OpenPuff

OpenPuff
	OpenPuff v4.00 screenshot
Developer(s)	Eng. Cosimo Oliboni
Stable release	4.01 / July 19, 2018
Operating system	Windows
Type	Steganography tool
License	freeware (closed-source) (the crypto/steganography code library is LGPLed)
Website	HomePage

Last updated August 06, 2022

OpenPuff Steganography and Watermarking, sometimes abbreviated OpenPuff or Puff, is a free steganography tool for Microsoft Windows created by Cosimo Oliboni and still maintained as independent software. The program is notable for being the first steganography tool (version 1.01 released in December 2004) that:

lets users hide data in more than a single carrier file. When hidden data are split among a set of carrier files you get a carrier chain, with no enforced hidden data theoretical size limit (256MB, 512MB, ... depending only on the implementation)
implements 3 layers of hidden data obfuscation (cryptography, whitening and encoding)
extends deniable cryptography into deniable steganography

Last revision supports a wide range of carrier formats

Images Bmp, Jpg, Png, Tga
Audios Aiff, Mp3, Wav
Videos 3gp, Mp4, Mpeg I, Mpeg II, Vob
Flash-Adobe Flv, Pdf, Swf

Use

OpenPuff is used primarily for anonymous asynchronous data sharing:

the sender hides a hidden stream inside some public available carrier files (password + carrier files + carrier order are the secret key)
the receiver unhides the hidden stream knowing the secret key

The advantage of steganography, over cryptography alone, is that messages do not attract attention to themselves. Plainly visible encrypted messages — no matter how unbreakable — will arouse suspicion, and may in themselves be incriminating in countries where encryption is illegal. Therefore, whereas cryptography protects the contents of a message, steganography can be said to protect both messages and communicating parties.

Watermarking is the action of signing a file with an ID or copyright mark. OpenPuff does it in an invisible steganographic way, applied to any supported carrier. The invisible mark, being not password protected, is accessible by everyone (using the program).^[1]

Multi-cryptography

OpenPuff is a semi-open source program:

cryptography, CSPRNG, hashing (used in password hexadecimal extension), and scrambling are open source

Cryptographic algorithms (16 taken from AES, NESSIE and CRYPTREC) are joined into a unique multi-cryptography algorithm:

keys and internal static data are initialized for each algorithm f
each data block D [ i ] (128bit) will be encrypted using a different algorithm f [ i ]
f [ i ] is chosen with a pseudorandom oracle, seeded with a second independent password^[2]

1. Choosing the cryptography algorithm for data blockif [ i ] = rand ( Oracle )

2. Applying cryptography to data blockiCipher ( D [ i ] ) = f [ i ] ( D [ i ] )

Statistical resistance

Extensive testing has been performed on the statistical resistance properties of the CSPRNG and multi-cryptography modules, using the ENT,^[3] NIST ^[4] and DIEHARD test suites. Provided results are taken from 64KB, 128KB, ... 256MB samples:

bit entropy test: >7.9999xx / 8.000000
compression test: 0% size reduction after compression
chi square distribution test: 40% < deviation < 60%
mean value test: 127.4x / 127.5
Monte Carlo test: error < 0.01%
serial correlation test: < 0.0001

Steganalysis resistance

Security, performance and steganalysis resistance are conflicting trade-offs.^[5]

[Security vs. Performance]: Whitening

Pro: ensures higher data security
Pro: allows deniable steganography
Con1: requires a lot of extra carrier bits

[Security vs. Steganalysis]: Cryptography + Whitening

Pro: ensure higher data security
Con2: their random statistical response marks carriers as more "suspicious"

Data, before carrier injection, is encrypted and whitened: a small amount of hidden data turns into a big chunk of pseudorandom "suspicious data". Carrier injection encodes it using a non linear covering function^[6] that takes also original carrier bits as input. Modified carriers will need much less change (Con1) and, lowering their random-like statistical response, deceive many steganalysis tests (Con2).

Deniable steganography

There will always be a non-negligible probability of being detected, even if the hidden stream behaves like a “natural container” (unpredictable side-effects, being caught in Flagrante delicto, etc.). Resisting these unpredictable attacks is also possible, even when the user is forced (by legal or physical coercion) to provide a valid password.^[7]^[8] Deniable steganography (a decoy-based technique) allows the user to deny convincingly the fact that sensitive data is being hidden. The user needs to provide some expendable decoy data that he would plausibly want to keep confidential and reveal it to the attacker, claiming that this is all there is.

Related Research Articles

Steganography is the practice of concealing a message within another message or a physical object. In computing/electronic contexts, a computer file, message, image, or video is concealed within another file, message, image, or video. The word steganography comes from Greek steganographia, which combines the words steganós, meaning "covered or concealed", and -graphia meaning "writing".

A pseudorandom number generator (PRNG), also known as a deterministic random bit generator (DRBG), is an algorithm for generating a sequence of numbers whose properties approximate the properties of sequences of random numbers. The PRNG-generated sequence is not truly random, because it is completely determined by an initial value, called the PRNG's seed. Although sequences that are closer to truly random can be generated using hardware random number generators, pseudorandom number generators are important in practice for their speed in number generation and their reproducibility.

Hardware random number generator Cryptographic device

In computing, a hardware random number generator (HRNG) or true random number generator (TRNG) is a device that generates random numbers from a physical process, rather than by means of an algorithm. Such devices are often based on microscopic phenomena that generate low-level, statistically random "noise" signals, such as thermal noise, the photoelectric effect, involving a beam splitter, and other quantum phenomena. These stochastic processes are, in theory, completely unpredictable for as long as an equation governing such phenomena is unknown or uncomputable, and the theory's assertions of unpredictability are subject to experimental test. This is in contrast to the paradigm of pseudo-random number generation commonly implemented in computer programs.

A cryptographically secure pseudorandom number generator (CSPRNG) or cryptographic pseudorandom number generator (CPRNG) is a pseudorandom number generator (PRNG) with properties that make it suitable for use in cryptography. It is also loosely known as a cryptographic random number generator (CRNG).

Articles related to cryptography include:

In computer security, challenge–response authentication is a family of protocols in which one party presents a question ("challenge") and another party must provide a valid answer ("response") to be authenticated.

A cryptographic hash function (CHF) is a mathematical algorithm that maps data of an arbitrary size to a bit array of a fixed size. It is a one-way function, that is, a function for which it is practically infeasible to invert or reverse the computation. Ideally, the only way to find a message that produces a given hash is to attempt a brute-force search of possible inputs to see if they produce a match, or use a rainbow table of matched hashes. Cryptographic hash functions are a basic tool of modern cryptography.

In cryptography, a key derivation function (KDF) is a cryptographic algorithm that derives one or more secret keys from a secret value such as a main key, a password, or a passphrase using a pseudorandom function. KDFs can be used to stretch keys into longer keys or to obtain keys of a required format, such as converting a group element that is the result of a Diffie–Hellman key exchange into a symmetric key for use with AES. Keyed cryptographic hash functions are popular examples of pseudorandom functions used for key derivation.

Steganalysis is the study of detecting messages hidden using steganography; this is analogous to cryptanalysis applied to cryptography.

In cryptography and steganography, plausibly deniable encryption describes encryption techniques where the existence of an encrypted file or message is deniable in the sense that an adversary cannot prove that the plaintext data exists.

Disk encryption software is computer security software that protects the confidentiality of data stored on computer media by using disk encryption.

Random number generation is a process by which, often by means of a random number generator (RNG), a sequence of numbers or symbols that cannot be reasonably predicted better than by random chance is generated. This means that the particular outcome sequence will contain some patterns detectable in hindsight but unpredictable to foresight. True random number generators can be hardware random-number generators (HRNGS) that generate random numbers, wherein each generation is a function of the current value of a physical environment's attribute that is constantly changing in a manner that is practically impossible to model. This would be in contrast to so-called "random number generations" done by pseudorandom number generators (PRNGs) that generate numbers that only look random but are in fact pre-determined—these generations can be reproduced simply by knowing the state of the PRNG.

Cryptovirology is a field that studies how to use cryptography to design powerful malicious software. The field was born with the observation that public-key cryptography can be used to break the symmetry between what an antivirus analyst sees regarding malware and what the attacker sees. The antivirus analyst sees a public key contained in the malware, whereas the attacker sees the public key contained in the malware as well as the corresponding private key since the attacker created the key pair for the attack. The public key allows the malware to perform trapdoor one-way operations on the victim's computer that only the attacker can undo.

Steganographic file systems are a kind of file system first proposed by Ross Anderson, Roger Needham, and Adi Shamir. Their paper proposed two main methods of hiding data: in a series of fixed size files originally consisting of random bits on top of which 'vectors' could be superimposed in such a way as to allow levels of security to decrypt all lower levels but not even know of the existence of any higher levels, or an entire partition is filled with random bits and files hidden in it.

CryptGenRandom is a deprecated cryptographically secure pseudorandom number generator function that is included in Microsoft CryptoAPI. In Win32 programs, Microsoft recommends its use anywhere random number generation is needed. A 2007 paper from Hebrew University suggested security problems in the Windows 2000 implementation of CryptGenRandom. Microsoft later acknowledged that the same problems exist in Windows XP, but not in Vista. Microsoft released a fix for the bug with Windows XP Service Pack 3 in mid-2008.

Cryptography Practice and study of secure communication techniques

Cryptography, or cryptology, is the practice and study of techniques for secure communication in the presence of adversarial behavior. More generally, cryptography is about constructing and analyzing protocols that prevent third parties or the public from reading private messages; various aspects of information security such as data confidentiality, data integrity, authentication, and non-repudiation are central to modern cryptography. Modern cryptography exists at the intersection of the disciplines of mathematics, computer science, electrical engineering, communication science, and physics. Applications of cryptography include electronic commerce, chip-based payment cards, digital currencies, computer passwords, and military communications.

StegoShare is a steganography tool that allows embedding of large files into multiple images. It may be used for anonymous file sharing.

A steganography software tool allows a user to embed hidden data inside a carrier file, such as an image or video, and later extract that data.

This is a list of cybersecurity information technology. Cybersecurity is security as it is applied to information technology. This includes all technology that stores, manipulates, or moves data, such as computers, data networks, and all devices connected to or included in networks, such as routers and switches. All information technology devices and facilities need to be secured against intrusion, unauthorized use, and vandalism. Additionally, the users of information technology should be protected from theft of assets, extortion, identity theft, loss of privacy and confidentiality of personal information, malicious mischief, damage to equipment, business process compromise, and the general activity of cybercriminals. The public should be protected against acts of cyberterrorism, such as the compromise or loss of the electric power grid.

OutGuess is a steganographic software for hiding data in the most redundant content data bits of existing (media) files. It has handlers for image files in the common Netpbm and JPEG formats, so it can, for example, specifically alter the frequency coefficients of JPEG files. It is written in C and published as Free Software under the terms of the old BSD license. It has been tested on a variety of Unix-like operating systems and is included in the standard software repositories of the popular Linux distributions Debian and Arch Linux and their derivatives.

References

↑ Sécurité des réseaux : Stéganographie et tatouage numérique
↑ OpenPuff Manual
↑ ENT - A Pseudorandom Number Sequence Test Program
↑ NIST - A Statistical Test Suite for the Validation of Random Number Generators and Pseudo Random Number Generators for Cryptographic Applications
↑ Provos, Niels. "Defending against statistical steganalysis". Proceedings of the 10th Conference on USENIX Security Symposium. SSYM'01. 10: 24–37. Retrieved 28 November 2012.
↑ Bierbrauer, Jürgen; Fridrich, Jessica. "Constructing good covering codes for applications in Steganography" (PDF). Transactions on Data Hiding and Multimedia Security III. Lecture Notes in Computer Science. 4920: 1–22. Retrieved 7 February 2021.
↑ Sergienko, Greg S. "Self Incrimination and Cryptographic Keys". Richmond Journal of Law and Technology. 2 (1). Retrieved 19 July 2018.
↑ Julian Assange - Physical Coercion

External links

This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.

[1] Sécurité des réseaux : Stéganographie et tatouage numérique

[2] OpenPuff Manual

[3] ENT - A Pseudorandom Number Sequence Test Program

[4] NIST - A Statistical Test Suite for the Validation of Random Number Generators and Pseudo Random Number Generators for Cryptographic Applications

[5] Provos, Niels. "Defending against statistical steganalysis". Proceedings of the 10th Conference on USENIX Security Symposium. SSYM'01. 10: 24–37. Retrieved 28 November 2012.

[6] Bierbrauer, Jürgen; Fridrich, Jessica. "Constructing good covering codes for applications in Steganography" (PDF). Transactions on Data Hiding and Multimedia Security III. Lecture Notes in Computer Science. 4920: 1–22. Retrieved 7 February 2021.

[7] Sergienko, Greg S. "Self Incrimination and Cryptographic Keys". Richmond Journal of Law and Technology. 2 (1). Retrieved 19 July 2018.

[8] Julian Assange - Physical Coercion

[1]

[2]

[3]

[4]

[5]

[6]

[7]

[8]