{% extends "base.html" %} {% block title %}About - Stegasoo{% endblock %} {% block content %}
About Stegasoo

Stegasoo is a steganography tool that hides encrypted messages and files inside ordinary images using multi-factor authentication.

Features
  • Text & File Embedding
    Hide messages or any file type (PDF, ZIP, documents)
  • Multi-Factor Security
    Combines photo + passphrase + PIN/RSA key
  • AES-256-GCM Encryption
    Authenticated encryption with integrity verification
  • LSB & DCT Modes
    Choose capacity (LSB) or JPEG resilience (DCT)
  • Random Pixel Embedding
    Key-derived selection defeats statistical analysis
  • Large Image Support
    Up to {{ max_payload_kb }} KB payload, tested with 14MB+ images
  • Zero Server Storage
    Nothing saved, files auto-expire
  • QR Code Keys
    Import/export RSA keys via QR codes
Embedding Modes

Stegasoo supports two embedding modes, each optimized for different use cases.

LSB Mode Default

LSB (Least Significant Bit) embeds data in the lowest bit of each color channel. Changing the LSB changes pixel values by at most 1, which is imperceptible to the human eye.

  • Capacity: ~375 KB per megapixel
  • Output: PNG (lossless)
  • Color: Full color preserved
  • Speed: Fast (~0.5s)
Email attachments
Cloud storage (Dropbox, Drive)
Direct file transfer
Social media (recompresses)
DCT Mode

DCT (Discrete Cosine Transform) embeds data in frequency coefficients rather than raw pixels. This survives JPEG recompression because coefficients are preserved during re-encoding.

  • Capacity: ~75 KB per megapixel
  • Output: JPEG or PNG
  • Color: Color or grayscale
  • Speed: Slower (~2s)
Instagram, Facebook
WhatsApp, Signal, Telegram
Twitter/X
Any platform that recompresses
Comparison
Aspect LSB Mode DCT Mode
Capacity (1080p) ~770 KB ~50 KB
Survives JPEG ❌ No ✅ Yes
Social Media ❌ Broken ✅ Works
Detection Resistance Moderate Better
Dependencies Pillow, NumPy + scipy, jpegio
Auto-Detection: When decoding, Stegasoo automatically detects whether LSB or DCT mode was used. You don't need to specify the mode during decoding.
How Security Works

Stegasoo uses multi-factor authentication to derive encryption keys:

Reference Photo
Something you have
~80-256 bits
Passphrase
Something you know
~44 bits (4 words)
Static PIN
Something you know
~20 bits (6 digits)
RSA Key
Something you have (optional)
~128 bits
Combined entropy: 144-424+ bits depending on configuration. For reference, 128 bits is considered computationally infeasible to brute force.
Key Derivation

{% if has_argon2 %} Argon2id Using Argon2id with 256MB memory cost — memory-hard KDF that makes GPU/ASIC attacks infeasible. {% else %} Argon2 Not Available Falling back to PBKDF2-SHA512 with 600,000 iterations. Install argon2-cffi for stronger security. {% endif %}

Version History
Version Changes
4.0.0 Simplified auth (no date dependency), passphrase replaces day_phrase, 4-word default, JPEG normalization fix, large image support (14MB+ tested), subprocess isolation for stability, Python 3.10-3.12 required
3.2.0 Single passphrase (removed day-of-week rotation), increased default words
3.0.0 DCT steganography mode, JPEG output, color preservation option
2.2.0 QR code RSA key import/export
2.1.0 File embedding, compression support
2.0.0 Web UI, REST API, RSA key support
1.0.0 Initial release, CLI only, LSB mode
Compatibility: v4.0 cannot decode messages from v3.1 or earlier (different format). Messages encoded with v3.2 should decode correctly.
Usage Guide

  1. Both parties agree on a reference photo (shared secretly, never transmitted)
  2. Go to Generate and create credentials
  3. Memorize the passphrase and PIN
  4. If using RSA, download and securely store the key file
  5. Share credentials with your contact through a secure channel

  1. Go to Encode
  2. Choose your embedding mode:
    • LSB – for email, cloud storage, direct transfer
    • DCT – for social media (Instagram, WhatsApp, etc.)
  3. Upload your reference photo and carrier image
  4. Enter your message or select a file to embed
  5. Enter your passphrase and PIN/key
  6. Download the resulting stego image
  7. Send through any channel!

  1. Go to Decode
  2. Upload your reference photo (same one used for encoding)
  3. Upload the stego image you received
  4. Enter your passphrase
  5. Enter your PIN and/or RSA key
  6. View the decoded message or download the extracted file
Auto-detection: Stegasoo automatically detects LSB vs DCT mode.
Limits & Specifications
Max text message 2 million characters
Max file payload {{ max_payload_kb }} KB
Max carrier image 24 megapixels (~6000×4000)
LSB capacity ~375 KB/megapixel
DCT capacity ~75 KB/megapixel
Max upload size 30 MB
Temp file expiry 5 minutes
PIN length 6-9 digits
RSA key sizes 2048, 3072, 4096 bits
Passphrase length 3-12 words (BIP-39, recommended: 4+ words)
Python version 3.10-3.12 (3.13 not supported)

Stegasoo v{{ version }} • Open Source • Built with Python, Flask, and cryptography

{% endblock %}