The message within

Steganography is a technique by which one can hide secret messages inside digital images and audio. It's power is seen when it works in tandem with cryptography. How do you crack a code that cannot be seen in the first place?

Mahesh Shantaram

10/26/99

Another layer to security
Cryptography is the practise of encrypting (or coding) data so that only the recipient with the right "key" will be able to decode and use it. Digital cryptography techniques have advanced so much that for most purposes, they are almost impossible to crack.

However, there's a Midas touch to computing technology. Everything gets outdated even before it gains firm ground. Not too long ago, 64-bit encryption was the Holy Grail of crypto technology, but that's far too weak by today's standards. We're now talking of 1024-bit encryption! The good news is that you don't have depend on cryptography alone. Steganography is a technique that adds another layer of security to data transfer.

How it all began
Like the Midas touch, and many other inspiring tales, steganography too has its roots in ancient Greece. An ingenious method of conveying secret messages was developed whereby the head of a messenger was shaved, and the message tattooed onto it. When the hair grew, the messenger could simply walk by guards without anyone ever noticing. Steganography is Greek for covered writing.

What it does
Steganography was defined best by Markus Kunh as "the art and science of communicating in a way which hides the existence of the communication." In cryptography, a message is warbled, and left as an open challenge for the "enemy" to crack. With steganography, the presence of the message itself is craftily concealed within other data. By applying the two together, life becomes doubly difficult for a cracker (one who revels in breaking coded messages). The question of which is a better security technique does not arise because they complement each other. How do you crack a code when you can't find it in the first place?

How it works
All computer data is represented as bits, eight of which make up a byte. The last bit in a byte is called the Least Significant Bit because of all the bits, changing that has least impact on the data as a whole. Digital steganography exploits this fact to the fullest in embedding secret information within images, audio, video, and other digital information.

The secret behind it
Playing around with the last bit of an image pixel (a dot of color) is O.K. because the change in color is too insignificant for the eye to notice. When the same thing is repeated with digital audio (like a WAV file), the ear is not sensitive enough to detect the degradation of audio quality. These files, known as carriers, are like the messenger whose head was shaven.

Some carriers are better
The process of fusing information into the carrier is done by steganographic software, which writes one bit of the message into every available byte of the carrier. However, you can't use any file in steganography. 24-bit color images, 256-shade grayscale, 8-bit GIFs, and 8-bit audio are among the best carriers. (for more details, see What it takes to be a carrier)

Steganography in action
Steganography and cryptography are independent anti-cracker techniques. You don't have to encrypt data before applying steganography, but it helps. It is not a powerful method of security in itself, but the combination of the two technologies can be more powerful than the parts.

Digital watermarking is an application of steganography. Copyright information and the identity of the original owner are embedded into images and audio as a measure against piracy.

Back to the Goodies Page!

©Ankur Jain 1999