

   STEGANOS v1.4 - released 10th of July 1996

   Cryptography/Steganography software
   Copyright (c) 1996 by Fabian Hansmann

   Made in Frankfurt/Germany

   DOCUMENTATION


   100651.3561@compuserve.com
   http://ourworld.compuserve.com/homepages/fhansmann


   Д [0] TABLE OF CONTENTS ДДДДДДДДДДДДДДДДДДДДДДДДДДДДДДДДДДДДДДДДДДДДДДДД

   [1]  What exactly is STEGANOS? An introduction
   [2]  The Syntax of STEGANOS
   [3]  Example
   [4]  Some hints for usage
   [5]  Technology and further information
   [6]  Errorlevels
   [7]  Copyrights of mentioned software

   Jump to the part you want to read by searching for the chapter number in
   brackets, e.g. [4].


   Д [1] WHAT EXACTLY IS STEGANOS? AN INTRODUCTION ДДДДДДДДДДДДДДДДДДДДДДДД

   Steganos (Greek): protected, protecting; covered, covering.

   Steganos combines two very strong technologies for securing information:
   cryptography and steganography.
   Steganos hides a file inside a BMP, VOC, WAV or ASCII file - so you are 
   able to not just make information unusable for a third party (which you
   do by using cryptologic methods), but you even hide the existence of any
   information.

   A second idea for using Steganos is to protect your pictures. If someone
   uses one of your pictures (or sounds) you can prove that it is yours -
   just store a file with your copyright in the picture.

   Steganos is written for MS-DOS - this makes sure that nearly everyone
   can use it - it's equal if you use pure DOS, OS/2, WIN 3.x or WIN 95.

   Feel free to give Steganos to all your friends - it's FREEWARE.

   Note that I am NOT RESPONSIBLE for any use or abuse of Steganos.

   Special thanks go to Gabriel Yoran.


   Д [2] THE SYNTAX OF STEGANOS ДДДДДДДДДДДДДДДДДДДДДДДДДДДДДДДДДДДДДДДДДД

   steganos e|d 'picture/sound file' 'file to hide' password [/b] [/d]

   e          encode
   d          decode
   password   Password to encrypt the file before hiding it -
              '?' will prompt for password.
   /d         The file the information comes from will be deleted.
              If you encode the "file to hide" will be deleted -
              the "file for hiding information" if you decode.
              Note that the file will not be restorable with undelete.
   /b         This parameter will force Steganos to create a backup
              of the picture/sound file. This function is just avaible
              when you encode. Be careful with backups if someone finds
              them he can prove that you are using steganography by
              simple doing a file compare (encoded file, backup).

   The 'picture/sound file' can be a VOC, WAV, BMP, or ASCII file.

   If you want you can use the long Windows 95 filenames as you are used
   from MS-DOS 7 commandline applications. If your long filename contains
   spaces you will need to put '"' at the beginning and at the end.


   Д [3] EXAMPLE ДДДДДДДДДДДДДДДДДДДДДДДДДДДДДДДДДДДДДДДДДДДДДДДДДДДДДДДДДД

   steganos e sample.voc secret.txt secret

   This commandline will store (hide) the file 'secret.txt' inside the
   VOC file 'sample.voc' after crypting the information with the password
   'secret'.

   Enter the same commandline with a 'd' instead of 'e' and you get your
   data back - note that the hidden information in the VOC file is not
   deleted.

   If you add a '>NUL' at the end of the commandline you won't see any
   messages of Steganos anymore.
 

   Д [4] SOME HINTS FOR USAGE ДДДДДДДДДДДДДДДДДДДДДДДДДДДДДДДДДДДДДДДДДДДДД

   - For good results use LOUD SOUNDS in a BAD QUALITY and BLACK/WHITE
     graphics instead of high quality color images. Use files which
     have no geometric figures inside (e.g. the windows of Graphical
     User Interfaces...) since it is very simple to see that something
     is wrong.
     Be sure that the file you want to hide information in exists just
     one time. DON'T TAKE POPULAR IMAGES (e.g. logos or pictures from
     WWW sites or CD-ROMs) because the hidden information could become 
     visible by comparing the original file with the one you hid 
     information in (of cause it would be crypted anyway).
     Ofcause you can modify them (e.g with filters in Paint Shop Pro).

   - It is possible to convert an encoded BMP file to - for example - a the
     GIF format and back to BMP. Even then Steganos will be possible to
     recover the hidden data. Be sure to use exactly the same format when
     encoding and decoding (best is using the same converting software -
     for example VPIC for DOS or the above mentioned Paint Shop Pro for
     Windows). It's important to just use compressions which do not
     destroy information.
     For example: JPEG uses the DCT (Diskrete Cosinus Transformation)
     algorhythm which destroys parts of the image by not saving data which
     can rarely be seen. Information hidden with Steganos would be lost.

   - If you get hidden ASCII files within an email make sure to remove
     the lines added to the original output file of Steganos.

   - If you even want to enlarge the security of the hidden file make sure
     you use a strong encrypting program like PGP before hiding a file with
     Steganos - even though Steganos crypts the file, too.
     If you want you can combine PGP with the program Stealth. This program
     strips off all identifying information from the PGP encrypted file
     (like header information) and can be used optionally (see URL below).

   - Make sure that the password you use consists of at least 6 letters. Use
     the password just one time. Don't use a password you use in a mailbox
     or online service and don't use names, birthdays etc.

   - If you want to encode more than one file, you can use an archiver (e.g.
     PkZip or RAR) before using Steganos.

   - Don't forget to delete the file consisting of the original information
     after encoding or decoding if needed.


   Д [5] TECHNOLOGY AND FURTHER INFORMATION ДДДДДДДДДДДДДДДДДДДДДДДДДДДДДДД

   Steganos stores information in the lowest bit of a byte, beginning after
   the file header. Steganos does not just store the file, filesize and a
   one byte checksum but all information stored in the file will be
   encrypted.

   If you enter an unknown file format, Steganos will ask you for the header
   size and how much bit the format has and then try to store the
   information in the file: make sure to use just uncompressed files.

   Steganos will create 'noise' and write it till the end of the
   picture/sound file - so it's much harder to detect the bits that
   have been modified, e.g. by rotating the palette (as Gabriel Yoran did).
   Because this method modifies the whole picture/sound file you should
   choose a file which is not longer than absolutely needed. A large
   picture/sound file takes much longer to fill it with noise.

   When you hide a file inside an ASCII file Steganos uses a completely
   different method for hiding information: spaces and tabs are added to
   the end of the lines. Note that this method CAN BE DETECTED VERY EASILY
   by using a hex editor and keep in mind that this method increases the
   file size.

   If you delete a file with DOS the data can be recovered with Undelete
   or for example with the Norton Utility Text Search. If Undelete needs to
   have a disabled directory entry to recover a file, Text Search even finds
   plaintext searching sector for sector on a drive. Even if a file is
   overwritten one time, it can be recovered with expensive methods.
   The Steganos delete feature does not just overwrite the file once, but
   three times - the first time with 00h, the second with FFh and the last
   time with 00h again. This takes time but is very secure, since it demagne-
   tizes the file area on the drive.
   Of course you can use the Norton Utility Wipeinfo, too.

   Steganos.exe is protected with a little checksum check written by me,
   which, by the way, allows to pklite a file, but not to patch.
   If you want to be sure to use an unmodified version of Steganos download
   the newest version from my homepage (see above).

   If you are intersted in more information about steganography and
   cryptography check out the following sources:

   Newsgroups:     
          alt.privacy
          alt.security
          sci.crypt

   World Wide Web:
          http://www.iquest.net/~mrmil/stego.html
          http://adams.patriot.net/~johnson/html/neil/stegdoc/stegdoc.html


   Д [6] ERRORLEVELS ДДДДДДДДДДДДДДДДДДДДДДДДДДДДДДДДДДДДДДДДДДДДДДДДДДДДДД

   In case of an error Steganos returns an errorlevel on which a batchfile
   can react.

   Code  Meaning

      0  No error
      1  Can't delete file
      2  Picture/sound file is damaged
      3  File must have 8 bit
      4  File must be uncompressed
      5  Invalid parameters
      6  Steganos has been modified
      7  The password is not valid
      8  Picture/sound file not found
      9  File to hide not found
     10  Picture/sound file is too small
     11  Can't create file
     12  Line in ASCII file is too long
     13  Incorrect file or password


   Д [7] COPYRIGHTS OF MENTIONED SOFTWARE ДДДДДДДДДДДДДДДДДДДДДДДДДДДДДДДДД

   Norton Utilities Copyright (c) by Symantec
   Paint Shop Pro   Copyright (c) by JASC, Inc.
   PGP              Copyright (c) by Phil Zimmerman
   PkZip            Copyright (c) by Pkware
   RAR              Copyright (c) by Eugene Roshal
   Stealth          Copyright (c) by Henry Hastur
   VPIC	            Copyright (c) by Bob Montgomery, VPIC Inc.