Secured data transfer using CRYPTOGRAPHY and

STEGANOGRAPHY

Group project by:

R. Charitha – 21BEC1366
V. Surya Teja – 21BEC1484

Abstract: measures. In Cryptography we are using AES,

RSA. In Steganography we are using Image
Nowadays communication is getting Steganography for hiding the data. Data is
the most asked demand for each and every encrypted using the Advanced Encryption
one. Till now cryptography has been Standard (AES), which offers a high level of
dependent on defending secure data confidentiality. RSA is used to generate
transmission. With the adding trouble, digital signatures and exchange keys,
Steganography has also taken space for guaranteeing that sender and receiver
security purposes. Securing data encryption communications are secure and validated.
and decryption using Cryptography and Binary data is transformed into ASCII
Steganography techniques. In light of recent characters using Base64 encoding, allowing
advancements in steganalysis, safeguarding for secure communication across numerous
personal content, messages, or digital images digital platforms. A cryptographic hash
through steganography has become algorithm called HMAC is also used to check
challenging. Steganalysis can effortlessly the validity and integrity of the sent data,
expose concealed data in carrier files. This spotting any unauthorised alterations or
venture presents a new steganographic tampering efforts.
method for private communication between The research focuses on integrating and
two individuals. The approach put forth in this putting these algorithms into practise,
project employs both cryptographic and providing smooth interoperability and strong
steganographic techniques. In the field of defence against frequent security risks
cryptography, we modify the original format including eavesdropping, data manipulation,
of information using diverse security and unauthorised access. A complete and
techniques, resulting in heightened security reliable foundation for secure data transfer in
during communication. Steganography, on digital communication is provided by the
the other hand, involves concealing integration of AES, RSA, Base64, and
information to prevent interception by HMAC.
unauthorized parties, often through the use of
images, audio recordings, videos, and other
mediums. This plan outlines an innovative Introduction:
method of enhancing data security through
Digital communication witnesses a
encryption and decryption techniques. The
noticeable and continuous development in
proposed system merges both cryptography
many applications in the Internet.
and steganography to maximize security
Consequently, it is imperative to ensure safe
communication sessions. As the authentication codes. By leveraging
communication channel continues to gain cryptographic protocols, both individuals and
significance, it becomes susceptible to a wide organizations can safeguard sensitive data
range of assaults. Our primary duty is to from unauthorized access, interception, and
safeguard the transmission path from any tampering, thereby enabling secure and
form of aggression and securely deliver the private communication in the digital age.
information to the recipient. The effectiveness
of network performance metrics now hinges Symmetric Cryptography:
on the security of data transmitted through a
Symmetric cryptography, also known
worldwide network. Therefore, it is crucial to
as secret-key cryptography, is a cryptographic
maintain the confidentiality and integrity of
method where the same key is used for both
data, so as to deter unauthorized access and
encryption and decryption of data. In this
use of transmitted data. Two vital techniques
approach, the sender and the receiver share a
employed to guarantee network security are
secret key that is kept confidential. The key is
Cryptography and Steganography. The aim of
used to transform plaintext into ciphertext
this project is to develop a new approach to
during encryption and to reverse the process
hiding a secret information in an image, by
during decryption, thereby ensuring secure
taking advantage of benefits of combining
communication. Using symmetric
cryptography and steganography. The
cryptography has numerous benefits, such as
objective of this undertaking is to furnish
rapidity and effectiveness in managing vast
users with accurate information while
amounts of information. The encoding and
ensuring its security. Certain users may
decoding procedures are quite swift as they
encounter data loss during network
entail uncomplicated mathematical
transmission, while others may have their
computations. Nonetheless, one of the
data tampered with by unauthorized
significant hurdles of symmetric
individuals on the network. Furthermore,
cryptography is the safe transmission of the
there exist additional security concerns within
confidential key from the sender to the
the network. The goal of this project remains
receiver. If the key ends up in the possession
to provide users with secure and precise data,
of malevolent actors, it can jeopardize the
despite these potential obstacles.
confidentiality of the communication. AES is
a common technique in symmetric
Cryptography: cryptography.
The art of secure communication,
known as cryptography, involves the use of
Asymmetric Cryptography:
mathematical algorithms to transform
plaintext into ciphertext. This process Asymmetric cryptography, also
guarantees the confidentiality, integrity, and known as public-key cryptography, is a
authenticity of data during storage and cryptographic method that employs a pair of
transmission. Encryption algorithms and mathematically related keys: a public key and
cryptographic keys are used to convert a private key. These keys are created together
information into an unreadable format that but have unique properties. The public key is
can only be accessed with the appropriate freely shared with others, while the private
decryption keys. Cryptography encompasses key is kept confidential by its owner.
other crucial techniques including digital Asymmetrical cryptography employs the
signatures, hash functions, and message public key for encrypting data and the
corresponding private key for decrypting it. material. The most popular technique entails
When data is encrypted with the public key, it changing the cover media's minor
can be decrypted solely with the components because these subtle changes are
corresponding private key, guaranteeing frequently invisible to human observers. The
secure communication and confidentiality of cover media seems unchanged to casual
data. This feature eradicates the requirement observers when these least significant bits are
for secure key exchange, as the public key can replaced or altered with the secret data, but the
be disseminated without compromising embedded information is kept secret.
security. The use of asymmetric cryptography
Steganography finds its use in different fields
also facilitates other significant features,
such as hidden communication, digital
including digital signatures and key swap.
marking, and safeguarding copyrights. It
Digital signatures enable the verification of
provides a way to secretly and safely
the genuineness and wholeness of digital
exchange confidential information,
documents by generating a signature using the
particularly in situations where visible
private key, which can be authenticated using
encryption can trigger suspicion or draw
the corresponding public key. Key exchange
attention. Nevertheless, it is crucial to
algorithms, such as the Diffie-Hellman key
understand that steganography does not
exchange, establish a secure shared secret key
inherently ensure encryption or
between two parties without transmitting the
authentication. Its fundamental objective is to
key directly.
conceal data rather than guarantee its
Asymmetric cryptography has genuineness or credibility.
several benefits, such as secure key exchange,
non-repudiation, and scalability in multi-
Types of Steganography:
party communication. Nevertheless, it
necessitates more computational resources There are various types of steganography.
than symmetric cryptography, making it
1)Text Files
unsuitable for encrypting large data volumes.
RSA (Rivest-Shamir-Adleman) and Elliptic The technique of embedding secret data
Curve Cryptography (ECC) are among the inside a text is identified as text stego. Text
widely used asymmetric encryption steganography needs a low memory because
algorithms. this type of file can only store text files. It
affords fast transfer or communication of files
Steganography:
from a sender to receiver.
Steganography is the practice of 2) Image Files
concealing secret or sensitive information
It is the procedure in which we embed the
within innocuous cover media, such as
information inside the pixels of image. So,
images, audio files, or text documents, in
order to maintain secrecy and confidentiality. that the attackers cannot observe any change
Unlike cryptography, which focuses on in the cover image. LSB approach is a
common image steganography algorithm
encrypting data to make it unreadable,
steganography aims to hide the existence of
the data itself, making it difficult for 3) Audio Files
unauthorized individuals to even detect that a
secret message is being communicated. It is the process in which we hide the
Steganography uses a variety of methods to information inside an audio. There are many
insert the hidden information within the cover
approaches to hide secret information in an
audio file for examples Phase Coding, LSB. Problem statement:
4) Video Files Securing the transport of sensitive data has
It is the process of hiding some secret data become a crucial concern in the era of digital
inside the frames of a video. communication and information exchange.
While cryptography offers a strong
mechanism for data encryption and
Steganography and encryption serve the decryption, it might not be enough to thwart
purpose of transmitting data over an insecure cunning attackers on its own. Similar to
network while keeping it hidden from encryption, steganography adds an extra
unauthorized individuals. Steganography degree of secrecy by concealing data under
conceals the data within a cover image, while innocent-looking cover media, but it lacks
encryption encodes the data. The benefit of encryption to ensure the data's confidentiality.
using Steganography is that it does not alter The issue at hand is the requirement to create
the appearance of the file, making it less likely a thorough solution that integrates
for attackers to suspect that there is hidden steganography and cryptography to offer
data, unlike encryption which encrypts and secure data transit. This solution must address
sends the data over the network. the drawbacks of utilising either approach
separately and make use of each one's
Hence, the combination of cryptography and advantages to improve data secrecy, integrity,
steganography offers fortified data privacy, and authenticity.
concealed communication abilities,
safeguarding against breaches, upgraded
safety protocols, immunity to scrutiny, and The purpose of this project is to provide the
secure exchange of keys. This fusion of correct data with security to the users. Certain
methods strengthens the security of data users may experience data loss while
transmission, rendering it arduous for transmitting it through the network, while
unapproved personnel to gain entry and others may encounter data tampering by
misuse sensitive data, thereby guaranteeing unauthorized individuals in the network.
the genuineness, privacy, and legitimacy of Moreover, there exist additional security
the transmitted information. concerns in the network. Our application
provides enhanced security measures for the
data present in the network, thereby
minimizing data loss during transmission
between the sender and receiver through
advanced technologies.
METHODOLOGY:
System architecture:
Proposed System:
In this section, we will elaborate on a proposed approach that merges
two distinct methods of data concealment, namely Cryptography and
Steganography. Our proposed methodology involves the initial encryption of the
message through the implementation of RSA algorithm. Subsequently, we embed
the encrypted information into an image using the modified LSB technique. This
innovative technique incorporates both cryptography and steganography, thereby
providing an elevated level of security. It surpasses the effectiveness of either
method when used independently. In order to ensure the security of the process,
the sender and the receiver must mutually agree upon the concealment algorithm
as well as the encryption algorithm keys. Alternatively, these keys may be
exchanged through a secure communication method. Our method prioritizes
encryption before hiding the encrypted data.
Before applying the cryptography (AES, RSA) and steganography, initially we
convert our input to HMAC and then Base-64. We save the obtained text in a text
file. Then we proceed to cryptography and steganography. This is the Encryption
part and decryption part follows in reverse order.
Sender Side:
Sender side has HMAC, BASE64, Cryptography, Steganography
HMAC:
HMAC stands for "Hash-based Message Authentication Code." It is a
cryptographic algorithm used to verify the integrity and authenticity of a
message or data. HMAC involves the use of a cryptographic hash function in
combination with a secret key.
Base64:
Base64 is a binary-to-text encoding scheme that converts binary data into a
format that is represented using a set of 64 printable ASCII characters. It is
commonly used to encode binary data, such as images, in a way that can be
transmitted and stored easily in text-based systems, such as email or web pages.

Cryptography stage:
In modern cryptography, a hybrid algorithm refers to a combination of symmetric
(AES) and asymmetric (RAS) encryption algorithms used together to provide
secure and efficient communication.
• Advanced Encryption Standard (AES):
AES is a symmetric encryption algorithm widely used for secure data
transmission and storage. It is a symmetric key algorithm, meaning the same key
is used for both encryption and decryption processes.
• Rivest-Shamir-Adleman (RSA):
The RSA algorithm is an asymmetric encryption algorithm widely used for secure
data transmission, digital signatures, and key exchange.

Steganography stage:
Steganography is the practice of concealing secret information or messages
within other non-secret data in a way that avoids detection by unintended
recipients. It is a technique used to hide the existence of communication or the
content of a message, as opposed to cryptography, which focuses on making the
content unintelligible.
Image Steganography:
The practice of Image Steganography involves concealing information
inside an image. This information can take various forms, such as an image, audio
file, text document, or any other type of file. The process involves enveloping the
data within an image. We have opted to utilize this method to bind the data to an
image. By embedding audio within an image, we can establish the sender's
authenticity, confirm whether the intended recipient is the one receiving the data,
and determine whether there is a third-party attacker present in the
communication channel.
Receiver side:
Receiver side consists of steganography and cryptography stages.We will
first remove any embedded data on the receiver side before decrypting it.

Steganography:
In the receiver side, we start with steganography then cryptography. We
will use the same steps which are used in sender side

Cryptography Stage:
In cryptography stage, we use the data which is extracted from stego file
and use RSA and AES. We will use the same steps which are used in sender
side. The Decryption can be done using the Encrypted message, receivers
private key and sender’s public key.
Algorithm:
Inputs: Image, Message, Key.
1) Initially Sender consider a Cover Image
2) Get the input from the user
3) Encode the input through HMAC and BASE-64
4) Encrypt the message through Cryptography technique
5) Hide the Encrypted message in the image.
6) Hiding can be done using a secret key for confidentiality.
7) After Hiding the Image is considered as a Stego-Image.
8) The Receiver will receive the Stego-Image
9) Using the Secret Key the receiver can view the data hidden in the image

Thus, the receiver can receive the message safely

Algorithm illustration:

Encryption side:
Step 1: Give the input data
Step 2: The given input data goes through a hash function and a secret key
under a HMAC system. This output is given as input to the next step.
Step 3: Convert this input to Base-64 using Base-64 conversion Algorithm.
Step 4: After converting into Base-64 we will be getting a String.
Step 5: Store the entire string in a Text File and save the file.
Step 6: From that file we consider each character separately and apply AES
algorithm on them.
Step 7: After applying the AES algorithm the secret key is generated again
which is symmetrical and private. This key is given as the input to the next step
where we apply RSA
Step 8: The output of the last step is taken and RSA is applied on it to produce a
public key for transmitting.
Step 9: By Using RSA we will be getting Cipher Text .
Step 10: Let the Cipher Text be encrypted message.
Step 11: Consider an image, And hide the encrypted message in the given
image with the secret key Using Steganography Algorithm.
Step 12: Now send the Stego-Image to the Receiver.

Decryption side:

Step 1: Consider the input be Stego-Image.

Step 2: Using the Secrert Key , Obtain the hidden message from the Stego-
Image.
Step 3 : And the obtained message is a Cipher Text. We must decrypt the
message.
Step 4 : The Decyption of the message can be done using RSA Algorithm.
Step 5: By Using RSA we will be getting the private key of AES
Step 6: This private kay is sent through AES algorithm for decrypting.
Step 7 : By using AES we will be getting the plain text
Step 8 : And thus the receiver will decrypt the message and it is in the form of
Base-64
Step 9 : Finally by using Base-64 algorithm the Base-64 text is converted into
the original input, Which can be Text, Image, Audio, Video.

Experimental analysis and results:

Proposed system:

Home page:

1) Click on the Encryptor option to start encryption

Encrypting page:
2) Here we give the desired message in the message box and then upload the image we wish

Results of encryption:

3) Here we can see the result of out encryption system and respective cipher text is produced.
These are the results of our original image along with the stego image output
Decryption page:

4) Here we take the public key generated and paste in decryptor part to get the
input message

5) This is the decrypted output as you can see we got our input message back
Comparison with the earlier works:
Comparing the AES system to the system with HMAC, BASE64, AES, and
RSA together
Lack of Data Integrity and Authenticity: AES alone provides encryption and
decryption capabilities but does not inherently provide data integrity and
authenticity. Without additional mechanisms like HMAC, there is no built-in
protection against data tampering or ensuring the data's origin.
Key Management: AES is a symmetric encryption algorithm, which means the
same key is used for both encryption and decryption.

Lack of Secure Key Exchange: AES alone does not provide a mechanism for
secure key exchange between communicating parties. In a system that combines
RSA, AES, and other components, RSA can be used for secure key exchange,
ensuring that the shared symmetric AES key remains confidential during
transmission.
Limited Protection Against Data Tampering: AES alone does not provide built-
in mechanisms for verifying the integrity of the encrypted data. By
incorporating HMAC, the combined system can ensure data integrity by
providing a cryptographic checksum for the encrypted data, enabling detection
of any unauthorized modifications.

Comparing the RSA system to the system with HMAC, BASE64, AES, and
RSA together

Lack of Perfect Forward Secrecy: RSA does not provide perfect forward
secrecy. If an attacker compromises the private key, they can decrypt any
previously intercepted encrypted messages. This is in contrast to symmetric
encryption algorithms like AES, where compromise of a specific encryption key
does not impact the security of previous or future messages.
Limited Encryption Length: RSA encryption has a limitation on the length of
data that can be encrypted directly with the public key. The maximum length of
the plaintext that can be encrypted using RSA is dependent on the key size. To
encrypt larger data sets, a hybrid encryption scheme is often employed where a
symmetric encryption algorithm like AES is used to encrypt the data, and the
AES key is encrypted using RSA.
Interoperability Challenges: RSA is widely supported, but there can still be
interoperability challenges when different systems and platforms need to
communicate. The integration of BASE64 encoding in the combined system
may be required to ensure compatibility with systems that only support ASCII
characters. However, BASE64 encoding increases data size, which can impact
storage and bandwidth requirements.

When comparing the BASE 64 and HMAC to the system with HMAC,
BASE64, AES, and RSA together, the AES system has the following
potential drawbacks
Compatibility and Interoperability: While HMAC is a widely used mechanism
for data integrity, not all systems or protocols may natively support HMAC.
Integration with existing systems or compatibility with certain platforms may
require additional efforts to support HMAC-based integrity checks.
Key Management: HMAC requires a shared secret key between the sender and
receiver to calculate and verify the HMAC. Managing and securely distributing
these keys can be challenging, especially in large-scale systems or scenarios
with frequent key rotation. Proper key management practices, including key
generation, storage, and distribution, are crucial to maintain the security of the
HMAC component.

Inferences and Conclusions:

In this study, we discussed the ideas of network-wide digital data communication
security. This project aims to improve performance by merging steganography
and cryptography characteristics. In our novel steganography technique, we
coupled Base-64 and HMAC systems with the AES and RSA algorithms.
Combining HMAC, Base64, AES, and RSA creates a robust cryptographic
system with the following benefits:
Data integrity: HMAC makes sure that the data was not altered during storage or
transmission. It ensures data integrity and identifies any unauthorised
modifications.
Confidentiality: AES offers powerful symmetric encryption, guaranteeing the
confidentiality of sensitive data. The proper secret key is required to decrypt the
data.
HMAC can validate the data's origin and integrity, while RSA can be used for
digital signatures to confirm the sender's identity.
Key management: Two parties can create a shared secret key using RSA for safe
key exchange, enabling AES encryption. Because RSA is asymmetrical, it offers
a safe way to exchange keys without a secure connection.
Data representation: Base64 encoding enables the representation of binary data
in text, making it appropriate for platforms that only accept ASCII characters. It
guarantees that data can be reliably delivered or stored across a variety of systems.
More over this paper introduces a system that is capable of
transmitting substantial amounts of confidential data while ensuring secure
communication between two individuals. Both steganography and cryptography
can be incorporated into this system to increase the complexity of detection. Any
form of textual information can be used as the secret message. The secret
message, utilizing the principles of steganography, is then sent through the
network. In conclusion, a cryptographic system that combines HMAC, Base64,
AES, and RSA offers a strong and secure solution for data integrity, secrecy,
authentication, and key management. To maintain the system's overall security,
it's crucial to properly integrate these components and take into account other
security measures including secure key storage, secure communication channels,
and sound key management procedures.