Hiding secrets inside photographs with php

Asked 10/10, 2013 at 21:51 Answered 10/10, 2013 at 22:9

I have created a service that hides text inside photographs. For example:

$img_name = "myimage.jpeg";
$orig_contents = file_get_contents($img_name);
$msg = "My secret.";

$fp = fopen($img_name, "wb"); 
fwrite($fp, $orig_contents . $msg); 
fclose($fp);

I'm curious: How much information can I hide inside photographs using this method? For example, could I embed chapters of a novel in an image file? I have added fairly large blocks of text without corrupting the image, but I'm wondering if PHP or image viewing applications impose limits on this.

(P.S. I am aware that this type of steganography is insecure; I'm just doing this for fun.)

Revere answered 10/10, 2013 at 21:51 Comment(6)

what a weird thing to do...! – Oast 10/10, 2013 at 21:54

sounds like something you could simply test yourself – Overhear 10/10, 2013 at 21:56

Haha. Come on, man. It's a lot fun for exchanging messages among friends. :) If anyone has constructive suggestions, I would really appreciate it. – Revere 10/10, 2013 at 21:56

this was a fad a few years back, some of us still check files with unusual sizes, just in case. – Overhear 10/10, 2013 at 22:1

I'm no cryptographer, but I would suggest using a lossless image format like PNG so your embedded data doesn't get corrupted. – Pharisaic 10/10, 2013 at 22:4

this isn't writing messages in an image, it's appending a string to the image bytecode. You're not hiding anything, so the "how much information" part depends entirely on the image format used, and how lax its parsers are when it comes to junk after what the offset pointers say the file's size should be =) – Chantel 10/10, 2013 at 22:7

You should take a look at Steganography. And be aware you are not hidding your data in the image. Anyone who could open the image with a text editor would see your text somewhere in the file (in this case, in the end, which is much worse). If I were you, I'd do the following:

Encrypt your data with some decent Algorithm and a strong key
Create a function that distributes your data through the file in a pseudo-random way, so that anyone would note that you're trying to put something secret in it (be aware you have to recover it afterwards). In a regular bitmap image, you can use the last bit of each pixel to save your information, since this change made by it would not be perceived by human eye, if you compared the original image with the one that has hidden data.
Pray NSA isn't reading this, otherwise you can get some serious trouble :)

Hereabout answered 10/10, 2013 at 22:5 Comment(1)

As a member of the NSA - too late. – Walcott 10/10, 2013 at 22:7

No, there's essentially no limit imposed by either PHP or the JPEG format on how much data you'll be able to add to an image using this method. This works because the JPEG format stores all of the image data at the beginning of the file until some marker. After the marker, any data is assumed to be something else like a thumbnail, for example.

One cool trick (that also works with GIF images) is that you can append a ZIP file to the end of an image and the file works as both a JPEG and a ZIP file. It will be readable by both image processing programs or ZIP programs just by changing the file extension.

Bassist answered 10/10, 2013 at 22:9 Comment(0)

I think this is not the most secure way to do it, if you really want to hide string into an image, you will probably use a specific pattern to change a pixel every 10 pixels, the idea is simple convert your image to an array of integer, loop through the array and every 10 pixels change the value to the ascii character number.

Changing 1 each 10 pixel won't make a lot of noise.

To make it more secure use encoding, so use your own map to encode ascii, like @fvdalcin proposed.

Leasia answered 10/10, 2013 at 22:6 Comment(0)

Recommended topics

Hot tags