Proposed Algorithm for Data Extraction - Covert Communication via the BBS Using Special BIG-5 C

Chapter 4 Covert Communication via the BBS Using Special BIG-5 Codes

4.4 Proposed Algorithm for Data Extraction

In this section, we will specifically introduce the process for extraction of secret data. A flow chart of the process is shown in Figure 4.4. First, we extract the invisible symbols embedded in a stego-article. Next, according to the adopted different

methods of embedding the invisible symbols, we conduct different processes. If method 1 is used, we map the symbols into 8-bit segments by referring to Table 4.1;

otherwise, when method 2 is used, we map the symbols into 2-bit segments by referring to Table 4.2. Then, we concatenate the segments into a random message.

Finally, by using the same key which is used for embedding the message, we can recover the correct secret message. The detailed algorithm for extraction of the secret message is described in the following.

Figure 4.4 Flow chart of proposed data extraction process

Algorithm 3.2 Data extraction for covert communication.

Input: a stego-BBS article  and the secret key K used in Algorithm 3.1

Output: a secret message S.

Steps.

1. Check each line l_i in the stego-BBS article B sequentially, starting from the first line; and extract the invisible symbols embedded in front of the end signal in l_i. 2. Transform the extracted symbols according to the different method used for

embedding the secret message to be extracted.

(1) If method 1 is used, map them into 8-bit segments t1, t2, …, tk, respectively, by referring to Table 4.1.

(2) If method 2 is used, map them into 2-bit segments p1, p2, …, pk,, respectively, by referring to Table 4.2.

3. Concatenate the extracted segments into a random message Q.

4. Use the secret key K to reorder Q to obtain a result as the desired secret message S.

4.5 Experimental Results

A series of experiments have been conducted to test the proposed algorithms for covert communication via the BBS under the popular software environments of PCMan, KKMan, Pietty, and the operating system of the traditional Chinese version of Microsoft Windows XP, service pack 3, 2002. In the following, we show some secret key and a secret message, as shown in Figure 4.5(b). Specifically, we just have

to select a hiding method, highlight a cover article by a mouse, and press the hiding-button also shown in Figure 4.5(c). In this way, we obtained a stego-BBS article with a secret message embedded, and the appearance of the stego-article is shown in Figure 4.5(d). Later, we extracted the secret message by typing the correct secret key, selecting the same method, highlighting the stego-article, and pressing the extraction-button as shown in Figure 4.5(e). On the other hand, as shown in Figure 4.5(f), when the typed secret key was wrong, the correct secret message was obtained.

Another example of our experimental results is shown in Figure 4.6.

4.6 Summary

In this chapter, two new methods of data hiding using special Big-5 codes in BBS articles have been proposed for covert communication. One is appropriate for the operating systems with the Unicode standard as the kernel set and using the CodePage 950 as their transcoding table between the Big-5 and the Unicode; and the other is appropriate for most general operating systems. And both were implemented completely in this study. The secret message hidden in a BBS article is not easy to be observed from the appearance. Even through a malicious user knows the proposed algorithms and tries to extract the secret from a stego-BBS article, the secret message can still be protected by a secret key. Furthermore, all experimental results show the feasibility of the proposed methods.

(a)

(b)

Figure 4.5 An example of experimental results. (a) A normal article displayed on the PCMan with our program in the upper right. (b) Data embedding process:

type a secret key and a secret message, select a hiding method, highlight a cover article, and press the hiding-button to generate a stego article with the secret message embedded. (c) The displayed stego-article with the secret message embedded on the PCMan. (d) Data extraction process:

extract the secret massage by the use of using the correct secret key, select the same method, and press the extraction-button. (e) Result of using a wrong key to extract the secret message. (f) An extracted wrong message.

(c)

(d)

Figure 4.5 An example of experimental results (continued). (a) A normal article displayed on the PCMan with our program in the upper right. (b) Data embedding process: type a secret key and a secret message, select a hiding method, highlight a cover article, and press the hiding-button to generate a stego article with the secret message embedded. (c) The displayed stego-article with the secret message embedded on the PCMan. (d) Data extraction process: extract the secret massage by the use of using the correct secret key, select the same method, and press the extraction-button.

(e) Result of using a wrong key to extract the secret message. (f) An

(e)

(f)

(e) Result of using a wrong key to extract the secret message. (f) An extracted wrong message.

(a)

(b)

Figure 4.6 Another example of experimental results. (a) Another normal article. (b) Embedding a secret message by method 2, using special Big-5 space codes. (c) Stego-article with the secret message embedded. (d) Extracted correct secret massage.

(c)

(d)

Figure 4.6 Another example of experimental results (continued). (a) Another normal article. (b) Embedding a secret message by method 2, using special Big-5 space codes. (c) Stego-article with the secret message embedded. (d) Extracted correct secret massage.

Chapter 5 BBS Article Authentication by Special Big-5 Codes

5.1 Introduction and Problem Definition

5.1.1 Introduction

In this study, we also studied the topic of BBS article authentication, and the detail is described in this chapter. The problem definition is given in Section 5.1.2, and the major idea of the proposed method for BBS article authentication is given in Section 5.2. In Sections 5.3 and 5.4, the processes for generating a protected BBS article and for verifying the integrity of it are described, respectively. In Section 5.5, we show some experimental results to prove the feasibility of the proposed methods.

At last, we give a brief summary for this chapter in Section 5.6.

5.1.2 Problem Definition

Through the technique of covert communication proposed in the previous chapter, we are able to prevent private messages from being browsed by illicit users on the BBS. However, because the user ID and password are unsafe on the Internet, hackers or malicious users may crack passwords to tamper with the contents of BBS articles, resulting in unpredictable consequences. Moreover, for BBS administrators,

tamper with the articles or send fake mails, on the BBS. Thus, authentication of BBS articles is also a necessary technique for BBS applications.

5.2 Major Idea of Proposed Method by Use of Special Big-5 Codes

In this study, we reach the aim of BBS authentication by the previously-mentioned data hiding techniques which use special Big-5 space codes. In the previous chapter, we proposed two methods for covert communication via BBS articles. Covert communication is a technique which needs higher imperceptibility, and the two methods proposed previously both can accomplish this requirement.

However, for article authentication, the required imperceptibility of an authenticated message is relatively low; even if the message is discovered illegally, any tampering with the message content will still result in a wrong verification result. Thus, we also can use the two methods to achieve the goal of BBS authentication.

5.3 Authentication Signal Generation and Embedding Process

In this section, we specifically describe the proposed process of generating a protected BBS article. After an authentication signal of a BBS article is obtained, we can regard it as a secret message and embed it in the original article by Algorithm 4.1 described previously in Chapter 4. A flow chart of the proposed authentication signal generation process is given in Figure 5.1. First, we fold the longer text lines in a BBS article, which we want to protect, into shorter ones, leaving at least eight characters at the end of each line as a data embedding slot. Then, if method 2 mentioned in the last

chapter, which uses special Big-5 space codes, is selected to hide data, we replace each Big-5 space code in the cover article with two white space codes. Next, we remove from the folded BBS article all the line feed signals so that the verification process described in the next section will not be interfered by redundant line feed signals. The modified BBS article and a secret key then are used to generate an authentication signal using a hash function and the exclusive-OR operation. Finally, we can regard the signal as a secret message and hide it in the folded article using the proposed data embedding process in Algorithm 4.1 with the same secret key to obtain a protected BBS article. The detailed algorithm is described in the following.

Fold each long text line to

Figure 5.1 Flowchart of proposed authentication signal generation process.

Algorithm 5.1 Authentication signal generation and embedding process.

Input: a secret key K, a hash function f (such as MD5), and a cover BBS article B.

Output: a protected BBS article B

Steps.

1. Fold sequentially each text line l_i with a length larger than 70 units (with a unit meaning the length of an ASCII code displayed on the BBS) in BBS article B into

a 70-unit line by inserting a line feed, denoted as LF and occupying zero unit, after the original 70th character in li to generate a folded article, denoted as F.

2. Choose one of the two previously-described hiding methods to embed secret data in the folded article by one of the following ways:

(1) if method 1 is selected, then perform Step 4;

(2) if method 2 is selected, then perform Step 3.

3. Replace each special Big-5 code in the folded article F with two white space codes.

4. Remove all the line feed signals in F, use the result and the secret key K as inputs to the hash function f to generate two 128-bit digests Fand K, respectively, and return all the removed LF signals back into their original positions in F.

5. Compute the exclusive-OR value F⊕K to obtain a 128-bit authentication signal S.

6. Regard S as a secret massage and embed it in the cover article using the proposed data hiding process in Algorithm 4.1 to obtain a protected BBS article as output.

5.4 Authentication Signal Extraction and Verification Process

The detail of the proposed authentication signal verification scheme is described in this section. First, we use a protected BBS article as input to the proposed data extraction process in Algorithm 4.2 with the secret key used in Algorithm 5.1 to obtain a secret massage, and regard it as the authentication signal S of the article. Next, we can use the same key and hash function to transform the BBS article, after all the secret symbols and the line feed signals in it are removed, into a verification signal T.

Finally, we decide whether the protected blog article has been modified or not by

comparing the two signals S and T. A flow chart for the process is illustrated in Figure 5.2, and the detailed algorithm is given in the following.

Authentication

Figure 5.2 Flow chart of proposed BBS article verification process.

Algorithm 5.2 Authentication signal extraction and BBS article verification.

Input: a secret key K and a hash function f both being the same as those used in Algorithm 5.1; and a protected BBS article B.

Output: an authentication report R.

Steps.

1. Use the protected BBS article B as input to the proposed data extraction process in Algorithm 4.2 with the secret key K to obtain a secret massage, and regard it as the authentication signal S of the article.

2. Remove all the secret symbols and line feed signals from the BBS article, and use the result, as an input to the hash function f to generate a 128-bit digest B

3. Use the secret key K as an input to the hash function f to generate a 128-bit digest K

4. Compute the exclusive-OR value B⊕K to get a 128-bit verification signal T.

5. Compare the authentication signal S and T, resulting in the following two cases.

(3) If S = T, then regard the input B as unmodified and mark it so in the authentication report R.

(4) If S  T, then regard B as modified and mark it so in R.

6. Output the authentication report R.

5.5 Experimental Results

We have conducted experiments to prove the feasibility of the proposed BBS authentication scheme under the same software environments used in Chapter 4. In the following, we will illustrate some examples of our experimental results.

As shown in Figure 5.3(a), we generated a protected BBS mail by the use of a secret key, and its appearance displayed on the PCMan is shown in Figure 5.3(b).

Later, a receiver of the mail verified whether a BBS mail is a fake or not by using the same secret key, as shown in Figure 5.3(c). However, if the key is wrong, then the authentication result will fail as shown in Figure 5.3(d).

In another example, we generated and published a protected BBS article like Figure 5.4(a) and its appearance is shown in Figure 5.5(b). The correct verification result by using the right secret key is shown in Figure 5.5(c). However, as shown in Figure 5.5(d), we tampered with the protected article by replacing a number “500” of the content with another number “900,” so that we obtained a wrong authentication result. Other examples of our experimental results are given in Figures 5.6 and 5.7, in which normal articles and protected articles are displayed on the KKMan and the

telnet connection program, respectively.

From these experimental results, it can be seen that the proposed method indeed can be used to authenticate BBS articles.

5.6 Summary

In this chapter, a scheme for authentication of BBS articles by using the two proposed data hiding methods for covert communication described previously in Chapter 4 is proposed. We regard an authentication signal generated from a folded cover article as a secret message and hide it through the embedding process previously-described in Algorithm 4.1 into the folded BBS article to obtain a protected article. Later, the protected BBS article is authenticated by comparing the authentication signal obtained from the extraction process described in Algorithm 4.2 with the verification signal computed from the protected BBS article directly. And through the various experiments conducted in this study, we can prove the feasibility of the proposed method.

By the way, it is mentioned that we implement the two data hiding methods for covert communication and authentication, respectively, in a single program. By using the program, we can easily use the two different techniques to achieve the purpose of protecting BBS articles, conducting secret communication, or both of them.

(a)

(b)

Figure 5.3 An example of experimental results. (a) A generation and sending process of a protected BBS mail. (b) A protected BBS mail displayed on the PCMan. (c) A protected BBS article authenticated with a correct secret key. (d) A protected BBS article authenticated with a wrong key.

(c)

(d)

Figure 5.3 An example of experimental results (continued). (a) A generation and sending process of a protected BBS mail. (b) A protected BBS mail displayed on the PCMan. (c) A protected BBS article authenticated with a correct secret key. (d) A protected BBS article authenticated with a wrong key.

(a)

(b)

Figure 5.4 Another example of experimental results. (a) A generation and sending process of a protected BBS article. (b) A protected BBS article displayed on the PCMan. (c) An authentication result of a protected BBS article with a correct secret key. (d) An authentication result of a protected BBS article tampered by replacing a word.

(c)

(d)

Figure 5.4 Another example of experimental results (continued). (a) A generation and sending process of a protected BBS article. (b) A protected BBS article displayed on the PCMan. (c) An authentication result of a protected BBS article with a correct secret key. (d) An authentication result of a protected BBS article tampered by replacing a word.

(a)

(b)

Figure 5.5 An experimental result displayed on the KKMan. (a) A normal BBS mail.

(b) A protected BBS mail.

(a)

(b)

Figure 5.6 An experimental result displayed on the telnet connection program. (a) A normal BBS mail. (b) A protected BBS mail.

Chapter 6 Email Authentication by Special UTF-8 Space Codes

6.1 Introduction and Problem Definition

6.1.1 Introduction

In this chapter, the detail of the proposed email authentication method and the corresponding data hiding technique will be introduced. In Section 6.1.2, the problem definition is described, and the major idea of the proposed method is described in Section 6.2. In Section 6.3, we specifically describe the process of generating a protected email with an authentication signal embedded, and in Section 6.4, the proposed email verification process is described. In Section 6.5, some experimental results are given to show the feasibility of the proposed method. In Section 6.6, an example for proving the adaptability of the proposed method for authentication of blog articles is given. Finally, a brief summary is given in Section 6.7.

6.1.2 Problem Definition

Nowadays, with the rapid development of the Internet, people often communicate with others through emails. Specifically, a newly-developed type of email, the webmail, can be sent, read, and received at any place as long as an internet-browser, which can connect to the network without the need of other specific

client software, is available. Furthermore, emails can even be read directly on webmail platforms rather than be loaded to client servers. This trend will be more prominent in the coming era of cloud computing. Due to the convenience of webmail, people are accustomed to use it as the most popular type of email.

On the other hand, it is hard to prevent malicious users from intercepting and tampering with the content of emails or cracking user passwords to send fake emails.

Therefore, an authentication scheme for verifying the fidelity and integrity of emails is important. To this aim, we propose a data hiding technique for email authentication in this study, and the detail is described in the subsequent sections.

6.2 Major Idea of Proposed Method by Use of Special UTF-8 Codes

In Chapter 3, we described how we fulfill authentication of blog articles on popular web browsers by using special ASCII control codes which become invisible after being embedded into blog articles. With this success, naturally we tried to implement the same data hiding technique on webmails for email authentication.

However, for some popular webmail platforms such as G-mail, when we send a stego-email with some special ASCII control codes embedded, all the codes will be removed so that nothing can be extracted later for verification of the mail.

Nevertheless, we tried further to hide data by the method proposed in Chapters 4 and 5. It was used there to achieve the goals of covert communication via BBS articles and authentication of BBS articles, using special invisible Big-5 code. This time these special codes can be preserved after undergoing the mail sending and receiving processes conducted on webmail platforms, but unfortunately for some popular web browsers like Mozilla Firefox and Google Chrome, these codes are revealed and

appear as special patterns provided by them. For example, the special Big-5 code

“FDEA” is transcoded to the corresponding Unicode code “E25F” and displayed graphically on the Firefox and Chrome as and , respectively. Thus the above two data hiding methods are not appropriate for webmail authentication, either.

Finally, we tried the use of some special UTF-8 space codes to achieve the aim of email authentication. This time we succeeded. The idea is inspired from the data hiding technique for the BBS using special Big-5 space codes. Specifically, we found the UTF-8 code “E38080” useful for our purpose here, which is transcoded from a Big-5 space code and is a standard Unicode code. Because it is located in the normal character area with a space chart, and is invisible when it is displayed on browsers, we can combine it with white spaces to become special symbols for use in data hiding in emails. The used UTF-8 codes and the devised code mapping relationship are listed in Table 6.1.

Table 6.1 Encoding table for used UTF-8 codes.

在文檔中利用特殊字元編碼的新資訊隱藏技術與其於網際網路上之應用 (頁 61-0)