Steganography ("covered writing") is the science of hiding information "in plain sight". Unlike cryptography, the goal of steganography is to completely obscure the existence of information rather than conceal its content. Currently, the most common usage of steganography is to hide one computer file inside of another computer file.
A historic usage of steganography was pioneered by Histaeius of Milan to allow him to communicate secretly with the Greeks. Histaeius would shave the head of a slave, tattoo a message on the slave's scalp, and then wait for the hair to grow back, concealing the message. The slave would then be sent to the Greeks, who would shave the slave's head and read the hidden message.
Note that cryptography and steganography have complementary purposes and can be used together. A message can be encrypted to preserve the secrecy of its contents and then hidden using steganography. If steganography is successful, the existence of the message will be unsuspected and encryption unnecessary, but breaking the steganography of an unencrypted message means that the message is completely revealed.
Many different schemes have been developed to send steganographic messages. Here, we will cover a few schemes developed in early days, ones used during wartime, and methods commonly used today.
In ancient Greece, wax tablets with a wooden backing were common writing surfaces since the wax could be melted and reused. To send secret messages, a message would be inscribed directly on a wooden tablet before the wax was applied. Another, innocuous message would be carved into the wax on top and the tablet sent to its intended recipient, who would melt off the wax and read the true message.
Another method of concealing messages was to encode a message on a piece of thread using Morse code. This thread would be knitted into the clothing of a messenger and then removed and read at its destination.
During the World Wars, many different methods of sending hidden messages were used. Female spies would encode messages in knitted patterns (leading to a ban on new knitting patterns). Photosensitive glass (which shows an image when exposed to the correct wavelength of light) was used during World War II to send messages to Allied forces.
The most common form of steganography used today hides files within image files on a computer. The hidden file is encoded in the least significant bits of the values encoding the color of each pixel of the image. Changing the least significant bits changes the appearance of the image very slightly, and is not perceptible to the naked eye. If the change is detectable at all, the colors will just look a little off as if the image was taken from a low quality camera on in poor light. A similar process can be used to conceal data in sound files since the human ear is limited in its ability to differentiate different, similar frequencies (and in the range of frequencies it can detect).
Another modern steganographic scheme involves concealing pictures within a video file. The human eye and brain is capable of seeing up to one thousand frames per second. If a video is running at three thousand frames per second and every third frame is a hidden image, the hidden images would not be visible. However, an unlucky pause of the video or examination of the frames as images would reveal the hidden pictures.
A variety of tools have been created to use steganography to hide files within other files on computers. Generally, steganography tools can be classified into image, audio, and/or network steganography tools.
In this section, we will explore some of the steganography tools from each of these categories and the different capabilities that they offer. This is by no means an exhaustive list of tools. Selections were made to give an idea of the available variety of capabilities.
Xiao Steganography is a hybrid steganography tool that allows users to hide files within image (BMP) or audio (WAV) files. The tool also allows users to encrypt the hidden file with a variety of supported encryption algorithms (including RC4 and 3DES) and hashing algorithms (including SHA and MD5). The user provides a carrier file (the wrapper for the hidden file), the file to hide, a choice of encryption algorithm, and a secret key. To extract the hidden file, the user needs to provide the secret key.
SSuite Picsel takes a different approach to image steganography. Rather than providing a single carrier image, the user provides a carrier image and a key image. The key image is used as a secret and is necessary to extract the hidden text file from the carrier image.
Steghide is an open-source steganography tool that is capable of hiding data in image or audio files. It runs on the command line. One of the defining features of steghide is that it does not change the color-respective sample frequencies, making it immune to first-order statistical tests for color frequencies.
OpenPuff is a "professional steganography tool" that allows users to conceal files in image, audio, video, or Flash files. It provides a wide array of features to protect hidden data from discovery.
Camouflage is unique among the tools that we have discussed here since it allows any file to be hidden within any other file. Camouflage provides encryption functionality to users and scrambles the contents of the hidden file before appending it to the original file.
netcross is a steganography tool used for establishing covert IP channels across network perimeters with strong firewall rules. It uses DNS resolution requests and responses to carry data back and forth across the firewall.