A secure steganographic system equipped with AES encryption and advanced payload distribution based on a chaotic system. Chaos_LSB supports all Unicode-supported lanaguages.
Check out the live site at bit.ly/chaos
Sensitive informaiton, such as banned books and protest organization communications, require secure channels to evade private or state survillence. However, public access to secure communication channels is under threat for people all around the world.
Earlier in March, US senators introduced the EARN IT act that is meant to combat child sexual exploitation online, but could potentially erode strong end-to-end encryption as we know it.
On the other side of the world, mobile phones of arrested protesters in Hong Kong are being forcibly unlocked, protest organization and communication are being compromised on end-to-end encrypted messaging apps such as Telegram.
Even when you aren’t getting arrested and have your finger forced onto your iPhone’s unlocking mechanism, entities can still access your private, end-to-end encrypted communications through other means, such as phishing attacks. News broke out in September when a group of researchers reported on Iranian hackers, most likely employees or affiliates of the government, have been running vast cyber espionage operation equipped with surveillance tools that can outsmart encrypted messaging systems.
A: sender B: receiver
- A and B meets in person to establish a communication key, they store the key offline;
- A embeds message in image with the established key, sends it to B through regular channels;
- B uses the key to decrypt the message scraped from the image and uses the same key to encrypt their reply.
In this tool, we collect a message, a key, and a cover image from the user. Advanced Encryption Standard (AES) is applied to user-provided message, with a user-provided key (or password) to produce a cipher string. Traditonally, images are processed pixel by pixel, from the top left corner to the bottom right corner. In Chaos_LSB, the pixel order of an image is randomized using Fisher-Yates shuffle algorithm with a seeded pseudorandom number generator that takes a 64-bit seed generated by the current date-time at the time of submition. The seed is hidden in the image using another pseudorandom random pixel order, generated by using the user-provided key as seed, while cipher is embedded in the image's sptial domain using Least Significant Bit insertion.
To extract the message from an image, we simply take a key and image from the user, inverse the techniques mentioned above, reproduce the pixel order in which the 64-bit seed was store, collect the seed to reproduce the pseudorandom number series, perform the Fisher-Yates shuffle to obtain the shuffled pixel order, collect cipher from the spatial domain, then apply the correct password to reverse AES encryption.
The randomized pixel order distributes LSB insertion throughout the image, instead of concentrating them in one region of the image, which makes the tampering more difficult to detect in steganalysis. Embedding in the spatial domain offers allows for more characters to be embedded than embedding in the frequency domain, which means we can embed very large text into an image. For an image that is 1024 X 1024, we can embed just over a million characters in the image using Chaos_LSB, for reference, Beyong Good and Evil by Friedrich Nietzsche is about 400,000 characters long.