Abstract
The exponential growth of cloud storage adoption has introduced new attack surfaces and privacy concerns, necessitating advanced methods for secure and covert communication. Traditional steganographic techniques, particularly in distributed settings, often struggle with balancing undetectability, embedding capacity, and security. Recent indirect methods that avoid file modification have improved undetectability but remain constrained by low capacity and reliance on cryptographic secrecy alone. This paper introduces Contextual Cloud Steganography (CCS), a novel framework that replaces traditional base-based encoding with contextual protocols based on deterministic file ordering within cloud directories. CCS leverages pre-established sorting criteria (e.g., cryptographic hashes, creation dates) to embed secret data by selecting files from sorted lists, achieving a multiplicative increase in capacity of 3.2× to 4.3× over state-of-the-art base-B methods. The framework simultaneously enhances security through protocol-dependent protection, making message extraction computationally infeasible without the precise contextual protocol, even if the stego-folder is discovered. We provide formal security proofs under established steganographic models, detailed algorithms with cryptographic enhancements, and extensive experimental evaluation across major cloud platforms (Google Drive, Dropbox, OneDrive) over a 30-day period. Results demonstrate CCS’s practical efficiency and robustness in dynamic environments, establishing it as a significant advancement in cloud-based covert communication that breaks the traditional capacity-security trade-off.