[tor-dev] [GSOC 2013] Steganography Browser Extension Status Report
Hi all, First of all, let me apologize for being late in sending this report. In last two weeks, I was mostly engaged with code updating and fine tuning the code. I spent time in changing the public key cryptography libraries [1] to support Firefox supported imports. And I'm not completed with this part because I need to spend time in understanding the libraries. Since I'm having exams from this week, I won't be able to work on the project for coming weeks and this will be my last status report regarding my GSOC project. Once my exams over, I will continue working in the project from where I'm pausing now. Up to now I have created the extension for Firefox with the following features, 1. Upload contents from physical files to encryption / decryption. Up to now the contents will be popped as byte data format once the user click on encrypt/decrypt button in the upload menu. 2. Get web content from from web page for encryption/decryption purpose. Once user right click on a web content such as image, html video, html audio and select on encrypt or decrypt option and click on encrypt/decrypt button. the byte data of selected content will be popped. All these byte data popped will be used to further message encryption need in the future development of the project. 3. The code to encrypt message using random number also added and the methods to access the libraries will be displayed in the documentation. 4. In options page, the filter creation and relevant sqlite database access codes are added. It can be tested using the Filters tab in options page. All the codes up to now are reviewed and tested by Sukhbir Singh, and changes are made according to mentor's suggestion and possible bugs are got fixed time to time. Time to time, many suggestions and feedbacks were given by Moritz Bartl as well. Future plans for the continuity of the project. 1. There is a need to add public cryptography libraries to the extension. Up to now, the libraries are selected and added to the repository. But there is a need to change libraries to support Firefox supported import export mechanisms. 2. After fixing these all, the primary part of the project to add Steganography libraries exists. You can find the full source code in public repository[2]. Within the coming weeks, I will complete the documentation in detail. Thank you. [1] http://ats.oka.nu/titaniumcore/js/crypto/readme.txt [2] https://github.com/rharishan/Steganography-Browser -- Hareesan ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
[tor-dev] [GSOC 2013] Steganography Browser Extension Status Report
Hi, In my previous mail, I was planning to add steganography libraries to the extension. But with the meeting with mentor, we planned to complete the code with proper documentation and to add public key cryptography features. But in my plan, I was able to complete all the UIs and back end framework for all the parts of the extension other than few updates remaining in options page. In cumming weeks, I will be working on completion of code and will add public key cryptography libraries which need some modification from existing libraries. -- Hareesan ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
[tor-dev] [GSOC 2013] Steganography Browser Extension Status Report
Hi, My work plan for last week was to update the locale information and to finish file uploading parts of extension. For now testing purpose, when a file is being selected the byte format will be popped. With this, the locale information has being updated. With this, I have started working on adding public key encryption algorithms to the add on. This task has being planned to be finished before mid term evaluation and for next two weeks, my plan is to start working on image steganography libraries. -- Hareesan ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
[tor-dev] Status Report - Steganography browser addon a GSOC 2013 project
Hi all, In the first 4 weeks of my GSOC project steganography browser add-on, I have implemented the basic UI parts in first two weeks, and later I spent more time on web content downloading part. Up to now, I have finished downloading image and get them as bytes. Now when you right click on an image and click on test button, you will be getting the byte format of image which can be used with steganography algorithms to write messages. Since I'm mainly concentrating on features rather than algorithms now, my plan for next 2 week is to extend the file downloading for video and sound files. You can find the source code under git repository [1]. [1] https://github.com/rharishan/Steganography-Browser/ -- Hareesan ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
Re: [tor-dev] Steganography Browser Addon (Google Summer of Code)
Hi Moritz Bartl, It sounds cool to provide context menus rather than only stick with manual upload. So I feel the extension will come up with both options to use context menus as well as upload contents manually. Initially I'm working on the context menus to encrypt messages. I will get back to you with the initial UI parts first. Sorry about the less descriptive steps in How Alice's side works and How Bob's side works part. I will try to draw a proper one later in the progress. On Tue, Jun 4, 2013 at 9:53 PM, Moritz Bartl mor...@torservers.net wrote: Hi Hareesan, Thank you for taking this on! The crucial parts are the interfaces to the steganography plugins, and how they signal what kind of data they can process (html, image, video, ...). I don't think it will scale if we just dump all data into all plugins for processing. (see comment below) For the user interface, apart from the ability to select local files as carrier, I think it would be neat to be able to select content from websites (like: right click on image, select embed secret). Payload is either textual (entered via form), or binary (file selection). To encrypt the payload before embedding, a private/public key scheme was proposed. I prefer ECC over RSA. You mention SJCL, which has an ECC branch. Once Bob open a web site with web contents which he wants to check if it contains any messages steganographically hidden, he will click on the extension icon Figure 5. All the items in the page will be displayed in the extension with decrypt option. We discussed earlier that the extension, together with its steganography addons, should have the capability to automatically find matching payload while browsing. Depending on the algorithms, this may or may not be feasable, so users may want to disable this for certain types of content, algorithms (plugins), or only enable scanning for specific sites. (which you outline in Figure 6) Personally, for the manual scan/decrypt, I'd like to see an option in the context menu when I right-click an image or other content. I was not able to completely follow the steps you describe in How Alice's side works and How Bob's side works. The charts look neat, but are not ideal to describe the process. The situation of usable javascript steganography libraries does not look too good. For the GSoC project, we should not waste too much time on this, and focus on the surrounding extension and clean interfaces to potential libraries. If we have time left, we can investigate what kind of algorithms we would like to see implemented/ported in Javascript. -- Moritz Bartl https://www.torservers.net/ ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev -- Hareesan It's more fun to be a pirate than join the Navy. -Steve Jobs- ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
