Skip to content

HIDEAGEM experimental steganography platform.

License

Notifications You must be signed in to change notification settings

CYBERGEM777/HIDEAGEM

Repository files navigation

 888    888 8888888 8888888b.  8888888888        d8888  .d8888b.  8888888888 888b     d888
 888    888   888   888  "Y88b 888              d88888 d88P  Y88b 888        8888b   d8888
 888    888   888   888    888 888             d88P888 888    888 888        88888b.d88888
 8888888888   888   888    888 8888888        d88P 888 888        8888888    888Y88888P888
 888    888   888   888    888 888           d88P  888 888  88888 888        888 Y888P 888
 888    888   888   888    888 888          d88P   888 888    888 888        888  Y8P  888
 888    888   888   888  .d88P 888         d8888888888 Y88b  d88P 888        888   "   888
 888    888 8888888 8888888P"  8888888888 d88P     888  "Y8888P88 8888888888 888       888
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
▄    ____ ______ ____                                      ▄                              ▄
█   /    /      \    \   HIDEAGEM STEGANOGRAPHY PLATFORM   █                  .     .     █
█  /___ /________\ ___\                                    █   .-.   .-.      '.___.'     █
█  \    \        /    /  ASTRAL SOFTWARE FROM THE FUTURE   █  (_  \ /  _)     .'   `.     █
█    \   \      /   /                                      █       |         :       :    █
█      \  \    /  /      COPYRIGHT 2024 WWW.CYBERGEM.NET   █       |         :       :    █
█        \ \  / /                                          █       |          `.___.'     █
█           \/           LET'S DO COMPUTER STUFF ALL DAY   █                              █
█                                                          █                              █
█ ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ █    ._____.         .--.      █
█ MMMMMSSSSSSSSSSSSSSSSSSSSSSSSSSddMMMMMSSSSSSMSSSSSSSSSS; █      | |          /   _`.    █
█ MMMMSSSSSSSSSSSSSSSSSMSSSSS; ;SSdMMMMSSSSSSMMSSSSSSSSSS, █      | |         (_) ( )     █
█ MMSSSSSSSMSSSSSMSSSSMMMSS."-.-":MMMMMSSSSMMMMSSMSSSMMSS  █     _|_|_       '.    /      █
█ MSSSSSSSMSSSSMMMSSMMMPTMM;"-/\":MMM^"     MMMSSMMMSSMM   █    '     '        `--'       █
█ SSSSSSSMMSSMMMMMMMMMP-.MMM :  ;.;P       dMMMMMMMMMP'    █                              █
█ SSMSSSMMMSMMMMMMMMMP   :M;`:  ;.'+"""t+dMMMMMMMMMMP      █                _             █
█ MMMSSMMMMMMMMPTMMMM"""":P `.\// '    ""^^MMMMMMMP'       █      .--.     ' `:--.--.     █
█ MMMMMMPTMMMMP="TMMMsg,      \/   db`c"  dMMMMMP"         █     (    )       |  |  |_    █
█ MMMMMM  TMMM   d$$$b ^          /T$; ;-/TMMMP'  Let's    █    (_)  /        |  |  | )   █
█ MMMMM; .^`M; d$P^T$$b          :  $$ ::MMMMP  hide some  █        (_,       |  |  |/    █
█ MMMMMM   .-+d$$   $$$;         ;. $$ ;;MMMP,    Gems !   █                       (J     █
█ MMMMMMb   _d$$$   $$$$         :$$$; :MMMMMMp.           █                              █
█ MMMMMM"  " T$$$._.$$$;          T$P.'MMMSSSSSSb          █                _             █
█ MMM`TMb   -")T$$$$$$P'       `._ ""  :MMSSSMMP'          █       __      ' `:--.--.     █
█ MMM / \    '  "T$$P"           /     :MMMMMMP'           █  ___.'  '.___    |  |  |     █
█ MMSb`. ;                      "      :MMMMMM'            █  ____________    |  |  |     █
█ MMSSb_lSSSb.             .___.       MMMMMP ,d88b.d88b,  █                  |  |  | .., █
█ MMMMSSSSSSSSb.                     .MMMMMM. 88888888888  █                        `--': █
█ MMMMMMMMMMMSSSb                  .dMMMMMMMP `Y8888888Y'  █                              █
█ MMMMMMMMMMMMMSS;               .dMMMMMMMMMM'  `Y888Y'    █         ...             _    █
█ MMMMGEMMAMMMMb`;"-.          .dMMMMMMMMMMP'     `Y'      █         .':     \      /_)   █
█ MMMMMMMMMMMMMMb:   `'--.___.dMMMMMMMMMPP'                █       .'         \    /`.    █
█ MMMMMMMMMMMMMMMb;           dMMMMMMMMPPR                 █   `..'            \  /   ;   █
█ ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄ █   .'`.             \/ __.'   █
█                                                          █                              █
█          ░░░░░░░░          ▒▒▒▒▒▒▒▒          ░░░░░░░░    █                              █
█       ▓▓▓░░ ████████    ███▒▒ ▓▓▓▓▓▓▓▓    ▓▓▓░░ ████████ █                 `-.    .-'   █
█    ▒▒▒▓▓ ░░ ██ ▒▒▒▒▒▒░░░██ ▒▒ ▓▓ ░░░░░░▒▒▒▓▓ ░░ ██+§¥µ██ █ .-"-._.-"-._.-     :  :      █
█ ███▒▒ ▓▓ ░░░██ ▒▒ ▓▓▓░░ ██ ▒▒▒▓▓ ░░ ███▒▒ ▓▓ ░░░██$@¢¶██ █ .-"-._.-"-._.-   --:--:--    █
█ ██ ▒▒ ▓▓▓▓▓▓███▒▒ ▓▓ ░░ ██████▓▓▓░░ ██ ▒▒ ▓▓▓▓▓▓████████ █                    :  :      █
█ ██ ▒▒▒▒▒▒▒▒    ▒▒▒▓▓ ░░░░░░░░    ░░░██ ▒▒▒▒▒▒▒▒          █                 .-'    `-.   █
█ ████████          ▓▓▓▓▓▓▓▓          ████████    CYBERGEM █                              █
▀                                                          ▀                              ▀
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀

HIDEAGEM

HIDEAGEM is an experimental tool for hiding files inside of images.

It's written in C++ and can be used via Python CLI and custom nodes in ComfyUI for Stable Diffusion.

WARNING: HIDEAGEM is experimental software! It may have unknown flaws or vulnerabilities. Use at own risk!

WARNING: HIDEAGEM has not yet been studied to determine its resistance to steganalysis (e.g. tools that calculate the probability of a hidden message being present in an image). So assume that it may be possible for adversaries to detect if an image is "suspicious."

For an in depth explanation of HIDEAGEM's algorithms and design, please see this post.

Development updates and support are available on Discord.

Objectives

Steganography is about hiding the presence of a message; it's about concealing the existence of communication.

HIDEAGEM aims to be a next-generation steganography platform, combining modern cryptographic and steganographic techniques in order to facilitate fast, secure, and robust information hiding in cover media.

In addition to pursuing the traditional objective of steganography (stealth communication), other security properties of hiding message bits in large bit collections are being explored.

Steganography Platform

HIDEAGEM is designed to be expandable and adaptable, a platform from which various steganographic algorithms and techniques can be launched to conceal data within a variety of cover media types.

New stego algorithms can be incorporated into the program over time in order to support more file types and leverage new techniques.

Features

List of general features and potential future development directions.

Current Features               |  Future Development
-------------------------------|---------------------------------------------------
Unicode passwords              |  Keyfiles
Tamper-proof Gem data          |  Mobile app
512-bit symmetric key          |  More stego algorithms
Secure Memory Handling         |  More cover media types
Multiple files per password    |  Split files across images
Multiple passwords per image   |  Web app (local execution)
Offline brute-force resistance |  Browser extension (e.g. context menu Gem extract)

Unicode Passwords

Use any crazy Unicode characters you want in your passwords: You can even use your favorite emojis; no one can stop you! 🐬

Tamper-Proof Gem Data

Note: The information below applies only to HIDEAGEM's current spatial domain algorithms that are compatible only with lossless image formats such as PNG, TIFF, and BMP.

If a Gem is successfully extracted and has the correct Gem Hash, then it is virtually guaranteed to be bit-for-bit the same Gem that you hid in the image.

If even a single bit of a Gem Pixel (a pixel that has Gem Data hidden inside of it) is corrupted then the Gem extraction will fail.

Tamper-proof comes at the cost of fragility: Small changes to Gem Images can make the data unrecoverable. They are fragile and can be broken by resizing, cropping, or mutating a pixel that contains Gem Data.

512-bit Symmetric Key

HIDEAGEM uses an experimental symmetric key system designed to work in concert with its steganographic algorithms.

The 512-bit key is generated using libsodium’s Argon2id password hashing function and the user supplied password.

Argon2id was selected because it offers configurable brute-force resistance parameters (such as memory requirements), and resistance to GPU brute-force attacks.

The Gem Data is encrypted using a 256-bit key derived from the 512-bit key, and is then hidden in the cover media using the 512-bit key. The 512-bit key must first be used to extract the entire encrypted Gem before the 256-bit key can be used to decrypt any of its bits.

You can learn more about the key system here.

NOTE:  The key's ultimate strength is only as strong as the password. A very
       long/random password is required to leverage all 512 bits of the key.

       To achieve 512 bits of entropy with a password using the ASCII character set,
       the password would have to be >= ~74 chars and each character perfectly random.

Secure Memory Handling

In order to try to mitigate potential side-channel attacks, libsodium's low level memory management functions are used to securely erase memory of keys, Gem files, and other sensitive data generated during the embed/extract processes.

It's also used to prevent sensitive data like keys from being swapped to disk.

Multiple Files Per Password

You can think of images as encrypted write-once file folders or archives.

You can hide any number of files in an image using a single password, limited only by the image's embed capacity. They'll all be extracted at once when the correct password is entered.

The Gem Stream has an overhead of 52 bytes, and each Gem File an overhead of 8 bytes.

HIDEAGEM tries to compress all Gem Files with miniz (zlib) before encrypting them, which can sometimes reduce the number of bytes embedded substantially.

The max file size per Gem File and max bytes that can be embedded per Ocean is 16 exabytes.

Multiple Passwords Per Image

HIDEAGEM currently supports hiding multiple sets of files using multiple passwords and a single image, however a UI hasn't been developed for using that feature yet.

The way it works is also a bit peculiar in that it's hierarchical: To access the next set of files you need all the passwords that came before it in addition to the file set's password.

So consider this a stealth feature that's probably not useful yet.

Offline Brute-Force Resistance

The Argon2id password hashing function is used to generate keys using the user supplied password.

The Master Key is generated using INTERACTIVE key parameters, which offers significant password brute-force resistance compared to using a regular hash function to generate the key.

Software Stack

HIDEAGEM is written in C++ and can be used in Python via a tiny API.

Custom nodes for ComfyUI Stable Diffusion platform are available, making it easy to integrate into 2D generative AI workflows.

The following external libraries are used:

libsodium

All cryptographic operations, such as Gem Data encryption, hashing, and random number generation are done using libsodium's functions.

Key Generation: BLAKE2b hashing function and Argon2id password hashing algorithm

Gem Data Encryption: XChaCha20-Poly1305 symmetric encryption algorithm (256-bit key + 192-bit nonce)

CSPRNG Implementation: BLAKE2b hash and XChaCha20 stream cipher (256-bit seed + 192-bit nonce)

Additionally, libsodium's low level memory management functions are used to manage sensitive data such as keys and Gem Files.

utf8proc

A small library for managing Unicode strings. It's used to normalize Unicode passwords so that they'll work consistently between systems.

miniz

Gem Data compression is attempted with miniz (zlib implementation) before encryption.

Potential Loss of Backwards Compatibility During Alpha

Hold on to old versions of HIDEAGEM in case you need to migrate data.

Small changes to HIDEAGEM's code during this early phase of development can break backwards compatibility. New versions of HIDEAGEM may not be able to extract Gems hidden with older versions.

This won't be an issue once the code is considered stable, as the version system will from then onwards be used to provide backwards compatibility with all previous versions.

ComfyUI Nodes

HIDEAGEM v.1 ships with with some nodes for ComfyUI. You can use them to hide Gems in your AI generated images, or any images saved on disk.

🚨 WARNING: ComfyUI's default save image node will reveal that HIDEAGEM was used in the PNG metadata !!!

It's important to use HIDEAGEM's SAVE IMAGE node, as it doesn't save that metadata to the output PNG Gem image.

The nodes come with some example workspaces showing how to use them.

When fiding Gems, the console window will require user input to save Gems to disk, so after you start a Gem find switch over to ComfyUI's console to see what the result was.

Building

How to compile HIDEAGEM and all dependencies from source:

Windows

Binaries will be produced in HIDEAGEM\bin

To test, install Python then:

pip install -r requirements.txt
python HIDEAGEM.py demo

Press CTRL + C to quit the demo.

Linux

First, install cmake and make, then:

git clone --recurse-submodules https://github.com/CYBERGEM777/HIDEAGEM
cd HIDEAGEM
make

Binaries will be produced in HIDEAGEM/bin

To test, install python3 then:

pip install -r requirements.txt
python HIDEAGEM.py demo

Press CTRL + C to quit the demo.

How To Use HIDEAGEM

After building, HIDEAGEM can be used via HIDEAGEM.py:

cd HIDEAGEM
pip install -r requirements.txt
python HIDEAGEM.py [ args ]

Hiding Gems

HIDEAGEM can hide Gems (files) inside of any other file, which HIDEAGEM calls a bit Ocean.

HIDEAGEM.py will try to detect if the input Ocean is an image file, and if so will use only the image's pixel bytes as the bit Ocean. The rest of the image file will be completely discarded and the Gem image will be saved to the specified output directory as a .png image with the same file name as the input image.

To hide a Gem, just pass HIDEAGEM an Ocean, one or more Gem Files, and a password. If no output directory is specified, then the Gem hide will proceed but the output won't be saved to disk.

python HIDEAGEM.py hide --ocean MORIA.JPEG --files RUBY.TXT EMERALD.TXT SAPPHIRE.TXT --output gem_images/ --password mellon

The Gem text files will be hidden inside of the pixel bytes copied from MORIA.JPEG, and the resulting Gem image MORIA.PNG will be saved to the directory gem_images.

If an RGBA image is used as the Ocean, the alpha channel bytes and the RGB bytes of any fully transparent pixels will not be written to.

Finding Gems

Finding Gems is simple ( if you have the password ! ):

python HIDEAGEM.py find --ocean MORIA.PNG --output gem_images/ --password mellon

HIDEAGEM will search for Gems in the Ocean MORIA.PNG with password "mellon" and if any are found save them to gem_images.

If Gem find is run without an output directory, the Gem Files will be extracted (if found) but nothing will be saved to disk.

Time Trap Gems

WARNING: Experimental feature !!! Use at own risk !

HIDEAGEM can place a Time Trap enchantment on Gems so that it's harder to brute-force the password.

Time Traps have a level from 0 to 7 that changes how long it takes to extract the Gem and verify the password.

Level 0 has no addtional time added: Gem embedding and extracting takes the same time as without a Time Trap.

Levels 1 - 7 have longer extraction times, with 1 being the shortest and 7 the longest.

When the correct password is entered, the Gem is extracted using the Time Trap level specified when hiding the Gem.

When an incorrect password is entered, a random Time Trap level is fished from the Ocean with a high probability of catching the slowest one:

LEVEL 7 = 50%      (1/2)
LEVEL 6 = 25%      (1/4)
LEVEL 5 = 12.5%    (1/8)
LEVEL 4 = 6.25%    (1/16)
LEVEL 3 = 3.125%   (1/32)
LEVEL 2 = 1.5625%  (1/64)
LEVEL 1 = 0.78125% (1/128)
LEVEL 0 = 0.39062% (1/256)

Around half of password brute-force attempts will select level 7, no matter which level was used to hide the Gem (even level 0).

It's possible to hide Gems that take less than a second to extract, but take several minutes to attempt a single password brute-force attempt on.

The price of the Time Trap is convenience: Accidentally entering the wrong password can cost a lot of time, so it's not suitable for use in contexts where immediate wrong password feedback is required.

Hiding a Time Trap Gem

To add a Time Trap to a Gem, just add the --timetrap flag, with an optional level from 0 to 7 (if none is specified, 0 is selected):

python HIDEAGEM.py hide --ocean MORIA.JPEG --files DIAMOND.TXT --output gem_images/ --password mellon --timetrap [level]

Finding a Time Trap Gem

To find a Time Trap Gem, just add the --timetrap flag (no need to include the level):

python HIDEAGEM.py find --ocean MORIA.PNG --output gem_images/ --password mellon --timetrap

Note that HIDEAGEM find does not automatically look for Time Trap gems unless asked to.

Demo Mode & Unit Tests

If you want to watch HIDEAGEM generate random Gem Seals by hiding random data in a random Ocean, you can run demo mode:

python HIDEAGEM.py demo

If you want to see HIDEAGEM hide and find Gems as fast as it can, you can run some unit tests:

python HIDEAGEM.py unit

Press CTRL + C to exit both modes.

License

HIDEAGEM is licensed under a permissive license + MAGIC AI LICENSE [ MAGIC-AL]