Camouflage-Shield: An Image Encryption Application.

Camouflage Shield

Camouflage Shield is a Windows Form application designed for sensitive image storage in an encrypted format. The project employs various encryption and hashing algorithms to ensure secure user authentication and image protection.

Project Overview

Here we have a cryptography based image encryption application made With C# on .NET framework using Visual Studio.
It is a Windows Form Application.
Link: GitHub Repository

Usage: With core Functionality code snippet

• Here the user will create an account with required details and the user data will be stored in database by using Hash Functions MD5, SHA-1, SHA-256, SHA-384 and SHA-512. These are used for encrypting and storing the login credentials. (MD5 and SHA1 are low level algorithm for data storing so not used in real world application, but used here for diversity in algorithms)

User data conversion to different hashes, code snippet

// Hashing values before inserting into the database
string hashedDate = GetHash(TextBoxBirthDate.Text, MD5.Create());
string hashedEmail = GetHash(TextBoxEmail.Text, SHA1.Create());
string hashedPhoneNumber = GetHash(TextBoxPhoneNumber.Text, SHA256.Create());
string hashedUsername = GetHash(LabelDisplayUserName.Text, SHA384.Create());
string hashedPassword = GetHash(TextBoxConfirmPassword.Text, SHA512.Create());

• The user can then login into the profile (hash functions are not decrypted, instead when credentials are entered into the login page the text entered is hashed and then mapped to the values stored in database)

• After logging into the profile user can select to encrypt image or view it (given they have an encrypted image string and know the encryption process and key used).

• The image encryption is done my 5 symmetric key cryptography algorithms (AES, DES, 3DES, RC2, Rijndael).

-The user will select an image and a process (each process is a different algorithm) and a key to be used.

• The image will be converted into its Base64 format (a string representation of the image) and on that generated string the algorithm using the provided key is applied after locking the selection.

Image conversion to Base64, code snippet

if (PictureBox.Image != null)
{
    // Convert the image to a byte array
    using (MemoryStream ms = new MemoryStream())
    {
        PictureBox.Image.Save(ms, PictureBox.Image.RawFormat);
        byte[] imageBytes = ms.ToArray();

        // Get the selected algorithm
        string algorithm = GetSelectedAlgorithm();

        // Get the key
        string key = TextBoxKey.Text;

        // Encrypt the byte array based on the selected algorithm
        byte[] encryptedBytes = EncryptData(imageBytes, key, algorithm);

        // Convert the encrypted byte array to a Base64 string
        string base64String = Convert.ToBase64String(encryptedBytes);

        // Display the Base64 string in TextboxImageCODE
        TextboxImageCODE.Text = base64String;
    }
}
else
{
    MessageBox.Show("Please select an image before generating the Base64 code.");
}

• This will generate an encrypted string, user can choose to save it, and when done the encryption string mapped against the user name profile is saved in another database.

• In the profile the encrypted string will be present, user need to copy that string and paste it in View Image tab, after that user need to select the process number signifying the algorithm and have to enter the key used. If any of the 3 variables do not match, an error message will be shown.

• On the correct provision of the values, there will be an image generated that will be the original image encrypted.

Cryptographic algorithm for string Encryption, code snippet

private byte[] EncryptData(byte[] data, string key, string algorithm)
{
    byte[] keyBytes = Encoding.UTF8.GetBytes(key);
    byte[] result;

    switch (algorithm.ToLower())
    {
        case "aes":
            using (Aes aesAlg = Aes.Create())
            {
                aesAlg.Key = GetKey(keyBytes, aesAlg.KeySize / 8);
                aesAlg.Mode = CipherMode.ECB;
                aesAlg.Padding = PaddingMode.PKCS7;

                using (ICryptoTransform encryptor = aesAlg.CreateEncryptor())
                {
                    result = encryptor.TransformFinalBlock(data, 0, data.Length);
                }
            }
            break;

        case "des":
            using (DESCryptoServiceProvider desAlg = new DESCryptoServiceProvider())
            {
                desAlg.Key = GetKey(keyBytes, desAlg.KeySize / 8);
                desAlg.Mode = CipherMode.ECB;
                desAlg.Padding = PaddingMode.PKCS7;

                using (ICryptoTransform encryptor = desAlg.CreateEncryptor())
                {
                    result = encryptor.TransformFinalBlock(data, 0, data.Length);
                }
            }
            break;

        case "3des":
            using (TripleDESCryptoServiceProvider tripleDesAlg = new TripleDESCryptoServiceProvider())
            {
                tripleDesAlg.Key = GetKey(keyBytes, tripleDesAlg.KeySize / 8);
                tripleDesAlg.Mode = CipherMode.ECB;
                tripleDesAlg.Padding = PaddingMode.PKCS7;

                using (ICryptoTransform encryptor = tripleDesAlg.CreateEncryptor())
                {
                    result = encryptor.TransformFinalBlock(data, 0, data.Length);
                }
            }
            break;

        case "rc2":
            using (RC2CryptoServiceProvider rc2Alg = new RC2CryptoServiceProvider())
            {
                rc2Alg.Key = GetKey(keyBytes, rc2Alg.KeySize / 8);
                rc2Alg.Mode = CipherMode.ECB;
                rc2Alg.Padding = PaddingMode.PKCS7;

                using (ICryptoTransform encryptor = rc2Alg.CreateEncryptor())
                {
                    result = encryptor.TransformFinalBlock(data, 0, data.Length);
                }
            }
            break;

        case "Rijndael":
            using (RijndaelManaged rijndaelAlg = new RijndaelManaged())
            {
                rijndaelAlg.Key = GetKey(keyBytes, rijndaelAlg.KeySize / 8);
                rijndaelAlg.Mode = CipherMode.ECB;
                rijndaelAlg.Padding = PaddingMode.PKCS7;

                using (ICryptoTransform encryptor = rijndaelAlg.CreateEncryptor())
                {
                    result = encryptor.TransformFinalBlock(data, 0, data.Length);
                }
            }
            break;


        default:
            throw new NotSupportedException("Unsupported algorithm");
    }

    return result;
}

• Apart from this there is a functionality for a Hash Text Encrypter. This gives a idea of how the login credential data is stored in the DB.

UseCase

The real world application of this project is for storing sensitive/confidential/evidential/private images.

Limitations

Even Though Practical and useful it have some limitations.

• Dynamic updation limitation (need to re-start application to login, encrypted image string is visible only after re-start)
• User profile may not show any text for encryption but can be copy pasted for decrypting and viewing the image.
• Takes a long time to process image to text (base64 encrypted).
• UI is practical but not attractive.
• The database created is for Development phase, a practical application shall have a DB server hosted instead of the local machine.

Summary of Security Considerations

• Passwords are hashed using MD5, SHA-1, SHA-256, SHA-384, and SHA-512
• Multi-algorithm image encryption using AES, DES, 3DES, RC2, Rijndael.

README for reference and the encrypted image text file, process and key to have a quick demo to the functionalities along-with instruction for using the application.

If you liked the article, kindly consider liking it and possibly staring the GitHub Repository

NOTE:

• If anyone who liked the idea and the implementation, and would like to contribute to fixing the limitation, feel free to do so by initiating an issue so we can be in contact. Then we can discuss the features and implementation.