Steganography Detection Tools

didosld

forensic3e_ppt_ch05.pptx

Home >Information Systems homework help >Steganography Detection Tools

System Forensics, Investigation, and Response

Lesson 5

Understanding Techniques for Hiding and Scrambling Information

www.jblearning.com

Page ‹#›

System Forensics, Investigation, and Response

www.jblearning.com

Learning Objective

Explain techniques for hiding and scrambling information as well as how data is recovered.

Page ‹#›

System Forensics, Investigation, and Response

www.jblearning.com

Key Concepts

Steganography

Encryption

Page ‹#›

System Forensics, Investigation, and Response

www.jblearning.com

Steganography

The art and science of writing hidden messages

Goal is to hide information so that even if it is intercepted, it is not clear that information is hidden there

Most common method today is to hide messages in pictures using the least significant bit (LSB) method

Page ‹#›

System Forensics, Investigation, and Response

www.jblearning.com

7/2/2017

LSB Method

Consider 11111111

Change last digit to 0

11111110 = 254 in decimal

The last bit or least significant bit is used to store data

Colored pixels in a computer stored in bits

Page ‹#›

System Forensics, Investigation, and Response

www.jblearning.com

The LSB method depends on the fact that computers store things in bits and bytes.

Consider an 8-bit byte.

For example, consider 11111111. If you convert this to decimal numbers, it equals 255.

If you change the first 1 to a zero, you get 01111111. This equals 127 in decimal numbers, which is a pretty major change.

If you change the last zero instead, you get 11111110. This equals 254 in decimal numbers. This is a trivial change. That is why this last bit is called the least significant bit. Changing the least significant bit from a 0 to a 1 or from a 1 to a 0 makes the smallest change in the original information.

7/2/2017

LSB Method

Used with permission from Microsoft

Page ‹#›

System Forensics, Investigation, and Response

www.jblearning.com

Windows color palette in the Edit Colors dialog box

Colored pixels in a computer are stored in bits. In Windows, for example, 24 bit is the normal color resolution. If you examine the Windows color palette, you’ll find that you define a color by selecting three values between 0 and 255 in the Red, Green, and Blue text boxes.

7/2/2017

LSB Method

Used with permission from Microsoft

Page ‹#›

System Forensics, Investigation, and Response

www.jblearning.com

Windows color changed by one bit.

If you change the least significant bit in a pixel, the image still looks the same. But a picture is made up of thousands—sometimes millions—of pixels. So by changing the least significant bit of many pixels, you can store data that is hidden in an image. This is the basis for modern image steganography.

7/2/2017

Basic Steganography Terms

Page ‹#›

System Forensics, Investigation, and Response

www.jblearning.com

Payload

The information to be covertly communicated; the message the user wants to hide

Carrier

The signal, stream, or file in which the payload is hidden

Channel

The type of medium used. It can be a passive channel such as photos, video, or sound files. It can also be an active channel such as a streaming video connection.

7/2/2017

Payload

Carrier

Channel

Historical Steganography

Ancient Chinese wrapped notes in wax and swallowed them for transport

In ancient Greece, message written on slave's shaved head, then hair allowed to grow back

During World War II, French Resistance sent messages written on the backs of couriers using invisible ink

Page ‹#›

System Forensics, Investigation, and Response

www.jblearning.com

7/2/2017

Other Forms of Steganography

Page ‹#›

System Forensics, Investigation, and Response

www.jblearning.com

Using digital images to hide messages is just one form of steganography. Steganography can also take these forms:

Steganophony—Hiding messages in sound files.

Video steganography—Hiding information in video files.

Advanced—With BPCS, carrier is often an image that stores colors in 24 bits, and this fact can be used to increase storage area for payload. The complex

areas on the bit planes are replaced with the payload.

7/2/2017

Steganophony

Hiding messages in sound files

Video steganography

Hiding information in video files

Advanced steganography

Bit-plane complexity segmentation steganography (BPCS)

Steganalysis

The process of analyzing a file or files for hidden content

Can show a likelihood that a given file has additional information hidden in it

Common method for detecting LSB steganography is to examine close-color pairs

Page ‹#›

System Forensics, Investigation, and Response

www.jblearning.com

Steganalysis is the process of analyzing a file or files for hidden content.

At one time, digital steganography was only used by computer professionals because it required writing specific computer program code to manipulate the bits in an image. That is not the case today. There are a number of tools readily available on the Internet that will enable a user to hide information in an image or detect steganography. Examples of steganalysis tools:

• StegSecret

• StegSpy

• Invisible Secrets

• MP3Stego

7/2/2017

Invisible Secrets

Courtesy of NeoByte Solutions

Page ‹#›

System Forensics, Investigation, and Response

www.jblearning.com

Choose whether you want to hide a file or extract a hidden file. For this example, suppose you want to hide a file. You select your chosen option in the Invisible Secrets Select Action dialog box.

7/2/2017

Invisible Secrets

Courtesy of NeoByte Solutions

Page ‹#›

System Forensics, Investigation, and Response

www.jblearning.com

Select an image you want to use as the carrier file.

7/2/2017

Invisible Secrets

Courtesy of NeoByte Solutions

Page ‹#›

System Forensics, Investigation, and Response

www.jblearning.com

Select the file you want to hide. It can be a text file or another image file. You can also choose to encrypt as well as hide.

7/2/2017

Invisible Secrets

Courtesy of NeoByte Solutions

Page ‹#›

System Forensics, Investigation, and Response

www.jblearning.com

Select a password for your hidden file.

7/2/2017

Invisible Secrets

Courtesy of NeoByte Solutions

Page ‹#›

System Forensics, Investigation, and Response

www.jblearning.com

Pick a name for the resulting file that contains your hidden file.

That’s it!

7/2/2017

Encryption

Encryption obfuscates message so it cannot be read

Cryptography is the study of writing secret messages

The word cryptography derived from word kryptós, which means hidden, and the verb gráfo, which means write

Page ‹#›

System Forensics, Investigation, and Response

www.jblearning.com

Encryption (or cryptography) has to do with obfuscating the message so that it cannot be read.

The concept of cryptography is simple: Messages must be changed in such a way that they cannot be read easily if intercepted but can be decoded easily by the intended recipient.

7/2/2017

Encryption vs. Steganography

Page ‹#›

System Forensics, Investigation, and Response

www.jblearning.com

With steganography, an examiner may not even be aware that a message is present. With cryptography, it is obvious that a message is present, but the message is not easily deciphered.

7/2/2017

Steganography

Message hidden

Encryption/Cryptography

Message present but obfuscated

The Caesar Cipher

Referred to as the substitution cipher

A simple method of encryption and very easy to crack

Choose some number by which to shift each letter of a text

Substitute the new alphabetic letter for the letter being encrypted

Page ‹#›

System Forensics, Investigation, and Response

www.jblearning.com

The Caesar cipher was used by the ancient Romans. It is also referred to as the substitution cipher because you choose some number by which to shift each letter of a text and substitute the new alphabetic letter for the letter being encrypted. It is a very simple method of encryption and very easy to crack.

7/2/2017

Caesar Cipher Example

Text is:

A CAT

You choose to shift by two letters, then A replaces C, E replaces C, C replaces A, and V replaces T; encrypted message is:

C ECV

If shift by three letters, message is:

D FDW

Page ‹#›

System Forensics, Investigation, and Response

www.jblearning.com

7/2/2017

The Caesar Cipher

Introduced two key terms:

Text you want to encrypt is referred to as plaintext

After it has been subjected to the algorithm and key, resultant text is called ciphertext

Page ‹#›

System Forensics, Investigation, and Response

www.jblearning.com

7/2/2017

The Atbash Cipher

Reverses the alphabet—substituting the first letter of the alphabet for the last letter, the second letter for the second-to-last letter, and so on

Is primitive and easy to break

Page ‹#›

System Forensics, Investigation, and Response

www.jblearning.com

This cipher was used by Hebrew scholars copying the book of Jeremiah. This cipher simply reverses the alphabet—substituting the first letter of the alphabet for the last letter, the second letter for the second-to-last letter, and so on. It is primitive and easy to break.

7/2/2017

The ROT13 Cipher

A permutation of the Caesar cipher

All characters are rotated 13 characters through the alphabet

A CAT becomes N PNG

Page ‹#›

System Forensics, Investigation, and Response

www.jblearning.com

7/2/2017

The Scytale Cipher

Encrypts messages by wrapping a leather strip around a cylinder or baton, and writing across the leather

Turning cylinder produced different ciphertexts

Message decrypted by reading the message once placed over the same leather “key” wrapped around the same size cylinder

Page ‹#›

System Forensics, Investigation, and Response

www.jblearning.com

The scytale is a physical cylinder or baton. It was used to encrypt messages by wrapping a leather strip around the cylinder and writing across the leather. Turning the cylinder produced different ciphertexts. The message was decrypted by reading the message once placed over the same leather “key” wrapped around the same size cylinder.

7/2/2017

Playfair

Works by encrypting pairs of letters, also called digraphs, at a time

Uses a 5 × 5 table that contains a keyword or key phrase

To use the Playfair cipher, one need only memorize that keyword and four rules

Example: “Attack at dawn” becomes "At ta ck at da wn"

Page ‹#›

System Forensics, Investigation, and Response

www.jblearning.com

To use the Playfair cipher, one need only memorize that keyword and four rules.

To use the cipher, first break the plaintext message into digraphs; so, for example, "Attack at dawn" becomes "At ta ck at da wn." If the final digraph is just a single letter, you can pad it with a letter z.

7/2/2017

Playfair (Cont.)

Page ‹#›

System Forensics, Investigation, and Response

www.jblearning.com

7/2/2017

Playfair (Cont.)

Page ‹#›

System Forensics, Investigation, and Response

www.jblearning.com

7/2/2017

Playfair (Cont.)

Page ‹#›

System Forensics, Investigation, and Response

www.jblearning.com

7/2/2017

Multialphabet Substitution

Uses multiple numbers by which letters in plaintext are shifted

Multiple substitution alphabets are created

Represents a slight improvement on the Caesar cipher but is still easily cracked

Page ‹#›

System Forensics, Investigation, and Response

www.jblearning.com

This cipher uses multiple numbers by which letters in plaintext are shifted. Multiple substitution alphabets are created. This cipher represented a slight improvement on the Caesar cipher but is still easily cracked.

7/2/2017

Multialphabet Substitution Example

If you select three substitution alphabets (+2, -2, +3)

A CAT becomes C ADV

Page ‹#›

System Forensics, Investigation, and Response

www.jblearning.com

Notice that the fourth letter starts over with another +2.

The first A was transformed to C and the second A was transformed to D.

7/2/2017

The Vigenère Cipher

Page ‹#›

System Forensics, Investigation, and Response

www.jblearning.com

This method uses a table and a selected keyword to encrypt a message.

Match the letter of your keyword on the top with the letter of your plaintext on the left to find the ciphertext.

This type of multialphabet cipher is more secure than a single-alphabet substitution cipher but is still easily cracked by computers.

Example: if you are encrypting the word cat and your keyword is horse, then the ciphertext is jok.

7/2/2017

The Enigma Machine

World War II, electromechanical rotor-based cipher system

Is a multialphabet substitution cipher using machinery to accomplish the encryption

When operator pressed a key, encrypted ciphertext for plaintext was altered each time

Page ‹#›

System Forensics, Investigation, and Response

www.jblearning.com

In World War II, the Germans used an electromechanical rotor-based cipher system known as the Enigma machine. It is a multialphabet substitution cipher using machinery to accomplish the encryption. The machine was designed so that when the operator pressed a key, the encrypted ciphertext for that plaintext was altered each time. The Enigma machine and its many variations were essentially mechanical implementations of multialphabet substitution.

7/2/2017

Modern Cryptography

Two main types: Symmetric and asymmetric

Symmetric cryptography uses the same key to encrypt and decrypt plaintext

Asymmetric cryptography uses different keys to encrypt and decrypt plaintext

Page ‹#›

System Forensics, Investigation, and Response

www.jblearning.com

7/2/2017

Modern Cryptography (Cont.)

Used every day by millions of consumers on the World Wide Web to buy products and services securely

“https” at beginning of Web address or a padlock symbol indicates a secure protocol such as Transport Layer Security (TLS) is at work

Page ‹#›

System Forensics, Investigation, and Response

www.jblearning.com

7/2/2017

Modern Cryptography (Cont.)

Cryptography also used in:

Antivirus software

Wireless security (WPA and WPA2 encryption)

Hard disk encryption using Microsoft Encrypting File System (EFS) is a form of cryptography

Did you know your mobile phone transmissions are encrypted, as are your ATM and credit cards?

Page ‹#›

System Forensics, Investigation, and Response

www.jblearning.com

7/2/2017

Symmetric Cryptography

Uses the same key to encrypt and decrypt plaintext

Can use two different encryption keys, one from sender to receiver and one from receiver to sender

Same key is still used for encryption and decryption

Having different keys in both directions provides additional security if keys are learned or disclosed

Page ‹#›

System Forensics, Investigation, and Response

www.jblearning.com

7/2/2017

Substitution and Transposition

Swapping of blocks of ciphertext

All modern block-cipher algorithms use substitution and transposition

Combination of substitution and transposition increases security of resultant ciphertext by making cryptanalysis more complex

Page ‹#›

System Forensics, Investigation, and Response

www.jblearning.com

All of the historical examples examined in this lesson have been simple substitution ciphers because each single character of plaintext is converted into a single character of ciphertext.

However, all modern block-cipher algorithms use both substitution and transposition, which is the swapping of blocks of ciphertext. This combination of substitution and transposition increases the security of the resultant ciphertext by making cryptanalysis more complex.

7/2/2017

Block Ciphers and Stream Ciphers

Page ‹#›

System Forensics, Investigation, and Response

www.jblearning.com

There are two types of symmetric approaches: block ciphers and stream ciphers. A block cipher literally encrypts the data in groups of bits, also known as blocks. Stream ciphers encrypt the data as a stream, one bit at a time.

There are a few basic facts that are generally applicable to all block ciphers. Assuming the actual algorithm is mathematically sound, then the following is true:

Larger block sizes increase security.

Larger key sizes increase security against brute-force attack methods.

If the round function is secure, then more rounds increase security to a point.

7/2/2017

Block cipher

Encrypts data in groups of bits, also known as blocks

Stream cipher

Encrypt data as a stream, one bit at a time

The Feistel Function

Page ‹#›

System Forensics, Investigation, and Response

www.jblearning.com

7/2/2017

Data Encryption Standard (DES)

Data is divided into 64-bit blocks.

Data is manipulated by 16 separate steps of encryption involving substitutions, bit-shifting, and logical operations using a 56-bit key.

Data is then further scrambled using a swapping algorithm.

Data is transposed one last time.

Page ‹#›

System Forensics, Investigation, and Response

www.jblearning.com

One of the oldest of the modern symmetric ciphers is the Data Encryption Standard (DES). It was developed by IBM in the early 1970s and is a block cipher. The basic concept of DES is:

1. Data is divided into 64-bit blocks.

2. That data is then manipulated by 16 separate steps of encryption involving substitutions, bit-shifting, and logical operations using a 56-bit key.

3. Data is then further scrambled using a swapping algorithm.

4. Data is finally transposed one last time.

These steps provide a simplified view of DES. As you can see, it works on splitting the block into two sections, as with all Feistel ciphers. The idea is to continually scramble the underlying message to make it appear as random as possible.

7/2/2017

What Happened to 2DES?

2DES basically does DES two times

Was not much more secure than DES

Took more time and computer resources to implement

Not widely used

Page ‹#›

System Forensics, Investigation, and Response

www.jblearning.com

7/2/2017

Triple DES (3DES)

Was created as an interim solution to DES

Does DES three times, with three different keys

Page ‹#›

System Forensics, Investigation, and Response

www.jblearning.com

Eventually, it became obvious that DES would no longer be secure. The U.S. federal government began a contest seeking a replacement cryptography algorithm. In the meantime, Triple Des (3DES) was created as an interim solution. Essentially, it does DES three times, with three different keys.

7/2/2017

Why 4DES Was Never Implemented

Early simulations indicated it was too scrambled

Blocks of original plaintext appeared in the final ciphertext

One of the driving factors behind searching for a new algorithm not in the DES line

Page ‹#›

System Forensics, Investigation, and Response

www.jblearning.com

4DES was never implemented because early simulations indicated that 4DES was too scrambled—so scrambled, in fact, that blocks of the original plaintext appeared in the final ciphertext. This was one of the driving factors behind searching for a new algorithm not in the DES line.

7/2/2017

Advanced Encryption Standard (AES)

Also known as the Rijndael block cipher

Can have three different key sizes:

128, 192, or 256 bits

Referred to as AES 128, AES 192, and AES 256

Page ‹#›

System Forensics, Investigation, and Response

www.jblearning.com

The Advanced Encryption Standard (AES) is also known as the Rijndael block cipher. It was officially designated as a replacement for DES in 2001. AES can have three different key sizes: 128, 192, or 256 bits. The three different implementations of AES are referred to as AES 128, AES 192, and AES 256. All three operate on a block size of 128 bits.

Unlike both DES and 3DES, AES is not based on a Feistel network. AES uses a substitution-permutation matrix rather than a Feistel network. AES operates on a 4×4 column matrix of bytes, termed the state (versions of AES with a larger block size have additional columns in the state).

7/2/2017

AES Steps

Page ‹#›

System Forensics, Investigation, and Response

www.jblearning.com

7/2/2017

Key expansion

Initial round

AddRoundKey

Rounds

SubBytes

Final round

SubBytes

ShiftRows

MixColumns

AddRoundKey

ShiftRows

AddRoundKey

Cryptographic Hashes

Hashing is a type of cryptographic algorithm with some specific characteristics

It is one-way, not reversible

It is a fixed-length output no matter what input is given

The algorithm must be collision resistant

Page ‹#›

System Forensics, Investigation, and Response

www.jblearning.com

A collision occurs when two different inputs to the same hashing algorithm produce the same output (called a hash or digest).

Ideally we would like to have no collisions. But the reality is that with a fixed-length output, a collision is possible.

The goal is to make it so unlikely as to be something we need not think about.

7/2/2017

Asymmetric Cryptography

Cryptography wherein two keys are used:

One to encrypt the message

Another to decrypt it

Page ‹#›

System Forensics, Investigation, and Response

www.jblearning.com

7/2/2017

RSA

Described in 1977 by Ron Rivest, Adi Shamir, and Leonard Adleman at MIT

Perhaps the most widely used public key cryptography algorithm today

Is based on relationships of prime numbers

Security of RSA derives from fact that it is difficult to factor a large integer composed of two or more large prime factors

Page ‹#›

System Forensics, Investigation, and Response

www.jblearning.com

RSA is perhaps the most widely used public key cryptography algorithm in existence today. It is based on some interesting relationships of prime numbers. The security of RSA derives from the fact that it is difficult to factor a large integer composed of two or more large prime factors.

7/2/2017

Diffie-Hellmen

A cryptographic protocol that allows two parties to establish a shared key over an insecure channel

Often used to allow parties to exchange a symmetric key through some insecure medium, such as the Internet

Enabled all secure communications between parties that did not have a pre-established relationship, such as e-commerce

Page ‹#›

System Forensics, Investigation, and Response

www.jblearning.com

The Diffie-Hellman algorithm is a cryptographic protocol that allows two parties to establish a shared key over an insecure channel. In other words, Diffie-Hellman is often used to allow parties to exchange a symmetric key through some insecure medium, such as the Internet. Diffie-Hellman enabled all secure communications between parties that did not have a pre-established relationship, such as e-commerce, and facilitated communications between parties with a pre-established relationship, such as e-banking.

7/2/2017

Diffie-Hellmen (Cont.)

Groundbreaking research provided the foundation for secure transactions across the Internet

E-commerce sites like Amazon.com and Staples.com can provide secure electronic communications, thanks in great part to Diffie and Hellman

Page ‹#›

System Forensics, Investigation, and Response

www.jblearning.com

7/2/2017

Breaking Encryption

Cryptanalysis is using techniques other than brute force to attempt to uncover a key

Also referred to as academic or knowledge-based code breaking

Cryptographic techniques may be used to test the efficacy of a cryptographic algorithm

Such as to test hash algorithms for collisions

Page ‹#›

System Forensics, Investigation, and Response

www.jblearning.com

7/2/2017

Frequency Analysis

In natural languages, certain letters of alphabet appear more frequently than others

By examining frequencies, can derive some information about the key used

Method effective against classic ciphers, but not modern methods of cryptography

Page ‹#›

System Forensics, Investigation, and Response

www.jblearning.com

This is the basic tool for breaking most classical ciphers such as the Caesar cipher, the Vigenère cipher, etc. In natural languages, certain letters of the alphabet appear more frequently than others. By examining those frequencies, you can derive some information about the key that was used. While this method is effective against classic ciphers, it is not effective against modern methods of cryptography.

7/2/2017

Kasiski

A method of attacking polyalphabetic substitution ciphers, such as Vigenère

Can be used to deduce the length of the keyword used in a polyalphabetic substitution cipher

Page ‹#›

System Forensics, Investigation, and Response

www.jblearning.com

Kasiski examination is a method of attacking polyalphabetic substitution ciphers, such as the Vigenère cipher. This method can be used to deduce the length of the keyword used in a polyalphabetic substitution cipher.

7/2/2017

Kasiski (Cont.)

When length of keyword is discovered, ciphertext is lined up in n columns, where n is keyword length

Each column

Treated as a monoalphabetic substitution cipher

Can be cracked with frequency analysis

Involves looking for repeated strings in the ciphertext

Page ‹#›

System Forensics, Investigation, and Response

www.jblearning.com

Once the length of the keyword is discovered, the ciphertext is lined up in n columns, where n is the length of the keyword.

Then, each column can be treated as a monoalphabetic substitution cipher and each column can be cracked with simple frequency analysis.

The method simply involves looking for repeated strings in the ciphertext. The longer the ciphertext, the more effective this method will be.

7/2/2017

Modern Methods

Page ‹#›

System Forensics, Investigation, and Response

www.jblearning.com

The outcome of attempting to crack modern cryptographic methods will most likely be failure. However, with enough time and resources it is possible. Some techniques that can be employed in this process include:

Known plaintext attack—This method is based on having a sample of known plaintexts and their resulting ciphertexts, and then using this information to try and ascertain something about the key used.

Chosen plaintext attack—The attacker obtains the ciphertexts corresponding to a set of plaintexts of his own choosing. This can allow the attacker to attempt to

derive the key used and thus decrypt other messages encrypted with that key.

Ciphertext-only—The attacker only has access to a collection of ciphertexts. This is much more likely than known plaintext, but also the most difficult. The attack is successful if the corresponding plaintexts or, even better, the key can be deduced. However, obtaining any information at all about the underlying plaintext in this situation is considered a success.

Related-key attack—This attack is similar to a chosen plaintext attack, except the attacker can obtain ciphertexts encrypted under two different keys. This is actually a very useful attack if you can obtain the plaintext and matching ciphertext.

7/2/2017

Known plaintext attack

Chosen plaintext attack

Ciphertext-only

Related-key attack

Rainbow Tables/Ophcrack

Page ‹#›

System Forensics, Investigation, and Response

www.jblearning.com

The time of cryptanalysis can be reduced by using precalculated data stored in memory. Essentially, these types of password crackers work with precalculated hashes of all passwords available within a certain character space. These files are called rainbow tables because they contain every letter combination “under the rainbow.” They are particularly useful when trying to crack hashes. Popular hacking tools like Ophcrack depend on rainbow tables. Ophcrack is usually very successful at cracking Windows local machine passwords.

7/2/2017

John the Ripper

A password cracker popular with network administrators and hackers

Enables user to select text files of word lists to attempt cracking a password

Command-line based, no Windows interface

Page ‹#›

System Forensics, Investigation, and Response

www.jblearning.com

Although John the Ripper is less convenient to use because it is command-line based and has no Windows interface, it has been around for a long time and is well regarded by both the security and hacking communities.

7/2/2017

Summary

Steganography

Encryption

Page ‹#›

System Forensics, Investigation, and Response