Tool

Hash image cipher

Upload an image, derive a keystream from a password through iterated hashing, XOR into the pixel data, and optionally shuffle pixel positions. Re-upload the encrypted PNG with the same key to recover the original.

1. Choose a hash function

Password / key

KDF iterations: 1,000

Higher = slower brute-force but slower for you too. 1000 ≈ 100 ms on a laptop.

Add a pixel-permutation pass (Fisher-Yates seeded by H(password || salt))

2. Upload an image (PNG / JPEG)

Drag and drop, or click to choose a file.

Drop the encrypted output back here later (with the same key) to decrypt it.

3. Run

Drop an image to encrypt with a hash-derived keystream, or drop a previously-encrypted image with the same key to decrypt.

How it works

1. KDF: iterate the chosen hash on the password N times → state.
2. Keystream: H(state ‖ counter ‖ password) → next d bytes of keystream, increment counter, repeat.
3. XOR keystream into RGB pixel bytes (alpha untouched).
4. (Optional) shuffle pixel positions via Fisher-Yates seeded by H(password ‖ salt).
5. Re-encode as PNG.

Encryption is symmetric. Same (algo, password, iterations, permutation toggle) on
the encrypted image reverses both stages exactly.

Caveat: this is a hash-as-stream-cipher demo. For real cryptographic use, prefer
AES-GCM, ChaCha20-Poly1305, or libsodium's crypto_secretbox.

For the chaos-map variant of the same idea, see chaos.suparnpatra.com/tools/image-encrypt.

FAQ