Steganography – CompTIA Security+ SY0-401: 6.1

| September 21, 2014


When sending encrypted data, is usually very clear that the information transfer has been obfuscated. In this video, you’ll learn how steganography can be used to send information through covert, and sometimes unexpected, channels.

<< Previous Video: Key EscrowNext: Elliptic Curve and Quantum Cryptography >>


Steganography is a way to encrypt information or hide information. But you don’t have that information right there in plain sight the whole time. It’s derived from a Greek word that means concealed writing, and it is a way to secure things by making them obscure. Which in reality, isn’t security. If you really know what to look for you can very often find these things. But if you just simply hide what you’re doing inside of something else, makes it much more difficult to obviously see right in front of you.

The message is seemingly invisible, but it really is right there in front of you. In some cases, it’s actually embedded within pictures, or embedded within sounds, or embedded within a document. So it may not be completely obvious to see with the human eye, but the message really is inside of that. What we’re looking at is the cover text. This is the container for instance, like this graphical image of this network device’s front slide. And what I’ve done is, you can see.

I’ve shown that there is some embedded information that shares IP addresses, device names, and Mac addresses that happen to be on my site. And they are embedded into this picture. They’re part of this picture. Now, the picture looks like the normal picture for the network device’s slide. But hidden inside of this graphic is that information. That’s what makes stegamography so interesting to me, is that this can be sitting right in front of us the entire time.

We would have no idea that it’s really there. There are a number of ways that you can implement steganography in your environment. One way is to hide the data within the network packets themselves. Obviously, we can’t really see the network packets. And they’re going by so quickly, and there’s so many of them. But if you were able to embed just one character inside of a TCP packet as it went from one device to the other, you could send many, many packets.

And it would be very, very difficult to see any of that data that we had hidden inside of that packet unless we knew exactly what to look for. Another way to do this, we’re going to try this ourself, is to use an image. We’ve already seen how we can take a picture and we can embed our own messages, and our own images, and our own documents inside of those pictures, a very unique way to hide information right in plain sight.

And here’s a method right here on this screen where if you have a printer, well, especially an ink jet printer, you may have seen, if you look very closely, there are yellow dots that you can see. And a corner of the page that’s printed on your laser printer, on your inkjet printers, on many printers these days, those dots altogether show the serial number, the make and model, and other information about the printer that you happen to be using. So if somebody happens to find, for instance, a document, and they want to know what printer created this document, they’ll be able to see the exact serial number of your printer because it is steganography that is putting these tiny little dots here.

And now, we’re able to track it back to your physical printer. I embedded some text inside of an image using this program, silent I. There’s a version available for Linux, Windows, and Mac OS 10 that I’m using here. What I did was take an existing file– here’s this image of this Network Devices– and it gives you the option of encoding information inside of it. Let me drag over the window so you can see this.

I can decide luminance, I can decide the jpeg quality, a pass-phrase even associated with that data if I want to assign one. And then I could put an entire message in here. I can put entire file inside of this image. And when it is finished, it looks something like this. Here’s one that I’ve already done this too. And this is the image. This looks exactly like the one we were just looking at. There it is.

You can see, if I go back and forth between them, there is a very subtle difference between them, but not much. And in fact, of the human eye, if you weren’t really comparing it to this level, they’d look exactly the same. The difference, however, is I can click my decode option here. I can specify that this is a BMP encoding format. And I want to decode it. And now suddenly, all this information about the devices, IP addresses, Mac addresses, and everything on my network become decoded right from this image I have here.

Looking at the image, you would have never known all of this very important data was inside of it. But by using steganography, I’m able to hide it right there inside the image in plain sight.

Tags: , , , , ,

Category: CompTIA Security+ SY0-401

Comments are closed.

X
My Live Security+ Study Group is Wednesday. Click here to register!
My free Live Network+ Study Group is Wednesday. Click here to register!