Saturday, September 30, 2006

A Steganography Scheme - Part 1

I've been thinking lately about steganography. Previous tools have hidden information in images, videos, sound files, and other large chunks of information. But I have not seen many examples of steganography with text (here is one). I decided to put together a simple and flexible text steganography tool just for fun.

The secrecy in a stegonography scheme rests in a shared algorithm between the sender and receiver which is not known by those trying to intercept the message and the fact that a hidden message is not apparent in the message being sent between the individuals. Anyone trying to find the hidden message faces two challenges:
  1. How do I know when a hidden message is present?

  2. How do I extract the hidden message?

Because I am explaining my stegenography idea to the world at large, item number two is no problem. I hope that the first question will not be so easily answered. In any case, you should not rely on this, or any other steganographic method to keep a secret. For that, you need encryption.

Now, on with the scheme!

I wanted users of my system to be able to send any kind of data by hiding it in a plaintext message. In order for the information to be hidden in text, it may have to be converted from one form to another. The same information can be expressed in multiple ways. For example, the number 14 can also be expressed as 1110 (binary), 16 (octal), and E (hexadecimal), depending on the encoding or base of the information. When information is converted into another form, someone who is decoding or reconstructing the information needs to know what form it is stored in. In many steganography schemes, the form of the data is constant and is a secret shared only by those who are supposed to be able to read the hidden message. I wanted to allow flexibility in the encoding, or alphabet, which is used to express the hidden message, so a message from my system will include a definition of the alphabet used to hide the secret message. Here are the steps for using my scheme:
  1. Write the secret message

  2. Choose an alphabet to encode with

  3. Convert the secret message to the desired alphabet

  4. Embed the converted secret message into an innocuous public message.

Now I've shared with you what it is that my steganography scheme will do. In my next post, I'll talk about how.

No comments: