Steganography
Jump to navigation
Jump to search
OutGuess
- OutGuess is a steganography tool developed by Niels Provos.
- Quite secure, although some attacks exist.
- Package available for Windows, Linux, Cygwin...
- OutGuess works by storing information in the LSB of non-zero DCT coefficient, while preserving first-order statistics.
Basic usage
$ outguess -k "password" -d secret.txt original.jpg embedded.jpg
$ outguess -k "password" -d secret.txt -p 100 original.jpg embedded.jpg #Max jpeg compression for max capacity
Example of output:
Reading original.jpg....
JPEG compression quality set to 75
Extracting usable bits: 105949 bits
Correctable message size: 49783 bits, 46.99%
Encoded 'secret.txt': 144 bits, 18 bytes
Finding best embedding...
0: 76(43.7%)[52.8%], bias 68(0.89), saved: 0, total: 0.07%
21: 84(47.7%)[58.3%], bias 55(0.65), saved: -1, total: 0.08%
115: 77(44.3%)[53.5%], bias 59(0.77), saved: 0, total: 0.07%
115, 136: Embedding data: 144 in 105949
Bits embedded: 174, changed: 77(44.3%)[53.5%], bias: 59, tot: 106258, skip: 106084
Foiling statistics: corrections: 55, failed: 0, offset: 40.125000 +- 65.879625
Total bits changed: 136 (change 77 + bias 59)
Storing bitmap into data...
Writing embedded.jpg....
- usable bits are the number of LSB of the DCT coeffecient that are available
- Correctable message size are the subset of these LSB that can effectively be used without detection
- One may specify the quality settings of output image (option -p) to increase the capacity. However this quality settings should match the quality of the input file.
Patch on OutGuess 0.2
- There is a small bug in OutGuess 0.2 that makes estimate of the correctable message size to be negative for big images. Here's a patch that correct this.
--- outguess-0.2/jpg.c 2001-02-13 01:29:07.000000000 +0100
+++ outguess-0.2/jpg.c 2009-08-25 16:06:05.242378300 +0200
@@ -176,7 +176,7 @@
fprintf(stderr, "Can not calculate estimate\n");
res = -1;
} else
- res = 2*bitmap->bits*b/(a + b);
+ res = 2*(long long)bitmap->bits*b/(a + b); /* Fixed: multiply was overflowing for big images */
/* Pending threshold based on frequencies */
for (i = 0; i < DCTENTRIES; i++) {
- To apply the patch on Cygwin, first fetch Outguess-0.2
$ /setup.exe& #Select Outguess-0.2 sources
$ cd /usr/src
$ cat > outguess-0.2.patch #Copy patch above in patch file
$ ./outguess-0.2-1.sh -v -c prep conf
$ patch -lNp0<outguess-0.2.patch #Apply the patch
$ ./outguess-0.2-1.sh -v -c make install
$ cp -rv outguess-0.2/.inst/* / #Install
Analysing OutGuess 0.2
- The Correctable message size generally increases with the JPEG quality of the input image
- When using option -p to specify the JPEG quality of the output image, the best Correctable message size is generally achieved while using same output JPEG quality as input image.
- Without specifying output JPEG quality,
- Output file size is almost equal and minimum when input JPEG quality is 75% or 100%, and has its maximum around 85%.
- Max. Correctable message size is obtained when input JPEG quality is 78%...81%.
- Using pamscale (with default param), all the generated images have lost in capacity efficiency (i.e. ratio Correctable message size / Image size) (→ To Do: look effect of other rescaling algorithms).