Design And Implementation Of A Crypto-Stego Security System

The Design And Implementation Of A Crypto-Stego Security System (PDF/DOC)

Abstract

This research work has led to the development of a data encryption system that organizations and individuals can use for secure data communication, and to keep private/secret information as confidential as possible. The Waterfall model was used in the analysis of the existing systems and identification of lapses/weaknesses. These weaknesses were corrected/checked by the new system developed using Python. The new system provides security to data/information by encrypting the message and then hides/embeds the encrypted form of the message in any type of image file. The importance of the study of information security cannot be over emphasized in our society

today as it helps to save a lot of situation concerning information confidentiality, integrity, and it’s availability for only the intended person(s), and further help save information from attackers who may want to use the information to achieve some malicious intent, for probably selfish interests. The proposed system achieves this by encrypting a secret message using AES algorithm and hiding it in an image file using the LSB algorithm making it possible to maintain the integrity of the secret message.

In this project we have presented a new system for the combination of cryptography and Steganography using two keys (user password and unique number) which could be proven a highly secured method for data communication. Cryptography, especially when combined with steganography, is a powerful tool which enables people to communicate without possible eavesdroppers even knowing there is a form of communication in the first place. The main advantage of this Crypto-Stego System is that the method used for encryption, AES, is very secure and the LSB transformation Steganography techniques are very hard to detect. This proposed method can also withstand different attacks and thus a very strong and robust method of data security can be obtained.

Chapter One

Introduction

1.1 Background of Study

In the present world of communication, one of the necessary requirements to prevent data theft is securing the information. Security has become a critical feature for thriving networks and in military alike. Cryptography and Steganography are well known and widely used techniques that manipulate information (messages) in order to cipher or hide their existence. These techniques have many applications in computer science and other related fields: they are used to protect military messages, E-mails, credit card information, corporate data, personal files, etc. This protection is done or carried out by first generally encrypting the data, then hiding it so as to only be discovered for whom it is meant or intended for.

Before the modern era, cryptography was concerned solely with message confidentiality (.i.e., encryption — conversion of messages from a comprehensible form into an incomprehensible one, and back again at the other end), rendering it unreadable by interceptors or eavesdroppers without the secret knowledge which is the key needed for decrypting the message. In recent decades, the field has expanded beyond confidentiality concerns to include techniques for message integrity checking, sender/receiver identity authentication, digital signatures, interactive proofs, and secure computation, amongst others. Encryption attempts to ensure secrecy in communications, such as those of spies, military leaders, diplomats etc.

Steganography (— hiding the existence of a message so as to keep it confidential) was also first developed in ancient times. An early example, from Herodotus (- a Greek historian), concealed a message – a tattoo on a slave’s shaved head – under the regrown hair. In modern terms, Steganography is usually implemented computationally, where cover works such as text files, images, audio files, and video files are altered in such a way that a secret message can be embedded within them. Although Steganography techniques are very similar to that of digital watermarking, one big distinction must be highlighted between the two. In digital watermarking, the focus is on ensuring that nobody can remove or alter the content of the watermarked data, even though it might be plainly obvious that it exists. Steganography on the other hand, focuses on making it extremely difficult to tell that a secret message exists at all. If an unauthorized third party is able to say with high confidence that a file contains a secret message, then steganography has failed.

With the description of the two different techniques for data security, a better and higher technique for data security can be achieved by the combination of this two kinds of data security techniques (i.e. cryptography and steganography), which can be referred to as CRYPTO-STEGO.

1.2 Statement of Problems

Increase in the number of attacks recorded during electronic exchange of information or data between the source and intended destination in data communication has indeed called for a more robust method for securing data transfer. CRYPTO-STEGO (- a combination of cryptography and steganography) can serve as the robust method to minimize the attacks during electronic exchange of data and information, and hence render the services of protecting the confidentiality, integrity, and availability of information from unauthorized access.

1.3 Objective of Study

The objective of this study is to implement a working CRYPTO-STEGO system that will:

Hide message carried by stego-media, and the stego-media should not be sensible to human beings.

Avoid drawing suspicion to the existence of a hidden and encrypted information in a stego-media.

Encrypt data before hiding it in a stego-media, so that even when the stego-media is detected, the information that will be found will be encrypted, unintelligible, and meaningless, and thus cannot be easily accessed.

 

1.4 Significance of Study

Study of information security(InfoSec), and specifically in these area (CRYPTO_STEGO) that combines the finest of data security techniques (i.e. cryptography and steganography) cannot be over emphasized as it will help save a lot of situation as it concerns information confidentiality, integrity, and it’s availability for only the intended person(s), and further help save informations from attackers who may want to use the information to archieve some malicious intent, for probably selfish interests.

1.5 Scope of Study

The scope of this project is to limit unauthorized access and provide better data security. To meet the requirements, simple and basic approach of CRYPTO-STEGO (- the combination of Steganography and cryptography) is used. First, the data or secret message to be secured is converted into forms that are not easily or cannot be understood by eavesdroppers, and then, the converted text is embedded in an image referred to as stego-image/ stego-carrier, thus making it relatively very very difficult to be tampered with by an unauthorized person. In this project, the proposed approach finds the suitable algorithm for encrypting information, and embedding the information in an image using steganography which provides the better security pattern for information security.

1.6 Limitation of Study

Technology Constraint:

The problem encountered here is searching information about computer security through Data Encryption and Key Hash Algorithm

Time Constraint:

The time given for the submission of this project work was not really enough for the researcher to extensively carry out more research on this work.

Financial Constraint:

There was not enough money to extensively carry out this work.

1.7 Definition of Terms

AES:

Advanced Encryption System

ALGORITM:

This is a sequential way of solving a problem.

CRYPTO-STEGO:

A combination of steganographic and cryptogaphic techniques.

Cryptography:

This is used to hide data from public view and to ensure that the integrity and privacy of any data sent across a network has not been compromised.

Decryption:

The reverse, moving from unintelligible cipher text to plain text.

DES:

Data Encryption Standard

Encryption:

The process of converting ordinary information (plaintext) into unintelligible gibberish (that is, cipher text).

GUI:

Graphical User Interface

Information Security (INFOSEC):

The practice of defending information from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction.

JPEG:

Joint Photographic Experts Group

PIL:

Python Imaging Library

PNG:

Portable Network Graphics

Steganography:

Involves transforming the data so as to make its meaning obscure to malicious people who intercept it.

System:

An organized unit which composed of two or more inter related parts that functions together to achieve a particular goal.

Chapter Five

Summary, Conclusion and Recommendations

5.1 Summary

This research work has led to the development of a data encryption system that organizations and individuals can use for secure data communication, and to keep private/secret information as confidential as possible. The Waterfall model was used in the analysis of the existing systems and identification of lapses/weaknesses. These weaknesses were corrected/checked by the new system developed using Python. The new system provides security to data/information by encrypting the message and then hides/embeds the encrypted form of the message in any type of image file.

5.2 Review of Achievements

The researchers were able to develop a system that was able to combine the finest of data security techniques (i.e. cryptography and Steganography), and hence, a better and higher technique for data security was achieved.

5.3 Application Areas

This system can be used in various places and offices for the data security mainly, in the following ways:

Secret data storing.

Protection of data alteration

Access control system for digital content distribution

Secured data sharing

 

5.4 Suggestion for Further Research

It is suggested that the research work be extended to include a protocol that uses Multiple-Cover-Objects i.e. using more than one cover object to hide the encrypted form of the secret message. Indeed, in order to recover the secret message, a steganalyst has to determine all the stego-objects and unravel the algorithm used to hide into them the secret message. This method should be implemented and tested for different number of cover images.

5.5 Recommendation

The future work on this project is to improve the compression ratio of the image to the data or information file so as to accommodate even larger information file or data files.

Also this project can be extended to a level such that it can be used for the different types of image formats like .gif, .jpeg, .tif etc., in the future as output files (stego-image).

5.6 Conclusion

The importance of the study of information security cannot be over emphasized in our society today as it helps to save a lot of situation concerning information confidentiality, integrity, and it’s availability for only the intended person(s), and further help save information from attackers who may want to use the information to achieve some malicious intent, for probably selfish interests. The proposed system achieves this by encrypting a secret message using AES algorithm and hiding it in an image file using the LSB algorithm making it possible to maintain the integrity of the secret message.

In this project we have presented a new system for the combination of cryptography and Steganography using two keys (user password and unique number) which could be proven a highly secured method for data communication. Cryptography, especially when combined with steganography, is a powerful tool which enables people to communicate without possible eavesdroppers even knowing there is a form of communication in the first place. The main advantage of this Crypto-Stego System is that the method used for encryption, AES, is very secure and the LSB transformation Steganography techniques are very hard to detect. This proposed method can also withstand different attacks and thus a very strong and robust method of data security can be obtained.

Click the button below to INSTANTLY subscribe and download the COMPLETE MATERIAL (PDF/DOC)!

This study on the Design And Implementation Of A Crypto-Stego Security System is relevant to students and researchers in the following fields: