Learn something new every day More Info... by email
In addition to message encryption, which protects the content of a message, it is often desirable to hide the very existence of a message. Steganography is the science of hiding data within data so that the message itself isn't easily found. Some types of steganography tools include text-based tools, which hide messages in letters of text; encoding IP packets in file headers; and hiding messages in images or in audio files.
There are a wide variety of text-based steganography tools. These are typically low-tech methods in which the text is arranged, formatted, or selectively chosen to reveal some hidden meaning. As a simple example, a common steganographic scheme involves selecting a fixed letter from each word in a regular message to construct a hidden message. Another option involves superimposing a mask over a blurb of text in order to reveal the letters or words comprising a hidden message.
Unused Internet Protocol (IP) header bits in Open Systems Interconnection (OSI) packets can be used as steganography tools as well. Users can take advantage of unused IP header bits in the OSI network layer, such as the Don't Fragment (DF) or More Fragments (MF) bits, to create a covert channel through which information can be transmitted in OSI data packets. One advantage to this approach is that the packets normally are disjointed and intermingled among a huge volume of other packets unrelated to the message. If one packet among a million streaming packets, for example, contains elements of the hidden message and the hidden message itself is broken up among many such packets, discovering the message wouldn't be easy.
Image and audio steganography tools have become very popular due to the Internet. Image and audio files on the Internet are prevalent and usually large enough to hide a good deal of embedded content. Commercially available software even exists that can rearrange the least significant bit (LSB) of the bytes comprising image and audio digital files in order to embed messages. Although changing these bits degrades the quality of the image or audio, the degradation is usually minor enough to not be noticeable with the naked eye. This steganographic technique, however, does leave a detectable statistical signature. Users may obscure the signature by employing randomizing cryptographic measures, but a skilled cryptographer could likely detect it.
Steganographic activities, in general, are strongly aided by the huge volumes of data streaming throughout modern society. Any part of this data stream might carry hidden, embedded data. Steganographic security countermeasures are often stymied by the fact that, while the technology exists to scrutinize the data flow for steganographic signatures, attempting to do so may slow down the flow of data to not be worthwhile.