UNIT 13 – Steganography: Not Jurassic Park

As you know from even simple encryption, the Caesar code, it is obvious that the
message is encrypted in come way. Let’s look at a covert way not only of data
encryption but also as a mean of infecting a computer with malware –
steganography. (no, steganography, NOT stegosaurus). The word steganography
comes from the Greek words steganos (στεγανός), meaning "covered, concealed, or
protected", and graphein (γράφειν) meaning "writing". It is the practice of concealing
a file, message, image, or video within another file, message, image, or video.

The first recorded use of the term was in 1499 by Johannes Trithemius in his
Steganographia, a paper on cryptography and steganography, disguised as a book
on magic. In steganography, the hidden message appears to be part of something
else: images, articles, shopping lists, or some other cover text. A good example is
that used by Lord Baden-Powell, the founder of the Boy Scouts and the Girl Guides.
In the disguise of a “butterfly collector”, he roamed the Mediterranean drawing
“butterflies” and “stained-glass windows” that were actually plans of the Turkish
forts that might be attacked if there were a war between Great Britain and the
Ottoman Empire.

Fig. 1 – Turkish fort as a butterfly

Fig. 2 – Turkish fort as a stained-glass window

Baden-Powell even showed his drawings to the Turkish guards who asked for
copies.

113
UNIT 13 – Steganography: Not Jurassic Park

A hidden message may be in invisible ink between the

visible lines of a private letter. These types of steganography
that lack a shared secret are forms of security through
obscurity, while key-dependent steganographic schemes
follow Kerckhoffs's Principle that a cryptosystem should
be secure even if everything, except the key, is public
knowledge.

The major advantage of steganography over cryptography is that the secret

message does not attract attention to itself as an object of interest. Normal encrypted
messages, no matter how unbreakable they are, cause interest and may, in
themselves, cause the person who has the message to be arrested and killed.
Cryptography protects the message alone while steganography obscures the fact
that a secret message (or malware) is being sent.

Whereas cryptography protects the contents of a message alone, steganography

conceals the fact that a secret message is being sent as well as concealing the
contents of the message.

While steganography can be used in any type of file, media files (audio, video, gifs,
jpegs, bmps) are ideal for steganographic transmission because of their large size
and ease at containing a message. Let’s see how this works using a picture, but first
let’s look at the color chart for computer displays. Depending upon the resolution of
the picture, the number to represent the color of each pixel may be as large as 256
bits or as small as 8 bits. For our example, let’s use standard HTML colors that are
represented by a three-byte hexadecimal number with each byte, or pair of
characters in the Hex code, representing the intensity of red, green and blue
in the color respectively.

#XXXXXX

Hex code byte values range from 00, which is the lowest intensity of a color, to
FF which is the highest intensity. The color white, for example, is made by
mixing each of the three primary colors at their full intensity, resulting in the Hex
color code of #FFFFFF. Black is the opposite – all at the lowest giving #000000.

Let’s take the code for RED - #FF0000. It looks like this:

Now let’s look at #FF0001 that looks like this:

“Wait,” you say. “I can see the difference between the two.” (Well, some of you can).

OK, let’s look at them in a block of red and pick out the one that’s different (yes,
there is one pixel that is different). If you pick it out, you have better eyes than
Superman.

114
UNIT 13 – Steganography: Not Jurassic Park

Now what we are going to do is to take the following picture of a cute puppy or a cute
kitten (and who doesn’t like pictures of cute puppies and kittens…OK, you don’t,
Sasha, but you’re the exception):

What we are going to do is to change just the BLUE HUE of each pixel from 00 to 01
(as we did with the red above). The puppy jpeg has over 84,000 pixels, while the
kitten jpeg has over 64,000. In the kitten picture, just by changing the BLUE HUE
number as needed (or leaving it as is), we can encode over 8,000 bytes of
information…much more than is needed for a virus, Trojan horse, or any other type
of malware.

“I don’t download photos”, you say. Fine. Do you listen to music off the internet? Like
pictures, audio and video are lossy transmissions. That is, if bits are missing (or
added), then the audio or video continues to play – the audio may skip a beat or
sound fuzzy, the video may briefly pixelate, but they continue. Congratulations,
your computer has been infected through steganography.

To give another example, take this photo of a tree with a

hidden photo contained in it:

115
UNIT 13 – Steganography: Not Jurassic Park

Now we are going to remove all but the two least significant bits of each color byte
and do a normalization.

This is what was hidden →

In computing, steganographically encoded package detection is called steganalysis.

The simplest method to detect modified files is to compare them to known originals.
The problem is that the user normally does not have the original, so there is no way
to compare for modification. Using extremely high compression rates makes
steganography difficult but not impossible. Compression errors provide a hiding
place for data, but high compression reduces the amount of data available to hold
the malware. Raising the encoding density makes for easier detection, and, in
extreme cases, by even casual observation.

Steganography, then, is the easiest way to compromise a computer system and the
hardest to detect.

https://en.wikipedia.org/wiki/Steganography

116
UNIT 13 – Steganography: Not Jurassic Park
VOCABULARY
TECHNICAL
cryptosystem - криптосистема;
криптосистема
jpeg – “jpeg” – стандарт; спільна
експертна група з фотографій /
стандарт на сжатие изображений
least significant bits - найменш
значні біти; младший двоичный
разряд
lossy (adj) - із втратами; с
потерями
normalization (n) – нормалізація;
нормализация, упорядочение
pixelate (v) – пікселізувати;
пикселизация (н-р, цифровых
изображений)
steganalysis (n) – стеганаліз;
cтеганализ
steganography (n) – стеганографія;
стенография
ACTIVITIES:
NON-TECHNICAL
compromise (v, n) - компроміс;
заключение компромисса
congratulations – вітаю, вітання ;
поздравления
density (n) – щільність; плотность
disguise (v, n) – маскування; маскировка
fort (n) – форт
hexadecimal – шістнадцятковий;
шестнадцатиричная система исчисления
ideal (adj) – ідеальний; идеальное
intense (adj) /intensity (n) – інтенсивний
(прикм.); інтенсивність (ім.); интенсивный;
интенсивность
modify (v) - змінити; модифицировать
obscure (v, adj) – неясний; смутность
очертаний
plain sight (n) – надання інформації у
відкритому вигляді; простий вид; пароль в
виде открытого текста; представление
конфиденциальной информации в
открытом виде; открытый вид
resolution (n) - роздільна здатність;
разрешение (общее количество пикселей,
отображающееся на экране монитора или
воспроизводимое на распечатке)
respectively (adv) – відповідно;
соответственно
roam (v) – пересуватися; знаходитися у
роумінгу; бродить; находиться в роуминге
security through obscurity - безпека
через невизначеність; в безымянности - в
безопасности (неведение значит
ненападение)
stained-glass window - вітраж; витраж
117
UNIT 13 – Steganography: Not Jurassic Park

1) Draw or paint a steganographic picture.

2) What is “plain sight” steganography? Find a painting that has it.

3) Why is lossy transmission so ideal for steganographic malware?

4) Which would you think would be better for steganography – a solid color
picture or a picture with many colors? Why?

Vocabulary exercises

Exercise 1. Match the word/phrase with its definition

1) obscurity a) the practice of writing hidden messages in ordinary text, pictures,
etc.
2) jpeg b) important, large, or great, esp. in leading to a different result or to
an important change
3) lossy c) used for talking about how clearly a
computer or television screen shows images
4) plain d) to change something slightly, esp. to improve it or make it
more acceptable or less extreme
5) steganography e) based on the number 16 and mainly used on computers
6) intensity f) to give a new appearance to a person or thing, esp. in
order to hide its true form
7) sight g) the quality of being close together and difficult to go or see through;
the relationship between the mass of a substance and its size
8) significant h) an agreement between two sides who have different opinions, in
which each side gives up something it had wanted
9) compromise i) the quality of being extreme in strength or force
10) density j) the ability to see, or the act of seeing something; something that is in
someone’s view, or the view someone has
11) disguise k) involving the loss of data or of electrical energy
12) hexadecimal l) obvious, or clear and easy to see or understand; not complicated
13) modify m) a type of computer file used on the Internet that contains pictures,
photographs or other images
14) resolution n) the state or quality of being unclear and difficult to
understand or see;
the state of not being known to many people

Exercise 2. Fill in the blanks with the words; phrases from the vocabulary of the Unit.

crypto system stained-glass window roam respectively

modify fort congratulations

118
UNIT 13 – Steganography: Not Jurassic Park

1) Typically, a _______________ consists of three algorithms: one for key

generation, one for encryption, and one for decryption.
2) __________ will be used to prevent ultraviolet radiation from changing image
colors.
3) They ___________ and avoid various obstacles around them.
4) She graduated from two universities: a linguistic and IT in 2010 and 2016,
______________.
5) The school board decided to ______________ its existing enrollment policy.
6) “I passed my FCE test.” “___________________!”
7) The remains of the Roman _____________ are well preserved.

Exercise 3. What does the abbreviation/acronym stand for?

1) HTML
2) jpeg
3) bmp
4) hex
5) malware

Exercise 4. Use these prompts while preparing to present your answer

to the class.
1. First of all, …
2. Research has found that ….
3. For instance, ….
4. on account of (noun/gerund) …
5. Despite the fact that …
6. The advantages outweigh the disadvantages.
7. My own view on the matter is …
8. … any questions?

119
UNIT 13 – Steganography: Not Jurassic Park

Supplementary activities

Grammar

Exercise 5. Focus on Pronouns and Possessives. Read the text of the

lesson one more time and underline any pronouns and
possessives you have come across.

Exercise 6. Study the tables below, and then think of your own
examples to fill them (the tables) in.

Personal pronouns Possessive Possessive Reflexive –

adjectives pronouns Emphatic
Before verbs After verbs as Followed by Not followed by pronouns
and subjects objects nouns nouns

I… … me My Mine Myself
You … … you Your Yours Yourself
He … him His His Himself
She … her Her Hers Herself
It … it Its - Itself
We … us Our Ours Ourselves
You … you Your Yours Yourselves
They … them Their Theirs Themselves

Possessive case with ’s or s’ for people and animals

1. Singular nouns (person or animal) + ’s The girl’s bag Student’s

2. Regular plural nouns ending in –s +’ The students’ books
3. Irregular plural nouns not ending in -s + ’s The children’s hats
4. Compound nouns + ’s Her son-in-low’s flat
5. ’s after the last of two or more names Max and Ann’s car
to show common possession (It belongs to both of them.)

6. ’s after each name to show individual Alex’s and Ian’s pens

possession (Each owns a pen.)
7. ’s or s’ if a name ends in s Chris’s; Chris’ CD

120
UNIT 13 – Steganography: Not Jurassic Park

’s with inanimate words/things/phenomena etc

1. Phrases of place +’s At the hairdresser’s

2. Time or distance expressions +’s; ’ Last term’s exams /
two months’ project

Possessive case with “of” for inanimate things

1. of +inanimate things or abstract nouns The streets of the city

2. a/the/this/that +noun +of +possessive pronoun Read this book of Gates’.
(One of B. Gates’ books)
3. a/the/this/that +noun +of +possessive case It’s a friend of mine.
(one of my friends)

We can use either ’s or of when we talk about:

Places ’s; Odesa’s parks;

of Parks of Odesa
Organizations ’s; The Academy’s main building /
of The main building of the Academy
With people in longer Here is the parent of one of our
phrases of students.

121