====== Installation of Stegano ======

For the examples you need to install Stegano.

<code bash>
sudo pip install Stegano
</code>

You can read the [[http://stegano.readthedocs.io | documentation of Stegano]] (included in the sources).


====== Steganography ======

Steganography is the art and science of writing hidden messages.

Some steganography techniques:
  * Physical steganography;
  * Digital steganography;
  * Network steganography;
  * Printed steganography.

We will dive into digital steganography.

The following sections will present some techniques of digital steganography.

===== Simple steganography art =====

In computer science a well known method of hiding data (message) is to concatenate these data to an archive.
For example, if I want to hide a text file in a music file:

<code bash>
$ zip text-to-hide.zip text-to-hide.txt
$ cat Stop_And_Stare.ogg test-to-hide.zip > OneRepublic_-_Stop_And_Stare-1.ogg
</code>

Now you can still listen the song. If you want to recover the text, you just have to unzip the song.

===== Using the red portion of a pixel =====

An other simple method is to use the red portion of a pixel to hide ASCII messages.


For example the pixel P1 = (R, G, B) will become P1' = (ord(ascii_character), G, B).\\
We are working at the **byte** level.


==== Simple example of implementation ====

<code python>
def hide(img, message):
    """
    Hide a message (string) in an image.

    Use the red portion of a pixel (r, g, b) tuple to
    hide the message string characters as ASCII values.
    The red value of the first pixel is used for length of string.
    """
    length = len(message)
    # Limit length of message to 255
    if length > 255:
        return False
    # Use a copy of image to hide the text in
    encoded = img.copy()
    width, height = img.size
    index = 0
    for row in range(height):
        for col in range(width):
            (r, g, b) = img.getpixel((col, row))
            # first value is length of message
            if row == 0 and col == 0 and index < length:
                asc = length
            elif index <= length:
                c = message[index -1]
                asc = ord(c)
            else:
                asc = r
            encoded.putpixel((col, row), (asc, g , b))
            index += 1
    return encoded
</code>

===== Least Significant Bit method =====
The least significant bit (lsb) is the bit position in a binary integer giving the units value, that is, determining whether the number is even or odd. The lsb is sometimes referred to as the right-most bit, due to the convention in positional notation of writing less significant digits further to the right. It is analogous to the least significant digit of a decimal integer, which is the digit in the ones (right-most) position.

The data are inserted in place of the less significant bit. For each RGB component there are 256 possible values and we vary only the least significant bit. Consequently the LSB technique has a very little impact on the colour of the pixel.

For example the pixel P1 = (R, G, B) = (0000000**0**, 0000000**1**, 0000000**0**) will become P1' = (R, G, B) = (0000000**1**, 0000000**0**, 0000000**1**)\\
We are working at the **bit** level.


==== Simple example of implementation ====
<code python>
def hide(img, message):
    """
    Hide a message (string) in an image with the
    LSB (Least Significant Bit) technique.
    """
    encoded = img.copy()
    width, height = img.size
    index = 0

    message = message + '~~~'
    message_bits = "".join(tools.a2bits_list(message))

    npixels = width * height
    if len(message_bits) > npixels * 3:
        return """Too long message (%s > %s).""" % (len(message_bits), npixels * 3)

    for row in xrange(height):
        for col in xrange(width):

            if index + 3 <= len(message_bits) :

                # Get the colour component.
                (r, g, b) = img.getpixel((col, row))

                # Change the Least Significant Bit of each colour component.
                r = tools.setlsb(r, message_bits[index])
                g = tools.setlsb(g, message_bits[index+1])
                b = tools.setlsb(b, message_bits[index+2])

                # Save the new pixel
                encoded.putpixel((col, row), (r, g , b))

            index += 3

    return encoded
</code>

This is a very simple example showing how to hide a string in an image with the LSB method.

====== Steganalysis ======
===== Steganalysis of the LSB method =====
Below the original image and the steganalysed one.

{{:security:2010-08-04t15:42:06.png?|Original}}
{{ :security:2010-08-04t15:42:06_steganalysed.png?|Steganalysis of the original image}}


Below the same image with a hidden text and its steganalysis.

{{:security:2010-08-04t15:42:06_enc.png?|Image with hidden text}}
{{ :security:2010-08-04t15:42:06_enc_steganalysed.png?|Steganalysis of the image with hidden text}}

This technique simply consist to replace odd components by 255 and even number by 0. This means that the pixel (132, 247, 123) become (0, 255, 255).


===== Steganalysis of the LSB method with sets =====
You must [[security:steganography#installation_of_stegano|install Stegano]] before running these commands.

First, we will hide a message in a picture with the simple LSB method and with the LSB method + sets.

<code bash>
$ cd stegano

# LSB with The Eratosthenes set
$ slsb-set --hide -i ./examples/pictures/Montenach.png -o ~/Montenach-enc-gen.png --generator eratosthenes -f ./examples/lorem_ipsum.txt

# LSB only
$ slsb --hide -i ./examples/pictures/Montenach.png -o ~/Montenach-enc.png  -f ../examples/lorem_ipsum.txt
</code>

The selected generator //Sieve of Eratosthenes// (''--generator eratosthenes'') will generate the set of points. This set of points will be used in order to select the pixels where the informations will be hidden.

The following will generate the corresponding steganalysed pictures (left column):
<code bash>
# Steganalysis of the original image
$ steganalysis-parity -i ../examples/pictures/Montenach.png -o ~/Montenach-steg.png 

# Steganalysis of the image with hidden text (LSB only)
$ steganalysis-parity -i ~/Montenach-enc.png -o ~/Montenach-enc-steg.png 

# Steganalysis of the image with hidden text (LSB + Eratosthenes)
$ steganalysis-parity -i ~/Montenach-enc-gen.png -o ~/Montenach-enc-gen-steg.png 
</code>


{{:security:montenach.png?700*500|Original image}}
{{ :security:montenach-steg.png?700*500|(1) Steganalysis of the original image}}


{{:security:montenach-enc.png?700*500|Image with hidden text  (LSB only)}}
{{ :security:Montenach-enc-steg.png?700*500|(2) Steganalysis of the image with hidden text (LSB only)}}

{{:security:montenach-enc-gen.png?700*500|Image with hidden text  (LSB + Eratosthenes)}}
{{ :security:montenach-enc-gen-steg.png?700*500|(3) Steganalysis of the image with hidden text (LSB + Eratosthenes)}}


Compare the pictures 1 and  2 and compare the pictures 1 and 3, left column.

==== Reveal the message ====
<code bash>
$ slsb-set --reveal --generator eratosthenes -i ~/Montenach-enc-gen.png -b ~/file-gen.txt
$ slsb --reveal  -i ~/Montenach-enc.png -b ~/file.txt
$ cmp ~/file-gen.txt ~/file.txt 
$ cat ~/file.txt 
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Nam placerat fermentum
lorem, at porttitor metus congue eu. Mauris vitae tell
.
.
.
$ slsb-set --reveal --generator fermat -i ~/Montenach-enc-gen.png -b ~/file.txt
Impossible to detect message.

$ slsb-set --reveal --generator mersenne -i ~/Montenach-enc-gen.png -b ~/file.txt
Impossible to detect message.
</code>




====== Bibliography ======



{{tag>security steganography cs_lang:python}}