|Take a good look. Can you unravel the secret code in this picture? U-M graduate student Niels Provos and other CITI researchers embedded the first chapter of Lewis Carrolls The Hunting of the Snark into this image. Chances are you dont see a thing. Thats the key to stegonagraphy. Delivering secret message in an existing image without altering the original content. (Photo courtesy of CITI)|
Steganography, Greek for hidden writing is the art and science of secret communication, says Peter Honeyman, scientific director at the Center for Information Technology Integration (CITI). Its the ability for people to communicate without anyone else knowing that communication is taking place. Its different from cryptography which carries an encrypted or coded message. People see the means of communication, know the message is taking place but dont know how to decipher it. The whole basis of steganography is to conceal that the communication is even taking place.
The digital world has opened the door for this type of coded communication. That means e-mails, CD-ROMS, photos, even compressed music files or MP3s. Any digital representation of information offers an opportunity for steganography, says Honeyman, who also is an adjunct professor of electrical engineering and computer science. It doesnt require any special equipment, just someone who knows their way around a computer and can use a mouse.
A few extra spaces, dots or dashes to any original program or file is all thats needed to create a steganographic message . These additions dont disturb the original content but embed a secret note. A simple computer program can break the code.
About 10 percent of an image or file can be used to hide a message, says U-M graduate student Niels Provos. Beyond that, you run the risk of altering the original content. But 10 percent is enough to get the word out.
Steganography has always been of research interest at CITI, but its now more in the global spotlight because of a Feb. 2001 article in USA Today in which it was reported that terrorists are using steganography to hide communication in Internet images.
Spurred by these reports, Provos developed a steganographic detection framework. He analyzed two million images from the Internet auction site eBay using several computer tools, including a crawler that downloads images from the Web; Stegdetect, which identifies images that might contain hidden messages; Stegbreak, which then tries to conjure up a key to break the code; and a distributing computer framework that runs multiple instances of Stegbreak on a cluster of workstations.
Despite all the hype, Provos came up empty handed. Not a single image contained any steganographic message. This could mean one of three things, says Honeyman. One, stegano-graphy isnt being used. Two, our analysis techniques arent effective. Or, three, we just cant break the encrypted codes.
Even though the CITI group found no evidence of steganography on eBay, the government may still believe these messages are out there. An Oct. 30 article in the New York Times cites several computer experts who are working with government agencies to detect possible hidden messages on the Internet. So far, these agencies arent saying what, if anything, theyve found hidden while surfing the Web.