Abstract
Today’s dynamic and information rich environment, information systems have become vital for any organization to survive. With the increase in the dependence of the organization on the information system, there exists an opportunity for the competitive organizations and disruptive forces to gain access to other organizations information system. This hostile environment makes information systems security issues critical to an organization. Current information security literature either focuses on anecdotal information by describing the information security attacks taking place in the world or it comprises of the technical literature describing the types of security threats and the possible security systems. Two of the best ways to provide security is Cryptography and Steganography. Cryptography and Steganography are cousins in the spy craft family. Cryptography scrambles a message so it cannot be understood and generates cipher text. Steganography word is derived from Greek, literally means “Covered Writing”. Steganography is the art of hiding the existence of data in another transmission medium to achieve secret communication. It does not replace cryptography but rather boosts the security using its obscurity features. It includes vast ways of secret communications methods that conceal the message’s existence. These methods are including invisible inks, microdots, character arrangement and covert channels & spread spectrum communications. In Cryptography, the meaning of data has been changed. So, it makes intention to the hacker to hack or destroy the data. In our proposed paper, we implement a method by mixing both Cryptography and Steganography for Information security. It not only changes the meaning of data but also hides the presence of data from the hackers. In order to secure the transmission of data, Steganography has to be implemented that allow information to be sent in a secure form in such a way that the only person able to retrieve this information is intended recipient. In this paper we proposed a method which describes two stages for sending the information securely by using the Public-key Cryptography and Steganography based on matching method. This is done in following steps: 1. Encrypt the message using any one of the popular PublicKey Encryption Algorithms, so that only authorized parties can only be able to read the message. 2. Find and share stego-key between the two communication parties over insecure networks by applying Diffie Hellman Key exchange protocol. 3. Sender uses the secret stego-key to select pixels that it will be used to hide the message obtained in first step. Each selected pixel used to hide 8 bits of information. This steganographic protocol is more efficient than LSBs. It produces matching between the data bit parts and selected or least significant bits of each pixel. Keywords: Public-Key Cryptography, Steganography, Stego-key, Diffie-Hellman, LSBs.