Your SlideShare is downloading. ×
steganography using visual cryptography_report
steganography using visual cryptography_report
steganography using visual cryptography_report
steganography using visual cryptography_report
steganography using visual cryptography_report
steganography using visual cryptography_report
steganography using visual cryptography_report
steganography using visual cryptography_report
steganography using visual cryptography_report
steganography using visual cryptography_report
steganography using visual cryptography_report
steganography using visual cryptography_report
steganography using visual cryptography_report
steganography using visual cryptography_report
steganography using visual cryptography_report
steganography using visual cryptography_report
steganography using visual cryptography_report
steganography using visual cryptography_report
steganography using visual cryptography_report
steganography using visual cryptography_report
steganography using visual cryptography_report
steganography using visual cryptography_report
steganography using visual cryptography_report
steganography using visual cryptography_report
steganography using visual cryptography_report
steganography using visual cryptography_report
steganography using visual cryptography_report
steganography using visual cryptography_report
steganography using visual cryptography_report
steganography using visual cryptography_report
steganography using visual cryptography_report
steganography using visual cryptography_report
steganography using visual cryptography_report
steganography using visual cryptography_report
steganography using visual cryptography_report
steganography using visual cryptography_report
steganography using visual cryptography_report
steganography using visual cryptography_report
steganography using visual cryptography_report
steganography using visual cryptography_report
steganography using visual cryptography_report
steganography using visual cryptography_report
steganography using visual cryptography_report
steganography using visual cryptography_report
steganography using visual cryptography_report
steganography using visual cryptography_report
steganography using visual cryptography_report
steganography using visual cryptography_report
steganography using visual cryptography_report
steganography using visual cryptography_report
steganography using visual cryptography_report
steganography using visual cryptography_report
steganography using visual cryptography_report
steganography using visual cryptography_report
steganography using visual cryptography_report
steganography using visual cryptography_report
steganography using visual cryptography_report
steganography using visual cryptography_report
steganography using visual cryptography_report
steganography using visual cryptography_report
steganography using visual cryptography_report
steganography using visual cryptography_report
steganography using visual cryptography_report
steganography using visual cryptography_report
steganography using visual cryptography_report
steganography using visual cryptography_report
steganography using visual cryptography_report
steganography using visual cryptography_report
steganography using visual cryptography_report
steganography using visual cryptography_report
steganography using visual cryptography_report
steganography using visual cryptography_report
steganography using visual cryptography_report
steganography using visual cryptography_report
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

steganography using visual cryptography_report

4,621

Published on

This covers the major aspects of hiding secret message into an image using genetic algorithms and visual cryptography.

This covers the major aspects of hiding secret message into an image using genetic algorithms and visual cryptography.

Published in: Technology
1 Comment
5 Likes
Statistics
Notes
No Downloads
Views
Total Views
4,621
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
346
Comments
1
Likes
5
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Acknowledgment We express our sincere thanks to Dr. K. Najeeb (HOD, Department of Computer Science and Engineering, GCE Kannur) for the support and constant encourage- ment that has been provided. We extend our deep sense of gratitude to our project guide, Mr. Nidheesh N (Asst. Professor, Department of Computer Science and Engineering, GCE Kan- nur) for providing us with valuable guidance and encouragement throughout the project. We are very thankful to our Principal, Dr. T. D. John for providing us with the facilities to complete the project. We thank all the teaching and non-teaching staff, our classmates and friends for sharing their knowledge and valuable suggestions.
  • 2. Abstract Image steganography is an emerging field of research for secure data hiding and transmission over networks. The proposed system provides the best approach for Least Significant Bit (LSB) based steganography using Genetic Algorithm (GA) along with Visual Cryptography (VC). Original message is converted into cipher text by using secret key and then hidden into the LSB of the original image. Ge- netic Algorithm and Visual Cryptography has been used for enhancing the secu- rity. Genetic Algorithm is used to modify the pixel location of stego image and the detection of this message is complex. Visual Cryptography is used to en- crypt the visual information. It is achieved by breaking the image into two shares based on a threshold. The performance of the proposed system is experimented by performing steganalysis and conducting benchmarking test for analysing the pa- rameters like Mean Squared Error (MSE) and Peak Signal to Noise Ratio (PSNR). The main aim of this paper is to design the enhanced secure algorithm which uses both steganography using Genetic Algorithm and Visual Cryptography to ensure improved security and reliability.
  • 3. List of Figures 1.1 Simple Steganography Model . . . . . . . . . . . . . . . . . . . . 3 2.1 Steganographic Technique . . . . . . . . . . . . . . . . . . . . . 8 2.2 Cryptographic model . . . . . . . . . . . . . . . . . . . . . . . . 13 2.3 Combining Image shares . . . . . . . . . . . . . . . . . . . . . . 22 3.1 Flow Diagram: Proposed Model . . . . . . . . . . . . . . . . . . 30 3.2 Existing Model Conversion Quality . . . . . . . . . . . . . . . . 31 3.3 Proposed Model Conversion Quality . . . . . . . . . . . . . . . . 32 3.4 Image shares . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32 5.1 Functional Flow Diagram . . . . . . . . . . . . . . . . . . . . . . 36 5.2 Encryption Phase . . . . . . . . . . . . . . . . . . . . . . . . . . 37 5.3 Encoding Phase . . . . . . . . . . . . . . . . . . . . . . . . . . . 38 5.4 Pixel Modification Phase . . . . . . . . . . . . . . . . . . . . . . 39 5.5 Overlapping Phase . . . . . . . . . . . . . . . . . . . . . . . . . 40 5.6 Decoding Phase . . . . . . . . . . . . . . . . . . . . . . . . . . . 41 5.7 Decryption Phase . . . . . . . . . . . . . . . . . . . . . . . . . . 42 5.8 Secret Key Encryption . . . . . . . . . . . . . . . . . . . . . . . 42 5.9 DES Flow Chart . . . . . . . . . . . . . . . . . . . . . . . . . . . 43 5.10 DES Models . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45 5.11 LSB steganography . . . . . . . . . . . . . . . . . . . . . . . . . 46 1
  • 4. Mini-Project Report 2013 Data Security 5.12 Applying Mask . . . . . . . . . . . . . . . . . . . . . . . . . . . 49 5.13 LSB conversion . . . . . . . . . . . . . . . . . . . . . . . . . . . 50 5.14 LSB conversion-2 . . . . . . . . . . . . . . . . . . . . . . . . . . 50 6.1 Encryption module . . . . . . . . . . . . . . . . . . . . . . . . . 51 6.2 Encryption module-2 . . . . . . . . . . . . . . . . . . . . . . . . 52 6.3 Bit Conversion . . . . . . . . . . . . . . . . . . . . . . . . . . . 52 6.4 Encoding Module . . . . . . . . . . . . . . . . . . . . . . . . . . 54 6.5 Decoding Module . . . . . . . . . . . . . . . . . . . . . . . . . . 57 6.6 Decrypting Module . . . . . . . . . . . . . . . . . . . . . . . . . 57 7.1 Screen Shot 1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . 59 7.2 Screen Shot 2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . 59 7.3 Screen Shot 3 . . . . . . . . . . . . . . . . . . . . . . . . . . . . 60 7.4 Screen Shot 4 . . . . . . . . . . . . . . . . . . . . . . . . . . . . 60 7.5 Screen Shot 5 . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61 7.6 Screen Shot 6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61 7.7 Screen Shot 7 . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62 7.8 Screen Shot 8 . . . . . . . . . . . . . . . . . . . . . . . . . . . . 63 Department of CSE i GCE, Kannur
  • 5. Contents 1 Introduction 1 1.1 Objective . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 1.2 Breif Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 2 Background Information 4 2.1 STEGANOGRAPHY . . . . . . . . . . . . . . . . . . . . . . . . 4 2.1.1 History of Steganography . . . . . . . . . . . . . . . . . 4 2.1.2 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . 5 2.1.3 Steganography Today . . . . . . . . . . . . . . . . . . . . 6 2.1.4 Concept behind Steganography . . . . . . . . . . . . . . 7 2.1.5 Other Steganography Techniques . . . . . . . . . . . . . 8 2.1.6 Difference Steganography and Cryptography . . . . . . . 9 2.1.7 Possibilities are endless . . . . . . . . . . . . . . . . . . 10 2.1.8 Additional Terminology . . . . . . . . . . . . . . . . . . 11 2.1.9 What is Steganalysis? . . . . . . . . . . . . . . . . . . . 11 2.2 Cryptography . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12 2.2.1 Enryption Techniques . . . . . . . . . . . . . . . . . . . 13 2.3 Genetic Algorithm . . . . . . . . . . . . . . . . . . . . . . . . . 17 2.3.1 Methodology . . . . . . . . . . . . . . . . . . . . . . . . 18 2.4 Visual Cryptography . . . . . . . . . . . . . . . . . . . . . . . . 21 2.5 Bit Operations . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23 ii
  • 6. Mini-Project Report 2013 Data Security 2.5.1 Bits . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23 2.5.2 Operations . . . . . . . . . . . . . . . . . . . . . . . . . 24 3 System Analysis 28 3.1 Existing Model . . . . . . . . . . . . . . . . . . . . . . . . . . . 28 3.2 Proposed Model . . . . . . . . . . . . . . . . . . . . . . . . . . . 29 3.3 Existing model v/s Proposed Model . . . . . . . . . . . . . . . . 31 4 Requirements Specification 33 4.1 Hardware Specification . . . . . . . . . . . . . . . . . . . . . . . 33 4.2 Software Specification . . . . . . . . . . . . . . . . . . . . . . . 34 5 System Description 35 5.1 Functional Flow Diagram . . . . . . . . . . . . . . . . . . . . . . 35 5.1.1 Encryption Phase . . . . . . . . . . . . . . . . . . . . . . 37 5.1.2 Encoding Phase . . . . . . . . . . . . . . . . . . . . . . . 37 5.1.3 Pixel Modification Phase . . . . . . . . . . . . . . . . . . 38 5.1.4 Overlapping Phase . . . . . . . . . . . . . . . . . . . . . 40 5.1.5 Decoding Phase . . . . . . . . . . . . . . . . . . . . . . . 41 5.1.6 Decryption Phase . . . . . . . . . . . . . . . . . . . . . . 41 5.2 Technology Used . . . . . . . . . . . . . . . . . . . . . . . . . . 42 5.2.1 DES Algorithm . . . . . . . . . . . . . . . . . . . . . . . 42 5.2.2 LSB Steganography . . . . . . . . . . . . . . . . . . . . 44 6 Implementation Details 51 6.1 Encryption Module . . . . . . . . . . . . . . . . . . . . . . . . . 51 6.2 Bit Conversion . . . . . . . . . . . . . . . . . . . . . . . . . . . 52 6.3 Encoding Module . . . . . . . . . . . . . . . . . . . . . . . . . . 53 6.4 Decoding Module . . . . . . . . . . . . . . . . . . . . . . . . . . 56 6.5 Decryption Module . . . . . . . . . . . . . . . . . . . . . . . . . 56 Department of CSE iii GCE, Kannur
  • 7. Mini-Project Report 2013 Data Security 7 Performance and Results 58 7.1 Screen Shots . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 58 7.1.1 Encrypt Screen . . . . . . . . . . . . . . . . . . . . . . . 58 7.1.2 Encode Screen . . . . . . . . . . . . . . . . . . . . . . . 58 7.1.3 File Chooser Screen . . . . . . . . . . . . . . . . . . . . 58 7.1.4 Outfile File Screen . . . . . . . . . . . . . . . . . . . . . 60 7.1.5 Stego Image Screen . . . . . . . . . . . . . . . . . . . . . 60 7.1.6 Select Image File Screen . . . . . . . . . . . . . . . . . . 61 7.1.7 Decode Screen . . . . . . . . . . . . . . . . . . . . . . . 62 7.1.8 Decrypt Screen . . . . . . . . . . . . . . . . . . . . . . . 62 8 Future Scope 64 9 Conclusion 66 References 67 Department of CSE iv GCE, Kannur
  • 8. Chapter 1 Introduction 1.1 Objective The main aim of the project is to design a feasible RS resistance secure algorithm which combines the use of both steganography and cryptography with the goals of improving security, reliability, and efficiency for secret message. DES encryption algorithm is used for encrypting the data into cipher text. Apart from that, LSB steganography is combined with the Genetic Algorithm making it more secure from RS steganalysis. 1.2 Breif Overview Image steganography is an emerging field of research for secure data hiding and transmission over networks. The proposed system provides the best approach for Least Significant Bit (LSB) based steganography using Genetic Algorithm (GA). Original message is converted into cipher text by using secret key using a sophis- ticated encryption algorithm. Then cipher text is hidden into the LSB of original image by manipulating the bit array of the original image. The resultant image file is called the stego image. The stego image contains the actual data encoded 1
  • 9. Mini-Project Report 2013 Data Security into the LSB of the image. The LSB (Least Significant Bit) based steganography is combined with Ge- netic Algorithm to enhance security level of the image. Genetic Algorithm modi- fies the pixel locations of the stego image and hence the hidden data could not be recovered easily. The stego image containing the confidential data can be easily sent over a wireless network. The intruder, even if he gets access to the image file, would not know that the data is hidden in it. The proposed system is more resistant to RS steganalysis compared to the normal LSB based steganography technique. Steganalysis is the process by which pixels of the image file is checked to see any data is being hidden in the image. Steganalysis is the art and science of de- tecting messages hidden using steganography; this is analogous to cryptanalysis applied to cryptography. If it finds any ambiguous distribution of pixels, then it shows the presence of the hidden data showing positive results. By using Genetic Algorithm, the chances of detection would be very less due to modification of pixels. So, the data is distributed all over the image rather than at the LSB of the image. The original image is combined with the confidential data to get the stego im- age. The stego image contains the confidential data Sachin Ramesh Tendulkar The LEGEND at the LSB of the image. Department of CSE 2 GCE, Kannur
  • 10. Mini-Project Report 2013 Data Security Figure 1.1: Simple Steganography Model Department of CSE 3 GCE, Kannur
  • 11. Chapter 2 Background Information The Chapter gives a good idea about the technologies being used in the project, and hence will help the further reading. The Chapter covers Steganography, Cryp- tography, Genetic Algorithms, Visual Cryptography and Bit Operations. 2.1 STEGANOGRAPHY 2.1.1 History of Steganography Steganography is the art and science of writing hidden messages in such a way that no one apart from the intended recipient knows of the existence of the mes- sage; this is in contrast to Cryptography, where the existence of the message itself is not disguised, but the meaning is obscured. ”Steganography” is a Greek word and means covered or hidden writing. Its origins can be traced back to 440 BC. Steganography has been widely used in historical times, especially before crypto graphical systems were developed. Examples of historical usage include: • Hidden messages in Wax tablets: In ancient Greece, people wrote messages 4
  • 12. Mini-Project Report 2013 Data Security on the wood, then covered it with wax so that it looked like an ordinary, unused, tablet. • Hidden messages on messenger’s body: Also in ancient Greece. Herodotus tells the story of a message tattooed on a slave’s shaved head, covered by hair regrowth, and exposed by shaving. The message, if the story is true, carried a warning to Greece about Persian invasion plans. • Hidden messages on paper written in secure inks under other messages or on the blank parts of other messages. • During and after World War II, Espionage agents used microdots to send in- formation back and forth. Since the dots were extremely small the size of a period produced by a Typewriter (perhaps in a font with 10 or 12 characters per inch) or even smaller – the stego text was whatever the dot was hidden within. If a letter or an address, it was some alphabetic characters. If under a postage stamp, it was the presence of the stamp. • The one-time pad is a theoretically unbreakable cipher that produces cipher texts indistinguishable from random texts: only those who have the private key can distinguish these cipher texts from any other perfectly random texts. Thus, any perfectly random data can be used as a covertext for a theoreti- cally unbreakable steganography. 2.1.2 Overview Steganography is by no means a modern practice. Literally meaning covered writ- ing. It is the practice of hiding messages within other messages in order to conceal the existence of the original message. However, the digital medial formats in use for data exchange and communication today provide abundant hosts for Stegano- graphic communication. Hence the interest in this practice has increased. Cou- pling this fact with the multitude of the freely available easy to use steganographic Department of CSE 5 GCE, Kannur
  • 13. Mini-Project Report 2013 Data Security tools available on the internet, the ability to exchange secret information without detection is available to anyone who wants to do so. For the security profes- sional this means data we pay to protect could be leaving our control without our knowledge. Conversely, one of the emerging uses of steganographic techniques is Digital Watermarking, which provides an organization with a way to ensure the in- tegrity of data they wish to disseminate embedding copyright or other information in a digital file. Regardless of whether it is used for good or ill, an understanding of current methods of data hiding could be a part of security professionals knowl- edge base. 2.1.3 Steganography Today The high-tech forms of steganography today involve hiding secret messages in images or sound files on the internet. Special steganography software is needed in order to insert the message into a compiler file graphics, audio, text, html, or even floppy disks. The software is easily available as a freeware or as a shareware on any download sites. The software scrambles the clandestine information into existing, yet insignificant bits of images or sound files, which are not remarkable enough for human eyes or ears to detect. The message may only consist of a bit of undetectable sound or a few changed pixels in an image. To the casual observer, the image or sound byte looks innocent. Little do they know that there is a hid- den message lurking on the webpage? The images can only be unlocked using a Private Key, or code, selected by the recipient. Otherwise, the messages are im- possible to see, read or hear. Some of the recently used steganographic techniques: • Chaffing and Winnowing Department of CSE 6 GCE, Kannur
  • 14. Mini-Project Report 2013 Data Security • Invisible ink • Null ciphers • Concealed messages in tampered executable files, exploiting redundancy in the i386 instruction set. 2.1.4 Concept behind Steganography The art and science of hiding information by embedding messages within other, preferably harmless messages is Steganography. Steganography works by replac- ing bits of useless or unused data in regular computer files (such as graphics, sound, text, html, or even floppy disks) with bits of different, invisible informa- tion. This hidden information can be plain text, cipher text or even images itself. Unlike encryption, steganography cannot be detected. Therefore, it may be used when encryption is not permitted. More commonly, steganography is used to supplement encryption. An encrypted file may still hide information using steganography. So even if the encrypted file is deciphered, the hidden message is not seen. The main advantage of this kind of steganography used in this project is that, even though if the hacker is able to retrieve the message hidden in the image, he would not get the actual message because he would be able to retrieve only the cipher text. It is highly impossible for the attacker to get the actual message from the cipher text because, the DES Algorithm more resistant to attacks than its pre- decessor. Department of CSE 7 GCE, Kannur
  • 15. Mini-Project Report 2013 Data Security Figure 2.1: Steganographic Technique The block diagram in Fig 2.1 will give a clear knowledge about what steganog- raphy is. As we can see the plain text is first converted into the cipher text using the DES Algorithm. Then the converted cipher text is embedded into the image using the LSB Algorithm. So even if the hacker retrieves the text from the stego image, he would be able to get only the cipher. So it makes the hacker impossible to get the secret message, thus ensuring secured communication over insecure networks. 2.1.5 Other Steganography Techniques Similar techniques used for information hiding are listed below: • Chaffing and Winnowing: Chaffing and winnowing is a cryptographic tech- nique to achieve confidentiality without using encryption when sending data over an insecure channel; it was conceived by Ron Rivest. It can be viewed as a form of steganography. The sender (Alice) sends several messages to the receiver (Bob); each message is unencrypted but authenticated with a message authentication code (MAC) whose secret key Alice shares with Bob. Only one of the messages is authentic, the other ones are bogus (called Department of CSE 8 GCE, Kannur
  • 16. Mini-Project Report 2013 Data Security ”chaff”). An eavesdropper will be unable to tell which messages are bogus and which are real (i.e. to ”separate the grain from the chaff”) since he can- not determine which messages are authentic. Bob uses the MAC to find the authentic messages and drops the ”chaff” messages. This process is called ”winnowing”. • Invisible Inks: Invisible ink is a substance used for writing, which is either invisible on application, or soon thereafter, and which later on can be made visible by some means. The use of invisible ink is a form of Steganography, and has been used in espionage. Invisible ink is applied to a writing surface with a fountain pen, toothpick or even a finger dipped in the liquid. Once dry, the paper should appear blank or the ink is not an invisible ink. The ink is later developed (made visible) by different methods according to the type of invisible ink used. This can be by heat, by viewing under ultraviolet light, or by applying a chemical appropriate for the ink used. • Null Cipher: A null cipher is an ancient form of encryption where the plain- text is mixed with a large amount of non-cipher material. It would today be regarded as a simple form of steganography. Null ciphers can also be used to hide cipher text, as part of a more complex system. In classical cryptog- raphy a null is intended to confuse the cryptanalyst. Typically, a null will be a character which decrypts to obvious nonsense at the end of an otherwise intelligible phrase. In a null cipher, most of the characters may be nulls. 2.1.6 Difference Steganography and Cryptography Cryptography and steganography are two ways to hide messages and although they complement each other, they are not the same. Department of CSE 9 GCE, Kannur
  • 17. Mini-Project Report 2013 Data Security Cryptography: Cryptography changes the contents of a file or message so that it is unreadable by everyone except the intended recipient. The intended recipient has a key that allows the encrypted file to be invoked and viewed as planned by the sender. Encrypted messages are not hidden, and their comings and goings can be detected and monitored. Once the means of encryption have been revealed, it is still up to the code breaker to uncover the key to decrypt the message. Steganography: We could think of steganography as a form of robust encryp- tion. It attempts to hide the message in such a way that the observer may not even realize that the message is being exchanged. Unlike encryption, steganogra- phy cannot be detected. Often, steganography is used to supplement encryption. Through its combination of encryption and invisibility of the encrypted data it keeps the message completely protected form data espionage. 2.1.7 Possibilities are endless Many corporations and governments have banned or restricted encryption. This has only caused steganography and other information hiding techniques to flour- ish on the internet. Steganography software is relatively easy to obtain and use, and there are millions of new audio and image files posted on the internet every day. So many different types of files can hold all sorts of hidden information, and tracking or finding these files can be an almost impossible task. We may have viewed a page on the web containing hidden messages, and never know it. Discovering and unlocking steganography is really akin to finding the proverbial needle in the haystack that is the World Wide Web. Department of CSE 10 GCE, Kannur
  • 18. Mini-Project Report 2013 Data Security 2.1.8 Additional Terminology In general, terminology analogous to (and consistent with) more conventional ra- dio and communications technology is used; however, a brief description of some terms which show up in software specifically, and are easily confused, is appro- priate. These are most relevant to digital steganographic systems. The payload is the data it is desirable to transport (and, therefore, to hide). The carrier is the signal, stream, or data file into which the payload is hidden; contrast ”channel” (typically used to refer to the type of input, such as ”a PNG image”). The resulting signal, stream, or data file which has the payload encoded into it is sometimes referred to as the package. The percentage of bytes, samples, or other signal elements which are modified to encode the payload is referred to as the encoding density and is typically expressed as a floating-point number between 0 and 1. In a set of files, those files considered likely to contain a payload are called suspects. If the suspect was identified through some type of statistical analysis, it may be referred to as a candidate. 2.1.9 What is Steganalysis? The detection of steganographically encoded packages is called Steganalysis. The simplest method to detect modified files, however, is to compare them to the orig- inals. To detect information being moved through the graphics on a website, for example, an analyst can maintain known-clean copies of these materials and com- pare them against the current contents of the site. The differences (assuming the carrier is the same) will compose the payload. Department of CSE 11 GCE, Kannur
  • 19. Mini-Project Report 2013 Data Security In general, using an extremely high compression rate makes steganography difficult, but not impossible; while compression errors provide a good place to hide data, high compression reduces the amount of data available to hide the pay- load in, raising the encoding density and facilitating easier detection (in the ex- treme case, even by casual observation). To make steganalysis easier, several softwares are readily available on the in- ternet as freeware or as a shareware. These softwares are capable of determining the irregularity of RGB patterns in the image, thus alerting the user that the par- ticular image is a stego image. A good method to detect the availability of secret messages in an image is the Cellular Automata. Using Cellular Automata one can define certain rules which will define the pixel values of image. So if there is a violation of any one of the rules, then the receiver (may be anonymous receiver or an interpreter in the case) may be sure that there is a hidden message in the image. Cellular Automata has made steganalysis easier that the only thing the user must do is define the rules according to the color patterns in the image. For this purpose i.e., determining the color pattern, there are several softwares that will automati- cally determine the patterns without any human work needed. 2.2 Cryptography Cryptography is the practice and study of techniques for secure communication in the presence of third parties (called adversaries). More generally, it is about con- structing and analyzing protocols that overcome the influence of adversaries and which are related to various aspects in information security such as data confiden- tiality, data integrity, authentication, and non-repudiation. Modern cryptography intersects the disciplines of mathematics, computer science, and electrical engi- neering. Applications of cryptography include ATM cards, computer passwords, Department of CSE 12 GCE, Kannur
  • 20. Mini-Project Report 2013 Data Security and electronic commerce. Figure 2.2: Cryptographic model 2.2.1 Enryption Techniques In cryptography, encryption is the the process of encoding messages (or informa- tion) in such a way that third parties cannot read it, but only authorized parties can. Encryption doesn’t prevent hacking but it prevents the hacker from reading the data that is encrypted. In an encryption scheme, the message or information (referred to as plaintext) is encrypted using an encryption algorithm, turning it into an unreadable ciphertext (ibid.). This is usually done with the use of an en- cryption key, which specifies how the message is to be encoded. Any adversary that can see the ciphertext should not be able to determine anything about the original message. An authorized party, however, is able to decode the ciphertext using a decryption algorithm, that usually requires a secret decryption key, that adversaries do not have access to. For technical reasons, an encryption scheme usually needs a key-generation algorithm to randomly produce keys. In public-key encryption schemes, the encryption key is published for anyone Department of CSE 13 GCE, Kannur
  • 21. Mini-Project Report 2013 Data Security to use and encrypt messages. However, only the receiving party has access to the decryption key and is capable of reading the encrypted messages. Public-key en- cryption is a relatively recent invention: historically, all encryption schemes have been symmetric-key (also called private-key) schemes. One of the earliest public key encryption applications was called Pretty Good Privacy (PGP). It was written in 1991 by Phil Zimmermann and was purchased by Symantec in 2010. In Symmetric-key schemes, the encryption and decryption keys are the same. Thus communicating parties must agree on a secret key before they wish to com- municate. In private-key encryption scheme, the encryption key and decryption key are private to the correspondents involved in the cryptographic session. The encryp- tion and decryption key are often the same. Private key encryption is used in cases where the parties exchanging information trust each other. The intruders point of attack in private key encryption is to attempt to steal or guess the private key. The most commonly used private key encryption approach is the DES(Data Encryp- tion Standard). RSA Encryption Algorithm RSA is an algorithm for public-key cryptography that is based on the presumed difficulty of factoring large integers, the factoring problem. RSA stands for Ron Rivest, Adi Shamir and Leonard Adleman, who first publicly described the al- gorithm in 1977. Clifford Cocks, an English mathematician, had developed an equivalent system in 1973, but it wasn’t declassified until 1997. A user of RSA creates and then publishes the product of two large prime num- bers, along with an auxiliary value, as their public key. The prime factors must Department of CSE 14 GCE, Kannur
  • 22. Mini-Project Report 2013 Data Security be kept secret. Anyone can use the public key to encrypt a message, but with currently published methods, if the public key is large enough, only someone with knowledge of the prime factors can feasibly decode the message. Whether break- ing RSA encryption is as hard as factoring is an open question known as the RSA problem. RSA involves a public key and a private key. The public key can be known by everyone and is used for encrypting messages. Messages encrypted with the pub- lic key can only be decrypted in a reasonable amount of time using the private key. DES Encryption Algorithm The Data Encryption Standard (DES) is a previously predominant algorithm for the encryption of electronic data. It was highly influential in the advancement of modern cryptography in the academic world. It was developed by IBM in 1970s. The intense academic scrutiny the algorithm received over time led to the modern understanding of block ciphers and their cryptanalysis. DES is now considered to be insecure for many applications. This is chiefly due to the 56-bit key size being too small; in January, 1999, distributed.net and the Electronic Frontier Foundation collaborated to publicly break a DES key in 22 hours and 15 minute. There are also some analytical results which demon- strate theoretical weaknesses in the cipher, although they are infeasible to mount in practice. The algorithm is believed to be practically secure in the form of Triple DES, although there are theoretical attacks. DES uses two techniques for encryption: permutation and substitution. In permutation, the bits in a block of text are scrambled to diffuse them. This makes it difficult to infer meaning by looking at bit patterns in the block. Substitution Department of CSE 15 GCE, Kannur
  • 23. Mini-Project Report 2013 Data Security operations are intended to replace one block of bits by another block of bits; note that the blocks do not necessarily have to be of the same size (it is better if they are different sizes). Substitution further obscures information by transformation. The idea in DES is to partition the clear text into a collection of 64-bit blocks, and then apply the encryption algorithm.to each block. The encryption algorithm itself first applies a bit-wise permutation operation, and then performs a complex series of substitutions. A final permutation (the inverse of the first permutation) is performed to the result to produce the cipher text. AES Encryption Algorithm The Advanced Encryption Standard (AES) is a specification for the encryption of electronic data established by the U.S. National Institute of Standards and Tech- nology (NIST) in 2001.It is based on the Rijndael cipher developed by two Belgian cryptographers, Joan Daemen and Vincent Rijmen. It supersedes the Data Encryp- tion Standard (DES), which was published in 1977. The algorithm described by AES is a symmetric-key algorithm, meaning the same key is used for both en- crypting and decrypting the data. AES is based on a design principle known as a substitution-permutation network, and is fast in both software and hardware. Un- like its predecessor DES, AES does not use a Feistel network. AES is a variant of Rijndael which has a fixed block size of 128 bits, and a key size of 128, 192, or 256 bits. By contrast, the Rijndael specification per se is specified with block and key sizes that may be any multiple of 32 bits, both with a minimum of 128 and a maximum of 256 bits. AES operates on a 44 column-major order matrix of bytes, termed the state, although some versions of Rijndael have a larger block size and have additional columns in the state. Most AES calculations are done in a special finite field. Department of CSE 16 GCE, Kannur
  • 24. Mini-Project Report 2013 Data Security The key size used for an AES cipher specifies the number of repetitions of transformation rounds that convert the input, called the plaintext, into the final output, called the ciphertext. The number of cycles of repetition are as follows: 10 cycles of repetition for 128-bit keys. 12 cycles of repetition for 192-bit keys. 14 cycles of repetition for 256-bit keys. Each round consists of several processing steps, each containing four similar but different stages, including one that depends on the encryption key itself. A set of reverse rounds are applied to transform ciphertext back into the original plain- text using the same encryption key. 2.3 Genetic Algorithm In the computer science field of artificial intelligence, a genetic algorithm (GA) is a search heuristic that mimics the process of natural selection. This heuristic (also sometimes called a metaheuristic) is routinely used to generate useful solutions to optimization and search problems. Genetic algorithms belong to the larger class of evolutionary algorithms (EA), which generate solutions to optimization prob- lems using techniques inspired by natural evolution, such as inheritance, mutation, selection, and crossover. Genetic algorithms find application in bioinformatics, phylogenetics, compu- tational science, engineering, economics, chemistry, manufacturing, mathematics, physics, pharmacometrics and other fields. Department of CSE 17 GCE, Kannur
  • 25. Mini-Project Report 2013 Data Security 2.3.1 Methodology In a genetic algorithm, a population of candidate solutions (called individuals, creatures, or phenotypes) to an optimization problem is evolved toward better so- lutions. Each candidate solution has a set of properties (its chromosomes or geno- type) which can be mutated and altered; traditionally, solutions are represented in binary as strings of 0s and 1s, but other encodings are also possible. The evolution usually starts from a population of randomly generated indi- viduals, and is an iterative process, with the population in each iteration called a generation. In each generation, the fitness of every individual in the popula- tion is evaluated; the fitness is usually the value of the objective function in the optimization problem being solved. The more fit individuals are stochastically selected from the current population, and each individual’s genome is modified (recombined and possibly randomly mutated) to form a new generation. The new generation of candidate solutions is then used in the next iteration of the algo- rithm. Commonly, the algorithm terminates when either a maximum number of generations has been produced, or a satisfactory fitness level has been reached for the population. A typical genetic algorithm requires: 1. a genetic representation of the solution domain. 2. a fitness function to evaluate the solution domain. A standard representation of each candidate solution is as an array of bits. Ar- rays of other types and structures can be used in essentially the same way. The main property that makes these genetic representations convenient is that their parts are easily aligned due to their fixed size, which facilitates simple crossover operations. Variable length representations may also be used, but crossover imple- mentation is more complex in this case. Tree-like representations are explored in Department of CSE 18 GCE, Kannur
  • 26. Mini-Project Report 2013 Data Security genetic programming and graph-form representations are explored in evolution- ary programming; a mix of both linear chromosomes and trees is explored in gene expression programming. Once the genetic representation and the fitness function are defined, a GA pro- ceeds to initialize a population of solutions and then to improve it through repeti- tive application of the mutation, crossover, inversion and selection operators. Initialisation of Genetic Algorithm Initially many individual solutions are (usually) randomly generated to form an initial population. The population size depends on the nature of the problem, but typically contains several hundreds or thousands of possible solutions. Tradition- ally, the population is generated randomly, allowing the entire range of possible solutions (the search space). Occasionally, the solutions may be ”seeded” in areas where optimal solutions are likely to be found. Selection During each successive generation, a proportion of the existing population is se- lected to breed a new generation. Individual solutions are selected through a fitness-based process, where fitter solutions (as measured by a fitness function) are typically more likely to be selected. Certain selection methods rate the fitness of each solution and preferentially select the best solutions. Other methods rate only a random sample of the population, as the former process may be very time- consuming. The fitness function is defined over the genetic representation and measures the quality of the represented solution. The fitness function is always problem depen- dent. For instance, in the knapsack problem one wants to maximize the total value Department of CSE 19 GCE, Kannur
  • 27. Mini-Project Report 2013 Data Security of objects that can be put in a knapsack of some fixed capacity. A representation of a solution might be an array of bits, where each bit represents a different object, and the value of the bit (0 or 1) represents whether or not the object is in the knap- sack. Not every such representation is valid, as the size of objects may exceed the capacity of the knapsack. The fitness of the solution is the sum of values of all objects in the knapsack if the representation is valid, or 0 otherwise. In some problems, it is hard or even impossible to define the fitness expression; in these cases, a simulation may be used to determine the fitness function value of a phenotype (e.g. computational fluid dynamics is used to determine the air resis- tance of a vehicle whose shape is encoded as the phenotype), or even interactive genetic algorithms are used. Genetic Operators The next step is to generate a second generation population of solutions from those selected through genetic operators: crossover (also called recombination), and/or mutation. In genetic algorithms, crossover is a genetic operator used to vary the pro- gramming of a chromosome or chromosomes from one generation to the next. It is analogous to reproduction and biological crossover, upon which genetic algo- rithms are based. Cross over is a process of taking more than one parent solutions and producing a child solution from them. There are methods for selection of the chromosomes. Mutation is a genetic operator used to maintain genetic diversity from one generation of a population of genetic algorithm chromosomes to the next. It is analogous to biological mutation. Mutation alters one or more gene values in a chromosome from its initial state. In mutation, the solution may change entirely Department of CSE 20 GCE, Kannur
  • 28. Mini-Project Report 2013 Data Security from the previous solution. Hence GA can come to better solution by using mu- tation. Mutation occurs during evolution according to a user-definable mutation probability. This probability should be set low. If it is set too high, the search will turn into a primitive random search. Termination This generational process is repeated until a termination condition has been reached. Common terminating conditions are: • A solution is found that satisfies minimum criteria • Fixed number of generations reached • Allocated budget (computation time/money) reached • The highest ranking solution’s fitness is reaching or has reached a plateau such that successive iterations no longer produce better results. • Manual inspection • Combinations of the above 2.4 Visual Cryptography Visual cryptography is a cryptographic technique which allows visual information (pictures, text, etc.) to be encrypted in such a way that decryption becomes a me- chanical operation that does not require a computer. One of the best-known techniques has been credited to Moni Naor and Adi Shamir, who developed it in 1994. They demonstrated a visual secret sharing Department of CSE 21 GCE, Kannur
  • 29. Mini-Project Report 2013 Data Security Figure 2.3: Combining Image shares scheme, where an image was broken up into n shares so that only someone with all n shares could decrypt the image, while any n-1 shares revealed no information about the original image. Each share was printed on a separate transparency, and decryption was performed by overlaying the shares. When all n shares were over- laid, the original image would appear. Using a similar idea, transparencies can be used to implement a one-time pad encryption, where one transparency is a shared random pad, and another transparency acts as the cipher text. Department of CSE 22 GCE, Kannur
  • 30. Mini-Project Report 2013 Data Security The image has been split into two shares. Each white pixel in the original logo is split into two of the same small blocks that have full black and white pix- els. When these two blocks are overlaid, they align exactly, and so the result is a light-colored block (with half black and half white pixels). Each black pixel in the original logo is split into two complementary small blocks. When these two blocks are overlaid, the result is a completely black block. If each pixel in the original image is split randomly into two shares as described above, the shares are correlated together and reveal the original image. Still, when each individual share is considered alone (i.e., when the other share is unknown), it is indistinguishable from a random pattern. Given only one share, a second share can be crafted to reveal any possible image; therefore, individual shares re- veal no information about the original image. 2.5 Bit Operations 2.5.1 Bits Bytes are the elementary data source of most applications, and many program- mers will never use them in any source code, but that is beside the point. A byte is made of bits, 1s and 0s, 8 of them to be exact. And the 8 0s and 1s have a decimal value, it is simply a case of transforming the binary (base 2) into decimal (base 10). Value by position: 128 64 32 16 8 4 2 1 (and all positions with a 1 are added together) 00000000 = 0 00000010 = 2 Department of CSE 23 GCE, Kannur
  • 31. Mini-Project Report 2013 Data Security 00000111 = 7 00001011 = 11 And so on A byte can be transformed from an int in java by simple casting: Byte b = (byte)7; Most classes in java have a method for returning the byte[] of an object, either as a section of the object or the entire object. String Example: String w = Williams; Byte[] b = w.getBytes(); Where b[0] will now contain the ascii value for W, that is, 87 if printed. Though it is good to remember that although it appears as an int, when displayed, it is in fact a byte, which is stored as 8 bits, in this case: 01010111. 2.5.2 Operations Some of the Bitwise operators are described as follows: AND Operation The AND (&) bit operator, will AND 2 bytes together. The same rules apply as when using true and false values, where 1 = true, and 0 = false. If both bytes have a 1 in the same position, then the result for that position is a 1, otherwise the result is a 0. Department of CSE 24 GCE, Kannur
  • 32. Mini-Project Report 2013 Data Security Example: 01010111 = 87 01100101 = 101 01000101 = 69 Byte b = 87 & 101; //69: 01000101 OR Operation The OR(—) bit operator, will OR 2 bytes together. The same rules as with AND where 1 = true, and 0 = false, only when using OR, as long as one of the bits in the position is a 1, then the result is a 1. Only if both bits are 0, is the result a 0. Example: 01010111 = 87 01100101 = 101 01110111 = 119 Byte b = 87 — 101; //119: 01110111 Left Shift An important thing to remember when left shifting bits, is if the first bit is not a 1, a single left shift will essentially double the value. What actually happens, is a 0 is added on the right hand side of the bits, then the far left bit is removed thus leaving a new set of 8 bits. Also, when shifting in Java, a number of positions to shift must also be supplied. If the value is greater than 1, the process is simply repeated that many times each time beginning with the result of the previous shift. Department of CSE 25 GCE, Kannur
  • 33. Mini-Project Report 2013 Data Security Thus any value will become 0 if shifted 8 times. Examples: (single shift) 01010111 = 87¡¡ 1 10101110 = 174 (double shift) 01010111 = 87¡¡ 2 01011100 = 92 Byte b1 = 87 ¡¡ 1; //174: 10101110 Byte b2 =87 ¡¡ 2; //95: 01011100 Right Shift A right shift is the opposite of a left shift in the sense that a 0 is added to the left side of the bits, and the far right bit is removed, once again leaving a set of 8 bits. Examples: (single shift) 01010111 = 87¿¿¿ 1 00101011 = 43 (double shift) 01010111 = 87¿¿¿ 2 00010101 = 21 Byte b1 = 87 ¿¿¿1; 43: 00101011 byte b2 = 87 ¿¿¿2; 21: 00010101 Department of CSE 26 GCE, Kannur
  • 34. Mini-Project Report 2013 Data Security These are the bit and byte operations which are used to effectively used in LSB Steganography technique. Department of CSE 27 GCE, Kannur
  • 35. Chapter 3 System Analysis 3.1 Existing Model There exists many information hiding softwares in the market. Most of the soft- wares directly hide the data in the image without making use of encryption algo- rithms. The data in the current model is encoded directly to LSB of the image without making use of pixel modification. So, the security level is very low in such models. The hidden data could easy recovered by using steganalysis tech- nique. Many steganalysis softwares are available in the market that can easily crack such images and retrieve the confidential data. So, the current model could be enhanced to increase the security level and making it more reliable. There some other softwares that make use of encryption techniques before en- coding it to the image. Some of the encryption techniques commonly used in softwares are RSA algorithm, AES(Advanced Encryption Standard) algorithm, DES(Data Encryption Standard), Triple DES, and many more. This would cer- tainly enhance the security levels from the previous model but even this software follows the LSB based steganography which is under attack. The RS steganalysis approach could now detect the hidden data stored at the LSB of the image thus making the software useless. 28
  • 36. Mini-Project Report 2013 Data Security 3.2 Proposed Model The proposed model is an extension of the previous model. The proposed makes use of the LSB steganography combined with Genetic Algorithm. The Genetic algorithm is used to modify the pixel locations of the stego image thus enhancing the security level to new heights. The hidden data is now distributed all over the image rather than at the LSB of the stego image. The confidential data is first encrypted by using DES Algorithm. The Des algo- rithm is used as it is a simple and efficient algorithm that uses a small key and can be used for small data. Although the AES, more advanced algorithm can be used for implanting a bigger system. But, DES is equally as efficient as AES algorithm. DES is a more sophisticated encryption algorithm compared RSA algorithm. The encrypted information is called the cipher data(encrypted data). The cipher data is then encoded to the LSB of the image and then genetic algorithm is applied to modify the pixel location of the image. Before sending the stego image through the wireless network, the image is divided into two shares. The original data can only be retrieved if both the image shares are obtained. At the receiver side, both the shares are combined together, that is, the two shares are overlaid to get the stego image. Then inverse genetic al- gorithm is applied to get the original stego image containing the confidential data. The data is decoded from the image by using an appropriate decoding algorithm. The data retrieved will be in encrypted form and has to be decoded. The Cipher text is decrypted using the secret (private) key used during encryption. The origi- nal confidential data is retrieved at the end. Department of CSE 29 GCE, Kannur
  • 37. Mini-Project Report 2013 Data Security Figure 3.1: Flow Diagram: Proposed Model Department of CSE 30 GCE, Kannur
  • 38. Mini-Project Report 2013 Data Security Figure 3.2: Existing Model Conversion Quality 3.3 Existing model v/s Proposed Model Previously used steganographic techniques did not show up much successful. They were mostly failure. One such technique is shown in Fig 3.1. As seen in the figure the portions of the image that is blurred clearly tells the attacker that there is some hidden message in the image. So this kind of technique will never be preferred. In these kinds of techniques instead of the LSBs some other bits in the pixel may be changed. So this will naturally show a visible difference. But the proposed system produces an output that would resemble the original image as it is. So the stego image would go unnoticed when this kind of technique is used. Also though if the user comes to know that the image is a stego image, it is highly impossible to get the original secret message because the stego image will only contain the cipher text. The result of a system which uses the proposed will look like the one shown in Fig 3.3. As shown in the figure there would be no color difference and may be transmitted through the networks without attacks. Department of CSE 31 GCE, Kannur
  • 39. Mini-Project Report 2013 Data Security Figure 3.3: Proposed Model Conversion Quality Figure 3.4: Image shares Also, in the proposed model, data can only be retrieved is the two shares of the image are obtained as shown below. Department of CSE 32 GCE, Kannur
  • 40. Chapter 4 Requirements Specification 4.1 Hardware Specification The minimum hardware requirements for the project are: • Pentium III 1.4 GHz Processor • Minimum of 128 MB RAM • Minimum of 20 GB HDD • VGA Display with 640 x 480 screen in High/True color Display mode • 1.44 MB FDD • 52X CD ROM Drive • 15 Color Monitor • Keyboard • Mouse 33
  • 41. Mini-Project Report 2013 Data Security 4.2 Software Specification The minimum software requirements for the project are, • Java ( j2sdk 1.4.0 ) • Operating system (any Linux or Proprietary OS) Department of CSE 34 GCE, Kannur
  • 42. Chapter 5 System Description 5.1 Functional Flow Diagram The proposed system works in the following phases: SENDER SIDE: • Encryption Phase: The data to be encrypted is first read from the user through the keyboard using an appropriate GUI, designed in JAVA. The encryption algorithm used in the DES. • Encoding Phase: The encrypted image is then encoded into the least signif- icant bits of the image. • Pixel Modification Phase: Genetic algorithm is used to modify the pixel locations for enhancing security and reliability. RECEIVER SIDE: • Inverse Genetic: The pixels are again modified at the receiver back to the original configuration using the inverse genetic algorithm. 35
  • 43. Mini-Project Report 2013 Data Security Figure 5.1: Functional Flow Diagram • Decoding Phase: The data in the encrypted form is retrieved back from the stego image. • Decryption Phase: The original data in the form as that of senders side is retrieved back using the inverse of the encryption algorithm used using the same secret key. The flow diagram showing the different phases of the software and detailed de- scription regarding the different phases follows in the next sub sections. Department of CSE 36 GCE, Kannur
  • 44. Mini-Project Report 2013 Data Security 5.1.1 Encryption Phase In the encryption phase, the original data to be encrypted is given as input by the user of the software. The text information inserted by the user in the textarea pro- vided is called the original data(confidential data). The encryption algorithm used is DES (Data Encryption Standard). Figure 5.2: Encryption Phase In DES algorithm is based on private key encryption. That is the encryption key used is known to both the sender and the receiver. Apart from that the en- cryption key and decryption used are the same. So, the receiver uses the same encryption key to decrypt at the other end. If the private key is leaked to the re- ceiver then intruder can easily get access to the data. The result of encryption would be cipher data. Cipher data is a meaningless data that cant be understood very easily. DES uses a 56-bit key to encrypt the data. 5.1.2 Encoding Phase In the encoding phase, the cipher data obtained is written into an appropriate im- age. After getting the result of the previous phase in the textarea, the software would ask to encode the data. When the encode button is pressed, the file chooser would open up to select the appropriate image file where the data is to encoded. Department of CSE 37 GCE, Kannur
  • 45. Mini-Project Report 2013 Data Security When image file is selected, it is first loaded. It is better if the image used for encoding the cipher data is .png or .jpg. The image is first converted into a byte representation. The byte representation is important to modify the image. The ci- pher data is also converted into the byte format. The Bit-wise operations are used to add the cipher data into the image byte array bit by bit at the least significant bit. Figure 5.3: Encoding Phase 5.1.3 Pixel Modification Phase After the cipher data has been encoded into the image at the least significant bit. The image byte array has to be manipulated to enhance security and reliability. The LSB approach for data hiding is less secure as could be easily detected by steganalysis process such as RS steganalysis. So it is better to modify the pixel locations where the image has been stored. The RS analysis is considered as one of the most famous steganalysis algorithms which has the potential to detect the hidden message by the statistical analysis of pixel values The process of RS ste- Department of CSE 38 GCE, Kannur
  • 46. Mini-Project Report 2013 Data Security ganalysis uses the regular and singular groups as the considerations in order to estimate the correlation of pixels. The presence of robust correlation has been witness in the adjacent pixels. But unfortunately using traditional LSB replacing steganography, the system renders the alteration in the proportion in singular and regular groups which exposes the presence of the steganography. For pixel modi- fication, genetic algorithms are employed. Ultimately, it will not be so hard to decrypt the secret message. Both the topic Figure 5.4: Pixel Modification Phase of steganography and visual cryptography has been considered as a distinct topic for image security. Although there are extensive researches based on combining these two approaches, but the results are not so satisfactory with respect to RS analysis. Other conventional methods of image security has witnessed the use of digital watermarking extensively, which embeds another image inside an image, and then using it as a secret image. The use of steganography in combination visual cryptography is a sturdy model and adds a lot of challenges to identifying such hidden and encrypted data. Fundamentally, one could have a secret image with confidential data which could be split up into various encrypted shares. Fi- nally when such encrypted shares are re-assembled or decrypted to redesign the genuine image it is possible for one to have an exposed image which yet consists of confidential data. Department of CSE 39 GCE, Kannur
  • 47. Mini-Project Report 2013 Data Security The combination of genetic algorithm along with visual cryptography has been a powerful tool to enhance security and reliability. There is no steganalysis algo- rithm that could detect hidden data in such kind of images. Hence we can say that it is complete full proof approach without loopholes at least till date. 5.1.4 Overlapping Phase The two shares of the same image are needed to retrieve the original information. As the cipher data is distributed in both the images, it is impossible for anyone to get the data by obtaining just a single share of the image. Hence both the shares are required to obtain original information. After the both the shares are obtained, the overlaying (overlapping) phase starts. In overlaying phase, one of the shares is overlaid over the other one appropriately. If it is overlaid properly, then we will get the original stego image otherwise a distorted image will be obtained. The in- formation cannot be retrieved from the distorted image. Hence it is very important to overlay the image properly. Figure 5.5: Overlapping Phase Department of CSE 40 GCE, Kannur
  • 48. Mini-Project Report 2013 Data Security After the overlapping phase, the inverse genetic algorithm is employed on the image to retrieve the original stego image back by re-modifying the pixel loca- tions. The inverse genetic algorithm, as the name suggests, is the inverse process of genetic algorithm employed at sender side. 5.1.5 Decoding Phase In the decoding phase, the cipher data is decoded from the stego image. The cipher data can be retrieved by the inverse process of encoding process that was employed at the sender side. Figure 5.6: Decoding Phase 5.1.6 Decryption Phase In the decryption phase, the cipher data is converted into the original data. The DES algorithm is used in the inverse manner using the same encryption key(secret key) as used during encryption of the original data. Finally, the system will display the original text. Department of CSE 41 GCE, Kannur
  • 49. Mini-Project Report 2013 Data Security Figure 5.7: Decryption Phase 5.2 Technology Used 5.2.1 DES Algorithm DES (and most of the other major symmetric ciphers) is based on a cipher known as The Feistily block cipher. This was a block cipher developed by the IBM cryptography researcher Horst Feistily in the early 70s. It consists of a number of rounds where each round contains bit-shuffling, non-linear substitutions (S- boxes) and exclusive OR operations. Most symmetric encryption schemes today are based on this structure (known as a feistily network). To accomplish encryption, most secret key algorithms use two main techniques Figure 5.8: Secret Key Encryption known as substitution and permutation. Substitution is simply a mapping of one Department of CSE 42 GCE, Kannur
  • 50. Mini-Project Report 2013 Data Security value to another whereas permutation is a reordering of the bit positions for each of the inputs. These techniques are used a number of times in iterations called rounds. Generally, the more rounds there are, the more secure the algorithm. A non-linearity is also introduced into the encryption so that decryption will be computationally infeasible without the secret key. This is achieved with the use of S-boxes which are basically non-linear substitution tables where either the output is smaller than the input or vice versa. As like other encryption schemes, DES expects two inputs - the plaintext to be Figure 5.9: DES Flow Chart encrypted and the secret key. The manner in which the plaintext is accepted, and the key arrangement used for encryption and decryption, both determine the type Department of CSE 43 GCE, Kannur
  • 51. Mini-Project Report 2013 Data Security of cipher it is. DES is therefore a symmetric, 64 bit block cipher as it uses the same key for both encryption and decryption and only operates on 64 bit blocks of data at a time (be they plaintext or ciphertext). The key size used is 56 bits, however a 64 bit (or eight-byte) key is actually input. The least significant bit of each byte is either used for parity (odd for DES) or set arbitrarily and does not increase the security in any way. All blocks are numbered from left to right which makes the eight bit of each byte the parity bit. Once a plain-text message is received to be encrypted, it is arranged into 64 bit blocks required for input. If the number of bits in the message is not evenly divisible by 64, then the last block will be padded. Multiple permutations and substitutions are incorporated throughout in order to increase the difficulty of per- forming a cryptanalysis on the cipher. However, it is generally accepted that the initial and final permutations offer little or no contribution to the security of DES and in fact some software implementations omit them (although strictly speaking these are not DES as they do not adhere to). 5.2.2 LSB Steganography The least significant bit i.e. the eighth bit inside an image is changed to a bit of the secret message. When using a 24-bit image, one can store 3 bits in each pixel by changing a bit of each of the red, green and blue colour components, since they are each represented by a byte. An 800600 pixel image, can thus store a total amount of 1,440,000 bits or 180,000 bytes of embedded data. As an example, suppose that we have three adjacent pixels (9 bytes) with the RGB encoding. 10010101 00001101 11001001 10010110 00001111 11001011 Department of CSE 44 GCE, Kannur
  • 52. Mini-Project Report 2013 Data Security Figure 5.10: DES Models 10011111 00010000 11001011 When the number 300, can be which binary representation is 100101100 em- bedded into the least significant bits of this part of the image. If we overlay these 9 bits over the LSB of the 9 bytes above, we get the following (where bits in bold have been changed). 10010101 00001100 11001000 10010111 00001110 11001011 10011111 00010000 11001010 Here the number 300 was embedded into the grid, only the 5 bits needed to be changed according to the embedded message. On average, only half of the bits in an image will need to be modified to hide a secret message using the maximum cover size. Since there are 256 possible intensities of each primary Department of CSE 45 GCE, Kannur
  • 53. Mini-Project Report 2013 Data Security colour, changing the LSB of a pixel results in small changes in the intensity of the colours. The human eye cannot perceive these changes - thus the message is successfully hidden. With a well-chosen image, one can even hide the message in the LSB without noticing the difference. Figure 5.11: LSB steganography LSB in BMP The BMP file format also called bitmap or DIB file format (for device-independent bitmap), is an image file format used to store bitmap digital images. Since BMP is not widely used the suspicion might arise, if it is transmitted with an LSB stego. When image are used as the carrier in Steganography they are generally manip- ulated by changing one or more of the bits of the byte or bytes that make up the pixels of an image. The message can be stored in the LSB of one colour of the RGB value or in the parity bit of the entire RGB value. A BMP is capable of hid- ing quite a large message. LSB in BMP is most suitable for applications, where the focus is on the amount of information to be transmitted and not on the secrecy of that information. If more number of bits is altered, it may result in a larger possibility that the altered bits can be seen with the human eye. But with the LSB Department of CSE 46 GCE, Kannur
  • 54. Mini-Project Report 2013 Data Security the main objective of Steganography is to pass a message to a receiver without an intruder even knowing that a message is being passed is being achieved. LSB in PNG Portable Network Graphics (PNG) is a bitmapped image format that employs loss- less data compression. PNG was created to improve upon and replace GIF. Since PNG is widely used the suspicion might not arise if it is transmitted with an LSB stego. When images are used as the carrier in Steganography they are generally manipulated by changing one or more of the bits of the byte or bytes that make up the pixels of an image. The message can be stored in the LSB of one colour of the RGB value or in the parity bit of the entire RGB value .A PNG is capable of hiding quite a large message. LSB in PNG is most suitable for applications where the focus is on the amount of information to be transmitted and not on the secrecy of that information. If more number of bits is altered it may result in a larger possibility that the altered bits can be seen with the human eye. But with the LSB, the main objective of steganography is to pass a message to a receiver without an intruder even knowing. LSB in GIF Graphics interchange format also known as GIF is one of the machine indepen- dent compressed formats for storing images. Since GIF images only have a bit depth of 8, amount of information that can be hidden is less than with BMP. Em- bedding information in GIF images using LSB results in almost the same results as those of using LSB with BMP. LSB in GIF is a very efficient algorithm to use when embedding a reasonable amount of data in a grayscale image. GIF images are indexed images where the colours used in the image are stored in a palette. It Department of CSE 47 GCE, Kannur
  • 55. Mini-Project Report 2013 Data Security is sometimes referred to as a colour lookup table. Each pixel is represented as a single byte and the pixel data is an index to the colour palette. The colours of the palette are typically ordered from the most used colour to the least used colours to reduce lookup time. Some extra care is to be taken if the GIF images are to be used for Steganography. This is because of the problem with the palette approach. If the LSB of a GIF image is changed using the palette approach, it may result in a completely different colour. This is because the index to the colour palette is changed. The change in the resulting image is noticeable if the adjacent palette entries are not similar. But the change is not noticeable if the adjacent palette en- tries are similar. Most applications that use LSB methods on GIF images have low security be- cause it is possible to detect even moderate change in the image. Solutions to these problems could be: 1. Sort the palette so that the colour difference between consecutive colours is minimized. 2. Add new colours, which are visually similar to the existing colours in the palette. 3. Use Gray scale images. In a 8 bit Gray scale GIF image, there are 256 shades of gray. This results in gradual changes in the colours and it is hard to detect. Converting the text into Binary The Masking Technique is shown in figure below. In this technique the each byte of the text files binary equivalent is binary ANDed with the binary equivalent of 254. Then the bits are exchanged with the image pixels. This will provide additional security. The masking technique is shown below. Department of CSE 48 GCE, Kannur
  • 56. Mini-Project Report 2013 Data Security Figure 5.12: Applying Mask Replacing the bits After masking has been done, each bit of the cipher text is replaced in the LSB position of the pixels in the image. Here LSB refers to the Least Significant Bit, that.is,. the last bit of the pixel value. Since only the LSB is changed, the differ- ence between the original image and the encrypted image will be very small, so that the difference cannot be detected by naked human eyes. Only softwares that are particularly determine the patterns in the images can detect the irregularities in the patterns. The Cellular Automata finds a wide application in Image Process- ing. Using cellular automata the design patterns in regular images like a shell, or a stone or any object that has a regular pattern of colors, can be determined. For this purpose rules are framed according to these patterns. So applying Cellular Automata in Steganography, one can detect the availability of secret messages in the images if there is an irregularity in the pattern of the images. The general steganographic LSB technique is illustrated in Figure below The LSB technique can also be briefly explained with the help of bits. In Fig 3.11 Department of CSE 49 GCE, Kannur
  • 57. Mini-Project Report 2013 Data Security Figure 5.13: LSB conversion the LSB technique is explained with the help of binary values. As shown in the figure the last bits of the pixels are replaced with the bits of the cipher text. So the final image will resemble the original image. Figure 5.14: LSB conversion-2 Department of CSE 50 GCE, Kannur
  • 58. Chapter 6 Implementation Details 6.1 Encryption Module This is sample code of DES encryption module: In the above code, the encryption key is stored in the variable myEncryptionKey. Figure 6.1: Encryption module DES ENCRYPTION SCHEME is used. They encryption key is then converted into byte format using getBytes. The final secret key is stored in the key variable. The original data that is stored in the unencryptedString is converted into byte format. It is converted into encrypted version by the Cipher class method doFinal and stored in the byte array encryptedText. It is finally converted to base 64 and 51
  • 59. Mini-Project Report 2013 Data Security Figure 6.2: Encryption module-2 Figure 6.3: Bit Conversion result is stores in the encrypted string. public final byte[] doFinal() throws IllegalBlockSizeException, BadPaddingEx- ception Finishes a multiplepart encryption or decryption operation, depending on how this cipher was initialized 6.2 Bit Conversion Because a byte holds a max value of 127, all shifts of 8 and higher, will remove all bits and replace them with zeros, but to be proper, to save each set of bits, the implementation is left as calculating each byte. Department of CSE 52 GCE, Kannur
  • 60. Mini-Project Report 2013 Data Security hex FF = 11111111 in binary this is important, because, if there were more than 8 bits, say 16 and let i = 287: 0000000100011111 = 287 0000000011111111 = 255 or 0x00FF 0000000000011111 = 31 The result has the last 8 bits matching I, but the first 8 bits were all removed to 0s due to being AND with 0s in all positions, but the last 8. The thing to take from this, is we can force a value to 0, by ANDing with 0, and leave a value alone, by ANDing with 1. 6.3 Encoding Module In a byte, the bits have a rank, the left most bit is the most significant and right most, least significant. This gives us the key, if we need to change some data in this image, we want it to be as unobtrusive as possible, or even invisible. Thus we want to apply our changes to the least significant bit of some of the bytes. In this way we change each byte, a maximum of 1 in value. Following is the sample code to encode the cipher text into the image: The first for loop is used to loop through the 8 bits of each byte. The second for loop is to ensure that the new offset value carries on through both loops. The integer b is assigned the value equal to AND operation on the result of the shift operation on add by bit and 1. The last bit of the byte is changed in the image by the addition bit. Department of CSE 53 GCE, Kannur
  • 61. Mini-Project Report 2013 Data Security Figure 6.4: Encoding Module This may look complicated, but the end result is a loop which systematically assigns b the next single bit value of the byte add, either 0, or 1. We will start with int b = (add ¿¿ bit); only, Say: add = 87 = 01010111 First loop through, bit = 7: 01010111 = 87 ¿¿ 7 00000000 = 0 Next time, bit = 6: 01010111 = 87 ¿¿ 6 00000001 = 1 Next time, bit = 5: 01010111 = 87¿¿¿ 5 00000010 = 2 Next time, bit = 4: 01010111 = 87 ¿¿¿ 4 Department of CSE 54 GCE, Kannur
  • 62. Mini-Project Report 2013 Data Security 00000101 = 5 and so on. Notice how the right bits match the left bits of add, in a growing number based on how many positions we shift add. Now to apply the & 1: First loop: 00000000 = 0 00000001 = 1 00000000 = 0 = b Next: 00000001 = 1 00000001 = 1 00000001 = 1 = b Next: 00000010 = 2 00000001 = 1 00000000 = 0 = b Next: 00000101 = 5 00000001 = 1 00000001 = 1 = b Note the pattern, b is assigned the value 0 or 1, based on the last bit of the shifted add byte. We accomplish the same as above, by ANDing by 1, which clears all bits to 0, except the last which is left as it was. This means that bs value represents the bit at position bit in the for loop. image[offset] = (byte)((image[offset] & 0xFE) — b ); This line of code works in a similar way. 0xFE is hex, which represents 11111110 in binary. By reasoning above, this will leave the first 7 bits as is, and clear the least significant bit to 0. Then with the last bit 0, we OR it with b, which is either: 00000000 or 00000001. This will set the last bit to match the value stored in b. As the OR operation with 0s will not change any of the first 7 bits, and thus knowing the last bit is a 0, the value in this position of b, is guaran- Department of CSE 55 GCE, Kannur
  • 63. Mini-Project Report 2013 Data Security teed to be placed into this position, whether it be 0 or 1. 6.4 Decoding Module The length of the message is stored as a 4 byte number, or 32 bits, thus the mes- sage starts after 32 bytes of image. Since the first 32 bytes contain 1 bit each of our length, we must loop all 32 bytes to retrieve the length. We shift the bits of length left by 1, then OR it with a result of the least significant bit of the image byte. (& 1) will clear all bits, except the last bit, which will be left as is. Thus as bits are added, they are moved along and placed into the newly empty least significant slot of length. Now that we have a length and have created a byte array to hold the bits, we loop through that many image bytes. Again we must loop through the 8 bits of a byte to be collected. The resulting array of bytes is made up of the least significant bit of each sequential byte. This is retrieved in the same way as we retrieved the length, now that the loops are properly setup. Following is the sample code to implement decoding: 6.5 Decryption Module Following is the sample code to implement DES Decryption: The cipher text is decrypted using the same key used for encryption. The Ci- pher class is set in the DECRYPT MODE. All the operations are performed just the reverse of the encryption process. The encrypted string decoded back using base64 decoder. The byte array is then converted into string using bit manipula- tion. Department of CSE 56 GCE, Kannur
  • 64. Mini-Project Report 2013 Data Security Figure 6.5: Decoding Module Figure 6.6: Decrypting Module Department of CSE 57 GCE, Kannur
  • 65. Chapter 7 Performance and Results 7.1 Screen Shots 7.1.1 Encrypt Screen Message to be encrypted: “Sachin Ramesh Tendulkar- The LEGEND” 7.1.2 Encode Screen After clicking on Encrypt Now at the bottom, the encrypted message is shown. Ci- pher Text : vbPG8nqjKQoW6N6ugkb4l+wbTz3c+EyRLPkW5nxVv1ZKFxHyPyTQoQ== 7.1.3 File Chooser Screen After clicking on Encode Now, a File Chooser is opened to choose the image file. 58
  • 66. Mini-Project Report 2013 Data Security Figure 7.1: Screen Shot 1 Figure 7.2: Screen Shot 2 Department of CSE 59 GCE, Kannur
  • 67. Mini-Project Report 2013 Data Security Figure 7.3: Screen Shot 3 Figure 7.4: Screen Shot 4 7.1.4 Outfile File Screen After choosing the image file, a dialog box asking for the output filename(steg image) would open. The name of the output file must be specified here. 7.1.5 Stego Image Screen The data now has been hidden into steg image alongwith pixel modified using genetic algorithm. Now, click on File at top-left and choose the Decode option to Department of CSE 60 GCE, Kannur
  • 68. Mini-Project Report 2013 Data Security Figure 7.5: Screen Shot 5 Figure 7.6: Screen Shot 6 decode the image. 7.1.6 Select Image File Screen Again a file chooser will open asking for the image file name to be decoded. Department of CSE 61 GCE, Kannur
  • 69. Mini-Project Report 2013 Data Security Figure 7.7: Screen Shot 7 7.1.7 Decode Screen Now, Press the Decode Now to decode the Cipher text from the steg Image. 7.1.8 Decrypt Screen Now, to obtain the original data, press the Decrypt Now button. Finally, the original data is obtained. Department of CSE 62 GCE, Kannur
  • 70. Mini-Project Report 2013 Data Security Figure 7.8: Screen Shot 8 Department of CSE 63 GCE, Kannur
  • 71. Chapter 8 Future Scope The technique of steganography using visual cryptography in images has its scope on transmission of data in highly secured manner through audio streams and video streams. This is accomplished by encoding the audio data using steganography and cryptography technique in the audio streams and adopting the same technique to send the data in audio format, text format or image format in video streams. The technique in audio streams and images is best utilized in sending the data in video streams. The corporate and office environments where secure transmission of sensitive information is required look forward to this technique. Although steganography has attracted great interests from the military and government organizations, there is even a big interest shown from commercial companies to safeguard their infor- mation from piracy. The storage of personal information in unsuspected but secured medium of images is acceptable at the present scenario. The copyright information can be embedded within the image. The secure transmission of serial key and CD key is also achievable. The usage of image in file occupies less bandwidth while trans- 64
  • 72. Mini-Project Report 2013 Data Security mitting it along the unsecured network. The high security algorithm for encryption or the algorithm used for embedding may be upgraded. Department of CSE 65 GCE, Kannur
  • 73. Chapter 9 Conclusion The proposed system has discussed implementation of securely using least sig- nificant bit manipulation based steganography that uses the DES algorithm and genetic algorithm along with visual cryptographic technique. It can be concluded that when normal image security using steganographic and visual cryptographic technique is applied, the decryption of the encoded authenticated data becomes a cumbersome effort. The security features of the steganographic technique are highly optimized using the least significant bit manipulation along with genetic al- gorithm. The proposed system yield an optimal grey scale output making it more efficient in real world applications and can withstand RS attack .The technique of steganography using visual cryptography in images has its scope on transmission of data in highly secured manner through audio streams and video streams. This is accomplished by encoding the audio data using steganography and cryptography technique in the audio streams and adopting the same technique to send the data in audio format, text format or image format in video streams. The technique in audio streams and images is best utilized in sending the data in video streams. 66
  • 74. References [1] http://ieeexplore.ieee.org/xpl/articleDetails.jsp?reload=true&arnumber=6508373 [2] http://www.techrepublic.com/resource-library/whitepapers/integrating- steganography-using-genetic-algorithm-and-visual-cryptography-for-robust- encryption-in-computer-forensics/ [3] http://asprs.org/a/publications/pers/2009journal/may/2009 may 557-567.pdf [4] http://www.ijcsit.com/docs/Volume%203/vol3Issue3/ijcsit20120303112.pdf [5] http://en.wikipedia.org/wiki/Data Encryption Standard [6] Java – http://docs.oracle.com/javase as accessed on July 21, 2013. [7] Genetic – http://www.doc.ic.ac.uk/ nd/surprise 96/journal/vol4/tcw2/report.html as accessed on September 23, 2013. 67

×