Steganography and Cryptography Inspired Enhancement of Introductory Programming Courses

Home , Caesar cipher, Espionage, Steganography

Information Systems Education Journal (ISEDJ) 13(4) ISSN: 1545-679X July 2015

Yana Kortsarts [email protected] Computer Science Department Widener University, Chester, PA, USA

Yulia Kempner [email protected] Computer Science Department Holon Institute of Technology Holon, Israel

Abstract

Steganography is the art and science of concealing communication. The goal of steganography is to hide the very existence of information exchange by embedding messages into unsuspicious digital media covers. Cryptography, or secret writing, is the study of the methods of encryption, decryption and their use in communications protocols. Steganography manipulates data to ensure the security of information, but the concept of steganography differs from cryptography. Cryptography obscures the meaning of a message, but it does not conceal the fact that there is a message. The goal of cryptography is to make data unreadable by a third party, whereas the goal of steganography is to hide the data from a third party. We present a way to integrate steganography and cryptology examples into introductory programming courses. This enrichment promotes active involvement in the course and provides opportunity to engage students in experimental problem solving and collaborative learning to enhance critical thinking.

Keywords: Steganography, cryptology, problem solving, active learning, engagement, introductory programming.

1. INTRODUCTION steganography differs from cryptography. Cryptography obscures the meaning of a Steganography is the art and science of message, but it does not conceal the fact that concealing communication (Kessler, 2004; there is a message. The goal of cryptography is Provos & Honeyman, 2003). The goal of to make data unreadable by a third party, steganography is to hide the very existence of whereas the goal of steganography is to hide the information exchange by embedding messages data from a third party. Both techniques have an into unsuspicious digital media covers. ancient origin, but the modern field is relatively Cryptography, or secret writing, is the study of young. Cryptography and steganography are the methods of encryption, decryption, and their fundamental components of computer security. use in communications protocols. Both Cryptography provides mathematical techniques manipulate data to ensure the foundations of computer security and it is a well- security of information, but the concept of developed and highly researched field of

©2015 EDSIG (Education Special Interest Group of the AITP) Page 24 www.aitp-edsig.org /www.isedj.org Information Systems Education Journal (ISEDJ) 13(4) ISSN: 1545-679X July 2015 computer science. In contrast, the interest in integration of cryptography and steganography steganography has increased only in recent concepts into freshman year introductory years, when it was recognized that the use of programming courses that are taught on Python steganographic technique might become a and C without use of any image processing and security threat. Furthermore, the first verified graphics libraries. We present an idea of use of steganography for espionage purposes designing the course centered around these was recently confirmed by FBI in the case of topics and emphasizing the merit of Russian spies (Stier, 2010), who used cryptography and steganography inspired steganography techniques to hide sensitive programming assignments to develop and information in images on the internet. This enhance programming and critical thinking skills. accusation by the FBI has made steganography The related assignments are integrated into the a topic of public interest, and has caused courses not as a separate module but through concern regarding the number of images on the the entire curriculum, starting at the very first internet which could potentially hide secret week of classes from the non-programming messages (Zielinska, Mazurczyk & Szczypiorski, computer ethics component. In this paper, we 2014). Due to the crucial importance of focus on the programming part of the courses cryptography and steganography in computer and emphasize algorithmic implementations. We science, it seems that at least some examples design secure communication teamwork to help should be integrated into the introductory to promote collaborative learning. Our goal is to programming courses - first core courses in the link main programming concepts to specific undergraduate computer science (CS) and steganography and cryptography technique to computer information systems (CIS) curriculum. promote achievement of the programming Furthermore, these concepts provide an proficiency. The proposed enrichment helps to opportunity to enhance analytical and critical achieve the following goals: (1) engaging thinking including creativity and ethical analysis students in real world problem solving activities; which are fundamental characteristics of the (2) increasing students’ motivation and interest information systems (IS) profession as stated in in programming; (3) enhancing students’ the latest IS 2010 Model Curriculum and programming skills. Here we are discussing Guidelines for Undergraduate Degree Programs some known problems drawn from the advanced in Information Systems (Topi, et al., 2010). The cryptology and computer security textbooks, as current paper discusses our experience well as less known cryptography techniques, integrating steganography and cryptography which are not covered in major texts. We are examples into freshman year programming making these problems accessible to novice courses taught on Python and C. programmers. Proposed experiments create an enjoyable programming experience, spark 2. GOALS AND OBJECTIVES students’ interest, and increase their engagement in the course. Students show a Computer security is long recognized as an great interest in discovering and decrypting excellent source of the interesting projects that hidden messages. They become highly could be integrated into introductory motivated in algorithmic implementation of programming courses. The merit of various steganography and cryptography steganography-oriented assignments was techniques. Some of the coding schemes are discussed previously by several authors revisited several times during the course, and (Courtney, M. & Stix, A., 2006; Hunt, 2005; students have an opportunity to observe their Stevenson, D., Wick, M., & Ratering, S., 2005; growing abilities to tackle more complex Markham, 2009; Ryder, 2004). Various problems and design more elegant approaches to teach cryptography courses for implementations as course is progressing. undergraduates were documented in several Furthermore, the proposed enhancement papers (Aly & Akhtart, 2004; Gandhi, Jones, & provides an opportunity to build a solid Mahoney, 2012; Hsin, 2005; Huraj, L. & Siladi, background for upper level technical electives V., 2009). In addition, one of the authors of the such as cryptology, computer security and current paper had a successful experience computer forensics. integrating these topics into a computer forensics course for non-majors (Kortsarts & 3. COURSE CURRICULUM SUMMARY Harver, 2007), and both authors had a successful experience integrating a public-key One of our institutions offers an undergraduate cryptography component into a programming program leading to Bachelor of Science degrees course (Kortsarts & Kempner, 2010). In in both Computer Information Systems (CIS) contrast, the focus of the current work is on the and Computer Science (CS). Both majors take

©2015 EDSIG (Education Special Interest Group of the AITP) Page 25 www.aitp-edsig.org /www.isedj.org Information Systems Education Journal (ISEDJ) 13(4) ISSN: 1545-679X July 2015 the two-course series Introduction to Computer For the non-programming assignment, we ask Science 1 (CS 1), taught in Python, and students to hide very short messages, starting Introduction to Computer Science 2 (CS 2), from one letter, as shown in Figure 1, and taught in Python and C, in their first year. The increasing the message to three letter words. structure of each course is three hours lecture and three hours lab, four credits. The second institution requires students to take two introductory programming courses taught on C during their freshman year. While we do have slightly different course structures, the course curriculum is very similar and allows joint implementation of the proposed enhancement.

As previously mentioned, the first week of classes is devoted to the computer ethics component, which provides an excellent opportunity to start discussing computer security topic. This component is not a subject of this paper, and was previously reported in (Kortsarts

& Fischbach, 2013). Figure 1: Hiding Letter B

Following computer ethics, we introduce To provide a visual support, we do utilize students to the binary number system. We UltraEdit 32 to show students the binary discuss binary, octal, and hexadecimal representation of the bitmap images before and representations, as well as ASCII code. after the hidden message was inserted. We show students various ways to hide the message, The rest of the curriculum is standard for the starting from implementations that alter the introductory programming course. Over two original image. First, the text message is courses we cover material including two- inserted as one block; then we separate the dimensional lists and dictionaries in Python, and message into letters and insert each letter as a up to two-dimensional arrays in C. One of our block replacing first byte of original image on institutions has a more extended curriculum and each line. Neither of these techniques provides covers simple data structures, including linked the proper hiding of information, and students lists and trees in C. can see strange behavior of the original image. We complete our discussion demonstrating the 4. STEGANOGRAPHY ENRICHMENT results of LSB embedding which works properly without image distortion, but we do discuss the The concept of steganography is first introduced limitations of this technique as well, when used through non-programming assignments as an in real world situations. effective way to illustrate binary system representation and add relevance to this topic in We revisit steganography LSB technique again students’ eyes. We discuss the simplest after introducing one-dimensional lists, and this steganography embedding technique – least time students write computational significant bit (LSB) insertion. To avoid implementation of this algorithm. One three- confusion, we provide only limited information hour laboratory assignment is devoted to write a regarding various image representations, program, which hides information and recovers focusing only on a definition of 24-bits RGB (true the hidden information, again, omitting all color) BMP image format, which is a sequence of details of image representation. Students use binary bits, three bytes per pixel in BLUE, UNIX redirection to input/output from/into file, GREEN, RED order. Each byte gives the but some years we do introduce file input/output saturation for that color component. In our in Python. To combine steganography and approach, which from our experience worked the cryptography concepts under one umbrella, one best for our students, the container file is a of the last assignments is devoted to string of binary bits and the message to hide is a programming implementation of hiding string of characters. Students use ASCII code to encrypted message and decrypting recovered convert a string of characters to binary string, message. Students design a menu, which allows and then replace the last bit of each byte in the choosing from various cryptographic schemes to container to hide the information. The reverse procedure is applied to uncover the message.

©2015 EDSIG (Education Special Interest Group of the AITP) Page 26 www.aitp-edsig.org /www.isedj.org Information Systems Education Journal (ISEDJ) 13(4) ISSN: 1545-679X July 2015 encrypt the message, which will be embedded results of encryption/decryption after each into the image container. letter, which is still not a complete implementation. The full completion of the 5. CRYTOGRAPHY ENRICHMENT computational implementation of both simple substitution ciphers is done after introducing We begin our cryptography journey discussing students to one-dimensional lists/arrays and the process of secure communication scenario explaining file input/output using programming between two parties to introduce main language or input/output UNIX redirection cryptography terms. Secure communication operators. At this stage, in addition to between two entities starts with agreement on implementing encryption/decryption algorithms, specific cryptography scheme or cipher, which is students are also introduced to the notion of an algorithm for performing encryption and cryptanalysis, specifically, brute force attack and decryption. An encryption algorithm modifies the proposed to write a computational original message, plaintext, in a way that only implementation of this attack for shift cipher. designated receiver is able to read. The output The brute force approach in this case requires of the encryption process is called encrypted application of all possible shift keys, from 0 to message or ciphertext. When designated 25, on the ciphertext to find an actual encryption receiver would like to read a message, the key and the desired plaintext. We ask students ciphertext will be deciphered or decrypted using to design a simplified interactive decryption algorithm. We also introduce implementation, without utilization of the built-in students to the process of cryptanalysis, which is dictionaries. The program finds and displays the used to breach cryptographic security systems decrypted message for each possible key. and gain access to the contents of encrypted Students implement sentinel-controlled messages without permission. There are repetition based on the validity of the displayed additional concepts, such as encryption and message. The program terminates when the decryption keys, which are more easily valid English sentence is revealed on the screen, understood while introduced in the context of which is a desired plaintext. To complete the the specific cryptographic scheme. process, the program also outputs the actual shift key. Simple substitution ciphers The first ciphers introduced to students belong Our goal is to apply these assignments to to the group of simple substitution ciphers. The develop and practice programming skills. We main idea behind these ciphers is to substitute explain this material on specific examples, one letter by another using a special substitution omitting theoretical details and providing final alphabet rule. We focus on two well-known formulas as known fact without mathematical ciphers belonging to this group: 1) Caesar proofs. Implementation of simple substitution cipher, in which alphabet is shifted forward three ciphers provides an excellent opportunity to letters for encryption, and three letters practice decision and loop programming backwards for decryption, for example the structures, and simple processing of the one- plaintext dog produces the ciphertext GRJ; 2) dimensional lists/arrays. Since all calculations Shift cipher, a general form of Caesar, where the are performed on numeric values assigned to alphabet is shifted K letters forward/backwards, characters using the rule a/A  0, b/B  1,…, and K is a cipher key (Barr, 2001). For K = 3, z/Z  25, these examples require working with we obtain the Caesar cipher. To encrypt, the various data types - characters and integers - plaintext letter P is modified using the following switching among them while moving from input formula, C = (P + K) mod 26, and ciphertext to calculations and then to output, which is a letter C is computed. To decrypt, the similar struggle for novice programmers. Python procedure is applied and the desired plaintext provides more flexibility than C, but still requires letter is computed by the following formula, P = explicit conversion to avoid any logic errors. (C - K) mod 26. For instance, for key K = 14 and While these ciphers are well suited for starting, plaintext dog, the ciphertext is RCU. one should note that they only require modifying Assignments related to encryption and the content of the array/list values, leaving the decryption of a single letter using Caesar and structure of the array/list unchanged. The next Shift ciphers implementations could be example requires array/list manipulations of a accomplished almost immediately, since they higher complexity. require only limited programming material. We revisit both ciphers after introduction of the loops. At this point students are capable to process a string of characters and output the

Dynamic substitution cipher – Chaocipher before the collaborative testing step of the Recently, we also integrated into the course assignment. The mystery around this cipher and curriculum, a less known and more complex the interesting history attract students’ cipher, chaocipher, (Byrne, 1918; Rubin, 2010), attention. This cipher provides an opportunity to belonging to the group of dynamic substitution practice complex manipulations of one- ciphers. In these ciphers, the substitution rule is dimensional arrays and lists data structures, changed after each character is encrypted. To utilizing a wide range of built-in Python lists decrypt, the reverse procedure is applied. The methods and functions, and writing custom chaocipher was originally invented by John F. functions in C. From the best of our knowledge, Byrne in 1918, who claimed that the cipher is this cipher is not covered in any cryptography unbreakable. Unfortunately, the cipher didn’t textbooks. receive any recognition from US officials. Frustrated by the lack of interest, Byrne Block ciphers, Hill cipher published four plaintext-ciphertext challenges in While there are plenty of ciphers with witch to his autobiography, Silent Years in 1953 (Byrne, practice one-dimensional lists/arrays data 1953). The cipher details were kept secret for structures, the options are limited when it comes many years. Things changed in 2010 when the to two-dimensional lists/arrays. The assignment National Cryptologic Museum library received based on Hill cipher provides an efficient way to archives from the members of the Byrne family integrate programming and cryptography topics. with the explanation of the chaocipher This cipher belongs to the group of block algorithm, and there are direct links to many ciphers, in which the encryption and decryption items of interest donated by Byrne family posted process is applied to a block of characters rather on the museum website than to single character. Hill cipher was invented (http://www.nsa.gov/about/cryptologic_heritage by Lester S. Hill in 1929 (Hill, 1929; Barr, 2001). /museum/index.shtml). In our approach we The key for this cipher is a square matrix of closely follow the description of the algorithm integers of size n, satisfying several special published in July 2010 by Moshe Rubin (2010), conditions: 1) all elements of the matrix are providing further adaptation and clarifications for numbers between 0 and 25, since the size of the novice programmers. The chaocipher method English alphabet is 26; 2) the determinant of the uses two alphabets that are connected to each key matrix must be relatively prime to 26. For other. The encryption/decryption algorithm the encryption process, the plaintext is divided essentially consists of three parts, into a block of n letters and for each block of n encryption/decryption of the letter, permutation letters; multiplication of the key matrix by of the left alphabet using specific rules, and vector is applied to obtain the block of n permutation of the right alphabet using specific ciphertext letters. The process is repeated for all rules. These steps are performed continuously blocks. To decrypt, the same multiplication until the input (plaintext or ciphertext) is procedure is applied to the block of n ciphertext exhausted. This cipher requires swapping letters, but instead, substituting the original key array/list elements, shifting blocks of the matrix with its modular inverse. elements several positions left and right, and shifting all elements cyclically until certain We start this programming assignment with the conditions are satisfied. These operations are matrix key of size 2, processing the blocks of more complex compared to the processing done size 2, gradually increasing the size of the for the simple substitution ciphers, and require a matrix and the correspondent size of the blocks. higher level of algorithmic thinking. To ease the For instance, we would like to encrypt the transition and increase the difficulty level following word, code, using Hill cipher and the gradually, we first permit students to use matrix key additional array/list storage, increasing the  a11 a12  2 3 space complexity of the algorithm. As a A       complete implementation, students are required     a21 a22  5 6 to implement all these array/list manipulations To encrypt, the plaintext code is divided into with minimal additional space usage. To avoid two blocks. any attempts at plagiarism, we provide only cipher description and all necessary details to design a computational implementation. We c d      emphasize the mystery around this cipher to o  e  keep students motivated and excited. We reveal     the name and history of the cipher only after students complete writing the program, but

After replacing the characters by their numeric 24 120  2  c values using the rule mentioned earlier, c  2, o   (mod 26)        14, d  3, e  4 , each block is encrypted in 19 816  14 o the following manner:

24 118 3 d  2 2 3 2 20 U            (mod 26)       A     (mod 26)       19 813 4  e  14 5 614 16  Q

Note, that all calculations are performed modulo 3 2 33 18  S  26. As in previous examples, we provide          A     (mod 26)       students with all of the necessary mathematical 4 5 64 13  N  background. For this assignment, there is a substantial increase in complexity of The resulting ciphertext is UQSN. To decrypt, mathematics, and consequently the level of the the similar process is applied on the ciphertext, programming required, while progressing from substituting key matrix A with its modular smallest matrix size to the higher sizes. The inverse. The general formula for inverse matrix maximal size of the matrix key and the block of 2x2 reads as follows: letters in our lab assignment is four.

Two dimensional lists/arrays is not an easy topic 1 1 a22  a12  A  (det(A))   (mod26) to comprehend. To ease computational   implementation, students are provided with a  a21 a11  detailed top-down design, and structured

guidance for each function. To implement the In our case, we perform the following Hill cipher encryption and decryption algorithms, calculations, to obtain the modular inverse of the students compute the matrix determinant, check key matrix: validity of the matrix key to ensure that the  6  3 matrix is invertible modulo 26, and then A1  (det(A))1  (mod 26)  5 2  compute the key matrix modular inverse, which   differs slightly from a regular matrix inverse, with multiplicative inverse of determinant 1 1 6  3 A  (23)   (mod 26) modulo 26 substituting for a regular inverse of  5 2  the determinant. In addition, students implement the matrix by vector multiplication. 1  6  3 After all preparation steps are complete, A  17  (mod 26)  5 2  students are ready to process the   plaintext/ciphertext in blocks of 2, 3, or 4 letters, based on the size of the key matrix, to 1 24 1 A    produce a final result. 19 8 Hill cipher provides an excellent opportunity for 1 0 AA 1  I    (mod 26) students to become proficient in basic 0 1 processing of two-dimensional lists/arrays data   structures.

To decrypt and find a desired plaintext, the 6. TEAM COLLABORATION ciphertext is divided into blocks of two letters and each block is multiplied by the modular We incorporate two team work routines. For inverse of matrix key A. some assignments, students work in teams for the entire laboratory session. We pair weaker students with stronger students to promote active learning. Students work together on programming implementation as well as testing and submit a joint lab report. While this approach has certain advantages, such as exchange of knowledge and the possibility to improve for weaker students and to further improve through teaching for stronger students,

©2015 EDSIG (Education Special Interest Group of the AITP) Page 29 www.aitp-edsig.org /www.isedj.org Information Systems Education Journal (ISEDJ) 13(4) ISSN: 1545-679X July 2015 we found that in order to be able to perform on evaluations, we could state that the proposed the required level, students must work enhancement of the introductory programming independently during most laboratory sessions. courses was a successful addition to our Since the level of prior programming experience previous positive experience with enrichment of varies substantially from student to student, in the freshman programming course (Kortsarts & recent years we avoid team work during the Kempner 2012). Current enrichment expands programming step of the assignment to make the pool of interesting and engaging sure students are not taking advantages of their assignments for this course, and we are peers. We mostly apply the second collaborative planning to continue to work in this direction in learning approach in which students work in the future. Some of the ciphers described above teams only to test their programs and to write a allow variations and modifications, and taking in lab report. The testing process begins with account the mathematical background of the secure communication session. Students students, additional examples, such as Affine exchange encrypted messages between team cipher and polyalphabetic substitution Vigenere members and then decrypt messages using their (Barr, 2001) cipher could be a great addition to own program. Successful decryption indicates a the already proposed set of ciphers. In addition, first step toward fully accomplished assignment. we propose to combine several ciphers and We found that the collaborative work during the encrypt messages in a two-step process and testing and revision step of the assignment then to apply a simplified cryptanalysis approach enhances students’ understanding and creates to decipher the message. We believe in changing an engaging environment. We ask students to course laboratory assignments often, and submit their program twice, before, as well as computer security based assignments provide after the testing and revision step. This allows further opportunities for successful course proper grading and ability to track students’ implementations. error corrections in order to gather information about the most common mistakes and address 8. FURTHER OPPORTUNITIES these issues before the next assignment. We built our current project upon successful 7. SUMMARY implementations of the single components over several years. Merkle-Hellman knapsack This paper presents our experience teaching an cryptosystem (Merkle & Hellman, 1978) was the introductory programming course sequence first algorithm we introduced in the introductory using a computer security theme. Students programming courses sequence. We introduced practiced the main programming concepts on additive knapsack, expanded to multiplicative assignments inspired by steganography and knapsack, and finally discussed various cryptography. To assess the students’ cryptanalysis techniques. Programming experience, we applied an indirect assessment assignments focused on encryption and tool and designed a short post-survey that decryption computational implementations, and included several open-ended questions eliciting on a dynamic programming algorithm to and asked student feedback. Students accomplish cryptanalysis attack. The detailed commented on the level of their engagement, description of this project component was interest, curiosity, and active learning published in 2010 (Kortsarts & Kempner, 2010). opportunities during the laboratory assignments In recent years we found that it is more efficient related to computer security topics. We also to cover this material in sophomore algorithms asked students to comment on the effectiveness course, and focus on symmetric key of these assignments to enhance programming cryptography schemes described above in the skills compared to the various assignments freshman introductory programming courses. In related to other topics we to during the course. sophomore algorithms course students are Overall, students provided positive feedback, better prepared to comprehend conceptually especially emphasizing the impact of the team more difficult group of ciphers such as public key collaboration during the testing step. Students or asymmetric ciphers. Some examples of the commented that the requirement to find logical ciphers that work well are RSA (Rivest, Shamir, errors in their peers’ programs significantly & Adleman, 1978) and flipping coins over the promoted comprehension of the main phone, which uses a similar protocol, introduced programming concepts. They also commented by Blum in 1983 (Blum, 1983; Trappe & on their excitement of finding proper testing Washington, 2006), and it is based on the Rabin inputs to discover tricky logical bugs. Based on cryptosystem (1979). While students are the students’ post-survey results, informal capable of completing computational discussions, and comments from teaching implementation of these ciphers and games in

©2015 EDSIG (Education Special Interest Group of the AITP) Page 30 www.aitp-edsig.org /www.isedj.org Information Systems Education Journal (ISEDJ) 13(4) ISSN: 1545-679X July 2015 the freshman programming courses, Huraj, L. & Siladi, V. (2009), Cryptography as conceptually, these algorithms require a higher aparadigm proposal for building the level of maturity and appropriate mathematical computer science knowledge, ICCOMP'09: background for successful integration into the Proceedings of the WSEAES 13th course curriculum. By the end of the sophomore international conference on Computers, 357- year, most students complete a discrete 361 mathematics two-course sequence, ensuring their abilities to comprehend these less intuitive Kessler, G. (2004), Overview of Steganography cryptography schemes. While these ciphers for the computer forensics examiner, provide fewer benefits to accomplish our goals in Forensics Science Communication, 6(3) freshman programming courses compared to symmetric ciphers described above, they are an Kortsarts, Y & Harver. W., (2007), Introduction excellent enhancement for the sophomore to Computer Forensics for Non-Majors, The courses. Proceedings of ISECON 2007: #3142, ISSN: 1542-7382 9. REFERENCES Kortsarts, Y. & Kempner, Y., (2010), Merkle- Aly, A. & Akhtar, S. (2004), Cryptography and Hellman Knapsack Cryptosystem in security protocols course for undergraduate Undergraduate Computer Science IT students, Newsletter, ACM SIGCSE Curriculum, Proceedings of the 2010 Bulletin, 36(2), 44-47 International Conference on Frontiers in Education: Computer Science & Computer Barr, T. (2001), Invitation to Cryptology, Engineering, FECS 2010, CSREA Press 2010, Pearson ISBN 1-60132-143-0

Blum, M. (1983), Coin flipping by telephone a Kortsarts, Y. & Kempner, Y., (2012), Enriching protocol for solving impossible problems, Introductory Programming Courses with Newsletter, ACM SIGACT News – A special Non-Intuitive Probability Experiments Issue on cryptography, 15(1), 23, - 27 Component, ITiCSE '12: Proceedings of the 17th ACM annual conference on Byrne, J. (1953), Silent Years, An Autobiography Innovation and technology in computer with Memoirs of James Joyce and Our science education, 128-131 Ireland. New York: Farrar, Straus, and Young (Reprinted in 1975 by Octagon Books, Kortsarts, Y. & Fischbach, J., (2013), a division of Farrar, Straus, and Giroux) Incorporating Professional Ethics into an Introductory Computer Science Course, Courtney, M. & Stix, A. (2006), Building a Journal for Computing Science in Colleges, Steganography Program Including How to 29(3), 35-42 Load, Process, and Save JPEG and PNG Files in Java, Mathematics and Computer Markham, S, (2009), Expanding security Education, 40(1), 19-35 awareness in introductory computer science courses, InfoSecCD '09: 2009 Information Gandhi, R., Jones, C., & Mahoney, W. (2012), A Security Curriculum Development freshman level course on information Conference, 27 - 31 assurance: can it be done? Here is how. ACM Inroads, 3(3), 50-61 Merkle, R. & Hellman, M. (1978). Hiding information and signatures in trapdoor Hsin, W. (2005), Teaching cryptography to knapsacks. Information Theory, IEEE undergraduate students in small liberal art Transactions on Information Theory, 24 (5), schools, InfoSecCD '05: Proceedings of the 525–530 2nd annual conference on Information security curriculum development, 38-42 National Cryptologic Museum website, http://www.nsa.gov/about/cryptologic_herit Hunt, K. (2005), A Java framework for age/museum/index.shtml experimentation with steganography, SIGCSE '05 Proceedings of the 36th SIGCSE Provos, N. & Honeyman, P. (2003). Hide and technical symposium on Computer science seek: An Introduction to Steganography, education, 282-286 IEEE Security and Privacy Magazine

symposium on Computer science education, Rivest, R., Shamir, A., & Adleman, L. (1978), A 277-281 Method for Obtaining Digital Signatures and Public-Key Cryptosystems. Communications Stier, C. (2010), Russian spy ring hid secret of the ACM, 21 (2), 120–126. messages on the Web, from http://www.newscientist.com/ Rabin, M. (1979), Digitalized Signatures and article/dn19126-russian-spy-ring-hid- Public-Key Functions as Intractable as secret-messageson-the-web.html. Factorization, Technical Report, MIT Laboratory for Computer Science Topi, H., Valacich, J., Wright, R., Kaiser, K. Nunamaker, J., Sipior, J., & Vreede, G. Rubin, M. (2010), Chaocipher revealed: the (2010), IS 2010 Model Curriculum and algorithm, Progress report #17 from Guidelines for Undergraduate Degree http://www.mountainvistasoft.com/chaociph Programs in Information Systems, er/ Communications of the Association of Information Systems, 26. Ryder, J (2004), Steganography may increase learning everywhere. Journal of Computing Trappe, W. & Washington, L. (2006), Sciences in Colleges, 19(5), 154-162 Introduction to cryptography with Coding Theory, Second Edition, Pearson Prentice Stevenson, D., Wick, M., & Ratering, S. (2005), Hall Steganography and cartography: interesting assignments that reinforce machine Zielinska, E., Mazurczyk, W., & Szczypiorski, K., representation, bit manipulation, and 2014). Trends in Steganography, discrete structure concepts, SIGCSE '05 Communications of the ACM, 57(3), 86-9 Proceedings of the 36th SIGCSE technical