A. Study Approach for the Security Model
Step 1: Data Security and Privacy through Steganography
In the beginning stages, LSB steganography was integrated into the security model to improve data security and safeguard user privacy. An application was created using Python to implement the LSB steganography. The application first asks the user to upload the desired picture in (a jpeg or PNG) file format, then the chosen image is going to be shown on the application, the application is going to offer the user a picture with the resolution they want to use to encrypt their image.
Then on the right side of the application is now the part to write the message the user wants to encrypt inside the image, when the user has successfully written down the message he wants to hide, the message is going to be saved by the user. (encrypt) in the image. The Stego image is now being saved by the user. into his hard disk drive for the image to be sent to another user (Recipient)
Algorithm for LSB Encode:
1. Start
2. Input the image and the message to be hidden.
3. Calculate the image width and height.
4. Calculate the length of the message in bits.
5. Check if the message can fit within the image (message length ≤ image width * image height).
6. If the message is too long, display an error message and terminate.
7. Create a copy of the original image to hold the encoded data (encoded_image).
8. Initialize message_index to 0.
9. Loop over each pixel in the image (row by row and column by column).
10. For each pixel, obtain the RGB values (r, g, b).
11. If the message_index is less than the message_length, set the character to the next bit of the message, otherwise, set the character to null.
12. Hide the character in the least significant bits of each color channel as follows:
13. Modify the red component (r) by replacing the least significant bit with the first bit of the character.
14. Modify the green component (g) by replacing the least significant bit with the second bit of the character.
15. Modify the blue component (b) by replacing the least significant bit with the third bit of the character.
16. Update the pixel with the modified RGB values.
17. Increment message_index.
18. Repeat steps 9 to 14 until all pixels have been processed.
19. Output the encoded_image.
20. End.
Algorithm for LSB Decode:
1. Start
2. Input the encoded_image containing the hidden message.
3. Calculate the image width and height.
4. Initialize an empty string to hold the decoded message (decoded_message).
5. Loop over each pixel in the encoded_image (row by row and column by column).
6. For each pixel, obtain the RGB values (r, g, b).
7. Extract the least significant bits of each color channel as follows:
8. Extract the first bit from the red component (r) to reconstruct the first bit of the character.
9. Extract the second bit from the green component (g) to reconstruct the second bit of the character.
10. Extract the third bit from the blue component (b) to reconstruct the third bit of the character.
11. Concatenate the extracted bits to form the character.
12. If the character is not null, append it to the decoded_message.
13. Repeat steps 5 to 9 until all pixels have been processed.
14. Output the decoded_message.
15. End.
Step 2: Data Security and Privacy through Cryptography
After the Stego image has been created and saved, the user then encrypts the image with AES-256 using a 7zip file compressor. 7zip file compressor was used because it’s an application that can be easily used and downloaded for free.
The user then chooses the compress and email option on the stego-image, after that the user shall set a password using one of his identifiers that he and the recipient both know on the stego-image using AES-256, the user has to also choose which compression file format the user wants to use to also compress the stego-image.
When all of this has been done by the user (Sender) he must now be redirected to any of his mail applications such as Microsoft Outlook or Gmail, he is going to write the recipient's email address there. he wants to send the compressed stego-image folder as well as the unique identifier that he and the recipient both know and send the mail.
AES-256 Encryption Algorithm:
1. Start
2. Input the plaintext and the 256-bit encryption key.
3. Key Expansion:
- Expand the 256-bit key into a key schedule containing 15 additional round keys (one for each round).
4. Initial Round:
- Add the initial round key (first round key) to the plaintext.
5. Main Rounds (Repeat for 14 rounds):
- Byte Substitution: Substitute each byte of the state with a corresponding byte from the AES S-box (Substitution box).
- Shift Rows: Perform row-wise circular shifts on the state matrix.
- Mix Columns: Mix the columns of the state matrix using matrix multiplication.
- Add Round Key: XOR the state with the round key for the current round.
6. Final Round:
- Byte Substitution.
- Shift Rows.
- Add the last round key to the state.
7. Output the ciphertext.
8. End
B. Step 3: Data Security and Privacy through using the IBE algorithm
Because AES is a symmetric algorithm, both encryption and decryption require the same key. As a result, there is a significant issue with distributing a secret key to numerous individuals without worrying about being compromised. The use of following the IBE algorithm method can be useful in this regard. Instead of sending the AES key to the other recipient directly, the sender can use one of his unique identification options such as Date of Birth, E-mail address, favorite word, or any other unique identifiers known to him (Sender) and the receiver (Recipient) as a kind of password hint that the recipient has to know to get the AES password set by the sender. Figure 3.1 shows the system flow diagram.
IBE Encryption Algorithm:
1. Start
2. Input the plaintext message and the recipient's identity (public identifier).
3. Identity to Public Key Conversion:
- Use a trusted Key Generation Center (KGC) or Private Key Generator to convert the recipient's identity to their public key.
4. Generate a random symmetric encryption key (session key).
5. Encrypt the plaintext message using the symmetric session key and a symmetric encryption algorithm (e.g., AES):
- Apply the symmetric encryption algorithm with the session key to the plaintext message to obtain the ciphertext.
6. Encrypt the session key using the recipient's public key:
- Use an asymmetric encryption algorithm (e.g., RSA) with the recipient's public key to encrypt the session key.
- Include the encrypted session key along with the ciphertext.
7. Output the encrypted message (ciphertext) and the encrypted session key.
8. End
IBE Decryption Algorithm:
1. Start
2. Input the encrypted message (ciphertext), the recipient's identity, and the recipient's private key.
3. Identity to Private Key Conversion:
- Use a trusted Key Generation Center (KGC) or Private Key Generator to convert the recipient's identity to their private key.
4. Decrypt the encrypted session key using the recipient's private key:
- Use an asymmetric decryption algorithm (e.g., RSA) with the recipient's private key to decrypt the encrypted session key.
- Obtain the symmetric session key.
5. Decrypt the ciphertext using the symmetric session key and the symmetric decryption algorithm (e.g., AES):
- Apply the symmetric decryption algorithm with the session key to the ciphertext to obtain the plaintext message.
6. Output the decrypted plaintext message.
7. End
C. The Steganography Application
The steganography application was built using the following technologies:
PyCharm Community Edition
This is a Python Integrated Development Environment (IDE) that was used in the development of the application.
Python packages used in the development of the application
1) Pillow
2) NumPy
3) Open cv python
4) Stegano
Algorithms used in the development of the secure data model
1) AES-256 (Advanced Encryption Standard)
2) LSB (Least Significant Bit)
3) IBE (Identity-Based Encryption)