An image file is merely a binary file containing a binary representation of the color or light intensity of each picture element (pixel) comprising the image.
Images typically use either 8-bit or 24-bit color. When using 8-bit color, there is a definition of up to 256 colors forming a palette for this image, each color denoted by an 8-bit value. A 24-bit color scheme, as the term suggests, uses 24 bits per pixel and provides a much better set of colors as many as 2^(8*3) = 16777216. In this case, each pixel is represented by three bytes, each byte representing the intensity of the three primary colors red, green, and blue (RGB), respectively. The HTML format for indicating colors in a Web page often uses a 24-bit format employing six hexadecimal digits, each pair representing the amount of red, blue, and green, respectively. The color range, for example, would be displayed with red set to 100% (decimal 255, hex FF), green set to 50% (decimal 127, hex 7F), and no blue (0), so we would use "#FF7F00" in the HTML code. Though human eye is very sensitive, such an extreme variety of colors cannot be distinguished. The color change of a pixel is not visible if the LSBs of the color bytes are changed. (In fact the average number of changes affects half of the color bytes only)
The size of an image file, then, is directly related to the number of pixels and the granularity of the color definition. A typical 640x480 pix image using a palette of 256 colors would require a file about 307 KB in size (640 * 480 bytes), whereas a 1024x768 pix high-resolution 24-bit color image would result in a 2.36 MB file (1024 * 768 * 3 bytes).
A number of compression schemes (BMP, GIF, JPEG file types) have been developed over time, for reducing the size of image files, though all are not equally suited to Steganography.
The JPEG files uses lossy compression (means that the expanded image is very nearly the same as the original but not an exact duplicate). While the GIF and 8-bit BMP files employs what is known as lossless compression (which allows the software to exactly reconstruct the original image). While both methods allow computers to save storage space, lossless compression is much better suited to applications where the integrity of the original information must be maintained, such as steganography. While JPEG can be used for stego applications, it is more common to embed data in GIF or BMP files.
The simplest approach to hiding data within an image file is called least significant bit (LSB) insertion. In this method, we can take the binary representation of the hidden data and overwrite the LSB of each byte within the cover image. Take for example a True-Color BMP image file format. A color of pixel is coded in 3 byte array of indices to RGB palette. If you change only LSB bit in each color element, then the picture will seem still the same, but is not. It carries hidden information. A picture with size 120x100 pixels can hold approximately up to 4500B of hidden data, if this method is used. Now, the RGB value of a single pixel (shown at the exact point in the image) is “403728” hexadecimal.
We can embed number 6 (binary 110) by making just one change in the LSB.
RGB: binary representation
40 à 0100 0000(change)à 0100 0001
37 à 0011 0111(hold) à 0011 0111
28 à 0010 1000(hold) à 0010 1000
This description is meant only as a high-level overview. Similar methods can be applied to 8-bit color but the changes, as the reader might imagine, are more dramatic. Gray-scale images, too, are very useful for steganographic purposes. One potential problem with any of these methods is that they can be found by an adversary who is looking. In addition, there are other methods besides LSB insertion with which to insert hidden information.
Let me demonstrate this by the use of steganographic tool, I have shown an original picture and the same picture containing this whole article (without cryptography) as the hidden message, using Quick Stego software.
 |
| Stego Image |
 |
| Original Image |
Steganography is a fascinating and effective method of hiding data that has been used throughout history. Methods that can be employed to uncover such devious tactics, but the first step are awareness that such methods even exist. Without going into any detail, it is worth mentioning steganalysis, the art of detecting and breaking steganography. One form of this analysis is to examine the color palette of a graphical image. In most images, there will be a unique binary encoding of each individual color. If the image contains hidden data, however, many colors in the palette will have duplicate binary encodings since, for all practical purposes, we can't count the LSB. If the analysis of the color palette of a given file yields many duplicates, we might safely conclude that the file has hidden information.
But what files would you analyze? Suppose I decide to post a hidden message by hiding it in an image file that I post at an auction site on the Internet. The item I am auctioning is real so a lot of people may access the site and download the file; only a few people know that the image has special information that only they can read. And we haven't even discussed hidden data inside audio files! Indeed, the quantity of potential cover files makes steganalysis a Herculean task.
There are many good reasons as well to use this type of data hiding, including watermarking (for copy right protection) or a more secure central storage method for such things as passwords, or key processes. Regardless, the technology is easy to use and difficult to detect. The more that you know about its features and functionality, the more ahead you will be in the game. I will be discussing on audio and video steganography and steganalysis next time.
No comments:
Post a Comment