An Overview on Cryptography and Watermarking - inase

Computers, Automatic Control, Signal Processing and Systems Science

An Overview on Cryptography and Watermarking Med Karim ABDMOULEH, Ali KHALFALLAH and Med Salim BOUHLEL Research Unit: Sciences and Technologies of Image and Telecommunications Higher Institute of Biotechnology Sfax, Tunisia [email protected], [email protected], [email protected]



Abstract—Nowadays, the transmission of information in all its forms, reaches a revolution. In certain areas it is necessary to protect the confidential information to make it. This requirement touches different areas such as military, industry, medicine and politics. In the literature, there exist several techniques that aim to information security. In this sense, we can cite the watermarking, the first aim is the protection of copyright. Also the cryptography, which aims to make the exchange of information incomprehensible by all unauthorized persons.

Encryption key

Cipher text

Encryption

Decryption key

Ciphertext or cryptogram

Decryption

Cipher text

Keywords—Chaos, Cryptosystem, Image encryption, Image Watermarking.

Cryptanalysis

I.

CRYPTOGRAPHY

A. Definition The cryptography presents the basic science to secure information. It uses mathematical processes to transform this information and make it secret and to all those who are not permitted. Cryptography has two methods:  The first is called encryption, it is to encode the information and make it secret in order to have an encrypted message or ciphertext.  The second is called decryption is the inverse method of retrieving the original message. The encryption is to apply mathematical methods to transform a clear text. The encryption algorithm or cryptosystem uses a set of parameters called encryption key to make the message incomprehensible called ciphertext or cryptogram. In order to retrieve the original text, we must carry out inverse transformations called decryption based on some parameters called the decryption key. During the exchange of data an attacker can intercept the encrypted data exchanged. This hacker will try to recover the clear text by applying mathematical transformations on the ciphertext. This process is called cryptanalysis.

Ciphertext or Clef

Fig. 1 Principle of cryptography

B. The purpose of a cryptosystem The initial objective of encryption is to ensure the confidentiality of the transmitted message. Taking advantage of the properties of encryption, other applications are possible which are: authentication, integrity control and nonrepudiation.  Confidentiality: it ensures that only authorized people can read the information.  Authentication: It ensures that the origin of the information is a source assured. Many methods can be used such as the signature and digital certificate.  Data integrity: a cryptosystem is very sensitive to attacks, so any changes to the ciphertext leads to the loss of the original text. Thus, after the successful decryption of the text, the recipient ensures the handling of non-document.  Non-repudiation: it is to prevent the message sender or the receiver to deny the content of the message. C. Various cryptographic techniques In this section we are interested in studying the different

ISBN: 978-1-61804-233-0

99

Computers, Automatic Control, Signal Processing and Systems Science

encryption techniques to ensure the confidentiality of information and make it incomprehensible by anyone who are not qualified to access during the transmission process. In order to have the original receiver must perform the decryption operation that requires the possession of the decryption key. This key may be the same as that used when encrypting the clear text is talking about symmetric key encryption. Moreover, the two keys can be different, we are talking asymmetric key encryption. Classification according to the type of key is not the only one. Cryptosystems can be classified according to the procedure of message encryption. In the following we present the different types of algorithms used in cryptography:  Symmetric-key algorithm: Symmetric cryptography is also known by secret key cryptography. Like any cryptosystem, it is to use an encryption algorithm to transform a clear text is using an encryption key to a ciphertext. To decrypt the information, the receiver must use the same private key used by the sender [1] [2] [3].  Public-key cryptography: This type of encryption is also called asymmetric encryption. It uses a pair of different keys for encryption and decryption in order to solve the problem of key exchange caused by the symmetric encryption [4] [5].  Hybrid cryptography: The concept of hybrid cryptography uses the advantages of the two previous techniques. Hybrid cryptography is based on the combination of the speed of private key cryptography and security of asymmetric cryptography [6].  Stream cipher: In this type of algorithm the plaintext is divided into blocks of fixed size. Each block is encrypted independently. The block size is between 64 and 256 bits [7].  Block cipher: In contrast to stream cipher which divides the message to be encrypted into several blocks, the stream cipher encryption proceeds symbols one by one. The idea is to generate a sequence of key (key stream) the same size as the plaintext from a secret key [8]. II.

size of the key range depends firstly of all parameters constituting a key, and you must specify the nature of the format of each parameter (real, integer, ...), then all possible values. The size of the key range is expressed in bits, and is defined by the number of possible combinations of these parameters are calculated by a power of 2. To calculate the range of key used frequently enough to avoid a brute force attack is of 128 bits or more. B. Histogram Analysis The encrypted image should be totally different from the clear image and without any resemblance static. The histogram of the encrypted image should be uniform. In fact, the similarity between the histogram of the clear and the encrypted image can lead to breaking the cryptosystem. In order to have a perfect encrypted image, the histogram of the image must have a uniform distribution.

(b)

(c)

(d)

Fig. 2 Histogram analysis: (a) plain image, (b) plain image histogram, (c) encrypted image, (d) encrypted image histogram

A. Information Entropy As the histogram of the encrypted image is almost uniform. The entropy was founded by Shannon in 1948 [11] [12] and is given in the following equation:

PERFORMANCE ANALYSIS OF ENCRYPTION IMAGE

H (m)   P(mi ) log 2

SCHEME

i

Image information differs from the textual one and has very interesting properties such as its large capacity, redundancy and strong correlation strength between neighboring pixels. According to these properties, the security of a cryptosystem image is evaluated by a statistical analysis, the sensitivity analysis and the differential analysis [9] [10]. A good cryptosystem should ideally be robust against all kinds of attacks (cryptanalytic and statistical attacks).

1 P(mi )

(1)

Where P(mi) represents the probability of symbol m+. The entropy H(m) is expressed in bits. The entropy of encrypted image should be very close to 8 bits / pixel [13]. C. Correlation Coefficient Analysis Another type of statistical analysis is the correlation coefficient analysis [14] [15] [16]. An image is often characterized by the strong correlation between a pixel and its neighboring pixels and in particular the pixels on the same row or the same column or the same

A. Key Space Analysis For a system of secure encryption, the key space must be extended to resist brute-force attack (Brute-Force Attack). The ISBN: 978-1-61804-233-0

(a)

100

Computers, Automatic Control, Signal Processing and Systems Science

diagonal. We calculate the correlation coefficient for a sequence of adjacent pixels using the following formula: cov( x, y ) D( x) D( y )

rxy 

(2)

Here, x and y are the intensity values of two adjacent pixels in the image. rxy is the correlation coefficient. The cov(x,y), E(x) and D(x) are given as follows: 1 N  xi N i 1 1 N D( x)  [ xi  E ( xi )]² N i 1 1 N cov( x, y )  [( xi  E ( xi ))( yi  E ( yi ))] N i 1

(a)

Fig. 5 Correlation between two vertically adjacent pixels: (a) in the plain image, (b) in the encrypted image

(3)

E ( x) 

(4)

Fig. 3-5 represents the correlation between two diagonally, horizontally and vertically adjacent pixels of the plain and encrypted image. We see that the neighboring pixels in the plain image have a high correlation, while in the encrypted one there is a little correlation.

(5)

N is the number of adjacent pixels selected from the image to calculate the correlation. The table below presents the correlation between two adjacent pixels for the plain and the encrypted Camera image. To test the correlation coefficient, we have chosen 2500 pairs of two adjacent pixels which are selected randomly from both the plain and encrypted image.

D. Differential Analysis The study of the differential analysis is carried out through both measures NPCR defined by equation (7) and UACI given by equation (8). The objective of this analysis is to show that a small change in the image clearly introduces a major change on the image encrypted [1] [17]. The theoretical values for an encryption algorithm ideal image are greater than 99% to the value of NPCR while UACI value must be very close to 33%. The NPCR means the Number of Pixels Change Rate of ciphered image while a pixel of the plain image is changed. Let A2 be the changed plain image on one pixel. C1 and C2 are the ciphered images of the plain image and A2. D is a matrix having the same size as the image figures C1 and C2. D (i, j) is determined as follows:

TABLE I. CORRELATION COEFFICIENTS OF TWO ADJACENT PIXELS Correlation plain image

Correlation encrypted image

Diagonal

0.9084

0.0081

Horizontal

0.9335

0.0047

Vertical

0.9591

-0.0201

Direction

(b)

1 if C1(i, j )  C 2(i, j ) D(i, j )   0 else

(6)

The NPCR is defined by: M 1 N 1

NPCR 

(a)

  D(i, j ) i 0

j 0

M N

(7)

 100

M and N are the height and width of encrypted images C1 and C2. The Unified Average Changing Intensity (UACI) between these two images is defined by the following formula:

(b)

Fig. 3 Correlation between two diagonally adjacent pixels: (a) in the plain image, (b) in the encrypted image

UACI 

1 M N

M 1 N 1

 i 0

j 0

C1(i, j )  C 2(i, j ) 255

 100

(8)

The average of the two measures based on the original image with the corresponding encrypted image is presented in the following table. TABLE II. VALUES RESULTS OF NPCR AND UACI

(a)

(b)

Fig. 4 Correlation between two horizontally adjacent pixels: (a) in the plain image, (b) in the encrypted image

ISBN: 978-1-61804-233-0

Camera

101

NPCR

UACI

98.9975

31.3237

Computers, Automatic Control, Signal Processing and Systems Science

Experimentally measured value of NPCR is 98.9975 % and UACI is 31. 3237 % for Camera image. These results indicate that a small change in the plain image introduces a high alteration on the ciphered one. E. Cryptanalysis While cryptography is the discipline that ensures the security of confidential information, cryptanalysis [18] is the discipline that studies and validates the robustness of cryptosystems against attacks. According to Kerckhoffs, the security of a cryptosystem depends on the secrecy of the key and not on that of the encryption algorithm. To study the cryptosystem security, we can utilize the Kerckhoffs principle. In this case, the cryptanalyst must be unable to find the key even if he has access to the plaintext and its corresponding ciphertext. He tries to apply more attacks such as:  Ciphertext only attack  Chosen plaintext attack  Known plaintext attack  Chosen ciphertext attack Known-plaintext attack is one of the attacks where the cryptanalyst owns a plaintext image and its corresponding encrypted image. This frequently used attack utilizes the known clear image and the ciphered image to extract the decryption key or to decrypt another ciphered image.

(a)

(b)

(c)

(d)

(e)

(f)

ISBN: 978-1-61804-233-0

(g) Fig. 6 Failed crack attempt: (a) plain image Camera, (b) encrypted Camera image, (c) extracted key stream, (d) decrypted Camera image, (e) encrypted Bird image, (f) failed attempt to crack the cipher image of Bird, (g) plain image Bird

III.

WATERMARKING

A. Definition Digital watermarking is a technique of dissimulation which is to integrate, inside of a digital document (audio, video, image, text), an invisible "watermark" using a computer algorithm in order to deal with any attack to change the digital document [19]. This mark should be transparent with respect to a human observer, however, retain the original data visible. B. Different types of watermarking This mark should be transparent with respect to a human observer, however, retain the original data visible. There are two types of watermarking: visible and invisible. 1) Visible watermarking This type of watermarking is simple, leads to change the original document in a manner perceptible, adding a mark to distinguish it from others. This operation is equivalent to stamping a watermark on the paper, what is called in the digital domain 'digital shading". In this context, we recall the example of agencies that insert a picture watermark visible in the form of copyright ("©") on the low-resolution photos to ensure that they do not change those by high-resolution charge. The efficacy of visible watermarking is a topic for discussion, which on the one hand it can be easily attacked, and on the other hand we find highly used as logos for companies in the television programs. 2) Invisible watermarking In contrast to previous type, invisible watermarking is much more complex, which is the mark of an integrated imperceptibly. Consider the previous example of the photo agency, in this case, it inserts a watermark invisible to high-resolution photos sold. The majority of techniques for the protection of intellectual property following the branch of invisible watermarking, and this is what we will explore in the following. C. Diagram of watermarking Tattooing image is to insert a signature him. To do this, you must select the area of insertion. Thus, the original image will 102

Computers, Automatic Control, Signal Processing and Systems Science

to a human observer. In addition, we must maintain the fidelity between the original image and the watermarked. 2) Robustness and fragility The watermarked image can be attacked by malicious to remove the watermark. It must be sufficiently robust and resistant against these attacks to remain legible. Fragility may also be more favored than the strength in some cases, such as checking the integrity of a document. 3) The ability to integrate View the large image size, we try to insert a maximum of information to facilitate the recognition of the true owner of the signed document. As the size of the brand is more great recognition is easy. But insert a signature of large volume can impair image quality signed.

be transformed in this area, and then we, the selection of the holders of the brand. These carriers will be marked by the signature using one of the functions of integration. Then we return to space for the watermarked image (Fig. 8). Original Image

Transformation to the insertion domain

Selection of the mark host pixels (or coefficients)

E. Categories of watermarking The watermark can be classified into three categories (Fig. 10) based on data available at the detecting:

Mark insertion

Return to the spatial domain

Watermarking

Image watermarked

unblinded

Semi-blind

Blind

Fig. 10 Diagram of watermarking Fig. 8 Insertion scheme

1) Watermarking unblinded This type of marking requires the presence of the original image, the watermarked image and the signature of the author in the extraction phase. In this case the extracted signature is simply the difference between the original image and the watermarked. 2) Semi-blind watermarking In this type, you will not need the presence of the original image. Présance to check the signature, just to have the image signed and the signature pretending document owner. This type of marking recognizes a difficult relocation carriers signature. 3) Watermarking blind This type requires only the presence of the image tattooed. It is very susceptible to attack. In this category of watermarking we often use binary signatures.

Image watermarked attacked or not attacked

Transformation to the insertion domain used

Recuperation of the mark host pixels (or coefficients)

Extraction of the signature

F. Areas of insertion Like any signal, the image can have multiple presentations. Thus, the insertion of the signature can be done in one of these areas of image presentation. The areas most commonly used are [20]:  Frequency domain: The move to this area is done by applying the Discrete Cosine Transform (DCT) or the Discrete Fourier Transform (DFT). This field shows the frequency distribution of the image.  Domain multiresolution: The wavelet domain to allow the passage multiresoltuion. This area highlights the simultaneous spatial and frequency

Fig. 9 Extraction scheme

Fig. 9 shows the path to extract the signature or to detect its presence. This phase requires the transformation of the watermarked image to the area of insertion, and then relocate the trademark holders to recover eventually signing inserted. D. Constraint watermarking The watermarking technique is faced with a compromise between several key parameters such as imperceptibility, robustness and security. 1) The imperceptibility The principle here is that the watermark should be invisible ISBN: 978-1-61804-233-0

103

Computers, Automatic Control, Signal Processing and Systems Science

representation of the image.  Spatial Domain: Direct manipulation of pixel luminance [21] and in the case of our application.

[8] [9]

G. Watermarking applications  Copyright: The first role is to ensure the tattoo copyright. To define the owner, the copyright applies as a digital signature that can be inserted into the medium, in the works...  Medical ethics: the patient information is in the form of a signature that is inserted into the document. The watermarking ensures the preservation of secret medical and economy Storage patient record.  Monitoring program: The watermarking is used here to avoid hacker attacks, and alert viewers by inserting information about programs.  Indexing: You can insert images into information that describes the content of the document so that it can be classified automatically in a database.  Integrity checking: A signature must be inserted into sensitive image. Recovery will be impossible with any image manipulation signed. Modification or not the received image can be inferred after comparing the signature inserted and extracted it. IV.

[10] [11] [12]

[13]

[14] [15]

[16] [17]

CONCLUSION

[18]

In the multimedia encryption area, we need an algorithm with excellent performance. Also, the proposed encryption scheme should be secure and efficient. In the area of copyright protection for multimedia data, the watermarking algorithms developed should be robust and fragile watermarking schemes and preserving copyright protection.

[19]

[20]

[21]

REFERENCES [1] [2]

[3]

[4]

[5] [6] [7]

G. CHEN, Y. MAO and C. K. CHUI, “A symmetric image encryption scheme based on 3D chaotic cat maps”, Chaos, Solitons and Fractals, Vol. 21, n° 3, pp. 749-761, 2004. M. K. ABDMOULEH, A. KHALFALLAH and M. S BOUHLEL, “Image Encryption With Dynamic Chaotic Look-Up Table”, the 6th International Conference on Sciences of Electronics, Technologies of Information and Telecommunications (SETIT’12), Sousse, Tunisia, March 2012 M. K. ABDMOULEH, A. KHALFALLAH and M. S BOUHLEL, “Dynamic Chaotic Look-Up Table for MRI Medical Image Encryption”, the International Conference On Systems, Control, Signal Processing And Informatics (SCSI 2013), Rhodes Island, Greece, July 2013 Z. KOTULSKI, “Discrete chaotic cryptography (DCC): New method for secure communication”, the 11th Workshop on nonlinear Evolution Equations and Dynamical Systems NEEDS'97, OAK, Kolymbari near Chania, Crete Greece, June 1997. A. ROYO, J. MORN and J. C. LÓPEZ, “Design and Implementation of a Coprocessor for Cryptography Applications”, The European Design and Test Conference, Paris -France, March 1997, S. GARFINKEL and G. SPAFFORD, Practical UNIX and Internet security, O'Reilly, Cambridge, 2. ed., 1996. A. CANTEAUT, Cryptographic Functions and Design Criteria for Block Ciphers, The Second International Conference on Cryptology in

ISBN: 978-1-61804-233-0

104

India: Progress in Cryptology, Springer-Verlag, London, UK, pp. 1-16, 2001. A. J. MENEZES, P. C. VAN OORSCHOT and S. A. VANSTONE, Handbook of Applied Cryptography , CRC Press , 2001 A. KHALFALLAH, N. MBAYA, M. S. BOUHLEL, “An easy adapted image chaotic cipher to AWGN canal transmission”, Revue d’Information Scientifique Technique, vol. 17, n°. 1-2, pp. 153-170, 2007. L. KOCAREV, “Chaos-based cryptography: a brief overview”, IEEE Circuits and Systems Magazine, vol. 1, n°. 3, pp. 6-21, 2001. R. DEVANEY, An Introduction to Chaotic Dynamical Systems, 2nd ed. Redwood City, CA: Addison-Wesley, 1989. D. SOCEK, Li. SHUJUN, S.S. MAGLIVERAs and B. FURHT, “Enhanced 1-D chaotic key-based algorithm for image encryption”, IEEE, Security and Privacy for Emerging Areas in Communications Networks, 2005. C. Q. LI, S. J. LI, G. ALVAREZ, G. R. CHEN, and K. T. LO, “Cryptanalysis of two chaotic encryption schemes based on circular bit shift and XOR operations”, Physics Letters A, vol. 369, no.1-2, pp. 2330, 2007. L.M. PECORA and T.L. CARROLL, “Synchronization in Chaotic Systems”, Physical Review Letters, vol. 64, n°. 8, pp. 821-824, February 1990. T. PARASKEVI, N. KLIMIS and K. STEFANOS, Security of Human Video Objects by Incorporating a Chaos-Based Feedback Cryptographic Scheme, The 12th annual ACM (Association for Computing Machinery) international conference on Multimedia, New York, NY, USA, October 10 - 16, 2004. G. CHEN, Y. MAO, and C.K. CHUI, “A symmetric image encryption based on 3D chaotic maps”, Chaos Solitions Fractals, vol. 21, pp. 749761, 2004. Y. MAO, G. CHEN and C.K. CHUI, “A novel fast image encryption scheme based on 3D chaotic Baker maps”, Int. J. Bifurcation Chaos, vol. 14, pp. 3613-3624, 2004. S. DOUGLAS, Crypography: Theory and practice, 2nd edition, Chapman & Hall, 2002. F. KAMMOUN, A. KHALFALLAH and M. S BOUHLEL, “New Scheme of Digital Watermarking Using an Adaptive Embedding Strength Applied on Multiresolution Filed by 9/7 Wavelet”, Journal of Imaging Systems and Technolgy, Vol. 16, Issue 6, pp. 249-257, 2006. A. KHALFALLAH and M. S BOUHLEL, “The Impact of the Concept of the Family Relative Signatures on the Non-Blind Watermarking in the Multiresolution Domain using 9/7 and 5/3 Wavelets”, International Journal on Information and Communication Technologies, Vol.4, N. 34, pp. 111-118, 2011. W. BENDER, D. GRUHL, N. MORIMOTO and A. LU, “Techniques for data hiding”, IBM Systems Journal, Vol 35, n° 3&4, pp.313-336, 1996.