Perfectly Secure Steganography: Capacity, Error Exponents, and Code Constructions

TL;DR

This paper develops a theoretical framework for perfectly secure steganography, constructing codes that maximize capacity while maintaining undetectability, and analyzes their error exponents and performance limits.

Contribution

It introduces new constructions of perfectly secure steganographic codes from watermarking schemes, deriving capacity and error exponents, and analyzing the impact of security constraints on performance.

Findings

Positive capacity and error exponents are derived for perfectly secure steganography.

Perfect security incurs no performance loss under uniform covertext and symmetric distortion.

Randomized linear codes achieve capacity in certain cases.

Abstract

An analysis of steganographic systems subject to the following perfect undetectability condition is presented in this paper. Following embedding of the message into the covertext, the resulting stegotext is required to have exactly the same probability distribution as the covertext. Then no statistical test can reliably detect the presence of the hidden message. We refer to such steganographic schemes as perfectly secure. A few such schemes have been proposed in recent literature, but they have vanishing rate. We prove that communication performance can potentially be vastly improved; specifically, our basic setup assumes independently and identically distributed (i.i.d.) covertext, and we construct perfectly secure steganographic codes from public watermarking codes using binning methods and randomized permutations of the code. The permutation is a secret key shared between encoder and decoder. We derive (positive) capacity and random-coding exponents for perfectly-secure steganographic systems. The error exponents provide estimates of the code length required to achieve a target low error probability. We address the potential loss in communication performance due to the perfect-security requirement. This loss is the same as the loss obtained under a weaker order-1 steganographic requirement that would just require matching of first-order marginals of the covertext and stegotext distributions. Furthermore, no loss occurs if the covertext distribution is uniform and the distortion metric is cyclically symmetric; steganographic capacity is then achieved by randomized linear codes. Our framework may also be useful for developing computationally secure steganographic systems that have near-optimal communication performance.