In contrast to Kerckhoffs' principle,
security by obscurity approaches rely on
the attacker not knowing the algorithm protocol or the system execution.
Some of the proprietary protocols do not make the descriptions
publicly available or explicitly state the details of the protocols.
And sometimes these protocols rely on the fact that the system information is not
spelled out to the attacker and use that fact for security.
For such defense build on security by obscurity,
it no longer becomes secure once the attacker learns about the how to's of the system.
Steganography is related to security by obscurity.
Although, steganography focus more on concealing the presence of
the message and can incorporate active measures to do so.
Many steganographic implementations practice security by
obscurity and their security is
breached once the concealment method is known to the attacker.
Examples of steganography approaches are the invisible ink.
The ancient Greek having hidden messages on
the messenger's head which will be hidden by the hair that is grown after encryption.
Another example is hiding messages
using the least significant bits of digital image or source files.
Below the picture is another example of steganography where there is a hidden message.
In this example, the text reads,
"Since everyone can read,
encoding text in neutral sentences is doubtfully effective."
Now, I want you to think about this and pause for a second.
You would want to click the pause button to do so.
Well, welcome back. The hidden message comes from taking the first letters of
each word which says secret inside.
Let's take a look at another example and try to find the hidden message in steganography.