From the past human beings need to send and receive information in a secure manner. The traditional way to do that is by converting data into another form, so the output data could be only recognized by those who are authorized and know how to retrieve it to its original form using secret information called Key. This method of protecting information is called Encryption.
The main weak point in Encryption is the existence (not concealed) of the data. Although the encrypted data could not be read but it still there, so if there is much time and tools for the person who like to retrieve the original data and break the Encryption algorithm, at the end he/she will be succeed in breaking the code. The solution for this problem is Steganography.
2. What is Steganography?
Steganography is from Greek mean cover writing; technically steganography is hiding secret information inside information that looks innocent and not suspicious. The implementation of Steganography depends on human instinct rather than mathematical logic. The most important thing in this old technique as a concept but new in the recruitment of use it does not bring attention and it is also flexible to use any kind of media for hiding, where we can hide any kind of secret message such as (text, image, sound, video) inside any cover with deferent features like (text, image, sound, video).
When we are talking about Steganography we are talking about using two different techniques as one technique:
1. Secret or hidden message technique as a concept that had been used in different ages to protect information privacy and secrecy by hiding information inside information.
2. A new technique that had changed our community and changed the traditional concepts of the tools for transmit and exchange information, and imposed new standards for control styles and the capabilities to control the transmitted and the exchanged information from its resource, and that is the new environment for information ( the Internet ).
Until recently, research community was not interest in Steganography and industry was focused only in Encryption, but that was rapidly changed. The first academic conference for Steganography and Information Hiding was at 1995. Steganography also got a lot of attention after CIA reports that says Al Qaida used this technique between its members to exchange the needed information to execute the 11th September attacks.
Steganography is not a new concept; historically it had been used in the Greece golden age. The purpose of using Steganography is not only to hide the meaning of the message but also to hide the existence of the message in the first place. The thing that supports the use and the development of Steganography is the rapid development in Information Technology and Communication, this make steganography the leading method in the Internet to protect data secrecy, privacy, and copyright.
The interesting thing in steganography is we could hide any kind of digital media such as image, text, sound and video with others. So we could use any kind of media as a cover to hide a secret message that could also be any kind of media regarding to the cover capacity, the wanted security level and robustness.
3. Steganography and Encryption
The appearance of the Internet, Social Networks and Communication tools led us to rethinking about the models that are being used to protect Information Systems and the transmitting information and searching for new methods that fit with these technologies. Encryption was and still a successful method to protect the stored and the transmitted information, but with the appearance of the new technologies it's still suffer from some problems like:
1. Clearly recognized: Everybody could recognize there is an encrypted data so this will make the attackers interested with these data and try to decrypt or destroy it.
2. Network usage: A lot of restrictions have been imposed for prevent using Encryption in communication networks like deny any information for a resource use Encryption in its correspondence.
3. The future threat of using it: A lot of Governments started to control the use of Encryption and prevent the organizations from dealing with it only by using known algorithms like DES (Data Encryption Standard) and that will encourage the attackers to attack the encrypted data through known algorithms.
4. Trying to control it: By enforcing international standards for Encryption usage to control it and marketing security products use these standards.
The traditional idea says that communications will be safe by encrypting the transmitted data, but this is rarely true in the practical world, for that reason a lot of people focus on hiding the data instead of encrypting it.
4. Conclusions
From the previous explanations we could conclude the following:
A. Encryption is a good method to protect information but it has a lot of weak points such as:
(1). Encryption hides the meaning of the message but not its existence.
(2). There are fixed algorithms for Encryption and that makes the development of attacking methods much easy.
(3). Encryption does not have a lot of fans because Governments preventing people from using it.
(4). Enforcing standards for Encryption usage; this will encourage the attackers to attack Encryption algorithms.
(5). The development of computer techniques and its computational power gives a big chance to break Encryption.
B. Steganography depends on hiding the existence of the secret message and this makes it much secure.
C. Steganogaphy as a technique depends on human instinct rather than mathematical logic.
D. There is a high flexibility in using Steganography because we could hide any kind of media inside other media in condition cover have the available space to hide the secret message.
E. We could add other protection methods for Steganography like Encryption.
F. We could re-hide the secret information for many times and in a different media.
G. We could use Steganography in different kind of media especially in communication networks where we could use some of their features for hiding like the packed header address or protocols headers.
References
[1] Mohammad Alaa Al-Hamami, "Information Hiding Technology", Delmon Culture Magazine, Issue 2, Page No. 38, Kingdom of Bahrain, march 2011.
[2] Alaa Hussain Al-Hamami, Mohammad Alaa Al-Hamami, "Information Hiding: Steganography and Watermark", Ithraa for publishing and Distribution, Amman, Jordan, ISBN: 9789957493097, 2008.
[3] Al-Hamami A. H., Mohammad A. Al-Hamami, and Aseel Khalid, “Information Hiding in ICMP Messages”, Tenth Scientific Conference, 2004, Al-Rafidain University college magazine, No.15, pp:145-160, Baghdad, Iraq, 2004.
[4] Anderson R., R. Needham, A. shamir, “The steganographic File system”, Information Hiding: second International Workshop, Portland, Oregon, USA, 1998.
[5] Chang, I. S., and Park, R. H., “Image retrieval based on data hiding”, Int. Proceeding on the SPIE 4314, pp:321-328, 2001.