alee/stegasoo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
38 Commits 6 Branches 15 Tags
1c9c51e016642390ee7bfe39f1f7ee1fbcaf3b36
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE

README.md

Stegasoo

A secure steganography system for hiding encrypted messages in images using hybrid authentication.

Python License Security

Features

  • 🔐 AES-256-GCM authenticated encryption
  • 🧠 Argon2id memory-hard key derivation (256MB RAM requirement)
  • 🎲 Pseudo-random pixel selection defeats steganalysis
  • 📅 Daily key rotation with BIP-39 passphrases
  • 🔑 Multi-factor authentication: PIN, RSA key, or both
  • 🖼️ Reference photo as "something you have"
  • 🌐 Multiple interfaces: CLI, Web UI, REST API

Installation

From PyPI (coming soon)

# Core library only
pip install stegasoo

# With CLI
pip install stegasoo[cli]

# With Web UI
pip install stegasoo[web]

# With REST API
pip install stegasoo[api]

# Everything
pip install stegasoo[all]

From Source

git clone https://github.com/example/stegasoo.git
cd stegasoo

# Install with all extras
pip install -e ".[all]"

Docker

# Web UI only
docker-compose up web

# REST API only
docker-compose up api

# Both
docker-compose up

Quick Start

Python Library

import stegasoo

# Generate credentials
creds = stegasoo.generate_credentials(use_pin=True, use_rsa=False)
print(f"Today's phrase: {creds.phrases['Monday']}")
print(f"PIN: {creds.pin}")

# Encode a message
with open('secret_photo.jpg', 'rb') as f:
    ref_photo = f.read()
with open('meme.png', 'rb') as f:
    carrier = f.read()

result = stegasoo.encode(
    message="Meet at midnight",
    reference_photo=ref_photo,
    carrier_image=carrier,
    day_phrase="apple forest thunder",
    pin="123456"
)

with open('stego.png', 'wb') as f:
    f.write(result.stego_image)

# Decode a message
message = stegasoo.decode(
    stego_image=result.stego_image,
    reference_photo=ref_photo,
    day_phrase="apple forest thunder",
    pin="123456"
)
print(message)  # "Meet at midnight"

CLI

# Generate credentials
stegasoo generate --pin --words 3

# With RSA key
stegasoo generate --rsa --rsa-bits 4096 -o mykey.pem -p "secretpassword"

# Encode
stegasoo encode \
  --ref photo.jpg \
  --carrier meme.png \
  --phrase "apple forest thunder" \
  --pin 123456 \
  --message "Secret message"

# Decode
stegasoo decode \
  --ref photo.jpg \
  --stego stego.png \
  --phrase "apple forest thunder" \
  --pin 123456

# Pipe-friendly
echo "secret" | stegasoo encode -r photo.jpg -c meme.png -p "words" --pin 123456 > stego.png
stegasoo decode -r photo.jpg -s stego.png -p "words" --pin 123456 -q

Web UI

# Development
cd frontends/web
python app.py

# Production
gunicorn --bind 0.0.0.0:5000 app:app

Visit http://localhost:5000

REST API

# Development
cd frontends/api
python main.py

# Production
uvicorn main:app --host 0.0.0.0 --port 8000

API docs at http://localhost:8000/docs

Example API Calls

# Generate credentials
curl -X POST http://localhost:8000/generate \
  -H "Content-Type: application/json" \
  -d '{"use_pin": true, "use_rsa": false}'

# Encode (multipart)
curl -X POST http://localhost:8000/encode/multipart \
  -F "message=Secret" \
  -F "day_phrase=apple forest thunder" \
  -F "pin=123456" \
  -F "reference_photo=@photo.jpg" \
  -F "carrier=@meme.png" \
  --output stego.png

# Decode (multipart)
curl -X POST http://localhost:8000/decode/multipart \
  -F "day_phrase=apple forest thunder" \
  -F "pin=123456" \
  -F "reference_photo=@photo.jpg" \
  -F "stego_image=@stego.png"

Security Model

Component Entropy Purpose
Reference Photo ~80-256 bits Something you have
Day Phrase (3 words) ~33 bits Something you know (rotates daily)
PIN (6 digits) ~20 bits Something you know (static)
RSA Key (2048-bit) ~128 bits Something you have
Combined 133-400+ bits Beyond brute force

Attack Resistance

Attack Protection
Brute force 2^133+ combinations
Rainbow tables Random salt per message
Steganalysis Random pixel selection
GPU cracking Argon2id requires 256MB RAM per attempt
Side-channel Constant-time operations in crypto

Project Structure

stegasoo/
├── src/stegasoo/           # Core library
│   ├── __init__.py         # Public API
│   ├── constants.py        # Configuration
│   ├── crypto.py           # Encryption/decryption
│   ├── steganography.py    # Image embedding
│   ├── keygen.py           # Credential generation
│   ├── validation.py       # Input validation
│   ├── models.py           # Data classes
│   ├── exceptions.py       # Custom exceptions
│   └── utils.py            # Utilities
│
├── frontends/
│   ├── web/                # Flask web UI
│   ├── cli/                # Command-line interface
│   └── api/                # FastAPI REST API
│
├── data/
│   └── bip39-words.txt     # BIP-39 wordlist
│
├── pyproject.toml          # Package configuration
├── Dockerfile              # Multi-stage Docker build
└── docker-compose.yml      # Container orchestration

Configuration

Environment Variables

Variable Default Description
FLASK_ENV production Flask environment
PYTHONPATH - Include src/ for development

Limits

Limit Value
Max image size 4 megapixels
Max message size 50 KB
Max file upload 5 MB
PIN length 6-9 digits
Phrase length 3-12 words
RSA key sizes 2048, 3072, 4096 bits

Development

# Install dev dependencies
pip install -e ".[dev]"

# Run tests
pytest

# Format code
black src/ frontends/
ruff check src/ frontends/

# Type checking
mypy src/

License

MIT License - Use responsibly.

⚠️ Disclaimer

This tool is for educational and legitimate privacy purposes only. Users are responsible for complying with applicable laws in their jurisdiction.

Reference in New Issue View Git Blame Copy Permalink
Description
Stegasoo DCT/LSB steganography toolkit.
Readme 48 MiB
Languages
Python 61.8%
HTML 19%
Shell 10.1%
JavaScript 5.1%
CSS 3.5%
Other 0.5%