Steganography is the science of information smuggling, the sending of secret messages that are concealed inside an innocent medium. It is used by hackers to plant files into your computer. It is the primary method of distribution for child pornographers. It has even been linked to the September 11 attacks in the US, with the New York Times describing hidden messages in the images of fake eBay listings. It has also been used for over 2500 years.

Steganography’s history is written in blood and war. In 494 BC, Histiaeus, the ruler of the ancient city of Miletus, tattooed a secret message onto the shaved head of a slave. He waited for the hair to grow back before sending the slave to the recipient, who again shaved the head and revealed a message containing instructions for an Ionian revolt against the Persians, a revolt that would last for half a century. In 480 BC, Demaratus carved a secret message into a wooden table which he then painted over in wax. The wax, scraped off, revealed a warning of Persian attack. The wax did not simply obscure the message – it obscured the very existence of the message; this is the essence of steganography.

Evolving in parallel with technology, steganography has traditionally found its greatest application during war time. Invisible ink was used by spies in World War I. In World War II the Germans used microdots, shrinking of an entire page of text into a 1-mm dot, placed inconspicuously within an otherwise unremarkable document. Quite suddenly, steganography was on a very sharp rise, becoming a tool with myriad applications, a few good and most bad thanks to the arrival of the Internet.

The good applications include digital watermarks hidden in a photograph for copyright protection, or the protection of confidential information by hiding it in an unexceptional medium. The long list of bad includes the proliferation of child pornography and hacking and gaining control over another’s computer. Of course, not every use falls squarely into those two categories. Journalists can use it to conceal sources. Dissidents can use it to evade government censorship. It can even be used to bait and trap criminals across a wide variety of crimes. An example would be the well known Thatcher typewriter trick, where British Prime Minister Margaret Thatcher had government typewriters altered to encode specific user information in the spaces between words in order to catch the person behind the leaking of cabinet documents.

The wide range of applications of steganography has ensured its ease of use and access. There are thousands of tools available on the Internet that can create steganographic messages. They come in user-friendly, self-contained packages and in no more than two mouse clicks and you’ve hidden your message in another medium. A password in an image; a plagiarised essay in an MP3 song file; stolen credit card numbers in a freely available movie trailer. There has always been a limitation to this though: file size – and by extension, the length of the message. You wouldn’t try to hide a pirated pre-screening of a new hit movie in an image file of your cat. That wouldn’t fool anyone with its thousand megabyte footprint.

Footprints have been where steganography tripped up – until now. In all the previous examples, a trail is left. The image will always contain the offending document. The slave’s head will forever have the hidden message printed upon it. In each example, a specific carrier was required and message length limited. The slave’s head: the message can only be so long. The image of your cat: how many megabytes can you explain away before someone gets suspicious? The moment an outside party knows that a message is concealed, the disguise becomes ineffective.

A new form of steganography sidesteps these issues, one that communicates the hidden message over Internet Protocol (IP), which specifies how and where information travels over a network. The IP contains the virtual addresses of a sender and recipient and governs the method by which the message is sent. Think of it like postal system addresses but online in a virtual world. Communication between these two IPs is done in the form of packet switching. This is the breaking down of information into tiny chunks which are then sent through the network to the recipient’s computer. By manipulating delays in the packets sent, this type of steganography can transmit a hidden message simply through patterning delayed packets so that only the appropriate decoding software on the other end can recognise these delays – to anyone else, they would just look like packet delays; normal Internet lag. Now the message sent can have limitless length – it just depends on how long the connection stays open between two computers. You could be chatting with a friend on MSN Messenger for an hour and secretly be receiving a book’s worth of piracy resources. That you had received the information would also be virtually untraceable. In fact, it is nigh impossible to even ever be sure that a hidden message is being transmitted because packet delays are the norm.

The almost total security of the anonymity of the hidden message has potent implications, especially for criminal applications. The hidden message can be anything – instructions for a bombing, access codes to a bank’s vault. Or – and more likely – it could be a Trojan – a program that grants somebody else total control over your computer. The packet delay system of steganography means that virus scanners may no longer be able to detect viruses until they have already been transmitted to your computer, by which time it may be too late. What’s even more worrying is that this usage of steganography is perhaps the least of our concerns.

By the way – there is a hidden message in this article.

Words: Hugo Stanford

Tags: computer, hacking, steganography
Posted in Features