Security levels in steganography Insecurity does not imply detectability
Pages 25 - 45
Abstract
This paper takes a fresh look at security notions for steganography the art of encoding secret messages into unsuspicious covertexts such that an adversary cannot distinguish the resulting stegotexts from original covertexts. However, stegosystems that fulfil the security notion used so far are quite inefficient. The current setting is not able to quantify the power of the adversary and thus leads to extremely high requirements. We will show that there exist stegosystems that are not secure with respect to the measure insecurity considered so far. However, it is totally unclear how they could be successfully attacked when used in practice.This indicates that a different notion of security is needed which we call detectability. We propose different variants of (un)-detectability and discuss their appropriateness by constructing concrete examples of stegosystems and covertext distributions.As main technical contribution we design a framework for steganography that exploits the difficulty to get detailed information about the covertext distribution. This way, for the first time a tight analytical relationship between the task of discovering the use of stegosystems and the task of differentiating between possible covertext distributions is obtained. In steganography the security analysis is significantly more complex than for cryptography.An insecure (according to standard definition) stegosystem may still not be detectable.The available covertext channels and their distributions play an important role.For both, stegoencoder and steganalyst, knowledge about the actual covertext channels are essential.
References
[1]
L. von Ahn, N.J. Hopper, Public-key steganography, in: Lecture Notes in Computer Science, vol. 3027, Springer, 2004, pp. 323-341.
[2]
M. Backes, C. Cachin, Public-key steganography with active attacks, in: Theory of Cryptography, Proceedings of Second Theory of Cryptography Conference, 2005, pp. 210-226.
[3]
M. Bellare, A. Desai, E. Jokipii, P. Rogaway, A concrete security treatment of symmetric encryption, in: Proc. 38. Symp. on Foundations of Computer Science, IEEE, 1997, pp. 394-403.
[4]
S. Berndt, M. Likiewicz, Provable secure universal steganography of optimal rate, in: Proc. Information Hiding and Multimedia Security, ACM, 2016, pp. 387-394.
[5]
C. Cachin, An information-theoretic model for steganography, Inform. and Comput., 192 (2004) 41-56.
[6]
N. Dedi, G. Itkis, L. Reyzin, S. Russell, Upper and lower bounds on black-box steganography, J. Cryptology, 22 (2009) 365-394.
[7]
N. Fazio, A.R. Nicolosi, I.M. Perera, Broadcast steganography, in: Topics in Cryptology, Springer, 2014, pp. 64-84.
[8]
J. Fridrich, M. Goljan, D. Hogea, Steganalysis of JPEG images: breaking the F5 algorithm, in: Information Hiding, Springer, 2002, pp. 310-323.
[9]
O. Goldreich, S. Goldwasser, A. Nussboim, On the implementation of huge random objects, SIAM J. Comput., 39 (2010) 2761-2822.
[10]
V. Goyal, A. Jain, On the round complexity of covert computation, in: Proc. Symp. on Theory of Computing, ACM, 2010, pp. 191-200.
[11]
I. Haitner, O. Reingold, S. Vadhan, Efficiency improvements in constructing pseudorandom generators from one-way functions, SIAM J. Comput., 42 (2013) 1405-1430.
[12]
J. Hstad, R. Impagliazzo, L.A. Levin, M. Luby, A pseudorandom generator from any one-way function, SIAM J. Comput., 28 (1999) 1364-1396.
[13]
N. Hopper, On steganographic chosen covertext security, in: Automata, Languages and Programming, Proceedings of 32nd International Colloquium, 2005, pp. 311-323.
[14]
N.J. Hopper, L. von Ahn, J. Langford, Provably secure steganography, IEEE Trans. Comput., 58 (2009) 662-676.
[15]
N.J. Hopper, J. Langford, L. Ahn, Provably secure steganography, in: LNCS, vol. 2442, Springer, Berlin, Heidelberg, 2002, pp. 77-92.
[16]
S.K. Jakobsen, C. Orlandi, How to bootstrap anonymous communication, in: Proc. Conf. on Innov. in Theoretical Computer Science, ACM, 2016, pp. 333-344.
[17]
A.D. Ker, P. Bas, R. Bhme, R. Cogranne, S. Craver, T. Filler, J. Fridrich, T. Pevn, Moving steganography and steganalysis from the laboratory into the real world, in: Proc. IH&MMSec, ACM, 2013, pp. 45-58.
[18]
T.V. Le, K. Kurosawa, Bandwidth optimal steganography secure against adaptive chosen stegotext attacks, in: Lecture Notes in Computer Science, vol. 4437, Springer, 2006, pp. 297-313.
[19]
M. Likiewicz, R. Reischuk, U. Wlfel, Grey-box steganography, Theoret. Comput. Sci., 505 (2013) 27-41.
[20]
A. Lysyanskaya, M. Meyerovich, Provably secure steganography with imperfect sampling, in: Public Key Cryptography, Springer, 2006, pp. 123-139.
[21]
S. Vadhan, C.J. Zheng, Characterizing pseudoentropy and simplifying pseudorandom generator constructions, in: Proceedings of the Forty-Fourth Annual ACM Symposium on Theory of Computing, ACM, 2012, pp. 817-836.
[22]
A. Westfeld, F5 a steganographic algorithm, in: Information Hiding, Springer, 2001, pp. 289-302.
[23]
E. Zieliska, W. Mazurczyk, K. Szczypiorski, Trends in steganography, Commun. ACM, 57 (2014) 86-95.
- Security levels in steganography Insecurity does not imply detectability
Recommendations
A JPEG-based statistically invisible steganography
ICIMCS '11: Proceedings of the Third International Conference on Internet Multimedia Computing and ServiceThe objective of steganography is to implement covert communication by hiding data in digital files such that there is no indication of the existence of hidden data; so an ideal steganographic system should be able to withstand all steganalysis methods--...
LSB-Based Steganography Using Reflected Gray Code
Steganography aims to hide secret data into an innocuous cover-medium for transmission and to make the attacker cannot recognize the presence of secret data easily. Even the stego-medium is captured by the eavesdropper, the slight distortion is hard to ...
Implementation of Least Significant Bit Steganography and statistical steganalysis
CCSEIT '12: Proceedings of the Second International Conference on Computational Science, Engineering and Information TechnologyLeast Significant Bit (LSB) Steganography is a method for hidden information in such a way that can only be detected by its intended recipient. Steganography in Digital media becomes a challenging discipline, since the Human Auditory System (HAS) is ...
Comments
Information & Contributors
Information
Published In
Copyright © Elsevier B.V.
Publisher
Elsevier Science Publishers Ltd.
United Kingdom
Publication History
Published: 05 September 2017
Author Tags
Qualifiers
- Research-article
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 0Total Downloads
- Downloads (Last 12 months)0
- Downloads (Last 6 weeks)0
Reflects downloads up to 25 Jan 2025