In Chapter 6, we learned that steganographic security can be measured with the Kullback–Leibler divergence between the distributions of cover and stego images. Four heuristic principles for minimizing the divergence were discussed in Chapter 7. One of them was the principle of minimal embedding impact, which starts with the assumption that each cover element, i, can be assigned a numerical value, ρ[i], that expresses the contribution to the overall statistical detectability if that cover element was to be changed during embedding. If the values ρ[i] are approximately the same across all cover elements, minimizing the embedding impact is equivalent to minimizing the number of embedding changes. The matrix embedding methods introduced in the previous chapter can be used to achieve this goal.

If ρ[i] is highly non-uniform, Alice may attempt to restrict the embedding changes to a selection channel formed by those cover elements with small ρ[i]. Constraining the embedding process in this manner, however, brings a fundamental problem. Often, the values ρ[i] are computed from the cover image or some side-information that is not available to Bob. Thus, Bob is generally unable to determine the same selection channel from the stego image and thus read the message. Channels that are not shared between the sender and the recipient are called non-shared selection channels. The main focus of this chapter is construction of methods that enable communication with non-shared selection channels.

Steganography is another term for covert communication. It works by hiding messages in inconspicuous objects that are then sent to the intended recipient. The most important requirement of any steganographic system is that it should be impossible for an eavesdropper to distinguish between ordinary objects and objects that contain secret data.

Steganography in its modern form is relatively young. Until the early 1990s, this unusual mode of secret communication was used only by spies. At that time, it was hardly a research discipline because the methods were a mere collection of clever tricks with little or no theoretical basis that would allow steganography to evolve in the manner we see today. With the subsequent spontaneous transition of communication from analog to digital, this ancient field experienced an explosive rejuvenation. Hiding messages in electronic documents for the purpose of covert communication seemed easy enough to those with some background in computer programming. Soon, steganographic applications appeared on the Internet, giving the masses the ability to hide files in digital images, audio, or text. At the same time, steganography caught the attention of researchers and quickly developed into a rigorous discipline. With it, steganography came to the forefront of discussions at professional meetings, such as the Electronic Imaging meetings annually organized by the SPIE in San Jose, the IEEE International Conference on Image Processing (ICIP), and the ACM Multimedia and Security Workshop. In 1996, the first Information Hiding Workshop took place in Cambridge and this series of workshops has since become the premium annual meeting place to present the latest advancements in theory and applications of data hiding.

The first steganographic techniques for digital media were constructed in the mid 1990s using intuition and heuristics rather than from specific fundamental principles. The designers focused on making the embedding imperceptible rather than undetectable. This objective was undoubtedly caused by the lack of steganalytic methods that used statistical properties of images. Consequently, virtually all early naive data-hiding schemes were successfully attacked later. With the advancement of steganalytic techniques, steganographic methods became more sophisticated, which in turn initiated another wave of research in steganalysis, etc. This characteristic spiral development can be expressed through the following quotation:

Steganography is advanced through analysis.

In this chapter, we describe some very simple data-hiding methods to illustrate the concepts and definitions introduced in Chapter 4 and especially Section 4.3. At the same time, we point out problems with these simple schemes to emphasize the need for a more exact fundamental approach to steganography and steganalysis.

In Section 5.1, we start with the simplest and most common steganographic algorithm – Least-Significant-Bit (LSB) embedding. The fact that LSB embedding is not a very secure method is demonstrated in Section 5.1.1, where we present the histogram attack. Section 5.1.2 describes a different attack on LSB embedding in JPEG images that can not only detect the presence of a secret message but also estimate its size.

Some of the first steganographic methods were designed for palette images, which is the topic of Section 5.2. We discuss six different ideas for hiding information in palette images and point out their weaknesses as well as other problematic issues pertaining to their design.

This book focuses on steganographic methods that embed messages in digital images by slightly modifying them. In this chapter, we explain the process by which digital images are created. This knowledge will help us design more secure steganography methods as well as build more sensitive detection schemes (steganalysis).

Fundamentally, there exist two mechanisms through which digital images can be created. They can be synthesized on a computer or acquired through a sensor. Computer-generated images, such as charts, line drawings, diagrams, and other simple graphics generated using drawing tools, could, in principle, be made to hold a small amount of secret data by the selection of colors, object types (line type, fonts), their positions or dimensions, etc. Realistic-looking computer graphics generated from three-dimensional models (or measurements) using specialized methods, such as ray-tracing or radiosity, are typically not very friendly for steganography as they are generated by deterministic algorithms using well-defined rules. In this book, we will mostly deal with images acquired with cameras or scanners because they are far more ubiquitous than computer-generated images and provide a friendlier environment for steganography. As with any categorization, the boundary between the two image types (real versus computer-generated) is blurry. For example, it is not immediately clear how one should classify a digital-camera image processed in Photoshop to make it look like Claude Monet's style of painting or a collage of computer-generated and real images.

In the previous chapter, we saw a few examples of simple steganographic schemes and successful attacks on them. We learned that the steganographic scheme called LSB embedding leaves a characteristic imprint on the image histogram that does not occur in natural images. This observation lead to an algorithm (a detector) that could decide whether or not an image contains a secret message. The existence of such a detector means that LSB embedding is not secure. We expect that for a truly secure steganography it should be impossible to construct a detector that could distinguish between cover and stego images. Even though this statement appears reasonable at first sight, it is vague and allows subjective interpretations. For example, it is not clear what is meant by “could distinguish between cover and stego images.” We cannot construct a detector that will always be 100% correct because it is hardly possible to detect the effects of flipping one LSB, at least not reliably in every cover. Just how reliable must a detector be to pronounce a steganographic method insecure?

Even though there are no simple practical solutions to the questions raised in the previous paragraph, they can in principle be studied within the framework of information theory. Imagine that Alice and Bob are engaging in a legitimate communication and do not use steganography. Let us suppose that they exchange grayscale 512 × 512 images in raster format that were never compressed.

The main goal of steganography is to communicate secret messages without making it apparent that a secret is being communicated. This can be achieved by hiding messages in ordinary-looking objects, which are then sent in an overt manner through some communication channel. In this chapter, we look at the individual elements that define steganographic communication.

Before Alice and Bob can start communicating secretly, they must agree on some basic communication protocol they will follow in the future. In particular, they need to select the type of cover objects they will use for sending secrets. Second, they need to design the message-hiding and message-extraction algorithms. For increased security, the prisoners should make both algorithms dependent on a secret key so that no one else besides them will be able to read their messages. Besides the type of covers and the inner workings of the steganographic algorithm, Eve's ability to detect that the prisoners are communicating secretly will also depend on the size of the messages that Alice and Bob will communicate. Finally, the prisoners will send their messages through a channel that is under the control of the warden, who may or may not interfere with the communication.

We recognize the following five basic elements of every steganographic channel (see Figure 4.1):

1. • Source of covers,

2. • Data-embedding and -extraction algorithms,

3. • Source of stego keys driving the embedding/extraction algorithms,

4. • Source of messages,

5. • Channel used to exchange data between Alice and Bob.

Digital images are commonly represented in four basic formats – raster, palette, transform, and vector. Each representation has its advantages and is suitable for certain types of visual information. Likewise, when Alice and Bob design their steganographic method, they need to consider the unique properties of each individual format. This chapter explains how visual data is represented and stored in several common image formats, including raster and palette formats, and the most popular format in use today, the JPEG. The material included in this chapter was chosen for its relevance to applications in steganography and is thus necessarily somewhat limited. The topics covered here form the minimal knowledge base the reader needs to become familiar with. Those with sufficient background may skip this chapter entirely and return to it later on an as-needed basis. An excellent and detailed exposition of the theory of color models and their properties can be found in [74]. A comprehensive description of image formats appears in [32].

In Section 2.1, the reader is first introduced to the basic concept of color as perceived by humans and then learns how to represent color quantitatively using several different color models. Section 2.2 provides details of the processing needed to represent a natural image in the raster (BMP, TIFF) and palette formats (GIF, PNG). Section 2.3 is devoted to the popular transform-domain format JPEG, which is the most common representation of natural images today. For all three formats, the reader is instructed how to work with such images in Matlab.