=Paper=
{{Paper
|id=Vol-2544/paper4
|storemode=property
|title=Secure Electronic Medical Records Transmission using NTRU Cryptosystem and LSB in Audio Steganography
|pdfUrl=https://ceur-ws.org/Vol-2544/paper4.pdf
|volume=Vol-2544
|authors=Adamu Abdulkadir,Shafi’i Muhammad Abdulhamid,Oluwafem Osho,Ismaila Idris,John K. Alhassan
|dblpUrl=https://dblp.org/rec/conf/irehi/AbdulkadirAOIA18
}}
==Secure Electronic Medical Records Transmission using NTRU Cryptosystem and LSB in Audio Steganography==
https://ceur-ws.org/Vol-2544/paper4.pdf
Secure Electronic Medical Records Transmission using NTRU Cryptosystem
and LSB in Audio Steganography
Adamu Abdulkadir, Shafi’i Muhammad Abdulhamid, Oluwafem Osho, Ismaila Idris and John K Alhassan
Department of Cyber Security Science, Federal University of Technology, Minna, Nigeria.
Email: abdulcybersec2015@gmail.com, shafii.abdulhamid@futminna.edu.ng, femi.osho@futminna.edu.ng,
ismi_idris@yahoo.co.uk, jkalhassan@futminna.edu.ng
Abstract - Electronic medical records (EMR) are vital Unfortunately, the current architecture of the internet does
information, extremely sensitive private data in healthcare, not support security [1]. Attackers exploit this inherent
and need to be frequently shared via the internet among peers. weakness to perpetrate different attacks which target EMR
One of the major benefits derived from the internet is the ease data. Hence, the need for security of EMR data online
of sending information from one system to another,
cannot be over-emphasized. One method of protecting EMR
irrespective of the location or distance between the nodes. This,
and many other related important functionality, over the data online is data hiding.
years, has attracted attackers who dedicate themselves to
breaching the integrity, availability and confidentiality of EMR EMR data hiding simply involves embedding EMR data in
information. Existing literature have proposed cryptographic different media. EMR data, such as text, images, videos, or
techniques that are not quantum-safe. In this paper, an audio- audio can be concealed in a media, for security purpose.
based system for hiding EMR information using a quantum- Techniques used for hiding EMR data are watermarking,
safe cryptographic technique, Nth degree Truncated steganography, and cryptography [2]. Watermarking is
Polynomial Ring Units (NTRU) cryptosystem, and the Least essentially used to indicate ownership of an object [3, 4].
Significant Bit (LSB) steganographic technique is proposed.
Steganography is used to secure EMR data transmission. A
The system was evaluated based on embedding capacity (EC),
peak signal to noise ratio (PSNR), mean square error (MSE), message is usually hidden in another message to make it
and histogram plots. Results showed our proposed system is imperceptible to unauthorized entities [5, 6].
able to securely hide the medical records without causing
significant distortions in the original audio. One shortcoming, however, with strictly relying on
steganograsphy is its vulnerability to steganalysis [7]. With
Keywords - Electronic medical records (EMR), Information steganalysis hidden messages can be detected [8, 9]. One
hiding, Security, Cryptography, Steganography, LSB, NTRU solution is to encrypt the message before embedding it in a
media. Cryptography scrambles messages to render them
unintelligible to unauthorized entities. This ensures that
I. INTRODUCTION even if the attacker discovers the hidden message the actual
Electronic medical records (EMR) are very delicate private content of the message is not decoded.
records for diagnosis and treatment in healthcare, which
need to be regularly shared among medical personnel in In this study, we propose a security enhancing EMR data
both rural and urban settings such as healthcare providers, hiding system that leverages cryptography and
insurance companies, pharmacies, researchers, patient’s steganography, specifically, the Nth degree TRUncated
families, among others. This poses a major challenge on Polynomial Ring Units (NTRU) and Least Significant Bit
keeping a patient’s medical history up-to-date and most at (LSB) respectively.
times private. Transmissions of EMR information are
mostly done using the cyber space or wide area networks The rest of the paper is organized as follows: in section II,
which are prone to attacks. we review some related studies. The methodology used in
the study is discussed in the next section. Section IV
Since the advent of the internet, its capacity and presents the implementation of the system and results of the
sophistication have continued to advance. From a platform evaluation. The study is concluded in section V.
used primarily for displaying static web pages, it has
become a tool for dynamic exchange of EMR data and II. RELATED WORKS
information. Today, the internet not only serves as a Different cryptographic and steganographic techniques have
repository of EMR information, but also, among other been proposed by authors. In the choice of steganographic
purposes, provides functionality for exchange of techniques, few authors considered the use of transform
information among different medical personnel. domain techniques. These include Discrete Wavelet
Transform (DWT) [10], and Discrete Cosine Transform
(DCT) [11]. However, most studies employed spatial
Copyright © 2019 for this paper by its authors. Use permitted under Creative Commons License Attribution 4.0 International (CC BY 4.0)
IREHI 2018 : 2nd IEEE International Rural and Elderly Health Informatics Conference
�domain techniques, with LSB as the most common. In the quantum-safe. This is the major contribution of this
study by [12], a Hash Least Siginificant Bit (H-LSB) was research.
proposed. This entails the use of hash function to determine
the position of insertion in the LSB. [13], in their own work, Table 1. Review of related literatures
combined the use of Pixel value differencing (PVD) and Steganography Cryptograph
LSB to embed messages in truecolor RGB images. PVD No. Authors (Year) Tech y
helps to determine the size of the secret message Type
nique Technique
embeddable in a pixel, using the difference between two 1. Abdullah & Aziz Image H- Affine Cipher
consecutive pixels [14]. With this method, the stego-image (2016) LSB
can hide much larger information, whilst still maintaining 2. Garg & Kaur Image LSB AES
good visual quality [15, 16]. (2016)
3. Reddy & Kumar Image LSB AES
To encrypt the messages before they are embedded into the (2016)
various media, most studies seem to favor the use of 4. Sethi & Kapoor Image LSB AES
symmetric techniques. Some of the techniques proposed are (2016)
AES [17-22], DES [23], Blowfish [24], and Affine Cipher 5. Deshpande, Fusate, Audio LSB RSA
[25]. Saraireh [26] proposed the use of the filter bank cipher Malviya, &
over Galois field (GF (28)), to improve the resistivity of the Dhyavartiwar (
cipher against cryptanalysis attacks, specifically, differential 2015)
and linear attacks. Usha, Kumar and Boopathybagan [27] 6. Hayfaa et al. Image LSB Substitution
proposed an information hiding systems that implements (2014) cipher
double layer of EMR data encryption. The message is first 7. Saraireh (2013). Image DWT Filter bank
encrypted using the Playfair cipher. The ciphertext is then cipher
encrypted using AES. Hayfaa, Ahmad and Noor [28], in 8. Singh & Malik Image LSB Blowfish
their study, designed a simple substitution cipher which (2013)
represents each character by five bit. It is essentially based 9. Abikoye, Adewole, Audio LSB DES
on substituting characters in the English language with a & Oladipupo
code number. (2012)
10. Gupta et al. (2012) Image LSB RSA and
One of the few studies that involved the use of asymmetric DHA
cryptographic scheme is [29]. The study explored the effects 11. Phad et al. (2012) Image PVD AES
of two encryption schemes, RSA and DHA, on time and
complexity. Their results showed that while the use of RSA LSB
increased the time complexity in steganalysis, the Diffie 12. Usha et al. (2011) Image LSB Playfair
Hellman Algorithm did not. Table 1 presents a summary of cipher and
some related studies. AES
13. Sarmah & Bajpai Image DCT AES
The objective of combining steganography with (2010)
cryptography is to enhance the security of the hidden
message, to the effect that even if the hidden message is
discovered its true contents remain unreadable to the III. METHODOLOGY
attacker. The level of security will therefore be dependent EMR data hiding system that leverages on cryptography and
on the strength of the cryptographic scheme employed. Most steganography to secure message is presented. The message
existing studies proposed modern cryptographic techniques. is first encrypted using NTRU. The encrypted message is
However, these techniques are vulnerable to many attacks then embedded into a digital audio media using LSB
including brute-force, known plaintext, chosen ciphertext technique before it is transmitted by the sender. The
attacks [30]. encryption/decryption process by NTRU and embedding
algorithm of the LSB technique are presented in the
One other issue borders the fact that most asymmetric succeeding sections respectively. Figure 1 presents the
cryptographic schemes are based essentially on either embedding process. For extraction of the hidden message by
integer factorization or discrete logarithms. These classes of the receiver, the process is essentially reversed.
problems, unfortunately, can be solved quickly by quantum
computers that employ quantum algorithms. The
implication is that, the capacity of the techniques to secure
encrypted information cannot be guaranteed [31]. There is
therefore need for cryptographic techniques that are
� picks a polynomial 𝜙 𝜖 ℒ , and then uses the public key of
Bob to compute:
𝑚 ≡ 𝑝𝜙 ⨂ ℎ + 𝑚(𝑚𝑜𝑑 𝑞) (4)
𝑚 is the encrypted version of the message Alice finally
sends to Bob.
Decryption: For Bob to decrypt the encrypted message 𝑚
from Alice, he computes:
𝑎 ≡ 𝑓 ⨂ 𝑚 (𝑚𝑜𝑑 𝑞) (5)
The coefficients of 𝑎 are chosen from the interval − 𝑞⁄2 to
Figure 1. The message embedding process 𝑞⁄2. He recovers the message via:
𝐹 ⨂ 𝑎 (𝑚𝑜𝑑 𝑝)
A. NTRU B. LSB
NTRU is a ring-based public key cryptosystem proposed by This method is used to hide sequence of binary message in
Hoffstein, Pipher and Silverman [32]. It is an efficient and the least significant bit of a digital audio file. This technique
computationally inexpensive cryptosystem, known for its capitalizes on the nature of the Human Auditory System
low memory requirement, high speed, moderately, and (HAS) which does not have the ability to detect slight
easily created keys [33]. The technique is secure against differences in the audio frequencies, especially when it is
brute-force, meet-in-the-middle, multiple transmission, and more concentrated at the audible spectrum. LSB has the
lattice-based attacks. And it is a quantum-safe cryptosystem. advantage that it allows large amount of information to be
hidden without reducing the quality of the audio file.
For an NTRU cryptosystem, we define three integer Consequently, it is easy to carry out.
parameter: (𝑁, 𝑝, 𝑞), and four sets of polynomials of degree
𝑁 − 1: ℒ , ℒ , ℒ , ℒ . We assume that 𝑔𝑐𝑑(𝑝, 𝑞) = 1, and An illustration of how the message ‘FUT’ is embedded into
an audio file using the concept of LSB is presented in
𝑞 > 𝑝 . The notation for the ring is given as: 𝑅 =
Figure 2. Both message and audio file are first converted to
ℤ[𝑋] / (𝑋 – 1) bit stream. To convert ‘FUT’ to binary, we convert the
ASCII value equivalent of the different characters in the
message to binary. This is presented in Table 2. The least
We write an element 𝐹 𝜖 𝑅 as: significant (right-most) bit of the audio stream is then
replaced with the bit stream of the message.
𝐹=∑ 𝐹𝑥 (1)
Table 2 Conversion of message ‘FUT’ to binary
We write a star multiplication, denoted by ⨂ , which is Binary
Character ASCII Value
explicitly a cyclic convolution product. Representation
F 70 1000110
Key Creation: Bob randomly select polynomials 𝑓, 𝑔 𝜖 ℒ . U 85 1010101
We denote two inverses, 𝐹 and 𝐹 , of polynomial 𝑓 by: T 84 1010100
𝐹 ⨂ 𝑓 ≡ 1(𝑚𝑜𝑑 𝑝) and 𝐹 ⨂ 𝑓 ≡ 1(𝑚𝑜𝑑 𝑞)
(2)
Bob then computes:
ℎ ≡ 𝐹 ⨂ 𝑔(𝑚𝑜𝑑 𝑞)
(3)
Therefore, the public key of Bob is the polynomial ℎ, while
his private key is 𝑓.
Encryption: To send a message to Bob, Alice simply
selects a message 𝑚 from the set of plaintexts ℒ , randomly
� 𝑃𝑆𝑁𝑅 = 10 log (8)
Where R is the slightest variation of the stego-audio, which
is usually 255 in integer EMR data type.
Histogram Plot: This provides a graphical representation of
the different amplitude values of the audio signal.
IV. EXPERIMENTAL RESULTS
The proposed NTRU + LSB technique was developed using
a PC with the following properties: Pentium (R) CPU
T4500 @ 2.30GHz, 4GB RAM, Windows 8.1 pro operating
system, and Java programming language (using NetBeans
8.1 platform). Appendices A to D depict some screenshots
of system testing.
To evaluate the performance of the proposed technique, five
.wav digital audio samples were used. Five messages of
Figure 2. Using LBS technique to hide EMR data in an audio file different sizes were generated, with each embedded into one
audio sample. The corresponding stego-audio files were
analyzed on MATLAB 2013a. Details including the audio
C. Performance evaluation metrics
name, size, and message size, and results of the EC, MSE,
The performance of our proposed system is evaluated by the
and PNSR are presented in Table 3.
embedding capacity (EC), mean squared error (MSE), peak
signal to noise ratio (PSNR), and histogram plots.
Table 3. Performance evaluation of proposed EMR data hiding technique
Embedding Capacity (EC): This is the maximum quantity Audio Message Embedding
Audio MSE PNSR
of EMR data that can be embedded into a cover audio Name
Size Size Capacity
(decibel) (decibel)
without significantly altering the value of the original audio (KB) (KB) (%)
hotstuff 48 3.1 6.5 5.3347e- 120.8597
file. It is the fraction of the secret message by the cover
08
audio object. Sample 16 3.7 23.1 3.1388e- 133.1631
Audio 09
mail 20 2.3 11.5 3.6123e- 112.5530
𝐸𝐶 = (6) 07
cello 648 3.9 0.60 2.7825e- 133.6864
09
Mean Squared Error (MSE): Denotes the cumulative skippy 24 2.8 11.6 5.3586e- 120.8403
square error between the cover audio signal and the stego- 08
audio. When the value of the MSE is low it is better, and
therefore the little the error rate between the illustrations Results showed that the different messages were
which shows little alteration was added. MSE is computed successfully embedded in the .wav audio covers. The low
using the formula: MSE in each case shows that little alteration was added.
Equally, the high PNSR values, which are consequences of
∑ , [ ( , ) ( , )]
𝑀𝑆𝐸 = (7) the low MSE, confirm high resemblance between the
∗
original audio samples and the corresponding stego-audio
M and N stand for the rows and columns of the audio files. This implies that our proposed system is good, causing
samples. I1 is the stego audio while I2 is the cover audio no significant distortions in the audios. To further explore
the effect of embedding messages in the selected audio files.
Peak Signal to Noise Ratio (PSNR): It is used to estimate Figures 3 to 7 present the histogram plots. The results show
the amount of resemblance that exists between the original little or no differences in the audios after steganography.
audio and the stego-audio. This parameter depends on MSE.
It is also referred to as the quality measurement between
two or files involved. It is measured in decibels. When the
comparison of PSNR is high it means the system is good
and this shows that the distortion is low.
� performance showed little or no distortion to the sample
audios after message embedment. Our system could
promote secure communication in healthcare systems,
ensuring confidentiality, integrity, and availability.
Our major contribution lies in proposing a secure crypto-
steganographic technique. Future studies could consider
other quantum-safe cryptographic schemes. This includes
techniques based on lattice theory, coding theory, and
multivariate quadratic polynomials. Our proposed system
implemented the commonly used spatial domain technique,
LSB. Frequency domain techniques have been reported to
Figure 3. Audio plot (histogram) of Figure 4. Audio plot (histogram) of
be stronger than those in the spatial domain [34].
hotstuff.wav before and after Sample audio.wav before and after Combining highly secure cryptographic and steganographic
steganography steganography techniques would no doubt increase the level of security an
EMR information hiding system can provide.
VI. REFERENCES
[1] Abdullah, A.M. & Aziz, R.H.H., 2016. New Approaches to Encrypt
and Decrypt Data in Image using Cryptography and Steganography
Algorithm. International Journal of Computer Applications, 143(4),
pp.11–17.
[2] Abikoye, O.C., Adewole, K.S. & Oladipupo, A.J., 2012. Efficient Data
Hiding System using Cryptography and Steganography.
International Journal of Applied Information Systems, 4(11), pp.6–
11.
[3] Campagna, M. et al., 2015. Quantum Safe Cryptography and Security:
An Introduction, Benefits, Enablers and Challenges, Available at:
http://www.etsi.org/images/files/ETSIWhitePapers/QuantumSafeW
hitepaper.pdf.
[4] Das, J., 2014. A Study on Modern Cryptography and their Security
Figure 5. Audio plot (histogram) of Figure 6. Audio plot (histogram) of Issues. International Journal of Emerging Technology and
mail.wav before and after cello.wav before and after Advanced Engineering, 4(10), pp.320–324.
steganography steganography [5] Deshpande, N. et al., 2015. Implementation of Audio Steganography
Using RSA Algorithm. International Journal of Technology
Enhancements and Emerging Engineering Research, 3(4), pp.81–
84.
[6] Djebbar, F. et al., 2012. Comparative study of digital audio
steganography techniques. EURASIP Journal on Audio, Speech,
and Music Processing, 25, pp.1–16.
[7] Garg, N. & Kaur, K., 2016. Hybrid information security model for
cloud storage systems using hybrid data security scheme.
International Research Journal of Engineering and Technology,
3(4), pp.2194–2196.
[8] Gupta, S., Ankur, G. & Bhushan, B., 2012. Information Hiding Using
Least Significant Bit Steganography and Cryptography.
International Journal of Modern Education and Computer Science,
6, pp.27–34.
[9] Hayfaa, A., Ahmad, R. & Noor, N.M., 2014. Combining Cryptography
and Steganography for Data Hiding in Images. conference of
Applied Computer and Applied Computational Science (ACACOS),
Figure 7. Audio plot (histogram) of skippy.wav pp.128–134.
before and after steganography [10] Latiff, M.S.A., Chiroma, H., Osho, O., Abdul-Salaam, G., Abubakar,
A.I. and Herawan, T., 2017. A review on mobile SMS spam
V. CONCLUSION filtering techniques. IEEE Access, 5, pp.15650-15666.
In this study, we proposed and implemented an enhanced [11] Hussain, M. et al., 2015. Pixel value differencing steganography
techniques: Analysis and open challenge. In 2015 IEEE
EMR information hiding system to protect medical records International Conference on Consumer Electronics - Taiwan,
from unauthorized access in healthcare environment. The ICCE-TW 2015. pp. 21–22.
system combined NTRU cryptographic algorithm and LSB [12] Jefferson, D. et al., 2004. A security analysis of the Secure Electronic
audio steganography to offer a more robust method for Registration and Voting Experiment (SERVE), Available at:
http://requiem.googlecode.com/files/paper.pdf.
hiding the EMR secrete data from unauthorized access. The [13] Jefferson, D., Rubin, A. & Simons, B., A comment on the May 2007
performance of the crypto-steganographic system was DoD report on Voting Technologies for UOCAVA Citizens,
evaluated using Matlab environment. Evaluation of the Available at:
� https://www.verifiedvoting.org/wpcontent/uploads/2014/10/serve_d Ahmad, S., Forensic Acquisition of Data from a Crypt 12 Encrypted
od_comment_2007.pdf. Database of Whatsapp.
[14] Kaur, A. & Singh, N., 2015. SMS Encryption using NTRU [26] Saraireh, S., 2013. A Secure Data Communication System Using
Algorithm. International Journal of Advanced Research in Cryptography and Steganography. International Journal of
Computer Science & Technology, 3(2), pp.96–100. Computer Networks & Communications, 5(3), pp.125–137.
[15] Kaur, M. & Kaur, G., 2014. Review of Various Steganalysis [27] Zachariah, B., Yabuwat, P.N. & Bernard, E., 2016. Application of
Techniques. International Journal of Computer Science and Steganography and Cryptography for Secured Data Communication
Information Technologies, 5(2), pp.1744–1747. – A Review. International Journal of Engineering Research &
[16] Phad, V.S., Bhosale, R.S. & Panhalkar, A.R., 2012. A Novel Security Technology, 5(4), pp.186–190.
Scheme for Secret Data using Cryptography and Steganography. [28] Usha, S., Kumar, G.A.S. & Boopathybagan, K., 2011. A secure triple
International Journal of Computer Network and Information level encryption method using cryptography and steganography.
Security, 2, pp.36–42. Proceedings of 2011 International Conference on Computer
[17] Qian, T. & Manoharan, S., 2016. A comparative review of Science and Network Technology, ICCSNT 2011, 2, pp.1017–1020.
steganalysis techniques. In 2015 IEEE 2nd International [29] Waziri, V.O., Isah, A., Ochoche, A. and Abulhamid, S.I.M., 2012.
Conference on Information Science and Security, ICISS 2015. pp. Steganography and its applications in information dessimilation on
1–4. the web using images as securityembeddment: a wavelet approach.
[18] Rasmi, A. & Mohanapriya, M., 2016. An Extensive Survey of Data Int J Comput Inf Technol, 1(02), pp.194-202.
Hiding Techniques. Indian Journal of Science and Technology, [30] Latiff, M.S.A., 2017. A checkpointed league championship algorithm-
9(28), pp.1–7. Available at: based cloud scheduling scheme with secure fault tolerance
http://www.indjst.org/index.php/indjst/article/view/90457. responsiveness. Applied Soft Computing, 61, pp.670-680.
[19] Reddy, M.I.S. & Kumar, A.P.S., 2016. Secured Data Transmission [31] Hoffstein, J., Pipher, J. & Silverman, J., 1998. NTRU: A ring-based
Using Wavelet Based Steganography and Cryptography by Using public key cryptosystem. Algorithmic number theory; Lecture Notes
AES Algorithm. Procedia Computer Science, 85, pp.62–69. in Computer Science (LNCS), pp.267–288. Available at:
Available at: http://dx.doi.org/10.1016/j.procs.2016.05.177. http://link.springer.com/chapter/10.1007/BFb0054868.
[20] Wu, H.-C. et al., 2005. Image steganographic scheme based on pixel- [32] Singla, S. and Bala, A., 2018, April. A Review: Cryptography and
value differencing and LSB replacement methods. IEE Proc.-Vis. Steganography Algorithm for Cloud Computing. In 2018 Second
Image Signal Processing, 152(5), pp.611–615. Available at: International Conference on Inventive Communication and
http://kar.kent.ac.uk/12311/. Computational Technologies (ICICCT) (pp. 953-957). IEEE.
[33] Mustafa, G., Ashraf, R., Mirza, M.A. and Jamil, A., 2018, June. A
[21] Sarmah, D.K. & Bajpai, N., 2010. Proposed System for data hiding review of data security and cryptographic techniques in IoT based
using Cryptography and Steganography. International Journal of devices. In Proceedings of the 2nd International Conference on
Computer Applications, 8(9), pp.1–8. Available at: Future Networks and Distributed Systems (p. 47). ACM.
http://arxiv.org/abs/1009.2826. [34] Mohsin, A.H., Zaidan, A.A., Zaidan, B.B., bin Ariffin, S.A., Albahri,
[22] Sethi, P. & Kapoor, V., 2016. A Proposed Novel Architecture for O.S., Albahri, A.S., Alsalem, M.A., Mohammed, K.I. and Hashim,
Information Hiding in Image Steganography by Using Genetic M., 2018. Real-Time Medical Systems Based on Human Biometric
Algorithm and Cryptography. Procedia Computer Science, 87, Steganography: a Systematic Review. Journal of medical systems,
pp.61–66. 42(12), p.245.
[23] Singh, A. & Malik, S., 2013. Securing Data by Using Cryptography
with Steganography. International Journal of Advanced Research
in Computer Science and Software Engineering, 3(5), pp.404–409.
[24] Tsai, Y.Y., Chen, J.T. & Chan, C.S., 2014. Exploring LSB
substitution and pixel-value differencing for block-based adaptive
data hiding. International Journal of Network Security, 16(5),
pp.363–368.
[25] Alhassan, J.K., Abubakar, B., Olalere, M., Abdulhamid, S.I.M. and
�