Improving the compression and encryption of images using FPGA

Multimed Tools Appl (2006) 28: 5–22 DOI 10.1007/s11042-006-5117-6

Improving the compression and encryption of images using FPGA-based cryptosystems Shih-Ching Ou · Hung-Yuan Chung · Wen-Tsai Sung

 C

Springer Science + Business Media, Inc. 2006

Abstract Compression and encryption technologies are important to the efficient solving of network bandwidth and security issues. A novel scheme, called the Image Compression Encryption Scheme (ICES), is presented. It combines the Haar Discrete Wavelet Transform (DWT), Significance-Linked Connected Component Analysis (SLCCA), and the Advance Encryption Standard (AES). Because of above reason the ICES efficiently reduce the overall processing time. This study develops a novel hardware system to compress and encrypt an image in real-time using an image compression encryption scheme. The proposed system exploits parallel processing to increase the throughout of the cryptosystem for Internet multimedia applications to implement the ICES. Using hardware acceleration for encryption and decryption, the FPGA implementation of DWT, SLCCA and the AES algorithm can be used. Using a pipeline structure, a very high data throughput of 330 Mbit/s at a clock frequency of 40 MHz was obtained. Therefore, the ICES is secure, fast and suited to high speed network protocols such as ATM (Asynchronous Transfer Mode), FDDI (Fiber Distributed Data Interface) or Internet multimedia applications. Keywords Discrete wavelet transform (DWT) . Significance-linked connected component analysis (SLCCA) . Advance encryption standard (AES) . Image compression encryption scheme (ICES) 1. Introduction The accelerated growth of image and video applications, including the videophone, video conferencing and the WWW, is such that as Internet technologies develop, digital media can be S.-C. Ou Department of Information Communication, Leader University, Taiwan H.-Y. Chung · W.-T. Sung Department of Electrical Engineering, National Central University, Taiwan W.-T. Sung () 4F, NO.184-1, Kee-Kin 1st Road, An Lo District, 204 Keelung, Taiwan e-mail: [email protected] Springer

6

Multimed Tools Appl (2006) 28: 5–22

transmitted conveniently over networks. However, some problems have arisen. One concerns the security of transmission. Several cryptosystems, such as DES [11] and RSA [12], have been proposed to protect the security of data using the encryption/decryption process. The feature of these schemes is that the encrypted data are presented as messy and meaningless data. When these data are transmitted through the network, they can be easily intercepted. Consequently, protecting secret messages during transmission becomes an important issue. Communication bandwidth is another serious problem. Low bit-rate compression algorithms are required. This study presents an appropriate compression algorithm (SLCCA) [2] and applies it to multimedia data; the output is encrypted by an encryption algorithm (AES) [9]. Recently, three fundamental approaches have been applied for protecting digital imageswatermarking, image-hiding and image encryption. Watermarking is used for protecting copyright and protecting the ownership of digital data, including video, image, audio or text. Digital watermarking is embedded in the host media. The digital watermark is hidden so that it is perceptually and statistically undetectable. Image-hiding hides’ data in a cover image to generate another meaningful image (called stego-image). The stego-image is then transmitted on a computer network. The stego-image is meaningful, and so if intercepted, it will be ignored by illegal users. Finally, image encryption technique is used to protect privacy or intellectual characteristics. Recently, several proposed methods [3, 5, 8] have combined compression and encryption to reduce overall processing time. However, these methods are too computationally burdensome. The methods clearly cannot encrypt a video stream efficiently in real-time and the reconstruct images have unsatisfactory quality. This study overcomes the above problems and provides a novel architecture (ICES), as shown in figure 1. Both DCT and DWT are techniques of converting data in spatial domain into images in frequency domain. Because of safe internet transmission, this study employs DWT to perform frequency analyses, rather than DCT or other algorithms. An image will bring this information, with various significance data via DWT.

Fig. 1 Image compression encryption scheme Springer

Multimed Tools Appl (2006) 28: 5–22

7

After DWT processing, the image results data of different importance which would form different frequencies. So we could deal with the data individually according to different importance. In order to preserve important data intact and hide digital watermarking in unimportant one, this study chooses DWT instead. DCT can’t do all of these. Following Shannon [14], DWT is first used to transform the input data into a form selected to reduce the interpixel redundancies in the input image. This operation is generally reversible; it also directly reduces the amount of data required. Here, the DWT transforms the image into an array of coefficients, facilitating the compression of interpixel redundancies in later stages of the encoding process. In the second stage, the SLCCA algorithm is used to assign the shortest code words to the most frequently occurring output values, reducing coding redundancy. Finally, the AES algorithm is used to encrypt the image data. Hardware was developed to compress and encrypt the image according to the proposed scheme. The Altera FPGA was used to implement the ICES. This work presents novel experimental results and considers the difference among the performance of various types of software and hardware. The rest of this paper is organized as follows. Section 2 provides some background on DWT and SLCCA used to compress images, and AES. Section 3 presents the proposed Image Compression Encryption Scheme (ICES), which combines image compression and encryption technology. Section 4 discusses experimental results and performance evaluations. Finally, Section 5 draws conclusions and offers suggestions for future work.

2. Background 2.1. Discrete wavelet transform Wavelet transforms are extensively used in a range DSP application, including video and audio compression. Wavelet transformation is used to transfer images into the frequency domain. A third Haar wavelet transform is used to implement a real-time compression system and thus derive a set of biorthogonal sub classes of images; the original image is decomposed on different scales using the pyramidal algorithm architecture. The decomposition is along the vertical and horizontal directions. Multidimensional DWT is typically implemented in the form of hierarchical tree structures the filter bank, as shown in figure 2.

Fig. 2 One stage of multiscale image decomposition Springer

8

Multimed Tools Appl (2006) 28: 5–22

Fig. 3 Hierarchy of wavelet coefficient bands

In this process, two channel filter banks transform the input image into an average image wavelet function and a coefficient scalar function. Using the wavelet function, can compress it by half. The coefficient can be used to reconstruct the original image. The image is 2D and the mean image is generated by low pass filter (LPF), while the detailed images are produced using a high pass filter (HPF). The wavelet transform decomposed the image into a series of the frequency bands—the LL band, the LH band, the HL band, and the HH band. Using a subband coding algorithm, the filters H0 (w1 ) and H1 (w1 ) are 1-D filters. H0 (w1 ) is an LPF and H1 (w1 ) is an HPF. This decomposition provides subimages that correspond to different levels of resolution and orientations (figure 3). The two filters presented herein are compared by decomposing an image of a woman using each of these filters. Figure 4 presents the results. Figure 4 (a1, a2) shows the normalized detailed subimages at different resolutions levels m = 1, and m = 2 (wavelet coefficient) and figure 4. (h1, v1, d1, h2, v2, and d2) the low resolution level subimages [10, 15, 17]. 2.2. Significance-linked connected component analysis Recently, wavelet image coding has improved impressively. Three representative top-ranked wavelet image coders include Shapiro’s embedded zerotree wavelet (EZW) coder [15], Servetto et al.’s morphological representation of wavelet data (MRWD)[16], and Said and Pearlman’s set partitioning in hierarchical trees (SPIHT) [13]. Both EZW and SPIHT exploit cross-subband dependency of insignificant wavelet coefficients while MRWD performs within-subband clustering of significant wavelet coefficients. The SLCCA [2] algorithm is considered here. It is described as follows. I. Main procedure: Begin SLCCA-encode () Step 1: Form a subband pyramid and quantize all wavelet coefficients using a uniform scalar quantizer. The quantization bin size is selected such that the target bit rate is reached. The algorithm also initializes three ordered sets, which are used to determine the significance of coefficients. These sets are the list of scan orders (LSO), the list of child clusters (LCC), and the list of significant coefficients (LSC). All these lists are Springer

Multimed Tools Appl (2006) 28: 5–22

9

Fig. 4 Three-scale wavelet decomposition for the woman image

first in first-out queues. Each entry in the lists is identified by a coordinate [x, y]. C[x, y] represents the coefficient at position [x, y]. Step 2: Perform connected component analysis on significant coefficients within each subband, using conditioned dilation, and remove extremely small connected components. Step 3: Starting from the coarsest subband, scan subbands in the order LL, LH, HL, and HH. Within each subband, scan the coefficients from left to right, top to bottom. Go to the next finer scale after all coefficients in the current scale have been scanned; the SLCCA algorithm will output symbols suitable for being encoded. Four symbols are used to encode the shapes of clusters—POS, NEG, ZERO and LINK. POS or NEG represent the sign of a significant coefficient. ZERO represents an insignificant coefficient that defines the boundary of a cluster. LINK indicates the presence of a significance-link. Step 4: Encoding clusters. 4.1. Start of a new cluster. For every entry [x, y] in LSO, if c [x, y] is significant and has not yet been encoded: Springer

10

Multimed Tools Appl (2006) 28: 5–22

4.1.1. Encode the position [x, y]; c [x, y] is the seed of the cluster. 4.1.2. Call Encode significant coefficient (x, y). 4.2. Encode child clusters. For each entry [x, y] in LCC: 4.2.1.Remove [x, y] from LCC. 4.2.2.For X = 0, 1, and Y = 0, 1: 4.2.2.1. If c [x + X, y + Y ] is significant and has not been encoded, go to Step 4.2.3; 4.2.2.2. If c [x + X, y + Y ] is insignificant and has not been encoded, encode a ZERO symbol. 4.2.3.Call Encode significant coefficient (x, y). Step 5: Encode the magnitude of significant coefficients. END SLCCA-encode () II. Sub procedure BEGIN Encode significant coefficient (x, y) Step 1: Encode the sign (POS or NEG) of c[x, y]; the end of LSC. Step 2: If c[x, y] is the parent of a child cluster that has not been linked to any other coefficient, then, 2.1 Encode a special symbol (LINK). 2.2 Change the position of the child [2x, 2y], which represents all four children at c[x, y], to the end of LCC. This move implies that the child cluster has been linked. Step 3: Expand a cluster. For every [X , Y ] in a predefined neighborhood: 3.1 If c[x + X, y + Y ] is significant and has not been encoded, then call Encode significant coefficient (x + X, y + Y ). 3.2 If c[x + X, y + Y ] is insignificant, then encode a ZERO symbol. END Encode significant coefficient (x, y) The decoding algorithm is straightforward and can be obtained by simply reversing the encoding process. A complete description of the SLCCA algorithm can be found in [2]. 2.3. Advance encryption standard The Advanced Encryption Standard (AES) was published in October 2000 and will be included in a new Federal Information Processing Standard (FIPS) Publication that will specify a cryptographic algorithm used by U.S. Government organizations to protect sensitive information. NIST also anticipates that the AES will be widely used voluntarily by organizations, institutions and individuals outside of the U.S. Government—and outside of the United States. AES is a block cipher, designed by Joan Daemen and Vincent Rijmen. The block cipher has a variable block length and key length. The use of keys with lengths of 128, 192 or 256 bits to encrypt blocks with lengths of 128, 192 or 256 bits has been specified. (All nine combinations of key length and block length are possible). Both block length and key length can be extended very easily to multiples of 32 bits. AES can be implemented very efficiently on a wide range of processors and hardware. Springer

Multimed Tools Appl (2006) 28: 5–22

11

The AES algorithm used for all arithmetic operations is GF(2∧ 8), which can be considered to be the set of polynomials over GF(2) modulo an irreducible polynomial of degree 8 x 8 + x 4 + x 3 + x + 1, for example. The addition is a simple XOR operation, and the multiplication is the usual multiplication of polynomials, followed by a module operation. The encoders include the following. 1. 2. 3. 4.

AddRoundKey: only during the first round, the key is XORed with the block. ShiftRow: the four lines of the block are shifted to the left, by 0, 1, 2 and 3. ByteSub: each byte is changed using a non-linear function. MixColumn: a linear function is applied to each column of the block. It involves a multiplication by a fixed polynomial over GF(2∧ 8), modulo x ∧ 4 + 1. This step is skipped in the final round. 5. AddRoundKey: each byte is XORed with the key. The key length is 128 bits, but accurate computing yields a key with 1280+128 bits, 128 bits for the first XOR. it is the original key, and 128 bits by round. The inverse cipher is very similar to the cipher: most of the steps can be switched, and some of them are their own inverses, or they are very similar. The only problem is the inverse of the MixColumn: the selected polynomial is easy to use, but its inverse is much more complicated. The rounds of the decoder are composed of as follows. 1. AddRoundKey: only for the first round, the final part of the expanded key is XORed with the block. 2. MixColumn: a linear function is applied to each column of the block. It involves a multiplication by a fixed polynomial over GF(2∧ 8), modulo x ∧ 4 + 1. This step is skipped in the first round. 3. ShiftRow: the four columns of the block are shifted to the right, by 0, 1, 2 and 3 places. 4. ByteSub: each byte is XORed with the key, but the order is reversed. Figures 5 and 6 illustrate the sequence of steps in AES and figure 7 depicts the architecture of AES. For more detailed information on the AES algorithm [4].

3. Image compression encryption scheme 3.1. Approach As discussed above, two main problems are associated with image transmission over the Internet—bandwidth and security. This paper proposes the novel scheme for solving these problems. The Image Compression Encryption Scheme (ICES) combines compression and encryption technologies. It effectively solves bandwidth and security problems. SignificanceLinked Connected Component Analysis (SLCCA), which can achieve a high compression ratio and little distortion, is employed. The FPGA or ASIC implementation of the AES algorithm is more effective than software-based solutions. The combination of compression and encryption techniques enhances the security for image transmission and also improves the rate of transmission. 3.2. FPGA-based AES algorithm An AES algorithm may be implemented in various ways [1, 6, 7, 9 ]. This study proposes hardware implementation with 128-bit blocks and 128-bit keys, using FPGA (Field Programmable Gate Arrays). The AES block cipher includes ten rounds. The encryption algorithm has been Springer

12

Multimed Tools Appl (2006) 28: 5–22

Fig. 5 Encryption

designed this way so that the subkey can be generated in parallel with the round calculations. First, round number zero (which is the EXOR input data with the main key) and the subkey to round number one is calculated. Then, executes the round and the subkey to the next round is calculated. The benefit of this design is that the subkeys do not need to be stored, and they are calculated concurrently. Figure 8 depict the encryption key macro of the AES algorithm. In the proposed design, the encryption core is comprised the seven main macros. The Encryption Round Unit (ERU) is the primary data encryption unit, and it can encrypt the plaintext of the AES cipher. The ByteSub Unit (BSU) or the S-Box Unit (SBU) consists of four look-up tables. The Key Buffer Unit (KSU) is the subkey generation unit. The Input Shift Register Unit (ISRU) and the Output Shift Register Unit (OSRU) store plaintext and ciphertext, respectively. The Key Buffer Unit (KBU) also saves the master key to the KSU. The XOR performs the first step of encryption in round one. The Finite Controller Unit (FCU) controls the flow of the encryption core. Springer

Multimed Tools Appl (2006) 28: 5–22

13

Fig. 6 Decryption

Similarly, the decryption core is comprised of many key macros. The decryption round unit (DRU) is the main data decryption unit and it can decrypt the ciphertext of the AES cipher. The InvByteSub Unit (IBSU) or the InvSBox Unit (ISBU) includes four look-up tables. The Key Buffer Unit (KSU) is the subkey generation unit. The Input Shift Register Unit (ISRU) and the Output Shift Register Unit (OSRU) store the plaintext and ciphertext, respectively. The Key Buffer Unit (KBU) also saves the master key to the KSU. The XOR executes the first step of round one of decryption. The Finite Controller Unit (FCU) controls the flow of decryption core. Figure 9 presents the decryption core block diagram. Springer

14

Multimed Tools Appl (2006) 28: 5–22

Fig. 7 Architecture of AES algorithm [19]

3.2.1. Comprehensive technical specification. This design is of a symmetric block cipher (secret key encryption/decryption) algorithm. It has the following features. 1. 2. 3. 4. 5. 6. 7. 8.

Block size of 128 bits. Key length of 128 bits. Encryption Core / Decryption Core. One cipher has 128 bit parallel inputs and outputs. Input and output ports have a size of 32 bits. Has a built-in key schedule module. The other has a 32 bit wide bus multi cycle access (four cycles) for all inputs and outputs. IP (Macro) design (can be reused) Springer

Multimed Tools Appl (2006) 28: 5–22

15

Fig. 8 Encryption core block diagram

Fig. 9 Decryption core block diagram

3.2.2. AES core interface The following figures illustrate the relationship between control and the data signals required to load a key, calculate a keyspace, load plaintext, perform an encryption operation, and read out ciphertext. The example is of an encryption processor, Nb = 4, Nk = 4, but the signal relationships are the same for any combination of parameters, although processing times are specific to a particular parameter combination. Figure 10 presents the module interface, with a total of 132 input pins, 128 output pins. The signal Encrypt = ‘1’ represents Encryption and the signal Encrypt = ‘0’ represents Decryption. When the data load is kept high, the data load ctl signal and the 32 bits (total 128 bits) of new data (plaintext or ciphertext) should be sent to the controller at the positive edge of the clock. While the new key is being set up, the “cv load” must be high. The cv load signal starts a new expansion sequence. When the new key is ready the controller Springer

16

Multimed Tools Appl (2006) 28: 5–22

Fig. 10 Block diagram of AES

input port, the key load signal will be enabled. After the key load is high, each clock cycle 32 bits new key should be sent to the controller input port at the positive edge of the clock. Input Signals Output Signal

Description

CLK

CLK is the main system clock

RST

The interface is asynchronously reset when the reset signal is asseted high

Data in

128 bit data block

CV load

crypto variable load pulse

End

T = encrypt 0 = decrypt

key in

128 bit key block

Data load

data load pulse

Output Signals Signal Data load ctl

Springer

Description Data load ctl signal to controller

End dec ctl

Encrypt signal to controller

Key load

load Cv signal to key schedule

Key cv

128 bits key to key schedule

Alg data

128 bit data block tp algorithm

Multimed Tools Appl (2006) 28: 5–22

17

Fig. 11 Interface of AES

3.3. Image compression encryption algorithm This section considers the basic constituents of the ICES, including the Discrete Wavelet Transform (DWT), the Significance-Linked Connected Component Analysis (SLCCA) coding technique, Asynchronous Transfer Mode (ATM) packets, and the AES algorithm. Core concepts of the ICES are specified. DWT is used to transfer images into the frequency domain. SLCCA is an efficient sourcing coding technique for compressing images. The AES algorithm is used to encrypt the output of the SLCCA. ATM packets are utilized to transfer data over networks. 3.3.1. ICES encoder In the first step of the image compression encryption scheme, the input image is transferred into the frequency domain by DWT. Each wavelet coefficient contains features from a local segment of an input image and represents information in a certain range of frequencies at a particular spatial location. Second, with reference to a subband pyramid as shown in figure 4, all wavelet coefficients are quantized with the same uniform scalar quantizer. The wavelet coefficients are encoded using SLCCA coding technology, according to the significance of wavelet coefficients in the LL band. The output of the SLCCA is the significant coefficients and symbols,such as POS, NEG, ZERO and LINK. An encoder will place them into a column of fixed length, and encrypt them by applying the AES algorithm. Then, the columns will be put into packets, to be transmitted over the network. 3.3.2. ICES decoder At the receiver, the data are unpacked and decrypted by the AES. The SLCCA decoding process is applied to plaintext data. Then, the inverse DWT generates the reconstructed image. Figure 1 presents a block diagram of the ICES algorithm. 3.3.3. Characteristics of the FPGA-based ICES algorithm Improving the compression and encryption of an image using FPGA-based cryptosystems has many potential advantages, which are described as follows. 1. Architectural efficiency: In the image compression encryption scheme, FPGA architecture can be used much more efficiently when it is designed for a specific set of parameters. The architecture of an FPGA can be designed and optimized for a specific set of parameters. Springer

18

Multimed Tools Appl (2006) 28: 5–22

2. Throughput: Although normally slower than ASIC implementations, FPGA implementations have the potential of being substantially faster then software implementations. 3. Security: With reference to security, cryptanalysis often relies on redundancy of a plaintext image to determine the codeword. Most image compression techniques have been designed to remove and reduce redundancy. Compression before encryption minimizes the threat of plaintext attacks, which rely on the redundancy of data. FPGA cannot easily be read or modified by an outside attacker. AES is applied after the SLCCA algorithm, reducing the threat of plaint text attacks. 4. Flexibility: Users can select different discrete wavelet filter banks to increase security during the transformation. Finally, strong compression and encryption algorithms other than SLCCA and AES can be applied to the ICES.

4. Experimental results As part of the proposed image compression encryption scheme, hardware was developed to compress and encrypt an image, causing a few distortions between the original image Io and the reconstructed image Ir . To evaluate the quality of the reconstructed image Ir , the peak signal-to-noise ratio (PSNR) is defined as follows. PSNR = 10 log10

2552 (db) MSE

For an m × m image, the mean square error (MSE) is defined as follows. MSE =

m  m   1  α[i, j] − β[i, j] m 2 i=1 j=1

α[i, j] where β[i, j] and denote the component values of the [i, j] pixel in the original and the compressed images, respectively. A larger PSNR corresponds to a higher image quality. A compressed image is generally acceptable to human perception if its PSNR exceeds 30 db. In ICES, the throughput is calculated as, Throughput = (128 bits ∗ Clock Frequency)/(Cycles Per Encrypted Block) Notably, the ICES was implemented in two separable EPF10K250ABC600-1 chips (of series EPF10 K250A with 20 blocks of EAB memory, which can be used to implement the ROM in the 256 ∗ 8 bit configuration), manufactured by the firm Altera. Two samples of experimental results are obtained. Figure 12(a) presents the original image. The size of the woman image is 256 × 256. The SLCCA was used to compress this original image. After compression, the AES algorithm was used to encrypt the compressed image and transfer it over the Internet. Figure 12(b) presents a reconstructed image, with a compression ratio of 20:1 (0.4bpp). The compression ratio in figure 12(c) has a low bit rate of 0.1bpp, or an 80:1 compression ratio. For compression ratios of 20:1 and 80:1, Table 1, gives the performance results obtained by the image compression encryption scheme (ICES). The implementation of SLCCA as part of the proposed scheme will provide a high compression ratio and yield a reconstructed image of high quality. The original image was monochromatic, and each of its pixels was at one of 256 gray levels. The original image was 256 × 256, equivalent to 64 kbytes, and with a compression ratio of 20:1 (0.4 bpp), the woman image Springer

Multimed Tools Appl (2006) 28: 5–22

19

Table 1 Performance results of image compression encryption scheme (ICES) Bit per pixel = 0.4

Bit per pixel = 0.1

Image

Image size

MSE

PSNR

MSE

PSNR

Womanl

256 × 256

83.98

28.8890

115.1994

27.5163

Woman2

128 × 128

118.9463

27.3773

160.0324

26.0887

F16

256 × 256

132.2500

26.9168

204.245

25.0293

Lena

512 × 512

123.9660

27.1978

208.3007

24.9451

Street

640 × 480

129.1301

27.0205

257.5238

24.0226

Tiffany

512 × 512

98.174

28.2108

165.476

25.9435

Fig. 12 (a) Original image; (b) reconstructed image, Compression ratio 20:1 (0.4 bpp); (c) reconstructed image, Compression ratio 80:1 (0.1 bpp)

was decomposed into three columns each of 1 kbyte. Then, the data were encrypted using AES and transmitted over the Internet. Three compression ratios—1:1, 20:1 and 80:1—were used in these experiments. In the first experiment, 1:1 required most time because much information about the uncompressed image was transferred, while the 80:1 ratio took the least time. The handling time and legibility must be traded off, as required. The finished compressional and protective image compression information will be changed into unrealized code, and will be transmitted over the Internet. Figure 12 presents the returned image. The second experiment involves several quiescent images (Table 1) to determine the ratio of PSNR and MSE. The image compression encryption scheme was designed according to a top-level design flow. Table 2 present the technological data of the circuit. CAD by Altera, Maxplus2 and FPGA express were used to design, simulate, verify and synthesize the circuit. The frequency of the used external clock determines the speed of encryption and decryption, but it must adapt to the algorithm. The minimal period in which the clock can encryption chip is 25 ns (40 MHz), and for the decryption chip, it is 27 ns (37 MHz). The encryption and decryption are performed in 15 clock cycles. The ICES reached the speed of 330 Mb/s for encryption and 308 Mb/s for decryption. Table 3 shows different implementations of ICES. Springer

20

Multimed Tools Appl (2006) 28: 5–22 Table 2 Technological data on the image compression encryption scheme Algorithm

Image compression encryption scheme (SLCC A and AES)

Block length

128 bit

Key length

128 bit

Hardware architecture

Pipeline structure

Maximum clock frequency

40 MHz

Maximum data throughput

330 Mb/s

Latency time for algorithm

15 clock cycles

Table 3 Rate of encryption and decryption Implementation

Encryption speed

Decryption speed

The software implementation (ANSI)

25 Mb/s

25 Mb/s

The software implementation (Visual C++)

65 Mb/s

65 Mb/s

The software implementation Java)

70 Mb/s

70 Mb/s

The hardware implementation (Altera)

330 Mb/s

308 Mb/s

5. Conclusions This study proposed an image compression encryption scheme for Internet multimedia applications. The proposed scheme preserves the important advantages inherent in a compression system and cryptosystem. The characteristics of the proposed scheme can be described as follows. 1. The ICES includes DWT, SLCCA for compressing images and AES for encrypting images. It can allow images to be compressed with a high compression ratio, while maintaining high security during the transmission process. Bandwidth and security issues are overcome simultaneously. 2. The FPGA implementation of DWT, SLCCA and the AES algorithm improve the throughput of the cryptosystem for Internet multimedia applications. With the help of a pipeline structure, a very high data throughput of 330 Mbit/s at a clock frequency of 40 MHz can be achieved. The experimental results indicate that the encrypted images are comprehensible and the reconstructed images are of satisfactory quality. The timing measurements show that the hardware simulation of the image compression and encryption scheme efficiently encrypts image and video streams in real-time. Acknowledgment The authors would like to thank the National Central University of Taiwan for financially supporting this research. Springer

Multimed Tools Appl (2006) 28: 5–22

21

References 1. A JAVA servlet implementation, by Cass Crockatt., A Visual Basic implementation, by P. Fresle, An implementation in C++, by Gerhard Wesp. 2. Bing-Bing Chai, J. Vass, and Xinhua Zhuang “Significance-linked connected component analysis for wavelet image coding,” IEEE Transactions on Image Processing, Vol. 8, Issue: 6, pp. 774 –784, June 1999. 3. H. Cheng, Xiaobo Li, “Partial encryption of compressed images and videos”, IEEE Transactions on Signal Processing, Vol. 48, Issue: 8, pp. 2439 –2451, Aug. 2000. 4. J. Daemen, V. Rijmen, AES Proposal: Rijndael,” September 1999r. 5. Philip P. Dang and Paul M.Chau, “Image encryption for secure internet multimedia applications ,” IEEE Transactions on Consumer Electronics, Vol. 46, Issue 3, pp. 395–403, Aug. 2000. 6. K. Gaj and P. Chodowiec, Implementations of the AES Candidate Algorithms using FPGA Devices” Technical Report, George Mason University, April 2000. 7. Benjamin Leperchey and Charles Hymans, “FPGA implementation of the Rijndael algorithm” June 16, 2000. 8. X. Li, J. Knipe, and H. Cheng, “Image compression and encryption using tree structures,” Patt. Recogn. Lett., Vol.18, No. 11–13, pp.1253–1259, Nov. 1997. 9. Piotr Mroczkowski “Implementation of the block cipher Rijndael using Altera FPGA”. 10. A. Munteanu, J. Cornelis, G. Van Der Auwera, and P. Cristea, “Wavelet image compression—the quadtree coding approach,” IEEE Transactions on Information Technology in Biomedicine, Vol. 3, Issue: 3, pp. 176 –185, Sept. 1999. 11. National Bureau of Standards, Data Encryption Standard, U. S. Department of Commerce, FIPS pub.46, January 1997. 12. R. Rivest, A. Shamir, and L. Adleman, “A method for obtaining digital signatures and public key cryptosystems,” Communications of the ACM, Vol. 21, No. 2, pp. 120-126, Feb. 1978. 13. A. Said, W.A. Pearlman, “A new, fast, and efficient image codec based on set partitioning in hierarchical trees,” IEEE Transactions on Circuits and Systems for Video Technology, Vol. 6, Issue: 3, pp. 243 –250, June 1996. 14. C.E. Shannon, “A mathematical theory of communication,” Bell system technical journal, Vol. 27, No. 3, pp. 379, 1948. 15. Shapiro, J.M., “Embedded image coding using zerotrees of wavelet coefficients,” IEEE Transactions on Signal Processing, Vol. 41, Issue: 12, pp. 3445–3462, Dec. 1993. 16. S.D. Servetto, K. Ramchandran, and M.T. Orchard, “Wavelet based image coding via morphological prediction of significance,” International Conference on Image Processing, 1995. Proceedings., Vol. 1, pp. 530–533, 1995. 17. J.M. Zhong, C.H. Leung, and Tang, Y.Y., “Wavelet image coding based on significance extraction using morphological operations,” Vision, Image and Signal Processing, IEE Proceedings-, Vol. 146 Issue: 4, pp. 206–210, Aug. 1999.

Shih-Ching Ou is working with the Department of Electrical Engineering, National Central University as a senior professor. His research interests include computer aided design, e-learning system, and virtual reality, etc. In August 2004, he serves as Leader University Professor and Director of Research and Development, now he act as Leader University Professor and Institute of Applied Information (Chairman). He has published a number of international journal and conferences papers related to these areas. Currently, he is the chief of Bioinformatics & CAD Laboratory. Springer

22

Multimed Tools Appl (2006) 28: 5–22

Hung-Yuan Chung joined the Department of Electrical Engineering at the National Central University, Chung-li, Taiwan as an associate professor in August 1987. Since August 1992, he was promoted as professor. In addition, he is a registered professional Engineer in R. O. C. He is a life member of the CIEE and the CIE. He received the outstanding Electrical Engineer award of the Chinese Institute of Electrical Engineering in October 2003. His research and teaching interests include System Theory and Control, Adaptive Control, Fuzzy Control, Neural Network Applications, and Microcomputer-Based Control Applications.

Wen-Tsai Sung is a PhD candidate at Department of Electrical Engineering, National Central University in Taiwan. His research interests include computer aided design, web-based learning system, bioinformatics and virtual reality. He has published a number of international journal and conferences papers related to these areas. He received a BS degree from the Department of Industrial Education, National Taiwan Normal University, Taiwan in 1993 and received a MS degree from the Department of Electrical Engineering, National Central University, Taiwan in 2000. He has win the dragon thesis award; master degree thesis be recognized the most outstanding academic research. The thesis entitle is: “Integrated computer graphics system in a virtual environment.” Sponsor is Acer Foundation (Acer Universal Computer Co.). Currently, he is studying PhD at the Department of Electrical Engineering, National Central University as a researcher of Bioinformatics & CAD Laboratory.

Springer