A steganography python script for encrypting/hiding a zipfile within a image file. Uses bcrypt for the password key deriviation function and PyNaCl for the secret-key cryptography.
To hide and encrypt a zipfile:
python hide.py -i batman.gif -a zip_archive.zip
You'll be asked for a password and then you're done. If it blows up, it didn't work.
To unhide and decrypt a zipfile:
python hide.py -u batman.gif -d
Optional -d
flag decompresses the archive to same dir as the image file.
I didn't attempt to invent my own cryptography, so Hide is built using the excellent and cryptographically sound bcrypt and PyNaCl libraries. Don't roll your own crypto.
The actual steganography part of this script is rudimentary, so although the crypto is secure, the hidden archive file is easily detectable by someone with decent CS knowledge. That means they can't open the file, but they might know it exists.
Tests pass python -m unittest tests.test_hide
Requires bcrypt and PyNaCl, which you can pip
install.
Uses the MIT license
- Find a better way to write the data to the image. I think doing bytecounts and using those as a flag at the end of the file would be a more robust way to do it, but I'm not 100% certain. Something like
image.write(encrypted_file + salt + len(encrypted_file) + len(salt))
, but then I don't know how many bytes to count when decrypting it. - Maybe add the zip compression directly into the script?
- Make the filepaths more flexible
- Make a copy of the original image rather than editing in place?
- Add it to PyPI