Sorry your browser is not supported!

You are using an outdated browser that does not support modern web technologies, in order to use this site please update to a new browser.

Browsers supported include Chrome, FireFox, Safari, Opera, Internet Explorer 10+ or Microsoft Edge.

Geek Culture / Code Hacker Challenge

Author
Message
Conjured Entertainment
AGK Developer
12
Years of Service
User Offline
Joined: 12th Sep 2005
Location: Nirvana
Posted: 9th Nov 2017 17:24 Edited at: 9th Nov 2017 18:00
I have a geek challenge for people who like to cipher/decipher coded messages.

I have been working on my own encryption method to hide messages in images, and I am ready to share the lowest level of this encryption.

The idea came to me when I was studying QR codes, and the new method of color images being utilized that is still in the prototyping stage. (since 2014!)

I have attached two (2) images that both contain a hidden message that has been encrypted and embedded into the images.

The message is the same, and the key-code is the same, but obviously the images are different as well as the way the encrypted message is embedded into them.

The same program/routine encodes and decodes the messages, but of course you do not get access to the program to unravel the encryption method.

The challenge is to see if anyone can discover the method of encryption from the images and then decode them.

There is no prize other than the acknowledgement and recognition from the community that you are a super geek that can conquer such technical challenges.

The whole idea behind the new app is that people could send each other private messages that other people would not even recognize as a message, just a picture.

GOOD LUCK!

If you do break the code, then please PM the message to me instead of posting it here, and I will add you to the list of names of those who have cracked it.

That way, this challenge can still be here for others to give it a try, and thanks in advance to those of you willing to try to break this new ciphering technique.







P.S.

If any of you guys are aware of any other forums online that would welcome such a challenge, then please let me know.

The more people I can get to try to crack this thing the better, because I want it the best it can be before I release the app.

Thanks again!



BELOW IS A LIST OF GEEKS WHO HAVE CRACKED THE CODE

1) still waiting for the first super geek to be added to the list




Quote: "Nerds think of cool things, but Geeks get it done!"

Coding things my way since 1981 -- Currently using AppGameKit V2 Tier 1

Attachments

Login to view attachments
easter bunny
5
Years of Service
User Offline
Joined: 20th Nov 2012
Playing: Dota 2
Posted: 9th Nov 2017 23:53 Edited at: 10th Nov 2017 00:16
Is this stenography or cryptography? Just want to know if I should be analysing the pixel data or binary data

Edit never mind, I think I'm on to something

Edit 2 Here's my progress so far:
[maybe spoilers]
+ Code Snippet

Let me know if I'm way off track

My Games - Latest WIP - My Website: Immortal.Digital - FB - Twitter
130,000 installs with AppGameKit and counting
Conjured Entertainment
AGK Developer
12
Years of Service
User Offline
Joined: 12th Sep 2005
Location: Nirvana
Posted: 10th Nov 2017 21:34
Quote: "Let me know if I'm way off track"

I cannot comment on anyone's progress or theories of possibilities/probabilities as that would ruin the challenge for others. (spoilers)

I can say that I have structured the embedding in a way to provide decoys, so while someone may think they are on track they may actually be way off, or vice versa.

Giving you two images that contain the same message with the same key-code was the best clue I could provide.

Quote: "Is this stenography or cryptography?"

This is not stenography/shorthand.

However, all uppercase alpha characters in the original message are converted to lowercase to simplify the coding.

So, the decoded message will be all lowercase, with no distinction for capital letters.

This system also allows for most special characters found on a keyboard, like ! # $ % ^ & * ( + - = < > ? [ , etc. (with some exceptions like the tilde, pipe, and a few other seldom used ones)

Coding things my way since 1981 -- Currently using AppGameKit V2 Tier 1
Phaelax
DBPro Master
14
Years of Service
User Offline
Joined: 16th Apr 2003
Location: Metropia
Posted: 14th Nov 2017 12:26 Edited at: 14th Nov 2017 13:11
Quote: "This is not stenography/shorthand."


Technically it is, which was part of my major in college. You're hiding data in something else, that's pretty much what stenography means. It's just not the only tactic you're using since it's encrypted as well.

Quote: "Giving you two images that contain the same message with the same key-code was the best clue I could provide."

That was my first big clue into how you may have done this. I will definitely have to give this a try!

Quote: " Just want to know if I should be analysing the pixel data or binary data"

After analyzing the binary data, I'm pretty certain it's in the pixels. I could find no abnormal data chunks in the file structure, which was my first idea. Now I wonder if the message is hidden in the image as a subtle watermark. That'd allow you to place the message over any image.

"I like offending people, because I think people who get offended should be offended." - Linus Torvalds
Conjured Entertainment
AGK Developer
12
Years of Service
User Offline
Joined: 12th Sep 2005
Location: Nirvana
Posted: 14th Nov 2017 21:57 Edited at: 14th Nov 2017 23:17
Quote: "Technically it is, which was part of my major in college. You're hiding data in something else, that's pretty much what stenography means. It's just not the only tactic you're using since it's encrypted as well. "

I stand corrected.

I was going by a common simple definition of Stenography as pertaining to court rooms, offices, etc....

Quote: "ste·nog·ra·phy
stəˈnäɡrəfē/
noun:
the action or process of writing in shorthand or taking dictation."


However, after further investigation, I see that Steganography is exactly what I am doing.

So, yes, this is Steganography and Cryptography.

Thanks for clearing that up Phaelax.

Quote: "Alleged use by intelligence services
In 2010, the Federal Bureau of Investigation alleged that the Russian foreign intelligence service uses customized steganography software for embedding encrypted text messages inside image files for certain communications with "illegal agents" (agents without diplomatic cover) stationed abroad"

And here I was thinking I was doing something new. lol

Oh well, it is new to me, and I got the idea without knowing about this history of stenography or steganography .

So, now I have to do some more research and see if I can improve my methods, but from what I see so far about these other techniques, I am doing something new after all!

Quote: "

Abstract

The Spread Spectrum Image Steganography (SSIS) of the present invention is a data hiding/secret communication steganographic system which uses digital imagery as a cover signal. SSIS provides the ability to hide a significant quantity of information bits within digital images while avoiding detection by an observer. The message is recovered with low error probability due the use of error control coding. SSIS payload is, at a minimum, an order of magnitude greater than of existing watermarking methods. Furthermore, the original image is not needed to extract the hidden information. The proposed recipient need only possess a key in order to reveal the secret message. The very existence of the hidden information is virtually undetectable by human or computer analysis. Finally, SSIS provides resiliency to transmission noise, like that found in a wireless environment and low levels of compression.


BACKGROUND OF THE INVENTION


1. Introduction

The present invention relates generally to the field of digital image steganography and is more particularly directed to a new system of steganography referred to herein as Spread Spectrum Image Steganography (SSIS). Steganography, meaning “covered writing” in Greek, is the science of communicating in a manner such that the existence of the communication is hidden. The SSIS system hides and recovers a message of substantial length within digital imagery while maintaining the original image size and dynamic range. The hidden message can be recovered using appropriate keys without any knowledge of the original image. A message embedded by the SSIS method can be in the form of text, imagery or any other digital signal. Applications for such a data hiding scheme include in-band captioning, covert communication, image tamperproofing, authentication, embedded control and revision tracking."


lol ...that is taken from a patent filed in 1999 by the Untied States of America as represented by the Secretary of the Army.

Sound familiar?

I just discovered this now after doing some research on steganography.

The good thing is... I use a different technique, but the basic idea of not needing the original image, just the embedded one and the key, is the same.

Good luck guys & gals!



Coding things my way since 1981 -- Currently using AppGameKit V2 Tier 1
Phaelax
DBPro Master
14
Years of Service
User Offline
Joined: 16th Apr 2003
Location: Metropia
Posted: 15th Nov 2017 13:13
Quote: "However, after further investigation, I see that Steganography is exactly what I am doing."

oops, my bad I misread it. Yea that's what I meant!

In school, we used Encase software to make bit by bit copies of drives for analysis. It was quite a powerful tool, you could really do a lot without risk to the integrity of the original files. I used to hide data (could be anything) inside images by using the command line winzip. The data is appended to the end of the image. The image still displays properly because readers stop looking at the data when it reaches a particular chunk header. Anything after it is ignored by the image readers. I even hid a trojan in one before back in highschool.

Now, if you have a small jpeg and it's 20mb in size, it'd kind of raise a flag.

"I like offending people, because I think people who get offended should be offended." - Linus Torvalds
Ortu
10
Years of Service
User Offline
Joined: 21st Nov 2007
Location: Austin, TX
Posted: 15th Nov 2017 15:42
You don't even need WinZip really, native command line copy can do it.

copy /b sourceimg.jpg + hiddentext.txt newimg.jpg

Open newimg.jpg in paint

Open newimg.jpg in notepad and scroll to the bottom
http://games.joshkirklin.com/sulium

A single player RPG featuring a branching, player driven storyline of meaningful choices and multiple endings alongside challenging active combat and intelligent AI.
Conjured Entertainment
AGK Developer
12
Years of Service
User Offline
Joined: 12th Sep 2005
Location: Nirvana
Posted: 15th Nov 2017 20:34 Edited at: 16th Nov 2017 13:34
That is really interesting, but my method is a bit more complex than that.

This geek challenge stands for any intelligence agency to try and crack it as well.

Again, this is my lowest level of encryption but my method of embedding is unique.

I did use my lowest level of that too for this first example, so I can make it much more complex for future challenges if need be.

However, I think this method is strong enough to thwart even the best of the best of their super computers and think tanks.

Unless they hack my files, steal my program, and reverse engineer it, then they don't stand a chance just trying to cipher the images.

lol ... prove me wrong


Coding things my way since 1981 -- Currently using AppGameKit V2 Tier 1
Kevin Picone
15
Years of Service
User Offline
Joined: 27th Aug 2002
Location: Australia
Posted: 16th Nov 2017 14:52 Edited at: 16th Nov 2017 14:53
Quote: " Unless they hack my files, steal my program, and reverse engineer it, then they don't stand a chance just trying to cipher the images. "


Nobody need to answer the 'how it works' question, if the answer is in plain view in the encoder/decoder.. So that's the approach any attacker would take first.

PlayBASIC To HTML5/WEB - Convert PlayBASIC To Machine Code
Conjured Entertainment
AGK Developer
12
Years of Service
User Offline
Joined: 12th Sep 2005
Location: Nirvana
Posted: 16th Nov 2017 16:13 Edited at: 17th Nov 2017 00:13
Quote: "Nobody need to answer the 'how it works' question, if the answer is in plain view in the encoder/decoder.. So that's the approach any attacker would take first."

It is only in plain view when decoding if they have the key-code and the program.

I was talking about if they only have the images to go on, and can't figure it out.

Then they would need the get access to the program and then reverse engineer it, because they would not have the key-code to make it plainly visible running the program normally.

Unless the CIA snooped in my files the other day when visiting one of their websites (their Terms Of Use of the website grants them permission to view all the files on your computer when you connect to their network, without your consent because your use of that website is your acceptance of the TOU (bogus agreement IMO since that TOU is not known or available prior to accessing the site, but then again, would they really need permission to probe your files)), then I am the only one who currently has a copy of the app.

Granted of course that I have not been compromised by other hackers. ( I do not have the app on my surfing computer, and will only access Government sites from a public library in the future )

The idea is to sell this app to an interested party, who will then only distribute it to their trusted recipients who will install it on computers that are not connected to any networks.

That means that any snooper will only have the images to go on since they are the only thing transferred over a network, making it virtually impossible for them to crack the code, unless you guys prove me wrong here.

As I said, very interesting information about the appendage method, and all that is learned here (and as a result of research originated here in this thread) will be applied to improving the security measures.

I look forward to the PM solution to these images as they are now though.

Thanks again to all who are participating and sharing your knowledge about this aspect of computer science.

Quote: " I used to hide data (could be anything) inside images by using the command line winzip. The data is appended to the end of the image. The image still displays properly because readers stop looking at the data when it reaches a particular chunk header. Anything after it is ignored by the image readers. I even hid a trojan in one before back in highschool."

lol are you trying to scare your competition away?

I can guarantee you that there are no trojans or viruses in these images.

Quote: "Now, if you have a small jpeg and it's 20mb in size, it'd kind of raise a flag."

Okay, I said earlier that I would not give comments that would be spoilers, but I have to comment on this.

The technique I am using for this example of encryption/steganography adds the text message to an image without changing its file size at all.

That is probably a spoiler for the participants of this challenge, but I am still confident that it is not enough to compromise the security of the message.

However, I was compelled to comment because this eliminates that appendage method as a possibility and stresses the flexibility of this proprietary technology.

Quote: " The SSIS system hides and recovers a message of substantial length within digital imagery while maintaining the original image size and dynamic range. "

Okay, so I guess it wasn't a spoiler since I already told you that it is a lot like the system the U.S. Army developed. (which I had no idea about when I created this)

Coding things my way since 1981 -- Currently using AppGameKit V2 Tier 1
Phaelax
DBPro Master
14
Years of Service
User Offline
Joined: 16th Apr 2003
Location: Metropia
Posted: 18th Nov 2017 06:41
Quote: "The technique I am using for this example of encryption/steganography adds the text message to an image without changing its file size at all."

I gathered that already after viewing the file in a hex editor, leading me to believe it's in the color data. I'm just not sure how without it changing the the visual aspect of the image itself.

"I like offending people, because I think people who get offended should be offended." - Linus Torvalds
BatVink
Moderator
14
Years of Service
User Offline
Joined: 4th Apr 2003
Location: Gods own County, UK
Posted: 20th Nov 2017 16:50
Quote: " The image still displays properly because readers stop looking at the data when it reaches a particular chunk header. Anything after it is ignored by the image readers."


...which is how I used to store data in DBPro
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Quidquid latine dictum sit, altum sonatur
TutCity is being rebuilt
Mai taylor
User Offline
Joined: 22nd Nov 2017
Location:
Posted: 22nd Nov 2017 09:40
It is too nice game
Conjured Entertainment
AGK Developer
12
Years of Service
User Offline
Joined: 12th Sep 2005
Location: Nirvana
Posted: 26th Nov 2017 22:39 Edited at: 11th Dec 2017 16:16
Quote: "It is too nice game"

Thanks, but it is not a game.

I may start experimenting with audio files next.


EDIT
Okay, I have been thinking more about the "how it works" comment above, and I see room for much improvement.

In an effort to comply with Kerckhoffs's principle, I'm revising key generation so I will be able to offer the algorithm to prying eyes while maintaining secrecy of the messages.

It means that I have a lot of work left to do on this software, but my ideas for key improvement will make this thing rock solid for anyone/everyone.

Coding things my way since 1981 -- Currently using AppGameKit V2 Tier 1

Attachments

Login to view attachments

Login to post a reply

Server time is: 2017-12-16 13:10:52
Your offset time is: 2017-12-16 13:10:52