Smiling At U

Steganography involves hiding data in an overt message and doing it in such a way that it is difficult for an adversary to detect and difficult for an adversary to remove. Based on this goal, three core principles can be used to measure the effectiveness of a given steganography technique: amount of data, difficulty of detection, and difficulty of removal.

■■ Amount of data suggests that the more data you can hide, the better the
technique.
■■ Difficulty of detection relates to how easy it is for somebody to detect
that a message has been hidden. There is usually a direct relationship
between how much data can be hidden and how easy it is for someone
to detect it. As you increase the amount of information that is hidden in
a file, you increase the chance that someone will be able to detect that
there is information hidden in the file.
■■ Difficulty of removal involves the principle that someone intercepting
your file should not be able to remove the hidden data easily.

-E. Cole-

One of the concerns in the area of Information security is the concept of hidden exchange of information. Steganography is a sub-discipline of Information hiding that focuses on concealing the existence of messages. The term hiding refers to the process of making the information imperceptible or keeping the existence of the information secret.

Fabien A. P. Petitcolas(2000) menyatakan bahwa suara, video dan media lainnya dapat dijadikan sebagai bentuk digital, banyak dijumpai kemudahan dimana duplikat yang sempurna dapat dibuat, yang bisa menguasai duplikasi tidak sah dalam berskala besar merugikan industri musik, film, buku dan penerbitan perangkat lunak. Permasalahan yang melampaui perlindungan hak cipta ini telah memicu peneliti untuk menemukan cara untuk menyembunyikan pesan hak cipta dan nomor seri kedalam media digital. Ide terakhir yang dapat membantu untuk mengidentifikasi pelanggar hak cipta, dan pemilik dapat menuntut mereka.

We believe that the flexibility of audio steganography is what makes it so potentially powerful. The five methods discussed provide users with a large amount of choice and makes the technology more accessible to everyone. A party that wishes to communicate can rank the importance of factors such as data transmission rate, bandwidth, robustness, and noise audibility and then select the method that best fits their specifications. For example, two individuals who just want to send the occasional secret message back and forth might use the LSB coding method that is easily implemented. On the other hand, a large corporation wishing to protect its intellectual property from “digital pirates” may consider a more sophisticated method such as phase coding, SS, or echo hiding.

Another aspect of audio steganography that makes it so attractive is its ability to combine with existing cryptography technologies. Users no longer have to rely on one method alone. Not only can information be encrypted, it can be hidden altogether!

In conclusion, as more emphasis is placed on the areas of copyright protection, privacy protection, and surveillance, we believe that steganography will continue to grow in importance as a protection mechanism. Audio steganography in particular addresses key issues brought about by the MP3 format, P2P software, and the need for a secure broadcasting scheme that can maintain the secrecy of the transmitted information, even when passing through insecure channels. This final issue is addressed in the next section, where we introduce our design of a hybrid secure audio streaming solution that uses audio steganography and symmetric encryption.

Least significant bit (LSB) coding is the simplest way to embed information in a digital audio file. By substituting the least significant bit of each sampling point with a binary message, LSB coding allows for a large amount of data to be encoded. The following diagram illustrates how the message ‘HEY’ is encoded in a 16-bit CD quality sample using the LSB method:

In LSB coding, the ideal data transmission rate is 1 kbps per 1 kHZ. In some implementations of LSB coding, however, the two least significant bits of a sample are replaced with two message bits. This increases the amount of data that can be encoded but also increases the amount of resulting noise in the audio file as well. Thus, one should consider the signal content before deciding on the LSB operation to use. For example, a sound file that was recorded in a bustling subway station would mask low-bit encoding noise. On the other hand, the same noise would be audible in a sound file containing a piano solo.

To extract a secret message from an LSB encoded sound file, the receiver needs access to the sequence of sample indices used in the embedding process. Normally, the length of the secret message to be encoded is smaller than the total number of samples in a sound file. One must decide then on how to choose the subset of samples that will contain the secret message and communicate that decision to the receiver. One trivial technique is to start at the beginning of the sound file and perform LSB coding until the message has been completely embedded, leaving the remaining samples unchanged. This creates a security problem, however in that the first part of the sound file will have different statistical properties than the second part of the sound file that was not modified. One solution to this problem is to pad the secret message with random bits so that the length of the message is equal to the total number of samples. Yet now the embedding process ends up changing far more samples than the transmission of the secret required. This increases the probability that a would-be attacker will suspect secret communication.

A more sophisticated approach is to use a pseudorandom number generator to spread the message over the sound file in a random manner. One popular approach is to use the random interval method, in which a secret key possessed by the sender is used as a seed in a pseudorandom number generator to create a random sequence of sample indices. The receiver also has access to the secret key and knowledge of the pseudorandom number generator, allowing the random sequence of sample indices to be reconstructed. Checks must be put in place, however, to prevent the pseudorandom number generator from generating the same sample index twice. If this happened, a collision would occur where a sample already modified with part of the message is modified again. The problem of collisions can be overcome by keeping track of all the samples that have already been used. Another approach is to calculate the subset of samples via a pseudorandom permutation of the entire set through the use of a secure hash function. This technique insures that the same index is never generated more than once.