Application of Steganography for Anonymity Through the Internet Jacques Bahi, Jean-François Couchot, Nicolas Friot, Christophe Guyeux
Total Page:16
File Type:pdf, Size:1020Kb
Application of Steganography for Anonymity through the Internet Jacques Bahi, Jean-François Couchot, Nicolas Friot, Christophe Guyeux To cite this version: Jacques Bahi, Jean-François Couchot, Nicolas Friot, Christophe Guyeux. Application of Steganog- raphy for Anonymity through the Internet. IHTIAP’2012, 1-st Workshop on Information Hiding Techniques for Internet Anonymity and Privacy, Jan 2012, Italy. pp.96 - 101. hal-00940094 HAL Id: hal-00940094 https://hal.archives-ouvertes.fr/hal-00940094 Submitted on 31 Jan 2014 HAL is a multi-disciplinary open access L’archive ouverte pluridisciplinaire HAL, est archive for the deposit and dissemination of sci- destinée au dépôt et à la diffusion de documents entific research documents, whether they are pub- scientifiques de niveau recherche, publiés ou non, lished or not. The documents may come from émanant des établissements d’enseignement et de teaching and research institutions in France or recherche français ou étrangers, des laboratoires abroad, or from public or private research centers. publics ou privés. Application of Steganography for Anonymity through the Internet Jacques M. Bahi, Jean-François Couchot, Nicolas Friot, and Christophe Guyeux* FEMTO-ST Institute, UMR 6174 CNRS Computer Science Laboratory DISC University of Franche-Comté Besançon, France {jacques.bahi, jean-francois.couchot, nicolas.friot, christophe.guyeux}@femto-st.fr * Authors in alphabetic order Abstract—In this paper, a novel steganographic scheme Considering that the freedom of expression is a fundamen- based on chaotic iterations is proposed. This research work tal right that must be protected, that journalists must be able takes place into the information hiding security framework. to inform the community without risking their own lives, The applications for anonymity and privacy through the Internet are regarded too. To guarantee such an anonymity, it and that to be a defender of human rights can be dangerous, should be possible to set up a secret communication channel various software have emerged these last decades to preserve into a web page, being secure. To achieve this goal, we propose anonymity or privacy through the Internet. Excepting of the an information hiding scheme being stego-secure, which is Mix-Network principle [3], the most famous tool of this kind the highest level of security in a well defined and studied is probably Tor, the onion router. Tor client software routes category of attacks called “watermark-only attack”. This category of attacks is the best context to study steganography- Internet traffic through a worldwide volunteer network of based anonymity through the Internet. The steganalysis of our servers, in order to conceal a user’s location or usage from steganographic process is also studied in order to show its anyone conducting network surveillance or traffic analysis. security in a real test framework. Another example of this kind is given by Perseus [4], a Keywords-Privacy; Internet; Steganography; Security; firefox plugin that protect personal data, without infringing Chaotic iterations. any national crypto regulations, and that preserve the true needs of national security. Perseus replaces cryptography by coding theory techniques, such that only agencies with I. INTRODUCTION a strong enough computer power can eavesdrop traffic in In common opinion or for non specialists, anonymity an acceptable amount of time. Finally, anonymous proxy through the Internet is only desirable for malicious use. servers around the world can help to keep machines behind A frequent thought is that individuals who search or use them anonymous: the destination server (the server that anonymity tools have something wrong or shameful to hide. ultimately satisfies the web request) receives requests from Thus, as privacy and anonymity software as proxy or Tor [1] the anonymizing proxy server, and thus does not receive are only used by terrorists, pedophiles, weapon merchants, information about the end user’s address. and so on, such tools should be forbidden. However, ter- These three solutions are not without flaws. For in- rorism or pedophilia existed in the absence of the Internet. stance, when considering anonymizers, the requests are not Furthermore, recent actualities recall to us that, in numerous anonymous to the anonymizing proxy server, which simply places around the world, to have an opinion that diverges moves the problem on: are these proxy servers worthy of from the one imposed by political or religious leaders is trust? Perseus can be broken with enough computer power. something considered as negative, suspicious, or illegal. And due to its central position and particular conception, For instance, Saudi blogger Hamza Kashgari jailed, may Tor is targeted by numerous attacks and presents various face execution after tweets about Muhammad. Generally weaknesses (bad apple attack, or the fact that Tor cannot speaking, the so-called Arab Spring, and current fighting and protect against monitoring of traffic at the boundaries of the uncertainty in Syria, have taught to us the following facts. Tor network). First, the Internet is a media of major importance, which is Considering these flaws, and because having a variety of difficult to arrest or to silence, bearing witness to the need for solutions to provide anonymity is a good rule of thumb, a democracy, transparency, and efforts to combat corruption. steganographic approach is often regarded in that context [5]. Second, claiming his/her opinions, making journalism or Steganography can be applied in several ways to preserve politics, is dangerous in various states, and can lead to the anonymity through the Internet, encompassing the creation death penalty (as for numerous Iranian bloggers: Hossein of secret channels through background images of websites, Derakhshan [2], Vahid Asghari, etc.). into Facebook photo galleries, on audio or video streams, or in non-interpreted characters in HTML source codes. The Example 1: Let us consider a set of grayscale images authors’ intention is not to describe precisely these well- stored into portable graymap format (P3-PGM): each pixel known techniques, but to explain how to evaluate their se- ranges between 256 gray levels, i.e., is memorized with eight curity. They applied it on a new algorithm of steganography bits. In that context, we consider uk = 8−(k mod 8) to be based on chaotic iterations and data embedding in least the k-th term of a signification function (uk)k2N. Intuitively, significant coefficients. This state-of-the-art in information in each group of eight bits (i.e., for each pixel) the first bit hiding security is organized as follows. has an importance equal to 8, whereas the last bit has an In Section II, some basic reminders concerning both importance equal to 1. This is compliant with the idea that mathematical notions and notations, and the Most and Least changing the first bit affects more the image than changing Significant Coefficients are given. Our new steganographic the last one. process called DI which is suitable to guarantee anonymity 3 Let (uk)k2N be a signification function, m of data for privacy on the Internet is presented in Section III. Definition 5: and M be two reals s.t. m < M. In Section IV, a reminder about information hiding security is realized. The attacks classification in a steganographic • The most significant coefficients (MSCs) of x is the framework are given, and the level of security of DI3 is finite vector studied. In the next section the security of our new scheme N k is evaluated. Then, in Section- VI the steganalysis of the uM = k k 2 and u > M and k ≤| x j ; proposed process is realized, and it is compared with other steganographic schemes in the literature. This research work • The least significant coefficients (LSCs) of x is the finite ends by a conclusion section, where our contribution is vector summarized and intended future researches are presented. k um = k k 2 N and u ≤ m and k ≤| x j ; II. BASIC REMINDERS A. Mathematical definitions and notations • The passive coefficients of x is the finite vector Let Sn denotes the nth term of a sequence S, and V i N k the ith component of a vector V . For a; b 2 N, we use the up = k k 2 and u 2]m; M[ and k ≤| x j : following notation: a; b = fa; a + 1; a + 2; : : : ; bg. J K For a given host content x, MSCs are then ranks of x ∗ Definition 1: Let k 2 N . The set of all sequences which that describe the relevant part of the image, whereas LSCs elements belong into 1; k , called strategy adapters on translate its less significant parts. S J K 1; k , is denoted by k. J K Example 2: These two definitions are illustrated on Fig- Definition 2: The support of a finite sequence S of n terms ure 1, where the significance function (uk) is defined as in k is the finite set S (S) = S ; k < n containing all the Example 1, m = 5, and M = 6. distinct values of S. Its cardinality is s.t. #S (S) 6 n. Definition 3: A finite sequence S 2 SN of n terms is injective if n = #S (S). It is onto if N = #S (S). Finally, it is bijective if and only if it is both injective and onto, so n = N = #S (S). Remark 1: On the one hand, “S is injective” reflects the fact that all the n terms of the sequence S are distinct. On the other hand, “S is onto” means that all the values of the (a) Original Lena. set 1; N are reached at least once. J K B. The Most and Least Significant Coefficients We first notice that terms of the original content x that may be replaced by terms issued from the watermark y are less important than other: they could be changed without be perceived as such.