HomeОбразованиеRelated VideosMore From: Computerphile

Secrets Hidden in Images (Steganography) - Computerphile

11446 ratings | 662244 views
Secret texts buried in a picture of your dog? Image Analyst Dr. Mike Pound explains the art of steganography in digital images. The Problem with JPEG: https://youtu.be/yBX8GFqt6GA The Bayer Filter: https://youtu.be/LWxu4rkZBLw Super Computer & the Milky Way: https://youtu.be/5KEhhW8TOGk JPEG Discrete Cosine Transform (DCT): https://youtu.be/Q2aEzeMDHMA http://www.facebook.com/computerphile https://twitter.com/computer_phile This video was filmed and edited by Sean Riley. Computer Science at the University of Nottingham: http://bit.ly/nottscomputer Computerphile is a sister project to Brady Haran's Numberphile. More at http://www.bradyharan.com
Html code for embedding videos on your blog
Text Comments (484)
Jim Giant (5 days ago)
I'd imagine it would be pretty trivial to write a program to remove steganographic data by zeroing the last few bits of each byte.
Richard (11 days ago)
When you make a screenshot of this image - all that stuff is gone, or in the screenshot as well visible?
Maverick Jey-Kidding (11 days ago)
how i hide things in images - just append bytes at the end of the file. Image viewer will ignore them and display just the image. But then you open file in text editor and scroll to the very end to see the hidden message. THIS is the easiest approach imo :P
As text file increases which we need to hide in an image , there ll b increasing the value of blurness in encrypted image or no
Eventually Sa (17 days ago)
Do you really talk Germany
The End (29 days ago)
Could you zoom in and screenshot the image to remove a stegonagraphic watermark? I mean theoretically all the pixels are now changed I would think.
Gonçalo Aguiar (1 month ago)
Could the same principle be applied for audio files?
Paralysed (1 month ago)
Yes, and there are many programs out there that do so as well as images
MineMC (1 month ago)
That subitles are worse than auto subtitles.
Anon (1 month ago)
Change the name from myimage.jpg to myimage.rar, add the files you want to the rar file, the rename it back to myimage.jpg. This will fool any incompetent teacher, parent etc
Parth Agarwal (1 month ago)
There is another method of doing this. I learnt is by the cicada challenge. Don't really know the technical side of it but when you open an image with a text editor, you can scroll down to the end and add code comments. This comment can have the message. To decrypt, one can open it with text-editor and then see the message. This message can also be hashed and added to the comments.
Rednassie (1 month ago)
Aaaand then whatsapp compression f*cking ruins the pic
Hollywood BS (2 months ago)
What did he just say
Jacob Story (2 months ago)
I made a program that takes the individual colors, picks two of them (based on a predefined pattern), and encodes the data in the least significant bit of both for every pixel. Optionally, you can even use an xor to encode the data instead, making it even more confusing.
KSI (2 months ago)
I cant understand a word of what he is saying. But I cant stop listening...
Larkinchance (2 months ago)
With a ton of money and mass hirings, The NSA is not Bletchley Park
Baruch Ben-David (2 months ago)
I'd think that a well-encrypted message would resemble noise and be more difficult to recognize as a message.
Andy T (2 months ago)
Shouldn’t you not see an original image at all looking at the least sig bits?
Aureoo Green (3 months ago)
Pixel Value Differencing Steganography Method !
Manish Chaudhary (3 months ago)
How to creat latent image.. Which I can see in 45 degrees
Patricia Addis (4 months ago)
I could listen to him drone on about anything, yum.
Alfonso Florio (4 months ago)
i clearly remember a tool that could detect stenographic images. It was originated from a paper on the argument
Pushparaj Vaghela (4 months ago)
Would it not be easy to destroy digital watermark by placing a random message in least significant bit throughout the image.
Icarion Icarus (4 months ago)
Im using this for a secret disturbing image behind my drawing, as one of my oc backstory
Lance Sellner (5 months ago)
Hello, anyone here? Im wondering how long it would take to hand-encrypt an image using DCT.
P Last Name (5 months ago)
Nobody has commented on this for at least two years. I guess it's old hat.
Topher TheTenth (5 months ago)
I'm not understanding this at all. My understanding of a bitmap is there are three values per pixel: Red, Green, and Blue. Each of them ranges from 0 to 255. Make a list of 1st-pixel Red, 1st-pixel Green, 1st-pixel Blue, 2nd-pixel Red, 2nd-pixel Green, 2nd-pixel Blue. In this list of integers (each ranging from 0 to 255) , the occurrence of odd numbers and even numbers will be ABSOLUTELY RANDOM, won't it? And whenever any absolutely random key is added to a message that isn't random, the result is absolutely random. The process of steganography would then consist of translating your message into a series of 0s and 1s and writing those digits down a column to the right of your list of color-integers. Then you use a convention such as "0 means even, 1 means odd". Where you have a zero in the column that is the message to be encoded, if the color-value integer to the left is even, write it in yet another column to the right, unchanged. But if that color-value number to the left is odd, write, in the rightmost column, the number that is ONE FEWER than that number. So, 255 changes to 254, and 1 changes to 0. All odd numbers in the range from 0 to 255 can be so transformed without exceeding the range 0 to 255. Where you have a "1" in the message to be encoded, and it lies to the right of an odd number, write that odd number in the rightmost column unchanged. But where a "1" lies to the right of an EVEN number, change that even number to odd by ADDING (not, as previously, subtracting) 1 to it. So, 254 changes to 255, and 0 changes to 1. All even numbers in the range 0 to 255 can so be handled without exceeding the range 0 to 255. You can't just do a -1 or +1 modulo 256 for this, because that would involve changing some occurrences of 255 to 0, and some occurrences of 0 to 255. Changing a color-value of a pixel by a value of 255 could create a noticeable scar vs. when the greatest change is only "1". Then just group all of the color-value integers back into triplets for each pixel, and assemble all the pixels back into a photograph. It will be indistinguishable (to the human eye) from the original, AND the oddness/evenness of the values for each component of each pixel's colors will be as random in the output as it was in the original. (So no computer is going to notice that its randomness is different from the randomness of untweaked photos.) The person receiving the photo divides it into pixels, and divides each pixel into three integers (Red, Green, and Blue) each ranging from 0 to 255, and considers only their evenness and oddness, and writes a "1" for every odd value and a "0" for every even value. Thus the recipient obtains the binary message that was sent.
Domício (5 months ago)
Great content.
Andrew Potapenkoff (5 months ago)
This stuff reminds me of QR code.
miss misanthropist (5 months ago)
so this is how spore stored stuff inside pngs
John Walthall (5 months ago)
6:00 started becoming a foreign language somewhere around here.
CTA 91 (5 months ago)
theee bits! theee bits!
서찬욱 (5 months ago)
secret message in my profile picture
Fester Blats (5 months ago)
So using this method for copyrighting images means that they actually ruin them. That doesn't sound very clever.
Mythricia (5 months ago)
Ruin? The change is literally invisible unless you have the source image.
Bikal (5 months ago)
They're trying to build an intersect.
fpolloa (6 months ago)
Can you do the same with music?
iExotic (5 months ago)
At 7:28 the inerquartile computing unit is actually incorrect. I've studied it for about 3 years now and the complexion of the quadratic formula is hidden in the JPEG code. Cause if you document.write (a_bc) + SQL a=0b it will result in the quaritization of 0, hence the quadratic code is equal to 0, so it can't be it. Check my reply for my proof.
zionlee1004 (6 months ago)
Zewwo
LohnS (6 months ago)
Amazing stuff
Raymond (7 months ago)
haha, love the video :D
_____ (7 months ago)
Expand upon this by doing a video on Numbers Stations!
Pedro Esteves (7 months ago)
I did a small amusement app, "The Steganographer", with Javascript and PHP this Summer. The Big image should be atleast 4 times bigger than the one to be hidden. Don't forget besides the RGB components you can also use the ALPHA channel(the channel for transparency) to hide some bits!That increases the amount of info you can hide per pixel. Curiosity: The alpha channel on PHP has only 7 bits while alpha in Java(not Javascript) has 8 bits. You should also know that since .jpeg is not a lossless format, each time you create a .jpeg(to hide the small image in the big one), the data will be compressed( the string of bits will be slightly changed), so after when you try to extract the original data from the .jpeg(the smaller image) you won't be able to do that perfectly. A solution is to use .png, which is heavier but gets the job done cause it is not a lossless format. You can check The Steganographer of my channel if you want to.
Couldn't pirates clear any contained water marks in the image/video by running it through a program that simply scrambles the last two values of every pixel? This would create an imperceptible difference in the image/video but clear any messages/marks within. I could imagine pirates and/or websites deploying this automatically on uploads, just in case. I mean, messages could be hidden in other bits but as stated in the video these values are much more noticeable.
CROOK53Y (8 months ago)
jackfrags?
HiFi Auti (9 months ago)
could you use this on a 10 hour nyancat video frame by frame??
Secrets to Success (9 months ago)
This gentleman, Dr Mike, is absolutely fascinating... I only discovered this channel yesterday and Ive viewed a lot of the videos already.
kebman (9 months ago)
Now imagine steganography on DLL files, programs and databases!
kebman (9 months ago)
Now imagine steganography on film and sound...
kebman (9 months ago)
Would steganography even work on Facebook or Instagram? Don't they re-arrange and re-compress the file? Wouldn't that effectively erase the message?
Mythricia (5 months ago)
If they re-encode the images, the message is probably lost using any of methods described in the video. But, there are other methods, such as breaking the image up into "blocks" of some size (just as a random example, say 4*4 pixels). Then you encode the 1's and 0's using those blocks. This is slightly more resilient to changes, because even if some pixels change, you can use the average value to determine what the original data probably was. You can also include error correcting codes, and so on.... Now, this all rather quickly decreases the amount of data you can store. You are trading away a lot of your available "space" for redundancy and resilience. But if all you need is to watermark the image, with a just a simple string of text only a few dozen bytes long, you would able to add a really huge amount of redundancy and resilience without worrying, and just repeating the message over and over across the image, including all the safeguards. That becomes a lot more difficult to remove.
kebman (9 months ago)
I don't know about you, but I'd start looking for steganography on 4Chan lol!
Antediluvian Spy (9 months ago)
I would pay Forbes list figure sums to have Dr. Mike Pound be the teacher of every bit of knowledge I learn for the rest of my life. Time to rob Warren Buffet.
rick dalton (9 months ago)
I must have watched a million Tech videos and read three times as many online articles before I found this guy here on computerphile and I have come to realize without question that this man is dangerous. Very few people possess this level of knowledge and the videos are by far the best on the internet. Keep up the good work!👍👍
This message contains top secret nuclear project information... just kidding. . . *OR AM I?*
Jonathan Cook (1 year ago)
UIJT JT B TFDSFU NFTTBHF! :D
sinta dorti (1 year ago)
Zewos and wons !
Bambel (1 year ago)
I am very glad you didn’t just show us the image and have us take your word for it that the images were different!
I highly doubt that image steganography approach that accounts statistics can be cracked without the source image, anyone can proove me wrong?
Last (1 year ago)
I think I should Start studying in Nottingham...
444 444
I was struggling with a stego CTF when this video just popped up. Thanks, it helped me solve the challenge :)
Mister Hat (1 year ago)
A pixel is 4 bytes? Normally it's three unless there's an alpha channel or the data is padded to four bytes. In either case, changing that fourth byte is going to be obvious (because it's likely to be zero.)
ArchaicVirus (1 year ago)
Zed is probably used instead of 'z' to avoid confusion, as z sounds like c, or b for example. Its like how americans use charlie, or bravo, to indicate c, or b, for the same reason.
Matt T (1 year ago)
Interesting... Could someone exploit this in order to hide scripts inside of images? If that is the case, how could one protect themselves from this exploit?
Ryan Hawkin (2 months ago)
u cannot hide scripts to run them when they open the image, its just like encrypted string, u have to decrypt it in order to use it
Miscritz Brotherzz (3 months ago)
but it wont cause damage to system right? the app will treat it as image file and wont run the hidden script maybe i misunderstood what u meant
muhammad nauman (1 year ago)
what paper is he using to write on?
Burak Kaymakci (1 year ago)
I really love your videos but one thing I would really appreciate is that subtitles, especially in Dr. Mike's videos, please. I am really having a though time to understand his accent sometimes. 😅 And the present subtitles are not correct. Thank you for the great videos! :)
Facehunter2003 (1 year ago)
Meta data changing, one way to hide stuff :P
Richard Smith (1 year ago)
Technically, you could modify the least significant bit of all three color channels to give you three bits per pixel. For a 1920x1080 picture, that would give you enough space to embed a message that is (1920*1080*3) / 8 bytes large, or 777, 600 bytes, and it would be imperceivable, as each color channel would only be one bit different, like the difference in 255 and 254, you would not notice it. This assumes the image format preserves three channels of pixel information, like PNG.
ifell3 (1 year ago)
So someone gave me a photo and said do not release it, that had a jsteg in it, but then I wrote another jsteg to it, would it not over right the first?
Carlordau (1 year ago)
4:20 - captions - has a value of free. Got to love the accent.
Stewie Griffin (1 year ago)
great video
Stewie Griffin (1 year ago)
well done
M'Baku & T'Challa (1 year ago)
What if I make a screenshot and/or safe it as png?
Ben O'Neill (1 year ago)
Could the watermarks be deleted by randomizing the least significant bits?
Jay H (1 year ago)
1:45 Its not too useful I believe, since a simple hashing of the original and the new image can show there is a difference
אורי יגורוב (1 year ago)
Lol who made these captions? Looks like auto-captions
Romeo Santiago (1 year ago)
Watch my new video, friends...Geez. Facebook locked my boyfriend out of his account. Sometimes I felt that he suffered because of me. Because I was fighting the western intelligence agencies and he got involved... Sorry baby...Seems they were harassing him because they can't get to me... My poor boyfriend, got locked out of facebook for a crime he didn't commit. He simply liked my posts against the CIA. Is that evil? Well, I made this video to get revenge for you, my dear... https://youtu.be/ZvHcmXzxR4g
LPChip (1 year ago)
Awesome video. Can this be done with audio as well? I''d love to see a video about that.
TOMYSSHADOW (1 year ago)
Of course you could also paste a passworded ZIP onto the end of a JPEG in a hex editor and any photo viewer will ignore the invalid image data while something like 7-zip will detect and decompress the zipped data.
Badboy DCX (1 year ago)
Dark web
Rock & Rollin' Nolan (1 year ago)
6:53 Mmhhmm, I totally know what I'm looking at right now. I understand it all. WOT!?
John Smith (1 year ago)
Everytime I watch this guy I feel even dumber
Justin Tyme (1 year ago)
so NASA have hidden messages in their photos??
What (1 year ago)
I have no clue what he is talking about
liam init (1 year ago)
wuss poppin
Sam Nub (1 year ago)
From now on, I'm going to watermark all my image work with the tragedy of darth plaguis the wise
nilloc93 (1 year ago)
this was also done (with no level of subtlety) to distribute the 3d printer files for the liberator pistol
cooldude23407 (1 year ago)
I love what the letter says XD
A.J (1 year ago)
more examples less talking
FaRo (1 year ago)
I watched this video in fullscreen and my monitor has connection problems, so I thought you put a secret message into the video.
Paul Kreuz (1 year ago)
tsheantd imse cnouodlz!.
PangaeanConquest (1 year ago)
youtubevilleshire
Digital Ash TCG (1 year ago)
What then happens if you screen shot a file with a message in it? is the message lost? covered up by other noise? Either in full or in part?
Philippe Carphin (2 years ago)
Subtitles are great "Stake in a graphic", and the best thing is that it never writes the same thing for jsteg : "chased egg" is my favourite.
Topher TheTenth (5 months ago)
Philippe Carphin: Why not "steak in a graphic" to complement your "chaste egg"?
Ashish Gupta (2 years ago)
how do you decrypt the message?
aspie96 (2 years ago)
Wait. Why in the steganographic image formed just by the last 2 bits could you still see the tree?
George Dimas (2 years ago)
Mindblown
Harley Moore (2 years ago)
You guys need a patreon
Christopher Derrell (2 years ago)
3's and 4's? Can you have fours with the 2 least significant bits?
Lars Martin Jensvoll (2 years ago)
The Norwegian police did this after the Breivik terrorist attack, with confidential images released only to the different attorneys representing victims and such. One picture was leaked to the press, and since the pictures were secretly watermarked they knew exactly who leaked it. The attorney was thrown off the case and lost his licence.
Aurelius R (5 days ago)
I cannot find a single mention of this anywhere online, so far. Do you have any sources for this? It seems Geir Lippestad was his lawyer through the whole case?
Jack Obrein (14 days ago)
Damn, that's abit rash. If the Attorney cannot speak to his client in a secure manner. How can they mount an effective defense? Government abuse anyone?
Tyrone Nig (1 month ago)
+Sparrow right. watermarked. as in "contained a hidden image or message."
Ravil Razypov (3 months ago)
No
David Eikeland (3 months ago)
I didnt know this! And im Norwegian!
Alwin Priven (2 years ago)
the captions are so weird.
Djorgal (2 years ago)
I add random noise as steganography in all my images and only a select few have a meaningful message encrypted in them. Good luck trying to decrypt it all :)

Would you like to comment?

Join YouTube for a free account, or sign in if you are already a member.