1 00:00:00,240 --> 00:00:01,490 In this demonstration, 2 00:00:01,490 --> 00:00:03,670 you're going to learn how steganography is used 3 00:00:03,670 --> 00:00:05,700 to hide data within other data. 4 00:00:05,700 --> 00:00:07,630 Steganography is the art and science 5 00:00:07,630 --> 00:00:10,210 of hiding message within other messages. 6 00:00:10,210 --> 00:00:11,890 If you've ever seen an old spy movie, 7 00:00:11,890 --> 00:00:14,480 where one spy takes out a classified ad in the newspaper 8 00:00:14,480 --> 00:00:15,880 and the first letter of each word 9 00:00:15,880 --> 00:00:17,180 makes up the secret message, 10 00:00:17,180 --> 00:00:18,950 something like meet at six? 11 00:00:18,950 --> 00:00:21,130 This is a version of steganography. 12 00:00:21,130 --> 00:00:23,880 Note that data isn't going to be encrypted when you do this, 13 00:00:23,880 --> 00:00:26,370 it's just going to be hidden inside another message. 14 00:00:26,370 --> 00:00:28,162 And if you know what the key and what your looking for, 15 00:00:28,162 --> 00:00:30,430 then it's really easy to see the message 16 00:00:30,430 --> 00:00:32,410 inside wherever it's being hidden. 17 00:00:32,410 --> 00:00:34,260 So, in the case of my newspaper example, 18 00:00:34,260 --> 00:00:36,370 writing down the first letter of each word, 19 00:00:36,370 --> 00:00:38,040 gives you the secret message. 20 00:00:38,040 --> 00:00:40,300 Now basically, if anybody knows where to look, 21 00:00:40,300 --> 00:00:42,490 they can easily pull that data back out. 22 00:00:42,490 --> 00:00:44,200 So, let's jump into the lab environment 23 00:00:44,200 --> 00:00:46,270 and see how easy it is to hide some data 24 00:00:46,270 --> 00:00:49,117 inside a standard photograph using a steganography tool, 25 00:00:49,117 --> 00:00:52,140 and then getting that back out on the other side. 26 00:00:52,140 --> 00:00:53,690 To conduct this demonstration, 27 00:00:53,690 --> 00:00:56,070 we're going to load a steganography program 28 00:00:56,070 --> 00:00:57,820 up inside our web browser. 29 00:00:57,820 --> 00:00:59,700 You can try this at home if you want to. 30 00:00:59,700 --> 00:01:02,080 All you have to do is go to this website 31 00:01:02,080 --> 00:01:03,140 as you see on the screen, 32 00:01:03,140 --> 00:01:08,140 stylesuxx.gethub.io/steganography/ and hit enter. 33 00:01:09,570 --> 00:01:10,600 When you get to the screen, 34 00:01:10,600 --> 00:01:12,800 you're going to be asked to choose a file. 35 00:01:12,800 --> 00:01:14,940 So, I'm going to go ahead and choose a file off my desktop 36 00:01:14,940 --> 00:01:17,023 which is my logo, Dion Training.png. 37 00:01:18,690 --> 00:01:19,650 And then you're going to type in 38 00:01:19,650 --> 00:01:21,550 whatever the message is you want to hide. 39 00:01:21,550 --> 00:01:23,400 This is a secret message 40 00:01:24,890 --> 00:01:27,083 for my students only. 41 00:01:28,475 --> 00:01:29,970 Steganography is fun. 42 00:01:29,970 --> 00:01:32,290 Okay, so we're going to go ahead and hit encode, 43 00:01:32,290 --> 00:01:33,123 and when you do that, 44 00:01:33,123 --> 00:01:34,490 you'll see what your binary representation 45 00:01:34,490 --> 00:01:35,323 of your message is. 46 00:01:35,323 --> 00:01:37,180 You'll see the original you had. 47 00:01:37,180 --> 00:01:39,370 You'll see the normalized version of it. 48 00:01:39,370 --> 00:01:41,550 And notice these logos all look the exact same, 49 00:01:41,550 --> 00:01:43,830 and then you'll have the hidden message version. 50 00:01:43,830 --> 00:01:45,780 If you right click that and save it, 51 00:01:45,780 --> 00:01:47,140 you can go ahead and save it to your desktop, 52 00:01:47,140 --> 00:01:49,993 and I'm going to do it as Dion training message. 53 00:01:51,200 --> 00:01:53,210 And you'll see it there on my desktop. 54 00:01:53,210 --> 00:01:56,163 Now, if I look at these two files side by side, 55 00:01:57,400 --> 00:01:59,610 we'll have the Dion training one up here, 56 00:01:59,610 --> 00:02:02,800 and the hidden message one right here. 57 00:02:02,800 --> 00:02:05,580 They look identical in every way don't they? 58 00:02:05,580 --> 00:02:06,980 Right, exactly, they do. 59 00:02:06,980 --> 00:02:09,320 And so, if we go ahead and close these, 60 00:02:09,320 --> 00:02:12,110 we can actually look at the file size of them. 61 00:02:12,110 --> 00:02:16,724 And so, here we have the one on the left here 62 00:02:16,724 --> 00:02:20,360 or excuse me, the one on the left is Diontraining.png 63 00:02:20,360 --> 00:02:21,440 which is the original. 64 00:02:21,440 --> 00:02:24,010 And you could see the file size or the dimensions of it 65 00:02:24,010 --> 00:02:26,160 are the exact same as the new one. 66 00:02:26,160 --> 00:02:27,710 We haven't changed that at all. 67 00:02:27,710 --> 00:02:30,210 But, we did change the file size, 68 00:02:30,210 --> 00:02:34,300 and we went from 74kb down to 57kb. 69 00:02:34,300 --> 00:02:37,320 Why if we put more information, did the file size shrink. 70 00:02:37,320 --> 00:02:39,130 Well it's because the way they re-encoded it 71 00:02:39,130 --> 00:02:41,320 to make sure the images looked exactly right 72 00:02:41,320 --> 00:02:42,790 and the compression they used. 73 00:02:42,790 --> 00:02:45,020 Sometimes the file size will get bigger as well, 74 00:02:45,020 --> 00:02:46,420 but it is very infrequent 75 00:02:46,420 --> 00:02:48,350 that you'll see the same file size. 76 00:02:48,350 --> 00:02:49,700 So this may be one way that we know 77 00:02:49,700 --> 00:02:51,520 the file has been changed. 78 00:02:51,520 --> 00:02:53,920 Now, if we want to see the actual message inside of it, 79 00:02:53,920 --> 00:02:55,640 let's go over here to decode. 80 00:02:55,640 --> 00:02:57,710 And let's go ahead and choose the original file, 81 00:02:57,710 --> 00:02:59,940 and if we hit decode, you'll see that there is 82 00:02:59,940 --> 00:03:02,550 no message inside that one. 83 00:03:02,550 --> 00:03:03,650 See there is no hidden message. 84 00:03:03,650 --> 00:03:06,520 It came out garbage because there was no hidden message, 85 00:03:06,520 --> 00:03:10,610 but if I choose the one that we hid the message inside of. 86 00:03:10,610 --> 00:03:12,910 We hit open, and hit decode, 87 00:03:12,910 --> 00:03:15,180 you'll see that our hidden message comes right back. 88 00:03:15,180 --> 00:03:17,030 This is a secret message for my students only. 89 00:03:17,030 --> 00:03:18,620 Steganography is fun. 90 00:03:18,620 --> 00:03:20,500 And so, if you want to play with this, you can. 91 00:03:20,500 --> 00:03:22,390 You can go through and do some of this, 92 00:03:22,390 --> 00:03:23,250 and send it to your friends 93 00:03:23,250 --> 00:03:24,738 and have them send you messages back. 94 00:03:24,738 --> 00:03:27,660 But remember, the information isn't encrypted 95 00:03:27,660 --> 00:03:29,140 when you're doing the steganography. 96 00:03:29,140 --> 00:03:30,900 You're hiding it in plain sight. 97 00:03:30,900 --> 00:03:32,710 So, if I actually decide to open up 98 00:03:32,710 --> 00:03:34,170 Diontrainingmessage.png, 99 00:03:34,170 --> 00:03:36,160 the one that has this hidden message in it, 100 00:03:36,160 --> 00:03:37,870 inside of a hex editor, 101 00:03:37,870 --> 00:03:41,520 you could actually find that message hidden inside of it. 102 00:03:41,520 --> 00:03:42,970 It's not encrypted. 103 00:03:42,970 --> 00:03:45,766 And so, steganography is covered in the cryptography section 104 00:03:45,766 --> 00:03:49,270 because it is considered a way of hiding information. 105 00:03:49,270 --> 00:03:51,841 But it is not true encryption. 106 00:03:51,841 --> 00:03:54,034 (digital music)