How I redesigned LSB steganography algorithm?
I always wanted to create software which could be used by professionals in their work, something used by cybersecurity experts. It was kind of motivation.
In November of 2017 I wrote a steganography software called Image Cipher which embed data into image. But it had one little issue, data which were embedded, became visible on image. It was not my target, but for that time it was totally okay for me.
What was wrong with that old implementation?
Main idea was to create algorithm which would embed data into green channel of every 13th pixel whilst zeroing red and blue colors of given pixel (because pixel consists of three colors — RGB — red, green, blue). I called it Single Color Encryption. Why I used 13 as a delimiter? Well… I was born on 13th of September.
As you can see, there are small green pixels on image, that store some data. One byte per one pixel. I was happy that at least it worked, but it did not satisfied me in 100%, as my experience was not as huge as it is now, consequently it was everything what I could do. I was 18 years old and I did not have enough knowledge in steganography field to upgrade it with some better solutions, so I paused this project development and I focused on some other ideas.
Resuming project development
It’s May of 2019, I started looking into my old projects published on GitHub and I found some places which I can upgrade or repair. One of the projects which needed some changes was of course Image Cipher.
First of all, I decided to add one more steganography algorithm — Multi Color Encryption. It was not very hard to implement, because it was just a better version of Single Color Encryption.
Multi Color Encryption also encodes data in single channel, but with a few differences:
- it encodes one byte in blue color
- it does not resetting other color values (red, green), it keeps them
- it encodes every pixel (not every 13th)
Main benefit from implementing those changes was increased steganography security and encryption effects were not as much visible as in Single Color Encryption. This technique provides also a way of storing larger (than it was before) data chunks in image.
Designing new algorithm
Previous algorithms could store one character (one byte) of data in one pixel. Of course it meant that if I have photo saved in Full HD I could encrypt 1920*1080 bytes of information. It was nice result, but for me it seemed not secure enough. Why? Because I could see a difference when comparing two images (before and after encryption). I had to figure out something new, something stealthier.
I had some ideas of what I can do in order to achieve my target of encrypting data without visible (to human eye) changes. I remember that it was late evening and I was very sleepy so I decided to move thinking to next day.
Next day
I went to lecture at 8:00 AM and as always I really did not have much clue of what I can do on it, then I reminded myself that I should think about solving this problem with encryption. Only what I had in my bag was notebook from Programming and a pen. I did not wait anymore, I just wanted to copy the idea from my mind and paste it onto paper. I started thinking and writing at the same time.
After I wrote it (I know that I have terrible style of writing — this is why I prefer keyboard), I looked at it and I told myself:
“pretty nice”.
I wanted to come home and test it on my personal computer. I had many thoughts that it would’t run as intended, or that somewhere in my program I will get nightmarious NullPointerException. Fortunately I was coming home with my friend Nikodem that I live with, so I was not really able to think a lot about potential problems and I could focus on choosing which kind of pizza I will order.
We came home, he took a nap and then I ran IntelliJ IDEA (software which I used to to use to programming) and started coding (in Java) or I should say: copying from paper. It was beautiful feeling that after making a few changes after copying that pseudocode, it worked. It was “WOW” feeling, algorithm was perfect!
Unfortunately, few minutes after I wrote that encryption mechanism I had to go out for another lecture at university. Fortunately, lecturer has not come so I was able to come home earlier than usually and create decryption mechanism and some documentation.
I remember that two days later I wanted to ensure myself that this solution still works and I was looking into image (with data already encrypted) for a couple of minutes and I couldn’t find any difference. I run my decrypter (algorithm which decrypts data) and of course it correctly read embedded text. Seeing it, I downloaded new image to test, because I had not believed. I did whole encryption/decryption process again and it still worked, so I can say I pranked myself.
Theory
I called that algorithm Low Level Bit Encryption (LLBE). Making decryption one was not that hard, it was just reversed encryption.
I know that there is LSB (Least Significant Bit) algorithm of embedding data into images, but I redesigned it. In LLBE every second pixel imitates blue value of the next one with keeping original values from itself of red and green channel. What LSB and LLBE have in common is way of changing color values, both of them operate on least significant bit. The one disadvantage of LLBE is that it can store only x bytes of data calculated using formula presented below.
Despite that limitation I think that secure transferring data from one person to another is much more important than capacity of envelope.
Next steps
After I have done some tests with LLBE I thought it cannot be end of my journey with this project. Thinking so I started implementing RSA encryption that uses LLBE, something asymmetrical.