Announcing Stego 1.0a2 - Steganography for the Mac

[Romana Machado <romana@apple.com>]

Announcing Stego 1.0a2
The First Steganography Tool For The Macintosh
by Romana Machado of Paradigm Shift Research
11/21/93

What is steganography?

Steganography is a method by which a message can be 
disguised by making it appear to be something else. It derives 
from two Greek roots. "Steg-" means "roof", the same root used 
in "stegosaur", called a "roof lizard" because of the large bony 
plates that decorate its back, and "-graphy" means writing. 
"Steganography" means "roofed", or covert writing.

What is Stego?

Stego is a tool that enables you to embed data in, and retrieve 
data from, Macintosh PICT format files, without changing the 
appearance of the PICT file.  Though its effect is visually 
undetectable, do not expect cryptographic security from Stego.  
Be aware that anyone with a copy of Stego can retrieve your 
data from your PICT file.  Stego  can  be used as an "envelope" 
to hide a _previously encrypted_ data file in a PICT file, 
making it much less likely to be detected.

How does Stego work?

Stego works by slightly altering pixel values.  Every computer 
graphics image is made up of an array of tiny dots of color, 
called pixels.  The color of each pixel is determined by its pixel 
value.  The pixel value is a number.  In a computer, all 
numbers, and all data are expressed by sequences of bits, or 
ones and zeroes.  For example, in an 8 bit computer graphics 
image, each pixel's color is determined by a sequence of 8 bits.  
The first bit in the sequence is called the "most significant bit", 
because it affects the pixel value the most, and the last bit in the 
sequence is called the "least significant bit", because it affects 
the pixel value the least.  Stego hides data by reading your data 
file one bit at a time, and copying each bit to the least 
significant bit of each pixel value as it scans across the image. 

Stego Tips

Stego can hide data in 8, 16, and 32 bit Macintosh PICT files.  
Stego can hide data from the data fork of Macintosh files only.  
If you need to steg something that has resources, use a utility 
like BinHex, or an encryption  or compression utility, to 
convert it to a binary data file first.

Stego Commands

Open... will only display PICT files.  When you select a file, 
Stego displays it with an info window across the top that tells 
you how much data can be stegged into the file.

Steg... becomes enabled when a PICT file is open.  It allows you 
to choose any type of file to steg, and informs you if the file has 
resources, or if it will not fit in the PICT file.

Unsteg...  also becomes enabled when a PICT file is open.  It 
asks you to specify an output file, and unstegs the data in the 
least significant bits of the PICT file.  It will produce an output 
file even if nothing's been previously stegged into the file.

Change File Info...  This function allows you to change the file 
type and creator of any file, and is enabled when no PICT file is 
currently open.  You may need to change the file type and 
creator of your data file back to what they were before your file 
was stegged, because Stego does not save file type and creator.  
The default output file of Stego is a TeachText file, with a file 
type of 'TEXT' and a file creator of 'ttxt', so that if you double-
click on a Stego output file, TeachText will launch and display 
it.  If you're in doubt whether you need this function, you can 
experiment by using the Change File Info... command to look 
at the file type and creator of your data file before you steg 
your data file, then unstegging to an output file,  closing the 
PICT file, and using the Change File Info... command to set the 
file type and creator back to what they were originally.

Good News

I plan to release the code for Stego, but it's not fully groomed 
yet.  In the mean time,it is available on request.  Stego may be 
expanded to handle other image formats, and other digital 
media: audio, video, etc. 

Output file type and creator defaults will be configurable in the 
next release. The next release will be able to steg and unsteg 
PICT resources in Macintosh files. I'd like to hear your 
suggestions for further development of Stego.

I have heard that new versions of PGP are being developed 
that can produce cyphertext that does not have the telltale 
headers and footers attached to the cyphertext, which would 
make cyphertext less detectable when  stegged into a carrier.  
Meanwhile, other encryption methods exist that can produce 
cyphertext that appears to be nothing more than a collection of 
random numbers. This kind of  file is ideal for stegging.

Technical Notes

Stego rasterizes the image, then stegs data into the least 
significant bit (or LSB) of each of the RGB color values. (In the 
case of indexed color, Stego stegs data into the LSB of the index 
values.) The file length of the data file to be stegged is hidden 
in the LSB's of the first 32 steggable bytes. To disguise this 
value somewhat, I take the second to least significant bits of the 
second 32 steggable bytes and XOR these with the 32 bit file 
length, and then steg the XOR'd file length into the LSB's of the 
first 32 steggable bytes.  

Where Can I Get Stego?
Stego is available via anonymous ftp from sumex-
aim.stanford.edu. A text file containing abstracts of all 
available files is available in the info-mac/help/ directory. 
Stego is also available via anonymous ftp from 
soda.berkeley.edu.

Don't Forget!

Stego is shareware. You can help to support further 
development by sending $15.00 or any stegosaur to:

Romana Machado
21090 Grenola Drive
Cupertino, CA 95014


Bugs? Questions?
EMail: romana@apple.com