This repository has been archived by the owner on Sep 11, 2018. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 23
/
README.hide-and-seek
76 lines (54 loc) · 2.87 KB
/
README.hide-and-seek
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
*** D A N G E R O U S ***
*** M U N I T I O N S ***
These programs make use of strong encryption technology.
Possession, import or export may be illegal in your country.
They are licenced under GPL and you use them at your own risk.
Hide and Seek for Linux
These two programs let you hide a file in a jpeg file and then
let you recover it later.
There are many similar programs but "jphide" and "jpseek" have
a big advantage over any others I have seen. They distribute the
hidden file in the jpeg so that not only are the visual effects
minimized but also the statistical effects. Simple programs which
store the hidden file in low order bits result in jpeg files which
are so statistically different from normal jpeg files that the
hidden file can be recovered with ease.
"jphide" uses the Blowfish algorithm to provide a stream of
pseudo random control bits which determine where to store the
bits of the hidden file. The program asks for a pass phrase to
initialize this stream. Although the hidden file is "encrypted"
by this process I strongly recommend that you encrypt the hidden
file before insertion into the jpeg.
Using jpeg files of about 200Kb, up to 20Kb can be inserted with
minimal visual and statistical effect. Up to about 35Kb is often
possible at the cost of visual and/or statistical effects. The
program will refuse to insert even more because it is just too
obvious in the resulting jpeg file.
Note that if the original jpeg file is available then a hidden
file can always be detected (but it cannot be extracted without
the pass phrase). Always use originals that you have scanned
yourself and destroy the original afterwards. A reasonable
alternative if you have access to very high quality jpegs is to
make a cropped and lower quality version of about 200 to 300Kb;
again this must be destroyed after making the jpeg containing
the hidden file.
Instructions
jphide input-jpeg-file output-jpeg-file file-to-be-hidden
jpseek input-jpeg-file output-hidden-file
Building the programs
Just type make.
Install "jphide" and "jpseek" in your /usr/local/bin or wherever.
Conclusion
This pair of programs offers you the ability to hide a file in such a
way that you can later deny that the resulting jpeg contains a hidden
file. Always use original scans and destroy them afterwards. Do not
try to hide more than about 10% of the file. If you are paranoid you
can keep jphide and jpseek on a floppy and be prepared to physically
destroy it. It is then even more difficult to prove that you have
anything other than normal jpegs.
If you decide to improve these programs please make the results
public domain and post them so that others can enjoy them. The security
of your own hidden files does not depend on keeping your modifications
secret.
Revision 0.3 Allan Latham <[email protected]>
Revised 2012/02/03 by Dan Church <[email protected]>