MikroFilm v0.4 beta

https://gitlab.com/NoBravado/mikrofilm

MikroFilm is an offline HTML application for AES-256 image encryption with steganographic text encoding. Runs entirely in your browser.

✨ Key Features

• 🔒 AES-256-GCM authenticated encryption
• 📝 Steganographic encoding (encrypted data as word sequences)
• 🖼️ JPEG, PNG, GIF, WebP support
• 📎 File picker, drag & drop, clipboard paste
• 🔐 Optional EXIF/GPS metadata stripping
• 💾 Zero dependencies (Web Crypto API only)
• 🖥️ Desktop browsers only
• 🌎 Locales for 7 languages: En,Fr,Es,It,Pt,Nl,De

📖 Usage

Encrypt

1. Load image (drag & drop, paste, or browse)
2. Choose to keep or strip metadata
3. Enter password (20+ chars recommended)
4. Copy encrypted text

Decrypt

1. Paste encrypted text
2. Enter password
3. View or burn image

🔬 Technical Specifications

Cryptography

Steganography

• Dictionary: 256 common English words
• Encoding: Each byte → one word
• Output: Word sequence (not grammatical)

Security Features

Core Security

• ✅ Authenticated encryption (AES-GCM)
• ✅ High-iteration key derivation (600k PBKDF2)
• ✅ Cryptographically secure randomness
• ✅ Integrity verification (SHA-256)
• ✅ Input validation & sanitization

Operational Security

• ⏱️ 10-minute inactivity timeout
• 🔥 Burn function (complete data destruction)
• 🧹 Automatic memory cleanup
• 🚫 No cookies or localStorage
• 🛡️ Comprehensive CSP headers

Privacy Features

• 📸 Metadata stripping (removes EXIF/GPS)
• 📝 Steganographic text encoding
• ✔️ Magic bytes validation
• 🌐 No telemetry or tracking
• 📡 No network requests

🛡️ Security

Threat Model

Protects Against:

• Passive interception
• Content exposure
• Metadata leakage (EXIF/GPS)
• Basic forensics

Does NOT Protect Against:

• Keyloggers/screen capture
• Physical access to device
• Compromised browser/OS

Limitations

• Browser-based crypto constraints
• Maximum file size: 5MB
• Maximum dimensions: 4000×4000 pixels
• Large images produce very long texts