Data Security and Authentication
Content
DATA SECURITY AND AUTHENTICATION
Name of the Authors: - V.Udbitha
Reddy N.Bawani
EMAIL ID’S:[email protected]
[email protected]
BRANCH:-Instrumentation & Control Engineering
(ICE)
NAME OF THE COLLEGE:-
G.Narayanamma Institute of Technology & Science Shaikpet, Hyderabad.
Abstract
The project entitled “DATA SECURITY AND AUTHENTICATION” (USING TEGANOGRAPHY) deals with implementing during transmission of data using cryptography & steganography. A steganalysis is performed and security implemented. The project implements both the forms of security comparing steganography against cryptographysteganography combined. The goal of steganography is to hide messages inside other harmless messages in a way that does not allow any enemy to even detect that there is a second secret message present. In first phase, the end user identifies an image which is going to act as the carrier of data. The data file is also selected and then to achieve greater speed of transmission the data file is compressed, embedded in the image file. The image if hacked or interpreted by a third party user will open up in any image previewed but will not display the data. This protects the data from being visible and hence be secure during transmission. The user in the receiving end uses another piece of code to retrieve the data from the image.
1. Introduction
The system implements steganography as the technique to hide data and provide security between the sender and the receiver on the network. There are two types of hackers: 1. One with the intention of knowing data. 2. The other with the intention of damaging the data Here we are more interested in the data embedded inside the image and least worried about the image data. The goal of steganography is to hide messages inside the other harmless message and maintain secrecy of communication happening. Authentication is the process by which a computer, computer program, or another user attempts to confirm that the computer, computer program, or user from whom the second party has received some communication is, or is not, the claimed first party. Steganography, from the Greek, means covered or secret writing, and is a longpractised form of hiding information. Steganography's intent is to hide the existence of the message, while cryptography scrambles a message so that it cannot be understood. The advantage of Steganography’s is that it can be used to secretly transmit messages without the fact of the transmission being discovered. However, Steganography’s has a number of disadvantages as well. Unlike encryption, it generally requires a lot of overhead to hide a relatively few bits of information. Also, once a steganographic system is discovered, it is rendered useless. This problem, too, can be overcome if the hidden data depends on some sort of key for its insertion and extraction. In fact, it is common practice to encrypt the hidden message before placing it in the
cover message. However, most Steganography’s like the extra layer of protection that encryption provides. If your hidden message is found, and then at least make it as protected as possible.
2. History of Steganography
Our earliest records of Steganography’s were recorded by the Greek historian Herodotus and date back to Greek times. When the Greek tyrant Histiaeus was held as a prisoner by king Darius in Susa during the 5th century BCE, he had to send a secret message to his son-in-law Aristagoras in Miletus. Histiaeus shaved the head of a slave and tattooed a message on his scalp. When the slave's hair had grown long enough he was dispatched to Miletus. Invisible inks have always been a popular method of steganography. Ancient Romans used to write between lines using invisible inks based on readily-available substances such as fruit juices, urine and milk. When heated, the invisible inks would darken, and become legible. Invisible inks were used as recently as World War II. An early researcher in steganography and cryptography was Johannes Trithemius (1462-1526), a German monk. His first work on steganography, Steganographia, described systems of magic and prophecy, but also contained a complex system of cryptography.
3. Aims And Objectives
The main aim is implementing a system that can assure security to the data transmitted, resisting to the attacks from the hackers on the network. The Objectives include 1. Secure transmission of data on network. 2. Data to be made invisible using steganography.
3. To detect damage or malicious script or viruses that would have altered the data on the network.
4. Main Contents
The main modules that are included are 4.1 Security and Login Module. The module identifies users who can use this application. It prompts with the login and password before enabling access to the other module. 4.2 CRC generation and verification Module. In the generation module CRC is calculated on the basis of the data being transmitted. The CRC is then stored back into the same file. At the receiving end the CRC is calculated for the data & then compared to the CRC that was generated at the transmitting end. The module indicates if the received file is corrupted, damaged or altered in the process of transmission. 4.3 Compression and Decompression Module. The module ensures that compression to the data before it can be transmitted is done in order to reduce the file transfer time. The compression is performed after the CRC is generated for the data that means to be transmitted. At the receiving end it is decompressed to regenerate the files that contain CRC and data. A new file is generated on decompression. 4.4 Embedded and De-embedded Module. In this module an image file is identified and the data to be embedded. The compressed data and CRC file is then appended to the end of the image file without affecting the image data or the header information of that image information about the size of the file name etc… are also written which is then stored in the image file. The software stores the data in a format that is not recognizable even when viewed from a text or document editor. At the receiving end the module
identify the location of the data picks up the size of the file, filename and reads the data to the length of the data file and regenerate the text file that was embedded with in the image file.
4.5 User interface and Manual Module. A user friendly environment that allows keyboard short cuts and mouse interaction and frames oriented windows that allow easy navigation, file selection and guided control flow. An online help that explain the procedure that operate the system is provided. The application is fully menu driven & is supported by dialogues.
5. Analyzing Drawbacks Of Earlier Systems
The earlier existing system had the following drawbacks. 1. There is a Propagation delay in the system. 2. There is limitation on the amount of data that we can send. And system fails when the image size is at least four times greater than the data size. 3. We can send only normal images of (.jpeg,.bmp, .gif) formats. 4. Limitations exist on the data (data < [image / 4]), and no animations are allowed on the images.
6. Proposed System Implementation
In the Proposed system, we can also add data to the image and then sent to the receiver. This is done by appending the binary form of the data to the image. The ‘Append Binary’ algorithm is used to accomplish the purpose. There are no alterations in the image clarity, none knows that there is secret information appended to image and is transmitted. When the image is opened it previews only the image content, the data associated is not viewed. This is the importance of Append Binary algorithm. Only the intended receiver can know the starting position where the data exactly begins in the image. The data is de-embed and is converted to text format from the binary format. Thus the receiver gets the original text data sent to him by the authorized sender.
7. Advantages Of Proposed System
1. There is no limitation on the amount of data that we can send along the image. 2. Here the system can have as much data possible (data >= Image, data <=Image). 3. To reduce the size of the data for faster transmission, we can compress the text data and append to image in the binary format. 4. Any type of images are allowed even animated images.
8. Process Carried Out
In the technique implementation, the identified data undergoes the following sequence:8.1 Identify a text file. 8.2 Identify any target container, such as image, text, audio, video etc file 8.3 Generate the CRC for the data being transmitted using CRCSET. 8.4 CRCSET is an anti-virus utility. Before transmitting the data, the utility want to calculate the CRC value and attach with data. In receiving end, the CRC recalculated and based on that calculated value, it will specify the acceptation or rejection. 8.5 Encrypt the data using a local algorithm 8.6 Associate a password with the encrypted data to provide additional security. 8.7 Implement steganography using a local algorithm and embed the data into the target container.
8.8 Perform the reverse process at the destination to retrieve the actual data if not hacked or tampered.
9. Event Flow Diagram
10. Result
The System thus developed is secure and can resist hackers on the network. It can convey the secret information hidden in the image only to the authorized recipient only.
11. Acknowledgements
I am grateful to my internal guide Mr.Sunil Vijay kumar and external guide Mr.Prasantha Padhy working for CMTES, Hyderabad; for giving me guidelines to proceed in my project work. I thank my project guide in CMTES, Mr.Anil K. Menon, who has helped me to reach out a successful solution through out. Also I extend my thanks to the Head of the Department of Computer Science Department, in RGMCET, Nandyal; who stood by the side of students and encouraged them to participate in the conferences being held.
12. Discussion And Conclusions:
It is a remarkable feature of the Steganography to hide the communication happening. The recipient of the message will get the exact message sent by the sender. The user will be assured that the information sent by him reaches to the desired recipient only. At any point if the data is hacked the CRC-check will point out that the information is modified. Thus a secure and authenticated system is developed.
Name of the Authors: - V.Udbitha
Reddy N.Bawani
EMAIL ID’S:[email protected]
[email protected]
BRANCH:-Instrumentation & Control Engineering
(ICE)
NAME OF THE COLLEGE:-
G.Narayanamma Institute of Technology & Science Shaikpet, Hyderabad.
Abstract
The project entitled “DATA SECURITY AND AUTHENTICATION” (USING TEGANOGRAPHY) deals with implementing during transmission of data using cryptography & steganography. A steganalysis is performed and security implemented. The project implements both the forms of security comparing steganography against cryptographysteganography combined. The goal of steganography is to hide messages inside other harmless messages in a way that does not allow any enemy to even detect that there is a second secret message present. In first phase, the end user identifies an image which is going to act as the carrier of data. The data file is also selected and then to achieve greater speed of transmission the data file is compressed, embedded in the image file. The image if hacked or interpreted by a third party user will open up in any image previewed but will not display the data. This protects the data from being visible and hence be secure during transmission. The user in the receiving end uses another piece of code to retrieve the data from the image.
1. Introduction
The system implements steganography as the technique to hide data and provide security between the sender and the receiver on the network. There are two types of hackers: 1. One with the intention of knowing data. 2. The other with the intention of damaging the data Here we are more interested in the data embedded inside the image and least worried about the image data. The goal of steganography is to hide messages inside the other harmless message and maintain secrecy of communication happening. Authentication is the process by which a computer, computer program, or another user attempts to confirm that the computer, computer program, or user from whom the second party has received some communication is, or is not, the claimed first party. Steganography, from the Greek, means covered or secret writing, and is a longpractised form of hiding information. Steganography's intent is to hide the existence of the message, while cryptography scrambles a message so that it cannot be understood. The advantage of Steganography’s is that it can be used to secretly transmit messages without the fact of the transmission being discovered. However, Steganography’s has a number of disadvantages as well. Unlike encryption, it generally requires a lot of overhead to hide a relatively few bits of information. Also, once a steganographic system is discovered, it is rendered useless. This problem, too, can be overcome if the hidden data depends on some sort of key for its insertion and extraction. In fact, it is common practice to encrypt the hidden message before placing it in the
cover message. However, most Steganography’s like the extra layer of protection that encryption provides. If your hidden message is found, and then at least make it as protected as possible.
2. History of Steganography
Our earliest records of Steganography’s were recorded by the Greek historian Herodotus and date back to Greek times. When the Greek tyrant Histiaeus was held as a prisoner by king Darius in Susa during the 5th century BCE, he had to send a secret message to his son-in-law Aristagoras in Miletus. Histiaeus shaved the head of a slave and tattooed a message on his scalp. When the slave's hair had grown long enough he was dispatched to Miletus. Invisible inks have always been a popular method of steganography. Ancient Romans used to write between lines using invisible inks based on readily-available substances such as fruit juices, urine and milk. When heated, the invisible inks would darken, and become legible. Invisible inks were used as recently as World War II. An early researcher in steganography and cryptography was Johannes Trithemius (1462-1526), a German monk. His first work on steganography, Steganographia, described systems of magic and prophecy, but also contained a complex system of cryptography.
3. Aims And Objectives
The main aim is implementing a system that can assure security to the data transmitted, resisting to the attacks from the hackers on the network. The Objectives include 1. Secure transmission of data on network. 2. Data to be made invisible using steganography.
3. To detect damage or malicious script or viruses that would have altered the data on the network.
4. Main Contents
The main modules that are included are 4.1 Security and Login Module. The module identifies users who can use this application. It prompts with the login and password before enabling access to the other module. 4.2 CRC generation and verification Module. In the generation module CRC is calculated on the basis of the data being transmitted. The CRC is then stored back into the same file. At the receiving end the CRC is calculated for the data & then compared to the CRC that was generated at the transmitting end. The module indicates if the received file is corrupted, damaged or altered in the process of transmission. 4.3 Compression and Decompression Module. The module ensures that compression to the data before it can be transmitted is done in order to reduce the file transfer time. The compression is performed after the CRC is generated for the data that means to be transmitted. At the receiving end it is decompressed to regenerate the files that contain CRC and data. A new file is generated on decompression. 4.4 Embedded and De-embedded Module. In this module an image file is identified and the data to be embedded. The compressed data and CRC file is then appended to the end of the image file without affecting the image data or the header information of that image information about the size of the file name etc… are also written which is then stored in the image file. The software stores the data in a format that is not recognizable even when viewed from a text or document editor. At the receiving end the module
identify the location of the data picks up the size of the file, filename and reads the data to the length of the data file and regenerate the text file that was embedded with in the image file.
4.5 User interface and Manual Module. A user friendly environment that allows keyboard short cuts and mouse interaction and frames oriented windows that allow easy navigation, file selection and guided control flow. An online help that explain the procedure that operate the system is provided. The application is fully menu driven & is supported by dialogues.
5. Analyzing Drawbacks Of Earlier Systems
The earlier existing system had the following drawbacks. 1. There is a Propagation delay in the system. 2. There is limitation on the amount of data that we can send. And system fails when the image size is at least four times greater than the data size. 3. We can send only normal images of (.jpeg,.bmp, .gif) formats. 4. Limitations exist on the data (data < [image / 4]), and no animations are allowed on the images.
6. Proposed System Implementation
In the Proposed system, we can also add data to the image and then sent to the receiver. This is done by appending the binary form of the data to the image. The ‘Append Binary’ algorithm is used to accomplish the purpose. There are no alterations in the image clarity, none knows that there is secret information appended to image and is transmitted. When the image is opened it previews only the image content, the data associated is not viewed. This is the importance of Append Binary algorithm. Only the intended receiver can know the starting position where the data exactly begins in the image. The data is de-embed and is converted to text format from the binary format. Thus the receiver gets the original text data sent to him by the authorized sender.
7. Advantages Of Proposed System
1. There is no limitation on the amount of data that we can send along the image. 2. Here the system can have as much data possible (data >= Image, data <=Image). 3. To reduce the size of the data for faster transmission, we can compress the text data and append to image in the binary format. 4. Any type of images are allowed even animated images.
8. Process Carried Out
In the technique implementation, the identified data undergoes the following sequence:8.1 Identify a text file. 8.2 Identify any target container, such as image, text, audio, video etc file 8.3 Generate the CRC for the data being transmitted using CRCSET. 8.4 CRCSET is an anti-virus utility. Before transmitting the data, the utility want to calculate the CRC value and attach with data. In receiving end, the CRC recalculated and based on that calculated value, it will specify the acceptation or rejection. 8.5 Encrypt the data using a local algorithm 8.6 Associate a password with the encrypted data to provide additional security. 8.7 Implement steganography using a local algorithm and embed the data into the target container.
8.8 Perform the reverse process at the destination to retrieve the actual data if not hacked or tampered.
9. Event Flow Diagram
10. Result
The System thus developed is secure and can resist hackers on the network. It can convey the secret information hidden in the image only to the authorized recipient only.
11. Acknowledgements
I am grateful to my internal guide Mr.Sunil Vijay kumar and external guide Mr.Prasantha Padhy working for CMTES, Hyderabad; for giving me guidelines to proceed in my project work. I thank my project guide in CMTES, Mr.Anil K. Menon, who has helped me to reach out a successful solution through out. Also I extend my thanks to the Head of the Department of Computer Science Department, in RGMCET, Nandyal; who stood by the side of students and encouraged them to participate in the conferences being held.
12. Discussion And Conclusions:
It is a remarkable feature of the Steganography to hide the communication happening. The recipient of the message will get the exact message sent by the sender. The user will be assured that the information sent by him reaches to the desired recipient only. At any point if the data is hacked the CRC-check will point out that the information is modified. Thus a secure and authenticated system is developed.
