Secured Communication through Hybrid Crypto-Steganography

Document Sample
Secured Communication through Hybrid Crypto-Steganography Powered By Docstoc
					                                                        (IJCSIS) International Journal of Computer Science and Information Security,
                                                        Vol. 8, No. 4, July 2010




      Secured Communication through Hybrid Crypto-
                    Steganography

                        A. Joseph Raphael
                                                                                           Dr. V.Sundaram
   Research Scholar – Karpagm University, Coimbatore,
                                                                       Head and Director, Department of Computer Applications
      India and Lecturer in Information Technology,
                                                                                 Karpagam College of Engineering
     Ibra College of Technology, Sultanate of Oman
                                                                                          Coimbatore, India
                  raphaelaj@gmail.com
                                                                                      dr.vsundaram@gmail.com

Abstract-In this paper we present a hybrid technology of               messages can be hidden in the cover image which can be
mixing cryptography and steganography to send secret                   selected from seasonal greetings.
messages. This method has got the advantages of both the
methods, and even if one fails the other comes to the rescue.             The power of a cryptographic / steganographic system
In cryptography we have used the RSA method for                        should depend only on a small part of information namely
encryption and decryption of the original message and                  the key to uncover the cipher text/material.
further the LSB (Least Significant Bit) method is used to
hide the encrypted message in the cover image and send to                 We employ RSA public key cryptography for the
the recipient. The original message is retrieved by the                encryption and decryption of the original message
reverse process, first by collecting the LSB of the pixels and         followed by steganography using LSB. In both methods
then by RSA decryption. Since the private key for RSA                  the encryption and decryption depend only on a small key.
method is very difficult to find, this method we suggested is a
strong encryption method and the messages can be                          A digital key is a set of bits that are employed to
communicated in much secured way in an insecure channel.               encrypt and decrypt the messages.          A public key
Keywords-stegano object; cryptosystem
                                                                       cryptography uses two different keys. 1) A public key to
                                                                       encrypt the original message. 2) A private key to decrypt
                                                                       the cipher text and expose the original message.
                   I.    INTRODUCTION                                     Public and Private keys are generated in pairs so that
  The importance of secret communication by                            only a specific pair of keys can perform encryption and
governments and private organizations has increased a lot.             decryption. The public key is made known to everyone
By the advent of e-commerce and the increasing trade,                  whereas the matching private key is kept as a secret by the
administration, terrorism, security of nations, secret                 owner. During mid 1970s cryptogists introduces the
communications have taken the top most priority in the                 concept of public key cryptosystems. In this system
communication sector.                                                  everyone can have a public key for encryption; however
                                                                       the decryption keys are kept secret only by the intended
  Steganography is derived from the Greek words stegos,                recipient who can decrypt it.
meaning roof or covered and graphia which means
writing, is the art and science of hiding or embedding a                  In 1976 Ronald Rivest, AdlShamir, and Leonard
secret message over a piece of information such as an                  Adleman introduced a public key cryptosystem known as
image, audio or video and sent them over an insecure                   RSA system [1]. This system is based on the modular
channel to the recipient so that no one can detect or                  exponentiation modulo, the product of the large primes.
decode the secret message.                                             The encryption key consists of a modulus n = pq where
                                                                       p and q are large primes more than 200 digits each and an
    Steganography is very closely related to Cryptography,
                                                                       exponent e that is relatively prime to ( p − 1)(q − 1) . The
both are used to maintain the data in a confidential
manner. The main difference between the two is that with               two large primes p and q can be found quietly on a
Cryptography the message is scrambled and anybody can                  computer using probabilistic primality tests. The product
see that both parties are communicating in secret.                     of the primes n = pq with about 400 digits cannot be
Steganography on the other hand, hides the existence of a              factored in a reasonable length of time and hence the
secret message and in the best case nobody can see that                decryption of the cipher text cannot be done quickly
both parties are communicating in secret. In some                      without a separate decryption key.
situations, sending an encrypted message will arouse
                                                                          Here, we describe the process how the original
suspicion while an "invisible" message will not do so.
                                                                       message is encrypted, masked and sent, and on the other
Both sciences can be combined to produce better
                                                                       end how it is received, unmasked and decrypted into
protection of the message. In this case, when the
                                                                       original message, and the same is presented in the
steganography fails and the message can be detected, it is
                                                                       schematic diagram below:
still of no use as it is encrypted using cryptography
techniques. Moreover, to avoid unnecessary suspicious the




                                                                  45                               http://sites.google.com/site/ijcsis/
                                                                                                   ISSN 1947-5500
                                                       (IJCSIS) International Journal of Computer Science and Information Security,
                                                       Vol. 8, No. 4, July 2010




             II.   AFFINE TRANSFORMATION                                   using the RSA rule or formula (block ) mod n to get
                                                                                                                                 E

                                                                           a set of encrypted integers [1]. This encryption is done
                                                                           by using the following modular exponentiation

              SOURCE



              Original
              Message                                         Secured Domain



         Encryption using       Encrypted message is                                                             Crypto/Stegno
                                                             Compressed file is hidden in an image
         RSA Algorithm          compressed                                                                          Object
                                                             using LSB method




                                                                                                                              Insecure
                                           RSA Key                                                                            Channel
                                                                                                                              Domain
                                                               Secured Domain




        Decryption using        UnZipping to get          Collect and Check the size of files                    Reception of
        RSA Algorithm           encrypted message         retrieved from the object and the sizes               Crypto/Stegno
                                                          embedded in the object                                   Object


            Original
            Message




            TARGET


                                                                           algorithm.

    At first the original message (OM) consisting of a
sequence of letters is converted into another sequence of                    Procedure for modular exponentiation
letters using a ceaser cipher or by a more general affine
transformation defined by the bijection f.                                   b:integer, n = ( a k −1 a k − 2 ....a1 a 0 ) ,
    f : c = f ( p ) = ( ap + b) mod 26                                       m: positive integers
                                                                             x:=1
   Here p is the rank of a particular letter in OM which is                  power:=b mod m
converted to the number c. In the encrypted version of the                   for i = 0 to k-1
message, the letter represented by p in OM is replaced                       begin
with the letter represented by c.                                              if a i =1 then x:=(x.power) mod m
                                                                               power := (power.power) mod m
                   III.    RSA ENCRYPTION                                     end
    The new message obtained by the affine transformation                      { x equals    b n mod m }
is encrypted by the RSA method as follows:
                                                                        4. These encrypted blocks are converted into a sequence
1. Each letter in the message is represented as its ASCII                   of 16 bit binary numbers that is split into two 8 bit
   code number and all such ASCII code is converted                         numbers.
   into an equivalent binary number using 8 bits.
                                                                           Usually the encrypted message is directly inserted into
2. Then each pair of characters are grouped into blocks                 an image using LSB method, which generally requires a
   by taking two adjacent 8 bits side by side as one 16                 lot of space to hide a relatively few bits of information
   bit number. If odd numbers of letters are present the                which is also one of the disadvantages of LSB method.
   binary number corresponding to the last character is                 To overcome this drawback, the encrypted message is first
   padded with zeros in the beginning to have 16 bits.                  compressed before it is embedded so that a large amount
3. Each of the message block is represented as an                       of information can then be hidden. Using the Least
  equivalent decimal number set that will be encrypted                  significant bit insertion method of Steganography the




                                                                 46                                       http://sites.google.com/site/ijcsis/
                                                                                                          ISSN 1947-5500
                                                     (IJCSIS) International Journal of Computer Science and Information Security,
                                                     Vol. 8, No. 4, July 2010



binary equivalent of the compressed file is encoded into            of the bits would have to be changed in an LSB encoding
the Least significant bit of each byte as each pixel is             scheme.
represented by 3 bytes of a 24 bit image.
                                                                       The outcome of the above stage produces a
                                                                    Crypto/Stegno Object which consist of hidden message in
                                                                    compressed form, within a cover image. Also, the size of
              IV. USE OF DIGITAL IMAGES                             the encrypted message, the size of the compressed file and
   Most popular file formats being BMP (Bitmaps) GIF                the size of the crypto/stegno object itself can be embedded
(Graphics Interchange Format) and JPEG                (Joint        in the same cover image after embedding the bits of the
Photographic experts Group). Of these formats the first             original compressed file. All the above said stages are in
two provide a loseless message transfer where the last              the Secured Domain, from where the Crypto/Stegno
method provides a lossy transfer. Loseless files won’t              Object is passed to an Insecured Channel Domain to the
shatter the image much if the pixel intensities are altered,        recipient target. Once the crypto/stegno object is arrived at
whereas the Lossy files tend to shatter heavily while the           the recipient target, the following embedded informations
pixel values are altered. Hence the lossy images are                are retrieved : 1) all the LSBs of the pixels are collected to
preferred much for data transfer.                                   form the compressed file 2) size of the encrypted message
                                                                    and 3) size of the crypto/stegno object. To ensure that, the
    Images are classified as 8 bit or 24 bit images based           full and correct message is reached at the recipient target,
upon the number of bits they use to represent a color. The          the following comparisons are made between 1) the size
image files supporting larger intensities are preferred for         of the crypto/stegno object received at the recipient target
covert transmission and are stored in variety of file               and the size of the crypto/stegno object which is
formats. Image file is a large array of pixel intensities           embedded in the crypto/stegno object and sent 2) the size
(Color Values). These pixel values form the raster data of          of the compressed file obtained from the object and the
the image and could be used to impose the message. Each             size of the compressed file which is embedded in the
one of these pixels has its own color, and it is represented        object and dispatched 3) the size of the encrypted
internally as separate quantities of red, green and blue.           message after unzipping and the size of the encrypted
Each of these color levels may range between 0 (none of             message which is embedded in the object. If any
the color) and 255 (a full amount of the color). A pixel            mismatch occurs in any one of the sizes then it is
with an RGB value of (0,0,0) is black, and one with a               understood that the crypto/stegno object is subjected to
value of (255,255,255) is white. For a 24 bit image this is         natural attack while passing over an insecured channel
simple because 24 bit images are stored internally as RGB           domain and the process has to start from the beginning.
triples, and all that needs to be done is to spread the bits
and save out the new file. The images are also very large              On the other hand, if there is no mismatch, then from
as they contain 3 bytes for every pixel (for a 640 x 480            the received crypto/stegno object all the Least Significant
image this is 640 x 480 x 3 = 921600 bytes).                        Bits of the pixels are combined together to form a
                                                                    compressed file. Futher, the compressed file is unzipped
   When applying LSB techniques to each byte of a 24-bit            to get an encrypted message from which the original
image, three bits can be encoded into each pixel. (As each          message is obtained by undergoing the process of
pixel is represented by three bytes.) Any changes in the            decryption using RSA Algorithm.
pixel bits will be indiscernible to the human eye [2]-[3].
For example, the letter A can be hidden in three pixels.                www.stegoarchive.com [4] is a website which have
Assume the original three pixels are represented by the             many stegno tools to automate the process of changing the
three 24-bit words as below                                         LSB to allow for the insertion of some other data on an
                                                                    image and getting back the data and the image separately
   (00100111 11101001 11001000)                                     at the other end. A few of the more popular applications
   (00100111 11001000 11101001)                                     are ExStego, Jstego and hide4pgp. S-Tools is another tool
                                                                    that uses a different method for utilizing the LSB theory.
   (11001000 00100111 11101001)                                     It closely approximates the cover image and that could
The binary value for the letter A is 10000011. Inserting            possibly cause extreme palette changes in the original
the binary value for A into the three pixels, starting from         image.
the top left byte, would result in
   (00100111 11101000 11001000)                                                     V.   THE RSA DECRYPTION
    (00100110 11001000 11101000)                                    The RSA decryption key D is the inverse E modulo of
   (11001000 00100111 11101001)                                     ( p − 1)(q − 1) .
    The emphasized bits are the only bits that are actually         ie. ED = 1 mod( p − 1)( q − 1) , this can be found by
changed. The main advantage of LSB insertion is that
                                                                    using the euclidean algorithm. Then the decryption is
data can be hidden in the least and second to least bits and
still to the human eye, the resulting image with embedded           done by the rule     (block ) D mod n where block is the
data will look practically identical to the cover image.            cipher text.
Notice that only the bolded bits had to be changed in order
to create the letter A. On the average only less than 50%           The whole strength of the RSA method lies in the fact that
                                                                    even though n = pq is known, the factorization of n is
                                                                    the most difficult problem (as against finding large primes




                                                               47                               http://sites.google.com/site/ijcsis/
                                                                                                ISSN 1947-5500
                                                                  (IJCSIS) International Journal of Computer Science and Information Security,
                                                                  Vol. 8, No. 4, July 2010




p and q). It is known that even most efficient factorization
methods (till recently by 2002) requires billions of years
to factor 400 digit integers. Hence when p and q are 200
digits primes, messages encrypted using n = pq as the
modulus cannot be found in a reasonable time unless p or
q is known.


                        VI.    CONCLUSION
   The RSA-LSB crypto/stegno method suggested has
sound mathematical and logical support. The decryption
key for the methods depend only on a small part of
information namely
   i.       for RSA – the exponent E and its inverse D
  ii.       for LSB, the collection of least significant digits.
   The method is highly secure and decryption cannot be
obtained by illegal persons within a reasonable period of
time.     For both the methods there are several
application/software available and hence execution of the
method is readily possible.


                              REFERENCES
[1]     Kenneth H. Rosen, “Discrete Mathematics and its Applications”,
        McGraw Hill, Fifth Edition.
[2]     Neil F.Johnson and Sushil Jajodia, “Exploring Steganography:
        Seeing the Unseen”, George Mason University, Available online at
        http://www.jjtc.com/pub/r2026.pdf.
[3] J.R. Krenn, “Steganography and steganalysis”, Available at
    http://www.krenn.nl/univ/cry/steg/article.pdf
[4] James C.Judge, “Steganography Past, Present, Future”,
        Avaiable     at    http://www.sans.org/reading_room/whitepapers
        /stenganography/steganography-past-present-future_552 .


                          AUTHORS PROFILE
A. Joseph Raphael obtained his Master degree in Computer Science from
St. Joseph’s College, Tiruchirapalli and Master of Philosophy in
Computer Science from Alagappa University, Karaikudi. Currently, he is
a PhD research scholar at Karpagam University, Coimbatore, India and
also working as a lecturer in the department of Information Technology,
Ibra College of Technology, Sultanate of Oman.

Dr. V. Sundaram earned his PhD in mathematics from Madras
University. He is a research guide of Anna University, Coimbatore and
Karpagam University in the field of computer science and computer
applications. He is currently guiding several PhD students in the areas of
theoretical computer science, network security, cryptography and data
mining. He has published several papers in national and international
journals and organized 5 national conferences. He is a life member of
ISTE and member of Computer Society of India




                                                                             48                              http://sites.google.com/site/ijcsis/
                                                                                                             ISSN 1947-5500