, not faked in Photoshop. We seem to be protecting ourselves from the sender himself (in this case, the photographer). If authenticity is confirmed, it is necessary to organize protection from third parties (man in the middle), who have the ability to falsify data between the sender and recipient.

    This problem has many classical solutions, including cryptographic ones. Using steganography is another way to solve this problem.

    12. Funkspiel (“Radio Game”) (SPD)

    From Wikipedia:

    Definition of Funkspiel

    Radio game (tracing copy from German Funkspiel - “radio game” or “radio play”) - in the practice of intelligence of the 20th century, the use of radio communications to misinform enemy intelligence agencies. For a radio game, a radio operator or double agent captured by counterintelligence and converted is often used. The radio game allows you to simulate the activities of a destroyed or never-existed intelligence network (and thus reduce the enemy’s activity in sending new intelligence officers), transmit disinformation to the enemy, obtain information about the intentions of his intelligence agencies, and achieve other intelligence and counterintelligence goals.

    The possibility of failure and subsequent radio play was taken into account when planning reconnaissance operations. We agreed in advance various signs in a radiogram, by the presence or absence of which one could understand that the radio operator is working under the control of the enemy.

    Stego message in this case contains data indicating whether the information is worth accepting container seriously. It can also be some kind of hash function or simply a pre-set sequence of bits. It can also be a hash function of the start time of the transfer (In this case, to eliminate the problem of time desynchronization between the sender and the recipient, the time should be taken with an accuracy of minutes or even hours, and not with an accuracy of seconds or milliseconds).

    If the stego message fails validation, the container should be ignored by the recipient, regardless of its contents. In this case, steganography can be used to misinform the enemy. For example, the container could be a cryptographic message. In this case, the sender, wanting to mislead the enemy, encrypts the data with some compromised cryptographic key known to the enemy, and the stego message is used to prevent the recipient from accepting a false container.

    Let's assume that the enemy has the ability to destroy the CO. In this case funkspiel can be used against the interests of the sender. The recipient, without finding the label, will not ignore the received container. Perhaps in some practical decisions it is reasonable funkspiel use with confirmation of authenticity. In this case, any information that does not contain a reliability mark is ignored; and accordingly, for a radio game you should simply not include the tag in the message.

    13. Inalienability of information (INI)

    There are a number of documents for which integrity is important. This can be done by backing up data. But what to do if there is a need to have documents in such a form that it is impossible to separate one information from other information? An example is medical photographs. For reliability, many authors suggest including information about the patient’s name, surname and other data inside the images. See for example the book "Information Hiding Techniques for Steganography and Digital Watermarking" by Stefan Katzenbeisser and Fabien A. P. Petitcolas:

    An excerpt about the use of steganography in medicine. from the book ""Information Hiding Techniques for Steganography and Digital Watermarking""

    The healthcare industry and especially medical imaging systems may benefit from information hiding techniques. They use standards such as DICOM (digital imaging and communications in medicine) which separates image data from the caption, such as the name of the patient, the date, and the physician. Sometimes the link between image and patient is lost, thus, embedding the name of the patient in the image could be a useful safety measure. It is still an open question whether such marking would have any effect on the accuracy of the diagnosis but recent studies by Cosman et al. revealing that lossy compression has little effect, let us believe that this might be feasible. Another emerging technique related to the healthcare industry is hiding messages in DNA sequences. This could be used to protect intellectual property in medicine, molecular biology or genetics.

    Similar arguments can be made about modern astronomy. Here is a quote from Russian astronomer Vladimir Georgievich Surdin ( link to video):

    I envy those who are now entering science. Over the past 20 years, we [astronomers] have generally been marking time. But now the situation has changed. Several telescopes of completely unique properties have been built in the world. They see almost the entire sky and receive enormous amounts of information every night. Suffice it to say that over the previous 200 years, astronomers have discovered several thousand objects. (...) This is 200 years! Today, every night we discover three hundred new objects in the solar system! This is more than a person could write down in a catalog with a pen. [per day]

    Just think, every night there are 300 new objects. It is clear that these are various small space asteroids, and not the discovery of new planets, but still... Indeed, would it be reasonable to embed information about the time of shooting, location of shooting and other data directly into the image? Then, when exchanging images between astronomers, scientists could always understand where, when and under what circumstances a particular image was taken. You can even insert information without a key, believing that there is no enemy. Those. use steganography only for the sake of “not alienating” the images themselves from additional information, hoping for the honesty of users; perhaps this would be much more convenient than accompanying each photo with information.

    From the world computer games You can cite WoW. If you take a screenshot of the game containing the username, the time the screenshot was taken (accurate to the minute and IP), the server address.

    14. Steganographic distraction (?)

    As the name of the task suggests - distract the enemy's attention. This task can be posed if there is any other reason for using steganography. For steganographic distraction It is necessary that the generation of stegocontainers be significantly “cheaper” (in terms of machine and time resources) than detection of steganography by the enemy.

    Roughly speaking, steganographic distraction somewhat reminiscent of DoS and DDoS attacks. You divert the enemy's attention away from the containers that actually contain something valuable.

    15. Steganographic Tracking (STD)

    This application is somewhat similar to step 7 individual fingerprint in EDMS, only the goal is different - to catch the criminal who is “leaking” the information. An example can be given from the real world marked banknotes(“marked money”). They are used by law enforcement agencies so that a criminal who has received money for any illegal activity cannot later claim that he had this money before the transaction.

    Why not adopt the experience of “real colleagues” into our virtual world? Thus steganographic tracking Reminds me of something like a honeypot.

    Forecast about the future of steganography in the first quarter of the 21st century

    Having read fifty different articles on quilting and several books, I will venture to express my opinion on steganography. This opinion is just my opinion and I do not impose it on anyone. Ready for constructive criticism and dialogue.

    Thesis. I believe that the world is technically ready for steganography, but culturally, modern information society not yet ripe. I think that in the near future (2015-2025) something will happen that may in the future be called " steganographic revolution“… This may be a little arrogant statement, but I will try to substantiate my point of view with four points.

    First. At the moment there is no unified theory of steganography. A top secret stegosystem (according to Cashen) is of course better than nothing, but in my opinion this is a black and white photograph of the tail of a spherical virtual horse in a vacuum... Mittelholzer tried to slightly improve the results of Christian Cashen, but so far this is a very broad theory.

    The lack of a unified theory is an important obstacle. It has been mathematically proven that the Vernam cipher (= “one-time pad”) cannot be cracked, for this reason the connection between V.V. Putin and Barack Obama are carried out precisely with the help of this algorithm. There is a certain theory that creates and studies abstract (mathematical) cryptographic objects (Bent functions, LFSR, Facestyle cycles, SP sets, etc.). There is a zoo of terms and models in steganography, but most of them are unfounded, incompletely studied, or far-fetched.

    Nevertheless, there are already certain shifts in this direction. Modest attempts are already being made to use steganography, if not as the main or even the only solution, then as an auxiliary tool. A huge shift in theory has occurred over the past fifteen years (2000-2015), but I think this could be a separate post, it’s hard to say in a nutshell.

    Second. Steganography - science interdisciplinary! This is the first thing any aspiring steganographer should understand. If cryptography can abstract away from hardware and solve exclusively problems in the world of discrete mathematics, then a steganographer must study the environment. Although, of course, there are a number of problems in the construction of cryptosystems, for example, side-channel attacks; but this is not the fault of the quality of the cipher. I think that steganography will develop in accordance with the development of the study of the environment in which hidden messages. Thus, it is reasonable to expect the emergence of “chemical steganography”, “steganography in images”, “steganography in error-correcting codes”, “food steganography”, etc.

    Starting around 2008, everyone realized this. Not only mathematicians-cryptographers, but also linguists, philologists, and chemists became interested in steganography. I think this is a positive change that speaks volumes.

    Third. Modern virtual world oversaturated with texts, pictures of cats, videos, and so on and so forth... On one YouTube site every minute Over 100 hours of video uploaded! Just think every minute! How many minutes have you been reading this lengthy opus?.. Now multiply this number by 100! So many hours of different videos have appeared on YouTube alone during this time!!! Can you imagine it? But this is a huge “ground” for hiding data! That is, “technically” the world has been ready for steganography a long time ago. And to be honest, I am deeply confident that steganography and counteraction to steganography will become the same in the near future actual problem like the BigData Colossus problem...

    This information ceased to be secret, if my memory serves me correctly, only in the 2000s. Another historical example is RSA algorithm, which was invented at the end of WWII by British cryptographers. But, for obvious reasons, the military classified the world's first asymmetric encryption algorithm and the palm went to Diffie, Helman, and then Rivest, Shamir and Adleman.

    Why am I saying this? The point is that in information security everything is invented minimum twice: once “closed”, and the second time “open”; and in some cases even more than twice. This is fine. I think steganography is also waiting (it’s no longer possible).

    In modern Western literature, for some reason, many scientists “disappeared” (i.e. stopped publishing) who in 1998-2008 offered very interesting ideas. (eg Peter Weiner, Michelle Elia). A roughly similar situation existed before the invention of atomic weapons... Who knows, perfect stegosystems may have already been invented and they are being successfully used by the GRU and/or the NSA? And we, finishing reading this post and looking at our wristwatches, calculate how many more hours of purring cats have been uploaded by millions of users on YouTube and whether there are cats with correspondence from terrorists among them; commands for a botnet network or RT-2PM2 drawings encrypted with the Vernam cipher.

    Read more: