Data Security and Authentication using Steganography and STS protocol

1
1

Shaik Riyaz
2

J. Rajakala

M RamaKrishna mathe.ramakrishna@gmail.com M.Tech Student in CSE dept, Sana engineering college, kodad, Nalgonda(dt),A.P,India
3

riyaz.shaik62@gmail.com, M.Tech Student in CSE dept, A.S.R college of Engineering, Tetali,Tanuku,W.G,A.P,India

rajajaladi@gmail.com, Asst Prof in CSE dept A.S.R college of Engineering Tetali,Tanuku,W.G, A.P,India

Abstract: Steganography differs from cryptography in the sense that where cryptography focuses on keeping the contents of a message secret, steganography focuses on keeping the existence of a message secret. Steganography and cryptography are both ways to protect information from unwanted parties but neither technology alone is perfect and can be compromised. Once the presence of hidden information is revealed or even suspected, the purpose of steganography is partly defeated. The strength of steganography can thus be amplified by combining it with cryptography. In this paper, we design a system, which uses features of both cryptography as well as steganography. We proposed a method which describes two stages for sending the information securely by using the Steganography based on matching method and to perform key exchange using STS protocol which guarantees authentication. This is done in following steps: 1.Encrypt the message using any one of the popular PublicKey Encryption Algorithms, so that only authorized parties can only be able to read the message. 2. Find and share stego-key between the two communication parties over insecure networks by applying Station To Station(STS) Protocol. 3. Sender uses the secret stego-key to select pixels that it will be used to hide the message obtained in first step. Each selected pixel used to hide 8 bits of information. Keywords: Public-Key Cryptography, Steganography, Stegokey, STS protocol.

information inside 24-bit image file. In the proposed method, the stego-key is generated by applying a public key exchange protocol which is based on STS protocol. Diffe-Hellman session key agreement is the first key exchange protocol, proposed by Diffie and Hellman. Diffie-Hellman key exchange by itself achieves perfect forward secrecy because no long-term keying material exists at the end of the session to be disclosed. However, it does not provide authentication of the communicating parties; hence it is vulnerable to a man-in-the-middle attack. In order to fix the security flaw in the Diffie-Hellman protocol, the Station-To-Station (STS) protocol was proposed in [12]. To add authentication, the STS protocol requires both the parties to have a pair of public keys for signature generation and verification, and to know a publicly released symmetric key encryption. In contrast, note that the Diffie-Hellman protocol does not have these assumptions. These assumptions can be included into the protocol by sending public key certificates if the keys are not known in advance. In the STS protocol, STS protocol uses signatures to authenticate the communicating parties. It encrypts the signatures with the session key subsequently to show the knowledge of this session key. However, signatures and certificates cause the messages to increase considerably in size. The goal of an authentication protocol is to provide the communicating parties with some assurance that they know each others true identities. In an authenticated key exchange, there is the additional goal that the two parties end up sharing a common key known only to them. This secret key can then be used for some time thereafter to provide privacy, data integrity, or both. In this paper, we discuss the security of public-key based authentication protocols, with and without an associated key exchange. We restrict our attention to two-party mutual authentication, rather than multi-party and one-way authentication protocols. We assume that individual underlying cryptographic mechanisms are not vulnerable, and restrict our attention to attacks on protocols themselves. An enemy (attacker, intruder, adversary) can see all exchanged messages, can delete, alter, inject, and redirect messages, can initiate communications with another party, and can reuse messages from past communications. We are concerned with both authentication and key

1. INTRODUCTION Steganography is the science of hiding selected information from a third party. Therefore, steganography in contrast with cryptography, where the existence of the message is clear, but the meaning is obscured. Steganography applications conceal information in other, seemingly innocent media. Steganographic results may masquerade as other file for data types, be concealed within various media, or even hidden in network traffic or disk space. There are many ways in which information and data can be exploited to conceal additional information. For many years Information Hiding has captured the imagination of researchers. Digital watermarking and steganography techniques are used to address digital rights management, protect information, and conceal secrets. Information hiding techniques provide an interesting challenge for digital forensic investigations. Information can easily traverse through firewalls undetected. This paper proposes a new approach to public-key

protocol providing authentication without key exchange is susceptible to an enemy who waits until the authentication is complete and then takes over one end of the communications line. Such an attack is not precluded by a key exchange that is independent of authentication. Key exchange should be linked to authentication so that a party has assurances that an exchanged key (which might be used to facilitate privacy or integrity and thus keep authenticity alive) is in fact shared with the authenticated party, and not an impostor. For these reasons, it is essential to keep key exchange in mind in the design and analysis of authentication protocols. 2. RELATED WORK 2.1 Public-key cryptography: Public-key cryptography refers to a cryptographic system requiring two separate keys, one of which is secret and one of which is public. Although different, the two parts of the key pair are mathematically linked. One key locks or encrypts the plaintext, and the other unlocks or decrypts the cyphertext. Neither key can perform both functions. One of these keys is published or public and the other is kept private. Public key cryptography uses asymmetric key algorithms be referred to by the more generic name of "asymmetric key cryptography." The algorithms used for public key cryptography are based on mathematical relationships (the most notable ones being the integer factorization and discrete logarithm problems) that have no efficient solution. Although it is computationally easy for the intended recipient to generate the public and private keys, to decrypt the message using the private key, and easy for the sender to encrypt the message using the public key, it is extremely difficult for anyone to derive the private key based on their knowledge of the public key. This is why, unlike symmetric key algorithms, a public key algorithm does not require a secure initial exchange of one, or more, secret keys between the sender and receiver. In contrast, symmetric-key algorithms, variations of which have been used for thousands of years, use a single secret key which must be shared and kept private by both sender and receiver for both encryption and decryption. To use a symmetric encryption scheme, the sender and receiver must securely share a key in advance. DiffieHellman key exchange is the most widely used public key distribution system. DiffieHellman key exchange is a specific method of exchanging cryptographic keys. It is one of the earliest practical examples of key exchange implemented within the field of cryptography. The DiffieHellman key exchange method allows two parties that have no prior knowledge of each other to jointly establish a shared secret key over an insecure communications channel. This key can then be used to encrypt subsequent communications using a symmetric key cipher. Diffie-Hellman key agreement is not based on encryption and decryption, but instead relies on mathematical functions that enable two parties to generate a shared secret key for exchanging information confidentially online.

value x and the other party chooses a secret value y . Both parties use their secret values to derive public values, g x mod p and g y mod p, and they exchange the public values. Each party then uses the other party's public value to calculate the shared secret key that is used by both parties for confidential communications. A third party cannot derive the shared secret key because they do not know either of the secret values, x or y . For example, Alice chooses secret value x and sends the public value gx mod p to Bob. Bob chooses secret value y and sends the public value g y mod p to Alice. Alice uses the value g xy mod p as her secret key for confidential communications with Bob. Bob uses the value g yx mod p as his secret key. Because g xy mod p equals g yx mod p , Alice and Bob can use their secret keys with a symmetric key algorithm to conduct confidential online communications. The use of the modulo function ensures that both parties can calculate the same secret key value, but an eavesdropper cannot. An eavesdropper can intercept the values of g and p , but because of the extremely difficult mathematical problem created by the use of a large prime number in mod p, the eavesdropper cannot feasibly calculate either secret value x or secret value y . The secret key is known only to each party and is never visible on the network.

Figure 1 DiffieHellman key exchange Algorithm

The main problem with DiffieHellman exchange is that, it does not provide authentication of the communicating parties and is thus vulnerable to a man-inthe-middle attack. A person in the middle may establish two distinct DiffieHellman key exchanges, one with Alice and the other with Bob, effectively masquerading as Alice to Bob, and vice versa, allowing the attacker to decrypt (and read or store) then re-encrypt the messages passed between them. The man-in-the-middle attack in cryptography and computer security is a form of active eavesdropping in which the attacker makes independent connections with the victims and relays messages between them, making them believe that they are talking directly to each other over a private connection, when in fact the entire conversation is controlled by the attacker. A key exchange protocol enables two parties to share a common key for encrypting a large amount of data. Authentication is an essential requirement prior to the key exchange process in order to prevent man-in-the-middle

the communicating parties with some assurance that they know each others true identities. In an authenticated key exchange, there is the additional goal that the two parties end up sharing a common key known only to them. This secret key can then be used for some time thereafter to provide privacy, data integrity, or both. A method to authenticate the communicating parties to each other is generally needed to prevent this type of attack. Variants of Diffie-Hellman, such as STS, may be used instead to avoid these types of attacks. 2.2 STS protocol: The STS protocol consists of Diffie-Hellman key establishment [Diff76], followed by an exchange of authentication signatures. In public-key cryptography, the Station-to-Station (STS) protocol is a cryptographic key agreement scheme based on classic Diffie-Hellman that provides mutual key and entity authentication. The basic idea of STS protocol is as follows. Prior to execution of the protocol, the two parties Alice and Bob each obtain a public/private key pair and a certificate for the public key. During the protocol, Alice computes a signature on certain messages, covering the public value ga mod p. Bob proceeds in a similar way. Even though Carol is still able to intercept messages between Alice and Bob, she cannot forge signatures without Alice's private key and Bob's private key. Hence, the enhanced protocol defeats the man-in-the-middle attack. Supposing all setup data has been shared, the STS protocol proceeds as follows. If a step cannot be completed, the protocol immediately stops. All exponentials are in the group specified by p. 1) Alice generates a random number x and computes and sends the exponential gx to Bob. 2) Bob generates a random number y and computes the exponential gy. 3) Bob computes the shared secret key K = (gx)y. 4) Bob concatenates the exponentials (gy, gx) (order is important), signs them using his asymmetric key B, and then encrypts them with K. He sends the cipher text along with his own exponential gy to Alice. 5) Alice computes the shared secret key K = (gy)x. 6) Alice decrypts and verifies Bob's signature. 7) Alice concatenates the exponentials (gx, gy) (order is important), signs them using her asymmetric key A, and then encrypts them with K. She sends the cipher text to Bob. 8) Bob decrypts and verifies Alice's signature. Alice and Bob are now mutually authenticated and have a shared secret. This secret, K, can then be used to encrypt further communication. The basic form of the protocol is formalized in the following three steps: (1) Alice Bob : gx (2) Alice Bob : gy, EK(SB(gy, gx)) (3) Alice Bob : EK(SA(gx, gy)) Full STS setup data can also be incorporated into the protocol itself. Public key certificates may be sent in steps 2 and 3 if the keys are not known in advance. (1) Alice Bob : gx
y y x

If system-wide key establishment parameters are not used, the initiator and responder may create and send their own parameters. In this case, parameters should be sent with the exponential. 1) Alice Bob : g, p, gx They must also be verified by Bob to prevent an active attacker from inserting weak parameters (and thus a weak key K). Diffie, van Oorschot & Wiener (1992) recommend against special checks to prevent this and instead suggest including the group parameters in Alice's certificate. In STS protocol, for just authentication is as follows. 1. 2. 3. Alice generates a random number x sends it to Bob. Bob generates a random number y. Bob concatenates the random numbers (y, x) (order is important) and signs them using his asymmetric key B. He sends the signature along with his own random number to Alice. 4. Alice verifies Bob's signature. 5. Alice concatenates the random numbers (x, y) (order is important) and signs them using her asymmetric key A. She sends the signature to Bob. 6. Bob verifies Alice's signature. Formally: (1) Alice Bob : x (2) Alice Bob : y, SB(y, x) (3) Alice Bob : SA(x, y) 2 .3 Steganography: Steganography is the art and science of hiding information into covert channels so as to conceal the information and prevent the detection of the hidden message (refer to figure2). The goal of steganography is to avoid drawing attention to the transmission of a hidden message. If suspicion is raised, then this goal is defeated. Today, steganography refers to hiding information in digital picture files and audio files. Modern steganography refers to hiding information in digital picture files and audio files. It works by replacing bits of unused data in regular digital files with bits of invisible information. To embed hidden information into an image requires two files - the cover image file that will hold the hidden data and the secret message file. A message may be plain text, cypher text (or another image). When combined, the cover image and the hidden message makes a stego image. A stego-key or password may be used to hide and decode the message. Special software is needed for steganography. In this tutorial we will look at two programs that hide text within images(refer to figure 3).

Using the Red, Green, Blue (RGB) model a stegno tool makes a copy of an image palette, say, an 8-bit image. The copy is rearranged so that colors near each other in the RGB model are near each other in the palette. The LSB of each pixels 8-bit binary number is replaced with one bit from the hidden message. A new RGB color in the copied palette is found. A new 8-bit binary number of the new RGB color in the original palette is found. The pixel is changed to the 8-bit binary number of the new RGB color. Recovering the data can be done by using stegno tool, stegno tool finds the 8-bit binary number of each pixels RGB color. The LSB of each pixel's 8-bit binary number is one bit of the hidden data file. Each LSB is then written to an output file. A simplified example with an 8-bit image pixel: (00 white Insert(0011) (00 white 00 white 11 blue 11) blue 01 red 10 green 11) blue

Figure 3: A Steganographic system

Steganographic messages may first be encrypted and then a cover message is modified to contain the encrypted message, resulting in stegno text. Only those who know the technique used can recover the message and, if required, decrypt it. The message may be a few thousand bits (often at 7 or 8 bits per text character) embedded in millions of other bits. Probably the most typical use is digital images. Digital images are commonly stored in either 24-bit or 8-bit files. If an 8-bit image is viewed as a grid and the grid is made up of cells, these cells are called pixels. Each pixel consists of an 8-bit binary number (or a single byte), and each 8-bit binary number refers to the color palette (a set of colors defined within the image). All color variations for the pixels are derived from three primary colors: red, green, and blue. Each primary color is represented by 1 byte (= 8 bits).

As can be seen from the example, with an 8-bit image, the cover image must be carefully selected since LSB manipulation is not as forgiving because of the color limitations. To hide information in the LSBs of each byte of a 24-bit image, it is possible to store 3 bits in each pixel. A simplified example with a 24-bit image pixel: (00100111 Insert(101) (00100111 red 11101000 green 11001001) blue 11101001 11001000)

Figure 4:A Graphical Version of the Steganographic System

There are many ways to hide information in digital images. We look at the following approaches : 1. least significant bit insertion 2. masking and filtering 3. algorithms and transformations Least significant bit insertion: Many stego tools make use of least significant bit (LSB). For example, 11111111 is an 8-bit binary number. The rightmost bit is called the LSB because changing it has the least effect on the value of the number. The idea is that the LSB of every byte can be replaced with little change to the overall file. The binary data of the secret message is broken up and then inserted into the LSB of each pixel in the image file.

LSB insertion works well with gray-scale images as well. It is possible to hide data in the least and second least significant bits and the human eye would still not be able to discern it.

3. PROPOSED METHOD 3.1 Public Steganography in various selected regions of an image:

The proposed method describes two steps for hiding the secret information by using the public steganography based on matching method in different regions of an image. The First step is converting the Plain text message into cipher text using Public-key Encryption algorithm.

The next step is to find the shared stego-key between the two communication parties (SENDER & RECIPIENT) over insecure A. Sender Side networks by applying STS protocol (as explained above). At the The proposed scheme uses STS Protocol to encrypt end the protocol, each side recovers his/her received public key secret information. To provide higher security the secret to reach the shared values between them, thats mean SENDER information is encrypted first and encrypted ASCII value is & RECIPIENT have arrived same sego-key value. converted in binary form. The next step in the proposed method is that the sender uses The image pixels at the same time are also converted into the secret stego-key to select pixels that it will be used to hide. binary form. The image is now used as a cover to embed Each selected pixel is then used to hide 8 bits binary information the encrypted information. This process is done by LSB depending on the matching method which is summarized in four encoder which replaces the least significant bit of pixel cases as shown by Table 2. Since the 8 bits data will be values with the encrypted information bits. The modified compared with the selected pixel's bytes, red, green & blue picture is now termed as Stego image. The whole process is values respectively to produce an array of binary values as 00, explained in Fig. 4. 01, 10, and 11. SENDER's side, starts comparing to search the equality, where, he takes data value and compare it with the value of the red color ( 7 decimal value). As shown by Table 2, case no. 1, if they are equal, then the value zero (00 binary value) is set to the array. Table 2, case no. 2, if the data value and the red value are not equivalent then the value will be compared with the green color, if they are equals ( 7 decimal value) then the array is set to be one (01 - binary value). Table 2, case no. 3, if the data value and the green value are not equivalent then the value will be compared with the blue color, if they are equals ( 7 decimal value) then the value two (10 binary value) is set to the array. Finally (refer to Table 2, case no. 4), If in case the secret data didnt equal any of the previous three conditions then the LSBs method is used to embed the data inside the selected pixel, and the value three (11 binary value) is set to the array. In this case, the data value will be distributed as follows: 1. The first three bits of the data are replaced by the three least significant bits of the red byte.
Figure 5. Proposed steganography mechanism for sender

2. The second three data bits are replaced by the three least significant bits of the green byte. 3. The last two data bits are replaced by the two least significant bits of the blue byte. Case 1 Case 2 Case 3 Case 4 If 8 bit data Red (8 bit ) If 8 bit data Green (8 bit ) If 8 bit data Blue (8 bit ) Otherwise Then Red value = 8 bit data Then Green value = 8 bit data Then Blue value = 8 bit data Use LSBs Method 00 01 10 11

B. Receiver Side Upon reception of Stego image the receiver firstly converts the pixels into their corresponding binary values. The LSB decoder then detaches the encrypted data from image pixel values. The encrypted data is decrypted using decryption algorithms that is decrypted using STS protocol. This is how, the plain text is recovered from image. Fig. 5 shows the whole process at the receiver side.

TABLE 2: THE FOUR MAIN CASES IN THE PROPOSED PUBLIC-KEY STEGO

3.2 Problems and Possible solutions Having stated that LSB insertion is good for steganography, we can try to improve one of its major drawbacks: the ease of extraction. We don't want that a malicious attacker be able to read everything we are sending. This is usually accomplished with two complementary techniques:

internet is rapidly growing because it is so easier as well as faster to transfer the data to destination. So, many individuals Randomizing the placement of the bits using a and business people use to transfer business documents, cryptographical random function (scattering), so important information using internet. Security and authentication that it's almost impossible to rebuild the message are an important issue while transferring the data using internet without knowing the seed for the random because any unauthorized individual can hack the data and make function. it useless or obtain information un-intended to him. The proposed approach in this paper uses a steganographic approach In this way, the message is protected by two different called image steganography which provides security and STS keys, acquiring much more confidentiality than before. This protocol that provides authentication. The major limitation of the approach protects also the integrity of the message, being application it is vulnerable to quantum attacks. much more difficult (we could say at least computationally infeasible) to counterfeit the message. ACKNOWLEDGMENTS must also decrypt it before it makes sense Second, there is a problem with the file size that involves I thank all the staff members of A.S.R college of engineering the choice of the format. Unusually big files exchanged for their support. I would also like to thank my family and between two peers, in fact, are likely to arise suspicion. friends who encouraged me in doing this work. Since we need to have small image file sizes, we should REFERENCES resort in using 24-bit images, because their size is more [1] Johnson, N.F. & Jajodia, S., Exploring Steganography: Seeing the Unseen, likely to be considered as normal.
Computer Journal, February 1998 [2] Ramakrishna Mathe et al, / (IJCSIT) International Journal of Computer Science and Information Technologies, Vol. 3 (3) , 2012,4251 4255. [3] Cryptography and Network Security Principles and Practices, 4th edition by William Stallings. [4] Diffie, W., Van Oorschot, P.C., Wiener, M.J. 1992. Authentication and authenticated key exchanges. Des. Codes Cryptography 2(2), 107-125. [5] Razieh Mokhtarnameh, Nithiapidary Muthuvelu, Ian Chai , Sin Ban Ho In International Journal of Computer Applications (0975 8887) , pages(511) Volume 7 No.5, September 2010.

FIGURE 4: THE RESULT OF EMBEDDING THE TEXT WITH S-TOOLS

4. RESULTS AND DISCUSSION We implemented the public-key steganography based on matching method in different selected regions of an image to show the performance of the proposed method. In our implementation, we used 600400 bitmap image file to hide 5 KB text data. As discussed earlier, both of the two communication parties should find the secret key (stegokey) first by applying Diffie-Hellman public-key exchange protocol to perform high level of security. As in Table 2, the 8 bits data will be hidden inside 1 pixel, hence the 600x400, 24 bit image file can accept approximately 240000 bytes of data. This is compared with well known stego method such as LSBs (Johnson et al., 1998) which needs 3 pixels to hide 1 byte of data. We can also adjust the bit-rate at which we can hide the data in the selected region. Nevertheless, the proposed steganographic protocol is more efficient than LSBs, since the algorithm used the matching method to get identical pixel's bytes However, the proposed method resorts to the LSBs method to distribute the secret data in case if the 8 bit of data is not matched with any of the previous three bytes (red, green, and blue). CONCLUSION & FUTURE WORK In the present world, the data transfers using