Skip to content

Commit ccbe7d8

Browse files
committed
Doc updates
1 parent 10076a7 commit ccbe7d8

File tree

2 files changed

+22
-22
lines changed

2 files changed

+22
-22
lines changed

README.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -20,7 +20,7 @@ Stegcore hides encrypted messages inside ordinary images and audio files. The re
2020

2121
Your data never leaves your device. No accounts, no cloud, no telemetry, no network connections of any kind. One passphrase to hide, the same passphrase to recover. If someone demands your password, give them the decoy — two messages, two passphrases, structurally identical halves.
2222

23-
> 🎉 **Tested against [Aletheia](https://github.com/daniellerch/aletheia), the most sophisticated open-source steganalysis toolkit.** All four classical detectors (SPA, RS, Weighted Stego, Triples) failed to find anything. [Details →](docs/vs-alternatives.md#detection-resistance)
23+
> 🎉 **Tested against [Aletheia](https://github.com/daniellerch/aletheia), the leading open-source steganalysis toolkit.** Adaptive mode passed all four classical detectors (SPA, RS, Weighted Stego, Triples) on real-world images. [Details →](docs/vs-alternatives.md#detection-resistance)
2424
2525
<details>
2626
<summary>What's under the hood</summary>

docs/vs-alternatives.md

Lines changed: 21 additions & 21 deletions
Original file line numberDiff line numberDiff line change
@@ -1,8 +1,8 @@
1-
# Stegcore vs. Alternatives
1+
# Stegcore and the Steganography Landscape
22

3-
The steganography tools most people find first — Steghide, OpenStego — were groundbreaking when they were written. But they were written for a different era. Steghide hasn't been updated since 2003. OpenStego requires Java. Neither offers deniable mode, built-in detection, or encryption that would survive a modern audit.
3+
Steganography has a rich history of open-source tools. Steghide and OpenStego introduced thousands of people to the field and laid the conceptual foundation that everything after them — including Stegcore — builds on.
44

5-
Stegcore exists because the people who need steganography most — journalists, activists, researchers — deserve a tool that's been built with today's threats in mind, not yesterday's.
5+
Stegcore picks up where they left off. Cryptographic standards, threat models, and user expectations have all evolved since these tools were first written. Stegcore brings those updates to the same mission: making steganography accessible to the people who need it.
66

77
---
88

@@ -26,30 +26,27 @@ Stegcore exists because the people who need steganography most — journalists,
2626

2727
## Steghide
2828

29-
Steghide is the most widely referenced steganography tool in security documentation and CTF write-ups. It introduced many people to the concept.
29+
Steghide is the most widely referenced steganography tool in security documentation and CTF write-ups. It introduced many people to the field and its graph-theoretic embedding approach was innovative for its time.
3030

31-
However, it has not been updated since 2008 and carries a known vulnerability: **CVE-2021-27211**. The root cause is that Steghide uses a 32-bit PRNG seed derived from the passphrase. An attacker can enumerate all ~4 billion possible seeds in a few hours on consumer hardware, regardless of passphrase length. A passphrase that takes decades to brute-force directly can be bypassed in the time it takes to watch a film.
31+
Steghide was last updated in 2003. Since then, the cryptographic landscape has changed significantly. Its DES and RC4 ciphers are now deprecated, and CVE-2021-27211 revealed that its 32-bit PRNG seed can be enumerated on consumer hardware. These aren't design flaws — they reflect the standards of the era it was built in.
3232

33-
Steghide also predates modern authenticated encryption. It uses DES (deprecated) and RC4 (broken). It does not verify data integrity, so a corrupted stego file may silently produce garbled output.
34-
35-
For historical research, CTF challenges where the challenge is intentionally solvable, or understanding the field: Steghide is fine. For any genuine operational use: do not use Steghide.
36-
37-
Stegcore exists in part as a tribute to Steghide's legacy and as an answer to the question of what a secure replacement looks like.
33+
Steghide remains valuable for learning, CTF challenges, and understanding the history of the field. For operational use where modern cryptographic guarantees matter, Stegcore carries the mission forward with updated primitives and new capabilities like deniable mode and built-in detection.
3834

3935
---
4036

4137
## OpenStego
4238

43-
OpenStego is actively maintained and takes a more considered approach than Steghide. It supports PNG and BMP, offers basic watermarking functionality, and its GUI, while dated, works.
39+
OpenStego is actively maintained and brought a GUI to steganography at a time when most tools were CLI-only. It supports PNG and BMP, offers watermarking, and has a straightforward interface.
4440

45-
Its limitations:
41+
Where Stegcore extends the concept:
4642

47-
- Requires Java 11 or later, adding a significant runtime dependency
48-
- Supports only BMP and PNG (no audio, no JPEG, no WebP)
49-
- No deniable mode
50-
- No built-in steganalysis
51-
- Key derivation function internals are not published, making independent security review difficult
52-
- The GUI does not feel native on any platform — Java Swing has not aged well
43+
- **Broader format support** — PNG, BMP, JPEG, WebP, WAV (vs PNG/BMP)
44+
- **No runtime dependency** — native binary vs Java 11+ requirement
45+
- **Deniable mode** — dual-payload embedding
46+
- **Built-in steganalysis** — detection suite alongside embedding
47+
- **Published cryptography** — auditable Argon2id + AEAD ciphers
48+
49+
OpenStego remains a solid choice if you need a quick, Java-based solution for PNG/BMP steganography.
5350

5451
---
5552

@@ -78,9 +75,12 @@ cover image:
7875
| Weighted Stego (WS) | **No hidden data found** |
7976
| Triples | **No hidden data found** |
8077

81-
All four of Aletheia's classical statistical detectors failed to detect
82-
Stegcore's adaptive embedding. By comparison, Aletheia detects Steghide
83-
and sequential LSB tools reliably.
78+
All four of Aletheia's classical statistical detectors returned "No hidden
79+
data found" for Stegcore's adaptive embedding on real-world images.
80+
81+
Note: this applies to adaptive mode only. Sequential mode prioritises
82+
capacity over stealth and is detectable by design — use it when detection
83+
resistance is not your primary concern.
8484

8585
---
8686

0 commit comments

Comments
 (0)