College of Engineering, Pune

Shivajinagar, Pune 411005

Department of Computer Engineering and Information Technology

PROJECT REPORT ON

GUIDED BY Prof. S. U. Ghumbre Submitted By Agrawal Deepti - 702001 Agrawal Nishant - 702002 Tumma Ashwin 30808010 T. Y. B. Tech (Computer)

College of Engineering, Pune

Shivajinagar, Pune 411005

Department of Computer Engineering and Information Technology

CERTIFICATE This is to certify that, this Project Report entitled

Hiding in Plain Sight A Steganography Tool

is a bonafide record of Project work carried out by
Agrawal Deepti (702001) Agrawal Nishant (702002) Tumma Ashwin (30808010)

As per partial fulfillment of the award of post graduate degree in B.Tech. (Computer Engineering) during the academic year 2009-2010
Date: Place: Pune (Prof. S. U. Ghumbre) Project Guide (Prof. A. A. Sawant) Head of Department

ACKNOWLEDGMENTS
The project would not have been successfully completed without the wholehearted support of our guide Prof. S. U. Ghumbre Sir. He always boosted our morals assiduously. We thank Sir for his conception and encouragement during the development of the project. He is a mentor who knew all answers. We admire his infinite patience and understanding that he guided us in a field we had no previous experience. We would also like to thank our Head of Department, Prof. A. A. Sawant and all other faculty members of Computer Department have rendered us significant encouragement, in vigorous support and continuous & kind guidance. We thank them all for their invaluable guidance and other people who directly or indirectly assisted us in the successful and timely completion of Hiding in Plain Sight A Steganography Tool.

Agrawal Deepti Agrawal Nishant

(702001) (702002)

Tumma Ashwin K. (30808010)

Abstract
Steganography is the art of hiding the fact that

communication is taking place, by hiding information in other information. Many different carrier file formats can be used, but digital images are the most popular because of their frequency on the Internet. For hiding secret information in images, there exists a large variety of steganographic techniques some are more complex than others and all of them have respective strong and weak points. Different applications have different requirements of the steganography technique used. For example, some applications may require absolute invisibility of the secret information, while others require a larger secret message to be hidden. This project intends to give an overview of image steganography, its uses and techniques. It also supports steganography in Audio files. For a more secure approach, the project encrypts the message using secret key and then sends it to the receiver. The receiver then decrypts the message to get the original one.

CONTENTS
Chapter No 1 Name Steganography at Large 1.1 Introduction 1.2 Where hidden data hides 1.3 What does the project do Software Support 2.1 Technical Details On Image Steganography 3.1 Implementation On Audio Steganography 4.1 Implementation Encryption 5.1 Platform 5.2 Encryption Algorithm User Manual Conclusion Page No

2 3 4 5

8 9 11 13 16 21 22 23 24

6 7 Appendix List of Illustrations A Appendix List of Acronyms B Appendix Bibliography C

1. Steganography at Large
1.1 Introduction
Steganography derives from the Greek word steganos, meaning covered or secret, and graphy (writing or drawing). On the simplest level, steganography is hidden writing, whether it consists of invisible ink on paper or copyright information hidden in an audio file. Where cryptography scrambles a message into a code to obscure its meaning, steganography hides the message entirely. These two secret communication technologies can be used separately or togetherfor example, by first encrypting a message, then hiding it in another file for transmission. As the world becomes more anxious about the use of any secret communication, and as regulations are created by governments to limit uses of encryption, steganographys role is gaining prominence. What Steganography essentially does is exploit human perception, human senses are not trained to look for files that have information hidden inside of them, although there are programs available that can do what is called Steganalysis (Detecting use of Steganography.) The most common use of Steganography is to hide a file inside another file. When information or a file is hidden inside a carrier file, the data is usually encrypted with a password.

1.2

Where Hidden Data hides?

It is possible to alter graphic or sound files slightly without losing

their overall viability for the viewer and listener. With audio, you can use bits of file that contain sound not audible to the human ear. With graphic images, you can remove redundant bits of color from the image

and still produce a picture that looks intact to human eye and is difficult to discern from its original. It is in those bits that stego hides its data. A stego program uses an algorithm, to embed data in an image or sound file, and a password scheme to allow you to retrieve information.

1.3 What does the project do?

Hiding the text message in an image file or an audio WAV file. Encryption of the same message, so as to support more secure steganography. The decoding of the message, decryption and source message retrieval are also supported.

2. Software Support
Operating System : Windows or GNU/Linux

Programming Language : Java NetBeans 6.7.1 IDE GUI : Swings System Requirements: JDK 1.4 or Higher. Java being a platform independent language, the projects runs on any platform.

3. Image Steganography
Implementation:
Technical Details: o Using java.awt.Image, ImageIO o The package contains all the necessary classes and methods along with interfaces that are necessary for the manipulation of the images. The Encoding Process: The steganography technique used is LSB coding. The offset of the image is retrieved from its header. That offset is left as it is to preserve the integrity of the header, and from the next byte, we start our encoding process. For encoding, we first take the input carrier file i.e. an image file and then direct the user to the selection of the text file. Creation of User Space: o User Space is created for preserving the original file, so that all the modifications are done in the user space. o In the object of BufferedImage, using ImageIO.read method we take the original image. o Using createGraphics and drawRenderedImage method of Graphics class, we create our user space in BufferedImage object. The text file is taken as input and separated in stream of bytes. Now, each bit of these bytes is encoded in the LSB of each next pixel. And, finally we get the final image that contains the encoded message and it is saved, at the specified path given by user, in PNG format using ImageIO.write method. This completes the encoding process.

The Decoding Process:

The offset of the image is retrieved from its header. Create the user space using the same process as in the Encoding. Using getRaster() and getDataBuffer() methods of Writable Raster and DataBufferByte classes. The data of image is taken into byte array.

Using above byte array, the bit stream of original text file, is retrieved into the another byte array. And above byte array is written into the decoded text file, which leads to the original message.

10

4. Audio Steganography
Implementation:
Technical Details: o Using sun.audio package provided by SUN Microsystems. The sun.audio package contains everything we need to be able to play audio clips and everything related to the manipulation of the audio files. The classes used are AudioStream and AudioPlayer. The Encoding Process: The steganography technique used is LSB coding. The audio file consists of data in bytes. To encode the message, we first find the length of the string. The offset in the original file, from which the encoding process must start is by default set to 500. This is done because, the WAV file has a header in the initial offsets and if that header is tampered with, the destination file will not be able to access its header in the appropriate format. Encode that length which can be upto 256 characters into the 1st 8 bytes of the audio file. This will assist us in the decoding process. Take each character from the message string, convert it into byte and change the LSB of the next 8 bytes of the audio file as per each of the bit of the character type. Repeat the same procedure till the message string gets exhausted. Thus on writing byte after byte to the new file, we get a new audio file output.wav having message hidden into it which can be sent to the receiver without any fear of eavesdropper.

11

The Decoding Process: the audio file output.wav which has the message hidden into it. Select From the offset that was specified at the sending side(i.e. 500) , take the LSB of the next 8 bytes to get the length of the message (that was encoded in the first 8 bytes from the given offset) which will help us to get the encoding message only from the next 8 * length bytes of audio file.

Create a byte from the LSB of the next consecutive 8 bytes and go on printing each of the character of the message string in the textbox.

Continue this process till the length of the string is reached. Hence finally we get the hidden message from the received audio file into the provided textbox. Thus we have achieved the process of decoding a message from the audio file.

12

5. Encryption
5.1 Platform
Provided using: Java Cryptographic Extension (JCE) The Java Cryptography Extension (JCE) provides a framework and implementations for encryption, key generation and key agreement, and Message Authentication Code (MAC) algorithms. Support for encryption includes symmetric, asymmetric, block, and stream ciphers. The software also supports secure streams and sealed objects.

5.2 Algorithm Used

The project uses an encryption algorithm called Data Encryption Standard (DES). Whenever a text file is selected to be encoded in the Image or the Audio file, it is first encrypted using the DES Algorithm and then that file is sent to the receiver. The receiver in turn decrypts it using the same key, and thus gets the appropriate message. In a nutshell, the reason that we encrypt the message is : Cryptography + Steganography = Secure Steganography About DES: Fundamentally DES performs only two operations on its input, bit shifting, and bit substitution. The key controls exactly how this process works. By doing these operations repeatedly and in a nonlinear manner you end up with a result which cannot be used to retrieve the original without the key. DES works on 64 bits of data at a time. Each 64 bits of data is iterated on from 1 to 16 times (16 is the DES standard). For each iteration a 48 bit subset of the 56 bit key is fed into the encryption block represented by the dashed rectangle above. Decryption is the inverse of the encryption process. The "F" module shown in the

13

figure 5.1 is the heart of DES. It actually consists of several different transforms and non-linear substitutions.

Fig. 5.1: DES Implementation: Following are the steps to generate Secret keys and encryption: 1. Create an interface of the SecretKey interface. This interface contains no methods. Its only purpose is to group secret keys. 2. KeyGenerator Class: Class provides functionality of symmetric key generator. They are constructed using one of the getInstance class methods. 3. To generate key of the DES algorithm we use: KeyGenerator getInstance(String algorithm) method with KeyGenerator key=KeyGenerator.getInstance(DES).getInstance(); 4. The getInstance method generates a KeyGenerator object for the specified key algorithm from the specified provider. Some

14

of the standard algorithms available with Java Cryptography Architecture API Specification are: AES, DES, Blowfish, DESede, RSA.

15

6. User Manual
Steps to start the Encoding Process: Hit the Enter button on the slash screen.

Fig 6.1: HomeScreen Select the source/carrier file. o The supported files are JPEG, JPG, PNG, BMP in Image files o The supported files are WAV in Audio files

16

Fig 6.2: Selection for Image or Audio

Fig 6.3: Selection for Carrier File

17

If the user selects any other file type, an appropriate error Dialog is shown, and is redirected to the previous page. On successful carrier file selection, select the operations to be done on the carrier file. The operations supported are : o Encoding o Decoding

Fig 6.4: Encoding or Decoding On selecting ENCODING, the user is redirected to selection of the Source File. On selection of the source text file, it will be encrypted using the Encryption techniques and that file is ready to be sent to the receiver.

18

Fig 6.5: Selection of Text Message File

On selecting DECODING, the user is redirected to specify the output file. The user is asked to save the file on the destination machine.

19

Fig 6.6: Audio Module

20

7. Conclusion
7.1 Conclusion:
The project was completed successfully to build a tool called Hiding in Plain Sight. This tool can be used for hiding the text message in the image or the audio files. Also, the message that is sent can be encrypted, so as to support secure steganography. Regardless, the technology called steganography is easy to use and difficult to detect. The more that you know about its features and functionality, the more ahead you will be in the game.

7.2 Future Scope:

This module can be further extended to have support for the Video files. Currently, for encoding, we use this software and for transmission we use some other medium. So the current software can itself be used to transmit the files also. Currently , the length of the message file has some limitations for the Audio Steganography, so for the same, we can have support for a wider size of files. Can be implemented as a plugin to a web browser.

21

Appendix A : List of Illustrations

Figure No. 5.1 6.1 6.2 6.3 6.4 6.5 6.6 Figure Name DES Flowchart Home Screen Selection of Image or Audio Selection of Carrier File Encoding or Decoding Selection of Text Message File Audio Module

22

Appendix B : List of Acronyms

Acronym EOF JCE MAC JPG PNG WAV BMP Description End of File Java Cryptographic Extension Message Authentication Code Joint Photographic Group Portable Network Graphics Waveform Audio Format Bitmap

23

Appendix C : Bibliography
Books
Eric Cole, Hiding in Plain Text, Wiley Publishing,Inc. :2003 V. K. Pachghare, Cryptography and Information Security, Prentice-hall Of India Pvt Ltd

Papers
Natarajan Meghanathan and Lopamudra Nayak,Steganalysis Algorithms for Detecting the Hidden Information in Image, Audio and Video Cover Media, Jackson State University, 1400 Lynch St., Jackson, USA. Luis von Ahn and Nicholas, Steganography, Carnegie Mellon University, Pittsburgh, USA. Information and Computer Security Architecture (ICSA) Research Group, An Overview of Image Steganography, University of Pretoria, Pretoria, South Africa.

Websites
http://www.thenextwave.com/page19.html http://www.sarc-wv.com/news.aspx

24