Authors: Shahzad Ahmad, Stefan Rass, and Zahra Seyedi
This paper introduces Invisible Encryption, a novel cryptographic protocol that integrates threshold secret sharing, steganography, and public-key cryptography to enable covert communication. By embedding a secret share within standard encrypted traffic, specifically by disguising it as a session key or nonce in a hybrid encryption scheme, our method ensures that the transmission of the secret remains undetectable. The secret is reconstructed from shares derived from a public natural language text and the transmitted share, with the selection of shares protected by a secret seed. We provide a formal security analysis, demonstrating that Invisible Encryption achieves confidentiality and plausible deniability under standard cryptographic assumptions, offering a robust solution for applications requiring secure, undetectable communication such as censorship-resistant systems and whistleblower protection.
This repository contains a Python implementation of an "invisible encryption" technique that:
- Generates cryptographic shares from words in a large text
- Uses Lagrange interpolation for secret sharing/reconstruction
- Hides shares using RSA and AES-CBC encryption
- Provides performance benchmarking for cryptographic operations
The implementation demonstrates how to embed secret shares within innocuous-looking text while maintaining cryptographic security guarantees.
- Finite Field Operations: Uses GF(p) with prime p = 2²⁵⁶ - 2³² - 977
- Text-Based Share Generation: Selects words from text to create cryptographic shares
- Threshold Secret Sharing: (k,n) threshold scheme using Lagrange interpolation
- Cryptographic Hiding:
- Ephemeral RSA key generation (2048-bit)
- AES-CBC encryption with random IVs
- Combined RSA + AES encryption protocol
- Performance Measurement: Benchmarks for core operations and different configurations
- Python 3.x
- Required packages:
pip install galois cryptography- Clone this repository
- Install required packages
- Run the demonstration:
python invisible_encryption.py# Initialize finite field
GF = galois.GF(2**256 - 2**32 - 977)
# Generate secure values
x_values, x_0 = generate_secure_x_values(num_shares, GF)
# Map text to shares
shares = text_to_shares(large_text, num_shares, x_values, GF)
# Create new share
indices, x_new, s_new = create_new_share(secret, x_values, shares, k, GF, x_0)
# Reconstruct secret
reconstructed = reconstruct_secret(points, GF)
# Hide share with cryptographic protocol
encrypted_payload, ciphertext, private_key = hide_share_in_protocol(s_new, x_0, decoy_payload)| Operation | Mean Time (ms) | Std Dev (ms) | Memory (KB) |
|---|---|---|---|
| Field Initialization | 1.345 | 0.565 | 226,084 |
| Secure x-value Generation (n=5) | 0.400 | 0.517 | 226,084 |
| Text-to-Shares Mapping (n=5) | 0.200 | 0.422 | 226,084 |
| New Share Creation (k=3) | 1.700 | 0.675 | 226,084 |
| Secret Reconstruction (k=3) | 1.601 | 0.838 | 226,084 |
| RSA Encryption (2048-bit) | 293.057 | 116.081 | 226,088 |
| AES-CBC Encryption (decoy, 1KB) | 316.110 | 252.428 | 226,088 |
| Parameters | Share Gen (ms) | New Share (ms) | Secret Recon (ms) | Total (ms) | Overhead (bytes) |
|---|---|---|---|---|---|
| k=3, n=5 | 0.197 | 2.071 | 2.140 | 104.407 | 544 |
| k=5, n=10 | 0.300 | 4.641 | 3.148 | 108.090 | 544 |
| k=7, n=15 | 0.212 | 6.713 | 9.891 | 116.816 | 544 |
| Payload Size | Encryption (ms) | Decryption (ms) | Ciphertext Size |
|---|---|---|---|
| 1 KB | 292.504 | 0.323 | 1,040 bytes |
| 10 KB | 298.280 | 0.393 | 10,256 bytes |
| 100 KB | 205.628 | 0.496 | 102,416 bytes |
| 1 MB | 314.813 | 0.575 | 1,048,592 bytes |
This work has been partially supported by the LIT Secure and Correct Systems Lab funded by the State of Upper Austria.
This code is provided "as-is" for research and educational purposes only. It has not been audited or hardened for production use. Do not use with sensitive data without proper security review.