Announcing Stego 1.0a2 The First Steganography Tool For The Macintosh by Romana Machado of Paradigm Shift Research 11/28/93 What is steganography? Steganography is a method by which a message can be disguised by making it appear to be something else. It derives from two Greek roots. "Stego-" means "roof", or "cover". It is the same root used in "stegosaur", called a "roof lizard" because of the large bony plates that decorate its back. "-graphy" means writing. "Steganography" means covert writing. What is Stego? Stego is a tool that enables you to embed data in, and retrieve data from, Macintosh PICT format files, without changing the appearance or size of the PICT file. Though its effect is visually undetectable, do not expect cryptographic security from Stego. Be aware that anyone with a copy of Stego can retrieve your data from your PICT file. Stego can be used as an "envelope" to hide a _previously encrypted_ data file in a PICT file, making it much less likely to be detected. How does Stego work? Stego works by slightly altering pixel values. Every computer graphics image is made up of an array of tiny dots of color, called pixels. The color of each pixel is determined by its pixel value, a number. In a computer, all numbers, and all data are expressed by sequences of bits. The number of bits used to express the pixel value indicates the range of possible colors available in that image. For example, in an 8 bit computer graphics image, each pixelUs color is determined by a sequence of 8 bits. The first bit in the sequence is called the "most significant bit", because it affects the pixel value the most, and the last bit in the sequence is called the "least significant bit", because it affects the pixel value the least. Stego hides data by reading your data file one bit at a time, and copying each bit to the least significant bit of each pixel value as it scans across the image. Stego Tips Stego can hide data in 8, 16, and 32 bit Macintosh PICT files. Stego can hide data from the data fork of Macintosh files only. If you need to steg something that has resources, use a utility like BinHex, or an encryption or compression utility, to convert it to a binary data file first. Stego Commands Open... will only display PICT files. When you select a file, Stego displays it with an info window across the top that tells you how much data can be stegged into the file. Steg... becomes enabled when a PICT file is open. It allows you to choose any type of file to steg, and informs you if the file has resources, or if it will not fit in the PICT file. Unsteg... also becomes enabled when a PICT file is open. It asks you to specify an output file, and unstegs the data in the least significant bits of the PICT file. It will produce an output file even if nothing's been previously stegged into the file. Change File Info... This function allows you to change the file type and creator of any file, and is enabled when no PICT file is currently open. You may need to change the file type and creator of your data file back to what they were before your file was stegged, because Stego does not save file type and creator. The default output file of Stego is a TeachText file, with a file type of 'TEXT' and a file creator of 'ttxt', so that if you double- click on a Stego output file, TeachText will launch and display it. If you're in doubt whether you need this function, you can experiment by using the Change File Info... command to look at the file type and creator of your data file before you steg your data file, then unstegging to an output file, closing the PICT file, and using the Change File Info... command to set the file type and creator back to what they were originally. (Using BinHex on the file, as described under "Stego Tips" above, will also preserve type and creator information.) Good News I plan to release the code for Stego, but it is not fully groomed yet. In the mean time,it is available on request. Stego may be expanded to handle other image formats, and other digital media: audio, video, etc. Output file type and creator defaults will be configurable in the next release. The next release will be able to steg and unsteg PICT resources in Macintosh files. I would like to hear your suggestions for further development of Stego. I have heard that new versions of PGP are being developed that can produce cyphertext that does not have the telltale headers and footers attached to the cyphertext, which would make cyphertext less detectable when stegged into a carrier. Meanwhile, other encryption methods exist that can produce cyphertext that appears to be nothing more than a collection of random numbers. This kind of file is ideal for stegging. Technical Notes Stego rasterizes the image, then stegs data into the least significant bit (or LSB) of each of the RGB color values. (In the case of indexed color, Stego stegs data into the LSB of the index values.) The file length of the data file to be stegged is hidden in the LSB's of the first 32 steggable bytes. To disguise this value somewhat, I take the second to least significant bits of the second 32 steggable bytes and XOR these with the 32 bit file length, and then steg the XOR'd file length into the LSB's of the first 32 steggable bytes. Where Can I Get Stego? Stego should soon be available via anonymous ftp from sumex- aim.stanford.edu. A text file containing abstracts of all available files is available in the info-mac/help/ directory. Stego should also available via anonymous ftp from soda.berkeley.edu. If for some reason you canUt find it in these locations, email me and I will send it to you. Don't Forget! Stego is shareware. You can help to support further development by sending $15.00 or any stegosaur to: Romana Machado 19672 Stevens Creek Blvd. #127 Cupertino, CA 95014 Bugs? Questions? EMail: romana@apple.com