Strong data encryption in PNG
Good morning Habra. I read an article about hash-steganography through social networks yesterday, and it occurred to me to make something more optimal in terms of the amount of output data. It turned out something more or less efficient and even optimized (unlike the proof-of-concept romabibi ), therefore, as promised , I am writing an article.
Well, say hello to you again:
and welcome under cat.
I decided to implement the idea asstupidly as simple as possible, therefore I will briefly describe the encryption algorithm:
The string (in the form of bytes) is written by a square in the upper left corner of the image, merging with white noise. The result is something like some kind of texture - for example, a stone from the game Minecraft. Judge for yourself:
')
Of course, it is not difficult to understand that this is a cipher, but without an algorithm, it is not so easy to decipher it (after all, an AES key is needed, and not every format with prefixes and double compression will need to be recovered).
Well, we got the picture. What to do with it now? Send to the recipient, of course. True, he should know the key and the algorithm (or script) for decryption in advance. And everything would even be good, if not for one “but”. And this “but” is compression.
Obviously, to keep the original images of social. networks is not profitable. VK, for example, even converts PNG to JPG, using not the smallest compression ratio. And, since we use specific values ​​of bytes (0-255), losing them will not lead to anything good. The solution is to send the received images as documents (files).
I rolled out a deployed script in line 101 with exceptions and displaying progress and runtime in stderr. You can always find it in the repository. Most likely, I will be gradually refining it, although lately I have divorced enough projects (including those for habrastaty).
True, I think this article (which grew out of the commentary) has exhausted itself. I would be glad to hear the suggestions of other algorithms, and helpfully code them for you, adding to the same script.
Thanks again romabibi for the idea; adios.
Well, say hello to you again:
and welcome under cat.I decided to implement the idea as
- Key fitting to a multiple of 16 (for AES encryption)
- Compress raw data using zlib
- Fits in length 16 and encrypts compressed data
- Re-compress encrypted data
- Calculating the MD5 hash from the encryption key for comparison when decrypting
- Finding the minimum number of '\ 0' that are not found in a row in the text for use as a data separator and white (literally) noise
- Preparing a grayscale image and filling it with random data
- Write a string (data_length + MD__length_key + MD5_key + data) on top of noise
The string (in the form of bytes) is written by a square in the upper left corner of the image, merging with white noise. The result is something like some kind of texture - for example, a stone from the game Minecraft. Judge for yourself:
')
Of course, it is not difficult to understand that this is a cipher, but without an algorithm, it is not so easy to decipher it (after all, an AES key is needed, and not every format with prefixes and double compression will need to be recovered).
Well, we got the picture. What to do with it now? Send to the recipient, of course. True, he should know the key and the algorithm (or script) for decryption in advance. And everything would even be good, if not for one “but”. And this “but” is compression.
Obviously, to keep the original images of social. networks is not profitable. VK, for example, even converts PNG to JPG, using not the smallest compression ratio. And, since we use specific values ​​of bytes (0-255), losing them will not lead to anything good. The solution is to send the received images as documents (files).
I rolled out a deployed script in line 101 with exceptions and displaying progress and runtime in stderr. You can always find it in the repository. Most likely, I will be gradually refining it, although lately I have divorced enough projects (including those for habrastaty).
True, I think this article (which grew out of the commentary) has exhausted itself. I would be glad to hear the suggestions of other algorithms, and helpfully code them for you, adding to the same script.
Thanks again romabibi for the idea; adios.
Source: https://habr.com/ru/post/351858/
All Articles