ABSTRACT
In the era of digital communication, the confidentiality and integrity of data transmission have become a major concern due to the exponential rise in cyber threats and unauthorized access. Traditional password-based authentication systems are prone to breaches and identity theft, which has led to the need for more reliable and secure alternatives. This project introduces a hybrid security model that integrates biometric face recognition, AES encryption, and image steganography within a unified Flask-based web application. The proposed system provides a dual-layer protection mechanism to ensure that only authenticated users can send and receive encrypted information securely. The system begins with a facial authentication module that verifies users based on their unique facial features. The face_recognition library is used to detect and encode facial characteristics into numerical vectors, which are later compared during user login to ensure identity verification. Once authenticated, users can compose secret text messages that are encrypted using the Advanced Encryption Standard (AES) algorithm. AES, being a symmetric block cipher, ensures data confidentiality through high-level mathematical transformation and key-based security. The key used for encryption is generated using the SHA-256 hashing algorithm to maintain a fixed-length, strong cryptographic key. After encryption, the system employs Least Significant Bit (LSB) steganography to embed the encrypted message inside a digital image. This process hides the message in the binary pixel structure of the image in such a way that the visual appearance of the image remains unchanged to the human eye. The resulting stego image is then transmitted or stored securely, concealing the existence of any hidden communication. At the receiver’s end, the same secret key is required to extract and decrypt the hidden message. This ensures that even if an unauthorized user obtains the stego image, the message remains indecipherable without the correct key and authentication. The project leverages the Flask framework to integrate all modules seamlessly, providing a simple, interactive, and real-time web interface. The application supports user registration, training, authentication, encryption, and decryption through structured routes and session management. Each user is uniquely identified through their enrollment ID and facial data, making impersonation practically impossible. The system also includes a notification mechanism that alerts users when they have received a new hidden message, enabling efficient and secure communication between registered individuals. By combining biometric verification, cryptographic encryption, and steganographic data hiding, this project achieves multi-layer security for digital communication. It effectively protects messages against eavesdropping, data manipulation, and identity fraud. The system’s design also ensures scalability and adaptability, allowing future integration with cloud storage and mobile-based authentication. Experimental results demonstrate high accuracy in face recognition, strong encryption resistance, and successful data concealment without visual distortion in stego images. Overall, the proposed model provides a robust, practical, and efficient solution for secure message transmission in sensitive environments such as government communications, financial institutions, defense operations, and academic research networks. It represents a modern approach to cybersecurity that balances usability, reliability, and advanced protection through the intelligent fusion of biometrics, cryptography, and steganography.
INTRODUCTION
In the modern era of digital transformation, the security of information and communication has become an indispensable requirement. With the rapid growth of the internet and social media platforms, a vast amount of sensitive information is exchanged daily over various digital channels. However, this convenience comes at a cost — the continuous rise in cyber threats, unauthorized data interception, and identity theft. Conventional authentication systems that rely solely on passwords, PINs, or security tokens are increasingly vulnerable to attacks such as phishing, brute-force, and credential theft. Hence, the necessity for a more secure, intelligent, and reliable authentication mechanism has become paramount. Biometric authentication, particularly facial recognition, has emerged as a promising solution for addressing the weaknesses of traditional authentication systems. Unlike passwords or ID cards that can be stolen or shared, facial features are unique to each individual and difficult to replicate. Face recognition provides a contactless, user-friendly, and reliable method of verifying identity. This project leverages the face_recognition library, which is built upon deep learning techniques and utilizes convolutional neural networks (CNNs) for feature extraction and comparison. By encoding facial characteristics into 128-dimensional embeddings, the system can accurately differentiate between authorized and unauthorized users. However, authentication alone cannot guarantee complete security in digital communication. Once access is granted, the information being transmitted must also be protected against interception and tampering. For this purpose, the Advanced Encryption Standard (AES) is employed as the cryptographic core of the proposed system. AES is a symmetric key encryption algorithm that operates on fixed-size blocks of data and ensures high confidentiality and computational efficiency. It is widely recognized for its robustness and resistance against modern cryptographic attacks. The use of AES ensures that even if communication is intercepted, the message remains unreadable without the corresponding secret key. To further enhance security and maintain data invisibility, the system integrates Least Significant Bit (LSB) steganography, a technique that conceals data within digital images. In this method, the encrypted message is embedded into the least significant bits of the image pixels, making it imperceptible to the human eye. This combination of encryption and steganography provides dual-layer protection — the encryption secures the message content, while steganography conceals the very existence of the message. As a result, the communication remains confidential and undetectable by external entities. The entire process is implemented within a Flask-based web application, enabling an interactive and user-friendly interface for all system operations. Flask, being a lightweight and flexible Python framework, allows seamless integration of machine learning models, cryptographic operations, and file processing functions. Users can register by submitting their facial data, train the system to recognize their faces, authenticate during login, and perform encryption or decryption of hidden messages. The application also includes a notification mechanism that alerts users when they receive new encrypted communications.