DESIGN AND IMPLEMENTATION OF A CRYPTO-STEGO SECURITY SYSTEM

By

Author

Presented To

Department of Computer Science

ABSTRACT

This research work has led to the development of a data encryption system that organizations and individuals can use for secure data communication, and to keep private/secret information as confidential as possible. The Waterfall model was used in the analysis of the existing systems and identification of lapses/weaknesses. These weaknesses were corrected/checked by the new system developed using Python. The new system provides security to data/information by encrypting the message and then hides/embeds the encrypted form of the message in any type of image file. The importance of the study of information security cannot be over emphasized in our society

today as it helps to save a lot of situation concerning information confidentiality, integrity, and it’s availability for only the intended person(s), and further help save information from attackers who may want to use the information to achieve some malicious intent, for probably selfish interests. The proposed system achieves this by encrypting a secret message using AES algorithm and hiding it in an image file using the LSB algorithm making it possible to maintain the integrity of the secret message.

In this project we have presented a new system for the combination of cryptography and Steganography using two keys (user password and unique number) which could be proven a highly secured method for data communication. Cryptography, especially when combined with steganography, is a powerful tool which enables people to communicate without possible eavesdroppers even knowing there is a form of communication in the first place. The main advantage of this Crypto-Stego System is that the method used for encryption, AES, is very secure and the LSB transformation Steganography techniques are very hard to detect. This proposed method can also withstand different attacks and thus a very strong and robust method of data security can be obtained.

BACKGROUND OF STUDY

In the present world of communication, one of the necessary requirements to prevent data theft is securing the information. Security has become a critical feature for thriving networks and in military alike. Cryptography and Steganography are well known and widely used techniques that manipulate information (messages) in order to cipher or hide their existence. These techniques have many applications in computer science and other related fields: they are used to protect military messages, E-mails, credit card information, corporate data, personal files, etc. This protection is done or carried out by first generally encrypting the data, then hiding it so as to only be discovered for whom it is meant or intended for. Before the modern era, cryptography was concerned solely with message confidentiality (.i.e., encryption “ conversion of messages from a comprehensible form into an incomprehensible one, and back again at the other end), rendering it unreadable by interceptors or eavesdroppers without the secret knowledge which is the key needed for decrypting the message. In recent decades, the field has expanded beyond confidentiality concerns to include techniques for message integrity checking, sender/receiver identity authentication, digital signatures, interactive proofs, and secure computation, amongst others. Encryption attempts to ensure secrecy in communications, such as those of spies, military leaders, diplomats etc.

Steganography (“ hiding the existence of a message so as to keep it confidential) was also first developed in ancient times. An early example, from Herodotus (- a Greek historian), concealed a message – a tattoo on a slave’s shaved head – under the regrown hair. In modern terms, Steganography is usually implemented computationally, where cover works such as text files, images, audio files, and video files are altered in such a way that a secret message can be embedded within them. Although Steganography techniques are very similar to that of digital watermarking, one big distinction must be highlighted between the two. In digital watermarking, the focus is on ensuring that nobody can remove or alter the content of the watermarked data, even though it might be plainly obvious that it exists. Steganography on the other hand, focuses on making it extremely difficult to tell that a secret message exists at all. If an unauthorized third party is able to say with high confidence that a file contains a secret message, then steganography has failed