[Written on September 23th 2002 - Update May 8 2003]

Breaking a steganography software:


Steganography strength (is it easy to see there is hidden data?): Low
Cryptography strength (is it easy to recover the hidden data?): Low

Or: simple LSB method is easy to detect, especially with a fixed header in the hidden text (bis)

[Quote of the day: "Breaking one software a day keeps the doctor away"]

     1. Background

Here is another software hiding data in 24-bits BMP pictures by using the LSB method: InThePicture (version 2.2), by Intar technologies. It's a shareware sold 25 US$. The demo version has a few limitations (only 2 keys, no more then 16 kb for hidden files), but nothing that does change the security level. The interface is nice, it has a very "Pro" look. You can even create nice pictures of fractals if you don't have some BMP handy. The little key icons remind me of PGP. You "lock" and "unlock" the hidden files.

     2. How does it work?

But, even for this price, the security is low, unlike PGP. First, the modified LSB bits (2 bits / byte to increase the possible amount of hidden data) are not spread randomly accross the picture, but just start from the beginning. Very noticeable by a visual or statistical attack (see example here and here). That was the steganography part. Now, the cryptography part. Once again the same errors: the hidden data is appended with a big block of fixed data (a signature of the software, the name of the hidden file, etc...) that can be used by an attacker to know that there is something here. The data scrambling consists in several layers of simple mixing or linear combinations on bytes (XOR, SUB with fixed keys). It was a bit longer to figure out (and this time I needed to trace some routines to speed up the analysis process), but it's not very complex.

Oh, and even worse: the password is saved along with the hidden data. Typical error. So I'm not going to descramble everything, just the password (called a "key").

     3. How to get the key?

I'm not going to detail everything like before. Just the general idea.

First you have to extract all the raw hidden data contained in the 2 least significant bytes of the BMP RGB data. Be aware that they are not in linear order. A byte is composed of bits 12 34 78 56. It took me an hour to figure this out :)

Second you have to descramble this data, block by block.

   - The first block is 8 bytes long and contains the software signature" "ITP!".

   - The second block is 16 bytes long and contains the string "File" (or "Mess" in case of a simple message), plus the size of the hidden file, plus the scrambled key, plus the size of the file path.

   - The third block is the hidden file path, etc...

No need to go further. So the key is here, at offset 16. It's 6 bytes long, very compact. The actual key that you have to enter in the software window when it asks for it is of the form "0000aaaa000", that is, 4 digits, 4 letters and 3 digits. That looks like 11 bytes, but it's not. Everything contained in the key can be compacted in less bytes. For example, consider the last "000". You can store values from 0 to 999 in 10 bits (0 to 2^10 or 1024). Ten bits is much smaller than 3 bytes (24 bits).

Anyway. So you just extract the ASCII key from these 6 bytes, and that's it. Note that there is some redundancy in the first 4 digits, which means that there are several valid keys.

     4. My InThePicture Password Extractor

I rapidly coded a small software called "InThePicture Password Finder", with source. Here is what it's doing:

=> if the file is not a 24-bits BMP, it says so and stops
=> if the 8 first bytes of hidden data do not look like a InThePicture hidden text header, it says so and stops
=> if everything is okay, it shows a valid key. Remember it's case sensitive.

Be aware that there is a limitation in my program: you can retrieve the unlock key just for the first hidden thing inside the BMP, can be a file or a simple message. I realized a little bit late that I forgot to take in account multiple file handling, and now I'm bored and don't want to code anymore. Oh well.

Have a nice day!

     Guillermito, September 23th 2002