StegaAuth

Strong authentication using steganography

Main Requirements

1. Provide a secure way of transmitting user credentials from the client to the server over an

unsecured network

2. Embed and extract user credentials using steganographic methods

3. Verify credentials and allow access to authorized users

Project Architecture

Michael Kipnis

Advisor: Shahar Ohana

Software Engineering

Android Client

Username and password are keys to user personal data.

Failing to securely deliver it from client to server, during

authentication, puts his personal information in risk. When

all guards fail, StegaAuths' unique approach will keep it safe

and secure. By hiding the very existence of the data,

intruders not be able to steal the credentials and user's

personal information integrity will stay intact.

User Repository

(Authentication Credentials)

Secure Web Site

User Authentication System

Management System

Cryptographic and Steganography

Engines

Administrative User Interface

Internet

1.Find unique

device id

1.Encrypt user

credentials using

AES algorithm with

Unique device id

1.Embed

encrypted text into

image

Stego-image ready for transmit

a.Embed part

of the

encrypted

text in edge

areas

a.Embed part

of the

encrypted

text in

smooth areas

a.Detect

edges and

smooth areas

in the image

Node.js Server

Encyphered text

a.Extract

cypher text

a.Find

cypher text

in image

using seed

a.Extract

cypher text

from image

1.Use

unique id to

decrypt text

1.Verify

credentials