aac8037c04
- Fix block calculation mismatch in DCT extract (use original dimensions) - Change default dct_color_mode from "grayscale" to "color" - Update DCT test to use noise image instead of solid color - Remove debug logging from encode/decode paths The block calculation fix ensures extract uses the same block positions as embed for images whose dimensions aren't divisible by 8. This was causing decode failures on the Pi web UI with 1195x671 images. Color mode is now the default since it preserves the original image colors. The test fixture now uses a random noise image because solid color images cause coefficient drift during YCbCr/RGB conversion that can corrupt embedded data. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Stegasoo
A secure steganography system for hiding encrypted messages in images using hybrid authentication.
Features
- AES-256-GCM authenticated encryption
- Argon2id memory-hard key derivation (256MB RAM requirement)
- Pseudo-random pixel selection defeats steganalysis
- Multi-factor authentication: Reference photo + passphrase + PIN/RSA key
- Multiple interfaces: CLI, Web UI, REST API
- File embedding: Hide any file type (PDF, ZIP, documents)
- DCT steganography: JPEG-resilient embedding for social media
- Channel keys: Private group communication channels
Embedding Modes
| Mode | Capacity (1080p) | JPEG Resilient | Best For |
|---|---|---|---|
| DCT (default) | ~150 KB | Yes | Social media, messaging apps |
| LSB | ~750 KB | No | Email, direct file transfer |
Web UI
| Home | Encode | Decode | Generate |
|---|---|---|---|
 |
 |
 |
 |
Quick Start
# Install (Python 3.10-3.12)
pip install -e ".[all]"
# Generate credentials
stegasoo generate --pin --words 4
# Encode a message
stegasoo encode \
--ref my_photo.jpg \
--carrier meme.jpg \
--passphrase "apple forest thunder mountain" \
--pin 123456 \
--message "Secret message"
# Decode
stegasoo decode \
--ref my_photo.jpg \
--stego stego_image.png \
--passphrase "apple forest thunder mountain" \
--pin 123456
Interfaces
| Interface | Start Command | Documentation |
|---|---|---|
| CLI | stegasoo --help |
CLI.md |
| Web UI | cd frontends/web && python app.py |
WEB_UI.md |
| REST API | cd frontends/api && uvicorn main:app |
API.md |
Security Model
Reference Photo ──┐
(~80-256 bits) │
├──► Argon2id KDF ──► AES-256-GCM Key
Passphrase ───────┤ (256MB RAM)
(~43-132 bits) │
│
PIN ──────────────┤
(~20-30 bits) │
│
RSA Key ──────────┘
(optional)
| Configuration | Entropy | Use Case |
|---|---|---|
| 4-word passphrase + 6-digit PIN | ~153 bits | Standard security |
| 4-word passphrase + PIN + RSA | ~280+ bits | Maximum security |
Requirements
| Requirement | Version |
|---|---|
| Python | 3.10-3.12 |
| RAM | 512 MB+ |
Development
pip install -e ".[dev]"
pytest
black src/ tests/ frontends/
ruff check src/ tests/ frontends/
Documentation
- INSTALL.md - Installation guide
- CLI.md - Command-line reference
- API.md - REST API documentation
- WEB_UI.md - Web interface guide
- SECURITY.md - Security model details
- UNDER_THE_HOOD.md - Technical deep-dive
- CHANGELOG.md - Version history
- CONTRIBUTING.md - Contributor guide
License
MIT License - see LICENSE. Use responsibly.
This tool is for educational and legitimate privacy purposes. Users are responsible for complying with applicable laws.