Wednesday, November 18, 2015

MegaDownloader and Steganography

From version 1.7 onwards (click here to download it), MegaDownloader will add the option to hide MEGA links inside JPEG images using a technique called Steganography.

Steganography, according to the Wikipedia, "is the practice of concealing a file, message [...] within another file [...]. 
The word steganography combines the Greek words steganos (στεγανός), meaning "covered, concealed, or protected", and graphein (γράφειν) meaning "writing"."

Thanks to this technique, you will be able to hide, protect and share MEGA links directly from a JPEG image.

How will this option work?

MegaDownloader will allow these two options:
  • Create an image with hidden links.
  • Load links from the previous image and download them.

MegaDownloader will also allow to choose between saving the links in a visible way, or an "invisible" way, so the user that retrieves them will be able to download them, but not see them.

Moreover, links will be protected with a password (optional), so discover the hidden data will be very difficult (or directly impossible).

How does this feature work?


Steganography consists in two steps (normally it is referred as the first one, but in practice both are always applied):
  • Hide the data so an "attacker" doesn't know there is a hidden message.
  • Cipher the data so even if the "attacker" discover there is a hidden message, can't retrieve it.
This second step is easly achieved using cryptography (AES for example). The first step is more complex and depends on the image type.
For Bitmaps, normally the information is hidden in the LSB (less significant byte). A normal user won't be able to retrieve the data or notice there is something hidden. A stegano analyst will use "statistical attacks" in order to determine if there is a message hidden - normally with some degree of success.
However nowadays nobody uses Bitmaps... so what about JPEGs (the most common image format)?

The simpler way is to hide information after the EOF of the JPEG, or inside the EXIF or the comment markers (COM). These methods are trivial, a normal user won't see them easily but a stegano analyst will discover it immediately.

There are more complex techniques for JPEG. For example, hidding information in the DCT matrix.
This is how both Outguess and JSteg works. The bad side is that these methods are old and nowadays are considered broken - using statistical attacks it is possible to detect a message hidden.

A more recent technique called "F5" (an evolution of F3 and F4 algorithms) allow to hide information in the JPEG but makes it much difficult to an analyst to discover the message - it offers a good resistance to statistical attacks.
This algorithm can be broken in some cases using an statistical test called "Chi Square analysis". However, if the message is small enough compared to the container image, the probability of discovering a message is reduced.

So, to sum up, most of the steganographic algorithm are considered "broken", although F5 is one of the most secure. When we say "broken" we mean that an analyst can discover a secret message with a certain probability, but if it is ciphered, then he won't be able to deciphered it without the password - if the cipher algorithm is good, of course.

Which techniques implement MegaDownloader?


First, MegaDownloader uses the F5 algorithm to hide links inside the JPEGs. This ensures that will be very difficult, or even impossible in some cases, to discover a message in the image (the smaller message, the more difficult to discover).
It also distributes the message over the image, using a pseudo-random distribution based on a password, which difficults the analysis.

Second, the message is ciphered, using a 256 bit AES cipher, with a random IV generated with a CSPRNG (Cryptographically Secure PseudoRandom Number Generator).
The key is derived with a PBKDF2 function, using more than 25,000 SHA1 iterations with a salt.


Can this be tagged as "secure"? 
First, consider there is nothing 100% secure (specially for the NSA :p). Taking this into account, we have used some of the most advanced techniques to protect and hide the links inside JPEG images.
The security of the system is based on the password chosen for ciphering the data, so if the password is strong enough, it wouldn't be a mistake say that yes, it could be considered quite secure :)

Can I test it?


Of course! In this link you can download last version.

Want to try?
Download this image (or select the URL), put it into the Steganography window (Options/Retrieve links from an image) and enter the password "Megadownloader".

http://www.subeimagenes.com/img/output-1538992.jpg
If you find any problem or bug don't hesitate in posting it so we can help you :)

32 comments:

  1. I'm excited to see these new changes. Good job!

    ReplyDelete
  2. Hi, I was wondering if you would consider adding this as a feature in your next update. It would be nice to include a function like a Boss Key which uTorrent has which hides the program from the desktop view and from the tray as well, and to be restored after pressing the right key combination and entering a password. I think it's be useful for a lot of people...

    ReplyDelete
  3. el ultimo instalador asi como el link me lo bloquean por virus alguno con el mismo problema?

    ReplyDelete
  4. This comment has been removed by the author.

    ReplyDelete
  5. Error: ''Windows cannot access the specified device, path, or file. You may not have the appropriate permission to access the item'', please help!

    ReplyDelete
    Replies
    1. Hi, did you get around the issue? I´m having the same problem.

      Delete
    2. Most probably your antivirus is causing this. Disable it and try again.

      Delete
    3. Most probably your antivirus is causing this. Disable it and try again.

      Delete
  6. This comment has been removed by the author.

    ReplyDelete
  7. Why every mega link got branded as 'Invalid link'. I even wrote .co but to no avail.

    ReplyDelete
  8. Better use PNG instead JPEG.
    Big .jpeg can result suspicious,
    but .pgn files are usally very big,
    so they can pass desapercibited.

    And some hosters recompress jpg files, but not the png ones.

    ReplyDelete
  9. Hi
    thanks for this cool tool, i was wondering, why there is an outgoing communication whenever i start the programs and while it's downloading?

    ReplyDelete
  10. Hola, me salta este error en log's con la version 1.7, intentendo descargar un archivo de 45Gb, cuando llega mas o menos al 75% la descarga se detiene, pone descargando pero a velocidad 0Kb/s.

    2016-03-13T09:19:09:754 [ID#6] >>> Error in Downloader.DoWork: System.OverflowException: La operación aritmética ha provocado un desbordamiento.
    en MegaDownloader.FileDownloader.ChunkDownloader_DoWork(Object sender, DoWorkEventArgs e)

    ¿Cual puede ser el problema?

    ReplyDelete
  11. Hola, me salta este error en log's con la version 1.7, intentendo descargar un archivo de 45Gb, cuando llega mas o menos al 75% la descarga se detiene, pone descargando pero a velocidad 0Kb/s.

    2016-03-13T09:19:09:754 [ID#6] >>> Error in Downloader.DoWork: System.OverflowException: La operación aritmética ha provocado un desbordamiento.
    en MegaDownloader.FileDownloader.ChunkDownloader_DoWork(Object sender, DoWorkEventArgs e)

    ¿Cual puede ser el problema?

    ReplyDelete
  12. Hola, me salta este error en log's con la version 1.7, intentendo descargar un archivo de 45Gb, cuando llega mas o menos al 75% la descarga se detiene, pone descargando pero a velocidad 0Kb/s.

    2016-03-13T09:19:09:754 [ID#6] >>> Error in Downloader.DoWork: System.OverflowException: La operación aritmética ha provocado un desbordamiento.
    en MegaDownloader.FileDownloader.ChunkDownloader_DoWork(Object sender, DoWorkEventArgs e)

    ¿Cual puede ser el problema?

    ReplyDelete
  13. Hi. same Jorgs225's problem.

    meanwhile:

    thanks for this application, is perfect a suggest: retry by error can put in seconds??

    ReplyDelete
  14. I really like your idea for adding stenography to uploads. I've actually been doing something similar on my own various uploads to public hosting sites.

    However, there is a very basic feature that if possible I would love to see implemented in 1.8 (or 1.7.1 or whatever). A scroll-bar on the right of your list of downloads. It seems like such a small complaint, but I often find myself downloading many different files at a time (each of which need their own folder) and having to stretch the window out vertically is really annoying (and eventually impractical) after awhile. And sometimes it STILL won't fit all my downloads.

    Is this a possible quick-fix that can be implemented? Please and thank you very much, I appreciate all the hard work you've put into these programs!

    ReplyDelete
  15. Hello such good work beforehand . I have a very important request , I could provide the source code of the application , try downloading the link code but blocks Goole .

    ReplyDelete
  16. Saludos. Me parece genial la aplicacion y me gustaria que tuviera soporte para Click'n'load...

    ReplyDelete
  17. U can download from mega.nz with idm & etc by this site www.mega-debrit.com

    ReplyDelete
  18. U can download from mega.nz with idm & etc by this site www.mega-debrit.com

    ReplyDelete
  19. Hi. I have a suggestion, could you please do the password field just a "text field"? Sometimes the app don't uncompress the RAR successfully, and when I want to see the password to extract the file manually, I can't see it, It's just black circles because is a password field.

    Thanks a lot!

    ReplyDelete
  20. Excelente, y mas contento de que sean hispanohablantes los que desarrollaran este programa, como usuario regular de jdownloader, creo de el programa deberia de tener un espacio de lugar de origen, esto para poder pegar la direccion de origen del archivo y no solo la direccion de descarga. Tambien el espacio de contraseña deberia de ser visible y no oculto. Excelente de nuevo.

    ReplyDelete
  21. Thank you very much , excellent program , you could add what passwords are stored extraction ? so that when I do homework auto unzip automatically if the password is stored ?

    ReplyDelete
  22. Un programa excelente, es muy util cuando se sobrepasa el limite de ancho de banda que impone Mega, ojalá nunca pierda su funcionalidad.

    ReplyDelete
  23. Sinceras GraCias Totales! sIEMPRe!! lml

    ReplyDelete
  24. Please add the function to disable sleep or hibernate when downloads are ongoing. Thank you!

    ReplyDelete