See discussions, stats, and author profiles for this publication at: https://www.researchgate.

net/publication/301634710

A Novel Cryptographic and Steganographic Approach for Secure Cloud Data

Migration

Conference Paper · October 2015

DOI: 10.1109/ICGCIoT.2015.7380486

CITATIONS READS
7 221

2 authors, including:

Ankit Dhamija
Amity University
10 PUBLICATIONS   9 CITATIONS   

SEE PROFILE

Some of the authors of this publication are also working on these related projects:

A Novel Cryptographic and Steganographic Approach for Secure Cloud Data Migration View project

All content following this page was uploaded by Ankit Dhamija on 26 April 2016.

The user has requested enhancement of the downloaded file.

 A Novel Cryptographic and Steganographic
Approach for Secure Cloud Data Migration
Ankit Dhamija, Research Scholar, School of Computer & System Sciences, Jaipur National University, Jaipur, dhamija.ankit@gmail.com
Prof (Dr) Vijay Dhaka, HOD & Professor, School of Computer & System Sciences, Jaipur National University, Jaipur
Vijaypal.dhaka@gmail.com
Abstract—The flexibility to store unlimited data without any worry
about storage limitations available at our disposal and the freedom to
use it as and when required from anywhere in the world makes cloud
computing the most preferred technology & platform to store and
transfer data. Organizations and individual users are now very much
comfortable to let their all-important data and software reside on the
cloud servers and make themselves free from all the concerns of
storage and security. However, every flexibility or benefits comes at
a price and cloud computing too is not an exception. The threat of
user’s privacy, data confidentiality & integrity and data safety are
always looming around. Among all of these, the secure transfer of
data from organization’s premises to the cloud servers is of utmost
importance. So many encryption techniques and algorithms have
been proposed by researchers in recent times to move data securely
from their end to the servers.
In this research paper, we propose a design for cloud architecture
which ensures secure data transmission from the client’s organization
to the servers of the Cloud Service provider (CSP). We have used a
combined approach of cryptography and steganography because it
will provide a two way security to the data being transmitted on the
network. First, the data gets converted into a coded format through
the use of encryption algorithm and then this coded format data is
again converted into a rough image through the use of steganography.
Moreover, steganography also hides the existence of the message,
thereby ensuring that the chances of data being tampered are
minimal.
Keywords—cryptography; steganography; cloud; encryption;
private; key; stego; compliment;
I. INTRODUCTION
Cloud platform offers a plethora of services, concepts and
applications such as storage, processing power, virtualization,
connectivity and sharing. It allows users to have access to
applications delivered as a service from the internet as well as
the hardware and system software in the data centers that
provide such services. No doubt, with so many benefits and
plus points, cloud is here to stay and to grow even further in
the coming time but as it happens with every good thing, there
are issues with cloud too. The user’s privacy and ensuring
secure data migration of their most valuable data is one of the
major challenges among the list of challenges being posed by
the cloud platforms. Then, other issues like data integrity, data
location and relocation, data availability and the issues related
to storage, backup and recovery are also there which are no
less than the major issue cited above. When it comes to
adopting the cloud platform, all such concerns become huge
978-1-4673-7910-6/15/$31.00 2015
c IEEE
issues and it act as a hindrance and it force people to thing
again and again over the decision to move their data and adopt
the cloud platform or not.
However, to deal with the major issue of secure data migration
to the cloud servers, the users expect that cloud service
providers provide them a guarantee that while the data is in
transit from their organizations on to the cloud servers, its
confidentiality and integrity won’t be compromised and their
data will get transferred securely. To ensure such high level of
data security, the Cloud Service Providers generally use the
process of cryptography.
Cryptography is a method of storing and transmitting data in a
particular form so that only those for whom it is intended can
read and process it. The term is most often associated with
scrambling plaintext (ordinary text, sometimes referred to as
clear text) into cipher text (a process called encryption), then
back again (known as decryption).There are various flavors of
Cryptography: symmetric key cryptography, which makes use
of a single key by both sender and receiver, and asymmetric or
public key cryptography systems in which both sender and
receiver uses two keys: private key that is known to self only
and public key that is made public and is known to everyone.
The message is encrypted using the intended receiver’s public
key and sent across the network and the intended receiver
decrypts the message using their own private key. A lot of
data encryption algorithms are available and proposed by
researchers with variations. Each of the algorithms has their
pros and cons. However, in complex systems like cloud,
where data needs to reside at different geographic locations,
across various data centers and may be shared by different
service providers, securing data with only cryptography
approach might not serve the purpose of data security as
cryptography might provoke suspicion on the part of the
recipient and cryptography cannot hide the existence of data
from being transmitted on the network.
Another technique that can help in this situation is
Steganography which ensure that the existence of data remains
hidden. It hides the message so there is no knowledge of the
existence of the message in the first place. It is defined as the
art and science of sending hidden messages in such a way that
no one else, apart from the intended recipient knows the
message’s existence. The message’s text can be hidden into
another media type file such as image, text, sound or video.
346
For a secure data transmission from the organization’s
premises on to the cloud service provider’s data centres,
located at various locations geographically, we need a blended
approach of cryptography and steganography because both of
them complement each other and they prove to be a very
secure data migration approach when used in a combined
manner. At first instance, cryptography comes into picture by
converting data into coded format to be travelled on the
network and then steganography ensure that this coded and
converted data travels on the network in an anonymous form
so that it cannot be seen or look unimportant during
transmission.
Both of the techniques will fail, if used without each other [1].
Cryptography fails when the intruder on the network is able to
decrypt the message and Steganography fails when the
intruder detects that something secret message is present in
another media file as a cover. So a combined approach of both
the techniques is essential for ensuring a secure data
transmission in such an unsafe and open network environment.
In this paper, the authors propose a single approach which is a
blend of cryptography and steganography that ensure stronger
security to the data while transmission. The rest of the paper is
organized as follows: The second section will talk about the
related work and literature studied and the shortcomings
found. The third section proposes the author’s work. Fourth
section compares the author’s work with the work already
done and the fifth section provides the conclusion.
II. RELATED WORK
There has been a continuous rise in the number of data
security threats in the recent past and it has become a matter of
concern for the security experts. Cryptography and
steganography are the best techniques to nullify this threat.
The researchers today are proposing a blended approach of
both of these techniques because higher level of security is
achieved when both techniques are used together. [2].
Usha et al., [3] proposed an encrypting technique by
combining cryptography and steganography techniques with
data hiding. So the message gets encrypted twice instead of
using a single level of data encryption. Conventional
techniques have been used for this purpose. Then the coded
data or cipher text remains hidden inside the image in the
encrypted format for further use. It uses a reference matrix for
the selection of passwords depending on the properties of the
image.
Bharti and Soni [4] proposed a novel scheme based on
steganography and cryptography to embed data in color
images. This method shows its larger capacity for hiding data
than other methods without loss of imperceptibility integer
wavelet transform and Genetic algorithm. The method is very
efficient, especially when applied to those images whose
pixels are scattered homogeneously and for small data.
Marwaha and Paresh [5] used traditional cryptographic
techniques to achieve data encryption and visual
steganography algorithms have been used to hide the
encrypted data. Multiple cryptography proposed where the
2015 International Conference on Green Computing and Internet of Things (ICGCIoT)
data was encrypted into a cipher and the cipher will be hidden
into a multimedia image file in the encrypted format.
Umamaheswari [6] compress the secret message, encrypt it by
the receiver’s public key along with the stego key, and embed
both messages in a carrier using an embedding algorithm.
Kandar, and Maiti [7] proposed a technique of well-known k-n
secret sharing for color images using a variable length key
with share division using random numbers.
Bairagi [8] describes how such an even-odd encryption based
on ASCII value is applied and how encrypted message
converting by using Gray code and embedding of picture that
can secure the message and thus makes cryptanalyst’s job
difficult.
Sharma & Kumar [9] proposed a steganographic algorithm
that is used to hide text file inside an image. In order to
increase/ maximize the storage capacity, they have used a
compression algorithm that compresses the data to be
embedded. The compression algorithm works in a range of
1bit to 8 bits per pixel ratio. By applying this algorithm they
had developed an application that would help users to
efficiently hide the data.
Vishwakarma et al [10] proposed techniques for Information
hiding and image compression using proposed efficient
encoding technique with the main focus being on hiding in the
spatial domain. Three information hiding methods are
proposed based on the encoding technique.
Challita and Farhat[11] proposed two techniques to embed the
secret message in the cover object without modifying it; and
embedding the secret message in more than one cover object.
All the methods proposed above uses any established
algorithm for data encryption which are already known.
Therefore, we thought of using a simple approach of data
encryption using one’s complement method and ASCII values
and LSB method for steganography.
III. PROPOSED SOLUTION ARCHITECTURE
In this section, we propose our architecture which we call as
SCMACS (Secure Cloud Migration Architecture using
Cryptography and Steganography) At first, we’ll present a
block diagram of the architecture which will depict the basic
functionality of our approach. Then, we’ll propose a sequence
diagram that focuses on displaying the internal working of the
components of the block diagram. Finally, in the last part, we
explain the detailed technical methodology for cryptography
and steganography.
347
Figure 1 depicts the basic block diagram of SCMACS where
the functionality of client transferring data to the Cloud
Service Provider’s website is shown. This is explained in the
following steps:
STEP1: Client or Sender choose a CSP, subscribes to a plan
offered by it and creates his account on their website.
STEP2: Client selects data to be uploaded on the CSP’s
website.
STEP3: The CSP server performs a three step process before
finally uploading the data on its servers:
a. It performs data encryption, i.e. it converts the
original data files of clients into a secret coded
format using a strict encryption algorithm.
b. Now, this coded data is put behind a stego object
and a stego image is created which hides the
existence of anything sensitive travelling on the
network.
Figure 2 above shows the sequence diagram where
we have categorized the cryptography process into encryption
and decryption part and in between these, the steganography
works. We propose to use symmetric key cryptography or
Private Key Cryptography in the approach where both sender
and the receiver share a common secret key. The beauty of
348 2015 International Conference on Green Computing and Internet of Things (ICGCIoT)
c. This double layered protected client’s data now
gets uploaded on CSP servers.
STEP 4: When client is required to use/access the data, the
reverse process is performed. Firstly, the stego object is
removed from the stego image and the data comes in the
encrypted form.
STEP5 : Client use his credentials provided by the CSP to
decrypt the data.
STEP6: Data is downloaded to the client.
this approach is that the value of this Private Key will not
remain static or constant all the time, it will be different or
dynamic for every calculation and thus, it proves to be a
secure method of performing cryptography. The sender and
receiver both agree on using a common Private Key. The
sender, while sending the secret message encrypts the message
using commonly agreed Privatekey. The message now gets
encrypted and then, through the use of a cover image, the
encrypted message or data is hidden behind that cover image
which we call now a stego image. This stego image travels
across the network and on the receiving side; the actual
receiver firstly removes the cover image from the stego image
and then again uses the commonly agreedPrivate Key to bring
back the message in its original form.
Encryption approach
As the first step is to encrypt the user’s confidential
data files, we present here our data encryption approach. Here,
we have used a very simple yet effective approach of
encrypting data using ASCII codes and 1’s complement of
binary values. The approach goes like this:
1. Take any data file to be transmitted across the
network on to the cloud servers.
2. Whatever the data may be, a character, numbers or
any special symbols... Convert each of them in 8 bit
binary.
3. Now, considering first 8 bits as a group, perform 1’s
complement, take next 8 bits as second group and
perform its 1’s complement and keep on performing the
same operation till the groups of 8 bits are finished.
So, as we saw from the above table that gave us a row by row
explanation to each step of the encryption approach mentioned
above, the word “Hello” gets encrypted as “o5ll!”
The full sentence “Hello how are you? will be encrypted as
o5’’!7/!DC17=ESC57CR’NAKu..
Similarly, all the words in the secret message or plaintext can
be converted into ciphertext or encrypted code which will be a
very complex jumbled mesh of alphabets, characters and
special symbols and would be very difficult for intruders on
the network to crack.
2015 International Conference on Green Computing and Internet of Things (ICGCIoT)
4. For each group of 8 bits, perform a binary subtraction
operation. i.e, subtract the 1’s complemented value
from the original group of 8 bits.
5. We’ll get new values for each 8 bit pair where the
Least Significant bit may be a 0 or 1. Where it is 0,
ignore it and consider rest of the bits and find out its
decimal no. Where it is 1, consider all the bits as
relevant and find its decimal no too.
6. Refer to the ASCII codes (American Standard Code
for information Interchange) for each of the values and
those ASCII values will make a jumbled set of
characters, numbers and special symbols that is
unreadable.
7. This scrambled data becomes our ciphertext and
encryption process is completed.
Example supporting the encryption approach
Consider the following statement as an example data/secret
message to be sent:
Hello how are you?
We will use the first word “Hello” as an input data to
demonstrate the approach
As a first step, we need to convert every character, number or
any special symbol into their binary values. To do this, we
must know the ASCII values of each. So as per the ASCII
codes:
Thus, with this, our encryption part is finished. Now we shall
proceed towards the steganography approach.
Steganography approach.
We propose the use of LSB (Least Significant Bit) method.
The least significant bit (LSB) is the bit that when flipped
from 0 to 1 or from 1 to 0, then no significant change will
occur on the total value. It's the bit on the rightmost, that when
flipped, the value will be severely affected. When we try to
hide our data in an image (as in our case), then we need
349
enough budget of LSBs to hide our data in. These bits are
located in the image pixels. Since each pixel has three
elements (R, G, and B that represent the Red, Green, and Blue
elements of the pixel consecutively, assuming non-transparent
image), each of these elements can have a value between 0
and 255. Now, assuming that the image which we want to use
is of 300 pixels width by 400 pixels height, then we'll have
300 x 400 x 3 = 360000 LSBs. And as each character can be
represented by 8 bits, then that image can hide 360000 / 8 =
45000 characters.
Step by Step
1. Hiding the text inside the image
x Loop through the pixels of the image. In each
iteration, get the RGB values separated each in a
separate integer.
x For each of R, G, and B, make the LSB equals to 0.
These bits will be used in hiding characters.
x Get the current character and convert it to integer.
Then hide its 8 bits in R1, G1, B1, R2, G2, B2, R3,
G3, where the numbers refer to the numbers of the
pixels. In each LSB of these elements (from R1 to
G3), hide the bits of the character consecutively.
x When the 8 bits of the character are processed,
jump to the next character, and repeat the process
until the whole text is processed.
x The text can be hidden in a small part of the image
according to the length of that text. So, there must
be something to indicate that here we reached the
end of the text. The indicator is simply 8
consecutive zeros. This will be needed when
extracting the text from the image.
2. Extracting the text from the image
(00100110 11001001 11101001)
(11001001 00100111 11101001)
In this case, five bits are needed to be changed to insert the
character ‘o’ successfully. These changed bits are too small to
be recognized by human eye, so the message gets effectively
hidden.
Similarly, other data bits can be embedded in an image and
made to travel across the network, unnoticed and
uninterrupted.
Steganography using software-Hide In picture
Hide In Picture is a program that allows you to conceal files
inside bitmap pictures, using a password. The pictures look
like normal images, so people will not suspect there is hidden
data in them. Below is the demonstration of the software in
pics. Figure 3 is the home page of the software where we click
on the icon under File Menu to select an image. Figure 4
displays the different icons under Image where we can upload
a data file to be hidden in the image. In figure 5, we are asked
to set encrypted passwords for further security of the data file.
Figure 3: Main window of HiP

It's simpler than hiding. Just pass through the pixels

of the image until you find 8 consecutive zeros. As
we are passing, pick the LSB from each pixel
element (R, G, B) and attach it into an empty value.
When the 8 bits of this value are done, convert it
back to character, and then add that character to the Figure 4: Image uploading using HiS
result text we are seeking.

Steganography Example with LSB

We’ll continue with our previous example where we used the
word “Hello” for encryption and whose encrypted cipher text
was o5’’!
As an example, we’ll take the first character o to put in a stego
image. For this, we consider the following grid as 3 pixels of a
24-bit color image:
(00100111 11101001 11001000)
(00100111 11001000 11101001)
(11001000 00100111 11101001)
When the character ‘o’ whose binary value equals to
01101111, is inserted, the following grid results:
Figure 5: Encryption option in HiP
(00100110 11101001 11001001)

350 2015 International Conference on Green Computing and Internet of Things (ICGCIoT)
 Decryption Approach
After the stego image is removed, the client’s secret data is in
the ciphertext form. To decrypt it and bring back in the
plaintext form, we need to follow the following approach:
1. Take the data- an alphabet, number or any special
symbol, find its ASCII value and convert it into its
binary equivalent.
2. Use the Private Key i.e. the 1’s complemented value
of the original plaintext and subtract this binary
equivalent value that has just been calculated.
3. The resultant value is the binary equivalent of the
original plaintext. Now, convert it into the decimal
form and refer to the ASCII table, it will be the same
alphabet, number or any special symbol that was
submitted originally.
Example to demonstrate the decryption process
We’ll take the same “Hello” example. Its encrypted form was
“o5ll!”
Table 2: The Decryption Process
Thus, “o5ll!” is now again brought back to “Hello”, the
plaintext. Similarly, all other data can be encrypted and
decrypted using this approach.
IV. BENEFITS OF THE PROPOSED APPROACH
The proposed approach provides a secure way of migrating
data on to the cloud servers. It makes use of cryptography and
steganography techniques which provide a multilayered
protection to the client’s sensitive data files. For
Cryptography, it uses the symmetric approach which is not
much costly when compared to the Asymmetric approach. It
also takes dynamic values every time for calculations which
make it even better. For Steganography, it uses LSB method
of embedding bits in the pixel elements of the image.
2015 International Conference on Green Computing and Internet of Things (ICGCIoT)
View publication stats
V. CONCLUSION
In this paper, we proposed an innovative approach to migrate
data on cloud servers through the combined use of
cryptography and steganography. In cryptography process, we
make use of very simple yet effective technique for data
encryption using one’s complement method which we called
as SCMACS. It used symmetric key method where both
sender and receiver share the same key for encryption and
decryption. The strength of the approach lies in the fact that
the symmetric key method generates a dynamic value for the
private Key which makes it very safe because no one can have
the private key and even some one gain access to it, it gets
changed for each data that needs to be transferred. In
Steganography part, we used the LSB method that is used and
mostly preferred. As for future work, we’ll put efforts in
implementation part of this approach and will try to make
comparison of our approach with similar other approaches
proposed by fellow researchers.
VI. REFERENCES
[1] Abdulzahra H et al, “Combining Cryptography and
Steganography for Data Hiding in Images” ACACOS, Applied
Computational Science ISBN 978-960-474-368-1
[2] Sherekar et al, Critical Review of Perceptual Models for Data
Authentication,Emerging Trends in Engineeringand Technology
(ICETET)2nd International
Conference, 2009, pp. 323-329. IEEE.
[3] Usha, S., Kumar, G. A. S., and Boopathybagan, K., A secure
triple level encryption method using cryptography and
steganography, Computer Science and Network
Technology(ICCSNT), International Conference, Vol.2, No.2.11,
2011 ,pp. 1017-1020.IEEE.
[4] Bharti,P.,andSoni, R.,A New Approach of Data Hiding in Images
using Cryptography and
Steganography,InternationalJournalofComputer
Applications,Vol.58,No.18,2012,pp1-5
[5] Marwaha, P., Visual cryptographic steganography in
images,Computing,Communication and Networking
Technologies(ICCCNT), International Conference , 2010,pp 1-6.
IEEE.
[6] Umamaheswari, M., Sivasubramanian, S. and S. Pandiarajan S.,
Analysis of Different Steganographic Algorithms for Secured Data
Hiding,IJCSNS International Journal ofComputer Science and
Network Security, Vol.10, No.8, 2010, pp 154-160.
[7] Kandar. S, and Maiti. A., Variable Length Key based Visual
Cryptography Scheme for Color Image using Random Number,
InternationaJournal of Computer Applications (0975 – 8887) Vol.19,
No.4, 2011, pp 35-40.
[8] Bairai, A. K., ASCII based Even-Odd Cryptography with Gray
code and Image Steganography: A dimension in Data Security,ISSN
2078-5828 (Print), ISSN 2218- 5224 (Online), Vol.01,No.2,2011, pp
37-41, Manuscript Code: 110112.
[9] Sharma and Kumar, A new approach to hide text in images using
steganography, IJARCSSE, Vol 3, Issue 4, April 2013 ISSN 2277-
128X
[10] Vishwakarma D et al, Efficient Information Hiding technique
using Steganography, IJETAE, International Journal of Emerging
technology and Advanced Engineering, Vol 2 Issue 1, January 2012
ISSN 2250-2459
351