PROJECT REPORT on SECURITY EXTENSIBILITY IN STEGANOGRAPHY submitted in partial fulfillment of the requirements for the award of the degree of BACHELOR OF TECHNOLOGY (INFORMATION TECHNOLOGY) of UNIVERSITY OF MADRAS by MADHAN. R (9002164) RAJESHKUMAR. M (9002176) SWAMYNATHAN. S (9002196) under the guidance of Ms. CHENTHILBANU,M.E., ( Lecturer,DepartmentofInformationTechnology) APRIL 2004 DEP ARTMENT OF INFORMATION TECHNOLOGY S.R.M. ENGINEERING COLLEGE S.R.M. Nagar, Kattankulathur, Kancheepuram District - 603 203.
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
PROJECT REPORTon
SECURITY EXTENSIBILITY INSTEGANOGRAPHY
submitted in partial fulfillment of the requirementsfor the award of the degree of
BACHELOR OF TECHNOLOGY(INFORMATION TECHNOLOGY)
of
UNIVERSITY OF MADRAS
by
MADHAN. R (9002164)RAJESHKUMAR. M (9002176)SWAMYNATHAN. S (9002196)
under the guidance ofMs. CHENTHILBANU,M.E.,
( Lecturer,Departmentof InformationTechnology)
APRIL 2004
DEPARTMENT OF INFORMATION TECHNOLOGY
S.R.M. ENGINEERING COLLEGES.R.M. Nagar, Kattankulathur, Kancheepuram District - 603 203.
BONAFIDE CERTIFICATE
This is to certify that the project work entitled
SECURITY EXTENSIBILITY IN
STEGANOGRAPHY is a bonafide work done by
the requirementsfor the award of the degree of
Bachelor of Technology
.In
INFORMATION TECHNOLOGY
Hea~epartmenl
Submitted for university examination held in April 2004 at
S.R.M. Engineering College, Kattankulathur.
Date:l4 - .; - .l""~ ,nte4ner
60/External Examiner
---- - -
ACKNOWLEDGEMENT
They say, "Rome was not built in a day". Persistence, commitment, and sincerity have
indeed contributed to the successful completion of our final year project 'Security
Extensibility in Steganography'. But without the support and encouragement of many,
our efforts would have gone meaningless.
We first and foremost thank the Almighty for our project's success.
We extend our gratitude to our respected chairman Mr. Pachamuthu, Principal Prof.
R.Venkatramani and our Director Dr. T.P.Ganesan for the infrastructure they have
provided us with and which has been conducive to our pursuits.
We are extremely grateful to the Head of the Department of Information Technology,
Prof. S.Rajendran for having supported and encouraged us all along.
We are profoundly obliged to our project coordinator and Senior Lecturer, Department of
Information Technology, Mrs G.Vadivu, for being the 'backing force' without which we
would not have been motivate enough.
Our very special thanks go to our guide and Lecturer of Department of Information
Technology, Ms ChenthilBanu M.E without whose constant help, suggestions and
advice, we would not have come this far.
We owe a lot to Mr.S.Ashok and Mrs.Vadivu for suggesting improvements and
enhancements.
Weare also greatly indebted to our parents and friends for their moral support and the
whole Information Technology department for all the encouragement.
Last but not the least, the experiences of working together were not only enjoyable but
also very beneficial.
ABSTRACT
Steganography is the art of passing the infonnation in the manner that the very existence of the
message is unknown. The goal of steganography is to avoid suspicion to the transmission of
hidden message, such that it is highly secured. Steganography is the art of concealing the
existence of infonnation within seemingly innocuous carriers. Steganography can be viewed as
akin to cryptography. Both have been used throughout recorded history as means to protect
infonnation. At times these two technologies seem to converge while the objectives of the two
differ. Cryptographic techniques "scramble" messages so if intercepted, the messages cannot be
understood. Steganography, in an essence, "camouflages" a message to hide its existence and
make it seem "invisible" thus concealing the fact that a message is being sent altogether.
Steganography has its place in security. It is not intended to replace cryptography but supplement
it. Hiding a message with steganography methods reduces the chance of a message being
detected. One of the most commonly used methods is Least Significant Bit (LSB) algorithm. This
deals with the embedding of message along with the image file where each pixel is of size 3
bytes. Each and every bit of the message is taken and is embedded along with the bytes of the
image file such that, its inclusion does not make a perceivable change in the message embedded
file. Incase of confidential infonnation that should be sent, provision of security is an inevitable
issue which cannot have any compromise. This algorithm that is commonly used in this field has
a major loophole. That is the ease of cracking the messages that is hidden in the image file. This
is due to the simplicity of the algorithm that gave room for the easy cracking of the messages.
Thus the Security Extensibility algorithms called SRM algorithms for steganography,
cryptography, password authentication, digital watennarking which is developed by our own is
used to provide more security such that the cracking is made quite tough which is almost
Encrypted r Password Digitaltext inside Authentication Watermarkingbitmap verificationimagefile.
Decryption of Messagemessage retrievingr
S.R.M Algorithm for Steganography:
Working:
This algorithm is designed by our own which perfonns the following functions:
The user will prompted to give embedding key.
The key that is given by the user will be taken as a seed and a random number will be
generated.
Then that random number will be moded by 8 and the reminder is the chosen bit position.
The message bit will be taken and embedded in that position.
EX:
Let the key that will be given by the user is 23456.
This is taken as a seed to a random function and a random number will be generated and
let that number be 12541.
This 12541 will be moded by 8, 12541%8=5.
So the message bit will be embedded in the first bit.
So how this was made feasible? Doesn't it change the pixel value?
The answer to this main question is an emphatic no. Because let us consider the following
conditions of moded value.
If the moded value is 0 then LSB is used
page 16
If it is not 0 but some value n(where n<8) then that nth bit is seen. If both the message bit
and the nth bit are same(either both should be one or both should be zero),then the bit is
not embedded but that particular nth bit is directly considered as a message bit(as both
the values are same) and LSB is made O(inthis state LSB acts as a flag)
If the nth bit's value and message bit's value are not same then the LSB is made
1(indicating that the message bit is NOT of the nth bit).
Since all the bits are involved and at the same time there wont be a any change in the
pixel value, this would be more secured.
How about key synchronization?
The next question that would be framed in ur mind is about the key synchronization. How
was it possible?
There is a Class called random in JAVA.
We need to create an instance for this like
Random r=new random(seed);
r.nextintO;
This generates a random number in a particular sequence and always returns the same
sequence of numbers for a particular key in any system. So there will not be any problem
if the same key is used.
Ex for its working:
Let the bit position be 5.
Message byte=10101101
page 17
Message bit to be embedded=I
Image byte=IIQIOIII. change the LSB to IIQIOIIQ
The bit to be embedded is I.But the bit in the fifth position is having O.If I is directly
embeded then there will be a human eye perceivable change in the pixel value. To avoid
that what we actually do is we again change the LSB of image byte to llQOll~ This
LSB acts as a flag means, the value of the message bit stored is NOT of the value of the
bit in 5thposition.
Value of the bit in 5thposition is O.
Its NOT value is I.So the message stored is 1.
The same process is used to retrieve the message in the receiver side.
Advantages:
1. Message can not only be embedded in LSB but also in any of the 8 bits.
2. LSB acts as flag at certain circumstances.
3. Choosing of bit message to embed the message is totally randomized.
4. No need for algorithm secrecy.
5. Key secrecy.
6. Any file can be embedded to any file provided the cover file should 8 times
greater than the file that is going to be embedded.
S.R.M Algorithm for Cryptography:-
Working:
This algorithm is designed by our own which performs the following functions:
1.The user will be asked to enter two keys
page 18
(a) Algorithm selection key
(b) Key for Encryption
2. Here 2 main algorithms are developed and 8 more algorithms are developed which
mainly inherits the concepts of the 2 main algorithm there by making a number of 10.
3.The algorithm selection key concept works like this
Enter the algorithm selection key: 213453452789012345
Enter the algorithm Encryption key 12345678
Working of algorithm selection key:
Each and every digit in the algorithm selection key refers to the corresponding algorithm
of the 10 algorithms.
See the sequence
213453452789012345
The message will be encrypted using algorithm 2, then my algorithm 1,then by algorithm
3 ..and at last by algorithm 5.
And the encryption key is used for selecting the bits and inverting there by emulating the
concept of encryption.
page 19
The working of this encryption is best defined by the following diagram.
Let the algorithm sequence be XYZ and let the encrypting key be KEY
Encryption diagram:
(
Decryption:
page 20
Algorithm X is first Algorithm Y will Algorithm Z willused to encrypt the encrypt the message encrypt the text thatmessage file or the that is already is already encryptedplain text using the encrypted by by X and Y usingKEY Algorithm X using KEY.
the same key KEY.
KEY KEY KEY
Algorithm Z is first Algorithm Y will Algorithm X willused to decrypt the decrypt the message decrypt the text thatencrypted file using that is already is already decryptedthe KEY decrypted by by Z and Y using
Algorithm Z using KEY.the same key KEY.
KEY KEY KEY
The detailed description of the algorithm is done in the later part of the program.
Advantages:
I.Dependent on two keys.
2.Though the encrypting key is known, if the algorithm selection is not known then the
message would not be got back.
3.The same holds good on the other way around.
4.The algorithm selection key can be of any size based on the user requirement and
message confidentiality.
5.Usage oflogical pipelining among various algorithms during cryptography.
S.R.M algorithm for password authentication:
This algorithm is designed by our own which performs the following functions:
page 21
......
This will be used in the receiver side to check the authenticity of the receiver. The main
advantage of this algorithm is its resistance to brute force attacks of the password. The
user will be prompted to enter the password which will not be more than 8 characters. If
the user enters the password correctly, then he will be proceeding further. Else he will be
given 2 more chances to enter the password correctly. If he fails to do that then his
session to enter the password will be blocked and a log file will created entering the date
and time details of the password entered.
Consider that the password is "orbit". If user types the password wrongly for 3 times then
a key will be generated.
How this helps?
A log file which captures the system time, system date and the an output denoting
password success/failure. If the password is typed correctly in the first attempt then it
stores as ps(password success), else it does not print anything.
How administrator use this?
The administrator can verify the logfile such that he will be aware of the real hack
that is going on and he can make various arrangements to save based on that.
Advantage:
I.Resistence to bruteforce attacks
page 22
2.Creation oflogfile storing all vital details
Digital Watermarking:
Digital Watermarking is nothing but a way to find whether a message has been
received trom the exact sender.This is verified in the receiver end.
Working:
The signature of the sender is embedded in the cover file which will be regarded as a
separate header will be done.
Then the message should be encrypted and embedded.
The embedded message will reach the destination and first the user at the receiving
side will type the sender name and verify it. If the string matches then he will be
further proceeding with uncovering and deciphering of the messages. Else he will not
be able to do so.
Consider that the sender name is
SRMITES. This will be embedded as a header to the cover file.
The receiver should some know the sender and a legitimate receiver will be knowing
that.After entering the name it will be checked and the process flows based on the
output.
Advantages:
page 23
1. A good method to ensure whether a particular message is from a right sender.
2. No masquerading can be done by a third person by putting wrong watermarking
as the message that is going to be watermarked will be a secret one.
Functional Requirements:
Focusing the project in the aspect of functional requirement, we can split into
following modules.
LSB algorithm
S.R.M algorithm for Embedding (Steganography)
S.R.M algorithm for Extracting (Steganography)
S.R.M algorithm for Encrypting (Cryptography)
S.R.M algorithm for Decrypting (Cryptography)
S.R.M algorithm for Embedding (Watermarking)
S.R.M algorithm for Extracting and verifying (Watermarking)
S.R.M algorithm for password Authentication
Interfaces and Integration
Functions of LSB algorithm:
In our first module, we have just implemented the LSB algorithm which is nothing
but embedding the message bits in the least significant bits of the cover file .In the
implementation of LSB algorithm we have defined the following functions.
page 24
They are
1. A Main function
2. A function to check whether the file which should be embedded is less than 1/Sth
of the size of the cover file.
3. A function which embeds only the header information of the source cover file to
the destination and making it ready to act as a file which holds the contents of
message file.
4. An Embedding function which embeds the message file's contents to the cover
file.
5. An extraction function which extracts the message from the cover file.
Functions Explanation:
First we will be checking the file size of the file that is going to be embedded because
the file can be embedded only if it is lesser than 1/Sthof the size of the cover file. So
in this function we will get the file size of both the cover file and also the message
file.
Then we will be writing the header information to the destination file. That is an
operating system can recognize the type of file by reading the information specified
in its header. In bitmap image the header size is of 54 bytes and if it is a wav file then
it is of 12 bytes. So the first 54bytes(incase of bitmap image) or 12 bytes(in case of
wav file) is taken an directly written to the destination file as soon as it is opened.
Then we will take each and every bit of the message file and embed it into the least
significant bit of the cover file.
During Extraction process we will uncover the bits in the LSB and we will
amalgamate it to reproduce the embedded message.
page 25
Functiolls of SRM algorithm for Stegallography (Embeddillg):
In SRM algorithm for embedding a sequence of lines are written which performs the
following actions. They are
1. The checking of file size which should be embedded.
2. Writing the header
3. Embedding the size of the embedding file into the cover file so that at the
receiver side it would be easy for the receiver to get the size first and uncover the
elements up to that much amount of bytes.
4. Embedding of the message file.
Functions Explallation:
First we will be checking the file size of the file that is going to be embedded because
the file can be embedded only if it is lesser than l/sth of the size of the cover file. So
in this function we will get the file size of both the cover file and also the message
file.
Then we will be writing the header information to the destination file. That is an
operating system can recognize the type of file by reading the information specified
in its header. In bitmap image the header size is of 54 bytes and if it is a wav file then
it is of 12 bytes. So the first 54bytes(incase of bitmap image) or 12 bytes(in case of
wav file) is taken an directly written to the destination file as soon as it is opened.
The file size if embedded into the cover file which acts as a logical header.
page 26
Then we will generate random numbers with the help of random number generators
and then mod that value with 8 and find the bit positions and check the value. If that
value is 0, then normal LSB is used else message bits representing the positions are
returned.
Later the message bits of that positions are embedded and care is taken that only
the value of LSB changes and no other bit value changes. Other than case 0, LSB acts
as a flag.
Functions of SRM algorithm for Steganography(Extracting):
In SRM algorithm for extraction we perform the extracting of the embedded file with
the help of the following functions.
They are
1. Skipping of the header
2. Getting the file size which is embedded during the embedding session.
3. Extracting the text up to the n number of bytes where n is the file size.
4. Writing the message simultaneously while extracting into the same type of file.
Function Explanations:
1. As we already specified that incase of an image file the first 54 bytes will be a
header information, we cannot read it as mostly it will be in unprintable form, if at
page 27
all printable, then it will be in unreadable fonn. After skipping the header file we
will have our file size embedded.
2. Later this file size if taken and stored in a variable and we will start to uncover the
embedded elements and after recovering the embedded 8 bits from the eight bytes
we will decrease the file size by 1.
3. Until the file size reaches 0, we will be extracting the message bits from all bytes.
The random number that is generated in the user side will be generated in the
same sequence such that the exact bit position is found and we will uncover it.
4. Then after uncovering the elements we will write the message into the file of its
type.
Functions of SRM algorithm for Encryption (Cryptography):
SRM algorithm for encryption uses 2 primitive algorithms which are developed by
our own and 8 algorithms which are derived from those 2 algorithms. The detailed
explanation of those 10 algorithms will be given in the ALGORITHMS section. The
main functions that are provided in this module are
1. Getting the text file or any file to get encrypted
2. Getting the algorithm selection key.
3. Getting the key for encryption
4. With the help of algorithm selection key choosing the algorithms fonning a logical
pipelining.
5. Writing the encrypted file parallely into a file.
page 28
Functions Explanation:
1. At first we will be getting the file which should be encrypted. This file can be of
any type.
2. Then we will be getting the algorithm selection key from the user. This can be of
any SIze. It does not have any constraint to the size.
3. Then the encryption key is got from the user using which we will be encrypting
the file.
4. Then each and every character from the algorithm selection key is taken and the
value is noted and the algorithm corresponding to that value is chosen and then
the file is sent as an input to that algorithm. After encrypted with that algorithm
we will be check the next character from the algorithm selection key and then that
value is noted and the file encrypted by the previous algorithm is sent to this
algorithm and this is done up to the length of the string number of times. So this
process in over-all acts as a logical pipelining.
5. Then after encrypting fully the encrypted message is written in a file.
Functions of S.R.M algorithm for decryption (Cryptography)
This file gets the encrypted file and decrypts it. For decrypting process it does the
following functions
page 29
They are
1. Gets the encrypted file as the input
2. Gets the algorithm selection key from the user.
3. Gets the key that was used to encrypt, to decrypt the file.
4. Decrypts according to the character value in the reverse order.
5. Gets the plaintext and writes it into a file.
Functions Explanation:
1. This first takes the encrypted file as the input, by giving the user the option of
selecting the encrypted file.
2. Then the receiver is expected to give out the same algorithm selection key.
3. Then the user will be expected to enter the key that was used to encrypt the
plaintext.
4. Then it takes in each and every character from the last and decrypts one by one
once again forming a logical pipeline from the last and then coming till first
character such that the process of decryption is organized in its manner.
5. Then after decrypting it writes the plaintext recovered back to a file.
Functions of S.R.M algorithm for Embedding (Digital Watermarking)
page 30
Digital watennarking means the user will be embedding some of his details or details
regarding the file like license number, version, author etc. such that it would be
useful for the receiver to check for the right sender. We have used the SRM
algorithm for embedding in watennarking also.
The functions provided by this module is
1. Getting the infonnation from the user.
2. Storing it in an array
3. Using S.R.M algorithm for embedding it embeds the infonnation into the bitmap
image there by acting as a logical header defined by the user.
4. Then we will proceed with embedding of real text.
Functions Explanation:
1. The user will be giving a confidential infonnation which is useful for the receiver
to to check the correct sender which will be usually about the file they are sending
or about the sender
2. Then that infonnation will be stored in an array and then using SRM algorithm for
embedding that its storing the message bit in any bit of the byte of the cover file.
Functions of SRM algorithm for extraction and verification (Digital Watermarking)
page 31
--- - - --
The functions that are provided by the extraction and verification process is
1. First the embedded message will be extracted using S.R.M algorithm of
extraction.
2. Then it will be stored in some array.
3. Then it will be verified with the original description that the sender has sent and
proceed for further process if it is same else it will stop, specifying an error.
Functional Explanations:
The message ITom the logical header created by the sender will be extracted by the
receiver and that message will stored in array. Then the receiver will be having his own
copy of that message and he will check both the values to check whether both are same.
If so it is ITomthe right sender. Else it is not so.
If there is any inconsistency in any of the values then the program will show an error and
will not make the receiver to proceed further.
Functions of SRM algorithm for password autltentication
Password authentication will be in the receiver side to find the legitimacy of the receiver.
This password authentication protocol provides various functions. They are
1. The user should enter the password. If he enters the right password he will be
proceeding further to the next session.
page 32
2. If not then a log file will be generated which stores the exact date and time of this
password typing in that file and also the result of the password typing, whether it
was a successful attempt or not.
Functional Explanations:
The user will be entering the password and the number of attempts will be shown. At
every wrong entry of password, attempts will be reduced. Initially the attempts will
be O.Ifthe no. of attempts reaches 3,there will be a log file, which captures the system
date and system time. Then if the user has entered the password then it stores that the
user has entered the right password. Else it will store about the details during the
password entry that is the date and time in the log file..
System Requirements:
Hardware Requirements:
. A minimum of 300Mhz processor
. A minimum of 64 Mb RAM
. No strict specification about the hard disk.
Software Requirements:
. Windows 9812000/XPplatform
. C++(optional) & JAVA
. Wav file incase of data hiding in audio files, Bitmap/gif files in case of image
files.
. Any file to embed(music, image etc.)
These are the various requirements that are needed. In case of C++ we worked on
Turbo C and incase of JAVA we worked onjdk 1.3.
page 33
-- --
SYSTEM DESIGN
System Architecture:
WaterMarking Encrypt Embed Transfer
Password
success success
decrypt
34
Digital Password-...Watermarking
authentication Receive
verification
Un recognised Exit
sender error message
UnreadableExtraction format to decrypt Original messager
failur wrong decryption
Unreadable Unreadable formatmessage cannot be due to wrong pagedecrypted decryption
Program Modules:
There are totally 9 modules available in this project.
They are
Module 1
Module 2
Module 3
Module 4
Module 5
Module 6
Module 7
Module 8
verification)
Module 9
LSB algorithm
SRM algorithm for steganography (Embedding)
SRM algorithm for steganography (Extracting)
SRM algorithm for cryptography (Encrypting)
SRM algorithm for cryptography (Decrypting)
SRM algorithm for Password authentication
SRM algorithm for digital watermarking (embedding)
SRM algorithm for digital watermarking (extraction and
Interface design
LSB -a programming approach:
This program is done in both C++ and JAVA. Let us see this program in C++ point of
VIew.
We will be getting two files as input. One file is a bitmap image and another is the
message that is going to be embedded using the fopenO function.
Then we have written a function called check( ) which checks the file size of both the
files and determines whether the message can be embedded or not.
Then we have performed a function called embedding function called embed( ) where
the real message file is embedded. Let us see how we have implemented in program.
page 35
. ..- -. ... --
Let the message byte be 11100101
Let the image bytes be 11111011,11111111,11100001,01011010.
We can embed the last 4 bits of the message bit in these 4 bytes. This is done by
Taking the first byte of the image file that is 11111011 and bitwise and it wil OxFE so
that the value will be 11111010.
Then take the message byte and first AND it with Ox01.So that we will get 00000001.
Then OR both the values. We will get 11111011. Well we have embedded the message
bit in LSB of the bitmap image. To embed the next bit we shall take the next bitmap byte
and then AND the message byte with Ox02.Similarly continue taking bits ITommessage
by ANDing it with Ox04,Ox08,Ox10,Ox20,Ox40,Ox80 and use the same procedure and
OR it and embed the message. As soon as we find the file size we should embed the file
size also so that it would be helpful in the receiver side.
Then we write a function called Extract(). What we do here is, we first get the file size
and store in a variable and then we will start to uncover each and every byte of message
and after every recovery of message byte we will decrease the file size value which is in
bytes by I.Then we write it in a file.
Module 2 and 3 SRM algorithm for steganography a programming approach
This is implemented in JAVA. What we actually do here is we developed to different
modules for embedding and extracting.
In the embedding module we do only two things
1. Embedding the file size of the message file to be embedded.
page 36
2. Embedding the message text.
For embedding the file size we use the code in following way....
First we will get the file size by using the function in intxt.available( ). Then we will
store it in the bitmap image.
i=O;
while(i<4){
b=(byte)( (intxtsize&s [i]»»(i*8»;
b=(byte )(b&OxOOOOOOFF);
for(j=O;j<8;j++ ){
ch2=inbmp.readO;
bit=(byte)( (b&arr[j]»> >j);
bit=(byte)(bit&l);
temp=(byte )ch2;
temp=(byte )(temp&l);
if(temp=bit){
outbmp. write«byte )ch2);
} /lend of if
else
if(bit O){
temp=(byte )ch2;
temp=(byte )(temp&OxFE);
outbmp. write(temp);
} /lend of if
else
if(bit 1){
temp=(byte )ch2;
temp=(byte)( templl);
outbmp. write(temp);
page 37
. ._ .. _0. . . _ .. _.. . _._ . --- - -----
} /lend of if
} Ilend of for
i++;
} /lend of while
Then we have implemented the code for embedding the text file and it is being given in
the APPENDIX part ofthis project.
Similarly in order to extract the message that is being embedded we have developed
another module called NewExtractJava
In both embedding and extracting module we have generated the random numbers and
both the numbers generated in different modules were synchronized.
We have to import the following class
Import java.util.Random;
Then we create an object for the Random class by
Random r =new Random(seed);
This generates the same sequence of number for same seed value regardless of the
systems it is used. we generate the next sequence of random number both in embedding
and extracting module by the function
r.nextIntO;
page 38
The same thing in generated in both the modules so, there does not exist any
inconsistency in selecting the exact bit where the message bit is being embedded.
Module 4 and 5.. SRM algorithm for Cryptography a programming approach:-
As already said in the previous pages of this project, we will have 2 keys in this
algorithm. Weare using 10 algorithms here where there are 2 primitive algorithm and 8
derived algorithms. For random number generation we use the same class and the same
function that we used in the previous modules. During the UNIT execution of the
modules we will give the random seed, or key or algorithm selection key in the code it
self. During the INTEGRATED execution the user will have the facility to input the key
in a textbox. In unit execution we give the algorithm selection code and the key in the
following way..
fin=new Fileln pu tStream(" e:\\javaprogs\ \mesg.txt");