************************************************************************

Hide In Picture (HIP)

version 2.1 - October, 2002
Copyright (C) 2002 Davi Tassinari de Figueiredo
************************************************************************

---------------------
Table of contents
---------------------
- Introduction
- License and disclaimer
- Legal warning
- Available packages
- Files in HIP binaries package
- Version history
- Basic concepts
- Features
- Using HIP for DOS/Linux
- Using HIP for Windows
- Error messages
- Security recommendations
- How HIP works
- Translating HIP
- Credits

----------------
Introduction
----------------
Hide In Picture (HIP) is a steganography program. It is a program that
allows you to "hide" any kind of file inside standard bitmap pictures.
The pictures look like normal images, so people will not suspect they
contain hidden data.
You can use a password to hide your files, and only those who know the
password use are able to retrieve them - without it, people cannot even
be sure there is something hidden in the image.
I hope you enjoy HIP. If you have any doubts, comments, bug reports or
suggestions for future versions, please e-mail me at davitf at eml.cc
(the address is not written directly to avoid spammers; simply replace
at with @). The latest version of this program is available at
http://hide-in-picture.sf.net/. If you cannot understand any part of
this documentation, I'm sorry; please tell me so that I can improve it.

--------------------------
License and disclaimer
--------------------------
This program is free software; you can redistribute it and/or modify it
under the terms of the GNU General Public License as published by the
Free Software Foundation; either version 2 of the License, or (at your
option) any later version.
This program is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
General Public License for more details.
You should have received a copy of the GNU General Public License along
with this program; if not, write to the Free Software Foundation, Inc.,
59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
The full GNU General Public License is in the file COPYING.
----------------------
NOTE: The Win32Lib library (used by the Windows version) has the
following license terms:
This software is provided 'as-is', without any express or implied
warranty. In no event will the authors be held liable for any damages
arising from the use of this software.
Permission is granted to anyone to use this software for any purpose,
including commercial applications, and to alter it and redistribute it
freely, subject to the following restrictions:
1. The origin of this software must not be misrepresented; you must not
claim that you wrote the original software.
2. If you use this software in a product, acknowledgement in the
product's documentation and binary are required.
3. Altered source versions, and works substantially derived from the
it, must...
a) be plainly be marked as such,
b) not be misrepresented as the original software,
c) include this notice, unaltered.

-----------------
Legal warning
-----------------
Many countries have laws restricting the export or use of cryptography.
The algorithms implemented in this program are rather strong, so it
might be illegal for you to use it, or you might need to get special
permission in order to use it. Before using this program, you should be
sure that what you are going to do is legal in your country. If you do
not know about the regulations for your country, visit Crypto Law Survey
at http://cwis.kub.nl/frw/people/koops/lawsurvy.htm. The author takes no
responsibility for illegal use of the program.
This program is able to read and write GIF files. However, Unisys has
patents for the compression algorithm used by these files (LZW) in the
United States, United Kingdom, France, Italy, Germany, Canada and Japan;
if you are in any of these countries, you are not allowed to use the GIF
reading/writing capabilities without obtaining a license from Unisys (I
am not a lawyer, so this information may be inaccurate).

----------------------
Available packages
----------------------
There are several packages available for HIP, all of which can be
downloaded from the HIP page. Here is a list, with a brief description
of each one.
Because of patent concerns in some countries regarding GIF files (see
Legal warning), the source code for handling these files is not included
in the main source package, but in a separate package. Also, there are
two binary packages for each supported language: one of them contains
binaries with GIF support and the other one contains binaries without
this support. If you are in one of the countries where Unisys has
patents on LZW, you should use the _nogif binaries and not use the GIF
handling source code; otherwise, you may use any of the packages (it is
probably better to use the full-featured program).
Source code:
- hip21src - source code for HIP 2.1
- hip21gif - source code GIF file reading/writing with HIP 2.1
- hip21msg - message files in several languages for use with HIP 2.1
Binaries:
There are binaries (executable files) for all the currently available
languages. Each language is represented by a two-letter code in the
package name; the package names below have the letters en, for English,
and you should replace them by the code for the appropriate language.
- hip21_en - binaries for HIP 2.1, with GIF support
- hip21_en_nogif - binaries for HIP 2.1, without GIF support
All the packages are available from the HIP page, at
http://hide-in-picture.sf.net/.

---------------------------------
Files in HIP binaries package
---------------------------------
DOS/Windows binaries
- winhip_XX.exe / winhip_XX_nogif.exe - Windows program file
- hip_XX.exe / hip_XX_nogif.exe - DOS program file
- hip.htm; hip.txt - Documentation (this file)
- COPYING - The GNU General Public License
(you may rename the program files before using them, if you wish)

-------------------
Version history
-------------------
- Version 1.0 : first release.
- Version 1.1 : hiding/retrieving is faster, but not compatible with
v1.0 hidden files; first Windows version.
- Version 2.0 beta : completely rewritten code. Faster, safer, bug
fix, support for other encryption algorithms, support for
transparent colors, no longer limited to hiding one bit per picture
byte, better user interface... not compatible with v1.x hidden
files.
- Version 2.0 : cleaner code, GUI improvements in Windows version,
paletted pictures not compatible with beta version (due to a fix to
avoid possible problems when dealing with other graphic formats),
added erase option, improved documentation.
 - Version 2.1 : support for reading and writing GIF files, support for
special characters in the program messages, -iX (image format)
option in command-line version, new image displaying method in
Windows version (less flickering), minor bug fixes, minor code and
documentation improvements, smaller binaries (due to new Euphoria
version used in compilation).

------------------
Basic concepts
------------------
HIP hides data inside a picture by modifying its colors in a way that is
almost unnoticeable by the human eye. When a file is hidden, it conceals
each part in an area of the picture; the areas used to store each part
of the file are chosen by doing several calculations with the password
given. When retrieving a file, the same calculations are done to the
password and, knowing which area contains each part of the file, it can
be reconstructed. If the wrong password is used when retrieving a file,
HIP will try to read the file from the wrong areas and will not find
anything there.
When a file is hidden in a picture that already has something in it, the
new file may be written in areas where the previous data was stored (as
HIP has no way of knowing that it was already there), so the old file
will be erased or corrupted. Also notice that a large file will need
more areas to be fully hidden than a small one, so it may be easier to
see the modifications in the picture. If you hide a file that is too
large, there will be a lot of "noise" in the picture and it will be easy
to notice there is something hidden in the picture, even if other people
cannot see what is actually hidden in it. For a somewhat more technical
explanation about how hiding works, please read How HIP works. Before
using HIP to hide important data, please read Security recommendations.

------------
Features
------------
Here are some HIP features you may want to know about:
- Encryption - All data is encrypted before being written to a
picture, to increase security. HIP offers several (well, currently
only two) encryption algorithms you can choose from; all of them are
considered very secure, so you don't have to worry about it unless
you have a specific reason for wanting to use a specific algorithm.
When retrieving a file, HIP tries using all the available algorithms
to find the correct one.
- Transparent color support - One color of the picture may be set as
'transparent'; nothing will be stored in areas of this color. This
can be useful, for example, when hiding a file in an image from a
Web page, as its transparent areas will remain as they were before.
To retrieve a file hidden using this option, you must set the
transparent color to the same used when hiding it. Transparent
colors for GIF files are automatically loaded/saved.
- Erase file option - If you want to remove a file hidden in a
picture, use this option. It will overwrite the file with random
 data, so the file will be unrecoverable. If you know the password
with which the file was hidden, you can provide it and only the
necessary areas will be overwritten, resulting in a very small
quality loss; however, if you provide the wrong password, the file
will not be erased properly. If you do not provide a password, HIP
will overwrite more of the picture to account for all the possible
passwords, causing a larger quality loss.

---------------------------
Using HIP for DOS/Linux
---------------------------
HIP for Dos/Linux is a command-line utility.
To hide a file inside a picture, use:
hip h source_image input_file [destination_image] [options]
If the destination image name is not specified, the destination image is
written on top of the source image.
To retrieve a file from a picture, use:
hip r source_image [output_file] [options]
If the output file name is not specified, the name saved in the picture
is used.
To erase a file previously hidden in a picture, use:
hip e source_image [destination_image] [options]
If the destination image name is not specified, the destination image is
written on top of the source image.
Options:
-fxxxxxx - file name to write in image
By default, the name of the input file is written in the image. Use
this option to specify a different name to write. If you use it
without specifying a file name, no name is written.
-pxxxxxx - password to use
When used with the hide or retrieve operations, this option specifies
the password to use for hiding/retrieving the file. If you do not use
this option, you will be asked to enter a password (recommended). When
used with the erase operation, HIP assumes there is a file hidden with
the specified password and overwrites only the first bits of the
hidden data; if the image contains a file hidden with a different
password, it will not be erased correctly.
-thh or -thhhhhh - transparent color index or RGB value
Use this option to set the transparent color for the image. To specify
the palette index for the transparent color of an 8-bit image, use two
hexadecimal digits (00-FF). To specify the RGB value for the
transparent color, use six hexadecimal digits (the first two represent
the red component, the next two represent the green one and the last
two, the blue one). If you specify the RGB value for the transparent
color of an 8-bit image and there is more than one palette entry with
that color, the one with the lowest index will be used.
-ex - encryption algorithm
Use this option to choose the encryption algorithm: a for Blowfish
(default) or b for Rijndael.
-ix - image format
Use this option to choose the image format for the output file. If the
format is not specified, HIP will choose the format based on the file
extension; if the extension is not recognized, the file will be saved
as a Windows Bitmap (BMP) picture.
-c - write the CRC-32 of the data
Use this option to append a checksum to the data to identify data
corruption. This is enabled by default.
-C - do not write the CRC-32 of the data
Use this option if you do not wish to append a checksum to the data;
see above.
-h - hide the password characters
If the p option is not used, the program asks the user for the
password. Use this option to show *'s (asterisks) instead of the
password characters. This is enabled by default.
-H - do not hide the password characters
Use this option to show the password characters while you are typing
them.
-v - view file information only
Use this option if you only want to see whether the file fits inside
the picture when hiding, or the name and size of the hidden file when
retrieving. The destination image or output file is not written.
-q -quiet mode
Use this option if you do not want to see unnecessary messages (such
as the file information and status bars). The only things that will be
shown are password prompts, confirmation messages and error messages.
-y -answer 'yes' to all confirmation questions
By default, the program asks for confirmation before overwriting a
file that already exists. If this option is specified, you will not be
asked for confirmation.

-------------------------
Using HIP for Windows
-------------------------
HIP for Windows is a GUI (graphical user interface) application, which
is intended to be easy to use and understand. You can open a picture by
selecting the 'Open picture...' item on the File menu of the main window
or by clicking the Open button on the window, and then choosing the file
you wish to open. You can also drag and drop a picture into the main
window. When you open a picture, it is displayed in a new window.
Hiding a file
To hide a file inside a picture, select the 'Hide file...' item in the
Image menu or click the Hide button, and choose the file you want to
hide. You can also drag and drop the file into the picture.
An Options window will then appear. In it, you can type the password
to use, change the file name which will be written along with the
file, choose the encryption algorithm for the file, and say whether
you want a checksum to be written along with the file (recommended).
 Press the Ok button when you are done.
The file will then be hidden in the picture. A progress window will be
shown during this process; if you wish to abort it, click the Stop
button or close this window. When the process is complete, the window
containing the picture will show the modified picture.
Click the Save button or select the 'Save picture' item in the Image
menu to save the modified image on top of the original one. If you do
not want to overwrite the original picture, click the Save As button
or select the 'Save picture as...' item in the menu. Please note that
the file format selected in the Save file dialog box does not really
have an effect on the format used to save the picture; the file format
is selected from the file extension (this is a bug, not a feature; I
hope to be able to fix it soon).
Retrieving a file
To retrieve a file hidden inside a picture, click the Retrieve button
or select the 'Retrieve file...' item in the Image menu, and wait
while HIP converts the pixels in the picture into the data which it
will try to read. You can cancel the operation by closing the progress
window or clicking the Stop button.
Next, an Options window will appear. Type the same password used to
hide the picture (remember that passwords are case-sensitive). If it
is correct, you will see a Save file dialog where you can change the
directory and/or the name of the retrieved file if you wish. When you
press the Ok button, the file will be retrieved. During this process,
you will see the progress window. If you have read this far, you
probably already know how to cancel this operation.
When the progress window disappears, the retrieving process is
finished. If the checksum was written with the data and the hidden
file has been corrupted, you will see a warning message.
Setting the transparent color
To select a transparent color for the picture, select the 'Transparent
color...' item in the Image menu. If the picture contains a palette,
you will be asked for the palette index of the transparent color;
otherwise, you will be asked for its red-green-blue value.
Getting information about the picture
You can see some information about the picture by selecting the
'Picture information...' item in the Image menu. You will see its file
name, its dimensions and number of bits used per pixel, the currently
set transparent color and the maximum number of bytes the picture can
store. Please note that you cannot hide a file as large as this; some
of these bytes will be used to store information about the file
(typically, 32 bytes will be used, plus the length of the file name).
Remember that, if the file hidden uses too much of the available
space, the quality of the picture will be severely reduced.

------------------
Error messages
------------------
xxxxxx is corrupted
The bitmap file could not be read because there are errors in it.
xxxxxx contains unsupported features
The bitmap file is of a type not currently supported by HIP. It may be
compressed, or not a 8-bit or 24-bit image.
A file name must be specified for retrieving this file
The file name was not saved in the picture, so a file name to save the
retrieved file must be specified.
Aborted by user
The user has aborted the execution of the program.
Cannot save a x-bit picture as a xxx file
The chosen image format cannot store pictures with the bit depth of
the current image. If this happens, try choosing another format.
Color not found in palette
A RGB value for the transparent color of an 8-bit image was specified,
but the color was not found in the palette.
File is too big to be hidden in picture
No need to explain it. Try using a larger picture.
File was hidden with a newer version of HIP
Newer versions of HIP may contain features (such as compression) which
are not known by this version. If this happens, get a newer version of
the program.
Filesystem error while reading xxxxxx
There was a filesystem problem while the program was reading the file.
Hidden data is corrupted
The program found the data in the image, but there is something wrong
with it. Possible causes: a graphics program has corrupted the hidden
data, or there has been a transmission or storage error. Anyway, the
file is saved, but some or all of it may be unreadable.
No hidden file found
The program could not find the hidden file in the image. Possible
causes: there is no hidden file in it (or it has been erased), the
password is wrong, the transparent color in the picture is not set
correctly, or the hidden data in the picture has been corrupted.
Not enough memory
There is not enough memory to load the bitmap image into memory.
Transparent color must be a RGB triplet for 24-bit pictures
A palette entry was specified for the transparent color of a 24-bit
image.
Unable to open xxxxxx
The program could not open the file for reading or writing. Possible
causes: the file does not exist (reading), it is read-only (writing),
or it is in use by other program.
Unknown error in xxxxxx: xx
If this ever happens, there is a bug in HIP. A routine has returned an
error code the main program does not know about. Please report this to
 me.

----------------------------
Security recommendations
----------------------------
Security was a primary concern in HIP's design. However, if you want to
be sure nobody will find out that one of your pictures contains hidden
data or, even worse, retrieve the hidden file, you should follow these
guidelines:
- Do not use short passwords or passwords that can be easily guessed
(such as your name, phone number, or a single word), as an attacker
could automatically try all of these passwords. Use different
capitalizations, combinations of words, numbers and punctuation
marks, and anything else you can think of.
- Do not use pictures available from the Internet or other
publicly-available sources. The best source for pictures is scanning
photographs - preferably your own. This is because if someone finds
the original picture, they will be able to see yours is somewhat
different, and may suspect there is hidden data in it - even if they
cannot read it.
- Erase the original picture after you have hidden the file. The
reason is the same as the one above - if someone finds the original
picture, they might suspect something. If possible, use a program
that wipes (overwrites) the data when deleting it; PGP
(http://www.pgpi.org/) is able to do this.
- Do not use computer-generated images. They might have large areas
filled with a single color or containing linear fades, and small
changes in those areas can be easily noticed. It is also possible to
identify changes in other computer-generated images such as
fractals.
- Do not write files that are too big, or the noise in the picture
will be easily noticed and someone may suspect there is hidden data
in it. For 24-bit images, you should not write files larger than
about 40% of the picture size. For 8-bit images, the files should be
even smaller. These values are only estimates, and are not valid in
all cases. After the hiding proccess, take a close look at the
resulting picture - if you think its quality is worse than that of
the original, you should use a larger picture.
Even if you follow all of these, remember that no program or algorithm
is completely safe. The author does not take responsibility for any
problems that may arise from security flaws or errors in the program.You
should not trust this program for hiding critical data; if that is the
case, get professional advice.

-----------------
How HIP works
-----------------
A bitmap picture is simply a series of numbers representing color
intensities, one color for each pixel (point) of the picture. HIP hides
a file inside a picture by placing its bits in the least-significant
bits of each color in the picture. Suppose you have a picture containing
the following bytes:
200 53 2 195 54 69 191 56
The binary values of these numbers are:
11001000 00110101 00000010 11000011 00110110 01000101 10111111 00111000
To hide the character 109 (in binary 01101101), the least-significant
bit of each byte would be replaced by a bit of the character. The result
would be:
11001000 00110101 00000011 11000010 00110111 01000101 10111110 00111001
Which corresponds to:
200 53 3 194 55 69 190 57
The difference between the new values and the old ones is very small, so
it is difficult, if not impossible, for the human eye to identify any
difference from the original picture. If the file is large, it may be
necessary to modify more than a single bit from each byte of the
picture, which can make this difference more visible.
With 8-bit pictures, the process is a little more complicated, because
the bytes in the picture do not represent color intensities, but entries
in the palette (a table of at most 256 different colors). HIP chooses
the nearest color in the palette whose index contains the appropriate
least-significant bits.
The HIP header (containing information for the hidden file, such as its
size and filename) and the file to be hidden are encrypted with an
encryption algorithm, using the password given, before being written in
the picture. Their bits are not written in a linear fashion; HIP uses a
pseudo-random number generator to choose the place to write each bit.
The values given by the pseudo-random number generator depend on your
password, so it is not possible for someone trying to read your secret
data to get the hidden file (not even the encrypted version) without
knowing the password.
A document describing the HIP file format may be written if anyone wants
it. If you need it (to analyze it, write a compliant program or for any
other reason), please tell me.

-------------------
Translating HIP
-------------------
If you want to translate HIP into other languages, please get the
hip21src or hip21msg package (see Available packages) and translate the
messages in m_en.e (please read the information there). I would really
like if you could send me the translated file, so that I can include it
with future versions and distribute binaries for the translated program.
There are already several translations available, and others may become
available at any time. The HIP page contains binaries for all the
languages.
 -----------
Credits
-----------
HIP has been written in Euphoria by Rapid Deployment Software
(http://www.rapideuphoria.com/). The binaries were compiled with version
2.3.
It uses many libraries by myself (http://www16.brinkster.com/davitf/).
The assembly routines were converted into machine code by Pete
Eberlein's ASM to Euphoria converter
(http://www.harborside.com/home/x/xseal/euphoria/).
The Windows version also uses the Win32Lib library by David Cuny, Derek
Parnell and others (http://www.sourceforge.net/projects/win32libex/).