I had read a little about steganography and I was wondering if there was way to detect any unwanted information within MP3 files and other files? I did a search on some of this stuff and it was a bit over my head. I just wanted to be sure that there wasn't anything there that shouldn't be there. Could viruses be hidden and not be detected by antiviral programs until you accessed the file? Thanks for any info.

Good steganography is very hard to detect.

That being said, I think you're confused as to what steganography entails.

I guess viruses could be hidden, but I have no idea how they would be run just by your mp3 program reading the file. Maybe the file could cause some sort of overflow or something, but that would be the mp3-decoder's vulnerability.

Per my understanding, steganography isn't often used to hide malicious works in p2p propogated files as much as it is for hiding data and messages in seemingly innocuous files - which wouldn't affect you at all, anyway, unless you're a secret government agent tracking terrorists who communicate through embedded messages in mp3 files.

I don't think you should be worried about steganography at all. It's not a dangerous thing.

You would probably need to have a helper program to decode and activate anything hidden in one of your mp3's.

http://www.cl.cam.ac.uk/~fapp2/steganography/mp3stego/

Using this program, one can easily hide, for example, a batch file inside an mp3 file. But it needs to be decoded, renamed (to get rid of the .txt extension), and then executed.

As for detecting it? I have no idea. But the information can be deleted by decompressing the mp3 and then re-encoding. For the truly paranoid.

ff123

i think mp3trim does that, since it deletes every unused information. You could also delete the ID3v2 Tag entirely, because this is where those information are stored .

I don't know where you heard about the stego data being stored in ID3V2 tags - because it's wrong.

mp3 steganography tools scramble the data, then put it in the lower MDCT coefficients (inside the music) but below the ATH & SMR.

A well-done steganography inside pictures or sounds, CAN be statistically detected (in theory) because it's always a tiny bit more random than the music's LSBs (=least significant bits). If it can be detected, it can be degraded (to the point where it's destroyed and unusable) - but the encrypted data itself would most certainly stay uncrackable (if encrypted properly before being embedded).

What are talking about?

I thought you could only do this with wav files. What program works with mp3?

steganography. the art of information hiding in apparently "harmless"files.

for example, hide your girlfriend's phone number into a mp3 file

http://www.jjtc.com/Steganography/


Well, there's no such limitation ! Simply, wav and bmp are simpler - but you can do it in OGG, JPG, JP2 - pretty much anything.

For mp3 there is mp3stego. I haven't tried it though.

I played around with a programme called scramdisk once when I was om a cryptography kick.

It only worked with wav files.

You could choose to use 25% or 50% of the wav file for including encrypted data, and the file would still play OK in a portable. I don't know what effect all this would have on the sound quality though.

The data was encrypted with an algo called "blowfish" It was reported to be "hard" encryption, similar in difficulty to PGP.

I wanted to encrypt my entire hard drive with it but got beat by the win 98se 2 gig file limit.

Oh. I tried it once, but quitted because of that 2GB limit (even though that was on NTFS).

They use wav files because it's easiest to read and write many times to/from them. With mp3, it's difficult to replace hidden data once it's put there (the psychoacoustics are not available anymore, etc). So, when you only need to write data once, you can use pretty much any audio/video/picture format


The problem in altering lower bits of PCM samples, is not only with sound quality. In fact, if you use 8 bits (in a 16-bit wav file) for hiding data, it's pretty easy to determine (using statistics) that the lower 8 bits behave like pure white noise - and thus that it's unlikely to contain real audio data there. Remember, current ADC's are better than 8-bit. I'd even doubt that the lower 4 bits of a 16-bit converter is pure white noise. So, there goes the "25%" Scramdisk/E4M mode...


You can't compare blowfish with PGP - the former being a (max. 448-bit) symmetric encryption algorithm, and the latter being a PKI solution - that includes both symmetric (ie: private-key) and asymmetric (ie: public-key) algorithms.
Anyhow, as you said, blowfish is believed to be safe - even though I'd prefer twofish a bit (Twofish was also made by Bruce Schneier, but later).

I had read on a web page on detecting hidden files and in two million images that were checked, they couldn't find any hidden files. Of course, two million images is but a drop in the pool of images is found on the net. Chances are that I am a bit paranoid, but it would be good to know that my computer files are what they seem to be. Of course, I couldn't even identify 90% of the files that Windows uses.

Could somebody tell me the difference between Steganography and watermarking?

Nobody can enlighten me!!?

Steganography is hiding data, which could be any data... design for an atomic bomb,
etc. The goal is that no one but the intended recipient can even tell it is there.

WIth Watermarking the information I think would usually pertain to the host file, maybe information
about the copyright owner, or a copy serial number. The goal is not necessarily to hide it, but to
1) not interfere with the function of the file (so ie it is not large bold text across an image)
2) the information can not be stripped from the file without destroying the file.
3) (if used for authentication) the mark can not be inserted by anyone but the purported
source (ie public key encryption)

edit: the term watermark comes from a physical mark used in some paper. You can usually only see
it if you look through the paper at a bright light. It is frequently used in paper money to prevent
counterfeiting.

Well, Steganography means to hide information in an unapparent medium, such as a picture. The goal is to exchange information without drawing anyone's attention. Watermarking is about hiding information / embedding information in copyrighted music files etc., to be able to uniquely identify them later, if they should show up at unauthorized places. The watermark should be of such nature that attempts to remove the watermark render the file unusable (i.e. in audio files, you'd have to decrease the quality to large extend).

Back on topic: For instance, using a steganography program on specially prepared test files could give a great insight on how it works. One could prepare MP3s with just a sine tone, with noise or with silence, and analyze how the steganography program tries to hide the information in there. Using that knowledge, one could derive a statistical attack (how frequent something occurs / equable patterns...).


Edit: Damnit, too late. Note to self: Don't do other things first after clicking on "Reply".