Facsimile Authentication Based on MAC | SpringerLink

Facsimile Authentication Based on MAC Chavinee Chaisri, Narong Mettripun and Thumrongrat Amornraksa

Abstract In this paper, we propose a method to provide message authentication and integrity for a facsimile (fax) document using Message authentication code (MAC) based approach. The proposed method is divided into two parts; sender and receiver. Basically, at the sender side, a MAC value derived from the fax content and a predefined secret key is added to the document before sending it to the receiver via fax. At the receiver side, the modification of fax content can be detected by the use of the agreed MAC and secret key, and the MAC value added on the received fax. The experimental results, from the fax transmission over insecure communication channels, using different types of fax machine, font types and font sizes, demonstrate the promising results. Keywords Message authentication authentication code (MAC)




Data integrity




Facsimile




Message

C. Chaisri
N. Mettripun (&)
T. Amornraksa Multimedia Communication Laboratory, Department of Computer Engineering, King Mongkut’s University of Technology Thunburi, 126 Pracha-uthit Rd, Bangmod, Thungkru, Bangkok 10140, Thailand e-mail: [email protected] C. Chaisri e-mail: [email protected] T. Amornraksa e-mail: [email protected]

J. J. Park et al. (eds.), IT Convergence and Services, Lecture Notes in Electrical Engineering 108, DOI: 10.1007/978-94-007-2598-0_66, Ó Springer Science+Business Media B.V. 2012

613

614

C. Chaisri et al.

1 Introduction Currently, facsimile (fax) machines are widely used in both analog and digital networks. However, the content within the received fax is suspicious since it can potentially be modified by malicious people. Hence, a detection method is greatly required to provide message authentication and integrity of a fax document. Actually, authentication in documents has been a topic of interest for many years, but for the subject document authentication via fax machine, it has not been mush interest by most researchers. Some of them are listed here. Williams et al. [1] developed a method for spotting words in faxed document. This method allowed scale and translation invariant transformations to be used as one step of the signature recognition process. Their techniques provided a very robust means of identifying the words in a bitmapped fax documents. However, the authors did not consider the case of authentication for fax document. Musmann and Preuss [2] proposed comparison and valuation of different redundancy codes techniques for transmission via fax machine. In their experiments, the data transmission were carried out with one and two-dimensional. This method reduced the transmission errors and used less time in transmission, but the faxed document cannot be used for authentication purposes. Garain and Halder [3] proposed the methods of computationally extracting the security features from the document image as bank checks, and identifying the feature space if it was genuine or duplicate. Although his method provided document authentication, it cannot be used for document being sent via fax machine. Geisselhardt and Iqbal [4] proposed an authentication approach for hard copy document based on a preferably invisible encoded portion, and a method for generating such document in which the encoded portion allowed an optimized high capacity of data to be read with security or only few errors. Their method prevented the printed content on hard copy document against forgery attacks, and did not affect the aesthetic appearance of the document in the area of secret communication such as military communication. Unfortunately, it is not practical for real life communication because most of documents sending are performed via insecure communication channels which are more comfortable and faster. Hence, this method is not appropriate to implement with transmission via fax machine. In 2008, Kale et al. [5] proposed a system for compression and encryption of fax documents and error recovery over fax transmission. Basically, the size of document to be faxed was reduced by applying Joint Bi-level Image Experts Group (JBIG) compression technique. They also applied an encryption technique called Salsa20 to produce less effect on retransmission delays and less cost for fax communication. However, the encryption algorithm used i.e. Salsa20 has been proved to be insecure by cryptanalysis group in 2005 and 2008. In addition, their scheme did not consider any error or noise introduced during fax communication which resulted in some bit errors and some unclear parts of faxed document. In this paper, we thus propose a method to provide message authentication and integrity for fax documents. Particularly, it is archived by first applying a MAC

Facsimile Authentication Based on MAC

615

algorithm [6] to the fax content to generate a MAC value. Note that a MAC algorithm may be obtained by applying a hash algorithm i.e. MD5 [7] to the fax content to obtain a hash value, and then encrypt the result using a symmetric encryption algorithm i.e. DES to generate a MAC value [8]. Next, this MAC value is printed at the end of the fax content to produce the real fax document, and later used to verify the integrity and authentication of the faxed document. The verification process can be achieved simply by comparing the MAC values between the one printed on the faxed document and another from the computation process from the content on the faxed document at the receiver side. With our proposed method, the fax receiver can now verify the originality of the text-based content in the faxed document, and detect whether it is changed or not. We organize our paper as follows. In the next section, we describe details of our proposed method. In Sect. 3, sets of experiments are carried out and the results obtained are presented in order to verify the effectiveness of our proposed method. Finally we conclude the finding of our research in Sect. 4.

2 The Proposed Method The model for fax sending and receiving between two different locations is described by the following steps. 1. Creating a fax document that can be used to detect message authentication and integrity of its content based on MAC algorithms. 2. Sending this fax document by an ordinary fax machine. 3. Receiving the fax document from another ordinary fax machine. 4. Based on the fax content, the MAC value is regenerated and compared with the one printed on the fax document itself. If they are matched, the fax content is approved. If not, the receiver asks the sender to send the fax document again. Detail of the fax document creating process in step 1 can be explained as follows. First, a typical text-based fax document is scanned to obtain an image file. Then, a frame line with one-pixel width is inserted to enclose the fax content in that image. The frame detection and cropping algorithm is applied to acquire the image area within the frame, and the result is then put into optical character recognition (OCR) software. Information outputted from the OCR is hashed by the MD5 algorithm and encrypted by DES algorithm with a predefined secret key. The encrypted result known as MAC value is inserted below the fax content outside the frame as a subtitle. Finally, the modified fax image with frame and MAC value is printed out on a white color paper to create a ready-to-send fax document. Figure 1 illustrates the block diagram of fax document creating process performed at the sender side. After receiving the above fax document at another end, it is verified by our proposed method to validate its content. Detail of the fax content verifying

616

C. Chaisri et al. Original Fax Document Fax Image

Document Frame Adding

Image Scanning

Fax Image with Frame

Frame Detection and Cropping Cropped Image OCR Information

Fax Document Generating

Real Fax Document with Frame and MAC

MAC Value

Symmetric Encryption

Hash Value

Hash Function

Secret Key

Fig. 1 Block diagram of the proposed fax document creating process

process mentioned in step 4 can be explained as follows. First, the received fax, called faxed document, is scanned back to obtain an image file. With the frame surrounding the fax document, we apply the rotation and scaling correction algorithm described in [9, 10] to fix any incorrect inclination and image resolution caused by the improper scanning setting/process. The result is then divided into two parts by the same frame detection and cropping algorithm, that is, the image area inside the frame representing the fax content and the image area outside the frame representing the MAC value. Both image areas are then input to the same OCR software as used at the sender side independently. The information obtained from the first image area inside the frame is hashed and encrypted with the MD5 and DES algorithms and the same secret key to obtain a MAC value, while the information obtained from the second image area outside the frame is used for verifying purpose. Finally, both MAC values from different processes are compared. If they are matched, the authentication and integrity of the fax content are verified. If not, someone may add/delete/alter the content of the fax. Figure 2 illustrates the block diagram of fax document verifying process performed at the receiver side. In this research work, we consider any error possibly introduced to the faxed document during the fax transmission via communication channels e.g. telephone line. However, according to the results obtained, such errors were automatically removed by the OCR software because the output from the OCR process contained text-based information only.

Facsimile Authentication Based on MAC

Faxed Document

Scanned Fax Image

Image Scanning

MAC Value Matching Result

617

OCR

MAC Comparing

MAC Value

Scanned Fax Image with Rotation Corrected Angle and Size and Scaling Correction

Frame Detection and Outside-Frame Cropping Scanned Image Inside-Frame Scanned Image

Symmetric Hash Encryption Hash Function InforValue mation

OCR

Secret Key

Fig. 2 Block diagram of the proposed fax document verifying process

3 Experimental Setting and Results 3.1 Experimental Setting Since most types of fax document frequently used nowadays can be divided into two types, depending on the operation of fax machine i.e. ordinary A4 white color paper and thermal white color rolled paper, we thus considered to test both typed of them. In the experiments, we used A4 white color paper with the size of 210 9 297 mm. and thermal white color rolled paper with the size of 210 9 216 mm as the fax document. For the scanning process, the flatbed scanner ‘Lexmark X8350 All-in-One’ was used to scan the ‘Original fax Document’ and ‘faxed Document’ at 72 dpi to obtain a gray scale image stored in bitmap format. Experimentally, each fax image file required 1.6 MB storage space approximately. For the printing process, the inkjet printer ‘Canon PIXMA MP145’ with true color image was used to generate the real fax document. For the OCR process, the C# library ‘Asprise OCR v 4.0’ [11] was used to build the OCR part in our proposed method. Two different types of fax machine were used. The first one i.e. ‘Lexmark X8350 All-in-One’ was used to send/receive fax document with ordinary A4 white color paper, while the second one i.e. ‘Panasonic KX FT903 fax roll machine’ was used to send/receive fax document with ordinary thermal white color rolled paper. In addition, both facsimiles used in the experiments can transmit data across telephone lines in accordance with the International Telephone and Telegraph Consultative Committee (CCITT) standard of digital group 3 fax machines. Foe example, for a standard resolution with T.24 ITU recommendation [12] of 1,728 pels/line, fax machines support speeds with 2,400 bit/s, and typically operate at 9,600 bit/s.

618

C. Chaisri et al.

Hash I 0deeba5b0b64453401b7 eab2c8752f766cdbc388

MACI gTNcT9CaRJVO8cnZU 0LKiosGpqStRYQnRvlb YKSl9g1R9rlgqSLzoN

(a)

(b)

(c)

Fig. 3 a Original fax document at the sender side; b Hash value and MAC value from the computation process and c real fax document with frame and MAC

3.2 Experimental Results Figures 3, 4 and 5 demonstrate some results obtained from the implementation of our proposed method. Figure 3a shows the example of original fax document to be sent from the sender side; Fig. 3b shows the hash and MAC values obtained from the OCR outcome. Finally, the ready-to-send version of fax document was produced and shown in Fig. 3c. Note that we printed only the first five characters of the resulting MAC value as a subtitle on the real fax document. This is because, according to the properties of MAC [8], it still provides enough information for message authentication and integrity purposes. In fact, any part of the MAC value can be used to detect any change on the fax content. When the faxed document was received at another end, some errors during the transmission stage were also accompanied see Fig. 4a. After it was scanned back, and fixed for any incorrect inclination and image resolution, the area inside the image frame was separated, OCRed, hashed and encrypted to acquire the MAC value, see Fig. 4b. Another MAC value obtained from the OCR process of the area outside the image frame, noted by MAC I’ is shown in Fig. 4c. Accordingly, the comparison result reported as ‘‘Match’’. In case the original fax content was changed, identified by the red circle in Fig. 5a, it is obvious that the resulting MAC value from the computation process was different, compared to the one obtained from the direct OCR process, and the comparison result was hence reported as ‘‘No-Match’’, as shown in Fig. 5c. We also tested the effectiveness of our proposed method on various font types and font sizes, that is, the font ‘Arial’ with font sizes of 36, 34, and 36 and ‘Calibri’ with font sizes of 28, 26, and 18. From the results obtained, any change on the fax content could be successfully detected on both types of fax document. However, the accuracy was sometimes decreased when we tested our proposed

Facsimile Authentication Based on MAC

619

Hash II 0deeba5b0b64453401b7 eab2c8752f766cdbc388

MAC II gTNcT9CaRJVO8cnZU 0LKiosGpqStRYQnRvlb YKSl9g1R9rlgqSLzoN

(a)

MACI’

= gTNcT

MACII

= gTNcT

Result

= Match

(b)

(c)

Fig. 4 a Faxed document at the receiver side; b Hash value and MAC value from the computation process and c the comparison result of the first five MAC characters between two identical MAC values

Hash III 00e3114e020171a52a1ab 44013db38ecf597654c

MACI’ = gTNcT MACIII = uJOt+

MAC III uJOt+Rd2e5cm5qYSKa Mqq8+nh201hP/QD69o BqUvyy2VjTN0niR91Q

(a)

(b)

Result

= No Match

(c)

Fig. 5 a Example of the modified faxed document; b Hash value and MAC value from the computation process and c the comparison result of the first five MAC characters between two different MAC values

method on ‘Calibri’ with the font sizes of 18 on thermal rolled paper several times. This is probably because the performance limitation of the OCR library used.

4 Conclusions In this paper, we have presented the method of verifying message authentication and integrity for a fax document based on the use of MAC algorithms. The experimental results showed that our proposed method can practically be used to

620

C. Chaisri et al.

detect any change on the faxed content sent via ordinary fax machine. Moreover, it was shown that the proposed method can also be used efficiently with different types of fax document paper. In the future, we plan to improve our proposed method to cover other different font types and font sizes. Also, we are studying to find out a higher efficient OCR algorithm to be implemented with our method.

References 1. Williams WJ, Zalubas EJ, Hero AO (2000) Word spotting in bitmapped fax documents. Inf Retr 2(2–3):207–226 2. Musmann HG, Preuss D (1977) Comparison of redundancy reducing codes for facsimile transmission of documents. IEEE Trans Commun 25(11):1425–1433 3. Garain U, Halder B (2009) Machine authentication of security documents. In: Proceedings of 10th IEEE international symposium on ICDAR, Barcelona, Spain, 26–29 July 2009, pp 718–722 4. Geisselhardt W, Iqbal T (2007) High-capacity invisible background encoding for digital authentication of hardcopy documents. In: Proceedings of IWDW, Guangzhou, China, 3–5 December 2007, pp 203–221 5. Kale S, Naphade S, Valecha V (2008) Application for a secure fax system. In: Proceedings of ICDCIT, New Delhi, India, 10–13 December 2008, pp 83–88 6. Knudsen LR, Preneel B (1998) Mac DES MAC algorithm based on DES. Electron Lett 34(9):871–873 7. Rivest RL (1992) The MD5 message digest algorithm. RFC 1321 8. Bellare M, Canetti R, Krawczyk H (1996) Keying hash functions for message authentication. In: Proceedings of CRYPTO, Santa Barbara, California, USA, 18–22 August 1996, pp 417–426 9. Thongkor K, Lhawchaiyapurk R, Mettripun N, Amornraksa T (2010) Enhancing method for printed and scanned watermarked documents. In: Proceedings of ITC-CSCC, Pattaya, Thailand, 4–7 July 2010, pp 977–980 10. Mettripun N, Lhawchaiyapurk R, Amornraksa T (2010) Method of rearranging watermarked pixels for printed and scanned watermarked documents. In: Proceedings of IEEE ISCIT, Tokyo, Japan, 26–29 October 2010, pp 492–497 11. Asprise L (2011) Asprise OCR v 4.0: speed. accuracy simplicity portability. http:// asprise.com/home/ 12. Recommendation ITU-T T.24 (1998) Standardized digitized image set