|
| 1 | +OutGuess 0.13b |
| 2 | +-------------- |
| 3 | +1999-08-06 - Niels Provos <provos@citi.umich.edu> |
| 4 | + |
| 5 | +OutGuess is a universal steganographic tool that allows the insertion |
| 6 | +of hidden information into the redundant bits of data sources. The |
| 7 | +nature of the data source is irrelevant to the core of OutGuess. The |
| 8 | +program relies on data specific handlers that will extract redundant |
| 9 | +bits and write them back after modification. In this version the PNM |
| 10 | +and JPEG image formats are supported. In the next paragraphs, images |
| 11 | +will be used as concrete example of data objects, though OutGuess can |
| 12 | +use any kind of data, as long as a handler is provided. |
| 13 | + |
| 14 | +OutGuess is available under the BSD software license. Please see each |
| 15 | +source file for its respective license. OutGuess was written in |
| 16 | +Germany, and CONTAINS CRYPTOGRAPHIC FUNCTIONS. |
| 17 | + |
| 18 | +Steganography is the art of hiding the fact that communication is |
| 19 | +happening. Classical steganography systems depend on keeping the |
| 20 | +encoding system secret, but modern steganography should only be |
| 21 | +detectable if a secret information, e.g. a secret key is known. But |
| 22 | +because of their invasive nature they leave detectable traces within |
| 23 | +an image's characteristics, e.g. its Fourier signature, and hence |
| 24 | +allow an eavesdropper to detect images which have been modified, and |
| 25 | +thus giving away the fact that secret communication is happening. The |
| 26 | +secret of the information is not degraded, its hidden nature is |
| 27 | +revealed, defeating the whole purpose of Steganography. |
| 28 | + |
| 29 | +A more processor- and space-intensive alternative is to match existing |
| 30 | +images against the source data in order to minimize the number of |
| 31 | +modifications required to express the original message. |
| 32 | + |
| 33 | +OutGuess uses a generic iterator object to select which bits in the |
| 34 | +data should be modified. A seed can be used to modify the behavior |
| 35 | +of the iterator. It is embedded in the data along with the rest of the |
| 36 | +message. By altering the seed, OutGuess tries to find a sequence of |
| 37 | +bits that minimizes the number of changes in the data that have to be |
| 38 | +made. |
| 39 | + |
| 40 | +A bias is introduced that favors the modification of bits that were |
| 41 | +extracted from a high value, and tries to avoid the modification of |
| 42 | +bits that were extracted from a low value. |
| 43 | + |
| 44 | +A sample output from OutGuess is as follows: |
| 45 | + |
| 46 | +Reading .... |
| 47 | +Extracting usable bits ... |
| 48 | +JPEG compression quality set to 91 |
| 49 | +Encoded data: 1178 |
| 50 | +Finding best embedding... |
| 51 | +New best: 0: 4709(49.8%), bias 4332(0.92), saved: 3 |
| 52 | +New best: 5: 4700(49.7%), bias 4290(0.91), saved: 12 |
| 53 | +New best: 7: 4663(49.3%), bias 4217(0.90), saved: 49 |
| 54 | +New best: 17: 4644(49.1%), bias 4188(0.90), saved: 68 |
| 55 | +New best: 121: 4660(49.3%), bias 4169(0.89), saved: 52 |
| 56 | +121, 8829: Embedding data: 9424 in 81406 |
| 57 | +Bits embedded: 9456, changed: 4660(49.3%), bias: 4169, tot: 81320, skip: 71864 |
| 58 | +Total bits changed: 8829 (changed 4660 + bias 4169) |
| 59 | +Storing bitmap into data... |
| 60 | +Writing .... |
| 61 | + |
| 62 | +The simple example script "seek_script" uses OutGuess to select an image |
| 63 | +that fits the data we want to hide the best, yielding the lowest number |
| 64 | +of changed bits. Because we do not care about the actual content of |
| 65 | +the cover data we send, this is a very viable approach. |
| 66 | + |
| 67 | +Additionally, OutGuess allows to hide an arbitrary number of messages |
| 68 | +in the data. Thus it also provides plausible deniablity. It keeps |
| 69 | +track of the bits that have been modified previously and locks them. |
| 70 | +A (23,12,7) Golay code is used for error correction to tolerate |
| 71 | +collisions on locked bits. Artifical errors are introduced to avoid |
| 72 | +modifying bits that have a hight bias. |
| 73 | + |
| 74 | +IN THIS VERSION, OUTGUESS ONLY INSERTS TWO DIFFERENT MESSAGES. THE |
| 75 | +RELEASE VERSION WILL HANDLE AN ARBITRARY NUMBER. |
| 76 | + |
| 77 | +The available command line options are, capital letters specify options |
| 78 | +for the second message, |
| 79 | + |
| 80 | + -k <key> The secret key used to encrypt and hide the message in |
| 81 | + the provided data. |
| 82 | + |
| 83 | + -d <filename> The filename specifying the message to be hidden in the |
| 84 | + data. |
| 85 | + |
| 86 | + -i <n> The upper limit in finding an optimal iterator seed. The |
| 87 | + maximum value for the limit is 65536. |
| 88 | + |
| 89 | + -s <n> The initial seed the iterator object uses for |
| 90 | + selecting bits in the redundant data. If no upper limit |
| 91 | + is specified, the iterator will use this seed without |
| 92 | + searching for a more optimal embedding. |
| 93 | + |
| 94 | + -e Use error correction for data encoding and decoding. |
| 95 | + |
| 96 | +Other options that apply to the general executions of OutGuess are |
| 97 | + |
| 98 | + -r Retrieve a message from a data object. If this option |
| 99 | + is not specified, OutGuess will embed messages. |
| 100 | + |
| 101 | + -x <n> If the second key does not create an iterator object |
| 102 | + that is successful in embedding the data, the program |
| 103 | + will derive up to <n> new keys. |
| 104 | + |
| 105 | + -p "param" Passes a string as parameter to the destination data |
| 106 | + handler. For the JPEG image format, this is the |
| 107 | + compression quality, it can take values between 75 and |
| 108 | + 100. The higher the quality the more bits to hide |
| 109 | + a message in the data are available. |
| 110 | + |
| 111 | + -t Collect statistics about redundant bit usage. Repeated |
| 112 | + 't's increase output level. Probably meaningless to |
| 113 | + most. |
| 114 | + |
| 115 | +For embedding messages, you need to specify a source and a destination |
| 116 | +filename. OutGuess determines the data format by the filename extension. |
| 117 | +If no filenames are specified OutGuess operates as filter and assumes |
| 118 | +the PPM data format. |
| 119 | + |
| 120 | +For example |
| 121 | + |
| 122 | + outguess -k "my secret pass phrase" -d hidden.txt monkey.jpg out.jpg |
| 123 | + |
| 124 | +embeds the message 'hidden.txt' into the 'monkey.jpg' image. In the |
| 125 | +other direction |
| 126 | + |
| 127 | + outguess -k "my secret pass phrase" -r out.jpg message.txt |
| 128 | + |
| 129 | +will retrieve the hidden message from the image. |
| 130 | + |
| 131 | +If you want to embed a second message, use |
| 132 | + |
| 133 | + outguess -k "secret1" -d hide1.txt -E -K "secret2" -D hide2.txt \ |
| 134 | + monkey.jpg out.jpg |
| 135 | + |
| 136 | +OutGuess will first embed "hide1.txt" and then "hide2.txt" on top of |
| 137 | +it, using error correcting codes. The second message "hide2.txt" can |
| 138 | +be retrieved with |
| 139 | + |
| 140 | + outguess -k "secret2" -e -r out.jpg message.txt |
| 141 | + |
| 142 | +As this is a BETA version, I would like you to give me feedback on |
| 143 | +the usefulness of OutGuess. |
| 144 | + |
| 145 | +Installation |
| 146 | +------------ |
| 147 | +OutGuess has been modified to use autoconf, a normal installation |
| 148 | +should require only |
| 149 | + |
| 150 | +1. ./configure && make |
| 151 | + |
| 152 | +If your system is not supported, trying building by hand as follows |
| 153 | + |
| 154 | +1. Install the JPEG-6b libjpeg.a library and patch it with |
| 155 | + jpeg-6b-steg.diff. You can obtain the source from |
| 156 | + ftp://ftp.uu.net/graphics/jpeg/jpegsrc.v6b.tar.gz. |
| 157 | + The Makefile expects the library to be at ../jpeg-6b. |
| 158 | + |
| 159 | +2. Edit the Makefile and type make |
| 160 | + |
| 161 | +OutGuess has only been tested on OpenBSD, Linux, Solaris and AIX. |
| 162 | + |
| 163 | +BUGS: |
| 164 | +----- |
| 165 | +Not all the redundant data available in the JPEG encoding is used, |
| 166 | +this is due to a problem when reconstructing the Huffman coefficients. |
| 167 | +I have seen cases when two MCU blocks have only the first coefficient |
| 168 | +assigned, that the coefficents are the same and do not represent |
| 169 | +the Huffman coefficients that were used when the image was created, |
| 170 | +and thus getting the bit stream out of sync. So I just ignore the |
| 171 | +first coefficent always. |
| 172 | + |
| 173 | +Acknowledgments: |
| 174 | +---------------- |
| 175 | +OutGuess uses code from, attributions can also be found in the sources, |
| 176 | + |
| 177 | + Markus Kuhn's Stirmark software, see STIRMARK-README. |
| 178 | + |
| 179 | + the Independent JPEG Group's JPEG software, see JPEG_README. |
| 180 | + |
| 181 | + the Arc4 random number generator for OpenBSD, (c) 1996 by |
| 182 | + David Mazieres <dm@lcs.mit.edu>. |
| 183 | + |
| 184 | + free MD5 code by Colin Plumb. |
| 185 | + |
| 186 | +For determining the redundant bits out of a JPEG image, the jpeg-jsteg-v4 |
| 187 | +patches by Derek Upham <upham@cs.ubc.ca> were helpful. |
| 188 | + |
| 189 | +Thanks to |
| 190 | + Dug Song <dugsong@monkey.org> for helping with configure, |
| 191 | + Andrew Reiter <andrewr@rot26.net> for testing on Solaris. |
0 commit comments