| Protocol 1: | The standard for secure encryption. | |
| Protocol 2: | Lightweight and fast, but marginally less safe. | |
| Protocol 3: | Heavy and slow, for maximum safety on capable machines. | |
| Protocol 4: | You want this image hidden forever - even if it takes a few minutes to encrypt. |
| Square (q/Q): | ||
| Stripe (t/T): | ||
| Spread (s/S): | ||
| Rotate (r/R): |
Getting Started: To start using the In-Browser Pizza Scrambler, first you must upload an image from your computer. To do this, click the "Browse" button, select the image you want, and then click "Open" - note that pictures with more than 2073600 pixels will throw a warning, and are not guaranteed to work. You will also have to type a password into the box labeled "Password". Note that passwords are case-sensitive.
Encrypting: The next step is to encrypt your image. You can do this yourself by mixing and matching component functions, or use one of the Standard Protocols. Feel free to stack multiple protocols on top of each other, or use them backwards by clicking "Decrypt". The more operations you perform, the more scrambled (and thus more secure) the result will be.
Transparency: Due to the nature of image compression and blob data, it's simply impossible for the algorithm to preserve transparency. As such, any transparency present in the image will automatically be replaced by a solid color, which can be altered by clicking on the color picker, labeled "Background Color".
The Story of the Scrambler: The idea behind Scrambled Pizza came to me when I was 19, and was thinking about recent big-name leaks from image servers. I knew a fair bit about cryptography, and recognized that a good encryption method would've prevented all of these problems, with negligible downsides. But encryption was foreign to people - they expected companies to do it, while those companies expected that they wouldn't need it, or at least that it wouldn't be worth the cost. Therefore, I started thinking about an image encryption method which was simple and accessible, while also meeting rigorous safety standards.
The Format: I wanted the output to be in the same format as the input, so that people would be familiar with handling the encrypted data. Furthermore, this allowed people to see the extent to which the encryption had worked - the system inspires confidence by displaying the seemingly-random output, letting the user feel safe. I initially experimented with multiple different image types, but quickly found that lossy compression ruined any attempt at encryption, which prevented the use of JPEGs. I therefore gravitated towards PNG - in the end, implementing transparency proved impossible, but none of the other formats were any better on that front, so PNG remained the winner.
The Core Concept: The Pizza Scrambler works based on a rotational cipher, but not the type most are familiar with. It rotates in two dimensions, rather than one, and is recursive, branching down into smaller iterations of itself. The rotational component makes it easy to compute the output, even with very large inputs, using modular arithmetic; the recursive component means that every pixel can end up in any position, with any neighbors, which removes one avenue of workaround. To prevent different types of workaround, other auxiliary functions were added, mostly to control the overall color balance of the image.
The Original Implementation: I started by working with what I knew: Java. It wasn't perfect, but it could run on pretty much any machine, and the program itself was a rather small download. A few of my friends tried it out, and said it worked fine. That said, getting someone to download and run a program isn't always easy (and rightly so), so my work was left fairly unused.
Going Online: As I began to move on and create more advanced web-based systems in my early 20s, I occasionally thought back to my old encryption project. In my mind, there wasn't much use running it on a server: the user could never really be sure of their data's security (even with HTTPS, the host is not guaranteed to be neutral), a good internet connection would be required at all times, and hosting a server to run an algorithm costs money.
A server that hosts a JavaScript utility, however, is incredibly cheap. The utility runs on the user's end, meaning that no data is transferred across potentially insecure channels. And once the page is loaded, or even downloaded, it can run without any internet connection at all. Thus, I set about rewriting my old program in JS, and gained experience with web workers along the way. Now, anyone with any internet connection can scramble their own images, free of charge. And maybe, someday, someone who really needs a system like this will use mine. Not that I'll know - it's rather important that I don't - but the possibility alone is good enough for me.
Does the Scrambler have network traffic that can be spied on? No, it doesn't. The images you load into the Scrambler never head out to the network, and unscrambling is done client-side as well. However, keep in mind that, on insecure networks, it might be possible for hackers to view your screen and files, rendering the Scrambler useless.
Why is this process so slow? Why does it take so much RAM? Because this whole process takes place within your browser, it's not incredibly efficient, especially when dealing with large images. Unfortunately, that's simply the nature of browser-based computing. Luckily, through the use of web workers, I have made the process at least a bit more usable when it comes to large images.
How safe is this encryption? The main limitation on safety is actually in the password system - in order to easily fit into browser operations, all passwords are hashed onto a set of around 1.2 billion values. Thus, it is possible to "brute-force" the operation, trying every hash value until you get a match. This would take decades on a normal home computer, but a supercomputer could likely do it in about a day - except for the fact that it would also have to recognize when it found a match, which might take significantly longer, depending on the metric used. There would also be some difficulty involved in figuring out which protocol was used for encryption. Finally, while I believe that the algorithm doesn't have any mathematical workarounds, I haven't spent any time trying to prove it, so perhaps there is a clever way around it that I haven't thought of. If you come up with one, let me know - I'd love to try fixing it!
What does the name mean? I wrote the original version of this program during my early days at college. When working on programming projects in my dorm room, I would often lose track of time, and end up debugging things with my stomach rumbling, certain that I'd have everything fixed in just a minute and then be able to go get lunch. As such, almost all of my test images were of the most delicious food I could think of: pizza. I already referred to the process as "scrambling", since early versions looked like they had been mixed with a whisk, like a scrambled egg. Continuing the food theme only seemed appropriate, and thus the moniker "Scrambled Pizza" was born.
