1
00:00:00,770 --> 00:00:09,560
Steganography is the practice of concealing information or files within other non-secret text or data.

2
00:00:09,560 --> 00:00:13,230
It is called hiding data in plain sight.

3
00:00:13,610 --> 00:00:20,340
You could for example hide a text file containing secret information within an image file like this

4
00:00:20,530 --> 00:00:27,770
dog file or the image file would look like a normal image but would contain the secret message the file

5
00:00:27,770 --> 00:00:35,090
containing the secret data is called the carrier the modified carriers will look at the original files.

6
00:00:35,100 --> 00:00:38,550
You can see here without perceivable changes.

7
00:00:38,630 --> 00:00:46,420
Best carriers are videos images an audio file since everybody can send receive and download them and

8
00:00:46,420 --> 00:00:48,890
they're just not a suspicious format file.

9
00:00:49,010 --> 00:00:55,290
But crucially steganography is not encryption the data is just hidden not encrypted.

10
00:00:55,460 --> 00:01:01,340
It would be very trivial for someone who knows what they're doing to take a copy of the original file

11
00:01:01,510 --> 00:01:08,440
compare it to the other file and determine that steganography has been used and what the secret messages.

12
00:01:08,660 --> 00:01:15,800
If you do use videos images Norio files to create a hidden message you can upload them to somewhere

13
00:01:15,800 --> 00:01:20,540
where the file could be fundamentally altered through something like compression.

14
00:01:20,540 --> 00:01:27,110
So for example uploading a video to YouTube would destroy the secret message by sending a video via

15
00:01:27,140 --> 00:01:34,090
e-mail should be fine steganography is used when you need to conceal that you're sending a secret message.

16
00:01:34,220 --> 00:01:40,820
Perhaps the consequences would be high if discovered when you use encryption it's obvious that you're

17
00:01:40,820 --> 00:01:43,070
doing it with steganography.

18
00:01:43,100 --> 00:01:50,030
It's not obvious at all that you're sending a message some steganography tools also use encryption as

19
00:01:50,030 --> 00:01:56,840
well as steganography together to help make message hard to determine and one that I would recommend

20
00:01:57,110 --> 00:01:59,900
for Windows is called Open Porth.

21
00:01:59,980 --> 00:02:04,810
And I'll give you a demo so you can see and understand a little bit more about steganography.

22
00:02:04,910 --> 00:02:09,320
And this one's got some nice little extra features which are quite good.

23
00:02:09,320 --> 00:02:15,410
So if you want to download open proof then go to this Web site here download it from here.

24
00:02:17,180 --> 00:02:18,300
Start the program

25
00:02:22,360 --> 00:02:30,520
and see if I run it takes a little time.

26
00:02:30,830 --> 00:02:33,010
Now this section is going to take you through to the help.

27
00:02:33,020 --> 00:02:36,690
This is going take you to the home page of the Web site.

28
00:02:36,890 --> 00:02:41,240
You can ignore this this is the watermarking some of the features It's got here.

29
00:02:41,240 --> 00:02:47,210
And this is for hiding your data within a carrier and this is for hiding your data from a carrier.

30
00:02:47,210 --> 00:02:50,050
So let's start by having some data to start with.

31
00:02:50,060 --> 00:02:53,350
Click on hide now grow into three passwords.

32
00:02:53,520 --> 00:02:58,370
And if you want to know why you need to enter three passwords then you can have a look at the manual.

33
00:03:00,200 --> 00:03:05,480
Which is here which will give you a little bit more information on why it uses the three passwords as

34
00:03:05,480 --> 00:03:09,010
part of an algorithm to do the steganography.

35
00:03:09,030 --> 00:03:11,140
I'm going to need three passwords.

36
00:03:11,780 --> 00:03:17,870
So I've done I've generates and passwords here in advance because it does need and it forces complex

37
00:03:17,870 --> 00:03:25,410
passwords and copy and paste these in here and then need to add a carrier.

38
00:03:25,520 --> 00:03:32,000
So I'm going to click on here and choose the dot picture as my carrier.

39
00:03:32,010 --> 00:03:33,890
So there is added it is a j peg.

40
00:03:33,890 --> 00:03:35,980
A hundred ninety two bites.

41
00:03:36,200 --> 00:03:43,130
And now I need to add my secret message and this can be any file but there is a limitation between how

42
00:03:43,130 --> 00:03:46,150
big your carrier is and how big your message is going to be.

43
00:03:46,150 --> 00:03:53,510
You need a big carrier to carry a big message just like that one here kind of multiple carriers as well.

44
00:03:53,620 --> 00:03:58,460
So you can have multiple videos images different files as the carriers.

45
00:03:58,760 --> 00:03:59,910
So that will be fine.

46
00:03:59,930 --> 00:04:02,090
I could hide that data there and it will be done.

47
00:04:02,090 --> 00:04:08,840
But what I'm going to do instead I'm going to add a decoy click here.

48
00:04:08,840 --> 00:04:18,820
Keeping these passwords at the decoy text is Modica text validate validated.

49
00:04:18,950 --> 00:04:26,540
So in cryptography and steganography plausible deniable encryption describes encryption techniques where

50
00:04:26,540 --> 00:04:33,950
the existence of an encrypted file message is deniable in the sense that an adversary cannot prove that

51
00:04:33,950 --> 00:04:36,210
the plaintext data exists.

52
00:04:36,320 --> 00:04:38,670
And that's what we're doing here with this decoying.

53
00:04:38,900 --> 00:04:44,510
If somebody was to ask for the password if they suspected it we could give this we could give these

54
00:04:44,510 --> 00:04:49,940
decoys passwords and it would reveal the decoys text instead of the real text.

55
00:04:49,960 --> 00:04:56,560
So let's do the data hiding and the decoys together put those in this Steck folder.

56
00:04:56,690 --> 00:04:59,350
OK here we go.

57
00:04:59,390 --> 00:05:00,690
We don't.

58
00:05:01,000 --> 00:05:07,310
And then we can say we've got our carrier file that is carrying our two messages it's carrying the decoying

59
00:05:07,310 --> 00:05:09,730
message and it's carrying the real message.

60
00:05:09,880 --> 00:05:18,410
And if you want to compare it to the original file which is here and as you see there's no real perceivable

61
00:05:18,440 --> 00:05:20,380
difference between the two files.

62
00:05:20,480 --> 00:05:26,450
But now you don't want to use a file from the Internet that can be used to compare with the carrier

63
00:05:26,480 --> 00:05:31,680
unless you modify the carrier first by resizing it or compressing it.

64
00:05:31,820 --> 00:05:36,590
Because if you just do a quick search for something on the Internet download that file because you want

65
00:05:36,590 --> 00:05:38,100
to use it as a carrier.

66
00:05:38,100 --> 00:05:42,770
Somebody can then just do the same thing they do a quick search try to find it use Google quite easy

67
00:05:42,770 --> 00:05:48,980
to find images using google and google images and they compare it and they can see that some changes

68
00:05:48,980 --> 00:05:52,850
have been made and to be able to see if it's steganography.

69
00:05:52,850 --> 00:05:58,660
So what you should do is download a file resize it and compress it or use your own file.

70
00:05:58,670 --> 00:06:04,070
Now if you are going to use your own file make sure there's no Matter data or EXIF data in there.

71
00:06:04,070 --> 00:06:10,550
If anonymity is important to you and there's a section on access for matter data it's now on hide the

72
00:06:10,550 --> 00:06:19,060
data from the carrier clothes on high end and the carrier

73
00:06:23,170 --> 00:06:32,460
Kariya you've got to add the passwords and hide in the stick folder.

74
00:06:36,930 --> 00:06:43,790
And then we extracted the secret message The Eagle has landed with the four passwords.

75
00:06:44,820 --> 00:06:50,800
Now if somebody was trying to force us to reveal what was in here.

76
00:06:50,880 --> 00:06:53,680
We could use a decoy which is here.

77
00:06:53,700 --> 00:06:54,820
These passwords

78
00:06:57,740 --> 00:06:58,400
carrier

79
00:07:01,670 --> 00:07:08,340
and end stick for.

80
00:07:09,460 --> 00:07:15,620
And that would then reveal the decoy text here that would give is plausible deniability.

81
00:07:15,620 --> 00:07:19,010
They would not be able to prove that there was any of the message in there.

82
00:07:20,510 --> 00:07:28,730
Another step at all is this one here where you can just simply touch on texting

83
00:07:32,890 --> 00:07:40,030
and coded and coded into spam like text which you can then send an e-mail and it would look like spam.

84
00:07:40,080 --> 00:07:41,400
This is just steganography.

85
00:07:41,400 --> 00:07:46,650
There is no encryption in here you'd have to encrypt first if you didn't want this site for example

86
00:07:46,650 --> 00:07:48,450
to know what the message was.

87
00:07:48,450 --> 00:07:53,730
And then somebody could paste the text and hear the code and then they'd see you know there was the

88
00:07:53,880 --> 00:07:55,480
eagle has landed.

89
00:07:55,830 --> 00:08:02,880
And if you want to explore steganography more and all the tools that link it was just got absolutely

90
00:08:02,880 --> 00:08:05,460
loads of steganography tools.

91
00:08:05,550 --> 00:08:10,890
And if you're interested in looking at different ones and for different platforms as well so that's

92
00:08:10,900 --> 00:08:11,670
steganography.