RSS Feed
Download our iPhone app
Browse DevX
Sign up for e-mail newsletters from DevX


Keeping Secrets Secret: Steganography with .NET : Page 3

Steganography is a way to protect information by hiding it "in plain sight" within other types of digital content. Steganography complements rather than replaces encryption by adding another layer of security—it's much more difficult to decrypt a message if you don't know that there is a message. See how to leverage .NET to create steganographic techniques that hide encrypted information inside common digital data files.

The BMPCoverFile Class
The BMPCoverFile class is a concrete implementation of the ICoverFile interface that works with 24-bit .bmp files. Here's the interface code:

   public interface ICoverFile
     IStegoFile CreateStegoFile(string stegoFileName,
        string message, string pwd);      
Note that the interface defines only a single CreateStegoFile method that creates a stego file (in the location passed in the stegoFileName parameter) hiding the message stored in a Unicode string. The pwd parameter, as you'll see, is a password used as additional protection—basically, you need that password every time you want to extract the hidden message from the stego file.

The BMPCoverFile class implements ICoverFile:

   public class BMPCoverFile : ICoverFile
     private string fileName;
     public BMPCoverFile(string fileName) {
       this.fileName = fileName;
The class constructor requires a fileName parameter that contains the filename of the cover file. The CreateStegoFile method creates the output stego file as shown in Listing 1.

The code in Listing 1 first checks whether the cover file is a 24-bit .bmp file. A .bmp file has a 54-byte header where the first byte is always "B," and the second "M." The bytes at positions 28-29 hold the number of bits used to represent the colors (the value must be 24, in this case). If either of those conditions evaluates to false the method throws an exception, because this class supports 24-bit .bmp images only. If both checks pass, the method writes the header to the stego file.

The next task is to retrieve the bytes of the Unicode string representing the message to hide. The code inserts the byte count (the length of the message) as the first four bytes of the byte-array via the AddLengthAhead method. That step's necessary because code to extract the message needs to know the message length.

The method encrypts the message bytes using the Encrypt method of CryptoHelper by passing the pwd parameter before hiding them in the stego file. The encryption provides additional protection—now, the message is both hidden and encrypted. You can find the implementation of CryptoHelper in the downloadable source code for this article.

Finally, the method hides the encrypted bytes into the cover by calling LSBHelper.Encode. When complete, it returns a BmpStegoFile instance that represents the created stego file.

Close Icon
Thanks for your registration, follow us on our social networks to keep up-to-date