Four short pages that explain what rsteg actually does to your bytes. Each one has an inline visualization — SVG or a tiny interactive form — so you can poke at the algorithm instead of just reading about it. Start with LSB linear if this is your first time with steganography; it's the baseline everything else builds on.
RSTG header:
magic, version, flags, scheme fourcc, density, body length, CRC. The whole
struct is bound into the AEAD tag when the payload is encrypted.
All four schemes work on all three carrier formats rsteg supports (BMP, WAV, PNG); the fourcc's first letter selects the format. This table skips the format axis and compares just the walk-order / secrecy axis.
| scheme | fourcc | walk order | detectable on naive steganalysis? | when to use |
|---|---|---|---|---|
| LSB linear | ?LSL | sample 0, 1, 2, 3… | yes — chi-square on first N samples spikes as soon as N exceeds the payload length | teaching, non-adversarial transport, maximum speed |
| LSB permuted | ?LSP | Fisher–Yates shuffle of 0..N seeded by Argon2id(passphrase) low 64 bits |
no — payload bits are spread uniformly, so no contiguous block is statistically distinguishable | default whenever a passphrase is supplied; pairs naturally with the AEAD envelope |
The permuted seed is not the secret — the AEAD ciphertext is. The permutation exists as defense-in-depth: without it, detection of "something is hidden here" is trivial even when decryption is infeasible. The AEAD page explains why these are separate concerns.