pixelknot banner hide messagesWhat is Pixelknot?

pixelknot qr

Play Store

Pixelknot is an Android application that allows users to hide short text-based messages in photographs and share them across trusted channels.

Pixelknot is now available on the Google Play store, Amazon appstore, and also on our website and verifiable via the asc.

What is Steganography?

The practice of embedding secret messages into a piece of media so that no one, apart from the sender and intended recipient, know that the secret message exists. The newly developed algorithm F5 withstands visual and statistical attacks, yet it still offers a large steganographic capacity. F5 implements matrix encoding to improve the efficiency of embedding. Thus it reduces the number of necessary changes. F5 employs permutative straddling to uniformly spread out the changes over the whole steganogram.

The Guardian steganography standard: we are working towards ensuring that the secret message in an image must:

  1. Have the original image appear, to the trained human eye, unedited.
  2. Have the bytes of the image appear, to a trained analyst, undistorted so much so as to arouse suspicion.
  3. Have the complete message be recoverable no matter how it is transmitted.

Screenshots

pixelknot UIFeatures

Have a secret that you want to share? Why not hide it in a picture? With Pixelknot, only your friends with the secret password can unlock your special message. Everyone else just sees a pretty picture. It’s a fun and easy way to share hidden messages without anyone knowing. Take those pixels, twist them in a knot, and see for yourself!

★ DISGUISE YOUR MESSAGES: Pictures are public, the text is hidden inside. Even a trained eye will think the image is unedited. It’s security through obscurity!
★ FOR YOUR EYES ONLY: Put a password on the secret message to make sure that no one can read it except the person it’s meant for.
★ EASY IMAGE CHOOSER:  You can use the camera to take photos, or just use photos you’ve already taken.
★ INVISIBLE CHANGES: Even a trained analyst analyst shouldn’t be able to detect any message. The image bytes should seem undistorted.
★ SHARE ACROSS PLATFORMS: Want to share the images over email, file sharing tools (like Dropbox & Sparkleshare), social media (like Google+ & Flickr) or directly through Bluetooth or NFC? Not a problem! The messages are still recoverable on the other side. We’ll have even more tools (like Facebook) working soon, so stay tuned!
★ AD-FREE: We want your love, not your money.
★ MATHEMATICALLY SECURE: We use the newly developed steganography algorithm F5 which implements matrix encoding to improve the efficiency of embedding and employs permutative straddling to uniformly spread out the changes over the whole steganogram.
★ ATTACK RESISTANT: We’ve launched attacks on images with messages hidden in them using a specialized version of stegdetect, an automated tool for detecting steganographic content in images. In most cases, the pictures have been impervious to attack. We will be including detection in an upcoming version of the application so you can easily test it yourself!
★ ARTIST FRIENDLY: The app features the work of Pablo Picasso. His painting “Girl before a Mirror” from March 1932, to be exact. We hope it inspires you to share beautiful imagery and wonderful ideas.
★ WE SPEAK YOUR LANGUAGE:  Or at least we try to. Don’t see your language? Join us and help translate the app: https://www.transifex.com/projects/p/pixelknot/

Usage Notes

This is still an experimental application and should not be used in real world deployments. We’re skeptical yet optimistic about stenography usage in the field. Most existing steganography tools are security through obscurity. Detection has become easier, but we’re experimenting with new newer methods. Getting users to adopt the tools means insuring that these tools, are verifiably secure, and also usable. We’re exploring options and reviewing best design practices from the field. Overall, this research and not a definitive study. We look forward to further focus, research, and collaboration in the field.

The Guardian steganography standard results:

  1. Unedited? Many of the apps produced rendering errors, warped in some way. Otherwise, images did not appear edited in any of the apps.
  2. Undistorted? Initial tests with stegdetect have had success. Trained analysts have not yet been engaged analyze whether distortion has occurred..
  3. Recoverable? Certain apps re-render the image when sharing, thereby making it unrecoverable. We’ve tried to integrate this into our User Interface to limit problems.

Developers

  • Source code is available via our Github > git clone https://github.com/guardianproject/PixelKnot.git
  • Come discuss on #guardianproject on irc.oftc.net or #guardianproject on freenode.

22 thoughts on “Pixelknot: Hidden Messages

  • 2013/08/24 at 6:34 am
    Permalink

    How do I view my hidden messages, after knotting and giving a password? Thx

    Reply
    • 2013/08/25 at 12:40 pm
      Permalink

      Open an image sent to you or in your Gallery using the “Share” action bar option, and send it to PixelKnot.

      Reply
  • 2013/08/26 at 6:40 pm
    Permalink

    I’m trying to do this but pixelknot doesn’t show up in the share list…

    Reply
    • 2013/08/26 at 8:54 pm
      Permalink

      can you confirm which version of the app you are using? also where are you trying to share from?

      Reply
    • 2014/06/04 at 10:18 am
      Permalink

      I was able to open an image and retrieve the embedded message. From the Share icon, if PixelKnot doesn’t show up in the list, try “Show All” and then select PK.

      Reply
  • 2013/10/07 at 11:52 pm
    Permalink

    It’s great but wouldn’t anyone with the app or with the right ‘algorithmic’ tools be able to pull the message from the picture? It could be nice to be able to add some encryption to the text before it’s embedded…

    Reply
    • 2013/10/08 at 10:56 pm
      Permalink

      It is true that it is possible to run pixelknot on a stream of images to see if there is anything hidden in them. That process is quite CPU intensive, so it is a roadblock to mass scanning of images. The app also lets you encrypt the message using AES and a password.

      Reply
  • 2013/10/23 at 2:12 pm
    Permalink

    Will there be a desktop version?

    Reply
  • 2013/10/31 at 5:34 pm
    Permalink

    Pixelknot is useless, as it is not working on my Nexus one android.
    It stopps working at the stage of decoding. (Surgeons)
    So it is totally useless.
    Sorry

    Reply
  • 2013/11/13 at 7:40 pm
    Permalink

    Nice app. Seems to hang when scanning images with no messages in them, or maybe i was not patient enough. Some notification that an image was not found or a progress notification if it’s still scanning would be nice

    Reply
  • 2013/11/24 at 9:29 pm
    Permalink

    I am intrested on the attacks used spicifucally ang if you put up against hip which may beable to extract the hidden content if not I may test this myself

    Reply
  • 2013/11/25 at 2:33 pm
    Permalink

    why between the “trusted apps” there are Gmail and Gdrive ?

    can, optionally, be marked in a visible way the output picture ? I know that this would be anti-steganography behavior, but can help to notify the other person to use pixelknot (is not executed automatically, then the casual adopters can forget to extract data, and the casual user do not need really steganography defense, but is strong has the possibility in the pocket).

    then I believe an optional and recurring mark can help in spread pixelknot usage.

    Reply
  • 2014/01/02 at 2:29 pm
    Permalink

    How does someone with the password and the image then decryt the image to get the message?

    Reply
  • 2014/01/08 at 8:23 am
    Permalink

    Hello,
    great app but many time I can’t restore the message because it says “wrong password”
    Regards.
    Lang

    Reply
    • 2015/02/28 at 5:42 am
      Permalink

      Oh thought provoking! Leta make sure you have your password remembered you dolphin whimper!

      Reply
  • 2014/03/01 at 5:42 am
    Permalink

    It seems to work fine but the recipient can’t enter the password anywhere. It’s just a picture. What am I doing wrong?

    Reply
  • 2014/05/11 at 2:57 am
    Permalink

    Cannot recover msg. after sending as attachment or just opening the file w. PKnot after entering password. Gives invalid password error no matter what jpg , what password or which version of PKnot. Tried all I could find. Is there a jpg or password limitation ? Samsung @galaxy tablet 7.co.7

    Reply
    • 2014/10/02 at 4:46 pm
      Permalink

      The goals of using stenography are different, but similar, to the goals of using cryptography. PixelKnot supports encrypting the data that is embedded into the image, so the data will remain private. The point of the stenography is to make it hard to notice that cryptography is being used. Unfortunately, it is relatively easy to automatically detect encrypted data. Using stenography makes it harder to spot encrypted data. But with all stenography algorithms, there is no “guarantee” something is hidden, it just makes it harder to find.

      Reply
    • 2014/11/14 at 9:32 am
      Permalink

      pixel knot il top much slow! !!!!

      Reply
  • 2015/02/01 at 5:32 am
    Permalink

    Please take me step by step so I can use the app properly. Thanks
    Zz

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>