SCSC 455 Computer Security Chapter 2 Symmetric Encryption and

Message Confidentiality

Dr. Frank Li

Index

Symmetric encryption principles Symmetric block encryption Random and pseudorandom numbers Stream ciphers and RC4 Cipher block modes of operation

Symmetric encryption principles Five ingredients:

Plaintext Encryption algorithm Secret key Cipher text Decryption algorithm

Kerckhoff’s Principle

Kerckhoff’s Principle (1883) the only secrecy involved with a cryptography system

should be the key; the algorithm should be publicly known;

Good security assumes an eavesdropper knows the cipher, but the key must be kept secret

Cryptography

Cryptographic systems are classified along three independent dimensions: The type of operations used for transforming

Substitution vs. transposition Product systems

The number of keys used Symmetric vs. asymmetric

The way in which the plaintext is processed Block cipher vs. stream cipher

Cryptanalysis

The process of attempting to discover the plaintext or key

Types of cryptanalytic attacks (table 2.1) Cipher text only Known plaintext Chosen plaintext Chosen ciphertext Chosen text

Computationally Secure

A encryption scheme is computationally secure, if the ciphertext generated by the scheme meets one or both of criteria: The cost … The time …

Brute force attack X different keys on average ? Tries

Feistel Cipher Structure Many symmetric block encryption algorithms have a

structure … (figure 2.2) Feistel Structure is a particular example of the more

general structure used by all symmetric block ciphers Parameters and design features

Block size Key size Number of rounds Subkey generation algorithm Round function Fast software encryption/decryption Ease of analysis

Symmetric block encryption algorithms important symmetric block ciphers

DES 3DES AES

DES

Data encryption standard Issued in1977 FIPS 46 by NIST The algorithm is Data encryption algorithm (DEA) What is DES? The strength of DES

Concerns about the algorithm … Concerns about key length …

History of DES (1)

In the early 1970s, the National Institute of Standards and Technology (NIST) invited vendors to submit data encryption algorithms to be used as a cryptographic standard. In 1974, IBM’s 128-bit algorithm Lucifer was submitted and

accepted. The NSA modified Lucifer to use a key size of 64 bits instead of

the original 128 bits, and named it the Data Encryption Algorithm (DEA).

DEA became the algorithm that fulfills the Data Encryption Standard (DES) in 1977.

History of DES (2)

DES has been implemented in a majority of commercial products and in the applications of almost all government agencies

In January 1988, NSA stopped endorsing DES DES had been so popular for so long, it would surely be targeted

for penetration and become useless as an official standard. NSA wanted to move on to a newer, more secure, and less

popular algorithm as the new standard.

History of DES (3)

In 1998, the Electronic Frontier Foundation built a computer system “DES cracker” for $250,000 DES cracker broke DES in three days

uses a brute force attack against the keyspace

Concerns on DES

Concerns on DES Design decisions not public -- mysteries S-box

NSA's involvement in the design, S-boxes may have backdoors

key is too short

Eventually, DES was replaced by the Advanced Encryption Standard (AES) by NIST

Breaking Encryption Algorithm

Breaking an encryption algorithm can take place through brute force attacks or by identifying weaknesses in the algorithm Brute force attacks have increased in potency because

of the increased processing capacity of computers.

An encryption algorithm is broken if someone is able to uncover a key used in an encryption process.

Q: Is a broken algorithm worthless?

Breaking Encryption Algorithm

Ans: If breaking an encryption algorithm by identifying

weakness of the algorithm, the answer is YES;

If breaking an encryption algorithm by brute force attack, the answer depends … In proper implementations, we should be encrypting

data with session keys A session key is good only for that one session

So even if one session key was uncovered, it may be useless to the attacker

DES steps DES is a symmetric block encryption algorithm.

64-bit blocks of plaintext go in, 64-bit blocks of ciphertext come out.

A 64-bit key: 56 bits are the true key, and 8 bits are for parity. DES steps:

1. Divides the message into 64-bit blocks and operates on them one at a time.

2. The blocks are put through 16 rounds of transposition and substitution functions. The order and type of transposition and substitution functions

depend on the value of the key that is used with the algorithm.

3. The result is 64-bit blocks of ciphertext.

DES Modes of operation (section 2.5) DES has several distinct modes of operation

Each mode specifies how a block cipher will operate Each mode are used in different situations for different results

Modes Electronic Code Book (ECB) Cipher Block Chaining (CBC) – the most common Cipher Feedback (CFB) Output Feedback (OFB) Counter Mode (CM)

Cipher Block Chaining Mode (CBC)In CBC, each block of plaintext, the key, and theciphertext from the previous block are processed in theAlgorithm Chaining

IV

Cipher Block Chaining Mode (CBC)

Dependence (Chaining) among the blocks Ciphertext is extracted and used from the previous block of text;

For the first block, we use a 64-bit initialization vector (IV) to add randomness

This chaining effect means that a particular ciphertext block is dependent upon all blocks before it, not just the previous block.

CBC produces different ciphertext when encrypting the same plaintext in different block More random ciphertext less pattern can be revealed from

ciphertext

Initialization vectors (IVs)

Initialization vectors (IVs) are random values that are used with algorithms to ensure that patterns are not created during the encryption process. IVs are used with keys IVs do not need to be encrypted when being sent to the

destination. If IVs are not used, then two identical plaintext values that are

encrypted with the same key will create the same ciphertext.

In CBC, if we choose a different IV each time we encrypt a message, even if it is the same message, the ciphertext will always be unique.

2DES and 3DES

Double-DES has a key length of 112 bitsA specific attack against Double-DES that reduces its

work factor to about the same as DES

Triple-DES is a quick fix to provide more protection for sensitive data. uses 48 rounds in its computation, which makes it

highly resistant to differential cryptanalysis take up to three times longer than DES to perform

encryption and decryption

2DES

There has been interest to provide another algorithm during the transition to AES -- preserve the existing investment in software and hardware, increasing the security

Double DES C=E_K2(E_K1(M)) M=D_K1(D_K2(C))

Q: Is double DES more secure than DES?

Meet-in-the-Middle attack on 2DES

Proposed by Diffie, Hellman (1977) Main observation:

if C=E_K2(E_K1(M)), then X=E_K1(M)=D_K2(C)

Assume we have two pairs of plaintext-ciphertext, 1. Encrypt P for all 2^56 possible keys K12. Store the results in a table and sort the table by the values of

X3. Decrypt C using all possible 2^56 possible keys K24. For each decryption check the result in the table5. In case of match, test the two keys with the second pair of

plaintext-ciphertext. If they match, the correct keys were found

2DES

Q : Is double DES more secure than DES?

Ans: through analysis, 2DES is broken in 2^56 steps with probability larger than 1-2^-16.

The effort is not much bigger than the 2^55 required to break DES

3DES 3DES is incorporated in 1999 with FIPS 46-3

Formula FIPS 46-3 guidelines AES is intended to replace 3DES

3DES

Counter to the meet-in-the-middle attack: use three stages of encryption

3DES can work in different modes: DES-EEE3 E_K3( E_K2 ( E_k1(M) ) ) DES-EDE3 E_K3( D_K2( E_K1(M) ) ) DES-EEE2 E_K1( E_K2 ( E_k1(M) ) ) DES-EDE2 E_K1( D_K2( E_K1(M) ) )

Advanced Encryption Standard (AES) NIST sponsored a competition in 1997 to create a

replacement for DES. The following five algorithms were the finalists:

MARS RC6 Serpent Twofish Rijndael

The winner is the Rijndael algorithm by two Belgians Use three different key lengths: 128 bits, 192 bits, 256

bits was approved for use by U.S. government agencies

in May 2002

AES Features Not a Feistel structure

Process the entire data block in parallel using substitutions and permutation

The key is expanded into an array of 44 32-bit words w[i]. Four distinct words (128 bits) serve as a round key.

Four different stages One permutation and three of substitution

Substitute bytes Shift rows Mix columns Add round key

History of cryptography

The first encryption methods date back to 4000 years ago. Some Egyptian hieroglyphics were encrypted

Atbash Cipher a Hebrew cryptographic method the alphabet to be flipped so that each letter in the original

alphabet was mapped to a different letter in the flipped, alphabet.ABCDEFGHIJKLMNOPQRSTUVWXYZZYXWVUTSRQPONMLKJIHGFEDCBA

e.g.:Encypt “atbash” ?Decrpt “hvxfirgb” ?

32

Scytale Cipher (review)

Scytale cipher 400 B.C. the Spartans Write a message on a sheet of papyrus that was

wrapped around a staff; The papyrus was delivered and wrapped around a

different staff by the recipient; The message was only readable if it was wrapped

around the correct size staff, which would make the letters properly match up

Caesar Cipher (review)

Julius Caesar (100–44 B.C.) developed a simpleencryption method -- shifted the alphabet by threepositions

Standard Alphabet: ABCDEFGHIJKLMNOPQRSTUVWXYZCryptographic Alphabet:DEFGHIJKLMNOPQRSTUVWXYZABC

Example:Encypt “caesar” ?Decrpt “vhfxulwb” ?

Substitution Cipher (review)

Both Atbash cipher and Caesar Cipher are substitution cipher, because each character is replaced with another character. Monoalphabetic substitution cipher: uses only one alphabet, Polyalphabetic substitution cipher: uses multiple alphabets

Q1. Can you formulate them use mathematically?Hint: integers 0 – 25 represent 26 characters;

m: message / plaintext, c: cipher text;encryption: c = E(m) = ?decryption: m = D(c) = ?

Q2. Is Scytale cipher a substitution cipher?

Transposition Cipher (review)

Transposition Cipher: rearrange letters in plaintext

to produce cipher text Scytale cipher is a transposition cipher Rail-Fence cipher is another transposition cipher

Plaintext is HELLO WORLD Encryption: c = E(m) HLOOL

ELWRD

HLOOLELWRD Describe decryption process: m = D(c) = ?

36

Vigenère Cipher The Vigenère cipher is a method of

encryption that uses a series of different Caesar ciphers based on the letters of a keyword.

Appears to be unbreakable.

The Vigenère cipher has been reinvented many times.

The method was originally described by Giovan Batista Belaso in his 1553 book La cifra del. Sig. Giovan Batista Belaso

However, the scheme was later misattributed to Blaise de Vigenère in the 19th century, and is now widely known as the "Vigenère cipher".

Terms in Vigènere Cipher

Vigènere table: a table used to encipher and decipher

Vigènere cipher has key letters on top, plaintext

letters on the left. There are 27 shift alphabets Vigènere cipher is a polyalphabetic substitution cipher. In

contrary, Caesar cipher is a monoalphabetic substitution cipher

Key is used with Vigènere table in encryption / decryption

The Vigènere Table

G I VA G I VB H J WE L M ZH N P CL R T GO U W JS Y A NT Z B OY E H T

A mini exampleEncryption:A key letter V, and a plaintext letter T follow V column down to T row “O”

Decryptioin:A key letter V, and aciphertext letter O “T”

Vigènere Cipher Example

If the message is longer than the key, the key repeats itself E.g. 1: Key: LEMON

Encrypt plaintext: ATTACKATDAWN

Key L E M O N L E M O N L E

m A T T A C K A T D A W N

c

E.g.2, Decrypt ciphertext: P R U U Z L

Q: How to represent Vigènere Cipher in formula?

(Hint: encryption / decryption is done character by character)

Exercise

1) Encrypt a plaintext with the key “lucky”c o m p u t i n g g i v e s i n s i g h t

2) Decrypt a ciphertext with the key “vector”o l k l w j v r g q o d k p g h t k c i x b u v i i t x q z k l g k

Cryptanalysis

Cryptanalysis is the science of studying and breaking the secrecy of encryption processes, compromising authentication schemes, and reverse-engineering protocols. All previously introduced ciphers have been broken.

Basic methods: Statistical analysis Exhaustive search key space

Statistical analysis

Each character has a certain frequency. A.k.a. 1-gram model of English

a 0.080 h 0.060 n 0.070 t 0.090

b 0.015 i 0.065 o 0.080 u 0.030

c 0.030 j 0.005 p 0.020 v 0.010

d 0.040 k 0.005 q 0.002 w 0.015

e 0.130 l 0.035 r 0.065 x 0.005

f 0.020 m 0.030 s 0.060 y 0.020

g 0.015 z 0.002

Statistical Analysis (1)

f(c) frequency of character c in ciphertext

p(x) is frequency of character x in English

(i) correlation of frequency of letters in ciphertext with

corresponding letters in English, assuming key is i

(i) = 0 ≤ c ≤ 25 f(c)p(c – i)

Statistical Attack (2)

E.g., a Caesar cipher : KHOOR ZRUOG

step 1: Compute frequency of each letter in ciphertext:

G 0.1 H 0.1 K 0.1 O 0.3

R 0.2 U 0.1 Z 0.1

Step 2: Compute correlation for key i

(i) = 0.1p(6 – i) + 0.1p(7 – i) + 0.1p(10 – i) + 0.3p(14 – i) + 0.2p(17 – i) + 0.1p(20 – i) + 0.1p(25 – i)

Correlation: (i) for 0 ≤ i ≤ 25

i (i) i (i) i (i) i (i)

0 0.0482 7 0.0442 13 0.0520 19 0.0315

1 0.0364 8 0.0202 14 0.0535 20 0.0302

2 0.0410 9 0.0267 15 0.0226 21 0.0517

3 0.0575 10 0.0635 16 0.0322 22 0.0380

4 0.0252 11 0.0262 17 0.0392 23 0.0370

5 0.0190 12 0.0325 18 0.0299 24 0.0316

6 0.0660 25 0.0430

The Result

Step 3: find the most probable keys, based on : i = 6, (i) = 0.0660

plaintext EBIIL TLOLA i = 10, (i) = 0.0635

plaintext AXEEH PHKEW i = 3, (i) = 0.0575

plaintext HELLO WORLD i = 14, (i) = 0.0535

plaintext WTAAD LDGAS

The only valid English phrase is for i = 3. That’s the key (3 or ‘D’)

Exhaustive search

Exhaustive search If the key space is small enough, try all possible keys

until you find the right one

Q 1: How large is the key space in Caesar cipher ?

Q2: If we use exhaustive search, what is the expected number of trials when breaking Caesar cipher?

Q3: How about the key space of Vigènere Cipher?

Q4: How to break Vigènere Cipher?

Attacking Vigènere Cipher

– Vigenere ciphers were regarded by many as practically unbreakable for 300 years.

– In 1863, a Prussian major named Kasiski proposed a method for breaking it.

– This method was not in fact invented by Kasiski but instead by Charles Babbage;

– Babbage's discovery was used to aid English military campaigns, and was not published until several years later; as a result credit for the development was instead given to Friedrich Kasiski

Statistical analysis of Vigènere Cipher

1. Establish period n (the length of key)

2. Break cipher into n parts, each part being enciphered using the same key letter

3. Solve each part leverage one part from another

We want to break this cipher:

ADQYS MIUSB OXKKT MIBHK IZOOOEQOOG IFBAG KAUMF VVTAA CIDTWMOCIO EQOOG BMBFV ZGGWP CIEKQHSNEW VECNE DLAAV RWKXS VNSVPHCEUT QOIOF MEGJS WTPCH AJMOCHIUIX

Step 1. Establish Period n

Important observation: Repetitions in the ciphertext occur when characters of the key appear over the same characters in the plaintext

e.g.

Key VIGVIGVIGVIGVIGVplain THEBOYHASTHEBALL

cipher OPKWWECIYOPKWIRG

Repetitions in this example cipherLetters Start End Distanc

eFactors

MI 5 15 10 2, 5

OO 22 27 5 5

OEQOOG 24 54 30 2, 3, 5

FV 39 63 24 2, 2, 2, 3

AA 43 87 44 2, 2, 11

MOC 50 122 72 2, 2, 2, 3, 3

QO 56 105 49 7, 7

PC 69 117 48 2, 2, 2, 2, 3

NE 77 83 6 2, 3

SV 94 97 3 3

CH 118 124 6 2, 3

Estimate of Period n

A long repetition “OEQOOG” and “MOC” are probably not coincidence Their distances are 30 and 72. The greatest common

divisor of 30 and 72 is 6.

many other shorter repetitions have 2 and 3 in their factors

Thus the estimate period n = 6 Verify Period n by Friedman test (we skip this part)

Step 2: Break cipher into n parts

Key-1: AIKHOIATTOBGEEERNEOSAIKey-2: DUKKEFUAWEMGKWDWSUFWJUKey-3: QSTIQBMAMQBWQVLKVTMTMIKey-4: YBMZOAFCOOFPHEAXPQEPOXKey-5: SOIOOGVICOVCSVASHOGCCKey-6: MXBOGKVDIGZINNVVCIJHH

Statistical Analysis each part

Counting characters in each partABCDEFGHIJKLMNOPQRSTUVWXYZ

1. 310040113010013001120000002. 100222100130100000104040003. 120000002011400040130210004. 211022010000104310000002115. 105000212000005000300200006. 01110022311012100000030101

Compare with unshifted alphabet frequencies in English:

HMMMHMMHHMMMMHHMLHHHMLLLLL

Solve each part (2)

First part: matches characteristics of unshifted alphabet A A

Third part : I A Sixth part : V A

Substitute into ciphertext:ADIYS RIUKB OCKKL MIGHK AZOTO EIOOL IFTAG PAUEF VATAS CIITW EOCNO EIOOL BMTFV EGGOP CNEKIHSSEW NECSE DDAAA RWCXS ANSNP HHEUL QONOF EEGOS WLPCM AJEOC MIUAX

Solve each part (3) further analysis AJE in last line suggests “ARE”, meaning second

alphabet maps A into S:

ALIYS RICKB OCKSL MIGHS AZOTO

MIOOL INTAG PACEF VATIS CIITE

EOCNO MIOOL BUTFV EGOOP CNESI

HSSEE NECSE LDAAA RECXS ANANP

HHECL QONON EEGOS ELPCM AREOC

MICAX

Solve each part (4) further analysis MICAX in last line suggests “mical” (a common ending

for an adjective), meaning fourth alphabet maps O into A:

QI means that U maps into I, as Q is always followed by U:

ALIMS RICKP OCKSL AIGHS ANOTO MICOL INTOG PACET VATIS QIITE ECCNO MICOL BUTTV EGOOD CNESI VSSEE NSCSE LDOAA RECLS ANAND HHECL EONON ESGOS ELDCM ARECC MICAL

Got It!

ALIME RICKP ACKSL AUGHS ANATO MICAL INTOS PACET HATIS QUITE ECONO MICAL BUTTH EGOOD ONESI VESEE NSOSE LDOMA RECLE ANAND THECL EANON ESSOS ELDOM ARECO MICAL

Note that: Vigenere cipher is easy to break by hand. However, the principle of cryptanalysis hold for more complex ciphers that can be implemented only by computer.

59

The War Machines: The Purple Machine The Purple Machine is developed and used by the

Japanese during World War II Employed techniques discovered by Herbert O. Yardley The code was broken by William Frederick Friedman

Known as the “Father of U.S. Cryptanalysis”

60

The War Machines: Enigma

Enigma is developed by Arthur Scherbius Used by the Germans during World War II Enigma substituted each letter typed by an

operator Substitutions were computed using a key

and a set of switches or rotors The code was broken first by a group of

Polish cryptographers The machine for breaking the code was

called the “Bombe”

61

Design of Enigma Machine

An electrical voltage applied to the Q terminal on the toprow will appear at the L terminal on the bottom row.

62

How to use the Enigma machine?

1. The originator configures the Enigma machine to its initial settings;

1. Type in the first letter of the message, and the machine would substitute the letter with a different letter;

The encryption was done by moving the rotors a predefined number of times

2. Advance the rotors and enter the next letter.

Each time a new letter was to be encrypted, the operator would advance the rotors to a new setting.

Mechanism of the Enigma Machine

The chosen substitution for each letter was dependent upon the rotor setting

Assumption: the operators at each end needed to

know the key - the initial setting, which is the crucial and

secret part of this process And how to advanced the rotors when encrypting and

decrypting a message

Random and Pseudorandom Numbers A number of network security algorithms based on

cryptography Examples: generation of keys for RSA, generation of

stream key for symmetric stream cipher, generation of session key, used in Kerberos for handshaking to prevent replay attacks

Two requirements Randomness unpredictability

Randomness and Unpredictability

Randomness Criterion to validate randomness

Uniform distribution Independence

Tests to demonstrate if a sequence is NOT independent Apply a number of such tests until the confidence that

independence exists is sufficiently strong

Unpredictability “true” random sequence, numbers are unpredictable However, in pseudorandom sequence, care must be

taken for unpredictability

Pseudorandom Numbers

Algorithms are deterministic Numbers generated by algorithm are NOT statistically

random! A good algorithm generates Pseudorandom Numbers

pass many reasonable tests of randomness

TRNG, PRNG, and PRF (page 39 – 40) Entropy source Seed

PRNG algorithms

Purpose-built algorithms: E.g. RC4

Algorithms based on existing cryptographic algorithms Symmetric block cipher Asymmetric cipher Hash functions, and message authentication codes

Stream Cipher

What is stream cipher? Keystream Stream cipher is faster and use less code than block

cipher However this advantage has diminished with the

introduction of AES E.g. IBM AES instruction set

Stream cipher is better encrypt/decrypt of a stream of data over a communication channel

Block cipher can reuse keys, stream cipher cannot.

Stream Cipher

Design considerations for a stream cipher Encryption sequence should have a large period Keystream should approximate the properties of a true

random number stream. The key needs to be sufficiently long >= 128 bits

RC4

Designed in 1987 by Ron Rivest For RSA Security RC4 was kept as trade secret by RSA Security, until

algorithm was anonymously posted on the Interne in 1994

RC4 algorithm is very simple Used in SSL/TLS standards, WEP and WPA

RC4

A variable length key of from 1 to 256 byes is used to initialize a 256-byte state vector S S[0], S[1] .. S[255] contains a permutation of all 8-bit

numbers from 0 to 255. A byte k is generated from S by selecting one of the

255 entries in a systematic fashion. As each value of k is generated, the entries in S are once again permuted.

Initialization of S Stream generation Encrypt and decrypt

RC4 Strength

Not any practical approach against RC4 with a reasonable key length, such as 128 bits

WEP vulnerability is not with RC4 itself, but the way in which keys are generated for use as input to RC4

One-Time Pad

A one-time pad is a perfect encryption scheme because it is considered unbreakable if implemented properly

Is made up of random bits. Is as simple as letter substitution This encryption process uses a binary mathematic

function XOR.

Message stream 1001010111

Keystream 0011101010

Ciphertext stream 1010111101

OTP in action

One-time pads have been used throughout history to protect different types of sensitive data. Today, they are still in place for many types of militaries as

a backup encryption option if current encryption processes are unavailable for reasons of war or attacks.

A Russian One-time pad, captured by MI5

The history of cryptography

(reading assignment -- article 1)

Another way to hide data: Steganography Steganography is a method of hiding data in another media

type so that the very existence of the data is concealed. does not use algorithms or keys to encrypt information. A message can be hidden in a WAV file, in a graphic, or in

unused spaces on a hard drive or sectors that are marked as unusable.

E.g.1 the least significant bit of each byte of the image can be replaced with bits of the secret message. This practice does not affect the graphic enough to be detected.

E.g. 2 can also be used to insert a digital watermark on digital images so that illegal copies of the images can be detected.

Steganography

στεγανός

covered

γραφία

writing

the art and science of writing hidden messages in such a way that no one, apart from the sender and intended recipient, suspects the existence of the message

Steganography in Ancient Greece -- Tattoo message on head

An ancient Greek historian Herodotus reports that messages

were tattooed onto the shaved heads of slaves. Once the hair

grew back, the slaves were sent to the recipient, with the

message hidden “in plain sight”.

Steganography in World War I -- Null Cipher

The message below was sent by the German

embassy in World War I.

PRESIDENT'S EMBARGO RULING SHOULD HAVE IMMEDIATE NOTICE. GRAVE SITUATION AFFECTING INTERNATIONAL LAW. STATEMENT FORESHADOWS RUIN OF MANY NEUTRALS. YELLOW JOURNALS UNIFYING NATIONAL EXCITEMENT IMMENSELY.

Taking the first letter in each word of message reveals the

hidden text: PERSHING SAILS FROM NY JUNE 1.

Steganography in Espionage -- Invisible ink

Spies use milk, fruit juice or urine as invisible inks,

which darken when heated.

An FBI agent is shown using

ultraviolet light to read secret

writing on a paper from a

suspected spy case

Steganography in Modern Days

Digital media lend themselves to steganography because of the large amount of information in certain file types

Steganography Carrier Files: bmp jpeg gif wav mp3 Amongst others…

Steganography Terminology

Carrier File Carrier File withHidden Message

Some Steganography Tools

Steganos S-Tools (GIF, JPEG) StegHide (WAV, BMP) Invisible Secrets (JPEG) JPHide Camouflage Hiderman And many others…

(We will try it today …)

RGB Color Model in Image Files

red, green, and blue light are added together in various ways to reproduce a broad array of colors.

(0, 0, 0) is black (255, 255, 255) is white (255, 0, 0) is red (0, 255, 0) is green (0, 0, 255) is blue (255, 255, 0) is yellow (0, 255, 255) is cyan (255, 0, 255) is magenta

The simplest and most common type of steganography is LSB (least significant bit). The one’s bit of a byte is used to encode the hidden information.

Suppose we want to encode the letter A (ASCII 65 or binary 01000001) in the following 8 bytes of a carrier file.

01011101 11010000 00011100 1010110011100111 10000111 01101011 11100011

becomes

01011100 11010001 00011100 1010110011100110 10000110 01101010 11100011

A Common Technique of Steganography

-- LSB

Left image is original JPEG file Right image is with hidden message

Steganography Application-- UV Watermarking

Steganography Tools

A list of over 100 steganography tools:

http://www.jjtc.com/Steganography/toolmatrix.htm

Some of them run in Linux platform JPHS (JPHide JPSeek, JP hide and seek)

http://linux01.gwdg.de/~alatham/stego.html Steghide Outguess Blindside Gifshuffle GzSteg Etc.

Steganalysis

Steganalysis is the counter-measure against steganography.

Attempts to analyze a data stream to determine whether or not it contains hidden messages.

Steganography is It’s fun to play with Easy to implement but fairly effective. Obviously has a lot of good and bad applications, as

with an technology.