Fravia's Anonymity Academy

FRAVIA'S STEGANOGRAPHY

---

A little steganographical history

One of the first documents describing steganography is from the Histories of Herodotus. 
In ancient Greece, text was written on wax covered tablets. In one story Demeratus 
wanted to notify Sparta that Xerxes intended to invade Greece.
To avoid capture, he scraped the wax off of the tablets and wrote a message on the 
underlying wood. He then covered the tablets with wax again. The tablets appeared 
to be blank and unused so they passed inspection by sentries without question. 

Another ingenious method was to shave the head of a messenger and tattoo a message 
or image on the messengers head.
After allowing his hair to grow, the message would be undetected until the head was 
shaved again. 

Another common form of invisible writing is through the use of Invisible inks. 
Such inks were used with much success as recently as WWII. An innocent letter 
may contain a very different message written between the lines [Zim48]. Early in
WWII steganographic technology consisted almost exclusively of invisible inks [Kahn67]. 
Common sources for invisible inks are milk, vinegar, fruit juices and urine. All of 
these darken when heated. 

With the improvement of technology and the ease as to the decoding of these invisible 
inks, more sophisticated inks were developed which react to various chemicals. 
Some messages had to be "developed" much as photographs are developed with a number 
of chemicals in processing labs. 

Null ciphers (unencrypted messages) were also used. The real message is "camouflaged" 
in an innocent sounding message.
Due to the "sound" of many open coded messages, the suspect communications were 
detected by mail filters. However "innocent" messages were allowed to flow through. 
An example of a message containing such a null cipher is: 

                    News Eight Weather:  Tonight increasing snow.
                    Unexpected precipitation smothers eastern towns.  Be
                    extremely cautious and use snowtires especially heading
                    east.  The highway is not knowingly slippery.  Highway
                    evacuation is suspected.  Police report emergency
                    situations in downtown ending near Tuesday.


By taking the first letter in each word, the following message can be derived: 

                    Newt is upset because he thinks he is President.


The following message was actually sent by a German Spy in WWII [Kahn67]: 

                    Apparently neutral's protest is thoroughly discounted
                    and ignored.  Isman hard hit.  Blockade issue affects
                    pretext for embargo on by products, ejecting suets and
                    vegetable oils.


Taking the second letter in each word the following message emerges: 

                    Pershing sails from NY June 1.

Even the layout of a document can provide information about that document. 
Brassil et al authored a series of publications dealing with document 
identification and marking by modulating the position of lines and words 
[Brassil-Infocom94, Brassil- Infocom94, Brassil-CISS95]. 
Similar techniques can also be used to provide some other "covert" information 
just as 0 and 1 are informational bits for a computer. As in one of their examples, 
word-shifting can be used to help identify an original document [Brassil-CISS95]. 
Though not applied as discussed in the series by Brassil et al, a similar method can
be applied to display an entirely different message. Take the following sentence (S0): 

                    We explore new steganographic and cryptographic
                    algorithms and techniques throughout the world to
                    produce wide variety and security in the electronic web
                    called the Internet.

and apply some word shifting algorithm (this is sentence S1). 

                    We explore new steganographic and cryptographic
                    algorithms and techniques throughout the world to
                    produce wide variety and security in the electronic web
                    called the Internet.

By overlapping S0 and S1, the following sentence is the result: 

                    We explore new steganographic and cryptographic
                    algorithms and techniques throughout the world to
                    produce wide variety and security in the electronic web
                    called the Internet.

This is achieved by expanding the space before explore, the, wide, and web 
by one point and condensing the space after explore, world, wide and web by 
one point in sentence S1. Independently, the sentences containing the shifted 
words appear harmless, but combining this with the original sentence produces 
a different message: explore the world wide web.

Back to Fravia's Anonymity Academy
homepage links +ORC counter measures
antismut CGI tricks academy database tools javascript tricks
cocktails search_forms mail_fravia+
Is software reverse engineering legal?