Chaya – Advance Image Steganography
Chaya protects your privacy through steganography, cryptography and compression. It effectively encrypts your payloads using AES-256-GCM cryptography, embeds them using LSB-LPS steganography technique into images and compresses them using FLIF to evade detection by performing lossless compression.
Chaya is for your privacy. Chaya is backed by research (I will publish public version whitepaper on xerohack.com), and has proven to be by far the most effective image steganography tool as compared to other FOSS image steganography tools.
WHY CHAYA IS BETTER THAN THE REST?
- 0% detection rate using most of the publically available anti-steg tools like stegexpose and many more
- 100% data retention with almost the same capacity of standard LSB technique with LBS-LPS
- Transparent cryptography that gets as good as python has to offer
There is no way this can be broken using a standard supercomputer unless there are exploits in python libs and python itself.. LSB-LPS will take exponetially large time to brute-force with larger graph images because you will have to attack every X,Y coordinates combo without any error. Making an ML to do so is also quite useless and can be only used for Natural language processing for example: which message is readable to find the coordinates. AFTER THAT, you have to break the encryption. MOREOVER, NLP ML cannot find the coordinates because the bruteforce results will be ciphertext anyway. If for some reason the attacker knows the coordinates to start the de-steg process, they will have to break AES-GCM-256. GCM is better because it offers integrity along with co nfidentiality, which is why it’s the better AES mode).
United Nations Declaration of Human Rights (UDHR) 1948, Article 12 – “No one shall be subjected to arbitrary interference with his privacy, family, home or correspondence, nor to attacks upon his honor and reputation. Everyone has the right to the protection of the law against such interference or attacks.”
International Covenant on Civil and Political Rights (ICCPR) 1966, Article 1 – “No one shall be subjected to arbitrary or unlawful interference with his privacy, family, home or correspondence, nor to unlawful attacks on his honor or reputation. Everyone has the right to the protection of the law against such interference or attacks.”
- Supports AES-256-GCM cryptography
- Supports Standard LSB steganography
- Supports LSB-LPS steganography
- Supports FLIF lossless compression
- Cipher data logs as json
- Analytics support for your experiments
- Supports json to csv conversions
- Highly verbose cipher data logs
- Workspace Cleaner
- Easy installer for initial setup
- Comes with easy updater
Changelog (main channel): https://github.com/xerohackcom/Chaya/blob/main/CHANGELOG.md Changelog (dev channel): https://github.com/xerohackcom/Chaya/blob/dev/CHANGELOG.md
One Line Setup
Use the following command for faster setup:
Command For Ubuntu Based Distros
sudo apt install python3-pip && sudo apt install git && git clone --depth=1 https://github.com/xerohackcom/Chaya.git && cd Chaya && pip3 install -r requirements.txt && sudo apt update && sudo apt-add-repository ppa:linuxuprising/libpng12 && sudo apt update && sudo apt install -y libpng12-0
Command For Debian Based Distros
sudo apt install python3-pip && sudo apt install git && git clone --depth=1 https://github.com/xerohackcom/Chaya.git && cd Chaya && pip3 install -r requirements.txt && sudo apt update && sudo apt install build-essential devscripts && cd ~/ && sudo touch /etc/apt/sources.list.d/libpng12.list && echo "deb https://ppa.launchpadcontent.net/linuxuprising/libpng12/ubuntu hirsute main" | sudo tee -a /etc/apt/sources.list.d/libpng12.list && echo "deb-src https://ppa.launchpadcontent.net/linuxuprising/libpng12/ubuntu hirsute main" | sudo tee -a /etc/apt/sources.list.d/libpng12.list && sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 1CC3D16E460A94EE17FE581CEA8CACC073C3DB2A && sudo apt update && sudo apt install -y libpng12-0
You can install the dependencies using installer.py script. Run the following commands in terminal:
sudo apt install python3-pip && sudo apt install git && git clone --depth=1 https://github.com/xerohackcom/Chaya.git && cd Chaya
Ubuntu Based Distros
python3 installer.py --ubuntu
Debian Based Distros
python3 installer.py --debian
python3 chaya.py --help
- First add few images (png format) to /autoexp/image_raw/
- Remove the txt file from all autoexp sub-folders to avoid errors!
- Run the following command
python3 chaya.py -enc
- Enc + Steg images -> /autoexp/image_steg/
- Enc + Steg + Comp images -> /autoexp/image_steg_comp/
- Cipher data -> /appdata/cipher_data.json
- Analysis data -> /appdata/analysis_results_enc.json
Issues – v1.2.3
- Issue with numpy import (solution under issues)
- Known bug with image-quality library (not fixed)
The plan is to build this into a modular framework where users can also add their custom scripts for encryption and steganography part. Support for multiple compression algorithms is being added. During the experiments, FLIF was supported, but now JpegXL (JXL) is the new best lossless raster based compression. Support for payload execution and other interesting stuff underway. Can be done combining commands, but not inbuilt. Video steganography using ffmpeg is being tested.
Please refer to the PLANLOG for detailed feature plans: https://github.com/xerohackcom/Chaya/blob/main/PLANLOG.md
Chaya is licensed under AGPLv3
Helping to report bugs and fix issues is appreciated.
You can support Chaya by Monero XMR donations: https://xerohack.com/support.php