Coming soon to iTunes App Store...

StegaGram

StegaGram

Everyone knows -- or at least everyone should know -- that email is not a secure form of communication. It's a lot like yelling across a parking lot. Your message is sent "in the clear" along most of the connections that lie between you and the recipient. For the times when you want to send a message that does not stand out in the open for others to read, send a StegaGram.

Double Armor

The StegaGram App protects your communication in two ways. First, it locks the message so that it can only be read by the person to whom you're sending the message. Then, it hides the locked message inside a picture, so that it doesn't even look like a locked message is being sent. As an analogy, consider keeping your valuables in a strong safe, located in your front yard. It's a great safe, but why invite attention to the fact that you have it? Using StegaGram is like keeping that strong safe hidden in a secret panel behind a picture in your house.

No Password, No Problem

Short passwords are not very secure because they can be quickly guessed by computer programs. Long passwords are better, but can be hard to remember. We chose to avoid these problems altogether by using long strings of random numbers, known as keys. You can find more details below if you're curious, but the short story is that it's stronger than a password but you don't need to remember anything. You just need to pass a key to your friend using a QR Code -- those checkered squares you see all over the place.

Under the Hood

You know those cars that look cool from the outside but lack actual power and performance when driving? Yeah, that's not us. StegaGram is clean and easy to use, but also employs the latest methods of cryptography and steganography. In fact, our initial version was denied for public distribution because it was too strong. We had to tone it down a bit. As for our hiding methods, they don't just avoid detection by the human eye. We use a technique that passes well under the radar of digital analysis programs which search for anomalies in histograms.

For the Nerds

StegaGram uses a combination of asymmetric cryptography and an optimized version of the Graph-Theoretic approach to steganography. The asymmetry of the cryptographic keys allows for a distributed authentication model, similar to that used in the PGP community. Our initial version used 2048-bit RSA encryption, but we were required to reduce that to 512 bits. This is still far better than a user-entered password, of course, because every permutation of bits across the entire key space has an equal probability of being generated. As for the key exchange, the QR Code method prevents the classic 'Man-in-the-Middle Attack' used against the Diffe-Helman pattern, because there is no communication over a network during the exchange. In addition, our steganographic algorithm preserves first-order statistics, unlike most other freely-available alternatives. For more details, take a look through our research paper.