In [4]:
# Steganography System

## Step 1: AES and Triple DES Encryption

### Here we first encrypt the message using AES and Triple DES encryption.

## Step 2: Embedding the Encrypted Message in an Image

### Now we hide the encrypted message in the image using steganography.

## Step 3: Decryption and Message Extraction

###Finally the user can extract and decrypt the hidden message.


!pip install pycryptodome Pillow numpy cryptography


In [None]:
#Diffie-Hellman

In [9]:
from cryptography.hazmat.primitives.asymmetric import dh
from cryptography.hazmat.primitives import serialization

# Ask user for key size input
user_key_size = int(input("Enter key size for Diffie-Hellman (e.g., 512, 1024, 2048): "))

# Generate Diffie-Hellman parameters based on user input
parameters = dh.generate_parameters(generator=2, key_size=user_key_size)

# Prompt user for the names of two participants (e.g., "User A" and "User B")
user_A_name = input("Enter the name for User A: ")
user_B_name = input("Enter the name for User B: ")

# Generate private key for both users
private_key_A = parameters.generate_private_key()
private_key_B = parameters.generate_private_key()

# Generate public keys for both users
public_key_A = private_key_A.public_key()
public_key_B = private_key_B.public_key()

# Shared secret generation based on the public keys
shared_key_A = private_key_A.exchange(public_key_B)
shared_key_B = private_key_B.exchange(public_key_A)

# Assert that the shared keys are the same
assert shared_key_A == shared_key_B
shared_key = shared_key_A

# Display the results
print(f"Shared key generated for {user_A_name} and {user_B_name}: {shared_key.hex()}")


Enter key size for Diffie-Hellman (e.g., 512, 1024, 2048):  1024
Enter the name for User A:  Tejas
Enter the name for User B:  Rahul


Shared key generated for Tejas and Rahul: 34dc2a2cc34a2175843d9c8c14efffc7c39a8defd9fd2ed1dda061a72999fd98a1f2355da47501dec48f417a61acfab1a4f409ed2d4c607921e625c22ff44c70b171f6e8a162844a8bb66a8ee3abaa0414bb976649137e0b62bd9607fd907df556ee5d8737cff619e9926bcacf7717f38618303cbb9d42df1af76a5f791ff910


In [5]:
#AES

In [12]:
from Crypto.Cipher import AES
import hashlib

# AES encryption using the shared key
def pad(s):
    return s + (16 - len(s) % 16) * chr(16 - len(s) % 16)

def aes_encrypt(message, key):
    key = hashlib.sha256(key).digest()  # AES expects a 256-bit key
    cipher = AES.new(key, AES.MODE_ECB)
    return cipher.encrypt(pad(message).encode())

def aes_decrypt(ciphertext, key):
    key = hashlib.sha256(key).digest()
    cipher = AES.new(key, AES.MODE_ECB)
    decrypted = cipher.decrypt(ciphertext).decode()
    return decrypted[:-ord(decrypted[-1])]

# Prompt user for the message to be encrypted
message = input("Enter the message you want to encrypt: ")

# Use the shared_key generated from Diffie-Hellman as the encryption key
# Ensure shared_key is converted to bytes if necessary
shared_key = hashlib.sha256(shared_key).digest()

# AES Encryption
encrypted_aes = aes_encrypt(message, shared_key)
print(f"AES Encrypted (in bytes): {encrypted_aes.hex()}")  # Display as hex for readability

# Ask user if they want to decrypt the message
decrypt_choice = input("Do you want to decrypt the message? (yes/no): ").strip().lower()

# If the user chooses to decrypt, ask for the encrypted key and perform decryption
if decrypt_choice == 'yes':
    encrypted_key_input = input("Please provide the encrypted key (in hex format): ").strip()
    
    # Convert the provided encrypted key back to bytes
    encrypted_key_bytes = bytes.fromhex(encrypted_key_input)
    
    # AES Decryption
    try:
        decrypted_message = aes_decrypt(encrypted_key_bytes, shared_key)
        print(f"Decrypted Message: {decrypted_message}")
    except Exception as e:
        print(f"Decryption failed: {str(e)}")
else:
    print("Decryption skipped.")


Enter the message you want to encrypt:  tejas


AES Encrypted (in bytes): 9eab6748c46e245b825c8bfb8db57a6c


Do you want to decrypt the message? (yes/no):  no


Decryption skipped.


In [6]:
# AES and DES3

In [18]:
from Crypto.Cipher import AES, DES3
import hashlib
import binascii

# Padding function to ensure message length is a multiple of 16 (for AES and Triple DES)
def pad(s):
    return s + (16 - len(s) % 16) * chr(16 - len(s) % 16)

# AES encryption using the shared key
def aes_encrypt(message, key):
    key = hashlib.sha256(key).digest()  # AES expects a 256-bit key
    cipher = AES.new(key, AES.MODE_ECB)
    return cipher.encrypt(pad(message).encode())

def aes_decrypt(ciphertext, key):
    key = hashlib.sha256(key).digest()
    cipher = AES.new(key, AES.MODE_ECB)
    decrypted = cipher.decrypt(ciphertext).decode()
    return decrypted[:-ord(decrypted[-1])]

# Triple DES encryption using shared key
def triple_des_encrypt(message, key):
    key = hashlib.sha256(key).digest()[:24]  # Triple DES uses a 168-bit key (24 bytes)
    cipher = DES3.new(key, DES3.MODE_ECB)
    return cipher.encrypt(pad(message).encode())

def triple_des_decrypt(ciphertext, key):
    key = hashlib.sha256(key).digest()[:24]
    cipher = DES3.new(key, DES3.MODE_ECB)
    decrypted = cipher.decrypt(ciphertext).decode()
    return decrypted[:-ord(decrypted[-1])]

# 1. Prompt user for the message to be encrypted
message = input("Enter the message you want to encrypt: ")

# Use shared_key generated from Diffie-Hellman or any fixed key for this example
shared_key = input("Enter a shared key or passphrase: ").encode()

# 2. AES Encryption
aes_encrypted = aes_encrypt(message, shared_key)

# Convert AES encrypted result to hex for better readability
aes_encrypted_hex = binascii.hexlify(aes_encrypted).decode()
print(f"AES Encrypted (hex): {aes_encrypted_hex}")

# 3. Triple DES encryption using the AES-encrypted result
encrypted_triple_des = triple_des_encrypt(aes_encrypted.hex(), shared_key)

# Convert Triple DES encrypted result to hex
encrypted_triple_des_hex = binascii.hexlify(encrypted_triple_des).decode()
print(f"Triple DES Encrypted (hex): {encrypted_triple_des_hex}")

# 4. Ask the user if they want to decrypt the message
decrypt_choice = input("Do you want to decrypt the message? (yes/no): ").strip().lower()

# If the user chooses to decrypt
if decrypt_choice == 'yes':
    # Ask for the encrypted Triple DES key in hex format
    encrypted_key_input = input("Please provide the Triple DES encrypted key (in hex format): ").strip()
    
    # Convert the provided encrypted key back to bytes
    encrypted_key_bytes = binascii.unhexlify(encrypted_key_input)

    # Triple DES Decryption
    decrypted_triple_des = triple_des_decrypt(encrypted_key_bytes, shared_key)
    
    # Convert decrypted Triple DES result from hex back to bytes
    decrypted_triple_des_bytes = binascii.unhexlify(decrypted_triple_des)

    # AES Decryption
    final_message = aes_decrypt(decrypted_triple_des_bytes, shared_key)
    print(f"Decrypted Message: {final_message}")
else:
    print("Decryption skipped.")


Enter the message you want to encrypt:  hello
Enter a shared key or passphrase:  someoneisgreat


AES Encrypted (hex): aea2c6118354c1cbc31a4096e6b31235
Triple DES Encrypted (hex): e325a37193b83f6c3afabd202e6e0751a335019b8dd6a23937d49999f8b90432c0586bfc33a1d292c0586bfc33a1d292


Do you want to decrypt the message? (yes/no):  yes
Please provide the Triple DES encrypted key (in hex format):  e325a37193b83f6c3afabd202e6e0751a335019b8dd6a23937d49999f8b90432c0586bfc33a1d292c0586bfc33a1d292


Decrypted Message: hello


In [7]:
# image stegnography

In [19]:
pip install pillow


Note: you may need to restart the kernel to use updated packages.


In [None]:
# Hybrid Encryption System with Steganography and Key Verification Using Hashing

# #### Overview
### This hybrid encryption system combines multiple cryptographic techniques-AES (Advanced Encryption Standard), Triple DES (Data Encryption Standard, and Steganography to create a robust and secure encryption mechanism. Additionally, it introduces a hash-based shared key validation mechanism to enhance security further by verifying the user-provided key before decryption.

### The system ensures data confidentiality, integrity, and security by:
### 1. Encrypting the message using AES.
### 2. Re-encrypting the AES-encrypted message using Triple DES.
### 3. Hiding the encrypted message inside an image using steganography.
### 4. Verifying the shared key hash during decryption to ensure key authenticity.

### Workflow and Working Process

# 1. User Input and Key Hashing:
#    - The system starts by accepting the **shared key** from the user. This key is critical because it will be used for both AES and Triple DES encryption.
#    - To ensure future validation, the shared key is hashed using **SHA-256**. This **hash of the key** is stored alongside the encrypted message for validation during the decryption phase.

## 2. AES Encryption:
###    - The user's input message is first encrypted using AES, a symmetric encryption algorithm that ensures the confidentiality of the message.

## 3. Triple DES Encryption:
###    - The AES-encrypted message is further encrypted using Triple DES for an additional layer of security. Triple DES applies the DES algorithm three times to the data to increase encryption strength.

## 4. Steganography (Hiding Encrypted Message in an Image):
###    - The doubly-encrypted message is hidden within an image using **Least Significant Bit (LSB) steganography**, where the encrypted message bits replace the least significant bits of the image pixels.
###    - This ensures that the message is hidden inside the image in a way that’s undetectable to the human eye.

## 5. Decryption Process:
###    - During decryption, the user is prompted to enter the shared key again. The key provided during decryption is hashed and compared to the original hashed key stored during encryption.
###   - If the hash of the user-provided key matches the stored hash, the system proceeds with decryption.
###    - If the hash does not match, the system terminates the process and outputs a **"Danger: Invalid Key"** warning, protecting the system from unauthorized access.

### Detailed Working Process Flow:

## 1. Encryption Process:
###    - Step 1: User enters a shared key and a message.
###    - Step 2: Hash the shared key using SHA-256 for later verification.
###    - Step 3: AES encrypt the message using the shared key.
###   - Step 4: Triple DES encrypt the AES-encrypted message using the shared key.
###    - Step 5: Hide the encrypted message in an image using steganography.
###    - Step 6: Store the hashed key alongside the encrypted message for future verification.

## 2. Decryption Process:
###    - Step 1: User provides the key for decryption.
###    - Step 2: Hash the user-provided key.
###    - Step 3: Compare the hash of the user-provided key with the stored hash from the encryption process.
###    - Step 4: If hashes match, proceed with extracting the encrypted message from the image.
###    - Step 5: Decrypt the message with Triple DES, followed by AES.
###    - Step 6: If hashes do not match, alert the user with a warning.



## Diagrammatic Representation

## Below is a simplified diagram of the Hybrid Encryption System:

#            +---------------------------+
#            |        User Input          |
#            |    Message + Shared Key    |
#            +---------------------------+
#                          |
#                          V
#               +-------------------+
#               |   Hash Shared Key  |
#               |   (SHA-256 Hash)   |
#               +-------------------+
#                          |
#                          V
#            +----------------------------------+
#            |          AES Encryption         |
#            |    (Encrypted Message via AES)  |
#            +----------------------------------+
#                          |
#                          V
#        +------------------------------------------+
#        |        Triple DES Encryption             |
#        |    (Encrypt AES Output via Triple DES)   |
#        +------------------------------------------+
#                          |
#                          V
#            +------------------------------+
#            |   Steganography Embedding     |
#            |   (Hide Message in an Image)  |
#            +------------------------------+
#                          |
#                          V
#           +---------------------------------------+
#           |         Store Encrypted Image         |
#           |   (Image with Encrypted Message +     |
#           |   Hashed Key for Validation)          |
#           +---------------------------------------+

#           +-----------------------------------+
#           |     Decryption & Key Validation   |
#           |   (User Provides Key for Decrypt) |
#           +-----------------------------------+
#                          |
#                If hash matches, proceed to:
#                          |
#                          V
#        +-------------------------------------------+
#        |    Extract Message from Image (Stegano)   |
#        +-------------------------------------------+
#                          |
#                          V
#        +-------------------------------------------+
#        |  Triple DES Decryption -> AES Decryption  |
#        +-------------------------------------------+
#                          |
#                          V
#                  +-------------------+
#                  |    Original Text  |
#                  +-------------------+

#      If hash does not match: "Danger: Invalid Key" warning.


# ### New Features Implemented

# 1. Hash-Based Key Verification:
#    - A new security feature that hashes the shared key using SHA-256 and stores the hash with the encrypted message. During decryption, the provided key is hashed again and compared to the original hash, ensuring that only the correct key can be used to decrypt the message.
#    - This prevents unauthorized decryption attempts even if the image is intercepted.

# 2. Multi-Layered Encryption
#    - The hybrid system uses **both AES and Triple DES encryption**, offering a **double-layer encryption** approach. This makes it much more difficult for attackers to decrypt the message without knowing both layers of encryption.

# 3. Steganography
#    - The use of **steganography** adds another layer of security by hiding the encrypted message inside an image, making the data invisible and therefore less likely to attract attention.

# 4. **User Key Validation Before Decryption**:
#    - The system ensures that only users with the correct shared key can decrypt the hidden message by validating the key's hash.
#    - If an incorrect key is provided, the system does not decrypt the message, but instead, it displays a **"Danger: Invalid Key"** message to alert the user.


 ## Future Works and Enhancements

## 1. Advanced Steganography Techniques:
###    - **Improved steganography** methods can be implemented to hide messages in multiple image channels or in other media (like audio or video) for enhanced data hiding capabilities.

## 2. Use of Public-Key Cryptography (RSA):
###    - Implementing public-key cryptography like RSA to encrypt the AES or Triple DES keys before exchanging them over unsecured channels would enhance security.
###    - This would avoid the need for users to share the shared key directly, reducing the risk of interception.

## 3. Multi-Factor Authentication (MFA):
###   - Future versions of the system can introduce multi-factor authentication before decryption. This could involve sending a one-time password (OTP) or using biometric authentication to validate the user's identity.

## 4. Hybrid Cryptography with More Algorithms:
###    - Other cryptographic algorithms such as Blowfish or ChaCha20 can be integrated into the system to provide even more flexibility and security for different use cases.
   
## 5. Cloud-Based Key Storage:
###    - Implementing cloud-based key storage services (e.g., AWS KMS or Azure Key Vault) can help manage keys securely, rather than relying on the user to remember or securely store the keys themselves.

## 6. Integrity Checks:
###    - Adding a message integrity check using cryptographic hashing like HMAC (Hash-based Message Authentication Code can ensure that the encrypted message has not been tampered with during transmission.

## 7. Machine Learning for Key Verification:
###    - Machine learning techniques could be incorporated to monitor and learn from access patterns, helping detect potential brute-force attacks or unusual decryption requests.



# Conclusion
### This hybrid encryption system leverages the strengths of multiple encryption techniques—AES, Triple DES, and Steganography—and adds a hash-based key validation mechanism to secure communications further. The system is well-suited for scenarios where high confidentiality, integrity, and security are required. The future enhancements mentioned could take this system to even higher levels of security by introducing public-key cryptography, advanced steganography techniques, and more sophisticated methods for managing keys and access verification.


In [1]:
from Crypto.Cipher import AES, DES3
import hashlib
from PIL import Image
import binascii
import numpy as np

# Padding function to ensure message length is a multiple of 16 (for AES and Triple DES)
def pad(s):
    return s + (16 - len(s) % 16) * chr(16 - len(s) % 16)

# AES encryption using the shared key
def aes_encrypt(message, key):
    key = hashlib.sha256(key).digest()  # AES expects a 256-bit key
    cipher = AES.new(key, AES.MODE_ECB)
    return cipher.encrypt(pad(message).encode())

def aes_decrypt(ciphertext, key):
    key = hashlib.sha256(key).digest()
    cipher = AES.new(key, AES.MODE_ECB)
    decrypted = cipher.decrypt(ciphertext).decode()
    return decrypted[:-ord(decrypted[-1])]

# Triple DES encryption using shared key
def triple_des_encrypt(message, key):
    key = hashlib.sha256(key).digest()[:24]  # Triple DES uses a 168-bit key (24 bytes)
    cipher = DES3.new(key, DES3.MODE_ECB)
    return cipher.encrypt(pad(message).encode())

def triple_des_decrypt(ciphertext, key):
    key = hashlib.sha256(key).digest()[:24]
    cipher = DES3.new(key, DES3.MODE_ECB)
    decrypted = cipher.decrypt(ciphertext).decode()
    return decrypted[:-ord(decrypted[-1])]

# Steganography: Hide message in image
def encode_message_in_image(image_path, message):
    img = Image.open(image_path)
    img_array = np.array(img)

    message += "###"  # Adding delimiter to the message
    message_bits = ''.join([format(ord(i), '08b') for i in message])

    idx = 0
    for i in range(img_array.shape[0]):
        for j in range(img_array.shape[1]):
            if idx < len(message_bits):
                # Modify the least significant bit of the red channel to hide the message
                img_array[i, j, 0] = int(format(img_array[i, j, 0], '08b')[:-1] + message_bits[idx], 2)
                idx += 1

    encoded_img = Image.fromarray(img_array)
    encoded_img.save("encoded_image.png")
    return "encoded_image.png"

# Steganography: Extract message from image
def decode_message_from_image(image_path):
    img = Image.open(image_path)
    img_array = np.array(img)

    message_bits = ""
    for i in range(img_array.shape[0]):
        for j in range(img_array.shape[1]):
            message_bits += format(img_array[i, j, 0], '08b')[-1]

    message = ''.join([chr(int(message_bits[i:i+8], 2)) for i in range(0, len(message_bits), 8)])
    return message.split("###")[0]  # Stop at delimiter

# 1. Prompt user for the message to be encrypted
message = input("Enter the message you want to encrypt: ")

# Use shared_key generated from Diffie-Hellman or any fixed key for this example
shared_key = input("Enter a shared key or passphrase: ").encode()

# 2. AES Encryption
aes_encrypted = aes_encrypt(message, shared_key)

# 3. Triple DES encryption using the AES-encrypted result
encrypted_triple_des = triple_des_encrypt(aes_encrypted.hex(), shared_key)

# Convert Triple DES encrypted result to hex for embedding
encrypted_triple_des_hex = binascii.hexlify(encrypted_triple_des).decode()

# 4. Embed the encrypted message into an image
image_path = input("Enter the path to the image file (e.g., image.png): ")
encoded_image_path = encode_message_in_image(image_path, encrypted_triple_des_hex)
print(f"Message hidden in image and saved as: {encoded_image_path}")

# 5. Ask the user if they want to extract and decrypt the message
decrypt_choice = input("Do you want to extract and decrypt the hidden message? (yes/no): ").strip().lower()

if decrypt_choice == 'yes':
    # Extract the message from the image
    extracted_message = decode_message_from_image(encoded_image_path)
    print(f"Extracted encrypted message (hex): {extracted_message}")

    # Triple DES Decryption
    decrypted_triple_des = triple_des_decrypt(binascii.unhexlify(extracted_message), shared_key)

    # Convert decrypted Triple DES result from hex back to bytes
    decrypted_triple_des_bytes = binascii.unhexlify(decrypted_triple_des)

    # AES Decryption
    final_message = aes_decrypt(decrypted_triple_des_bytes, shared_key)
    print(f"Decrypted Message: {final_message}")
else:
    print("Decryption skipped.")


Enter the message you want to encrypt:  tejas is variable
Enter a shared key or passphrase:  difpg6321c
Enter the path to the image file (e.g., image.png):  image.png


Message hidden in image and saved as: encoded_image.png


Do you want to extract and decrypt the hidden message? (yes/no):  yes


Extracted encrypted message (hex): 4a23a4216233cbd03ce4d904a8d204b7e400c0c4894b517fbc51096bd1c52d561e0c5db04d57a088e3930ea35f7c431cc228a1e355021c98b56aebf458684ee74d55d527044e33854d55d527044e3385
Decrypted Message: tejas is variable


Enter the message you want to encrypt:  iamvariable
Enter a shared key or passphrase (used for AES and Triple DES):  difpg6321c


Hashed Shared Key: d585d5dd94afc77417cf4e92e944968624dc721b0738dcf2835066b15b515f1f
AES Encrypted (hex): e10da32f29c1c8e55ed9d21ef244a125
Triple DES Encrypted (hex): 16d3e61ed83eee979391dd355b9df8aa487f52cf8265788132f28306e6e78dcd4d55d527044e33854d55d527044e3385


Enter the path to the image file (e.g., image.png):  image.png


Message hidden in image and saved as: encoded_image.png


Do you want to extract and decrypt the hidden message? (yes/no):  yes


Extracted encrypted message (hex): 16d3e61ed83eee979391dd355b9df8aa487f52cf8265788132f28306e6e78dcd4d55d527044e33854d55d527044e3385


Please provide the key to decrypt:  difpg6321c


Key is correct. Proceeding with decryption...
Decrypted Message: iamvariable
