• Home
• About
• News
• Download
• Documentation
• Cryptography
• Steganography
• Cool stuff
• Feature matrix
• Buy
• Practice

Steganography

Steganography is what this program is about. It allows to hide plaintext or encrypted text into an image.
We need to type (or paste) our text first into "Open text" window.
We click on "Open text" tab and we type our message.
I have actually pasted poem: "The Twelve days of Christmas" from clipboard (CTRL+C)

When we are done with our message then we click "Steganography" tab.
Next thing we need is the cover image. We need to click the blue file icon in the right top corner.
Dialog will appear and will allow us to select an image.
I have selected this nice photo of a squirrel, which I have resized earlier from much larger JPG
using very nice program called Irfan View.
Picture is in PNG format, and that is what we want. We don't want to load in JPG files directly.
I will explain why later.

To insert our open text into this image we need to select "Method" tab:

We should select Random X method, which allows for password.
We won't use password this time, so we leave "Use password" checkbox non-checked.
We will be using open text as our message so we leave "Use encrypted text" checkbox
also non-checked.
We press "Insert" button and a message box appears on the screen:

Our short poem occupies only 4.4% of an image. We could fit much longer text.
When we look back at the open image then it looks identical to the naked eye,
yet the secret text is already there. We can save the file back to disk by pressing
"Save image As" button on the "Open image" page. Saved file contains secret message.

We can prove it by closing the program down, re-opening it.
It should no longer contain open text in "Open text" tab window.
To extract secret message we need to:

• select "Steganography" page, then
• load open image by clicking the blue file icon in the right top corner and then selecting relevant file.

Message will be extracted automatically and "Open text" page containing extracted text will open.
Voila! Magic.

Now the details. Secret messages are hidden in seventh (least significant) bit of
pseudo-randomly selected pixels of the image.
This is how that invisible 7th bit plane looks like when it is exposed.
Need to click "Covert image" to see that:

Looks random to the naked eye, and yet there are some patterns which are natural
and are part of the picture. The image above already contains the message.
Now another image:

This one does not contain secret text. There are some differences between these two
covert images, but they are really hard to spot. It would be possible to write a program
to find pixels that are different, but they won't constitute full message - some pixels will
have exactly the same colour as in the source picture, on average 12.5% of all pixels
will remain unidentified by differential analysis. What we are discussing here is a very
comfortable situation for the attacker - being able to perform differential analysis
means that whoever has prepared steganographic image has left both the original and
steganographic images somewhere where attacker had an access to. Big mistake.
OK, the user has made big mistake. Now let's see what attacker has got in such situation:
bunch or random pixels, but not even all of them.
On average, the attacker has only 87.5% of all the pixels. That is not enough to reconstruct
the message. But even these pixels that are in possession of the attacker are in random order.
In a message that contains 1000 characters there will be about 3000 pixels.
Now the attacker has to arrange these pixels in the right order. Good luck with that.
There is about 3000! possibilities to consider. I am saying about because the attacker
doesn't know exactly how long exactly the message is.
For those unfamiliar with math I will explain here that ! symbol stands for factorial,
which is calculated as follows: n! = 1*2*3*...*(n-1)*n.
So 10! will be 1*2*3*4*5*6*7*8*9*10=3628800. And this is just for 10.
For 3000! it will be a very, very very long number.
I have used online calculator to give you an idea how big this number is.

https://www.calculatorsoup.com/calculators/discretemathematics/factorials.php

n! = 3000!
= 4.149359603 E+9130=
414935960343785408555686709308661217095111919493180991768946765
769755856512353195008600076521780034200751846353836171184957508
711140459077945534021610683396116210379041991775220626633901796
828051647196974959688424577287660971030037261110953402411271188
331577388153284389297376130211063129303744014853787254460796102
904294910497938881207625116251329170046416689621175902035751754
889806535778689152850937824699946746991908320935110683638242870
635222685443392137751504885881040368188090992929124971419005089
389944047153514731545315874415099601742678750874603679741170723
687472771439889206836916185036081984597180937844535239585053776
110865111623631459208861085574508745139453054362137118981508471
920944263742032750299963337849440147756714146808242074999147148
783596697206389546705899601785694802633887671128710680049508274
007171248194763864013691935443541203127866014347925499591435301
206531034066255032310207383515021951031486736123387393950965514
621593490157899499440723110044269248381401414554878727380458560
235615832043179459530558306933512468907212461514684853087240312
679670891135489827334753757568993651763964247817334625108790157
434373989204922670983170339321071763439833524445760404765654004
144146994799843545545977993867028394285134131889131656953108485
135250940061477740470073314065417944280044366919036854692708572
717016480115120574524486079687737848036606530091098156390912941
106337156215409038001350586716242623339024341666287165212285902
745688335048979268693697928783768948414365738664369550754739648
822562221833800146007611968592176032348084674552163304117380043
311442259262436905587829149079738857587845857398286953903023838
372658824276543064375177578972150450713618017300516284244762942
274857556278287634987671952813689135839188244992847415916831303
340321999467520829148857643458638323135452050759559120620672732
969513861229946586075273178844524498653481641692388448890614958
509343734428898148844273218171312725338915345065811438233812058
753798086050808897617538828962529336337504545491686002672295912
255288545844826866553243130113537548124095612376860780077007079
395418489071494673778544075283078729881039129451219298647937034
512574364455814597571408227059863251653529065845711235852702119
334529811055683988098840949803461850780252730387367840421694272
379804643042500450308066370327600163419214428057088024308505678
921086469774551395391198386361671903002781463801369324823327715
951805961930695042378360826205708872092979297974294045768773383
198774446855442948003217410566894237105450288704196119150727390
000316420144742133232938716180295556140046028674004228853898546
503280284285151222960287957418016218232360983209714410470125330
673148961532367887349845539496043970503523477662113959145192704
221222314269986920874635209806862243548133761943951319428681134
865315622281732149764817053818461553265961875302964786011608722
636404439222576019264946109168851510131439455743983031925571541
621514424691223705191490978618494361509631099336395945617965933
968519586053386311763241470668422571923947425317264795597499932
832472798078964707530540141940902006097126747531863655254032127
577578539306975300565952082074574994718981444537722482078884433
351185456015688537081828928952183001396543769472864187766657628
153897373401594105436814354373461342446920670700827824236455574
508825566701572427528103171416406314106813843309240272813189608
848130406652261695528256371838624649442956888593938467267236941
994755713205460182634257310291153535327288081827730215967870884
372934121170845115806299676972666016636352769599690215021221049
542595672785931855162684471003744346204220035353912037383930954
206950214862073906531909108213443342514978962842361985716747738
481260974430550362508663547207309712980846971965377227798931602
005607250580075124074944481633922143981184927482819786551784785
477491987141384850422903839540905708420381372771356677035650410
817805206950321362335216927405310153409217618340788177356746467
490716166006532304389026397860655090053098724354456893156013299
424071122950154537715210519424455127953649712148722221937292891
598330017423979775925305013188378834948842322225073188163994389
356278171028754325887945588577427803907171663812579037981491484
455268858716299310145107332155547732645760359161842987083232375
688379171350730060267382922946870810307519460203764381386771073
337793125822573564355345771628040304809257859097472334139329040
722398600054482692961103936401275395398993974200219252689286225
649592791363695469832473144940942974942132087169636628129638461
913781146092107010330121199342649416664491303108984935353664018
312826831125065783864259065371970109072764293305347512973367169
294150478709492417781215349794994497323584451302100297203599935
765077305636969505399908912520048101200905696331443681791942479
635633891024862507733672493998017234516270488501494383437358264
400534814749574213288736484795895538438363782756014333777988161
268544624064941344161191089526533267616276602211308792116659243
794965348380302360642949819855410143115666017395185394260086731
985645866846354427301800222926075897671921983675295283651587155
218876983179990058531215186910377766768836542912474198260994345
356715294128238376121155556862104545838103551544049537184707263
632185327754865018110026213312284298609261121595730660239320774
767428009094626743221388052906430677112769640137359062510510506
235682413176515330307753589751345651474241674015174707208391018
699899932793649108926879247397058141528555439659542226039190592
658256373446764063595258389669815119839598866036837530420179903
281859455694125505190663028548695333776829846000318080938221300
381022143870574611813042519619164059704560351831217081516586473
565565405329284117486289570828567923000535258463770612805914520
355463899321278759063496278379758713525886182132522635770383962
027373853249083536804979900857015224833034395251973446533429946
525652360967428345505237397339023742618088717992837222853662934
392408957629131544421065736092054818421393658938677155428424772
751001667343577430936389484445647643771840738743794710078671510
704495546576262815661375507307637680806000318442962339778082333
113597875771369830128175716256716832872815119373366857894371090
977485812228681268241223172726811849752078634531074953317082601
531594402536453655244535879520347452134292489166445048043553522
819777219819718690548841768963987827047820661269214725486182478
596264342791902745034529947693679972172851654655917994717890678
856872785744700842897237782347630807409195129662383464278396538
650173246658501921440916946303712655811977007746825620351983187
829135910139978173036351737647067143839928102912244608483205189
832483488551310255397215831849316536707322731729954317507754756
347481273209566554318518795869781724917217008657680989083278308
382404377379744553425256887128988555131809670124978594542906096
273705906599707841727384207216055767890605651676945654901203881
657758619392309243629833895498572798745233980904998584674848503
995091093988342104246931136178759786118030961087743627649904146
551675455076136657259149933761143402437629102903841358885313125
911325448492258960071848511693901939854346494154837823383025313
687759900054437223329014625681840959988305225215853285998339903
365954189326966801632658993582346632470803240204297913574257554
985493728961920916507946719971214398325815539458351256480108898
868870568827112226287340357724184248032311730273384422206040156
092420795694932049438094024655625303033288241653020380060412884
443848841891293939859717656702115016113401211693555358649848029
415632382794475763150426857342698631165628009321645781654104118
990783962107586051450915265284224336472308804690884264125251265
847291340591951717542911526220022297569869279591246209643630570
521330992164222584376518891936303298512232829508061262005735655
542131835558382893181387959409623037927772303444234323415616035
585905023244752745026308698314141253963717544136118972691586507
167223080834352955784010872360273470011187861462331854394310570
584837704748060350045568850206027302222563976307389399850249781
551826799169941641455403299098131905066543581566576915290689081
862041384440914563552912420649017174364304734551913759229149532
829881518087400767334869976953228714507915844487039804057376735
557778735939378915771479560233407084563923141701183925552346181
197759156733859559192652706240637342777602158465110353680579633
207148969426633585703753058296766082242084654645585566678892226
276199902639617926374578516525409187566085438596612219442487204
249600000000000000000000000000000000000000000000000000000000000
000000000000000000000000000000000000000000000000000000000000000
000000000000000000000000000000000000000000000000000000000000000
000000000000000000000000000000000000000000000000000000000000000
000000000000000000000000000000000000000000000000000000000000000
000000000000000000000000000000000000000000000000000000000000000
000000000000000000000000000000000000000000000000000000000000000
000000000000000000000000000000000000000000000000000000000000000
000000000000000000000000000000000000000000000000000000000000000
000000000000000000000000000000000000000000000000000000000000000
000000000000000000000000000000000000000000000000000000000000000
00000000000000000000000000000000000000000000000000000000000

Pretty big number. But hey, that is not all. Even if the attacker by some miracle
had the right sequence of pixels (which is practically impossible),
all these pixels are XOR-ed with bytes from yet another pseudo random sequence,
regardless whether encryption was used or not while constructing an image.
XOR-ing a message with a pseudo random sequence can be considered light encryption,
which is very difficult to decrypt if the attacker doesn't know the initial position
of the random number generator which emitted the sequence.

To sum things up. There are three pseudo random generators in RandomX algorithm
involved in scrambling the message, each generator is initialized to a different value
which appears completely random to the attacker
(but each of these three values are precisely determined by the password,
so extraction of the message is possible only by the person who knows the password)
There are no eyecatchers and no backdoor left in a message generated by RandomX
algorithm. Without the right password it is impossible to extract a message even for me,
and I am the designer of the RandomX algorithm and creator of the Squirrel program.

Even in case when user makes big mistake and gives an attacker both pictures
(pure carrier and carrier with the message), the attacker won't be able to extract the message.

On average 12.5% of pixels in the message perfectly blend with the input picture
and therefore are impossible for the attacker to identify by means of differential analysis.
As a result the attacker is unable to precisely determine even the length of the message.
In practice the attacker would need to try way more than 3000! possibilities,
and I have doubts whether such an attack is even possible. Most probably it is not.

However when an attacker has both pictures originating from the user, he will suspect
that one of pictures may contain a message. He won't know which one,
and he won't even know whether these pixel differences are result of a message
being inserted, or maybe a random noise being inserted as a decoy. At this point suspicions arise,
but these are only suspicions, nothing is for certain.
However, at this point you may be tortured in some countries ( North Korea, others may follow ),
(yes, because of few subtle pixel differences, I know how ridiculous it may sound today)
so please don't keep both original carrier image and image copy with a message on your hard drive.

My advice is:
Please destroy or overwrite carrier image as soon as it has been used.
Use one carrier photo only once. Destroy the original picture.

I will now explain what happens if the user doesn't use password while using RandomX method.
The user will allow message extraction for anybody who is in possession of a copy of Squirrel program.
It may be desirable in some cases. A message becomes a secret hidden in a plain sight
accessible to everybody who knows where to look and has the right tool.
Maybe good for games one can play with their friends, with no real enemies involved.

Naive algorithm can be used exactly for the same purpose, except in this case message
has been inserted deliberately in such a naive way, that makes it likely to be discovered
by steganography detection tools. Still invisible to he naked eye though.
Good for playing games with your friends.

If there is enough interest generated by this program I will implement more cool features
such as insertion of image into image, insertion of files,
and other more serious "James Bond style" features,
but I don't want to reveal them at this point yet.

Now let's discuss other potential mistakes the user can do.
I have selected 12days.jpg.
Choosing JPG directly as a cover image is possible but it is far from ideal choice.
It will not provide plausible deniability. It is possible to detect existence of secret message
by using algorithmic methods and even by visual inspection if you know what to look for.
Don't get me wrong. It will NOT be possible to extract secret message if a password was used
for message insertion, but there could be a suspicion that something is hidden inside.
I am deliberately making a mistake here to demonstrate it.

I have opened 12days.jpg.
Here is how the 7th bit looks like in a plain file:

You can see black rectangles and rectangles with uniform stripes.
This image is not so bad, I have seen much worse JPGs with big white
or black areas in the 7th bit.
These features (rectangles) are typical for high compression JPG.
Ok, now I inserted message into 12days.jpg.

This is how the 7th bit now looks like. There are pseudo-random multi-coloured dots
inside black rectangles and inside striped rectangles if you look closely enough.
These could not be the result of JPG compression, so what are they?
Something else must be going on. Somebody tampered with an image,
inserting secret message perhaps?
Open image still looks good to the naked eye,
but it becomes suspicious because of those unusual dots inside JPG artifacts.

Now the naive method for comparison:

Well, it is obvious where the message is: on the top :-)
Use this method to tell the world that you are using steganography.
Open image still looks perfect to the naked eye, just like the original.