93420704e8
The code now explains itself like a friend teaching you crypto: - DCT module: Why mid-frequency? What's QIM? Why is scipy being weird? - Steganography: How LSB actually works with visual examples - Crypto: The multi-factor security model with ASCII art diagrams Also adds kickoff-pi-test.sh - one command to flash, wait, setup, test. No more manual steps between flashing and seeing if it works. Comments should teach, not just describe. If you're reading the code trying to understand how DCT steganography works, these comments should actually help. Novel concept, I know. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Stegasoo
A secure steganography system for hiding encrypted messages in images using hybrid authentication.
Features
- AES-256-GCM authenticated encryption
- Argon2id memory-hard key derivation (256MB RAM requirement)
- Pseudo-random pixel selection defeats steganalysis
- Multi-factor authentication: Reference photo + passphrase + PIN/RSA key
- Multiple interfaces: CLI, Web UI, REST API
- File embedding: Hide any file type (PDF, ZIP, documents)
- DCT steganography: JPEG-resilient embedding for social media
- Channel keys: Private group communication channels
Embedding Modes
| Mode | Capacity (1080p) | JPEG Resilient | Best For |
|---|---|---|---|
| DCT (default) | ~150 KB | Yes | Social media, messaging apps |
| LSB | ~750 KB | No | Email, direct file transfer |
Web UI
| Home | Encode | Decode | Generate |
|---|---|---|---|
 |
 |
 |
 |
Quick Start
# Install (Python 3.10-3.12)
pip install -e ".[all]"
# Generate credentials
stegasoo generate --pin --words 4
# Encode a message
stegasoo encode \
--ref my_photo.jpg \
--carrier meme.jpg \
--passphrase "apple forest thunder mountain" \
--pin 123456 \
--message "Secret message"
# Decode
stegasoo decode \
--ref my_photo.jpg \
--stego stego_image.png \
--passphrase "apple forest thunder mountain" \
--pin 123456
Interfaces
| Interface | Start Command | Documentation |
|---|---|---|
| CLI | stegasoo --help |
CLI.md |
| Web UI | cd frontends/web && python app.py |
WEB_UI.md |
| REST API | cd frontends/api && uvicorn main:app |
API.md |
Security Model
Reference Photo ──┐
(~80-256 bits) │
├──► Argon2id KDF ──► AES-256-GCM Key
Passphrase ───────┤ (256MB RAM)
(~43-132 bits) │
│
PIN ──────────────┤
(~20-30 bits) │
│
RSA Key ──────────┘
(optional)
| Configuration | Entropy | Use Case |
|---|---|---|
| 4-word passphrase + 6-digit PIN | ~153 bits | Standard security |
| 4-word passphrase + PIN + RSA | ~280+ bits | Maximum security |
Requirements
| Requirement | Version |
|---|---|
| Python | 3.10-3.12 |
| RAM | 512 MB+ |
Development
pip install -e ".[dev]"
pytest
black src/ tests/ frontends/
ruff check src/ tests/ frontends/
Docker
# Quick start
docker-compose up -d
# Access
# Web UI: http://localhost:5000
# REST API: http://localhost:8000
See DOCKER.md for full documentation.
Raspberry Pi
Pre-built SD card images available for Pi 4/5:
# Flash image (download from GitHub Releases)
zstdcat stegasoo-rpi-*.img.zst | sudo dd of=/dev/sdX bs=4M status=progress
# First boot runs interactive setup wizard:
# - WiFi configuration
# - HTTPS with port 443
# - Channel key generation
# - Optional overclocking
See rpi/README.md for manual installation.
Documentation
- INSTALL.md - Installation guide
- DOCKER.md - Docker deployment
- CLI.md - Command-line reference
- API.md - REST API documentation
- WEB_UI.md - Web interface guide
- SECURITY.md - Security model details
- UNDER_THE_HOOD.md - Technical deep-dive
- CHANGELOG.md - Version history
- CONTRIBUTING.md - Contributor guide
License
MIT License - see LICENSE. Use responsibly.
This tool is for educational and legitimate privacy purposes. Users are responsible for complying with applicable laws.