Using Image Steganography for Decryptor Distribution

  • T. Morkel
  • J. H. P. Eloff
  • M. S. Olivier
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4277)


When communicating secret information there is more than one route to follow to ensure the confidentiality of the message being transmitted. Encryption might be an obvious choice; however there are limitations and disadvantages to using encryption. An alternative approach is steganography, which is a technology for hiding information in other information. Combining the two disciplines may provide better security but more overhead, since the receiver must now have knowledge not only of how the information was encrypted, but also of how it was hidden, in order to retrieve the message. This paper proposes a system where image steganography is combined with encryption by hiding not only a message inside an image, but also the means to extract and decrypt the message. An executable program is hidden inside the image that functions as a decryptor, enabling the receiver to be oblivious to the encryption algorithm used.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Dunbar, B.: Steganographic techniques and their use in an Open-Systems environment. SANS Institute (January 2002)Google Scholar
  2. 2.
    Jamil, T.: Steganography: The art of hiding information is plain sight. IEEE Potentials 18(01) (1999)Google Scholar
  3. 3.
    Silman, J.: Steganography and Steganalysis: An Overview. SANS Institute (2001)Google Scholar
  4. 4.
    Johnson, N.F., Jajodia, S.: Steganalysis of Images Created Using Current Steganography Software. In: Proceedings of the 2nd Information Hiding Workshop (April 1998)Google Scholar
  5. 5.
    Wang, H., Wang, S.: Cyber warfare: Steganography vs. Steganalysis. Communications of the ACM 47(10) (October 2004)Google Scholar
  6. 6.
    Johnson, N.F., Jajodia, S.: Steganalysis: The Investigation of Hidden Information. In: Proceedings of the IEEE Information Technology Conference (1998)Google Scholar
  7. 7.
    Krenn, R.: Steganography and Steganalysis,
  8. 8.
    Morkel, T., Eloff, J.H.P., Olivier, M.S.: An overview of Image Steganography. In: Proceedings of the Information Security South Africa (ISSA) Conference (2005)Google Scholar
  9. 9.
    Rubin, A.D., Geer, D.E.: Mobile Code Security. IEEE Internet Journal (December 1998)Google Scholar
  10. 10.
    Linn, C., Debray, S.: Obfuscation of Executable Code to Improve Resistance to Static Disassembly. In: Proceedings of the 10th ACM Conference on Computer and Communications Security (2003)Google Scholar
  11. 11.
    Obfuscated code, Wikipedia online encyclopedia (accessed on July 6, 2007),
  12. 12.
    Tudor, J.K.: Information Security Architecture: An Integrated Approach to Security in the Organization. Auerbach Publications (2001)Google Scholar
  13. 13.
    Artz, D.: Digital Steganography: Hiding Data within Data. IEEE Internet Computing Journal (June 2001)Google Scholar
  14. 14.
    Conklin, A., White, G.B., Cothren, C., Williams, D., Davis, R.L.: Principles of Computer Security: Security+ and Beyond. McGraw-Hill Technology Education, New York (2004)Google Scholar
  15. 15.
    Schneier, B.: Security in the Real World: How to Evaluate Security Technology. Computer Security Journal 4 (1999)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • T. Morkel
    • 1
  • J. H. P. Eloff
    • 1
  • M. S. Olivier
    • 1
  1. 1.Information and Computer Security Architecture (ICSA) Research Group, Department of Computer ScienceUniversity of PretoriaPretoriaSouth Africa

Personalised recommendations