NAME : AHSAN AHMED KHAN

REGISTRATION # : BSCS/01-17/M019

COURSE : DATA NETWORK & SECURITY

COURSE INSTRUCTOR : SIR JABIR

ASSIGNMENT NO : FINAL EXAM
Historical & Modern Techniques of Steganography and Cryptography:
Both cryptography and steganography had been used in ancient times till now to hide messages from
unauthorized People, sensitivity of the matter and / or for security purposes. Below are described the
ancient and modern techniques of using both.

Steganography:
“The practice of concealing messages or information within other non-secret text or data.”

A Brief History:

In ancient times people have been interested in hiding messages. The first recording of
steganography was that the King Darius of Susa shaved the head of one of his slaves and wrote a secret
message on his scalp. When the slave’s hair grew back, he was sent to the Kings son in law Aristogoras in
Miletus undetected. The second recording claimed that a solider named Demeratus needed to send a
message to Sparta that Xerxes intended to invade Greece. Back then, writing medium was text written
on wax-covered tablets. Demeratus removed the wax from tablet, wrote the secret message on the
tablet and applied back the on tablet and sent the document without being detected.

The romans used invisible inks, which were based on natural substances such as fruit
juices and milk. This was accomplished by heating the substance at the hidden text spot, thus revealing
its contents. Invisible inks have become much more advance and are still in use today.

During the 15th and 16th centuries, many writers wrote on steganographic techniques
such as coding techniques for text, invisible inks, and incorporating hidden messages in music.

During the WWI and WWII, significant advancements in steganography took place.

Through the concepts such as image substitution and microdot (taking data such as pictures and
reducing it to the size of a large period on a piece of paper) were introduced and embraced as great
steganographic techniques.

In the digital world of today, namely from 1992-present date, Steganography is being
used all over the world on computer systems, smartphones, applications, networks, etc. and many tools
and technologies have been created that take advantage of old steganographic techniques such as
coding in images, audio, video and microdot. With the research this topic is now getting we will see a lot
of great applications for steganography in the near future.

Modern Techniques:

The most common form of steganography used today hides a file within an image file on
computers. The hidden files are encoded in least significant bits of the vales encoding the color of each
pixel of the image. Changing the least significant bits changes the appearance of the image very slightly,
and is not perceptible to the naked eye. If the change is detectable at all, the colors will look a little off
as if the image was taken from a low quality camera in poor light. A similar method can be used to
conceal data in sound files since the human ear is limited in its ability to differentiate different, similar
frequencies (in the range of frequencies it can detect).
 Original image on top, followed by hiding a message using least significant bits of the pixel values (1 and 2-bit)

Another modern stenographic scheme involves concealing pictures within a video file. As the human eye
is able to see 1000 frames per second, if a video is running at 3000 frames per second and every third
frame is a hidden image then the hidden images would not be visible. However, an unlucky pause of the
video or examination of the frames as images may reveal the hidden pictures.

Steganography tools:

A variety of tools have been created to use steganography for hiding files within other
on computers. These tools can be classified into image, audio, and / or network steganography tools.
Some tools are defined below:

i. Xiao Steganography:
It is a hybrid steganography tool that allows users to hide files within an image
(BMP) or audio (WAV) files. It also allows users to encrypt the hidden file with a
variety of supported algorithms and hashing algorithms. The user then provides
a carrier file, the file to hide within, a choice of encryption algorithm, and a
secret key (for extraction process).
ii. SSuite Picsel:
It takes a different approach by rather than providing a single carrier image, the
user provides second image (key image). The key image is necessary for
extracting the hidden text file from the carrier image.
 iii. Steghide:
It is capable of hiding data in image or audio files and runs on command line. It
usage benefit is that it does not changes the color-respective samples.
iv. Open Puff:
It allows users to conceal files in image, audio, video, or flash files.
v. Camouflage:
It is a unique file among all of the tools as it allows users to hide any type of file
within any other file with encryption.
vi. Netcross:
It is used for establishing covert IP channels across network perimeters with
strong firewall rules.

Cryptography:
“The process of converting ordinary plain text into unintelligible text and vice-versa. It is a method of
storing and transmitting data in a particular form so that only those for whom it is intended can read
and process it.”

This method is the art of secret writing, which is used to encrypt the plaintext with the key into
ciphertext to be transferred between parties on an insecure channel. Using a valid key, the ciphertext
can be decrypted to original plaintext. Cryptography plays an essential role in many factors required for
secure communication across an insecure channel, like: confidentiality, privacy, non-repudiation, key
exchange, and authentication.

Brief History:

It is one of the most used traditional methods used to guarantee the privacy of
communication between two or more persons. Julius Caesar was known to use a form of encryption to
convey secret messages to his army generals posted in war fronts. Known as Caesar Cipher this is
perhaps the most mentioned historic cipher in the academic literature. It is an algorithm used to encrypt
/ decrypt secret messages. In a substitution cipher, each character of the plain text (plain text is the
message which has to be encrypted) is substituted by another character to form the cipher text (cipher
text is the encrypted message). The variant used by Caesar was a shift by 3 cipher. Each character was
shifted by 3 places, so the character 'A' was replaced by 'D', 'B' was replaced by 'E', and so on.
The characters would wrap around at the end, so 'X' would be replaced by 'A'.
 It was easy to see that such ciphers depend on the secrecy of the system and not on the
encryption key. Therefore, once the system is known, these encrypted messages can easily be
decrypted. In fact, substitution ciphers can be broken by using the frequency of letters in the language.

During the 16th century, Vigenere designed a cipher that was supposedly the first cipher
which used an encryption key. In one of his ciphers, the encryption key was repeated multiple times
spanning the entire message, and then the cipher text was produced by adding the message character
with the key character modulo 26. But same as the Caesar cipher Vigenere Cipher can also be broken
but he brought an excellent idea by applying an encryption key to it. By comparing it to the Caesar
cipher it depends on secrecy of the Key, rather than the secrecy of the system.

In 1918-20, Enigma machine was invented at Germany by Nazis towards the end of 1st
World War to encrypt their transmissions and were adopted by various militaries around the world.
During the Second World War, different military services developed their own encryption keys that were
being changed daily. The brunt of deciphering work was conducted by Polish code breakers and
famously, Alan Turing and his team at Bletchley Park with their Bombe Enigma Cracking Machine.

Modern Techniques:

Modern cryptography mainly operates on binary bit sequences, and it relies on publicly
known mathematical algorithms for coding through a secret key which acts as a seed for the algorithms.
The complexity and computational difficulty of algorithms and absence of secret key makes it impossible
for an attacker to obtain original information even if he knows the coding algorithm. It requires who are
interested in secure communication to obtain and keep the secret key only. The primary objective of
using cryptography is to provide the following four fundamental information security services.

i. Confidentiality:
Confidentiality is the fundamental security service provided by cryptography. It
is a security service that keeps the information from an unauthorized person
safe. It can be achieved through numerous means starting from physical
securing to the use of mathematical algorithms for data encryption.
ii. Data Integrity:
It is security service that deals with identifying any alteration to the data. The
data may get modified by an unauthorized entity intentionally or accidently.
Integrity service confirms that whether the data is intact or not since it was last
created, transmitted, or stored by an authorized user. It cannot prevent the
 alteration of data, but provides a means for detecting whether data has been
manipulated in an unauthorized manner.

iii. Authentication:
It provides the identification of the originality of the document. It confirms to
the receiver that the data received has been sent only by an identified and
verified sender.
This service has two variants:
 Message authentication identifies the originality of the message
without any regard router or system that has sent the message.
 Entity authentication is assurance that data has been received from a
specific entity, say a particular website.
It may also provide assurance about other parameters related to data such as
the date and time of creation/transmission.
iv. Non-repudiation:
It is a security service that ensures that an entity cannot refuse the ownership of
a previous commitment or an action. It is an assurance that the original creator
of the data cannot deny the creation or transmission of the said data to a
recipient or third party.
It is a property that is most desirable in situations where there are chances of a
dispute over the exchange of data.
For example, once an order is placed electronically, a purchaser cannot deny the
purchase order, if this service is enabled in this transaction.

The following table shows the primitives of cryptography:

References:
 https://www.sans.org/reading-room/whitepapers/stenganography/paper/552
 https://www.sans.org/reading-room/whitepapers/stenganography/steganography-past-
present-future-552
 https://d1wqtxts1xzle7.cloudfront.net/42820217/42777a479e0987773f96bdb6d639bb17.pdf?1
455846936=&response-content-
disposition=inline%3B+filename%3DCombining_Steganography_and_Cryptography.pdf&Expires
=1593848403&Signature=SPhFaIYFixsRMlbjFMLKrdI5O41jX8x69HJ1BCeoqM3JL7l5bJB9xlu3fNDI
qBopLZNec2mMfkW3Lfst9XmyVt6clJkOSQjoU1G4mE8re2GrYP9y0QNUyRcnaZt07U1J3QI8J07Dp
usKtW2voYyIFWhFN~dccGpDkI-
M2mH1OWup1mZijWHoVVZm9ah2r8D63OTJyjml7hqIQFdmCZQse8v9tO-f1iSR86vED-
pK02AmDwBO4gA9YpeSrkSgLqTtVk3wkVHi11hJF2W5ximvPcYoPQ~2DeHfvxMuQtwJLShouzEws
Mprz35vLMkZM0OoTmOxScZV6sHrSp5A-1ffrQ__&Key-Pair-Id=APKAJLOHF5GGSLRBV4ZA
 https://d1wqtxts1xzle7.cloudfront.net/31925225/detailed-steganographic-techniques-open-
systems-environment_677.pdf?1379725024=&response-content-
disposition=inline%3B+filename%3Ddetailed_steganographic_techniques_open.pdf&Expires=15
93848406&Signature=gvUTCiVMEO251NzUJhQfPlUI4RQEhBk9oI8370~eGcpleNUTPTelVlQF1SILK
o2B2WqezkxtuxD6FdfWmEpqvaMPPAvK85JXdRT-
efyt839cOF6FLj41ik5prPqt1dqydnqCqNaaH4~xU9QYj6IVCsRur6nK80VJiXy82~zmhWPViCrMZVtG
mAofGCh-
JOfyUiVa6nKoUO4WUpZBGwTihTpANmRcvvzEdtIRwq3Tso96vXMRcDlexQqMoFYI64ibYepVkacB
6jdQ8UtshY1ssclTdMrm2wW76PT2Ki4LKogIW5GvgCFqB1hJnPitHS4J-
0LilpcBNto6~mtX3eUmaQ__&Key-Pair-Id=APKAJLOHF5GGSLRBV4ZA
 https://www.commonlounge.com/discussion/4bc16dbc2c7145ff87ad0f0d5401a242
 https://www.giac.org/paper/gsec/2760/current-steganography-tools-methods/104695
 https://www.researchgate.net/publication/322077813_Cryptography_and_Steganography_Ne
w_Approach/link/5a4370dca6fdcce19716aa7e/download
 https://www.laits.utexas.edu/~anorman/BUS.FOR/course.mat/SSim/history.html
 https://www.garykessler.net/library/crypto.html
 https://www.tutorialspoint.com/cryptography/modern_cryptography.htm
 https://www.garykessler.net/library/crypto.html
 https://interestingengineering.com/11-cryptographic-methods-that-marked-history-from-the-
caesar-cipher-to-enigma-code-and-beyond
 https://access.redhat.com/blogs/766093/posts/1976023
 https://www.laits.utexas.edu/~anorman/BUS.FOR/course.mat/SSim/history.html
 https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&cad=rja&uact=8&ved=
2ahUKEwiq_N-
v0rPqAhUI4YUKHeyIBkEQFjAJegQIAhAB&url=https%3A%2F%2Ffanyv88.com%3A443%2Fhttps%2Feconomictimes.indiatimes.com%
2Fdefinition%2Fcryptography&usg=AOvVaw0O2eZ7L4t9geXa70aMsWRk