Open in app

Sign in

Write

Sign in

How to Hide Your Files in an Image with Encryption Using Python- Steganography 1

Emre Can Kuran
6 min readMar 18, 2021

Disclaimer:

This article is created for a tutorial which is written in terms of security and privacy. Malicious intents are not encouraged and the author specifies that he doesn’t take any responsibility for misuses.

1. Introduction

In the last decades, privacy has gained more importance. It fairly depends on the user to protect his/her privacy with precautions taken personally while surfing the internet, keeping files on his/her computer and sharing files with others. Steganography is one of the techniques that is used to hide a secret information in a wise manner so the person who attempts to access the information, actually could not recognize it as it is . In this article, we will inspect a steganography technique step-by-step and we will try to hide our files in an image file. We also have to encrypt these files to provide more security.

2. Prerequisites

  • A basic knowledge of Python would be helpful, but you can also install Python and try it yourself. You actually don’t need the know all concepts.
  • You have to install cryptography library, which provides cryptographic methods, especically a key to encrypt/decrypt our files to hide them in an image. Use these commands for installation by opening your shell(or command line):
pip install cryptography

or

pip3 install cryptography

3. Method

Algorithm for hiding:

1.Select the file(s) to be hidden and the file which we will use as a host to hide our secret files
2.Encrypt secret files
3.Create an archieve file(with an .zip or .rar extension) and zip the encrypted files
3.Using shell commands, concatenate the image with this zip
4.Obtain the image which contains encrypted hidden files

Algorithm for revealing:

1.Rename the image file with the appropriate archieve extension(.zip etc.)
2.Extract the secret files from zip
3.Decrypt files

4. Test Images, Data and Environment

You can use the image(it is up to you) given below as the host file that contains the secret files:

An image of a mandrill to be used as a host file

Your data that needs to be kept secret can be a document file, executable file or another image file, yet another zip file. I have these files in a folder. My secret file is the landscape.tiff file, which is an image and the host file is mandrill.jpg, which is another image.

My folder which contains script, secret image and the host image

You can prepare your own files for different purposes, as mentioned above.

5. Implementation of the Method using Python

First of all, we have to include the required libraries

We need os libray for accessing shell, cryptography library for encryption/decryption and zipfile library for zip operations. The os and zipfile libraries are the native libraries of Python hence we do not need to download and install them. Then, since we have to traverse directories to find appropriate files to hide and check the specific conditions for these files, we have to define the functions in the code below.

In the above code, we are checking conditions with checkConditions function. If our file is actually a file(not a folder etc.) and if it is a .tiff image(you can change this as .pdf, .txt and others), we can hide this file. It is my choice and it depends on how you will use it. The getFiles function helps us to obtain the file names that meet the conditions we have determined in checkConditions function and returns a list of file names. Now we can define functions for generating and reading the key:

The genKey function takes one argument which is for the key file name, and writes the generated key to the file created with this name while the getKey function simply reads and returns the key. We also need functions for encryption and decryption:

The encryptFile function encrypts the files with the given key using Fernet. Then, it writes the file to the current folder. The decryptFile function decrypts the files using the same key. For insertion and extraction, we need two functions:

In insertFile function, we add the files to the zip file, then, we merge the zip file with the image using the code written in line 13:

os.system("copy /b " + imFileName + " + encrypted.zip " + outputName)

or in Linux

os.system("cat " + imFileName + " encrypted.zip > " + outputName)

With os.remove, we remove the residual files. We extract the hidden files using the code written in line 24:

os.system("rename " + outName + " encrypted.zip")

or in Linux

os.system("mv " + outName + " encrypted.zip")
os.system("unzip -t encrypted.zip")

Then, with os.remove, we remove the temporary file used for zip. We employ os.mkdir to create the folder where we decided to extract our files, if it doesn’t exist. Finally, we can test the functions:

firstTimeRun function generates key, encrypts the files and inserts the file to the output image. The normalRun function assumes that the key exists and just encrypts the files. The showFiles function can be used only to extract and decrypt files. Now we can inspect the main function:

In main function, we specify the name of the key file, name of the output image file, folder to extract and the host image filename. Then we run our firstTimeRun function to see results. Now let’s run and see:

The output image

You can see the key file and output(host) image is generated. Now let’s compare with the original image:

The comparison

You can notice the increase on the size of file, since our host image contains the other file, it’s size is increased. Now extract and decrypt image, so change the code in the main function like this:

Results after the code executed:

The final results

As you can see from above screen capture, the secret file has been writen to “show” folder. You can try functions yourself and see results.

6. Discussion and Recommendations

Things to consider:

  • If you lose the key file or the key, you can not perform decryption
  • Although this technique is robust, it doesn’t mean that it is unbreakable
  • You can increase the security by applying more complex cryptographic algorithms and the other methods
  • Encrypted file means that the file can not be read by someone else except if it is decrypted. So, we have decrypted the file after extraction. Even if someone reached it out, he/she has to decrypt it otherwise he/she can not view it.

Recommendations:

  • Since this is an tutorial article, I just tried to explain the basics
  • You can extend this code by adding GUI, new functionalities or you can also optimize it
  • I tried to keep it simple, you can also use different data structures and different algorithms for better performance

Thanks for reading!

Materials:

Full GitHub repository:

https://github.com/EmreCanKURAN/HideFilesInAnImage

Contact:

LinkedIn: https://www.linkedin.com/in/emre-can-kuran-8470b01b0/

E-mail: emrecankuran21@gmail.com

Steganography
Hack
Python
Image
Software

--

--

Emre Can Kuran

Written by Emre Can Kuran

10 Followers

Help

Status

About

Careers

Blog

Privacy

Terms

Text to speech

Teams