College of Engineering, Pune Shivajinagar, Pune – 411005

Department of Computer Engineering and Information Technology

PROJECT REPORT ON

GUIDED BY

Prof. S. U. Ghumbre

Submitted By

Agrawal Deepti - 702001

Agrawal Nishant - 702002

Tumma Ashwin – 30808010

T. Y. B. Tech (Computer)

2

College of Engineering, Pune Shivajinagar, Pune – 411005

Department of Computer Engineering and Information Technology

CERTIFICATE

This is to certify that, this Project Report entitled

“Hiding in Plain Sight –

A Steganography Tool”

is a bonafide record of Project work carried out by

Agrawal Deepti (702001)

Agrawal Nishant (702002)

Tumma Ashwin (30808010)

As per partial fulfillment of the award of post graduate degree in

B.Tech. (Computer Engineering) during the academic year 2009-2010

Date:

Place: Pune

(Prof. S. U. Ghumbre) (Prof. A. A. Sawant)

Project Guide Head of Department

3

ACKNOWLEDGMENTS

The project would not have been successfully completed without

the wholehearted support of our guide Prof. S. U. Ghumbre Sir. He

always boosted our morals assiduously.

We thank Sir for his conception and encouragement during the

development of the project. He is a mentor who knew all answers. We

admire his infinite patience and understanding that he guided us in a

field we had no previous experience.

We would also like to thank our Head of Department,

Prof. A. A. Sawant and all other faculty members of Computer

Department have rendered us significant encouragement, in vigorous

support and continuous & kind guidance. We thank them all for their

invaluable guidance and other people who directly or indirectly

assisted us in the successful and timely completion of Hiding in Plain

Sight – A Steganography Tool.

Agrawal Deepti (702001)

Agrawal Nishant (702002)

Tumma Ashwin K. (30808010)

4

Abstract

Steganography is the art of hiding the fact that

communication is taking place, by hiding information in other

information. Many different carrier file formats can be used, but

digital images are the most popular because of their frequency

on the Internet. For hiding secret information in images, there

exists a large variety of steganographic techniques some are

more complex than others and all of them have respective

strong and weak points. Different applications have different

requirements of the steganography technique used. For

example, some applications may require absolute invisibility of

the secret information, while others require a larger secret

message to be hidden. This project intends to give an overview

of image steganography, its uses and techniques. It also

supports steganography in Audio files. For a more secure

approach, the project encrypts the message using secret key

and then sends it to the receiver. The receiver then decrypts the

message to get the original one.

5

CONTENTS

Chapter

No Name Page No

1

Steganography at Large 1.1 Introduction

1.2 Where hidden data hides 1.3 What does the project do

6

2 Software Support 2.1 Technical Details

8

3 On Image Steganography 3.1 Implementation

9

4 On Audio Steganography

4.1 Implementation 11

5 Encryption 5.1 Platform

5.2 Encryption Algorithm

13

6 User Manual 16

7 Conclusion 21

Appendix A

List of Illustrations 22

Appendix B

List of Acronyms 23

Appendix C

Bibliography 24

6

1. Steganography at Large

1.1 Introduction

Steganography derives from the Greek word steganos, meaning

covered or secret, and graphy (writing or drawing). On the simplest

level, steganography is hidden writing, whether it consists of invisible

ink on paper or copyright information hidden in an audio file.

Where cryptography scrambles a message into a code to obscure

its meaning, steganography hides the message entirely. These two

secret communication technologies can be used separately or

together—for example, by first encrypting a message, then hiding it in

another file for transmission. As the world becomes more anxious

about the use of any secret communication, and as regulations are

created by governments to limit uses of encryption, steganography’s

role is gaining prominence.

What Steganography essentially does is exploit human

perception, human senses are not trained to look for files that have

information hidden inside of them, although there are programs

available that can do what is called Steganalysis (Detecting use of

Steganography.) The most common use of Steganography is to hide a

file inside another file. When information or a file is hidden inside a

carrier file, the data is usually encrypted with a password.

1.2 Where Hidden Data hides?

It is possible to alter graphic or sound files slightly without losing

their overall viability for the viewer and listener. With audio, you can

use bits of file that contain sound not audible to the human ear. With

graphic images, you can remove redundant bits of color from the image

7

and still produce a picture that looks intact to human eye and is

difficult to discern from its original.

It is in those bits that stego hides its data. A stego program uses

an algorithm, to embed data in an image or sound file, and a password

scheme to allow you to retrieve information.

1.3 What does the project do?

- Hiding the text message in an image file or an audio WAV file.

- Encryption of the same message, so as to support more secure

steganography.

- The decoding of the message, decryption and source message

retrieval are also supported.

8

2. Software Support

Operating System :

Windows or GNU/Linux

Programming Language :

Java

NetBeans – 6.7.1 IDE

GUI : Swings

System Requirements:

JDK 1.4 or Higher.

Java being a platform independent language, the projects runs

on any platform.

9

3. Image Steganography

Implementation:

- Technical Details:

o Using java.awt.Image, ImageIO

o The package contains all the necessary classes and

methods along with interfaces that are necessary for the

manipulation of the images.

- The Encoding Process:

- The steganography technique used is LSB coding.

- The offset of the image is retrieved from its header.

- That offset is left as it is to preserve the integrity of the header,

and from the next byte, we start our encoding process.

- For encoding, we first take the input carrier file i.e. an image file

and then direct the user to the selection of the text file.

- Creation of User Space:

o User Space is created for preserving the original file, so

that all the modifications are done in the user space.

o In the object of BufferedImage, using ImageIO.read

method we take the original image.

o Using createGraphics and drawRenderedImage method of

Graphics class, we create our user space in

BufferedImage object.

- The text file is taken as input and separated in stream of bytes.

- Now, each bit of these bytes is encoded in the LSB of each next

pixel.

- And, finally we get the final image that contains the encoded

message and it is saved, at the specified path given by user, in

PNG format using ImageIO.write method.

- This completes the encoding process.

10

- The Decoding Process:

- The offset of the image is retrieved from its header.

- Create the user space using the same process as in the

Encoding.

- Using getRaster() and getDataBuffer() methods of Writable

Raster and DataBufferByte classes. The data of image is taken

into byte array.

- Using above byte array, the bit stream of original text file, is

retrieved into the another byte array.

- And above byte array is written into the decoded text file, which

leads to the original message.

11

4. Audio Steganography

Implementation:

- Technical Details:

o Using sun.audio package provided by SUN Microsystems.

The sun.audio package contains everything we need to be

able to play audio clips and everything related to the

manipulation of the audio files. The classes used are

AudioStream and AudioPlayer.

- The Encoding Process:

- The steganography technique used is LSB coding.

- The audio file consists of data in bytes.

- To encode the message, we first find the length of the string.

- The offset in the original file, from which the encoding process

must start is by default set to 500. This is done because, the

WAV file has a header in the initial offsets and if that header is

tampered with, the destination file will not be able to access its

header in the appropriate format.

- Encode that length which can be upto 256 characters into the

1st 8 bytes of the audio file. This will assist us in the decoding

process.

- Take each character from the message string, convert it into

byte and change the LSB of the next 8 bytes of the audio file as

per each of the bit of the character type.

- Repeat the same procedure till the message string gets

exhausted.

- Thus on writing byte after byte to the new file, we get a new

audio file ―output.wav‖ having message hidden into it which can

be sent to the receiver without any fear of eavesdropper.

12

- The Decoding Process:

- the audio file ―output.wav‖ which has the message hidden into

it.

- Select From the offset that was specified at the sending side(i.e.

500) , take the LSB of the next 8 bytes to get the length of the

message (that was encoded in the first 8 bytes from the given

offset) which will help us to get the encoding message only from

the next 8 * length bytes of audio file.

- Create a byte from the LSB of the next consecutive 8 bytes and

go on printing each of the character of the message string in

the textbox.

- Continue this process till the length of the string is reached.

- Hence finally we get the hidden message from the received audio

file into the provided textbox.

- Thus we have achieved the process of decoding a message from

the audio file.

13

5. Encryption

5.1 Platform

Provided using: Java Cryptographic Extension (JCE)

The Java Cryptography Extension (JCE) provides a framework

and implementations for encryption, key generation and key

agreement, and Message Authentication Code (MAC) algorithms.

Support for encryption includes symmetric, asymmetric, block, and

stream ciphers. The software also supports secure streams and sealed

objects.

5.2 Algorithm Used

The project uses an encryption algorithm called Data

Encryption Standard (DES). Whenever a text file is selected to be

encoded in the Image or the Audio file, it is first encrypted using the

DES Algorithm and then that file is sent to the receiver. The receiver

in turn decrypts it using the same key, and thus gets the appropriate

message. In a nutshell, the reason that we encrypt the message is :

Cryptography + Steganography = Secure Steganography

About DES:

Fundamentally DES performs only two operations on its input,

bit shifting, and bit substitution. The key controls exactly how this

process works. By doing these operations repeatedly and in a non-

linear manner you end up with a result which cannot be used to

retrieve the original without the key.

DES works on 64 bits of data at a time. Each 64 bits of data is

iterated on from 1 to 16 times (16 is the DES standard). For each

iteration a 48 bit subset of the 56 bit key is fed into the encryption

block represented by the dashed rectangle above. Decryption is the

inverse of the encryption process. The "F" module shown in the

14

figure 5.1 is the heart of DES. It actually consists of several different

transforms and non-linear substitutions.

Fig. 5.1: DES

Implementation:

Following are the steps to generate Secret keys and encryption:

1. Create an interface of the SecretKey interface. This interface

contains no methods. Its only purpose is to group secret

keys.

2. KeyGenerator Class: Class provides functionality of

symmetric key generator. They are constructed using one of

the getInstance class methods.

3. To generate key of the DES algorithm we use:

KeyGenerator getInstance(String algorithm) method with

KeyGenerator

key=KeyGenerator.getInstance(―DES‖).getInstance();

4. The getInstance method generates a KeyGenerator object for

the specified key algorithm from the specified provider. Some

15

of the standard algorithms available with Java Cryptography

Architecture API Specification are:

AES, DES, Blowfish, DESede, RSA.

16

6. User Manual

Steps to start the Encoding Process:

- Hit the Enter button on the slash screen.

Fig 6.1: HomeScreen

- Select the source/carrier file.

o The supported files are JPEG, JPG, PNG, BMP in Image

files

o The supported files are WAV in Audio files

17

Fig 6.2: Selection for Image or Audio

Fig 6.3: Selection for Carrier File

18

- If the user selects any other file type, an appropriate error

Dialog is shown, and is redirected to the previous page.

- On successful carrier file selection, select the operations to be

done on the carrier file. The operations supported are :

o Encoding

o Decoding

Fig 6.4: Encoding or Decoding

- On selecting ENCODING, the user is redirected to selection of

the Source File. On selection of the source text file, it will be

encrypted using the Encryption techniques and that file is ready

to be sent to the receiver.

19

- Fig 6.5: Selection of Text Message File

-

- On selecting DECODING, the user is redirected to specify the

output file. The user is asked to save the file on the destination

machine.

20

Fig 6.6: Audio Module

21

7. Conclusion 7.1 Conclusion: The project was completed successfully to build a tool called –

Hiding in Plain Sight. This tool can be used for hiding the text

message in the image or the audio files. Also, the message that is sent

can be encrypted, so as to support secure steganography. Regardless,

the technology called steganography is easy to use and difficult to

detect. The more that you know about its features and functionality,

the more ahead you will be in the game.

7.2 Future Scope:

This module can be further extended to have support for the

Video files.

Currently, for encoding, we use this software and for

transmission we use some other medium. So the current

software can itself be used to transmit the files also.

Currently , the length of the message file has some limitations

for the Audio Steganography, so for the same, we can have

support for a wider size of files.

Can be implemented as a plugin to a web browser.

22

Appendix A : List of Illustrations

Figure No. Figure Name

5.1 DES Flowchart

6.1 Home Screen

6.2 Selection of Image or Audio

6.3 Selection of Carrier File

6.4 Encoding or Decoding

6.5 Selection of Text Message File

6.6 Audio Module

23

Appendix B : List of Acronyms

Acronym Description

EOF End of File

JCE Java Cryptographic Extension

MAC Message Authentication Code

JPG Joint Photographic Group

PNG Portable Network Graphics

WAV Waveform Audio Format

BMP Bitmap

24

Appendix C : Bibliography Books

Eric Cole, Hiding in Plain Text, Wiley Publishing,Inc. :2003

V. K. Pachghare, Cryptography and Information Security, Prentice-hall Of India Pvt Ltd

Papers

Natarajan Meghanathan and Lopamudra Nayak,Steganalysis Algorithms for Detecting the Hidden Information in Image, Audio and Video Cover Media, Jackson State University, 1400 Lynch St., Jackson, USA.

Luis von Ahn and Nicholas, Steganography, Carnegie Mellon

University, Pittsburgh, USA. Information and Computer Security Architecture (ICSA)

Research Group, An Overview of Image Steganography, University of Pretoria, Pretoria, South Africa.

Websites

http://www.thenextwave.com/page19.html

http://www.sarc-wv.com/news.aspx