alee/stegasoo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
cf55acaf5a8c193190019078aee58cdf36d730d8
stegasoo/SECURITY.md
Aaron D. Lee 37a60d7174 Add CI/CD workflows and security policy
2025-12-30 00:08:22 -05:00

8.5 KiB
Raw Blame History

Security Policy

Supported Versions

Version Supported
2.x.x
1.x.x

Reporting a Vulnerability

Please do not report security vulnerabilities through public GitHub issues.

Instead, please email: security@example.com (replace with your email)

Include:

  • Description of the vulnerability
  • Steps to reproduce
  • Potential impact
  • Any suggested fixes

You should receive a response within 48 hours. We'll work with you to understand and address the issue.

Threat Model

What Stegasoo Protects

Stegasoo is designed to hide the existence of a secret message within an ordinary-looking image, protected by multi-factor authentication.

Protection Goals

Goal How It's Achieved
Confidentiality AES-256-GCM encryption with Argon2id key derivation
Steganography LSB embedding with pseudo-random pixel selection
Authentication Multi-factor: reference photo + passphrase + PIN (or RSA key)
Integrity GCM authentication tag detects tampering

Security Factors

Stegasoo combines multiple authentication factors:

┌─────────────────────────────────────────────────────────────┐
│                     Key Derivation                          │
│                                                             │
│  Reference Photo ─────┐                                     │
│  (something you have) │                                     │
│                       ├──► Argon2id ──► AES-256 Key         │
│  Day Passphrase ──────┤    (256MB RAM)                      │
│  (something you know) │                                     │
│                       │                                     │
│  PIN or RSA Key ──────┘                                     │
│  (second factor)                                            │
└─────────────────────────────────────────────────────────────┘

What Stegasoo Does NOT Protect Against

1. Statistical Steganalysis

Risk: Advanced analysis can detect that an image contains hidden data.

Reality: LSB steganography is detectable by:

  • Chi-square analysis
  • RS analysis
  • Machine learning classifiers

Mitigation: Stegasoo uses pseudo-random pixel selection (not sequential), which helps but doesn't eliminate detectability.

Recommendation: Don't rely on Stegasoo if your adversary has:

  • Access to the original carrier image
  • Sophisticated forensic tools
  • Motivation to analyze your specific images

2. Compromised Endpoints

Risk: If your device is compromised, the attacker can capture credentials.

Not protected:

  • Keyloggers capturing your PIN/passphrase
  • Screen capture of decoded messages
  • Memory scraping during encode/decode
  • Malware on sender or receiver device

Recommendation: Use on trusted devices only.

3. Reference Photo Exposure

Risk: The reference photo is a critical secret.

If leaked: Attacker only needs to guess/brute-force the passphrase + PIN.

Recommendation:

  • Never share the reference photo
  • Use a unique photo (not posted online)
  • Store securely (encrypted drive, password manager)

4. Weak Credentials

Risk: Short PINs or common passphrases can be brute-forced.

PIN Length Combinations Time to Brute Force*
4 digits 10,000 Seconds
6 digits 1,000,000 Minutes
8 digits 100,000,000 Hours
9 digits 1,000,000,000 Days

*With Argon2 (256MB RAM, 4 iterations), each attempt takes ~1 second, making brute force slow but not impossible for short PINs.

Recommendation:

  • Use 8+ digit PINs
  • Use 4+ word passphrases
  • Consider RSA keys for high-security use cases

5. Image Modification

Risk: Lossy compression destroys hidden data.

Data is destroyed by:

  • JPEG compression
  • Resizing
  • Filters/effects
  • Screenshots
  • Social media upload (Instagram, Twitter, etc.)

Recommendation:

  • Always use lossless formats (PNG, BMP)
  • Transfer files directly (email, Signal, USB)
  • Never upload stego images to social media

6. Metadata Leakage

Risk: The stego image itself may reveal information.

Potential leaks:

  • File creation timestamp
  • Camera EXIF data (if carrier has it)
  • File size changes

Mitigation: Stegasoo strips EXIF on output, but timestamps remain.

7. Traffic Analysis

Risk: The act of sending an image may be suspicious.

Not protected:

  • Network observers seeing you send image files
  • Email metadata showing sender/receiver
  • Frequency analysis of communications

Recommendation: Use alongside normal image-sharing behavior.

Cryptographic Details

Encryption

Component Algorithm Parameters
Key Derivation Argon2id 256MB RAM, 4 iterations, 4 parallelism
Fallback KDF PBKDF2-SHA256 600,000 iterations
Encryption AES-256-GCM 12-byte IV, 16-byte tag
Photo Hash SHA-256 Full image bytes

Pixel Selection

Pixels are selected pseudo-randomly using a key derived from:

pixel_key = SHA256(photo_hash || passphrase || date || pin/rsa_signature)

This prevents:

  • Sequential embedding patterns
  • Statistical detection of modified regions

Format

┌──────────────────────────────────────────────────────────────┐
│ Magic (4B) │ Version (1B) │ Date (10B) │ Salt (32B) │ IV (12B) │
├──────────────────────────────────────────────────────────────┤
│ Encrypted Payload (AES-256-GCM)                              │
│ ├── Type (1B): 0x01=text, 0x02=file                          │
│ ├── Length (4B)                                              │
│ ├── Data (variable)                                          │
│ └── [Filename if file] (variable)                            │
├──────────────────────────────────────────────────────────────┤
│ GCM Auth Tag (16B)                                           │
└──────────────────────────────────────────────────────────────┘

Best Practices

For Maximum Security

  1. Use RSA keys instead of PINs for authentication
  2. Use unique reference photos not available online
  3. Use long passphrases (4+ random words)
  4. Transfer via secure channels (Signal, encrypted email)
  5. Delete stego images after message is read
  6. Keep software updated for security fixes

For Casual Privacy

  1. 6-digit PIN is sufficient for non-adversarial use
  2. 3-word passphrase provides reasonable security
  3. PNG format always for output
  4. Direct file transfer (email attachment, AirDrop)

Known Limitations

Limitation Impact Status
LSB is detectable Statistical analysis can detect hidden data By design (tradeoff for capacity)
No forward secrecy Compromised key decrypts all messages Use different keys per message for high security
Date in header Reveals when message was encoded By design (enables day-specific passphrases)
No deniability Single password = single message Future: plausible deniability layers

Security Audit Status

This software has not been professionally audited. Use at your own risk for sensitive applications.

If you're a security researcher interested in auditing Stegasoo, please reach out.

Version History (Security Relevant)

Version Security Changes
2.2.0 Added compression (no security impact)
2.1.0 Upgraded to Argon2id, increased iterations
2.0.0 Added RSA key support
1.0.0 Initial release
Reference in New Issue View Git Blame Copy Permalink