Steganography is a tool for secrecy that has evolved over centuries of use. It can refer to any method (there are several) of hiding messages within another message. In this application, however it will refer to systematically blending bits of a data file within another data file. The algorithms provided with S-Tools make it possible to hide large volumes of information just below the threshold of perception.

I will use the USA Patriot Act as the document to be hidden; and a bitmap photograph as the hosting file. The photograph is 389x250 pixels in resolution, which translates to 97,250 bits. Using “true color” this value is then multiplied by 3 because each pixel contains three components: red, green, and blue. Thus, the product of 291,750 bytes is the size of the file. However, to be exact it is 294,912 bytes on disk due to slack space (4,096 byte blocks).

Exploring the digital color-wheel will help understand exactly how the process works. There are 8 bits (or 1 byte) used to encode the strength of each of the three base colors. So, the total number of bits in this particular color scheme is 24 (3 bytes). The value of each byte can range from 0 (all 8 bits turned off) to 255 (all 8 bits turned on) according to the binary, base-2 standards.

In the case that the byte representing red was equal to 255 (all color) and the two bytes representing green and blue were 0 (no color); the image would appear solid red. Turning off red’s least significant bit, whose value is 1, yields a value of 254. The color is still very much solid red; though now there is a free bit of data which can be allocated to hiding information.

Using the least significant bit of every byte means nearly 10% of a photograph can store hidden data and remain undetected by the human eye, [2]. When pictures lacking complex color schemes are used as the host, such as black and white photos, the potential number of bits that can be allocated to other data is greatly increased, [2].

This sure is neat, but the purpose of its discussion here is not to teach a new magic trick. Just like cryptography, when in the wrong hands, steganography tools can be used against us. It is believed that the Al-Queda network employed steganography to communicate amongst each other.

The strategy is simple: hide messages in a photograph and publish the photograph to the web, transfer via email, or offer via ftp. Now enemies around the world can access each other’s messages without international travel, interstate travel, or even leaving the Internet-connected terminal. This is potentially more of a threat than cryptography itself because not only must we attempt to decipher the messages, but we must find them first. And, as the following will show, this is not easy.

Back to the experiment, 10% of the 294,912 bit file is roughly 29,500 bits. The first 45 pages of the USA Patriot Act of 2001 equaled 32,439 bits. This was the portion embedded into the photograph.

A comparison of the two photographs with a hex viewer revealed quickly that much of the file’s original bits were altered. In fact, a majority were replaced while only a small portion matched up. This is because the file also goes through an encryption process when the data is hidden. Nonetheless, the photo appears untouched because the algorithms were designed to preserve quality. So, without the original photograph for comparison, we are out of luck when analyzing files for potential hidden documents. Furthermore, even with the original, we cannot (in the necessary time period) reveal the hidden data from the suspect file without knowledge of the encryption key or algorithm used.

The photo before:

The photo after: