Homoglyph Steganography Encoder

Hide bits by swapping Latin letters for Cyrillic lookalikes

Hide a secret message in ordinary-looking text by swapping Latin letters for visually identical Cyrillic homoglyphs to carry binary data. Decode any homoglyph-laced text back to the hidden message. It runs free in your browser on Gera Tools, with nothing uploaded.

Last updated Source: Gera Tools

What is a homoglyph?

A homoglyph is a character that looks identical or nearly identical to another but has a different Unicode code point. Latin 'a' (U+0061) and Cyrillic 'а' (U+0430) are a classic pair — indistinguishable on screen, distinct to a computer.

What this tool does

This is a homoglyph steganography encoder and decoder. It hides a secret message inside ordinary-looking text by swapping certain Latin letters for visually identical Cyrillic homoglyphs. To a human the text reads exactly the same; to a computer the swapped Unicode code points encode binary data that can be recovered later.

How it works

A handful of Latin letters have near-perfect Cyrillic twins that render identically in most fonts:

a↔а (U+0061 / U+0430)   c↔с (U+0063 / U+0441)
e↔е (U+0065 / U+0435)   o↔о (U+006F / U+043E)
p↔р (U+0070 / U+0440)   x↔х (U+0078 / U+0445)
y↔у (U+0079 / U+0443)
A↔А  C↔С  E↔Е  O↔О  P↔Р  X↔Х  Y↔У

The encoder converts the secret message to bits — 8 bits per ASCII character. It then walks through the cover text one character at a time. Each time it reaches a swappable letter it consumes one bit from the secret: a 1 substitutes the Cyrillic homoglyph, a 0 leaves the Latin original in place. Letters with no Cyrillic twin pass through unchanged and carry no payload.

Decoding reverses the process: the tool scans every swappable position in the text, emits 1 for Cyrillic and 0 for Latin, and regroups the bits into bytes to recover the original message.

Worked example

Cover text: "The price of peacock feathers is moderate."

This sentence contains the letters p e a c o c in “peacock” — six swappable positions, enough for 6 bits of payload. For a secret whose first 6 bits are 1 0 1 1 0 1, the encoder would swap p, leave e, swap a, swap c, leave the first o, and swap the second c. The rendered word still looks like “peacock” in any editor that does not distinguish script origin.

A secret 4 characters long requires 32 bits of cover capacity — you need cover text containing at least 32 swappable letters, which is roughly a short paragraph.

Capacity planning

Secret lengthBits neededMinimum swappable letters in cover text
4 characters3232
10 characters8080
50 characters400400

Letters a c e o p x y (and their capitals) are your capacity. Prose rich in those letters — especially the word “people”, “process”, or “across” — maximises how much you can hide.

Security and practical limits

This conceals, it does not encrypt. Anyone who inspects the Unicode code points of the output text — pasting into a hex editor or running a confusable-character scanner — can read the hidden bits without knowing the secret. Encrypt your message first if confidentiality is required; homoglyph encoding is then a way to make the ciphertext look like innocent text.

Channel compatibility. Systems that normalize confusable characters (some search engines, email clients, anti-phishing tools) may silently convert the Cyrillic glyphs back to Latin, destroying the hidden data. Test your specific delivery channel with a round-trip before relying on it. Plain text stored in a database or transmitted over a copy-safe channel is safest.

Detection. Font-level rendering is the only layer that hides the difference. Any spell checker, code linter, or Unicode analyzer that is aware of script mixing will flag the Cyrillic characters. This method is useful for watermarking, CTF challenges, and educational demonstrations — not for anything that faces scrutiny.