Steganography comes from the Greek and literally means, “Covered writing”. It is one of various data hiding techniques, which aims at transmitting a message on a channel where some other kind of information is already being transmitted. This distinguishes steganography from covert channel techniques, which instead of trying to transmit data between two entities that were unconnected before.
The goal of steganography is to hide messages inside other “harmless” messages in a way that does not allow any “enemy” to even detect that there is a second secret message present. The only missing information for the “enemy” is the short easily exchangeable random number sequence, the secret key, without the secret key, the “enemy” should not have the slightest chance of even becoming suspicious that on an observed communication channel, hidden communication might take place.
Steganography is closely related to the problem of “hidden channels” n secure operating system design, a term which refers to all communication paths that cannot easily be restricted by access control mechanisms. In an ideal world we would all be able to sent openly encrypted mail or files to each other with no fear of reprisals. However there are often cases when this is possible, either because the working company does not allow encrypted email or the local government does not approve of encrypt communication (a reality in some parts of the world). This is where steganography can come into play.
Data hiding techniques can also be classified with respect to the extraction process:
Cover Escrow methods need both the original piece of information and the encoded one in order to extract the embedded data.Blind or Oblivious schemes can recover the hidden message by means only of the encoded data.
Steganography has developed a lot in recent years, because digital techniques allow new ways of hiding informations inside other informations, and this can be valuable in a lot of situations. The first to employ hidden communications techniques -with radio transmissions- were the armies, because of the strategic importance of secure communication and the need to conceal the source as much as possible.
Nowadays, new constraints in using strong encryption for messages are added by international laws, so if two peers want to use it, they can resort in hiding the communication into casual looking data. This problem has become more and more important just in these days, after the international Wassenaar agreement, with which around thirty of the major – with respect to technology – countries in the world decided to apply restrictions in cryptography export similar to the US’s ones.
Another application of steganography is the protection of sensitive data. A file system can be hidden in random looking files in a hard disk, needing a key to extract the original files. This can protect from physical attacks to people in order to get their passwords, because maybe the attacker can’t even know that some files are in that disk.
The major concern of steganography is stealth, because if an attacker, either passive or active, can detect the presence of the message, from that point he can try to extract it and, if encrypted, to decrypt it. The resistance to attempt at destruction or noise is not required, since we consider the sender and the receiver equally interested in exchanging messages, so that they will try to transmit the stego-medium in the best way they can. If the stego-data can be transmitted over the selected channel, and this is usually the case with all the media that are used, like images or sounds, then the embedded data will be preserved along with them. Thus, data hiding techniques for steganography must focus on the maximum strength against detection and extraction.
As a second request, we would prefer a high data rate, because we will usually want to be able to exchange any amount of data, from simple messages to top secret images.