Enhanced Security: Implementation of Hybrid Image Steganography Technique using Low-Contrast LSB and AES-CBC Cryptography

—Now-a-days, sensitive and confidential information needs to be exchanged over open, public, and not secure networks such as the Internet. For this purpose, some information security techniques combine cryptographic and steganographic algorithms and image processing techniques to exchange information securely. Therefore, this research presents the implementation of an algorithm that combines the AES-CBC cryptographic technique with the LSB steganographic technique, which is statistically enhanced by image processing by looking for low-contrast areas where the encrypted information will be stored. This hybrid algorithm was developed to send a plaintext file hidden in an image in BMP format, so the changes in the image are invisible to the human eye and undetectable in possible steganographic analysis. The implementation was performed using Python and its libraries PyCryptodome for encryption and CV2 for image processing. As a result, it was found that the hybrid algorithm implemented has three layers of security over a plaintext encrypted and hidden in a digital image, which makes it difficult to break the secrecy of the information exchanged in a stego-image file. Additionally, the execution times of the hybrid algorithm were evaluated for different sizes of plaintext and digital image files.


I. INTRODUCTION
When sensitive or confidential information needs to be sent securely between two parties communicating over media with a high probability of attack, e.g., public, open, or unsecured networks such as the Internet, it is necessary to employ information security techniques to perform this exchange. Some techniques can be used for information hiding and others for information encryption [1]. In the case of information concealment, steganographic techniques allow hiding a secret message in a cover message in such a way that its existence is not detectable to others but only to the receiver of the information. In the case of information encryption, cryptographic techniques allow exchanging secret information between sender and receiver through the encryption and decryption of coded messages.
Additionally, when the information traffic on the Internet today is analyzed, it is evident that the conventional type of communication is based mainly on sending images and video, which is how images have come to be selected as a means to communicate secret information securely. Nowadays, there is literature on different image steganographic techniques for information concealment [2] [3], and different cryptographic techniques for information encryption [4]. Such studies classify the existing algorithms, indicate the performance parameters, and show the advantages, possible applications, and attacks or security problems they may present [5] [6].
Thus, some of these studies have concluded that one way to improve information security, increasing the reliability, robustness, and solidity in the exchange of information is to combine steganographic techniques with cryptographic techniques [1] [7]. One way to do this is to take the sensitive or confidential information to be transmitted to perform an encryption process by implementing some cryptographic technique, and then take the encrypted message to perform a mixing process with a cover image using some steganographic technique [8].
Some examples of this are: [9] where the message to be transmitted is encrypted in two stages, the first by Caesar cipher and the second by chaos theory; the encrypted message is embedded in the cover image using the Least Significant Bit (LSB) substitution steganographic algorithm. [10] where the message to be transmitted is encrypted using Advance Encryption Standard (AES) encryption; at the same time, the cover image is preprocessed to resize it and identify the areas where the LSB substitution process was performed using inverse Wavelet Transform and Artificial Neural Networks (ANN). The author in [11] where the message to be transmitted is encrypted using AES encryption, including a hash process; this hash encrypted text is embedded in a cover image through Dynamic Octa Pixel Value Differencing (DOPVD) embedding algorithm that includes LSB + PVD approach. The author in [12] where the image to be transmitted is encrypted using a large secret key through XOR operation; the encrypted image is embedded in a cover image by LSB obtained a stegoimage; finally, the stego-image is watermarked in time domain and frequency.
For this reason, this research aims to implement an algorithm that combines cryptographic and statistically enhanced steganography techniques for sending plain text files over a digital image in BMP format. That algorithm develops using Python and the OpenCV libraries as the base implementation language, considering the size restrictions of such information to be hidden as well as the resolution of the cover image [13].
In the case of cryptographic technique, it was decided to use Advanced Encryption Standard (AES) as the encryption www.ijacsa.thesai.org method. Because it is the standard cipher [14] [15] [16], given its security level, information encryption speed (capacity), and current availability in the internal architecture of processors as a dedicated hardware block [17] [18] [19], making it native in any application [20]. The only configurable parameter on AES is the cipher operation mode, which is associated with the order in which the keys and the initialization vector are combined with the information to be encrypted. Therefore, in this case, the Cipher Block Chaining (CBC) operation mode was chosen.
In the case of the statistically enhanced steganographic technique, it was decided to use the Least Significant Bit (LSB) substitution as a base method [21] [22] [23], enhanced in terms of selecting the information hiding areas. Such enhancement is achieved by using image processing techniques to choose a low contrast area [24], where the image entropy is less affected [25], offering a robust solution in terms of a possible stegoanalysis. The image processing technique uses applied statistics concepts as mathematical criteria for locating the hidden and encrypted information. For this purpose, it is based on the characteristics of the analyzed images as a random variable, where the histogram's high dispersion can measure an image's high contrast. That is, the higher the contrast of the stego-image, the higher the security level given by this extra layer based on the processing and analysis of digital images (PAID).
Therefore, this paper presents the implementation and validation of a hybrid crypto-steganographic system. Section II describes the structure proposed to implement the hybrid system highlighting the three main elements. Section III explains the development of the software application step by step, showing: how the user key is entered, how the information encryption process, how the area where the encrypted message will be hidden is chosen, and how the execution of the LSB algorithm to reach the output stego-file. Section IV presents the validation of the implemented hybrid system and performs a performance analysis of the complete application's processing time. Finally, in Section V the conclusions according to these results are shown.

II. METHODOLOGY
The proposed structure is a hybrid technique that combines the AES-CBC cryptographic technique with enhanced LSB steganography to hide the information in the lower contrast area of the image, as shown in Fig. 1. The upper part of the graph shows the plaintext encryption process corresponding to the sensitive or confidential information to be transmitted. The lower part shows the processing of the cover image to determine the low contrast area. The right side of the figure shows the embedded process of the cipher text using a classical LSB technique to conceal it in the low contrast area, obtaining a stego-file containing the encrypted information immersed in the image (called Stego-Image).
This proposed structure complies with the philosophy of Feistel networks, which is none other than having the same architecture of the solution for the encryption and decryption of the information. It is a reversible structure where it is only necessary to reverse the order of the blocks to carry out the decryption process.
For the implementation, an application was made in Python 3.X, using the OpenCV libraries for image processing, in addition to using Numpy to work with vectors and matrices and MatplotLib to visualize the partial and final results. In this case, the information to be encrypted and hidden is a plain text encoded in UTF-8, to which a data type change process must be performed to be encrypted with AES in a CBC operation mode, always working with a pure binary string or in 64 bits format. Finally, the Cryptodome library was used, which has every one of the cryptographic functions necessary to encrypt the information.

A. User Key Expansion
The aim is to encrypt the plain text using a standard block cipher such as AES-CBC; this algorithm requires a key and an initialization vector. For that, a key expansion process must be performed, and then the encryption of this key with an asymmetric algorithm [26].
Since block ciphers must have a key size equal to the block's size to be encrypted, a minimum procedure is required to ensure that the size of the session key is entered by the person or entity that will perform the steganography process complies with this characteristic. For this purpose, a key expansion procedure is performed, using the functions of the Cryptodome library developed for Python in its version 3.0 or higher, employing the PKCS #5 key expansion process, shown in the pseudo-code of Fig. 2.
This block cipher algorithm generates a series of subkeys to increase the entropy of the encrypted information; this process of generation and mixing of the subkeys with the information to be encrypted corresponds to the CBC mode of operation. This mode of operation generates high entropy since, in each of the cipher rounds, the K-th subkey is mixed with the information, obtaining at the end of the encryption process a new key that is mixed with the initialization vector. This process is automated and standardized, achieving greater security in the encryption of the information.

B. Encryption Process of the Plaintext Message
Once the operation mode of the encryptor, its working mode, the key of the indicated size, and the implicit generation of the initialization vector are clear, the information encryption process must be clearly understood to achieve its compatibility with the image file. In this case, the size of the plaintext file must be clear to be encrypted, what type of data is necessary to achieve the encryption process, and generate empty vectors where the encrypted information will be returned. For this process, it must have some of the tools offered by the NumPy library.
Next, the process of reading the text size to be encrypted is performed and compared with the number of pixels chosen to blend the ciphertext with the image. It must be guaranteed that the number of characters of the input text will never be the same as the number of pixels; therefore, a random filler text must be generated so that no empty spaces are created in the output stego-file. This process is done to avoid the simple detection of hidden information. Fig. 3 shows in a simple pseudo-code this programming scheme.
Once the character string is ready to perform the information encryption process, taking into account the dimensions and type of data required, an algorithm is applied that selects the low contrast areas where it is more difficult to detect the hidden information.

C. Statistical Method: Choice of the Low Contrast Area
The aim is the cover image file processing using applied statistics concepts to identify the areas of lower contrast in the image, areas where the encrypted information will be placed. In other words, a process of selecting in which part of the image to place the hidden information is made. This task requires using image processing functions available in the OpenCV (CV2) libraries.
According to [24], an algorithm is used to detect some pixels with low contrast, complying with the following criteria to detect the areas where the human eye does not detect any change: The criterion for detecting dark areas is in the image. This criterion is described in (1). It requires determining a working window, the number of pixels of the convolution matrix. For establishing a series of local medians , which will be compared with the global median of the entire image using a weighting constant , where the value of this constant depends on the gray level that will be given as "dark." (1)  (IJACSA) International Journal of Advanced Computer Science and Applications, Vol. 13, No. 8, 2022 902 | P a g e www.ijacsa.thesai.org The possible selection criterion is for finding low contrast areas. This criterion is described in (2). It compares the local standard deviation in a certain pixel window with the global standard deviation of the whole image by taking as a weighting factor or comparison criterion a factor . This factor is determined by the experience of how scattered are the grayscale values in the low contrast regions to be detected. (2) On the other hand, a possible error is generated in the selection criterion that [24] describes as enhancing a constant area, where the standard deviation would be zero evidently. Such a problem must be applied depending on the characteristics of the chosen image and is described by (3).
This equation describes the way to compare a minimum local standard deviation in a certain pixel window with the global standard deviation with a factor , avoiding enhancing or selecting constant zones. In other words, it becomes undesirable to select a pixel from a zone with the same gray level as a candidate for the LSB algorithm.
The algorithm applying the above mathematical criteria in practice was implemented through a pseudo-code, shown in Fig. 4. As a result, a binary matrix is obtained, which clearly identifies the low contrast zones where the LSB information mixing algorithm will be used to obtain the stego-image with the concealed information in these specific zones.

D. LSB Method (Least Significant Bit)
It is a method that seeks to place a binary string with the information to be hidden in the stego-file. In this case, having encrypted information, the binary string will be in a pure binary format or base64; these types of data result from the encryption process. Then, mixing or embedding this information in the cover image is performed through a simple binary mask. Fig. 5 shows the pseudo-code that mixes or embeds the encrypted information in the least significant bit of the cover image in the areas chosen by the statistical algorithm (low contrast areas).
It is necessary to ensure the correct functioning of the LSB algorithm that an image with large low-contrast areas compared to the total image size should be chosen. On the other hand, it is recommended to work with images of a size larger than the possible size of the plaintext to be encrypted and hidden in the digital image. In other words, the size of the stego-image of the input image should be much larger than the stego-message, which should be cipher using an encryption algorithm.
For this case, it was chosen only to hide plaintext files since it requires less processing than applying such processing to multimedia files. However, if the application requires it, the same technique can be applied to other types of files or combinations.  (IJACSA) International Journal of Advanced Computer Science and Applications, Vol. 13, No. 8, 2022 903 | P a g e www.ijacsa.thesai.org

III. RESULTS
The first step to verify the algorithm's effectiveness is to verify that the statistical algorithm effectively identifies the areas with low contrast. Fig. 6 shows in part (a) the original image with an area of low contrast and in part (b) a black and white image, where the white parts are the areas of the pixels chosen to perform the information hiding process using the LSB algorithm. For this part, it was only necessary to follow the steps of equations (1) and (2).
As a result, the stego-image does not look the same in its least significant bits as the original cover image, although this is not as visible to the human eye. The image loses its natural entropy, i.e., the bright part of the image is removed. This characteristic serves as an indication to discover whether a stego-image has hidden information in a steganalysis process.
The information encryption and hiding process were tested using the AES-CBC algorithm for encryption and the enhanced LSB algorithm that mixes o embeds information in the low contrast areas; this test was made using different sizes of plaintext files. Fig. 7 shows a bar graph that presents the execution time depending on the size of the information to be encrypted and hidden. The tests were performed on a PC with an 8-core Core i7 with 16 Gigabytes of RAM and a Geforce GTX 610 video card.
It can be seen how the application can store files of different sizes in the stego-image, up to a limit of one Megabyte, the size of the book Don Quixote in plaintext format, for which the processing time was approximately one minute. On the other hand, the time for information smaller than 200 kilobytes is less than 10 seconds, so it could be said that the process is agile for small texts.   904 | P a g e www.ijacsa.thesai.org

IV. CONCLUSION
It was verified that the step-by-step implementation of a hybrid algorithm that combines cryptographic and steganography techniques for sending plaintext files over a digital image in BMP format gives a double layer of security. So, if the stego-image is revealed to have hidden information, it is impossible for the person or entity intercepting the message to know plaintext content because it is encrypted.
On the other hand, it was determined that using a statistically enhanced steganography technique to choose the lower contrast areas to hide the encrypted information only in these zones gives the hybrid algorithm an extra layer of security, making the entire algorithm more robust. The choosing lower contrast areas algorithm makes that the entropy of the image is only affected in the areas chosen by it. This feature makes it difficult to detect concealed information. It adds an extra layer of security since, besides having the session key to decrypt the ciphertext, the value of two constants, k_0 and k_2, must be present so that when performing the decryption process, the information only is taken from these areas. Therefore, it is verified that only modifying the least significant bit does not affect the statistical selection criteria with which the pixels in which the encrypted information was hidden were chosen.
Regarding the cryptographic technique implemented to encrypt the information before hiding it, the standardized AES-CBC algorithm was used, which was automated using the Cryptodome library, achieving greater security in the encryption of the information. However, it became evident that it would be possible to experiment with different combinations of standardized modes for AES in the Cryptodome library for future work. Seeking to maximize the entropy in the information and therefore generate fewer possible patterns in the LSB algorithm, as well as specifying how the key and the comparison constants would be exchanged.
Finally, the algorithm's performance was analyzed regarding the time used for the encryption and embedded process, resulting in fast usability for small plaintext files below 200 kilobytes. It is a good performance considering that a 100 kilobytes text is the entire chapter of any chapter literature text.

ACKNOWLEDGMENT
The Universidad Distrital Francisco José de Caldas supports this work through the research group SIE -Embedded Informatics Security-which belongs to the Technological Faculty. SIE has dedicated to working in cryptography and applied steganography. Currently, the bases are being generated to implement this type of algorithm in stand-alone applications, which is the final purpose of the workgroup.