[ImageMagick] [sponsor]

Introduction to Enciphering and Deciphering Images

Most images, by design, are made to be viewed often and by many people. Web images, for example, may be viewed hundreds of times a day by a multitude of web vistors. However, in some cases, you may want to keep a particular image private so that only you or perhaps a select group of your friends or web visitors can view it. ImageMagick permits you to scramble your images such that unless someone knows your secret key, they will be unable to view the original content.

You could use an enciphering utility to scramble your image but they typically scramble the entire file making it unrecognizable as an image format. With ImageMagick, only the pixels are scrambled. The scrambled image continues to be recognized as an image and will even display in your web page. However, the content appears as gibberish, nothing like the original content.

Encipher an Image

Use the -encipher option to scramble your image so that it is unrecognizable. The option requires a filename that contains your secret key. In this example we scramble an image and save it in the PNG format:

  convert rose.jpg -encipher passphrase.txt rose.png

Here we encipher an image using another image as the passphrase:

  convert rose.jpg -encipher smiley.gif rose.png

Decipher an Image

Use the -decipher option to unscramble your image so that it is recognizable once again. The option requires a filename that contains your secret key. In this example we unscramble an image and save it in the JPEG format:

  convert rose.png -decipher passphrase.txt rose.jpg

Encipher and Decipher Caveats

Some formats do not support enciphered pixels-- the JPEG or GIF format, for example. To ensure your image format is supported, encipher a test image and verify you can restore its original content before you encipher any additional images in that format.

The passphrase can be any combinations of letters and symbols. It should be a minimum of 12 character combinations to ensure your image remains private. Also make sure your passphrase file permissions prevent others from reading it otherwise unintended users may be able to view the original image content.

You can only restore the original image content if you know your passphrase. If you lose or forget it, your original image content is lost forever.

ImageMagick only scrambles the image pixels. The image metadata remains untouched and readable by anyone with access to the image file.

ImageMagick uses the AES cipher in cipher feedback mode. We use the passphrase to derive the cipher key and the required nonce.

Currently only ImageMagick can restore your enciphered image content. We use a standard cipher and mode so other vendors are encouraged to support enciphered image content.

Support for enciphering and deciphering image pixels is not enabled by default. To enable it, use this Unix/Linux command:

  ./configure --enable-cipher

Under Windows, set the MAGICKCORE_CIPHER_SUPPORT definition in the magick-config.h configuration file and build.