Encryption & Steganography in Ipv6 Source Address

International Journal of Computer Engineering and Technology ENGINEERING (IJCET), ISSN 0976INTERNATIONAL JOURNAL OF COMPUTER 6367(Print), ISSN 0976
6375(Online) Volume 4, Issue 2, March April (2013), IAEME & TECHNOLOGY (IJCET)
ISSN 0976 6367(Print) ISSN 0976 6375(Online) Volume 4, Issue 2, March April (2013), pp. 315-324 IAEME: www.iaeme.com/ijcet.asp Journal Impact Factor (2013): 6.1302 (Calculated by GISI) www.jifactor.com
IJCET
IAEME
ENCRYPTION & STEGANOGRAPHY IN IPv6 SOURCE ADDRESS

Mustafa Alaa Qasim1, Dipak Pawar2
1
(Research Scholar, Department of Computer Engineering, VIT College, University of Pune, Pune, India) 2 (Asst. Prof., Department of Computer Engineering, VIT College, University of Pune, Pune, India)
ABSTRACT Steganography is the process of hiding a secret message in covert channel that is difficult to detect the existence of secret message. Covert channel is a secret communication channel used for transmitting information. Steganography within the source address fields of Internet Protocol Version 6 (IPv6) packets create a covert channel in which secret messages are passed from one side to another. Cryptography is the conversion of data into a secret code for transmission over a public network. The feature of Steganography over cryptography is that messages which not attract attention to themselves, whereas cryptography protects the contents of a message. Steganography can protect both messages and communicating parties. keywords: Covert Channel, Steganography, Cryptography. I. INTRODUCTION
Steganography is very old art of embedding private messages in seemingly innocuous messages in a way that prevents the detection of the secret messages by a third party. Similarly, Steganography means establishing covert channels. A covert channel is a secret communication channel used for transmitting information [1]. Steganographic methods operate in two steps: First, a cover object is analyzed to determine to what extent it can be modified so that the medications will not be easily observable, second: the message bits are inserted into the cover object by making changes replaced by the message bits to create an altered cover object [2]. TCP/IP header fields such as type of service, IP Identification field, fragment offset, option etc. may be used to embed steganographic data and use as steganographic carriers [3,4]. Internet protocol version 6 (IPv6) is the next generation internet protocol which is set slowly, merge and ultimately replace IPv4. If the world
315
International Journal of Computer Engineering and Technology (IJCET), ISSN 09766367(Print), ISSN 0976 6375(Online) Volume 4, Issue 2, March April (2013), IAEME
continues at its current rate of adding 170 million IP addresses per year for new hosts which connect the Internet, people will exhaust the current address space available for IPv4 in 7.5 years. This is the main driving force behind the push to switch to IPv6 [5]. An IPv6 packet header consists of the fields shown below in Figure 1. Version ( 4 Bit ) Traffic class ( 8 Bit ) Payload Length ( 16 Bit ) Flow Label ( 20 Bit ) Next Header ( 8 Bit ) Source Address ( 128 Bit ) Hop Limit ( 8 Bit )
Destination Address ( 128 Bit ) Fig.1 IPv6 Header Many covert channels can be selected in IPv6 header such as traffic class, flow label, payload length, next header, hop limit and source address [6]. The IPv6 specifications [7] along with the privacy extensions for the stateless address auto configuration feature introduces the possibility of embedding a significant amount of secret data into the source address field. The packet header will likely be undetectable to an uninformed observer. The source address is a 128-bit field, which is intended to contain the universally unique internet address of the originator of the packet. The privacy extensions proposed for IPv6 rely on the random generation of a 64-bit portion of the 128-bit source address, the expectation that the built-in randomness will create a shield of entropy, which should effectively hide any enclosed message [5]. Cryptography can be defined as secret writing. The basic service that cryptography offers is the ability of transmitting information among people in a way that prevents a third party from reading it. Cryptographic systems usually involves both an algorithm and secret key. The reason for having a secret key is keeping the algorithm secret in a very difficult way to view [1]. II. RELATED WORK
One of the most common ways of sending messages in modern times, is through the use of the internet [5]. The TCP/IP header can be used as a carrier for a steganographic covert channel. The Steganographic covert channels depend on modification of network protocol header values. In TCP Header, there are many possible hidden channels such as PAD (padding bits) with bandwidth 31 bits/packet, usage of chosen ISN (initial sequence number) with 32 bits per connection, usage of urgent pointer when URG=0-16 bits/packet, usage of reserved bits with 6 bits/packet, and existence of data when RST=1and Port numbers as analphabet () [3,4].
316
Source Port Sequence Number
Destination Port
Header Length
Acknowledgment Number Code Reserved bits Window Checksum Checksum Fig.2 TCP Header Urgent Pointer Padding
In IPv6 header, there are many possible hidden channels such as traffic class (set a false traffic class), flow Label (set a false flow label), payload Length (increase value to insert extra data), next header (set a valid value to add an extra extension header), hop limit (increasing or decreasing value of hop limit) and source address (set a false source address) [6]. IPv6 address is 128 bits consist of two parts: network prefix 64 bit and interface identifier 64 bit which is host ID part.
Fig.3 IPv6 Source address Network prefix has two parts : global routing prefix 48 bit and subnet ID 16 bit.
Fig.4 IPv6 Source Address IPv6 source address is used as a covert channel by two methods: first, encoding messages through MAC address (Passive Injection) and this is subdivided into long MAC encoding and short MAC encoding, second is encoding messages through packet creation (Active Injection). The packets spoofed source address contains the secret message created
317
by the program which is injected into the network solely for sending the secret message. All these methods use 64 bit interface identifier in IPv6 source address only to hide the secret messages [5]. Therefore; if we select source IPv6 address then we can hide 8 bytes of data in a IPv6 packet. This kind of message hiding, is difficult to detect; but if it is detected, then the message can be easily extracted because cryptography is not applied. III. PROPOSED METHOD: AES STEGANOGRAPHY
In this Method, encryption is used to encode the text (which is now encrypted message), it will be injected into source address covert channel of IPv6 packet. The Advanced Encryption Standard (AES) algorithm is a symmetric block cipher that can process data blocks of 128 bits, using cipher keys with lengths of 128, 192, and 256 bits, will be used in this method. The key size used for an AES cipher specifies the number of repetitions of transformation rounds that convert the input called the plaintext into the final output, which is called the cipher text [8]. The number of cycles of repetition are as follow: 128-bit keys: 10 cycles of repetition. 192-bit keys: 12 cycles of repetition. 256-bit keys: 14 cycles of repetition. Each round consists of several processing steps, including one that depends on the encryption key itself. A set of reverse rounds are applied to transform ciphertext back into the original plaintext by using the same encryption key. Message " Vishwakarma Institute of Technology affiliated to the University of Pune " is a plain text, it will be encrypted by using AES algorithm. The cipher text will be: "gYKVPmH2C6/jgUvBXHN6PaOAe7swxbmMFOgnfU3Sx0tBkWAbqwnKig/t1nfR+JoG2j 2hL7dzM7xlBdUqeCwQbJRxptuV2UmJQ41mL2VFDIU=" After that, this Cipher text will be converted to hexadecimal in order to match IPv6 source address format. It is shown below: 67594b56506d4832 764258484e365061 78626d4d464f676e 74426b5741627177 316e66522b4a6f47 647a4d37786c0d0a 7751624a52787074 5134316d4c325646 The message will be divided into four parts each part Contains 64 bits (16 Character): Part 1 : 6759:4b56:506d:4832 Part 2: 7642:5848:4e36:5061 Part 3: 7862:6d4d:464f:676e Part 4: 7442:6b57:4162:7177 Part 5: 316e:6652:2b4a:6f47 Part 6: 647a:4d37:786c:0d0a Part 7: 7751:624a:5278:7074 Part 8: 5134:316d:4c32:5646
318
Each part will be injected into interface identifier (64 bit)of IPv6 packet. When using IPv6 source address steganography, the sender will not know whether the packet delivered to destination or not, because the three way handshake will not be completed due to fake source address, so the acknowledgement from receiver will not reach the real source address (Sender). The network prefix (64 bit) contains four places, the last place is for the subnet ID which will be used as a sequence number for the message by assigning a number to each part starting from 0 to 7 and also count of total number of packets sent by sender. Proposed method includes sequence number which is useful on receiver side to track the packets sent by sender. The receiver will receive the packets with sequence number. In case of any loss in any packet, destination can inform the sender about missing part of the message to retransmit. This method is used with two types of IPv6 address : Site Local: (FEC0:0000:0000:1111: 200:5aee:feaa:20a2) and Global. IPv6 Internet addresses (2001:4860:b002:1820: 200:5aee:feaa:20a2) Both Sites Local and Global subnet ID are used, so we can use this part for sequence packet. N.W Prefix Subnet ID Part 1: feca:0000:0000:7a8:6759:4b56:506d:4832 Part 2: feca:0000:0000:6a8:7642:5848:4e36:5061 Part 3: feca:0000:0000:5a8:7862:6d4d:464f:676e Part 4: feca:0000:0000:4a8:7442:6b57:4162:7177 Part 5: feca:0000:0000:3a8:316e:6652:2b4a:6f47 Part 6: feca:0000:0000:2a8:647a:4d37:786c:0d0a Part 7: feca:0000:0000:1a8:7751:624a:5278:7074 Part 8: feca:0000:0000:0a8:5134:316d:4c32:5646 IV. PROGRAMMER'S DESIGN Interface Identifier
Existing system performs communication between two parties by using IPv6 source address as covert channel. If third party extracts data, the message will be directly exposed to intruder. Hence, more level of security is required. That can be achieved by using cryptography. Therefore; steganography is followed by cryptography approach for better security. A cryptography techniques are shown in this table: Algorithm RC4 Blowfish AES RSA Type Private Private Private Public Security Medium Medium High High
Table 1 Cryptography Algorithm

319
AES algorithm with private key, is suitable due to design and strength of all key lengths of the AES algorithm (i.e., 128, 192 and 256). These are sufficient to protect classified information up to the secret level. Top secret information will require the use of both the 192 or 256 key lengths. The implementation of AES in products intends to protect national security systems and/or information. Input at Sender Side Cover medium(C): IPv6 packet (IPv6 Source Address field) Private Key for AES encryption Secret Message(M) Output at Receiver End Cover Medium(C): IPv6 packet (IPv6 Source Address field) Private Key for AES decryption Secret Message(M) Sender Site Algorithm 1. Accepting the message from the user(Plaintext). 2. Applying AES encryption algorithm with Private Key on plaintext to produce ciphertext. 3. Converting the Ciphertext to Hex to match IPv6 Source Address formatting. 4. Calculating the number of IPv6 packets. 5. Creating IPv6 packet(s) and assign a sequence number to each packet. 6. Hiding the hex in covert channel IPv6 source address. 7. Sending all packets to receiver. Receiver Site Algorithm 2. Receiving packets; and collecting them according to the sequence number. 3. Analyzing packet one by one. Fetching data of IPv6 source address. 4. Collecting all these encrypted data to form ciphertext. 5. Applying AES decryption algorithm using same Private key by sender on the ciphertext to produce plaintext. 6. Arrange plaintext data according to packet sequence to form a secret message V. ARCHITECTURE DESIGN We are showing secure model of AES Steganography. Crypto, AES system input Consist of: 1. Secret message. 2. Private Key. Output: AES Crypto message Ct. AES Steganography input: 1. IPv6 Packet. 2. Crypto message Ct. Output: AES-Steganography packets.
320
Fig.5 Architecture design VI. RESULTS AND DISCUSSION
This project is implemented in JAVA.JAVA open source library i.e. jpcap is used to capture and send IPv6 packets. This project is performed on Windows 7 platform. Wireshark protocol analyzer software is used to monitor the traffic generated from project. For security on secret data cryptography by using AES algorithm is also applied. To run this project at first receiver opens the communication device as shown in figure 6. Then sender will accept secret message from user and perform Steganography and cryptography and send the message as shown in figure 7. Then receiver accepts packets, arrange them according to sequence number then apply decryption and display secret message to receiver as shown in figure 8.
Fig.6 Receiver Site(Open communication device)

321
International Journal of Computer Engineering and Technology (IJCET), ISSN 0976 09766367(Print), ISSN 0976 6375(Online) Volume 4, Issue 2, March April (2013), IAEME
Fig.7 Sender Site
Fig.8 Receiver Site
322
VI.I
MATHEMATICAL MODEL
Let's assume Y = 0.7 is the probability of detecting the cover media IPv6 source address. Let's assume X = 0.9 is the probability of detecting the message for Active injection Steganography [5]. .S = X * Y S = 0.9 * 0.7 S = 0.63 probability of detecting the message Let's assume X = 0.6 is the probability of detecting the message for Short MAC encoding Steganography [5]. S=X*Y S = 0.6 * 0.7 S = 0.42 probability of detecting the message Let's assume X = 0.7 is the probability of detecting the message for Long MAC encoding Steganography [5]. S=X*Y S = 0.7 * 0.7 S = 0.49 probability of detecting the message Let's assume X = 0.3 is the probability of detecting the message for Proposed Method (i.e. Steganography and Cryptography). We are assuming low probability for proposed technique because earlier techniques only consider Steganography whereas we are proposing Steganography followed by cryptography. S=X*Y S = 0.4 * 0.7 S = 0.28 probability of detecting the message We have kept Y constant and we are varying X because X depends on Steganography technique applied. Proposed method outperform existing methods in terms of security as shown in figure 9.
Probabilty of detecting message

0.7 0.6 0.5 0.4 0.3 0.2 0.1 0
Short MAC Encoding Long MAC Encoding Active Injection Proposed Method
Security Level
Fig.9 Comparision Graph

323
VII.
CONCLUSION
IPv6 source address is used as a covert channel with capability of storing 64 bit per packet with assigning a sequence number to each packet which is useful for receiver to track the packets, providing high level of security by applying AES with private key. Applying Steganography and cryptography reduce the probability of piracy from detecting the messages on the network. The proposed method can be applied when high level of security is required for example: Confidential communication for secret data, Military, etc.
VIII.
ACKNOWLEDGEMENTS
We thank Prof. Sandeep Shinde & Mr. Muhammad Hussein Mayud for their valuable guidance in carrying out our research work.
REFERENCES Richard Popa, "An Analysis of Steganographic Techniques", The Politehnica University of Timisoara,1998. [2] Zoran Duric, Michael Jacobs, Sushil Jajodia, "Information Hiding: Steganography and Steganalysis", George Mason University2005. [3] Murdoch, S.J., and Lewis, S. "Embedding covert channels into TCP/IP", Informatioding,2005. [4] Kamran Ahsan. "Covert channel analysis and data hiding in tcp/ip". Master's thesis, University of Toronto, 2002. [5] Barret Miller, "Steganography in IPv6", University of Arkansas, 2008. [6] Lewandowski, Grzegorz, "Network-aware Active Wardens in IPv6". Dissertations, Syracuse University (2011). http://surface.syr.edu/eecs_etd/306 [7] S. Deering, R. Hinden, "Internet Protocol Version 6(IPv6) Specification", RFC 2460. [8] National Institute of Standards and Technology. Advanced Encryption Standard (AES). Federal Information Processing Standards Publications FIPS 197. [9] "en.wikipedia.org/wiki/Advanced_Encryption_Standard" [10] Fahim A. Ahmed Ghanem and Vilas M. Thakare, Optimization of Ipv6 Packets Headers Over Ethernet Frame, International journal of Electronics and Communication Engineering & Technology (IJECET), Volume 4, Issue 1, 2013, pp. 99 - 111, ISSN Print: 0976- 6464, ISSN Online: 0976 6472. [11] Shamim Ahmed Laskar and Kattamanchi Hemachandran, Steganography Based on Random Pixel Selection for Efficient Data Hiding, International journal of Computer Engineering & Technology (IJCET), Volume 4, Issue 2, 2013, pp. 31 - 44, ISSN Print: 0976 6367, ISSN Online: 0976 6375. [1]
324

Encryption & Steganography in Ipv6 Source Address

Transféré par

Informations du document

Copyright

Formats disponibles

Partager ce document

Partager ou intégrer le document

Options de partage

Avez-vous trouvé ce document utile ?

Ce contenu est-il inapproprié ?

Droits d'auteur :

Formats disponibles

Encryption & Steganography in Ipv6 Source Address

Transféré par

Droits d'auteur :

Formats disponibles

International Journal of Computer Engineering and Technology ENGINEERING (IJCET), ISSN 0976INTERNATIONAL JOURNAL OF COMPUTER 6367(Print), ISSN 0976