Skip to main content
CipherChronicle

Cryptography glossary

Steganography

Also known as : Hidden writing · Concealment

Steganography is the third branch of cryptology, alongside cryptography (making things unreadable) and cryptanalysis (reading them anyway). From Greek steganos (“covered”) and graphein (“to write”), it doesn’t try to transform a message — it tries to hide it. The observer doesn’t even suspect that a message exists.

The fundamental distinction with cryptography

  • Cryptography: “Here’s a message; good luck reading it.” The existence of the message is public, the content is protected by a key.
  • Steganography: “Here’s a picture of my dog.” Only the recipient knows the picture conceals a message.

It’s a question of adversary model. Cryptography assumes the adversary sees the communication — it protects content. Steganography assumes the adversary can intercept but may overlook the nature of the content — it protects the very existence of the communication. Both stances are complementary: you can encrypt then hide, giving two barriers to clear.

Historical techniques

Steganography’s history is as old as cryptography’s:

  • Skull tattooing: per Herodotus (-440), Histiaeus tattoos a message on a slave’s scalp, waits for hair to grow back, then sends the slave with instructions “shave him” to the recipient. Slow, but undetectable.
  • Wax tablets: in Sparta, you carve a message on a wooden tablet, cover it with wax, then carve an innocuous message on the surface wax. The recipient scrapes it off.
  • Invisible inks: lemon or milk juice for heat reveal. Metallic salts (copper sulfate, ferrocyanide) for chemical reveal. Heavily used by spies during World War I.
  • Acrostics: the first letter of each line of a poem spells the message. Ancient tradition in Hebrew, Latin, and later medieval chivalric poetry.
  • Microdots (20th century): photographs reduced to the size of a printer’s dot, glued in place of a period in an ordinary letter. Invented by the Germans during World War II.

Cryptographic steganography

Some techniques sit on the border between steganography and cryptography:

  • Bacon’s cipher (1605, Francis Bacon): encodes binary in the typography of an ordinary text (italic vs roman, or two distinct fonts). The carrier text is readable and innocent; the bits are in the form, not the words. Five positions per letter, so 2⁵ = 32 codes.
  • Trithemius’s Ave Maria cipher (1499): replaces each letter with a word from prayer lists. The message reads like a genuine devotion. Undetectable to the unwary eye.
  • Modern linguistic steganography: encode in synonym choices (“said” vs “stated” vs “announced”) of a generated text, or in sentence lengths. Harder to detect than invisible ink.

Digital techniques

The computer era multiplied possibilities:

  • LSB embedding in images: changing the last bit (Least Significant Bit) of each pixel only shifts the color imperceptibly. A 1-megapixel PNG hides up to 384 KB of message (3 bits per pixel across RGB channels). Tools: steghide, outguess, F5.
  • Audio steganography: message hidden in the high-frequency noise of an MP3 or in the phase of a WAV sample. Inaudible.
  • Video steganography: combines image LSB and audio across frames. Very large capacity available.
  • Network steganography: message hidden in “unused” TCP/IP header fields (IP options, packet sequence, inter-packet timing). Lets you tunnel information through a firewall that only inspects application content.
  • Blockchain steganography: encode a message in Bitcoin transactions (OP_RETURN fields, timing). The message persists as long as the blockchain.

Steganalysis: hunting for hidden messages

Each steganography technique has its steganalysis — the matching cryptanalysis. You look for statistical anomalies:

  • The LSB bits of a natural image have an expected distribution; if it’s too uniform, suspicious.
  • MP3 files have characteristic noise “buckets”; a steganographed MP3 is detectable by Kullback-Leibler divergence.
  • Inter-packet network timing has a natural signature; a timing-based covert channel shows up as an anomaly.

Tools: StegExpose, zsteg, binwalk. As in cryptanalysis, it’s a cat-and-mouse game.

Steganography versus cryptography

CryptographySteganography
What is hidden?ContentExistence
RobustnessGuaranteed by key lengthGuaranteed by imperceptibility
If discovered?Breaking still requires workMessage is revealed
Suspicion?Draws attentionGoes unseen

Hence the common practice: encrypt AND hide. The message is first encrypted (so protected by a key), then concealed (so invisible). If anyone finds it, they still have to crack it. Two barriers beat one.

Key takeaways:

  • Steganography = hide a message’s existence; cryptography = hide its content.
  • Ancient history: scalp tattooing, wax tablets, invisible inks, acrostics.
  • Digital: LSB on images, MP3 noise, network timing, blockchain.
  • Statistical steganalysis: look for distribution anomalies.
  • Recommended practice: encrypt then hide. Two barriers.

← Whole glossary