Fast Encryption of JPEG 2000 Images in Wireless Multimedia Sensor ...

Fast Encryption of JPEG 2000 Images in Wireless Multimedia Sensor Networks Tao Xiang1 , Chenyun Yu1 , and Fei Chen2 1

College of Computer Science, Chongqing University, Chongqing 400044, China 2 Department of Computer Science and Engineering, The Chinese University of Hong Kong, Hong Kong, China [email protected], [email protected], [email protected]

Abstract. A selective encryption algorithm joint with compression coding is proposed to protect JPEG 2000 images in wireless multimedia sensor networks (WMSN). The algorithm selectively encrypts the lookup table of probability model in MQ coding. As the size of lookup table is fixed and only such one table is used for an image, the proposed algorithm is fairly efficient and thus can perform fast encryption on large volume of JPEG 2000 images in WMSN. Experimental results and their analysis show that the algorithm is secure and energy saving, meanwhile, it does not impair the compression performance of JPEG 2000 coding obviously.

1

Introduction

With the fast development and the widespread application of wireless sensor networks (WSN), more and more data are collected by sensor nodes [1]. They not only include scalar data such as temperature and humidity, but also contain vector information such as images and videos. Wireless multimedia sensor networks (WMSN) refer to the WSN that mainly deal with multimedia data [2], and therefore they inherit many characteristics such as resource limitation from WSN. WMSN have been proposed and drawn the immediate attention of the research community with the availability of low-cost small-scale imaging sensors, CMOS cameras, microphones, which may ubiquitously capture multimedia content from the field. WMSN not only enhance existing sensor network applications such as tracking, home automation, and environmental monitoring, but they also enable several new applications such as surveillance, traffic congestion monitoring, health care, and industrial process control. The security of WMSN is a primary issue since the camera nodes are usually deployed in public environment and the data are transmitted in wireless, however, traditional ciphers provide little help on protecting multimedia data in WMSN for multifold reasons. First, massive volumes of persistently generated multimedia data make it infeasible to adopt traditional computationally intensive ciphers. Second, the hardware limitation of sensor node, as well as its K. Ren et al. (Eds.): WASA 2013, LNCS 7992, pp. 196–205, 2013. c Springer-Verlag Berlin Heidelberg 2013 

Fast Encryption of JPEG 2000 Images in WMSN

197

energy sensitivity, requires the overhead reduction on encryption. Last, to meet QoS requirement on multimedia delivery, encryption process should be designed as fast as possible to alleviate its impact on realtime transmission. Generally speaking, there are two promising ways to alleviate the conflict between security requirement and image processing and transmission. One is selective encryption [3–9], and its principle is reducing the amount of data to be encrypted by only selectively encrypting a portion of data which is defined as important. The other is joint compression and encryption [10–14, 8, 7, 15– 21, 9], and it saves the overhead by combining the process of data encryption and data compression into single one step. There are some related work along these two lines for protecting multimedia data in WMSN [22–26], and only a portion of data is encrypted to save the energy for sensor nodes. That is to say, the encryption overhead is proportional to the total of data volume, and more computational cost is needed on encryption when dealing with massive data. In this paper, we combine the idea of selective encryption with joint compression and encryption, and propose a fast selective encryption algorithm for secure JPEG 2000 coding. Different from most existing selective encryption schemes, the volume of selectively encrypted data is constant for an image no matter what the size of it is. As only a tiny part of fixed-length data is encrypted regardless of the size of whole image file, the algorithm is extremely fast and is suitable for protecting JPEG 2000 images in WMSN. Experimental results and their analysis show that the proposed algorithm achieves a good tradeoff between security and efficiency. The rest of this paper is organized as follows. Section 2 gives a brief introduction about JPEG 2000 and MQ coder. In Section 4, experimental results on the proposed algorithm and its analysis are provided. Finally, Section 5 concludes the paper.

2

JPEG 2000 and MQ Coder

JPEG 2000 is a new image compression standard, and it acts as an update of the wide-spread JPEG image standard [9, 27]. Like JPEG coding, the JPEG 2000 coding process includes four phases: pre-processing, orthogonal transform, quantization, and entropy coding; but it uses discrete wavelet transform (DWT) in orthogonal transform and MQ coder as the entropy coder. JPEG 2000 offers numerous advantages over JPEG standard, and one prominent advantage is that it offers higher compression ratio, especially in low bit-rate. It is reported that JPEG 2000 outperforms JPEG by more than 30% in compression at 0.5bpp or less [9], which makes it a good candidate in resource constrained environments such as WMSN. JPEG 2000 performs entropy coding on bit plane by MQ coder, and generates highly compressed data bit. MQ coder is essentially context-based adaptive binary arithmetic coding (AC), and it is multiplication-free in order to accelerate the coding. As shown in Fig. 1, upon receiving a bit to be encoded (D), MQ coder first decides whether it is the least probable symbol (LPS) or the most

198

T. Xiang, C. Yu, and F. Chen

probable symbol (MPS) based on its probability. The probability estimation of LPS (Qe ) and its update are provided by the standard as a lookup table with four fields as shown in Fig. 2. Then it updates the current coding interval (A) accordingly.

MPS

LPS

A-Qe

Qe

C

Fig. 1. MQ coder

Fig. 2. The lookup table of Qe estimation defined in JPEG 2000

3

The Proposed Fast Encryption Algorithm

Based on the above statements, we can find that the adaptivity of MQ coder is decided by the value of Qe in lookup table as shown in Fig. 2. For example, if LPS is coded and the interval is renormalized, the value of Qe should be increased;

Fast Encryption of JPEG 2000 Images in WMSN

199

if MPS is coded and the interval is renormalized, Qe should be decreased. The updating of Qe is determined by the updating of entry index in the lookup table. In this manner, the probability model can accurately reflects the statistical probabilities of the input, and the coding result will approach the minimum entropy. The MQ decoder imitates this process to recover the source message. That is to say, the values of Qe in coding and decoding are identical. If the value of Qe has tiny difference in decoding process, the current coding interval will change. What’s more, the iteration of coding procedures will magnify this difference and finally make the decoded output totally different. Based on this fact, the basic idea of our proposed encryption algorithm is altering the values of Qe in lookup table as shown in Fig. 2. Specifically, a secret disturbance is applied on Qe for each index, and the disturbance is tuned within an appropriate range to get a good tradeoff between security strength and compression performance. The encryption operation can be formulated as below: Qe = Qe + r

(1)

where r is a random number uniformly distributed in [0, R], and it is generated by a cryptographically secure pseudorandom number generator (PRNG) with a secret key; R is the threshold controlling the impact on compression performance. In this manner, MQ coder uses a secure adaptive statistical model for JPEG 2000 encoding. MQ coder cannot replay this disturbance without the correct secret key, and thus make the JPEG 2000 decoded image far different from its plain image. The proposed algorithm is a selective encryption joint with JPEG 2000 coding. Its main advantage over other existing selective image encryption algorithms is that the encryption overhead is not proportional to the size of plain images, i.e. the volume of selected data to be encrypted is fixed regardless of the size of plain images, as the size of lookup table for Qe is fixed and there is only such one table per image. What’s more, the lookup table contains 47 entries, which means only 47 random numbers should be generated during the encryption process. For these reasons, the proposed encryption scheme is efficient, especially when dealing with massive image data in real time, and can serve as a fast lightweight encryption algorithm in WMSN.

4

Experimental Results and Analysis

This section describes experimental results and their analysis in order to validate and evaluate the proposed algorithm. A 256 × 256 gray-level Lena image is taken as the plain image. The compression ratio of JPEG 2000 is set to 0.1 for a balance between image quality and image size. RC4 is adopted as the PRNG to generate random number r. The threshold R is set to 0x0600 to get a tradeoff between security strength and compression performance.

200

4.1

T. Xiang, C. Yu, and F. Chen

Encryption Results

We need to validate the encryption effect of the proposed algorithm since only a fixed tiny portion of data is selected to be encrypted. Fig. 3 demonstrates the visual difference between plain image and its encrypted image. The plain image is shown in Fig. 3(a), it is encrypted by the proposed algorithm and the encrypted image is given in Fig. 3(b). It is clear that the content of encrypted image is confused, and nothing intelligible about the plain image can be inferred from it. To measure the quality of encrypted image and its difference from the plain image, we calculate the peak signal-to-noise ratio (PSNR) of these two images, and the results are given in Table 1. From Table 1, the PSNR of encrypted image is only 8.57, indicating that its quality is fairly low. Compared with the PSNR of plain image 34.89, it is easy to understand that the content of plain image is well confused in the encrypted image. Based on these results, the proposed algorithm is proved to be capable of protecting the entire image by only selectively encrypting the values of Qe in the lookup table.

(a) Lena

(b) Encrypted Lena

Fig. 3. Lena and its encrypted image

4.2

Security Analysis

Resistance to Brute-Force Attack: To avoid adversaries from guessing the key using brute-force attack, the key space of a cipher should be designed to be sufficiently large. In our proposed algorithm, the key space is well guaranteed by the key space of cryptographically secure PRNG. For example, in the experiments, RC4 is utilized as the PRNG, and thus the maximum key space is 2256 .

Fast Encryption of JPEG 2000 Images in WMSN

201

Table 1. Encryption results on Lena Image JPEG 2000 coded image JPEG 2000 coded image with encryption

PSNR 34.89 8.57

Even so, there is another worry about the possibility of brute-force attack on the proposed algorithm since the lookup table of Qe only contains 47 entries, which means only 47 values are encrypted. The attacker could directly recover the content of this table if the magnitude of disturbance on Qe , i.e. R, is small. Therefore, R should be set as large as possible, as long as the compression performance is not significantly degraded. In our experiments, R is set to 0x0600, so the space of ciphertext is 0x060047 ≈ 2498 . This is a fairly large to suppress the feasibility of brute-force attack. At the same time, the compression performance is not obviously impaired (please refer to subsection 4.3 for the detail). Based on the above analysis, we can see that the proposed encryption algorithm can resistant to brute-force attack by proper selection of a cryptographically secure PRNG and the value of R. Key Sensitivity: Key sensitivity is required for a good encryption algorithm since the security of a cryptosystem only depends on the secret of the key. Because MQ is adaptive AC in essence, with coding of incoming symbols, the statistical model can be adaptively adjusted to reflect the real distribution of the source. In other words, MQ is not sensitive to the initial condition of probability model determined by the value of Qe . In our proposed algorithm, the key is used to generate a keystream by PRNG, and then the keystream is utilized to encrypt/decrypt Qe . Therefore, we need to exam the sensitivity of the key. In our proposed algorithm, all the values of Qe in the lookup table are disturbed. Once a binary symbol is encoded and the interval is renormalized, MQ coder will locate a new entry in the lookup table by the index number to update the value of Qe , so the encryption algorithm does not only change the initial probability model, but also disturbs it on the fly. In this manner, the encryption algorithm is sensitive to the key. In the experiments, we randomly generate 3000 keys that are uniformly distributed in the key space, and take only one of them as the correct key to encrypt the plain image. The PSNRs of decrypted images by all these keys are plotted in Fig. 4, and the PSNRs obtained by incorrect keys are all below 10. It shows that little change in secret key seriously affects the quality of the decrypted image and makes it unintelligible. Therefore, the key sensitivity of the proposed encryption algorithm is guaranteed. 4.3

Compression Performance

As the proposed encryption algorithm is combined with JPEG 2000 coding process, it should not have significant negative effect on the compression performance of JPEG 2000 coding. In the proposed algorithm, the encryption is

202

T. Xiang, C. Yu, and F. Chen

45 40 35

PSNR(dB)

30 25 20 15 10 5 0

0

500

1000

1500 key

2000

2500

3000

Fig. 4. PSNR obtained by decoding all possible combinations of the keys

performed by securely changing the value of Qe , and the probability model may different from the standard MQ coding. This alteration may make the probability model deviate from or approximate to the real statistics of input source, so the compression performance of the encryption algorithm should be investigated. We tabulate the length of compressed code stream by standard JPEG 2000 and the proposed encryption algorithm in Table 2, and find that the encryption does not impair the compression performance of JPEG 2000 obviously. Actually, this result is attributed to the appropriate selection of threshold R since it controls the magnitude of disturbance on Qe . The greater value Qe takes, the more disturbance it will make on the probability model of MQ and thus has higher probability to impair the compression performance of MQ. In our experiments, it is found that if R takes a value greater than 0x1000, the compression ratio after encryption will be obviously degraded. For this reason, we set R as 0x0600 to get a good balance between security and compression performance. In practice, other value could also be configured to support different application scenario. Table 2. Compression performance comparison on Lena Image JPEG 2000 coded image JPEG 2000 coded image with encryption

Code stream length (byte) 25905 25852

Fast Encryption of JPEG 2000 Images in WMSN

4.4

203

Energy Consumption in WMSN

Because the algorithm is proposed to protect JPEG 2000 images in WMSN and sensor nodes in WMSN are energy sensitive, it is necessary to analyze the energy consumption of the proposed encryption algorithm. Since the size of the lookup table is fixed, the encryption efficiency of the proposed algorithm is better than many existing schemes where the data to be encrypted are proportional to the image size. We implement the proposed algorithm in OMNeT++ [28]. The sensor node is configured with PXA255 as its processor (400MHz, 350mW) and CC2420 as its transceiver. Because the proposed encryption algorithm neither changes the size of JPEG 2000 code stream, nor interferes with the image transmission, we only care about the energy consumption in the processor. The energy consumption model is thereby simplified as: E = t∗P

(2)

where t is the time consumption, and P is the power of the processor. The energy consumption results of JPEG 2000 coding with and without encryption are listed in Table 3. It is clear that the encryption does increase negligible computational overhead on energy consumption. Table 3. Energy consumption comparison on Lena Image JPEG 2000 coded image JPEG 2000 coded image with encryption

5

E (mJ) 229 294

Conclusion

In this paper, we proposed a fast lightweight image encryption algorithm in wireless multimedia sensor networks (WMSN) for protecting JPEG 2000 images. The encryption algorithm combines the ideas of selective encryption and joint compression and encryption. At the entropy coding stage of JPEG 2000 compression, the lookup table of probability model in MQ coder is disturbed to change the values of Qe in secure. In this manner, only a tiny portion of data is needed to be encrypted to protect the whole image in WMSN. Since the size of the lookup table is fixed, the encryption efficiency of the proposed algorithm is better than many existing schemes where the data to be encrypted are proportional to image size. The security and performance of the proposed algorithm are analyzed and related experimental results are given, both of them indicate that the proposed algorithm is fast and secure. Furthermore, the compression performance of JPEG 2000 standard almost remains intact. Acknowledgments. The work in this paper was supported by the National Natural Science Foundation of China (No. 61103211) and the Program for New Century Excellent Talents in University (No. NCET-12-0589).

204

T. Xiang, C. Yu, and F. Chen

References 1. Akyildiz, I., Su, W., Sankarasubramaniam, Y., Cayirci, E.: Wireless sensor networks: a survey. Computer Networks 38(4), 393–422 (2002) 2. Akyildiz, I., Melodia, T., Chowdhury, K.R.: A survey on wireless multimedia sensor networks. Computer Networks 51(4), 921–960 (2007) 3. Cheng, H., Li, X.: Partial encryption of compressed images and videos. IEEE Transactions on Signal Processing 48(8), 2439–2451 (2000) 4. Podesser, M., Schmidt, H.P., Uhl, A.: Selective bitplane encryption for secure transmission of image data in mobile environments. In: IEEE Nordic Signal Processing Symposium (NORSIG 2002), Tromso-Trondheim, Norway (2002) 5. Sadourny, Y., Conan, V.: A proposal for supporting selective encryption in JPSEC. IEEE Transactions on Consumer Electronics 49(4), 846–849 (2003) 6. Pfarrhofer, R., Uhl, A.: Selective image encryption using JBIG. In: Dittmann, J., Katzenbeisser, S., Uhl, A. (eds.) CMS 2005. LNCS, vol. 3677, pp. 98–107. Springer, Heidelberg (2005) 7. Grangetto, M., Magli, E., Olmo, G.: Multimedia selective encryption by means of randomized arithmetic coding. IEEE Transactions on Multimedia 8(5), 905–917 (2006) 8. Liu, J.L.: Efficient selective encryption for JPEG 2000 images using private initial table. Pattern Recognition 39(8), 1509–1517 (2006) 9. Christopoulos, C., Skodras, A., Ebrahimi, T.: The JPEG2000 still image coding system: an overview. IEEE Transactions on Consumer Electronics 46(4), 1103–1127 (2000) 10. Chang, H.K.C., Liu, J.L.: A linear quadtree compression scheme for image encryption. Signal Processing: Image Communication 10(4), 279–290 (1997) 11. Lian, S., Sun, J., Wang, Z.: Perceptual cryptography on SPIHT compressed images or videos. In: IEEE International Conference on Multimedia and Expo (ICME 2004), Taipei, Taiwan, pp. 2195–2198 (2004) 12. Lian, S., Sun, J., Wang, Z.: A secure 3D-SPIHT codec. In: European Signal Processing Conference (EUSIPCO 2004), Vienna, Austria, pp. 813–816 (2004) 13. Wu, C.P., Kuo, C.C.J.: Design of integrated multimedia compression and encryption systems. IEEE Transactions on Multimedia 7(5), 828–839 (2005) 14. Martin, K., Lukac, R., Plataniotis, K.N.: Efficient encryption of wavelet-based coded color images. Pattern Recognition 38(7), 1111–1115 (2005) 15. Wen, J., Kim, H., Villasenor, J.D.: Binary arithmetic coding with key-based interval splitting. IEEE Signal Processing Letters 13(2), 69–72 (2006) 16. Kim, H., Wen, J., Villasenor, J.D.: Secure arithmetic coding. IEEE Transactions on Signal Processing 55(5), 2263–2272 (2007) 17. Martin, K., Member, S., Plataniotis, K.N.: Privacy protected surveillance using secure visual object coding. IEEE Transactions on Circuits and Systems for Video Technology 18(8), 1152–1162 (2008) 18. Li, H., Zhang, J.: A secure and efficient entropy coding based on arithmetic coding. Communications in Nonlinear Science and Numerical Simulation 14(12), 4304–4318 (2009) 19. Taneja, N., Raman, B., Gupta, I.: Partial encryption on SPIHT compressed images. In: Chaudhury, S., Mitra, S., Murthy, C.A., Sastry, P.S., Pal, S.K. (eds.) PReMI 2009. LNCS, vol. 5909, pp. 426–431. Springer, Heidelberg (2009) 20. Hermassi, H., Rhouma, R., Belghith, S.: Joint compression and encryption using chaotically mutated Huffman trees. Communications in Nonlinear Science and Numerical Simulation 15(10), 2987–2999 (2010)

Fast Encryption of JPEG 2000 Images in WMSN

205

21. Wong, K.W., Lin, Q., Chen, J.: Simultaneous arithmetic coding and encryption using chaotic maps. IEEE Transactions on Circuits and Systems Part II: Express Briefs 57(2), 146–150 (2010) 22. Wang, W., Peng, D., Wang, H., Sharif, H.: A cross layer resource allocation scheme for secure image delivery in wireless sensor networks. In: 2007 International Conference on Wireless Communications and Mobile Computing (IWCMC 2007), Hawaii, USA, pp. 152–157 (2007) 23. Wang, W., Peng, D., Wang, H., Sharif, H., Chen, H.H.: Energy-constrained quality optimization for secure image transmission in wireless sensor networks. Advances in Multimedia 1, 1–9 (2007) 24. Wang, W., Peng, D., Wang, H., Sharif, H.: An adaptive approach for image encryption and secure transmission over multirate wireless sensor networks. Wireless Communications and Mobile Computing 9, 383–393 (2009) 25. Wang, H., Hempel, M., Peng, D., Wang, W., Sharif, H., Chen, H.H.: Index-based selective audio encryption for wireless multimedia sensor networks. IEEE Transactions on Multimedia 12(3), 215–223 (2010) 26. Wang, H., Hempel, M., Peng, D., Wang, W., Sharif, H., Chen, H.H.: On energy efficient encryption for video streaming in wireless sensor networks. IEEE Transactions on Multimedia 12(5), 417–426 (2010) 27. Taubman, D.S., Marcellin, M.W.: JPEG2000: Compression Fundamentals, Standards and Practice. Kluwer Academic Publishers (2002) 28. OMNeT++, http://www.omnetpp.org/