Ravi 2

CRYPTOGRAPHY
1.INTRODUCTION
Cryptography helps ensure data privacy, maintain data integrity, authenticate communicating
parties, and prevent repudiation (when a party refutes having sent a message).
Basic encryption allows to store information or to communicate with other parties while
preventing non-involved parties from understanding the stored information or understanding the
communication. Encryption transforms understandable text (plaintext) into an unintelligible
piece of data (cipher text). Decryption restores the understandable text from the unintelligible
data. Both functions involve a mathematical formula (the algorithm) and secret data (the key).
Cryptographic Operations
Different cryptographic operations may use one or more algorithms. You choose the
cryptographic operation and algorithm(s) depending on your purpose. For example, for the
purpose of ensuring data integrity, you might want to use a MAC (message authentication code)
operation with the AES algorithm.
Data privacy
Cryptographic operations for the purpose of data privacy (confidentiality) prevent an
unauthorized person from reading a message. The following operations are included in data
privacy:
Encrypt and Decrypt
The encrypt operation changes plaintext data into cipher text through the use of a cipher
algorithm and key. To restore the plaintext data, the decrypt operation must employ the same
algorithm and key. Encryption and decryption may be employed at any level of the operating
system. There are three levels:
Page 1
1. Field level encryption
With field level encryption, the user application explicitly requests cryptographic
services. The user application completely controls key generation, selection, distribution,
and what data to encrypt.
2. Session level encryption
With encryption at the session layer, the system requests cryptographic services
instead of an application. The application may or may not be aware that encryption is
happening.
3. Link level encryption
Link level encryption is performed at the lowest level of the protocol stack,
usually by specialized hardware.
Data integrity, authenticity, and non-repudiation

Encrypted data does not mean the data cannot be manipulated (e.g. repeated, deleted, or even
altered). To rely on data, you need to know that it comes from an authorized source and is
unchanged.
Visual Cryptography
Visual cryptography, introduced by Naor and Shamir in 1995, is a new cryptographic
scheme where the cipher text is decoded by the human visual system. Hence, there is no need to
any complex cryptographic computation for decryption. The idea is to hide a secret message
(text, handwriting, picture, etc…) in different images called shares or cover images. When the
shares (transparencies) are stacked together in order to align the sub pixels, the secret message
can be recovered. The simplest case is the 2 out of 2 scheme where the
secret message is hidden in 2 shares, both needed for a successful decryption. This can be further
extended to the k out of n scheme where a secret message is encrypted into n shares but only k
shares are needed for decryption where k<=n. If k-1 shares are presented, this will give no
information about the secret message. Naor and Shamir applied this idea on black and white
images only.
Page 2
Few years later, Verheul and Tilborg developed a scheme that can be applied on colored
images. The inconvenient with these new schemes is that they use meaningless shares to hide the
secret and the quality of the recovered plaintext is bad.
More advanced schemes based on visual cryptography were introduced where a colored
image is hidden into multiple meaningful cover images. Changetal.introduced in 2000 a new
colored secret sharing and hiding scheme based on Visual Cryptography schemes (VCS) where
the traditional stacking operation of subpixels and rows interrelations is modified. This new
technique does not require transparencies stacking and hence, it is more convenient to use in real
applications. However, it requires the use and storage of a Color Index Table (CIT), in order to
losselessly recover the secret image. CIT requires space for storage and time to lookup the table.
Also, if number of colors c increases in the secret image, CIT becomes bigger and the pixel
expansion factor becomes significant which results in severe loss of resolution in the camouflage
images.
Chang and Yu introduced a advanced scheme for hiding a colored image into multiple
images that does not require a CIT. This technique achieves a lossless recovery of the secret
image. This paper introduces an improved scheme based on Chang’s technique in order to
achieve the secret image lossless and with slight increase in the computational complexity of the
algorithm.
Page 3
2. ANALYSIS
The analysis is the process of understanding the system at a greater depth,
identifying the missing functions with an intention to improve it through better methods and
procedures. The Requirement analysis is done in order to understand the problem, the
Software system is to solve. Requirements analysis is on identifying what is needed from the
system, not how the system will achieve its goals. The goal of
requirements specification phase is to produce the software requirements specification
document. The person responsible for the requirements analysis is often called the
analyst.
In this phase we study the system and observe the problem of existing
system and think how to cover the problems (problem analysis). There are three major
activities in this phase are Problem analysis, Feasibility study and Software requirement
specifications. The requirement document must specify all the functional and Performance
requirements, the formats of inputs and outputs and all design constraints that exist due to
political, economic, environment and security reasons.
The phase ends with validation of the requrements specified in the

document. Validation is often done through “requirement review “, in which a group of
people including representatives of the client critically reviews the requirement
specifications.
2.1 PROBLEM ANALYSIS

System analysis is the process of gathering and interpreting facts,
diagnosing problems and using the information to recommend improvements to the system.
Only after the systems analysis we can begin to determine how and where a computer
information system can benefit all the users of the system. This accumulation of the system
is called a system study. In this phase we analyze the problem to get a clear understanding of
the problem. We study the existing system and observe the problems present in it, and then
Page 4
try to recover from them. The system that we are developing should overcome all the
problems.
This current system is any application that uses the modern encryption
technique. There are many traditional encryption techniques for securing the data. The
problem with the earlier traditional technique is that we have lot of computation to be done.
To keep out data secure we use large numbers and more number of computations to confuse
the eavesdropper or the cryptanalyst. Though we are providing security with this kind of
approach we are burdening our self with lots of calculations.
2.2 FEASIBILITY STUDY

The feasibility study is to determine whether the system requested
is feasible or not. This is to identify the objectives of a new system. Before solving a problem
one must know what the problem is. This phase starts as soon as a user or a member of a
particular department recognizes a problem and initiates a request to computerize the
existing manual system or to modify the current computerized system.
The study is carried out by a small group of people who are familiar
with systems analysis and design process. Fact-finding techniques are used to gather the
required information.
The major purposes of this study are given below:
• Identify the responsible user and to develop an initial scope of the system. This may
involve conducting a series of interviews to see which users are involved in and
which users are affected by the proposed project.
• Identify the current deficiencies in the user’s environment. This involves preparing a
list of functions that are missing or operating unacceptably in the existing system.
• Determine objectives for the new system. This involves preparing a list of existing
functions, which are to be reimplemented and new functions that are to be added.
• Determine whether it is feasible to automate the system. This will involves some
approximate estimates of the schedule and cost to build a new system.
Page 5
Three key considerations are involved in the feasibility analysis:
1.Economic Feasibility
Economic analysis is the most frequently used method for
evaluating the effectiveness of a candidate system. More commonly known as cost/benefit
analysis, the procedure is to determine the benefits and savings that are expected from a
candidate system and compare them with costs. If benefits out weigh costs, then the decision
is made to design and implement the system. Otherwise, further justification or alterations in
the proposed system will have to be made if it is to have a chance of being approved. This is
an ongoing effort that improves in accuracy at each phase of the system life cycle.
The current project is economically feasible because the organization, which is sponsoring to
develop this system, has enough funds and they are ready to release the funds required by the
development team and also the developers could be economically justified for their work.
2. Technical Feasibility
Technical feasibility centers on the existing computer system (hardware,
software, etc.) and to what extent it can support the proposed addition. This involves
financial considerations to accommodate technical enhancements. If the budget is a serious
constraint, then the project is judged not feasible. The present project is
considered to the technically feasible as the technical requirements, which could be satisfied
very easily. We have the enough technological aspects to implement the above problem.
Hence the project is technically feasible.
3.Operational Feasibility
Proposed projects are beneficial only if they can be tuned into
information systems that will meet the organization’s operating requirements. Simply stated,
this test of feasibility asks if the system will work when it is developed and installed. Are
there major barriers to implementation?
Here are questions that will help test the operational feasibility of a project:
 Is there sufficient support for the project from management? From users? If the
current system is well liked and used to the extent that persons will not be able to see
reasons for change, there may be resistance.
Page 6
 Are the current business methods acceptable to the users? If they are not, users may
welcome a change that will bring about a more operational and useful systems.
 Have the users been involved in the planning and development of the project? Early
involvement reduces the chances of resistance to the system and in general and
increases the likelihood of successful projects.
 Will the proposed system cause harm? Will it produce poorer results in any respect
or area? Will loss of control results in any area? Will accessibility of information be
lost? Will individual performance be poorer after implementation than before? Will
customers be affected in an undesirable way? Will the system slow performance in
any area?
Issues that appear to be relatively minor in the beginning have ways of growing
into major problems after implementation. Therefore, all operational aspects must be
considered carefully.We can say after studying the proposed system that the project looks
operationally feasible, as there is good support from management and the user’s involvement
in planning and development is appreciable.
Page 7
3.SOFTWARE REQUIREMENT SPECIFICATION
Software requirement specification (SRS) is the starting point of the

software development activity.The SRS means translating the ideas in the minds of the
clients (the input), into a formal document (the output of the requirements phase). Thus the
output of the phase is a set of formally specified requirements, which hopefully are
complete and consistent, while the input has none of these properties.“A procedure for
identifying requirements can there for be at best set of guidelines”.
The requirements specification phase consists of two basic activities.
 Problem or requirement analysis
 Requirement specification
The requirement specification phase terminates with the production of the

validation software requirement specification document.
Role of SRS
Thus there are three major parties interested in a new system – the client,
the users, the developer.
Page 8
There is a communication gap between these people. A basic purpose of
SRS is to bridge this communication gap. SRS is the medium through which the client and
user needs are accurately specified; indeed SRS forms the basis of software development.An
important purpose of the process of developing an SRS is helping the clients to understand
their own needs.
1.A good SRS provides many benefits. Some of the goals it accomplishes are:
2.Establishing the basis for agreement between the client and supplier on what the software
product will be reducing the development cost.
3.The preparation of the SRS forces rigorous specification of the requirements before the
design begins. Careful development of an SRS can reveal omissions, inconsistencies and
misunderstanding early in the development cycle, which can considerably reduce cost.
4.Providing a reference for validation of the final product .The SRS assists in determining if
the software meets the requirements.
Hardware Requirements:
To run our system the minimum hardware we need is
Processor : Pentium III
RAM : 128 MB / 256 MB (Recommended)
Hard disk : 20 GB
Monitor : 15 “ / User choice
Resolution : 800*600 pixels
Key board : Standard QWERTY 104 keys / or any
CD Drive : 52x CDROM
Floppy Drive : 1.44”
Printer : Laser jet
Mouse : Any standard Mouse
Software Requirements:
The software requirements required to run this application are:
Page 9
Operating System : Win 9x/ XP
Programming Tool : Java 1.4.2
4.DESIGN
Design is the first step in the development phase for any techniques and principles for the
purpose of defining a device, a process or system in sufficient detail to permit its physical
realization.
Once the software requirements have been realized, analyzed and specified the software
design involves three technical activities design, coding, generation and testing that are required
to build and verify the software.
The design activities are of main importance in this phase, because in this activity,
decisions ultimately affecting the success of software implementation and its ease of
maintenance are made. These decisions have the final bearing upon reliability and
maintainability of the system.
4.1 System Design
UML Description
The Unified Modeling Language (UML) is a standard language for specifying,

visualizing, constructing, and documenting the artifacts of software systems, as well as for
business modeling and other non-software systems. The UML represents a collection of best
engineering practices that have proven successful in the modeling of large and complex
systems. The UML is a very important part of developing object oriented software and the
software development process. The UML uses mostly graphical notations to express the design
of software projects. Using the UML helps project teams communicate, explore potential
designs, and validate the architectural design of the software.
Building Blocks of the UML:
The vocabulary of the UML encompasses three kinds of building blocks:
Page 10
1. Things
2. Relationships
3. Diagrams
There are three classifications of UML diagrams:
 Behavior diagrams. A type of diagram that depicts behavioral features of a system or

business process. This includes activity, state machine, and use case diagrams as well as
the four interaction diagrams.
 Interaction diagrams. A subset of behavior diagrams which emphasize object
interactions. This includes communication, interaction overview, sequence, and timing
diagrams.
 Structure diagrams. A type of diagram that depicts the elements of a specification that
are irrespective of time. This includes class, composite structure, component,
deployment, object, and package diagrams.
System Architecture:
Finding sub systems during system design has many similarities to finding
objects during analysis. System decomposition is constantly revised whenever new issues
are addressed. The initial sub system decomposition should be delivered from the
functional requirements.A starting point is to take the use cases and assign the
participating objects that have been identified in each of them to the sub systems.
As the complexity of systems increases, the specification of the system

decomposition is critical. Moreover, subsystem decomposition is constantly revised
whenever new issues are addressed. Subsystems are merged into alone subsystem, a
complex subsystem is split into parts, and some subsystems are added to take care of new
functionality. The first iterations over the subsystem decomposition can introduce drastic
changes in the system design model. These are often best handled through brainstorming
sessions.Here, the sender is the active participant through out the process. The receiver is
the passive participant as he comes in to the picture only if the sender sends an secret
Page 11
image. The sender encrypt the secret image in the cover images and send it to the
receiver. Every time, the secret image is encrypted in the cover images.

: Sender
Initiate Key :Receiver
Generation,Enc
 rypt Decrypt
Subsystem Services:
A subsystem is characterized by the services it provides to other subsystem. A service is

a set of related operations that share a common purpose.
The set of operations of a sub system that are available to other subsystems form the
“subsystem interface”. Subsystem Interface includes the name of the operations, their
parameters, their types and their return values.
The following are the subsystem services provided in our application:
1.Image passing to Receiver: This sub-system does the job of passing cover images to
the receiver. As it has to offer security, it does not output the secret image that it takes from
sender to receiver. It computes the final values and finally shows the end result of the
computation. This subsystem service forms the backbone of the project.
Page 12
2.Embedding the secret image in to the cover images: This sub-system takes care of
splitting the secret image in to two parts and embedding the two parts of the secret image
into the cover images
Boundary Conditions:
During this activity we review the design decisions we made so far and identify
additional conditions i.e., how the system is started, initialized, shutdown and how to deal with
major failures such as image corruption.
Configure: For each persistent object, we examine in which use cases it is created or
destroyed. We determine whether the encrypting is being done in the standard format of any
other method.
Start up and Shutdown: For each component we add three use cases to start, shutdown and
configure the component.
Exception Handling: For each type of component failure we decide how the system should
react. In general exception is an event or error that occurs during the execution of the system.
Exceptions are caused by different sources.
Hardware Failure: Hardware ages and fails. For example, failure of the network link, can
damage the security of the images being transferred.
Uml diagrams
CLASS DIAGRAM
Page 13
registeredTrialV
ersion EA7.0UnregisteredTrialV
ersion EA7.0Unregistere
registeredTrialV
classClassModel
registeredTrialV
master
registeredTrialV
ersion EA7
+
+
.0UnregisteredTrialV
decrypt(): void
encrypt(): void
+ receive(): void
+ s
end(): void
registeredTrialV
registeredTrialV
registeredTrialV
registeredTrialV
ersion encrpty
EA7.0UnregisteredTrialV
ersion decry
p t
EA7.0Unregistere
- key: int - key: int
registeredTrialV
ersion- port_no: int EA7.0UnregisteredTrialV
ersion - port_no: int EA7.0Unregistere
+ brow se_im age(): void + decrypt(): void
registeredTrialV
ersion+ priview(): void EA7.0UnregisteredTrialV
ersion + view (): void EA7.0Unregistere
registeredTrialV
registeredTrialV
USECASE DIAGRAM
EA7.0UnregisteredTrial Version EA7.0UnregisteredTrial Version EA7.0UnregisteredTrial Ver
registeredTrialV
EA7.0uUn
cC rse
la sg
Miste
odel redTrial Version EA7.0UnregisteredTrial Version EA7.0UnregisteredTrial Ver
registeredTrialV
browsestheim age
registeredTria
EAlVerU
7.0sio
nrn
egisteredTrial Version EA7.0U
En
Are
7gis
.0Ute
nrre
ed
gisTrria
te edlT
Verls
ria io
Ven
rsion
toencrypt
E
EA7.0UA
n 7
reg.0
is U
te n
redrT
egis
rialte
Verre
registeredTria
EAlVerU
7.0sio
nrn
En
Are
7gis
.0Ute
nrre
ed
gisTrria
te edlT
Verls
ria io
Ven
rsion E
EA7.0UA
n 7
reg.0
is U
te n
redrT
egis
rialte
Verre
providesthe keyandport
num bertoencrypt
registe EA
redTria 7.0
lVerUnrn
sioegisteredTrial Version EA7.s0 U EA 7g
.0U nrregisT
te
rria
edlTria
erlsVersion EA7.0UnregisteredrTrialte
Verre
ender nre iste ed V ion EA 7.0 U n egis
registeredTrialV
ersion sendstheencrypted EA7.0Unregistere
m essage
registeredTrialV
registeredTrialV
master
registeredTria
EAlVerU
7.0sio
nrn
En
Are
7gis
.0Ute
nrre
ed
gisTrria
te edlT
Verls
ria io
Ven
rsion
provides theport
num berandkey E
EA7.0UA
n 7
reg.0
is U
te n
redrT
egis
rialte
Verre
registe EA
redTria 7.0
lVerUnrn
sioegisteredTrial Version EA7 E
.0UA
n 7g
re.0U
is nrre
te eg
disT
te
rria
edlT
Vria
erlsVe
iorsion
n EA7.0U
En
Areg
7is
.0te
Ure
ndrT
eria
gislte
Verre
decrypts thedata
EA7.0UnregisteredTrial Version EA7.0UnregisteredTrial Version received
EA7.0UnregisteredTrial Ver
registeredTrialV
receiver
registeredTrialV
ersion viewsthe received
image
EA7.0Unregistere
registeredTrialV
registeredTria
EAlVerU
7.0sio
nrn
En
Are
7gis
.0Ute
nrre
ed
gisTrria
te edlT
Verls
ria io
Ven
rsion E
EA7.0UA
n 7
reg.0
is U
te n
redrT
egis
rialte
Verre
registe EA
redTrialVeSEQUENCE
7.0
rUnrn
sio DIAGRAM
egisteredTrial Version EA7 E
.0UA
n 7g
re.0U
is nrre
te eg
disT
te
rria
edlT
Vria
erlsVe
iorsion
n EA7.0U
En
Areg
7is
.0te
Ure
ndrT
eria
gislte
Verre
registeredTrialV
registeredTrialV
registeredTrialV
registeredTrialVerU
sio
Page 14
EA 7.0 nrn
En
Are
7gis
.0Ute
nrre
ed
gisTrria
te edlT
Verls
ria io
Ven
rsion E
EA7.0UA
n 7
reg.0
is U
te n
redrT
egis
rialte
Verre
registeredTria
EAlVerU
7.0sio
nrn
En
Are
7gis
.0Ute
nrre
ed
gisTrria
te edlT
Verls
ria io
Ven
rsion E
EA7.0UA
n 7
reg.0
is U
te n
redrT
egis
rialte
Verre
EA 7.0 Unregistered
sd Class Model Trial Version EA 7.0 Unregistered Trial Version EA 7.0 Unregistered Trial Ve
EA 7.0 Unregistered Trial Version EA 7.0 Unregistered

sender
Trial Versionreceiver
EA 7.0 Unregistered Trial Ve
master
EA 7.0 Unregistered Trial Version EA 7.0 Unregistered Trial Version EA 7.0 Unregistered Trial Ve
encrypts the image()
provides the key and port number()
sends the encrypted image to the receiver()
EA 7.0 Unregistered Trial Version EA 7.0 Unregistered

views the Trial
incryptedVersion
image() EA 7.0 Unregistered Trial Ve
receives the encrypted image()
decrypts the encrypted image by giving the key()

ACTIVITY DIAGRAM
Tria
lVe
rsio
n actC
lassMo
del E
A7.0Un
reg
iste
redTria
lVe
rsio
n E
A7.0Un
reg
iste
redTria
lVe
rsio
n
Tria
lVEA
e
rsio
n 7.0 Unregistered Trial Version
EA7 .0UEA
n
reg
is7.0
tere
dTUnregistered
ria
lVe
rsio
n Trial Version EA 7.0EA
s
tart
Unregistered
7.0Un
reg
iste
redTriTrial
alVers Ve
io
n
Tria
lVe
rsio
n E
A7.0Un
reg
iste
redTria
lVe
rsio
n E
A7.0Un
reg
iste
redTria
lVe
rsio
n
m
aster
Tria
lVe
rsio
n E
A7.0Un
reg
iste
redTria
lVe
rsio
n E
A7.0Un
reg
iste
redTria
lVe
rsio
n
Tria
lVEA
e
rsio
EA7 .0UEA
n
reg
is7.0
tere
dTUnregistered
ria
lVe
rsio
Unregistered
7.0Un
reg
iste
redTriTrial
alVers Ve
io
n
Tria
lVe
rsio
n send
e rbro
w s esfo
rthe
E
A7.0Un
reg
iste
redTria
lVe
rsio
n E
A7.0Un
reg
iste
redTria
lVe
rsio
n
e
im
n
c
ag
ry
eth
pte
atistob
dands e
e
nt
receiverp
p
ro
o
vid
rtnu
e
m
sth
be
eke
rtod
e
ya
c
n
ry
p
d
t
Tria
lVe
rsio
n E
A7.0Un
reg
iste
redTria
lVe
rsio
n E
A7.0Un
reg
iste
redTria
lVe
rsio
n
Tria
lVEA
e
rsio
EA7 .0UEA
n
reg
is7.0
tere
dTUnregistered
ria
lVe
rsio
Unregistered
7.0Un
reg
iste
redTriTrial
alVers Ve
io
n
send
erprovidesthekey
d
ecry
ptsth
eim
age
Tria
lVe
rsio
n an
e
dp
nc
o
rtn
ryp
u
tth
mbe
eim
rto
age
E
A7.0Un
reg
iste
redTria
lVe
rsio
n E
A7.0Un
reg
iste
redTria
lVe
rsio
n
Tria
lV
EA 7.0 Unregistered Trial Version
e
rsio
n EA7 .0U
EA
n
reg
is
7.0
te
re
Unregistered
dTria
lVe
rsio
n
Trial Version EA 7.0EA
Unregistered
7.0Un
reg
iste
redT
Trial
ria
lVers
Ve
io
n
Tria
lVe
rsio
n EA7 .0Un
reg
iste
redTria
lVe
rsio
n
EA 7.0 Unregistered Trial Version
enc
afte
ry
s
p
e
rth
te
n
dth
d
EA
eim
es
sth
a
e
g
n
eim
d
a
7.0
eis
e
g
r
e
Unregistered Trial Version EA 7.0EA7.0Un
reg
iste
re
UnregistereddTria
lVers
Trial io
n
Ve
viewsth
edecryp
te
ima
d
ge
Tria
lVe
rsio
n E
A7.0Un
reg
iste
redTria
lVe
rsio
n E
A7.0Un
reg
iste
redTria
lVe
rsio
n
Tria
lVEA
e
rsio
EA7 .0UEA
n
reg
is7.0
tere
dTUnregistered
ria
lVe
rsio
Unregistered
7.0Un
reg
iste
redTriTrial
alVers Ve
io
n
Tria
lVe
rsio
n E
A7.0Un
reg
iste
redTria
lVe
rsio
n E
A7.0Un
reg
iste
redTria
lVe
rsio
n
s
top
Tria
lVe
rsio
n E
A7.0Un
reg
iste
redTria
lVe
rsio
n E
A7.0Un
reg
iste
redTria
lVe
rsio
n
Tria
lVEA
e
rsio
EA7 .0UEA
n
reg
is7.0
tere
dTUnregistered
ria
lVe
rsio
Unregistered
7.0Un
reg
iste
redTriTrial
alVers Ve
io
n
Tria
lVe
rsio
n E
A7.0Un
reg
iste
redTria
lVe
rsio
n E
A7.0Un
reg
iste
redTria
lVe
rsio
n
4.2 Object
EA 7.0 Unregistered Design
Trial Version EA 7.0 Unregistered Trial Version EA 7.0 Unregistered Trial Ve
Tria
lVe
rsio
n E
A7.0Un
reg
iste
redTria
lVe
rsio
n E
A7.0Un
reg
iste
redTria
lVe
rsio
n
Tria
lVEA
e
rsio
EA7 .0UEA
n
reg
is7.0
tere
dTUnregistered
ria
lVe
rsio
n Trial Version EA 7.0EAPage
7.0Un
re15
Unregistered
g
iste
redTriTrial
alVers Ve
io
n
Tria
lVe
rsio
n E
A7.0Un
reg
iste
redTria
lVe
rsio
n E
A7.0Un
reg
iste
redTria
lVe
rsio
n
Tria
lVe
rsio
n E
A7.0Un
reg
iste
redTria
lVe
rsio
n E
A7.0Un
reg
iste
redTria
lVe
rsio
n
4.2.1 Object Specification
The system design model focuses on the subsystem decomposition
and global system decision such as hardware/software mapping, persistent
storage or access control. We identify to level subsystems and define them
in terms of the services they provide.
Specification activities during object design includes
a. Identifying missing attributes and operations

b. Specifying type, signature and visibility.
c. Specifying constraints.
d. Specifying Exceptions
Attributes and Operations:
a. Attributes: In this, we can identify attributes of the operation.

b. Operation: Operation is a property of the objects.
c. Attributes:
Attributes represent the properties of individual objects; only the
attributes relevant to the system should be considered.
5.2.1.1 Type, Signature and Visibility
The type of an attribute specifies the range of values the attribute
can take and the operations that can be applied to the attribute.
Given an operation, the tuple mode out of the types of its parameters
and the type of the return value is called the signature of the operation.
The Visibility of an attribute or an operation specifies whether other
classes can use it or not.
UML defines three levels of visibility:
Private : A private attribute can be accessed only by the
Page 16
class, which it is defined.
Protected : A protected attribute or operation can be accessed
by the class in which it is defied and on any
descendant of the class
Public : A public attribute or oration can be accessed
by
any class.
Visibility : Here variables are private and functions are public.
4.3 Constraints
Constraints:
We attach constraints to classes and operations to more precisely
specify their behavior and boundary cases. The following are the
constraints in the application:
1) The user should enter the image for encryption in a Unicode format.
2) Fields must not contain null values.
3) The message should be padded to multiples of 2048 bits or 1024 bits.
Invariants:
These represent conditions on the attributes of a class that are
always true.
The invariants in our application are:
1. The image should not be blank
2. Both the cover images should be of the same side.
3. The secret image should be one-third the size of cover images.
Preconditions:
A precondition is a predicate that must be true before an operation is
invoked. Preconditions are associated with a specific operation.
Preconditions are used to specify constraints that a caller must meet before
calling an operation.
1. Both the users should all be online during the generation of keys.
Page 17
2.The sender must have the knowledge of the receivers IPaddress
Post conditions:
A post condition is a predicate that must be true after an operation is
invoked. Post conditions are associated with a specific operation. Post
conditions are used to specify constraints that the object must ensure after
the invocation of predation.
1. The secret image is to be saved by the corresponding receiver.
2. The receiver and Sender should be acknowledged after the process
is completed.
4.4 Exceptions
Exceptional conditions are usually associated with the violation of
preconditions. Exceptions can be found systematically by examining each
parameter of the operation and by examining the status in which the
operation may be invoked. Here, we specify constraints that the caller needs
to satisfy before invoking an operation.
a. When specified ip address of a sender node is not available on the
network, then necessary action is to be performed.
b. If image passing between receivers fails due to some socket
exceptions, they need to be handled.
c. If network connections fail in the middle of the sending process, then
the sending process needs to be re-started.
d. When handling strings and converting them to BigInteger, we need to
take care of the necessary type casting between objects.
Associations
* send *
Sender Receiver
Many senders send the images at the same time.
1 Encrypt *
Sender images
*
Sender Encrypt the Images
Page 18
1 Can Serve *
Sender Receiver
Sender can serve the images of receiver at the same time.
5.Algorithms
This proposed algorithm is a improvement of Chang’s et al algorithm, a new secret color

image sharing scheme based on visual cryptography which was proposed in 2002. The proposed
approach uses meaningful shares (cover images) to hide the colored secret image, which is split
in to two parts one with even number of locations and the other with odd number of locations
and treated with both the cover images to reduce the threat of vulnerability. The recovery
process is loss less. The scheme defines a new stacking operation (XOR) and requires a
sequence of random bits to be generated for each pixel.
Method description
Assume that a gray image (H) with 256 colors which is the secret image to be hidden.
Each color can be represented as an 8-bit binary vector. This image is split into 2 sub images,
where the first sub image consists of all the pixel values with even number locations of the
image H and the other sub image with odd number of locations of H. The main idea is to hide the
two sub images into the two original (cover) images and thus we obtain 4 camouflage images.
Here we expand each pixel into m sub pixels and embed them into n shares. This scheme uses
m=9 as an expansion factor. The resulting structure of a pixel can be represented by an nx9
Boolean matrix S=[Sij] where (1≤i ≤n, 1≤j≤9) and Sij =1, if and only if, the jth subpixel in the
ith share has a non-white color. To recover the color of the original secret pixel, an “XOR”
operation on the stacked rows of the n shares is performed
Hiding Algorithm
For a 2 out of 2 scheme, the construction can be described by a collection of 2x9 Boolean
matrices C. If a pixel with color k=(k1k2…k8)2 needs to be shared, a dealer randomly picks an
Page 19
integer r between 1 and 9 inclusively as well as one matrix in C. The construction is considered
valid if the following conditions are satisfied:
Ki=S1j ⊕S2j
Where Ki=S1j ⊕S2j and j= i if i<= r
i+1 if i>r
Note that the number of 1’s in the first row of S must exceed the number of 0’s by one.
Steps of the Algorithm
 Take a colored secret image Hmn of size mxn and choose any two arbitrary cover images
C1mn and C2mn of size mxn.
 Split Hmn into two subimages He and Ho where He consists of all pixel values in the even
positions of the secret image and Ho consists of all pixel values in the odd positions of the
secret image.
 Scan through He and Ho and convert each pixel Heij and Hoij to an 8-bits binary string
denoted as k= (k1k2…k8) 2
 Select a random integer rp, where 1 <=rp<=9 for each pixel Heij and Hoij
 According to rp and k for each pixel, construct S to satisfy equation 1.
 Scan through C1 for each pixel of color kp1 of He and Ho, arrange the row “i” in S as a 3x3
block Bp1 for He and Bp2 for Ho and fill the subpixels valued ‘i’ with the color kp1.
 Do the same for C2 and construct Bp3 and Bp4.The resulting blocks Bp1,Bp2,Bp3,Bp4 are
the subpixels of the pth pixel after the expansion.
 After processing all the pixels in Heij and Hoij four camouflage colored images of C1 , C2 ,
C3 and C4 are generated.In order to losselessly recover Hmn, both C 1 and C2 as well as a
sequence of randombits R={r1,r2,…..,r|I}| are needed.
Page 20
Recovering Algorithm
In order to recover the secret image in a 2 out of 2 scheme, 4 camouflage images C 1 , C2 , C3 and
C4 as well as the string of random bits R are required for the recovery process. The camouflage
images are t times bigger than Hmn due to the expansion factor of subpixels
Steps of the Algorithm

 Extract the first two 3x3 blocks Vr1,Vr2 and Vr3,Vr4 from four camouflage images C1’, C2 ,
C3 and C4, respectively.
 Rearrange Vr1,Vr2 and Vr3,Vr4 in a 2x9 matrix format Sr.
 Select the first random bit rp corresponding to the first encrypted pixel
Input Sr and rp to the F(.,.) function corresponding to equation 1.
 Recover kp, the first pixel in Heij and kq the first pixel of Hoij
 Repeat for all 3x3 blocks in C1 , C2 , C3 and C4 Add the C1 , C2 , C3 and C4
 Add Vr1 and Vr2 to get the final Secret image H
figures
Page 21
Fig 1: Secret Sharing algorithm flowchart
Fig 2: Secret Sharing recovering algorithm flowchart
6.System Testing and Implementation

Testing is the major quality control measure employed for software development.
Page 22
Its basic function is to detect errors in the software. During requirement analysis and
design, the output is document that is usually textual and non-textual. After the coding phase,
computer programs are available that can be executed for testing purpose. This implies that
testing has to uncover errors introduced during coding phases. Thus, the goal of testing is to
cover requirement, design, or coding errors in the program. The starting point of testing is unit
testing. In this a module is tested separately and often performed by the programmer himself
simultaneously while coding the module.
The purpose is to exercise the different parts of the module code to detect coding errors.
After this the modules are gradually integrated into subsystems, which are then integrated
themselves too eventually forming the entire system. During integration of module integration
testing is performed. The goal of this is to detect designing errors, while focusing the
interconnection between modules. After the system was put together, system testing is
performed. Here the system is tested against the system requirements to see if all requirements
were met and the system performs as specified by the requirements. Finally accepting testing is
performed to
demonstrate to the client for the operation of the system.
For the testing to be successful, proper selection of the test case is essential. There are
two different approaches for selecting test case. The software or the module to be tested is
treated as a black box, and the test cases are decided based on the specifications of the system or
module. For this reason, this form of testing is also called “black box testing”.
The focus here is on testing the external behavior of the system. In structural testing the
test cases are decided based on the logic of the module to be tested. A common approach here is
to achieve some type of coverage of the statements in the code. The two forms of testing are
complementary: one tests the external behavior, the other tests the internal structure. Often
structural testing is used for lower levels of testing, while functional testing is used for higher
levels.
Testing is an extremely critical and time-consuming activity. It requires proper planning
of the overall testing process. Frequently the testing process starts with the test plan. This plan
identifies all testing related activities that must be performed and specifies the schedule,
allocates the resources, and specifies guidelines for testing. The test plan specifies conditions
that should be tested; different units to be tested, and the manner in which the module will be
Page 23
integrated together. Then for different test unit, a test case specification document is produced,
which lists all the different test cases, together with the expected outputs, that will be used for
testing. During the testing of the unit the specified test cases are executed and the actual results
are compared with the expected outputs. The final output of the testing phase is the testing report
and the error report, or a set of such reports. Each test report contains a set of test cases and the
result of executing the code with the test cases. The error report describes the errors encountered
and the action taken to remove the error.
Error Messages
The term error is used in two different ways. Errors refer to the discrepancy between
computed and observed values. That is error refers to the difference between the actual output of
the software and the correct output. In this interpretation, error essentially is a measure of the
difference between the actual and the ideal. Error is also used to refer to human action that
results in the software containing a defect or a fault. This detection is quite general and
encompasses all phases. The consequence of thinking is the belief that the errors largely occur
during
programming, as it is the can see, the errors occur through the development. As we can see, the
errors occur throughout the development process. However, the cost of
connecting the errors of different phases is not the same and depends upon when the error was
detected and corrected. The cost of correcting errors in the function of where they are detected.
As one would expect the greater the delay in detecting an error after it occurs, the more
expensive it is to correct it. Suppose an error occurs during the requirement phase and it was
corrected after the coding then the cost is higher than correcting it in the requirements phase
itself. The reason for this is fairly obvious. If there was error in the requirements phase that error
will affect the design and coding also. To correct the error after coding is done require both the
design and the code to be changed there by increasing the cost of correction.
The main moral of this section is that we should attempt to detect the errors that occur in
a phase during the phase itself should not wait until testing to detect errors. This is not often
practiced. In reality, sometimes testing is the sole point where errors are detected. Besides the
cost factor, reliance on testing as a primary source for error detection and correction should be a
continuous process that is done throughout the software development. In terms of the
Page 24
development phase, what this means is that we should try to validate each phase before starting
the next.
Testing Techniques
Testing is a process, which reveals errors in the program. It is the major quality measure
employed during software development. During testing, the program is executed with a set of
conditions known as test cases and the output is evaluated to determine whether the program is
performing as expected. In order to make sure that the system does not have errors, the different
levels of testing strategies that are applied at differing phases of software development are:
Unit Testing
Unit Testing is done on individual modules as they are completed and become executable. It is
confined only to the designer's requirements.
EACH MODULE CAN BE TESTED USING THE FOLLOWING TWO

STRATEGIES:
Black Box Testing
In this strategy some test cases are generated as input conditions that fully execute all
functional requirements for the program. This testing has been uses to find errors in the
following categories:
• Incorrect or missing functions
• Interface errors
• Errors in data structure or external database access
• Performance errors
• Initialization and termination errors.
In this testing only the output is checked for correctness. The logical flow of the data is not
checked.
Page 25
White Box Testing
In this the test cases are generated on the logic of each module by drawing flow graphs of
that module and logical decisions are tested on all the cases. It has been uses to generate the test
cases in the following cases:
• Guarantee that all independent paths have been executed.
• Execute all logical decisions on their true and false sides.
• Execute all loops at their boundaries and within their operational
• Execute internal data structures to ensure their validity.
Integration Testing
Integration testing ensures that software and subsystems work together as a whole. It
tests the interface of all the modules to make sure that the modules behave properly when
integrated together.
System Testing
Involves in-house testing of the entire system before delivery to the user. Its aim is to
satisfy the user the system meets all requirements of the client's specifications.
Acceptance Testing
It is a pre-delivery testing in which entire system is tested at client's site on real world
data to find errors.
Validation Testing
The system has been tested and implemented successfully and thus ensured that all the
requirements as listed in the software requirements specification are completely fulfilled. In
case of erroneous input corresponding error messages are displayed.
Page 26
COMPILING TEST
It was a good idea to do our stress testing early on, because it gave us time to fix some of
the unexpected deadlocks and stability problems that only occurred when components were
exposed to very high transaction volumes.
EXECUTION TEST
This program was successfully loaded and executed. Because of good programming there
was no execution error.
OUTPUT TEST
The successful output screens are placed in the output screens section.
Testing is the process of finding differences between the expected behavior specified by
system models and the observed behavior of the system.
Testing process:
The testing process that is followed for each object of the system is discussed
below in detailed object wise.
1 Object Name: Sending Image

2 Test Criteria: Encrypting the original image
3 Testing Approach: Black Box Testing
TEST CASE EXECUTION AND ANALYSIS:

Test case 1:
Test case ID Test case Description Expected Result Actual Result
Go2Frame1 Browse the Hidden Image, Next screen should Next screen is
Cover Image1 and Cover be displayed displayed
Image2 and click on next
Go2Frame2 Browse the Hidden Image, Next screen should Exception arises
Cover Image1 and Cover be displayed “Size of first image
Page 27
Image2 and click on next should be one-third of
Second image”.
Test case 2:
Test case ID Test case Description Input data Expected Result Actual Result
Dest-Frame1 Enter the Key Numeric Accepts the values Accepted

Alphabets Accepts the values Accepted
Alphanumeric Accepts the values Accepted
Dest-Frame2 Enter the port Numeric Accepts the values Accepted
Number Alphabets Invalid data Rejected
Alphanumeric Invalid data Rejected
Test case 3:
Dest2-Frame1 Enter the port Numeric Accepts the values Accepted

Number Alphabets Invalid data Rejected
Dest2-Frame2 Enter the port Numeric Invalid data Rejected

Address Alphabets Accepts the values Accepted
Test case 4:
Rec2 Decryption Numeric Invalid data Rejected

Address Alphabets Accepts the values Accepted
Page 28
7.CONCLUSION
This project is on a topic that has been an active research area in the field of Network
Security and Visual Cryptography. We have taken utmost care to assure that the project meets
the requirements of the algorithm. The main aim of the project was to impart high security to
images. We chose to implement the sending of secret image securely with the help of two
algorithms called the Hiding algorithm for embedding the secret image successfully in the cover
images and Recovery algorithm for decrypting the secret image successfully from cover images.
We have developed this system keeping in view all the factors in view and provided a
walkthrough model interface. The beauty of the approach employed during the design and
coding phase is that it is very simple to understand, very transparent to the users, very robust in
protecting the security and highly reliable in terms of execution. Extra efforts have been put in to
ensure the security of the data. The security of the data has been given the topmost priority
through out the program and hence we feel that we have been successful in our aim.
8.SCOPE
• Can be implemented in all kinds of organizations whether small or large
• Needs no extra costs for implementation
• Complex cryptographic algorithms are not needed
• The threshold technique, plus resizing, returns the decoded image to its original form
i.e. removes the graying effect.
As future work, this scheme can possibly be modified reduce the noise obtained during
transformation. The recovery process of both secret images should remain loss less while
using the same expansion factor as described in this project.
Page 29
9.BIBLOGRAPHY
1. A. Shamir, How to share a secret, Commun. of the ACM, Vol. 22 (1979) pp. 612–613.
2. E.R.Verheul and H.C.A.van Tilborg.Constructions and properties of k out of n visual secret

sharing schemes. Design Codes and Cryptography, 11(2):179–196, 1997.
3. G. Ateniese, C. Blundo, A. De Santis, and D. R. Stinson, Constructions and bounds for visual
cryptography, Proc. 23rd International Colloquium on Automata, Languages, and Programming
(ICALP ’96), (1996) pp. 416–428.
4. T. Katoh and H. Imai, Some visual secret sharing schemes and their share size, Proceedings
of International Conferences on Cryptology and Information Security, (1996) PP. 41–47
5. M. Naor and A. Shamir, Visual cryptography. Advances in Cryptology EUROCRYPT ’94.

Lecture Notes in Computer Science, (950):1–12, 1995
6. C. Chang, C. Tsai, and T. Chen, A new scheme for sharing secret color images in computer
network. In the Proceedings of International Conference on Parallel and Distributed Systems,
pages 21–27, July 2000.
7. Chang, C. C. and Yu. T. X., Sharing a Secret Gray Image in Multiple Images, in the
Proceedings of International Symposium on Cyber Worlds: Theories and Practice, Tokyo, Japan,
Nov. 2002, pp.230-237.
8. AN IMPROVED VISUAL CRYPTOGRAPHY SCHEME FOR SECRET HIDING

R.Youmaran, A. Adler, A. Miri School of Information Technology and Engineering (SITE),
University of Ottawa, Ontario, Canada
Page 30

Ravi 2

Hochgeladen von

Dokumentinformationen

Originalbeschreibung:

Originaltitel

Copyright

Verfügbare Formate

Dieses Dokument teilen

Dokument teilen oder einbetten

Freigabeoptionen

Stufen Sie dieses Dokument als nützlich ein?

Sind diese Inhalte unangemessen?

Copyright:

Verfügbare Formate

Ravi 2

Hochgeladen von

Copyright:

Verfügbare Formate

CRYPTOGRAPHY

Data integrity, authenticity, and non-repudiation

The phase ends with validation of the requrements specified in the

2.1 PROBLEM ANALYSIS

2.2 FEASIBILITY STUDY

The major purposes of this study are given below:

Software requirement specification (SRS) is the starting point of the

The requirements specification phase consists of two basic activities.

 Problem or requirement analysis

The requirement specification phase terminates with the production of the

4.1 System Design

The Unified Modeling Language (UML) is a standard language for specifying,

Building Blocks of the UML:

The vocabulary of the UML encompasses three kinds of building blocks:

There are three classifications of UML diagrams:

 Behavior diagrams. A type of diagram that depicts behavioral features of a system or

As the complexity of systems increases, the specification of the system

A subsystem is characterized by the services it provides to other subsystem. A service is

The following are the subsystem services provided in our application:

EA 7.0 Unregistered Trial Version EA 7.0 Unregistered

EA 7.0 Unregistered Trial Version EA 7.0 Unregistered

decrypts the encrypted image by giving the key()

Specification activities during object design includes

a. Identifying missing attributes and operations

Attributes and Operations:

a. Attributes: In this, we can identify attributes of the operation.

Visibility : Here variables are private and functions are public.

Many senders send the images at the same time.

Sender can serve the images of receiver at the same time.

This proposed algorithm is a improvement of Chang’s et al algorithm, a new secret color

Steps of the Algorithm

 According to rp and k for each pixel, construct S to satisfy equation 1.

Steps of the Algorithm

Fig 2: Secret Sharing recovering algorithm flowchart

6.System Testing and Implementation

EACH MODULE CAN BE TESTED USING THE FOLLOWING TWO

Black Box Testing

1 Object Name: Sending Image

TEST CASE EXECUTION AND ANALYSIS:

Dest-Frame1 Enter the Key Numeric Accepts the values Accepted

Alphanumeric Invalid data Rejected

Dest2-Frame1 Enter the port Numeric Accepts the values Accepted

Alphanumeric Invalid data Rejected

Dest2-Frame2 Enter the port Numeric Invalid data Rejected

Rec2 Decryption Numeric Invalid data Rejected

• Needs no extra costs for implementation

• Complex cryptographic algorithms are not needed

2. E.R.Verheul and H.C.A.van Tilborg.Constructions and properties of k out of n visual secret

5. M. Naor and A. Shamir, Visual cryptography. Advances in Cryptology EUROCRYPT ’94.

8. AN IMPROVED VISUAL CRYPTOGRAPHY SCHEME FOR SECRET HIDING

Das könnte Ihnen auch gefallen