As we said in the introduction, the sample problem of steganography is "The Prisoners Problem" by Simmons, 1983, where Alice and Bob are in jail, and are planning an escape plan.
All of their communications pass through the warden, Willie. Willie will attempt to find any hidden communication between Alice and Bob, and if he finds one, he will separate them and foil their plans.
Thus, the two prisoners must find the better way they can to exchange hidden undetectable data.
Moreover, Willie can be passive, so that he simply tries to detect the presence of the messages, or active, in which case he's going to try to insert or modify the embedded messages for his purposes. [AP97]
Steganography has developed a lot in recent years, because digital techniques allow new ways of hiding informations inside other informations, and this can be valuable in a lot of situations.
The first to employ hidden communications techniques -with radio transmissions- were the armies, because of the strategic importance of secure communication and the need to conceal the source as much as possible.
Nowadays, new costraints in using strong encryption for messages are added by international laws, so if two peers want to use it, they can resort in hiding the communication into casual looking data. This problem has become more and more important just in these days, after the international Wassenaar agreement, with which around thirty of the major - with respect to technology - countries in the world decided to apply restrictions in cryptography export similar to the US's ones.
Another application of steganography is the protection of sensitive data. A filesystem can be hidden in random looking files in a harddisk, needing a key to extract the original files. This can protect from physical attacks to people in order to get their passwords, because maybe the attacker can't even know that some files are in that disk. [ANS98]
The major concern of steganography is stealth, because if an attacker, either passive or active, can detect the presence of the message, from that point he can try to extract it and, if encrypted, to decrypt it.
The resistance to attempt at destruction or noise is not required, since we consider the sender and the receiver equally interested in exchanging messages, so that they will try to transmit the stego-medium in the best way they can. If the stego-data can be transmitted over the selected channel, and this is usually the case with all the media that are used, like images or sounds, then the embedded data will be preserved along with them.
Thus, data hiding techniques for steganography must focus on the maximum strength against detection and extraction.
As a second request, we would prefer a high data rate, because we will usually want to be able to exchange any amount of data, from simple messages to top secret images. [JJ98-1]
Looking at the equation presented in the introduction about the basic steganography tradeoff, these two constraints will lead to losing in robustness against attacks aimed at destroying the message, but we have already said that we can accept it.
While cryptography today can provide good security to the exchange of informations, it is also true that in most occasions a really determined attacker can find ways to defeat even the most secure cipher, given enough resources (ultimately money) and/or time.
Steganography comes to aid in this problem since if a message can't even be grabbed by the attacker, then the cipher can be considered really secure. The probability of finding what the message is is the same as finding it by random search.
In this way, we can say that steganography completes cryptography, and actually there are usually two ciphers to break when trying to extract the embedded message: one is the one with which the message was embedded, and the other is the one with which the message was enciphered.
The problem with this approach is how not to arise suspicion on the malicious observer. In fact, there must already be an "innocent" communication channel between the source and the destination, since a big exchange of naturalistic pictures between two governmental agencies, for example, would be spotted as strange by even the dumber of all the attackers.
We will talk about steganography applied to different media:
Our description will be more in depth for still images, being these pieces of data one of the most frequently exchanged on the Internet, and because the methods for information hiding in them are quite mature, given their interest for both steganography and digital watermarking.
Previous: definitions
Next: still images
Matteo Fortini