In practice, when you use some steganography, you must first select a vessel data according to the size of the embedding data. The vessel should be innocuous. Then, you embed the confidential data by using an embedding program (which is one component of the steganography software) together with some key. When extracting, you (or your party) use an extracting program (another component) to recover the embedded data by the same key ( “common key” in terms of cryptography). In this case you need a “key negotiation” before you start communication. Attaching a stego file to an e-mail message is the simplest example in this application area.
But you and your party must do a “sending-and-receiving” action that could be noticed by a third party. So, e-mailing is not a completely secret communication method. There is an easy method that has no key-negotiation. We have a model of “Anonymous Covert Mailing System. ” There is some other communication method that uses the Internet Webpage. In this method you don’t need to send anything to your party, and no one can detect your communication. Each secrecy based application needs an embedding process which leaves the smallest embedding evidence.
You may follow the following- (A) Choose a large vessel, larger the better, compared with the embedding data. (B) Discard the original vessel after embedding. For example, in the case of Qtech Hide & View, it leaves some latent embedding evidence even if the vessel has a very large embedding capacity. You are recommended to embed only 25% or less (for PNG / BMP output) of the maximum capacity, or only 3% of the vessel size (for JPEG output). 2. Protection of data alteration We take advantage of the fragility of the embedded data in this application area.
We asserted in the home page that “the embedded data can rather be fragile than be very robust. ” Actually, embedded data are fragile in most steganography programs. Especially, Qtech Hide & View program embeds data in an extremely fragile manner. However, this fragility opens a new direction toward an information alteration protective system such as a “Digital Certificate Document System. ” The most novel point among others is that “no authentication bureau is needed. ” If it is implemented, people can send their “digital certificate data” to any place in the world through Internet.
No one can forge, alter, nor tamper such certificate data. If forged, altered, or tampered, it is easily detected by the extraction program.? 3. Access control system for digital content distribution In this area embedded data is “hidden”, but is “explained” to publicize the content. Today, digital contents are getting more and more commonly distributed by Internet than ever before. For example, music companies release new albums on their Webpage in a free or charged manner. However, in this case, all the contents are equally distributed to the people who accessed the page.
So, an ordinary Web distribution scheme is not suited for a “case-by-case” and “selective” distribution. Of course it is always possible to attach digital content to e-mail messages and send to the customers. But it will takes a lot of cost in time and labor. If you have some valuable content, which you think it is okay to provide others if they really need it, and if it is possible to upload such content on the Web in some covert manner. And if you can issue a special “access key” to extract the content selectively, you will be very happy about it. A steganographic scheme can help realize a this type of system.