Безопасность информационных технологий (May 2023)
Steganographic embedding of information in SVG images on a WEB page
Abstract
This study suggests a steganographic algorithm for embedding data in SVG images integrated into html code. The algorithm uses a composite key that includes an embed key, an encryption key, and a replacement table. The basic principle of embedding is to add style classes to an SVG image. These classes do not affect the picture in the browser. The message is encoded as the names of the classes to be added. Class names are formed based on a symmetric encryption algorithm and a replacement table. One class name contains 9 bits of information. A style set is generated for each added class. The new styles do not affect the appearance of the picture. Style settings are defined either based on default values or based on existing classes. Embed labels are added to tags with embedded data. The labels are calculated based on the hash functions from the string from the embedding key and the block number. Embedded data is randomly distributed over the code of an html page with SVG images. This arrangement makes it difficult to analyze the page when hacking the system. Embedded information is detected by sequential analysis of page code and search for embed marks. The sender of the message must have a permission to edit the web page. The recipient retrieves the message in page code view. An analysis of possible attacks on the proposed system has been carried out. Hacking of the system is possible only by direct overhauling. The system is resilient with the correct choice of hash function and encryption algorithm. The proposed steganographic embedding method is effective for html pages containing a fairly large number of SVG images.
Keywords
