SEMINAR TITLE

Is VISUAL CRYPTOGRAPHIC STEGANOGRY IN IMAGES

ABSTRACT
In the multimedia steganocryptic system, the message will first be encrypted using public key encryption algorithm, and then this encrypted data will be hidden into an image file thus accomplishing both data encoding and hiding. The multimedia data will be used to provide the cover for the information. Cryptography involves converting a message text into an unreadable cipher. On the other hand, steganography embeds message into a cover media and hides its existence. Both these techniques provide some security of data neither of them alone is secure enough for sharing information over an unsecure communication channel and are vulnerable to intruder attacks. Although these techniques are often combined together to achieve higher levels of security but still there is a need of a highly secure system to transfer information over any communication media minimizing the threat of intrusion. In this paper we propose an advanced system of encrypting data that combines the features of cryptography, steganography along with multimedia data hiding. This system will be more secure than any other these techniques alone and also as compared to steganography and cryptography combined systems Visual steganography is one of the most secure forms of steganography available today. It is most commonly implemented in image files. However embedding data into image changes its color frequencies in a predictable way. To overcome this predictability, we propose the concept of multiple cryptography where the data will be encrypted into a cipher and the cipher will be hidden into a multimedia image file in encrypted format. We shall use traditional cryptographic techniques to achieve data encryption and visual steganography algorithms will be used to hide the encrypted data.

CHAPTER 1

INTRODUCTION
In todays information age, information sharing and transfer has increased exponentially. The threat of an intruder accessing secret information has been an ever existing concern for the data communication experts. Cryptography and steganography are the most widely used techniques to overcome this threat. Cryptography involves converting a message text into an unreadable cipher. On the other hand, steganography embeds message into a cover media and hides its existence. Both these techniques provide some security of data neither of them alone is secure enough for sharing information over an unsecure communication channel and are vulnerable to intruder attacks. Although these techniques are often combined together to achieve higher levels of security but still there is a need of a highly secure system to transfer information over any communication media minimizing the threat of intrusion. In this paper we propose an advanced system of encrypting data that combines the features of cryptography, steganography along with multimedia data hiding. This system will be more secure than any other these techniques alone and also as compared to steganography and cryptography combined systems Steganography is the art of secret communication. Its goal is to transmit a message (information) hidden inside another visible message. The typical visible message used in many steganographic systems is a digital image and the embedded message is usually hidden by working in the Fourier domain. The message is first coded by a sequence of small irregular images and then merged inside another image together with many other small images. Visual steganography is one of the most secure forms of steganography available today. It is most commonly implemented in image files. However embedding data into image changes its color frequencies in a predictable way. To overcome this predictability, we propose the concept of multiple cryptography where the data will be encrypted into a cipher and the cipher will be hidden into a multimedia image file in encrypted format. We shall use
3

traditional cryptographic techniques to achieve data encryption and visual steganography algorithms will be used to hide the encrypted data.

CHAPTER 2

LITERATURE SURVEY
2.1 Basic Overview on Cryptography
Cryptography involves converting a message text into an unreadable cipher. A large number of cryptography algorithms have been created till date with the primary objective of converting information into unreadable ciphers The two types of algorithms that will be discussed are

Joint Key Cryptography (Symmetric Key Cryptography): Uses a single key for both encryption and decryption

Public Key Cryptography (Asymmetric Key Cryptography): Uses one key for encryption and another for decryption

2.1.1 THE JOINT KEY CRYPTOGRAPHY (Symmetric key cipher)

It uses a common key for encryption and decryption of the message. This key is shared privately by the sender and the receiver. The sender encrypts the data using the joint key and then sends it to the receiver who decrypts the data using the same key to retrieve the original message. Joint key cipher algorithms are less complex and execute faster as compared to other forms of cryptography but have an additional need to securely share the key. In this type of cryptography the security of data is equal to the security of the key. In other words it serves the purpose of hiding a smaller key instead of the huge chunk of message data

. 2.1.2 THE PUBLIC KEY CRYPTOGRAPHY (asymmetric key cipher)

It is a technique that uses a different key for encryption as the one used for decryption. Public key systems require each user to have two keys a public key and a private key (secret key). The sender of the data encrypts the message using the receivers
4

public key. The receiver then decrypts this message using his private key. This technique eliminates the need to privately share a key as in case of symmetric key cipher. Asymmetric cryptography is comparatively slower but more secure than symmetric cryptography technique. The public key cryptography is a fundamental and most widely used technique, and is the approach which underlies Internet standards such as Transport Layer Security (TLS). The most common algorithm used for secret key systems is the Data Encryption Algorithm (DEA) defined by the Data Encryption Standard (DES) [3]

2.1.3 A HYBRID CRYPTOSYSTEM

It is a more complex cryptography system that combines the features of both joint and public key cryptography techniques. We shall use traditional public key cryptography techniques to covert the message into a cipher. For embedding the cipher into images, a modified joint key technique will be used.

2.2 BASIC OVERVIEW ON STEGANOGRAPHY

Steganography is the art of hiding the existence of the communication message before sending it to the receiver. It has been practiced since 440 B.C. in many ways like writing information on the back of cattle in a herd, invisible ink etc. Some relatively modern ways include hiding the information in newspaper articles and magazines etc. The objective of steganography is to hide a secret message within a cover-media in such a way that others cannot discern the presence of the hidden message. Technically in simple words steganography means hiding one piece of data within another. Modern steganography uses the opportunity of hiding information into digital multimedia files and also at the network packet level. Hiding information into a media requires following elements The cover media(C) that will hold the hidden data The secret message (M), may be plain text, cipher text or any type of data The stego function (Fe) and its inverse (Fe-1) An optional stego-key (K) or password may be used to hide and unhide the
5

message.The stego function operates over cover media and the message (to be hidden) along with a stego-key (optionally) to produce a stego media (S). The schematic of steganographic operation is shown below.

Figure2.1: The Steganographic operation

Multimedia steganography is one of the most recent and secure forms of steganography. It started in 1985 with the advent of the personal computer applied to classical steganography problems. Visual steganography is the most widely practiced form of steganography and is usually done using image files. It started with concealing messages within the lowest bits of noisy images or sound files. Images in various formats like jpeg have wide color spectrum and hence do not reflect much distortion on embedding data into them. We shall perform steganography on image files and we shall hide the encrypted message into image files in an encrypted format thus achieving a multiple cryptographic system. The most commonly used technique for image steganography is bit insertion where the LSB of a pixel can be modified. Ref [4] explains various other techniques involve spread spectrum, patch work, JPEG compression etc. Instead of traditional LSB encoding, we will use a modified bit encoding technique to achieve image steganography in which each pixel will store one byte of data.

2.3 MULTIMEDIA IMAGE FILES

Multimedia content basically comprises of images, videos and audio files. Images form the basis of visual multimedia. Videos are streams of images displayed in sequence at a certain speed. We shall focus on image files to achieve visual steganography.
6

Images are visual data stored in a picture frame. Images basically are made up of various regions consisting of pixels. These pixels in turn consist of three basic colors R (red), G (green) and B (blue). The pixel values (R, G, B values) can be manipulated to hide data in the images. A marginal deviation in these pixel values does not alter the images as a whole but a slight shade difference occurs in the altered region that is not visible in normal conditions. The image can hence serve as a cover for the information so as to achieve steganography. The edited image can be transmitted to the receiver along with the original image. The receiver then can decode the data from the image by pixel based image comparison [6]. The process involved in encoding and decoding uses a blend of media cryptography and asymmetric cryptographic algorithms.

An image or a multimedia data has 5 + 1 properties which include the position of color pixel on the x-axis, the position of color pixel in the y-axis, the R component of color, the G component of color, the B component of color and the sixth is the image description properties like size, timestamp etc. These properties are stored in the first few lines of image property description. The number of bits per pixel is also a property that varies in different images. To achieve a more general bit encoding system we shall use 8-bits per pixel image.

2.4 VISUAL CRYPTOGRAPHY

Visual Cryptography is a special encryption technique to hide information in images in such a way that it can be decrypted by the human vision if the correct key image is used. The technique was proposed by Naor and Shamir in 1994. Visual Cryptography uses two transparent images. One image contains random pixels and the other image contains the secret information. It is impossible to retrieve the secret information from one of the images. Both transparent images or layers are required to reveal the information. The easiest way to implement Visual Cryptography is to print the two layers onto a transparent sheet. When the random image contains truely random pixels it can be seen as a one-time pad system and will offer unbreakable encryption. In the overlay animation you can observe the two layers sliding over each other until they are correctly aligned and the hidden information appears. To try this yourself, you can copy the example layers 1 and 2, and print them onto a transparent sheet or thin paper. Always use a program that displays the black and
7

white pixels correctly and set the printer so that all pixels are printed accurate (no diffusion or photo enhancing etc). You can also copy and past them on each other in a drawing program like paint and see the result immediately, but make sure to select transparent drawing and align both layers exactly over each other.

Layer 1

Layer 2

Overlay

How Visual Cryptography works

Each pixel of the images is divided into smaller blocks. There are always the same number white

(transparent) and black blocks. If a pixel is divided into two parts, there are one white and one black block. If the pixel is divided into four equal parts, there are two white and two black blocks. The example images from above uses pixels that are divided into four parts. In the table on the right we can see that a pixel, divided into four parts, can have six different states. If a pixel on layer 1 has a given state, the pixel on layer 2 may have one of two states: identical or inverted to the pixel of layer 1. If the pixel of layer 2
8

is identical to layer 1, the overlayed pixel will be half black and half white. Such overlayed pixel is called grey or empty. If the pixels of layer 1 and 2 are inverted or opposite, the overlayed version will be completely black. This is an information pixel. We can now create the two layers. One transparent image, layer 1, has pixels which all have a random state, one of the six possible states. Layer 2 is identical to layer 1, except for the pixels that should be black (contain information) when overlayed. These pixels have a state that is opposite to the same pixel in layer 1. If both images are overlayed, the areas with identical states will look gray, and the areas with opposite states will be black. The system of pixel can be applied in different ways. In our example, each pixel is divided into four blocks. However, you can also use pixels, divided into two rectangle blocks, or even divided circles. Also, it doesn't matter if the pixel is divided horizontally or vertically. There are many different pixel systems, some with better contrast, higher resolution or even with color pixels. If the pixel states of layer 1 are truly (crypto secure) random, both empty and information pixels of layer 2 will also have completely random states. One cannot know if a pixel in layer 2 is used to create a grey or black pixel, since we need the state of that pixel in layer 1 (which is random) to know the overlay result. If all requirements for true randomness are fulfilled, Visual Cryptography offers absolute secrecy according to the Information Theory. If Visual Cryptography is used for secure communications, the sender will distribute one or more random layers 1 in advance to the receiver. If the sender has a message, he creates a layer 2 for a particular distributed layer 1 and sends it to the receiver. The receiver aligns the two layers and the secret information is revealed, this without the need for an encryption device, a computer or performing calculations by hand. The system is unbreakable, as long as both layers don't fall in the wrong hands. When one of both layers is intercepted it's impossible to retrieve the encrypted information.

CHAPTER 3

IMPLEMENTATION
In the multimedia steganocryptic system, the message will first be encrypted using public key encryption algorithm, and then this encrypted data will be hidden into an image file thus accomplishing both data encoding and hiding. The multimedia data will be used to provide the cover for the information. Each color in the multimedia data when considered as an element in an arrangement of 3D matrix with R, G and B as axis can be used to write a cipher (encoded message) on a 3D space. The method which we will use to map the data is a block or a grid cipher. This cipher will contain the data which will be mapped in a 3-D matrix form where the x-axis can be for R (red), y-axis can be for G (green) and z-axis can be for B (blue)

Fig 3.1 System Flow Chart

10

Embedding data into an image often changes the color frequencies in a predictable way and also gives redundancy in formats like bmp. To remove this predictability, we will embed the cipher in the image in an encrypted form using a reference database instead of direct bit variations. Also only jpeg image will be used as it reflects the least impact of steganography

3.1 PROPOSED METHOD

Cryptographic algorithms generally need a reference table which aids the conversion of a small block of data into another block (may not be a block of data in the original content). In order to provide higher security levels the algorithm is designed to use a reference database as shown in Fig. 2. The reference database will consist of various reference grids. Each of these grids will have a 3-d representation of the encoding schema which will be used to represent the characters in terms of specific numbers. (The same number may or may not represent a different character in a different grid).

Fig. 3.2 Matrices in a Grid of the Reference database

3.1.1 Encryption Algorithm

The message will first be encrypted using Asymmetric Key Cryptography technique. The data will be encrypted using basic DES algorithm [9]. This cipher will now be hidden into a multimedia file.

11

 The cipher will be saved in the image using a modified bit encoding technique by truncating the pixel values to the nearest zero digit (or a predefined digit) and then a specific number which defines the 3-D representation of the character in the cipher code sequence can be added to this number. For every character in the message a specific change will be made in the RGB values of a pixel. (This change should be less than 5 for each of R,G and B values) This deviation from the original value will be unique for each character of the message. This deviation also depends on the specific data block (grid) selected from the reference database. For each byte in the data one pixel will be edited. Thus one byte of data will be stored per pixel in the image. In this method the cipher sequence can be decoded without the original image and only the edited image will be transmitted to the receiver. In the first few lines of image properties, the attributes of the image will be encrypted and saved so as to provide us the information if the image is edited or modified or the image extension has been changed like jpg to gif. These properties can be used in the decoding (identifying the correct block of data from the data grid). So only the correct encrypted image in the correct format will produce the sent message. For decryption, the receiver must know which image to decode and in which format as changing the image format changes the color distribution of the image. Every image gives a random data on decryption that has no meaning. But only the correct Format decryption gives the original message. After hiding the data in the image, the image will be sent to the receiver. The receiver should have the decryption key (private key) which will be used to decode the data.

3.1.2. Decryption Algorithm

The message can be decoded using an inverse function (as used in traditional techniques) using the receivers private key. This key can be a part of the image or a text or any attribute of the image. The receivers private key is used to identify the reference grid from the reference database. After selecting the correct grid, the x and y component of the image can define the block that has been used to encrypt the message and the RGB values can point to the data in the block identified by the x, y component as shown in Fig. 3.

12

Fig.3.3 Matrix in a grid of Reference database The cipher is retrieved by obtaining the difference in the pixel value from the closest predefined value (zero truncation). These numbers will now define the saved bit and will form the cipher text. This cipher can now be decrypted using an inverse function of the DEA algorithm to get the message text.

CHAPTER 4

EXPERIMRNTAL RESULTS
The system was designed using an image of size 200x150(30000) pixels. Initially, the pixel values were incremented to the next higher multiple of 5. The message text was converted into cipher text using DEA algorithm. The secret key used was This is the Secret Key. Maximum possible size (29 Kb) of message data was taken considering one byte per pixel. The cipher text was then embedded into the jpeg image by pixel variation (decrement) of the selected value that was between 0-3 for R, 0-4 for G and 0-4 for B values of the pixel. The reference database consisted of 3 data grids. The data grid was selected on the basis of the number of pixels of the image. If the pixels were less than 1, 00,000 pixels the data grid 1 was selected, if they were between 1, 00,000 and 10, 00,000 then the data grid 2 was selected
13

else the data grid 3 was selected. Each data grid had 20 matrices which were selected on the basis of the height to width ratio. The image containing message data was found to have no visible distortion.

Fig. 4.1 Encryption result of the application.

For decryption the cipher was retrieved by checking the pixel variations and inverse DEA function was applied to retrieve the message. To retrieve the cipher from the image, the difference in the pixel value from the next higher multiple of 5 was calculated. The correct data grid from the reference database was selected on the basis of the number of pixels in the image. The correct matrix from the data grid was selected on the basis of the height to width ratio. After this the encrypted message was retrieved from the image. The inverse DEA function was applied to this encrypted message in order to retrieve the original message text. The steganocryptic algorithm combines the features of cryptography and steganography and hence provides a higher level of security than either of the techniques alone. The algorithm also is more secure than a normal cryptographic system as the encrypted data is hidden into a multimedia file and then transmitted. It is also more secure than a Steganography system as the data to be hidden is in an encrypted format. The algorithm scores over traditional visual steganography systems like LSB encoding as it implements multiple encryptions. The image bits are used not to store the message but a slight deviation which correspond to a unique character. This deviation is then retrieved from the image and used to
14

decrypt the original message. The image used for encryption is jpeg as it has the least deviation of embedding data.

CHAPTER 5

APPLICATIONS
This method can be used to increase the security on web based applications. The user will be asked to provide the secret key and the password can be compared from image files using the key. It can be used as advancement over the existing option to input the security phrase in various web based applications.

Cryptography was used to assure only secrecy. Wax seals, signatures, and other physical mechanisms were typically used to assure integrity of the media and authenticity of the sender. With the advent of electronic funds transfer, the applications of cryptography for integrity began to surpass its use for secrecy. Electronic cash came into being from cryptography, and the electronic credit card and debit card sprung into widespread use. The advent of public key cryptography introduced the possibility of digital signatures, and other related concepts such as electronic credentials. In the information age, cryptography has become one of the major methods for protection in all applications Steganography is applicable to the following areas. 1) Confidential communication and secret data storing 2) Protection of data alteration 3) Access control system for digital content distribution 4) Media Database systems In the case of a secret message being transferred the information can be kept inside a multimedia data which will be the normal cipher which had to be transferred. This multimedia data can be transferred in the normal way. Video files and image streams can also be used to transmit data. In case of image streams part of message can be sent in each image.

15

This will increase the security of the system, however the time consumption will increase in this case.

CHAPTER 6

CONCLUSION
The proposed system is aimed to simplify the complex and redundant process with the flexibility of a simple process. The proposed system is being developed as an attempt to overcome the difficulties of the existing system. The following are the merits of the proposed system. It provides two levels of security to the information being transmitted. That is the intruders cannot easily break the system. Even if they realize the existence of a secret data they cannot easily recognize the data, since data is hidden in two ways. This system overcomes the demerits of using single level of hiding. That is either using cryptography or steganography. And one more thing to add is it requires only the computation time of single level hiding, because visual cryptography requires no computation to decrypt the information. This method can be used to increase the security on web based applications. The user will be asked to provide the secret key and the password can be compared from image files using the key. It can be used as advancement over the existing option to input the security phrase in various web based applications. In the case of a secret message being transferred the information can be kept inside a multimedia data which will be the normal cipher which had to be transferred. This multimedia data can be transferred in the normal way. Video files and image streams can also be used to transmit data. In case of image streams part of message can be sent in each image. This will increase the security of the system, however the time consumption will increase in this case.
16

CHAPTER 7

ANNEXURE
7.1 SYMMETRIC KEY CRYPTOGRAPHY
With secret key cryptography, a single key is used for both encryption and decryption. As shown in Figure 1A, the sender uses the key (or some set of rules) to encrypt the plaintext and sends the cipher text to the receiver. The receiver applies the same key (or ruleset) to decrypt the message and recover the plaintext. Because a single key is used for both functions, secret key cryptography is also called symmetric encryption. With this form of cryptography, it is obvious that the key must be known to both the sender and the receiver; that, in fact, is the secret. The biggest difficulty with this approach, of course, is the distribution of the key. Secret key cryptography schemes are generally categorized as being either stream ciphers or block ciphers. Stream ciphers operate on a single bit (byte or computer word) at a time and implement some form of feedback mechanism so that the key is constantly changing. A block cipher is so-called because the scheme encrypts one block of data at a time using the same key on each block. In general, the same plaintext block will always encrypt to the same cipher text when using the same key in a block cipher whereas the same plaintext will encrypt to different cipher text in a stream cipher.Secret key cryptography algorithms that are in use today include:

Data Encryption Standard (DES): The most common SKC scheme used today, DES was designed by IBM in the 1970s and adopted by the National Bureau of Standards (NBS) [now the National Institute for Standards and Technology (NIST)] in 1977 for commercial and unclassified government applications. DES is a blockcipher employing a 56-bit key that operates on 64-bit blocks. DES has a complex set of rules and transformations that were designed specifically to yield fast hardware implementations and slow software implementations, although this latter point is becoming less significant today since the speed of computer processors is several orders of magnitude faster today than twenty years ago. IBM also proposed a 112-bit
17

key for DES, which was rejected at the time by the government; the use of 112-bit keys was considered in the 1990s, however, conversion was never seriously considered.

Triple-DES (3DES): A variant of DES that employs up to three 56-bit keys and makes three encryption/decryption passes over the block; 3DES is also described in FIPS 46-3and is the recommended replacement to DES.

Advanced Encryption Standard (AES): In 1997, NIST initiated a very public, 41/2 year process to develop a new secure cryptosystem for U.S. government applications. The result, the Advanced Encryption Standard, became the official successor to DES in December 2001. AES uses an SKC scheme called Rijndael, a block cipher designed by Belgian cryptographers Joan Daemen and Vincent Rijmen. The algorithm can use a variable block length and key length; the latest specification allowed any combination of keys lengths of 128, 192, or 256 bits and blocks of length 128, 192, or 256 bits. NIST initially selected Rijndael in October 2000 and formal adoption as the AES standard came in December 2001. FIPS PUB 197 describes a 128-bit block cipher employing a 128-, 192-, or 256-bit key.

CAST-128/256: CAST-128, described in Request for Comments (RFC) 2144, is a DES-like substitution-permutation crypto algorithm, employing a 128-bit key operating on a 64-bit block. CAST-256 (RFC 2612) is an extension of CAST-128, using a 128-bit block size and a variable length (128, 160, 192, 224, or 256 bit) key. CAST is named for its developers, Carlisle Adams and Stafford Tavares and is available internationally. CAST-256 was one of the Round 1 algorithms in the AES process.

7.2 ASYMMETRIC KEY CRYPTOGRAPHY

In public key cryptography each user or the device taking part in the communication have a pair of keys, a public key and a private key, and a set of operations associated with the keys to do the cryptographic operations. Only the particular user/device knows the private key whereas the public key is distributed to all users/devices taking part in the communication. Since the knowledge of public key does not compromise the security of the algorithms, it can be easily exchanged online.
18

A shared secret can be established between two communicating parties online by exchanging only public keys and public constants if any. Any third party, who has access only to the exchanged public information, will not be able to calculate the shared secret unless it has access to the private key of any of the communicating parties.The other important applications of public key cryptography are Data Encryption and Digital Signature. A few public key algorithms and will also gives an explanation on how these algorithms work. The algorithms covered in this section are Key Agreement Algorithms RSA, DH, ECDH Encryption Algorithms RSA Signature Algorithms RSA, DSA, ECDSA

7.2.1DH - Diffie-Hellman Key Agreement

Diffie-Hellman is a key agreement algorithm that helps two devices to agree on a shared secret between them without the need to exchange any secret/private information. The DH standard is specified RFC 2631[4] . An overview of the algorithm is given below. Key agreement Algorithm For establishing shared secret between two device A and B, both device agrees on public constants p and g. Where p is a prime number and g is the generator less than p. D1. Let a and b be the private keys of the devices A and B respectively, Private keys are random number less than p. D2. Let gamod p and gbmod p be the public keys of devices A and B respectively D3. A and B exchanged their public keys. D4. The end A computes (gbmod p) a mod p that is equal to gbamod p. D5. The end B computes (gamod p)b mod p that is equal to gabmod p. D6. Since K = gbamod p=gabmod p, shared secret = K.

7.2.2 RSA
RSA is a public key algorithm that is used for Encryption, Signature and Key Agreement. RSA typically uses keys of size 1024 to 2048. The RSA standard is specified RFC 3447, RSA
19

7.2.2.1 RSA Encryption Parameter generation R1. Select two prime numbers p and q. R2. Find n=p*q, Where n is the modulus that is made public. The length of n is considered as the RSA key length. R3. Choose a random number e as a public key in the range 0<e< (p-1) (q-1) such that Gcd (e,(p-1)(q-1))=1. R4. Find private key d such that ed1 (mod (p-1) (q-1)). Encryption Consider the device A that needs to send a message to B securely. R5. Let e be Bs public key. Since e is public, A has access to e. R6. To encrypt the message M, represent the message as an integer in the range 0<M<n. R7. Cipher text C = Memod n, where n is the modulus. Decryption R8. Let C be the cipher text received from A. R9. Calculate Message M = Cd mod n, where d is Bs private key and n is the modulus.

7.2.3 DSA Digital Signature Algorithm

DSA is a public key algorithm that is used for Digital Signature. The DSA standard is specified FIPS 186-2, Digital Signature Standard [2] Parameter generation S1. Choose a 160-bit prime q. S2. For an integer z, choose an L-bit prime p, such that p=qz+1, 512 L 1024, and L is divisible by 64. S3. Choose h, where 1<h<p-1 such that g=hZ mod p>1. S4. Choose a random number x, where 0<x<q. S5. Calculate y=gx mod p. S6. Public key is (p, q, g, y). Private key is x. Signing Consider the device A that sign the data M that it sends to B. S7. Let x be As private key and (p, q, g, y) be As public key.
20

S8. Generate a random per-message value k, where 0<k<q. S9. Calculate r = (gk mod p) mod q. S10. Calculate s = (k-1(M+x*r)) mod q, where M is the hash SHA1 of the message S11. The signature is (r, s). Verification S12. Let M be the message and (r, s) be the signature received from A S13. Let (p, q, g, y) be As public key. Since (p, q, g, y) is public, B has access to it. S14. Calculate w = s-1 mod q. S15. Calculate u1 = (M*w) mod q, where M is the hash SHA1 of the message. S16. Calculate u2 = (r*w) mod q. S17. Calculate v = ((gu1*yu2) mod p) mod q. S18. The signature is valid if v=r, invalid otherwise.

7.3 IMAGE STEGANOGRAPHY

Images are the most popular cover objects used for steganography. In the domain of digital images many different image file formats exist, most of them for specific applications. For these different image file formats, different steganographic algorithms exist. REPRESENTATION OF IMAGE TYPES In a computer, images are represented as arrays of values. These values represent the intensities of the three colors R(ed) G(reen) and B(lue), where a value for each of the three colors describes a pixel. Through varying the intensity of the RGB values, a finite set of colors spanning the full visible spectrum can be created. In an 8-bit gif image, there can be 28 = 256 colors and in a 24-bit bitmap, there can be 224 = 16777216 colors. Large images are most desirable for steganography because they have the most space to hide data in. The best quality hidden image is normally produced using a 24-bit bitmap as a cover image. Each byte corresponding to one of the three colors and each three-byte value fully describes the color and luminance values of one pixel. The cons to large images are that they are cumbersome to both transfer and upload, while running a larger chance of drawing an attackers attention due to their uncommon size. As a result, compression is often used. There are two common compression techniques used to shrink the file size of a bitmap. (Johnson, 1998)
21

GIF

The first is the GIF (Graphics Interchange Format) format, which will decrease the

number of bits used to represent each pixel from 24 to 8. This is a lossless compression technique and the data hidden in the message can be recovered without a problem. JPEG The JPEG (Joint Photographic Experts Group) is a form of lossy compression. It does a very nice job of decreasing the file size of the image and retaining a great deal of its quality. The JPEG transformation takes eight pixel by eight pixel blocks and performs a 64 bit DCT (Discrete Cosine Transformation) does not compute to exact values. With continuing transforms, the precision of the calculation is decreased and the amount of error increases. Two methods used to perform a DCT are the Fast Fourier and wavelet transforms. The downside to JPEG compression is that it may corrupt hidden data. Palette and Image Composition The palette and composition of the image also contribute to how well the stegotool does its job. An images with gradual color gradients or in grayscale is the best for stenography because it is easier to insert small errors in. The changes also appear more gradually and as a result are less likely to be detected. Observe the different color palettes below and how the one on the left changes gradually and is more suitable for a cover image than the one on the right. (see Figure 7.1. below)

Figure 7.1 Palette Gradients (Johnson, 1998)

22

It is also important to use images that do not contain large blocks of a solid color, as the changed bits in the solid area are easier to detect.

CONCEALMENT There are three main ways to conceal the secret message/image. The first way is straight insertion where you just put the message into the cover image. The next way requires some analysis to find the variations in color and it puts the message in those areas where it is less likely to be detected. The last way is to randomly insert the message into the image.

LSB First we will investigate least significant bit insertion, where you literally put the information in the least significant bits of an image. This is a simple technique but the down side is that the message is very succeptible to information loss when using lossy compression techniques. We will now go over an example that involves inserting an A into 3 pixels of a 24 bit image. Here is the original raster data: (00100111 11101001 11001000) (00100111 11001000 11101001) (11001000 00100111 11101001) The binary value of A is 10000011 and encoding A into the last bits of this 3 pixel sequence will change the above sequence to: (00100111 11101000 11001000) (00100110 11001000 11101000) (11001000 00100111 11101001). (Johnson, 1998) . Next we will do least bit insertion with an 8 bit value. Since 8 bit values can only

have a maximum of 256 colors the image must be chosen much more carefully. Consider a palette with four colors: white, red, blue, and green which have the palette position entries of 0(00), 1(01), 2(10) and 3(11) respectively. The values of four adjacent pixels with colored white, white, blue, blue (00 00 10 10). We will try and hide the decimal number 10 represented in binary as 1010. The resulting raster is: 01 00 11 10, which corresponds to red,

23

white, green, blue. Thes large changes in the image are very noticeable in a color image although an 8 bit greyscale image will produce relatively good results. (Johnson, 1998)

Masking and Filtering Masking and filtering techniques are mostly used on 24 bit and greyscale images. They hide info in a way simliar to watermarks on actual paper and are sometimes used as digital watermarks. Masking images entails changing the luminance of the masked area. The smaller the luminance change, the less of a chance that it can be detected. Observe that the luminance in Figure 7.2. (next page) is at 15% in the mask region if it was decreased then it would be nearly invisible.

Figure 7.2. Masking (Johnson, 1998)

24

Stego-images(images that have been manipulated by steganographic methods) that are masked will keep a higher fidelity than LSB through compression, cropping and some image processing. The reason that a stego image encoded with masking, degrades less under JPEG compression is that the secret message is hid in the significant areas of the picture. There is a tool called JPEG J steg that takes advantage of the compression of JPEG while trying to keep a high message fidelity. The program takes a secret message and a lossless cover image as input and outputs a stego image in JPEG format.

25