Click here to Skip to main content
15,347,000 members
Articles / Programming Languages / C#
Posted 20 Sep 2003


51 bookmarked

Steganography II - multiple key and carrier files

Rate me:
Please Sign up or sign in to vote.
4.83/5 (19 votes)
3 Apr 2004CPOL4 min read
An article about spreading hidden data over many images.

Sample Image - steganodotnet2.png


This article enhances the last article Steganography - Hiding messages in the Noise of a Picture. It adds three important features to the application:

  • Multiple key files
  • Password protection for each key file
  • Multiple carrier images


Before reading this, you should have read part one, Steganography - Hiding messages in the Noise of a Picture. This article uses the application described in part one, and adds functionality to spread the message over multiple carrier images, use more than one key file, and protect each key with a password.

Multiple keys

Symmetric keys contain a central problem: how do you transfer the key? Anyone who gets his hands on the key is able to decrypt every message you send or receive. So we have to make it difficult to steal the key. One idea might be keeping the keys short and don’t save them at all. But a short key always leaves a footprint in the encrypted file. In our case, it wouldn't be visible as a regular noise pattern. Why not combine a short password with a long key? You can store a long key in a file, and encrypt that key using a short password which is stored only in your brain.

A password always belongs to its key file, just like that:

public struct FilePasswordPair{
    public String fileName;
    public String password;

    public FilePasswordPair(String fileName, String password){
        this.fileName = fileName;
        this.password = password;

Before we can use the keys, the file/password pairs have to be combined. In this example, the key file contains the text "hello-world". Whenever you hide or extract a message with the "hello-world"-key, you type the password "nothing". The application XOR-combines the bytes of the key file with the bytes of the password, repeating the password again and again.

protecting a key file with a password

Here is the same thing in C#:

public static MemoryStream CreateKeyStream(FilePasswordPair key){
    FileStream fileStream = new FileStream(key.fileName, FileMode.Open);
    MemoryStream resultStream = new MemoryStream();
    int passwordIndex = 0;
    int currentByte = 0;

    while( (currentByte = fileStream.ReadByte()) >= 0 ){
        //combine the key-byte with the corresponding password-byte
        currentByte = currentByte ^ key.password[passwordIndex];
        //add the result to the key stream
        //proceed to the next letter or repeat the password
        if(passwordIndex == key.password.Length){
            passwordIndex = 0;

    resultStream.Seek(0, SeekOrigin.Begin);
    return resultStream;

The resulting stream is as long as your key file, but never stored anywhere. Of course, this encryption is not really safe, so we’ll use more keys and more passwords. Before the recipient is able to extract the message, he must have all the keys and know all the passwords. If somebody manages to copy one key or guess two passwords, there's no need to panic as long as the other key files are still safe. That means, before hiding or extracting data, we create each key stream as shown above, and then combine all streams into one key stream:

combining three stream

private static MemoryStream GetKeyStream(FilePasswordPair[] keys){
    //Xor the keys an their passwords
    MemoryStream[] keyStreams = new MemoryStream[keys.Length];
    for(int n=0; n<keys.Length; n++){
        keyStreams[n] = CreateKeyStream(keys[n]);
    //Buffer for the resulting stream
    MemoryStream resultKeyStream = new MemoryStream();

    //Find length of longest stream
    long maxLength = 0;
    foreach(MemoryStream stream in keyStreams){
        if( stream.Length > maxLength ){ maxLength = stream.Length; }
    int readByte = 0;
    for(long n=0; n<=maxLength; n++){
        for(int streamIndex=0; streamIndex<keyStreams.Length; streamIndex++){
            if(keyStreams[streamIndex] != null){
                readByte = keyStreams[streamIndex].ReadByte();
                if(readByte < 0){
                    //end of stream - close the file
                    //the last loop (n==maxLength) will close the last stream
                    keyStreams[streamIndex] = null;
                    //copy a byte into the result key
                    resultKeyStream.WriteByte( (byte)readByte );
    return resultKeyStream;

As you can see, we don’t have to change the algorithm at all. We just call GetKeyStream before hiding or extracting the message, then we can pass the complete key stream to HideOrExtract(). After that, we have one picture containing all hidden information. Again, we are facing the problem of transfer.

Spread the information over the images

If you're really paranoid, you won’t trust your mailbox. Of course, you won’t trust the postman either. That means, you don’t dare sending the carrier bitmap in one piece. That is no problem anymore, because you can hide one message in many bitmaps. It is quite similar to writing text across a couple of pages. According to this application, it means spreading the pixels over multiple images.

multiple sheets of paper

multiple images

You can send each image in a separate E-mail, post them in different mailboxes, or store them on different discs. The GUI allows selecting carrier bitmaps the same way as selecting key files. The selection is stored as an array of CarrierImages.

public struct CarrierImage{
    //file name of the clean image
    public String sourceFileName;
    //file name to save the new image
    public String resultFileName;
    //width * height
    public long countPixels;
    //produce colorful (false) or grayscale noise (true) for this picture
    public bool useGrayscale;
    //how many bytes will be hidden in this image - 
    //this field is set by CryptUtility.HideOrExtract()
    public long messageBytesToHide;

    public CarrierImage(String sourceFileName, 
      String resultFileName, long countPixels, 
      bool useGrayscale)
        this.sourceFileName = sourceFileName;
        this.resultFileName = resultFileName;
        this.countPixels = countPixels;
        this.useGrayscale = useGrayscale;
        this.messageBytesToHide = 0;

Larger images can hide more bytes (more pixels) than smaller images. This application uses the most simple distribution:

//calculate count of message-bytes to hide in (or extract from) each image 
for(int n=0; n<imageFiles.Length; n++){
    //pixels = count of pixel in this image / count of all available pixels
    float pixels = (float)imageFiles[n].countPixels / (float)countPixels;
    //this image will hide (length of the message * pixels) bytes
    imageFiles[n].messageBytesToHide = 
      (long)Math.Ceiling( (float)messageLength * pixels );

Now, we start with the first carrier bitmap, loop over the message, hide a number of bytes, switch to the second carrier bitmap, and so on.

//Current position in the carrier bitmap
//Start with 1, because (0,0) contains the message length
Point pixelPosition = new Point(1,0);

//Count of bytes already hidden in the current image
int countBytesInCurrentImage = 0;

//Index of the currently used image
int indexBitmaps = 0;

//Loop over the message and hide each byte
for(int messageIndex=0; messageIndex<messageLength; messageIndex++){
    //Calculate the position of the next pixel

    //Proceed to the next bitmap
    if(countBytesInCurrentImage == 
        pixelPosition.Y = 0;
        countBytesInCurrentImage = 0;
        bitmapWidth = bitmaps[indexBitmaps].Width-1;
        bitmapHeight = bitmaps[indexBitmaps].Height-1;
        if(pixelPosition.X > bitmapWidth){ pixelPosition.X = 0; }
    //hide or extract a byte

In the end, we must save the new images. Each image can be saved using a different format (BMP, TIFF or PNG). The new format has nothing to do with the format of the original image file. That means, you can select a BMP, two PNG and a TIFF file as carrier images, and save the results into three TIFF and one PNG file.

    for(indexBitmaps=0; indexBitmaps<bitmaps.Length; indexBitmaps++){
        if( ! extract ){ //Extract mode does not change any images
            //Save the resulting image and close the source file
            SaveBitmap( bitmaps[indexBitmaps], 
               imageFiles[indexBitmaps].resultFileName );

private static void SaveBitmap(Bitmap bitmap, String fileName){
    String fileNameLower = fileName.ToLower();
    //Get the format from the file extension
    System.Drawing.Imaging.ImageFormat format = 
        format = System.Drawing.Imaging.ImageFormat.Tiff;
    else if(fileNameLower.EndsWith("png"))
        format = System.Drawing.Imaging.ImageFormat.Png;
    //copy the bitmap
    Image img = new Bitmap(bitmap);
    //close bitmap file
    //save new bitmap
    img.Save(fileName, format);

Lazy users

Somebody asked me for a compiled application. So, if (for whatever reasons) you do not want to mess with the code, you can now play with the binary, available with the downloads.


This article, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)


About the Author

Corinna John
Software Developer
Germany Germany
Corinna lives in Hanover/Germany and works as a C# developer.

Comments and Discussions

QuestionHelp Pin
Member 1071899810-Apr-14 4:27
MemberMember 1071899810-Apr-14 4:27 
GeneralHelp Pin
Member 1071899810-Apr-14 3:54
MemberMember 1071899810-Apr-14 3:54 
Questionsteganography Pin
shaker17-May-12 9:36
Membershaker17-May-12 9:36 
Bugpassword Authentication Pin
sudheer75503-Mar-12 3:18
Membersudheer75503-Mar-12 3:18 
General3D Steganography Pin
shanmugam_1327-Oct-09 1:19
Membershanmugam_1327-Oct-09 1:19 
GeneralRe: 3D Steganography Pin
Corinna John27-Oct-09 11:31
MemberCorinna John27-Oct-09 11:31 
GeneralRe: 3D Steganography Pin
shanmugam_1328-Oct-09 20:49
Membershanmugam_1328-Oct-09 20:49 
GeneralJustification Pin
Hani_ys6-Nov-07 5:05
MemberHani_ys6-Nov-07 5:05 
GeneralRe: Justification Pin
Corinna John9-Nov-07 5:35
MemberCorinna John9-Nov-07 5:35 
GeneralRe: Justification Pin
Hani_ys9-Nov-07 19:19
MemberHani_ys9-Nov-07 19:19 
QuestionExtract Pin
Hani_ys8-Sep-07 7:11
MemberHani_ys8-Sep-07 7:11 
Questionkey file Pin
Hani_ys1-Sep-07 7:19
MemberHani_ys1-Sep-07 7:19 
AnswerRe: key file Pin
Corinna John1-Sep-07 10:54
MemberCorinna John1-Sep-07 10:54 
QuestionRe: key file Pin
Hani_ys1-Sep-07 22:24
MemberHani_ys1-Sep-07 22:24 
AnswerRe: key file Pin
Corinna John2-Sep-07 10:21
MemberCorinna John2-Sep-07 10:21 
GeneralRe: key file Pin
Hani_ys3-Sep-07 5:58
MemberHani_ys3-Sep-07 5:58 
QuestionVC6++ HELP HOW??? Pin
cnncnn18-Aug-04 20:19
Membercnncnn18-Aug-04 20:19 
GeneralCool Pin
surgeproof10-Apr-04 2:27
Membersurgeproof10-Apr-04 2:27 
GeneralRe: Cool Pin
Corinna John17-Apr-04 8:57
MemberCorinna John17-Apr-04 8:57 
GeneralJust Funny Pin
pkterry24-Feb-04 17:47
Memberpkterry24-Feb-04 17:47 
GeneralRe: Just Funny Pin
Corinna John24-Feb-04 19:42
MemberCorinna John24-Feb-04 19:42 
GeneralCrypto Pointers Pin
Blake Coverett21-Sep-03 14:35
MemberBlake Coverett21-Sep-03 14:35 
GeneralRe: Crypto Pointers Pin
Corinna John26-Sep-03 9:17
MemberCorinna John26-Sep-03 9:17 

General General    News News    Suggestion Suggestion    Question Question    Bug Bug    Answer Answer    Joke Joke    Praise Praise    Rant Rant    Admin Admin   

Use Ctrl+Left/Right to switch messages, Ctrl+Up/Down to switch threads, Ctrl+Shift+Left/Right to switch pages.