Skip to content
This repository has been archived by the owner on Jul 9, 2020. It is now read-only.
/ file-in-text Public archive

MIGRATED TO https://vcs.rowanthorpe.com/rowan/file-in-text - THIS IS AN ARCHIVED VERSION... A tool to encrypt & steg-hide a file in text whitespace using gpg (https://www.gnupg.org) and snow (http://www.darkside.com.au/snow/index.html).

License

GPL-3.0 license
1 star 2 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

rowanthorpe/file-in-text

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6 Commits

.gitignore

.gitignore

 
 

AUTHORS.md

AUTHORS.md

 
 

COPYING

COPYING

 
 

README.md

README.md

 
 

TODO.md

TODO.md

 
 

file-in-text

file-in-text

 
 

Repository files navigation

file-in-text

A tool to encrypt (with password or gpg-key hidden recipient), conditionally compress if beneficial, and steganographically hide a file in the trailing whitespaces of a text-file, with 72-column wrap-protection for email-suitability. It can also reverse the process to get the original message.

It is a simple portable shellscript which wraps the gpg and snow tools.

With it you could e.g. send a file "hidden in plain sight" within a plain-text email's trailing spaces rather than as an attachment (if the email-text is too short to accomodate it the remainder is appended in blank lines at the end, which is more obvious). Of course any serious cryptanalyst who knows to look for it will find and recognise the strange pattern of trailing spaces as a red-flag, and may even extract the still-encrypted file (so this should not be seen as a bulletproof technique for plausible deniability) but even then the encryption is provided by gpg, so is still as safe as any normally encrypted email. The main usefulness could be:

  • As a fun toy
  • To send a payload within a plain-text email to a public mailing-list which an intended recipient can extract but most casual viewers will never realise was even there (similarly to how spies use dead drops).

It handles input/output-files, and/or stdin/stdout, uses a crude algorithm to disable compression if not useful (for small size), leverages gpg's options to accomodate both symmetric (password) and asymmetric (keypair) encryption, and uses "hidden recipient" for added paranoia-value with asymmetric encryption.

Quick Start

  • Install dependencies (e.g. apt-get install gpg stegsnow on Debian-based systems)
  • Copy file-in-text to somewhere in your $PATH
  • Run file-in-text --help for details

License

Copyright © 2017 Rowan Thorpe rowan@rowanthorpe.com

file-in-text uses the GPLv3 license, check the COPYING file.

Any additional contributions are noted in the AUTHORS.md file.

Rationale

I loved the idea & implementation of snow, but the embedded encryption ICE is a small library written by its author, which hasn't undergone any third-party cryptanalysis, and appears to have not seen an update since 1999(?). I was curious how feasible it would be to let gpg do the encrypting (which obviously comes with the cost of being less efficient for encrypting tiny text messages though), so for fun I wrote this as a tool for doing that in both directions. It was more effective and efficient than I expected, so I added some small bits of functionality too.

About

MIGRATED TO https://vcs.rowanthorpe.com/rowan/file-in-text - THIS IS AN ARCHIVED VERSION... A tool to encrypt & steg-hide a file in text whitespace using gpg (https://www.gnupg.org) and snow (http://www.darkside.com.au/snow/index.html).

Topics

encryption email gpg steganography snow shellscript

Resources

Readme

License

GPL-3.0 license
Activity

Stars

1 star

Watchers

2 watching

Forks

2 forks
Report repository

Releases

1 tags

Packages

No packages published

Languages