Encyclopedia  |   World Factbook  |   World Flags  |   Reference Tables  |   List of Lists     
   Academic Disciplines  |   Historical Timeline  |   Themed Timelines  |   Biographies  |   How-Tos     
Sponsor by The Tattoo Collection
Main Page | See live article | Alphabetical index


Steganography is the art and science of writing hidden messages in such a way that no one apart from the intended recipient even knows that a message has been sent. The name comes from Johannes Trithemius's Steganographia: a treatise on cryptography and steganography disguised as a book on black magic, and is Greek for "hidden writing."

Generally a steganographic message will appear to be something else, like a shopping list, an article, a picture, or some other "cover" message.

Steganographic messages are typically first encrypted by some traditional means, and then a covertext is modified in some way to contain the encrypted message, resulting in stegotext. For example, the letter size, spacing, typeface, or other characteristics of a covertext can be manipulated to carry the hidden message; only the recipient (who must know the technique used) can recover the message and then decrypt it. Francis Bacon is known to have suggested such a technique to hide messages.

Table of contents
1 An example from modern practice
2 History
3 Additional terminology
4 Usage in terrorism
5 Countermeasures
6 See also
7 External links

An example from modern practice

of each colour component, an almost completely black image results. Making the resulting image 85 times brighter results in the image below]]
operation with the number 3 to the image, and make the image 85 times brighter, and you get the second image.]]
The larger the cover message is (in data content terms -- number of bits) relative to the hidden message, the easier it is to hide the latter. For this reason, digital picturess (which contain large amounts of data) are used to hide messages on the Internet and on other communication media. It is not clear how commonly this is actually done. For example: a 24 bit bitmap will have 8 bits representing each of the three colour values (red, green, and blue) at each pixel. If we consider just the blue there will be 28 different values of blue. The difference between say 11111111 and 11111110 in the value for blue intensity is likely to be undetectable by the human eye. Therefore, the least significant bit can be used (more or less undetectably) for something else other than colour information. If we do it with the green and the red as well we can get one letter of ASCII text per 3 pixels.

Stated somewhat more formally, the objective for making steganographic encoding difficult to detect is to ensure that the changes to the carrier (the original signal) due to the injection of the payload (the signal to covertly embed) appear visually in the example (and ideally, statistically as well) negligible; that is to say, the changes are indistinguishable from the noise floor of the carrier.

(From an information theoretical point of view, this means that the channel must have more capacity than the 'surface' signal requires , i.e., there is redundancy. For a digital image, this may be noise from the imaging element; for digital audio, it may be noise from recording techniques or amplification equipment. Any system with an analog amplification stage will also introduce so-called thermal or "1/f" noise, which can be exploited as a noise cover. In addition, lossy compression schemes (such as JPEG) always introduce some error into the decompressed data; it is possible to exploit this for steganographic use as well.)

Steganography can be used for digital watermarking, where a message (being simply an identifier) is hidden in an image so that its source can be tracked or verified. In fact, in Japan "... the Content ID Forum and the Digital Content Association of Japan started tests with a system of digital watermarks 'to prevent piracy' (The Japan Times Online 26-08-2001)." [1]


Steganography has been widely used in historical times, especially before cryptographical systems were developed. Examples of these historical usage include:

Some more recent steganography techniques:

Additional terminology

In general, terminology analogous to (and consistent with) more conventional radio and communications technology is used; however, a brief description of some terms which show up in software specifically, and are easily confused, is appropriate. These are most relevant to digital steganographic systems.

The payload is the data it is desirable to transport (and, therefore, to hide). The carrier is the signal, stream, or data file into which the payload is hidden; contrast "channel" (typically used to refer to the type of input, such as "a JPEG image"). The resulting signal, stream, or data file which has the payload encoded into it is sometimes referred to as the package. The percentage of bytes, samples, or other signal elements which are modified to encode the payload is referred to as the encoding density and is typically expressed as a floating-point number between 0 and 1.

In a set of files, those files considered likely to contain a payload are called suspects. If the suspect was identified through some type of statistical analysis, it may be referred to as a candidate.

Usage in terrorism

In October 2001, the New York Times published an article claiming that Al Quaeda had used steganographic techniques to encode messages into images, and then transported these via email, and possibly via USENET, to prepare and execute the September 11, 2001 Terrorist Attack on New York City, and possibly other actions. Despite being dismissed by security experts, the story has been widely repeated and resurfaces frequently. It was generally noted that the story had apparently originated with a press release from iomart, a vendor of steganalysis software; that there was absolutely no corroborating evidence (and years later, still isn't any); and that a captured Al Quaeda training manual did not support the claim.

The chapter on communications in the Al Quaeda manual acknowledges the technical superiority of the security services, and generally advocates low-technology, traditional forms of covert communication, plus veiled speech on public or untraceable telephones. The chapter on "codes and ciphers" places considerable emphasis on using invisible inks in traditional paper letters, plus simple ciphers such as simple substitution with nulls; steganography is not mentioned. Nevertheless public efforts were mounted to detect the presence of steganographic information in images on the web (especially on eBay, which had been mentioned in the New York Times article). So far to date these scans have examined millions of images without detecting any steganographic content (see "Detecting Steganographic Content on the Internet" under external links), other than test images used to test the system, and instructional images on web sites about steganography.

Effective detection of steganographically encoded materials in communications intercepts between suspected terrorists is therefore extremely important, but very complicated, as we will see below.


The detection of steganographically encoded packages is called steganalysis. The simplest method to detect modified files, however, is to compare them to the originals. To detect information being moved through the graphics on a website, for example, an analyst can maintain known-clean copies of these materials and compare them against the current contents of the site. The differences (assuming the carrier is the same) will compose the payload.

In general, using an extremely high compression rate makes steganography difficult, but not impossible; while compression errors provide a good place to hide data, high compression reduces the amount of data available to hide the payload in, raising the encoding density and facilitating easier detection (in the extreme case, even by casual observation).

See also

External links