Tuesday, June 10, 2008

Hiding Documents In Pictures: The Secrets Of Steganography (S-Tools Via MakeUseOf)

As a child, I remember being fascinated by the story about the ancient Greek king, Histiaeus, who reportedly shaved a servant's head and tattooed a secret message on it. By the time the servant entered hostile territory, the message was hidden by hair. I thought at the time that this was immensely clever. It was also my introduction to steganography, or the art of hiding messages more or less in plain sight.

Today's steganographers have gotten pretty sophisticated and are able to hide documents in the pixels of a picture. The picture below, for example (from the game Forbidden Kingdom), contains an entire MS Word document.

Really. No kidding.


I used a clever little program called "s-tools" and the tutorial on MakeUseOf to convert my GIF image into a GIF image with a secret message. If you want to find out what the message is, you need to click on the image above. When the new page opens up with the larger image of the picture, right click and "save image as". You got it right if you have saved an image called steganography.gif. Then download the software and follow the instructions (Note: The site to download the software appears to be Slovenian. I have downloaded the software to two separate computers and virus checked both downloads with two separate virus checkers. McAfee SiteAdvisor also gives the site a green light. Still, as with any software, take care in downloading it to your computer). You will also need to know the passphrase, which is "sam" (lower case, no quotes) and the encryption algorithm, which is IDEA. It is extremely user friendly -- all drag and drop and point and click.

Of course, once you start looking for steganography tools, they are easy to find and there is some concern that terrorists or organized crime gangs are using steganography techniques to hide instructions or other data of interest. All the more reason to understand it, to my way of thinking.
S-tools itself has been around since 1996 (you get a little pop-up when you first open the software that indicates that the program has been built taking into account the "new" features available in Windows 95...). It is so old that I suspect that the bad guys have already found it and used it and the good guys have already figured out how to crack it. Still, if you are not familiar with steganography and want to understand it better, I recommend this exercise (I think it would generate some real classroom interest as well).

10 comments:

Mike said...

Awesome

Suki Fuller said...

Excellent...you never stop teaching me!

Anonymous said...

Stability

Anonymous said...

Face

Anonymous said...

wealth

Anonymous said...

forbidden

Kristan J. Wheaton said...

To everyone who found the secret message or posted a comment, many thanks!

Kris

Unknown said...

Kingdom

nice work.. now how did you create it? :D

Anonymous said...

Authority

thingswholeandnotwhole said...

Interesting. I've been dabbling in related fields myself for some time now. Signs and images as representations of reality should make up for an interesting course at Mercyhurst on perception and deception.

See also introductory lecture on pictoral semiotics: http://www.chass.utoronto.ca/epc/srb/cyber/Sonesson1.pdf

Linda

p.s. Ancient Greek literature is full of refernces to sign reading and sign encoding. More fascinating stories abound in Homer and Herodotus. It would be interesting to compile a list of references on this topic. Would that I didn't have to work 100%! Wonder if there's some text mining tool one could use to search through online text versions of the ancients.

Another area that would merit research (of which I have practically almost no knowledge) would be Eastern "texts" since Eastern "writing" allows almost equal space of words and signs (images, ideographs) on the surface.