Call for Paper - November 2022 Edition
IJCA solicits original research papers for the November 2022 Edition. Last date of manuscript submission is October 20, 2022. Read More

Dual Layer Secured Password Manager using Blowfish and LSB

Print
PDF
International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Year of Publication: 2016
Authors:
Raaj Ahuja, Mukesh Ramrakhyani, Bunty Manchundiya, Sonal Shroff
10.5120/ijca2016910048

Raaj Ahuja, Mukesh Ramrakhyani, Bunty Manchundiya and Sonal Shroff. Dual Layer Secured Password Manager using Blowfish and LSB. International Journal of Computer Applications 143(3):5-10, June 2016. BibTeX

@article{10.5120/ijca2016910048,
	author = {Raaj Ahuja and Mukesh Ramrakhyani and Bunty Manchundiya and Sonal Shroff},
	title = {Dual Layer Secured Password Manager using Blowfish and LSB},
	journal = {International Journal of Computer Applications},
	issue_date = {June 2016},
	volume = {143},
	number = {3},
	month = {Jun},
	year = {2016},
	issn = {0975-8887},
	pages = {5-10},
	numpages = {6},
	url = {http://www.ijcaonline.org/archives/volume143/number3/25055-2016910048},
	doi = {10.5120/ijca2016910048},
	publisher = {Foundation of Computer Science (FCS), NY, USA},
	address = {New York, USA}
}

Abstract

Today’s era is the era of Smart phones. Smart phones are continually becoming smaller, more powerful and can perform variety of tasks. The data generated by these devices need to be stored and accessed securely. One example of such sensitive data is password. Computer users are increasingly using password for online accounts, email servers, e-commerce sites, financial services and social media websites and it is always advisable that passwords should be complex and reuse of passwords should be avoided. Therefore this leads to a challenge of remembering several complex passwords for various applications, something an average human being is not very good at.

In this paper, a Password Manager, an Android Application is proposed. This password manager takes login credentials (Email Address & Password) as input from user which is then being encrypted using Blowfish algorithm and finally the cipher is stored inside an image selected by user using LSB (least Significant Bit) Technique. A typical password manager uses database to store all login credentials but our proposed approach replaces database with image and stores all login credentials inside an image and in turn providing dual layer security of data that uses combination of both cryptography and steganography in which first layer is to scramble information using Blowfish Algorithm and second layer is insertion of scramble information inside an Image using least significant approach (LSB).

Finally, performance analysis of cover-image and stego-image shows that image quality is preserved in terms of MSE and PSNR

References

  1. William Stallings, “ Cryptography and Network Security: Principles and Practices”, Pearson Eduction, Third Edition, ISBN 81-7808-92-5.
  2. Trusteer, Inc. Reused login credentials. Security Advisory (2010), http://landing2.trusteer.com/sites/default/files/cross-logins-advisory.pdf
  3. Gasti, P. ,Rasmussen, K.B. : On the security of password managers database formats. In: Forest,S. , Yung, M., Martinelli, F. (eds.) ESORICS 2012. LNCS, vol. 7459, pp. 770-787. Springer, Heidelberg (2012).
  4. N.Provos and P.Honeyman,” Hide and Seek: An Introduction to Steganography,” IEEE Security and Privacy Mag.”,2003,vol. 1,no.3,pp.32-44
  5. Manoj, I.V.S., 2010. Cryptography and Steganography, International Journal of Computer Applications (0975–8887), 1(12): 63-68.
  6. Bharti,P.,and Soni, R.,A New Approach of Data Hiding in Images using Cryptography and Steganography,International Journalof Computer Applications,Vol.58,No.18,2012,pp1-5
  7. Belenko, A., Sklyarov, D.:Secure Password Managers” and “Military-Grade Encryption on Smartphones: Oh, Really? Technical report, Elcomsoft, Amsterdam (March 2012).
  8. O P Verma, Ritu Agarwal, Dhiraj Dafouti, Shobha Tyagi,``Peformance Analysis Of Data Encryption Algorithms'', @2011 IEEE.
  9. Tanjyot Aurora, Parul Arora, ``Blowfish Algorithm'',international Journal of Computer Science and Communication Engineering IJCSCE Special issue on Recent Advances in Engineering & Technology, NCRAET-2013.
  10. Pia Singh Prof. Karamjeet Singh, ``Image encryption and decryption using blowfish algorithm'', in matlab International Journal of Scientific Engineering Research, Volume 4, Issue 7, July-2013 150 ISSN 2229-5518.
  11. Monica Adriana Dagadita, Emil Ioan Slusanschi, Razvan Dobre,``Data Hiding Using Steganography'', @2013 IEEE 12th International Symposium on Parallel and Distributed Computing.
  12. Mamta Juneja, Parvinder Singh Sandhu, ``Designing of Robust Image Steganography Technique Based on LSB Insertion and Encryption'', @2009 International Conference on Advances in Recent Technologies in Communication and Computing.
  13. Usha, S., Kumar, G. A. S., and Boopathybagan, K., A secure triple level encryption methodusing cryptography and steganography, Computer Science and Network Technology (ICCSNT), International Conference, Vol.2, No.2.11, 2011 ,pp. 1017-1020.IEEE.
  14. B. Schneier, "Description of a New Variable-Length Key, 64-bit Block Cipher (Blowfish)," Fast Software Encryption: Second International Workshop, Leuven, Belgium, December 1994, Proceedings, Springer-Verlag,1994, pp.191-204

Keywords

Cryptography, Steganography, Blowfish algorithm, Least Significant bit (LSB) ,Symmetric Key, Password Manager, Master Password, Email-ID, Passwords, Mean Square Error (MSE), Peak Signal to Noise Ratio (PSNR)