Openpuff Steganography Download [TOP]
Pirjo Unzicker
OpenPuff Steganography and Watermarking, sometimes abbreviated OpenPuff or Puff, is a free steganography tool for Microsoft Windows created by Cosimo Oliboni and still maintained as independent software. The program is notable for being the first steganography tool (version 1.01 released in December 2004) that:
OpenPuff is a portable steganography tool supporting images, audio, video and Flash Adobe animation carrier files, it can conceal up to 256MB of data splitting files in between multiple carriers. Before hiding data everything is securely encrypted with AES, scrambled, whitened and encoded, this reduces the chances of anything hidden being detected by specialist tools, you must always remember to erase the original carrier files. If a computer forensics expert has access to both files and can compare them he should be able to prove that one of them contains hidden data even if it can not extracted because everything inside the has been encrypted. OpenPuff has sixteen different encryption algorithms you can use, this makes extracting data even more difficult as only the creator will know what cipher has been used, the tool supports well known secure algorithms like AES, Serpent and Twofish and more obscure ones, like Mars, Anubis or Clefia, a high speed block cipher developed by Sony Corporation intended for use in Digital Rights Management.
To stop steganalysis, the detection of hidden data, encrypted files are scrambled with a second layer using a pseudo random number generator (CSPRNG) seeded with a user chosen password with data shuffled using random indexes, a third security layer whitens scrambled data adding a high amount of ramdom noise with hardware entropy and the final fourth security layer encodes whitened data using a non-linear function. Very paranoid types can add a decoy file for deniable steganography, just like Truecrypt hidden container works, in OpenPuff you can reveal a password to an innocuous text and keep the real hidden message from view with a second password. Another feature is the ability to hide a mark inside a video, audio or photograph, useful for when you privately distribute a confidential file to a selected group of people, if the file is later on found leaked on the internet you can check the mark and track down the leak source.
Thanks to the support for a wide range of carrier files (.bmp, .jpg, .png, .mp3, .vob, .mp4, .3gp, .flv, .swf, .pdf, etc) the program makes it easy to embed hidden data anywhere on the Internet, from a blog to a photo sharing site like Flickr, saving you from having to personally contact a source, which could compromise his identity, but if you are hiding data in multiple files to decrypt them the other end will have to order the files in the right sequence. OpenPuff needs a little practise to get everything right but it is one of the most complete steganography tools I have seen and it has some unique features.
It appears that the program is commercial, for how long I don't know. For developers, the libObfuscate dll its steganography is based on is free, but I cannot find any freeware at the site any longer.
A steganography technique involves hiding sensitive information within an ordinary, non-secret file or message, so that it will not be detected. The sensitive information will then be extracted from the ordinary file or message at its destination, thus avoiding detection. Steganography is an additional step that can be used in conjunction with encryption in order to conceal or protect data.
Steganography can be used both for constructive and destructive purposes. For example, education and business institutions, intelligence agencies, the military, and certified ethical hackers use steganography to embed confidential messages and information in plain sight.
On the other hand, criminal hackers use steganography to corrupt data files or hide malware in otherwise innocent documents. For example, attackers can use BASH and PowerShell scripts to launch automated attacks, embedding scripts in Word and Excel documents. When a poor, unsuspecting user clocks one of those documents open, they activate the secret, hidden script, and chaos ensues. This process is a favored ransomware delivery method.
Information is converted into unintelligible ciphertext in cryptography. Someone intercepting this message could tell immediately that encryption was used. In contrast, steganography hides a message without altering its original format.
Obfuscation, like steganography, is defined as hiding information, but the big difference is that the former method deliberately makes the message hard to interpret, read, or decode. That makes sense since to obfuscate means to render something unclear, unintelligible, or obscure.
Various tools or software that support steganography are now readily accessible. Though most hide information, some provide additional security by encrypting it beforehand. You can find the following free steganography resources online:
Steganography is a method that makes it easy to conceal a message within another to keep it secret. The result is that the hidden message remains hidden. A steganography approach can benefit images, videos, and audio files. Further advantages include:
"@context":" ", "@type": "FAQPage" ,"mainEntity":[ "@type": "Question", "name": "The origin of Steganography from?", "acceptedAnswer": "@type": "Answer", "text": "The word steganography is derived from the Greek root words steganos meaning hidden or covered and graph meaning to write." , "@type": "Question", "name": "The Steganography usually use for?", "acceptedAnswer": "@type": "Answer", "text": "The purpose of steganography is to be clever and discreet. It is a covert form of communication that can involve using any medium to hide messages." , "@type": "Question", "name": "Steganography vs cryptography", "acceptedAnswer": "@type": "Answer", "text": "Steganography is a less secure way to encrypt data while cryptography provides more advanced encryption techniques." , "@type": "Question", "name": "Which method is used by Steganography to hide text in an image file?", "acceptedAnswer": "@type": "Answer", "text": "The method used by Steganography to hide text in an image file is the least significant bit (LSB) technique." ]
Recently, I came across an interesting concept known as steganography. It involves hiding a message within an image file by utilizing the least significant bits of each pixel. However, this may create suspicion if the image appears too perfect. I learned about several tools to achieve this technique, such as the following links listed:
The process of analyzing steganography is also known as steganalysis. In its simplest implementation, this process aims to detect the presence of steganography in one or more transmission media, and in a further stage it may extract the hidden message.
The simplest case reflects an opponent with low or zero knowledge of steganography, who simply uses tools already implemented and made available by others (off-the-shelf tools). In computer security, such an opponent is often called a script kiddie.
In the digital field, there are many pieces of software that implement steganography and most of them combine cryptographic techniques. Examples of open-source software using both techniques are shown in Table 1.
Of course, off-the-shelf tools are also available to those who intend to perform steganalysis. While implementing steganography, each piece of software typically leaves (more or less implicitly) characteristic artifacts in the manipulated files, which can be studied to build signatures (fingerprinting). These signatures can be used in the steganalysis phase to identify not only the presence of steganography, but the specific tool used, as well as to successfully extract hidden contents7,8. Most steganalysis systems employ this approach9.
It is easy to see that we are in a vicious circle ("arms-race") which prefigures an increase in the sophistication of techniques and tools used both by those who intend to use steganography, and by those who instead intend to unmask it and reveal its hidden contents. Among the two subjects, in general, the first profile has an advantage, since it will be able at any time to change the means of transmission and/or encoding of information to escape detection.
In this scenario, machine learning may represent a sophisticated weapon at the service of those who intend to unmask steganography. Through machine learning techniques it is in fact possible to automatically develop a steganalysis model, starting from a set of samples with and/or without steganography.
Most of the proposed approaches use so-called two-class supervised learning (steganography present/absent), which requires the use of samples with and without steganography, to automatically determine statistical differences. This method is particularly useful for detecting the presence of known steganographic techniques variants (e.g. implemented in new software) for which there are no signatures.
Signatures and supervised learning can provide good accuracy when it comes to detecting known steganography techniques and its variants, but are subject to evasion in the presence of totally new techniques, for example, with a statistical profile significantly different from that observed on the samples used in the learning phase.
For this reason, other studies11,12 have instead proposed the use of unsupervised anomaly-based learning techniques. This approach only employs samples in which steganography is absent, for the automatic construction of a normal profile. The presence of anomalies ("outliers"), or deviations from this profile, can therefore be used to detect totally unknown steganographic techniques. This approach, however, must focus on features whose deviation from the norm is a reliable indication of steganography to offer good accuracy. Think, for example, of the comparison between the size specified in the header of a file, compared to the actual size.
df19127ead