home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
HPAVC
/
HPAVC CD-ROM.iso
/
STEGANOS.ZIP
/
STEGANOS.DOC
< prev
next >
Wrap
Text File
|
1996-07-10
|
10KB
|
229 lines
STEGANOS v1.4 - released 10th of July 1996
Cryptography/Steganography software
Copyright (c) 1996 by Fabian Hansmann
Made in Frankfurt/Germany
DOCUMENTATION
100651.3561@compuserve.com
http://ourworld.compuserve.com/homepages/fhansmann
─ [0] TABLE OF CONTENTS ────────────────────────────────────────────────
[1] What exactly is STEGANOS? An introduction
[2] The Syntax of STEGANOS
[3] Example
[4] Some hints for usage
[5] Technology and further information
[6] Errorlevels
[7] Copyrights of mentioned software
Jump to the part you want to read by searching for the chapter number in
brackets, e.g. [4].
─ [1] WHAT EXACTLY IS STEGANOS? AN INTRODUCTION ────────────────────────
Steganos (Greek): protected, protecting; covered, covering.
Steganos combines two very strong technologies for securing information:
cryptography and steganography.
Steganos hides a file inside a BMP, VOC, WAV or ASCII file - so you are
able to not just make information unusable for a third party (which you
do by using cryptologic methods), but you even hide the existence of any
information.
A second idea for using Steganos is to protect your pictures. If someone
uses one of your pictures (or sounds) you can prove that it is yours -
just store a file with your copyright in the picture.
Steganos is written for MS-DOS - this makes sure that nearly everyone
can use it - it's equal if you use pure DOS, OS/2, WIN 3.x or WIN 95.
Feel free to give Steganos to all your friends - it's FREEWARE.
Note that I am NOT RESPONSIBLE for any use or abuse of Steganos.
Special thanks go to Gabriel Yoran.
─ [2] THE SYNTAX OF STEGANOS ──────────────────────────────────────────
steganos e|d 'picture/sound file' 'file to hide' password [/b] [/d]
e encode
d decode
password Password to encrypt the file before hiding it -
'?' will prompt for password.
/d The file the information comes from will be deleted.
If you encode the "file to hide" will be deleted -
the "file for hiding information" if you decode.
Note that the file will not be restorable with undelete.
/b This parameter will force Steganos to create a backup
of the picture/sound file. This function is just avaible
when you encode. Be careful with backups if someone finds
them he can prove that you are using steganography by
simple doing a file compare (encoded file, backup).
The 'picture/sound file' can be a VOC, WAV, BMP, or ASCII file.
If you want you can use the long Windows 95 filenames as you are used
from MS-DOS 7 commandline applications. If your long filename contains
spaces you will need to put '"' at the beginning and at the end.
─ [3] EXAMPLE ──────────────────────────────────────────────────────────
steganos e sample.voc secret.txt secret
This commandline will store (hide) the file 'secret.txt' inside the
VOC file 'sample.voc' after crypting the information with the password
'secret'.
Enter the same commandline with a 'd' instead of 'e' and you get your
data back - note that the hidden information in the VOC file is not
deleted.
If you add a '>NUL' at the end of the commandline you won't see any
messages of Steganos anymore.
─ [4] SOME HINTS FOR USAGE ─────────────────────────────────────────────
- For good results use LOUD SOUNDS in a BAD QUALITY and BLACK/WHITE
graphics instead of high quality color images. Use files which
have no geometric figures inside (e.g. the windows of Graphical
User Interfaces...) since it is very simple to see that something
is wrong.
Be sure that the file you want to hide information in exists just
one time. DON'T TAKE POPULAR IMAGES (e.g. logos or pictures from
WWW sites or CD-ROMs) because the hidden information could become
visible by comparing the original file with the one you hid
information in (of cause it would be crypted anyway).
Ofcause you can modify them (e.g with filters in Paint Shop Pro).
- It is possible to convert an encoded BMP file to - for example - a the
GIF format and back to BMP. Even then Steganos will be possible to
recover the hidden data. Be sure to use exactly the same format when
encoding and decoding (best is using the same converting software -
for example VPIC for DOS or the above mentioned Paint Shop Pro for
Windows). It's important to just use compressions which do not
destroy information.
For example: JPEG uses the DCT (Diskrete Cosinus Transformation)
algorhythm which destroys parts of the image by not saving data which
can rarely be seen. Information hidden with Steganos would be lost.
- If you get hidden ASCII files within an email make sure to remove
the lines added to the original output file of Steganos.
- If you even want to enlarge the security of the hidden file make sure
you use a strong encrypting program like PGP before hiding a file with
Steganos - even though Steganos crypts the file, too.
If you want you can combine PGP with the program Stealth. This program
strips off all identifying information from the PGP encrypted file
(like header information) and can be used optionally (see URL below).
- Make sure that the password you use consists of at least 6 letters. Use
the password just one time. Don't use a password you use in a mailbox
or online service and don't use names, birthdays etc.
- If you want to encode more than one file, you can use an archiver (e.g.
PkZip or RAR) before using Steganos.
- Don't forget to delete the file consisting of the original information
after encoding or decoding if needed.
─ [5] TECHNOLOGY AND FURTHER INFORMATION ───────────────────────────────
Steganos stores information in the lowest bit of a byte, beginning after
the file header. Steganos does not just store the file, filesize and a
one byte checksum but all information stored in the file will be
encrypted.
If you enter an unknown file format, Steganos will ask you for the header
size and how much bit the format has and then try to store the
information in the file: make sure to use just uncompressed files.
Steganos will create 'noise' and write it till the end of the
picture/sound file - so it's much harder to detect the bits that
have been modified, e.g. by rotating the palette (as Gabriel Yoran did).
Because this method modifies the whole picture/sound file you should
choose a file which is not longer than absolutely needed. A large
picture/sound file takes much longer to fill it with noise.
When you hide a file inside an ASCII file Steganos uses a completely
different method for hiding information: spaces and tabs are added to
the end of the lines. Note that this method CAN BE DETECTED VERY EASILY
by using a hex editor and keep in mind that this method increases the
file size.
If you delete a file with DOS the data can be recovered with Undelete
or for example with the Norton Utility Text Search. If Undelete needs to
have a disabled directory entry to recover a file, Text Search even finds
plaintext searching sector for sector on a drive. Even if a file is
overwritten one time, it can be recovered with expensive methods.
The Steganos delete feature does not just overwrite the file once, but
three times - the first time with 00h, the second with FFh and the last
time with 00h again. This takes time but is very secure, since it demagne-
tizes the file area on the drive.
Of course you can use the Norton Utility Wipeinfo, too.
Steganos.exe is protected with a little checksum check written by me,
which, by the way, allows to pklite a file, but not to patch.
If you want to be sure to use an unmodified version of Steganos download
the newest version from my homepage (see above).
If you are intersted in more information about steganography and
cryptography check out the following sources:
Newsgroups:
alt.privacy
alt.security
sci.crypt
World Wide Web:
http://www.iquest.net/~mrmil/stego.html
http://adams.patriot.net/~johnson/html/neil/stegdoc/stegdoc.html
─ [6] ERRORLEVELS ──────────────────────────────────────────────────────
In case of an error Steganos returns an errorlevel on which a batchfile
can react.
Code Meaning
0 No error
1 Can't delete file
2 Picture/sound file is damaged
3 File must have 8 bit
4 File must be uncompressed
5 Invalid parameters
6 Steganos has been modified
7 The password is not valid
8 Picture/sound file not found
9 File to hide not found
10 Picture/sound file is too small
11 Can't create file
12 Line in ASCII file is too long
13 Incorrect file or password
─ [7] COPYRIGHTS OF MENTIONED SOFTWARE ─────────────────────────────────
Norton Utilities Copyright (c) by Symantec
Paint Shop Pro Copyright (c) by JASC, Inc.
PGP Copyright (c) by Phil Zimmerman
PkZip Copyright (c) by Pkware
RAR Copyright (c) by Eugene Roshal
Stealth Copyright (c) by Henry Hastur
VPIC Copyright (c) by Bob Montgomery, VPIC Inc.