A Joint Encryption/Watermarking Algorithm for Secure Image Transfer

International journal of Computer Networking and Communication (IJCNAC)Vol. 1, No. 1(August 2013) 25

www.arpublication.org

A Joint Encryption/Watermarking Algorithm for

Secure Image Transfer

Youssra LAKRISSI, Mohammed ERRITALI, Mohammed FAKIR

Information Processing and Telecommunication Teams, University Sultan Moulay Slimane,

Benimallal, Morocco

[email protected]

[email protected]

[email protected]

Abstract

This paper presents a method combining encryption and watermarking for secure

images transfer. The proposed solution gives access to the outcomes of the image

integrity and of its origins as its attachment to one user even if the image is stored

encrypted. This method is based on the combination of encryption algorithms public-

private keys and secret keys, and watermarking. The algorithm for image encryption uses

a secret key. We encrypt the secret key with an asymmetric algorithm. This encrypted

secret key is then inserted into the encrypted image using watermark algorithm.

Keywords: Encryption, symmetric encryption, asymmetric encryption, hybrid

encryption, stream cipher, bloc cipher, watermarking, discrete wavelet transform.

1. INTRODUCTION

Rapid growth of Internet has contributed a lot in the increase of multimedia contents over

internet including digital images and videos. Due to exponential rise in multimedia contents, it

has become a trend to share information using digital images and video and at the same time it

has become a challenging issue to protect these contents from tempering in order to avoid a

misuse and retain confidentiality of data [1].

The security of data is pursued by assuring, among others authentication, to verify the identity

claimed by or for any system entity, data confidentiality to protect data against unauthorized

disclosure, data integrity to verify that data have been changed, destroyed or lost in an accidental

manner [1].

Actually, encrypted data need an additional level of protection in order to keep control on

them after the decryption phase. In fact, when the ciphered data is deciphered by the authorized

user, it is unprotected and it can be easily modified, tampered, or stolen. The scientific community

started focusing on the possibility of providing both security services simultaneously and

therefore to have the chance of watermarking encrypted data and detecting the watermark before

and after decryption. This allows to work in the encrypted domain, operating on ciphered data

without giving access to the plain one and increasing the operation efficiency.

Lian et al [2] draw a detailed scenario concerning video encryption and video watermarking

and proposes a new combined approach. Bas et al [3] give an overview on the possible scenarios

where the combination of both level of protection can be exploited, while Merhav [4] presents a

theoretic analysis of this problem. In literature a commutative scheme is presented by Lian et al

[5]: the image is wavelet transformed and some sub bands are ciphered while some others are

both ciphered (with sign encryption) and watermarked.

26


In fact several methods have been developed to solve the problems of security and authenticity

in image transfer. In this paper, we present a hybrid coding approach where we propose to use

several types of encryption with the watermarking in order to secure the image transmission.

Samir Kumar [6] proposed a technique for invisible Digital Watermarking through Encryption

where the image is encoded within another image (cover image). Firstly, the cover image and the

target image can be adjusted by resize function. Secondly, only the final encrypted image i.e.

cover image and target image is sent over the network. This image is finally decoded at the

receiver end.

Puech and Rodrigues [1] present a method of partial or selective encryption for JPEG images.

It is based on encoding of some Huffman bit stream with AES cipher.

We propose a method combining symmetric encryption and watermarking which is robust to

noise and ensure the integrity (perceptual) and the Authenticity of image beside of hiding

associated data (high capacity) in image. This approach can access in different resolution levels

of image due to the wavelet watermarking and can process in real time.

Before embedding the secret key in the image, we are going to crypt it with an asymmetric

algorithm. At the reception, only public-private key will be needed to extract and decrypt the

secret key to get our image legible.

To encrypt the image, we have chosen to work with a symmetric stream cipher and symmetric

bloc cipher so we can make a comparison between them. To embed the secret key, we selected a

watermarking method based on discrete wavelet transform DWT [7].

The remainder of this paper is organized as follow. In Section II, we explain the encryption a

watermarking algorithms and in section III we detail the proposed method, before concluding, we

illustrate the results and discuss the performances of our approach in Sections 3 and 4

respectively.

2. RELATED WORK

2.1 Commutative Watermarking-Encryption (CWE)

One approach to commutative watermarking is provided by deploying homomorphic

encryption techniques so that some basic algebraic operations such as addition and multiplication

on the plaintexts can be transferred onto the corresponding cipher texts, i.e., they are transparent

to encryption [8]. Especially, if both the encryption and the watermarking process consist of the

same homomorphic operation, one gets a commutative watermarking-encryption scheme.

Examples of homomorphic operations are exponentiation modulo n, multiplication modulo n,

addition modulo n and the XOR operation. One major drawback of this approach is the influence

of encryption on robustness of the watermarking algorithm because after encryption there is no

visual information available for the watermark embedder to adapt itself to increase robustness

while at the same time minimizing visual quality degradation [2].

In partial encryption schemes, the plaintext multimedia data is partitioned into two disjoint

parts, where one part is encrypted and the other part is watermarked. Since the encryption part is

independent of the watermarking part, they are naturally commutative. Because there is some

information leakage through the unencrypted parts, in order to get a high level of perceptual

security, the data parts which are significant for perception are encrypted, while only the

perceptually unimportant parts are watermarked, leaving the door open for an attacker trying to

remove the watermark. This lack of robustness against malicious attacks seems to be a general

problem with CWE.



2.2 Hybrid DCT-DWT Watermarking and IDEA Encryption of Internet

Contents

M.A. Mohamed [9] proposed a hybrid image protection scheme to establish a relation between

the data encryption key and the watermark. Prepositioned secret sharing allows the reconstruction

of different encryption keys by communicating different activating shares for the same

prepositioned information. Each activating share is used by the receivers to generate a fresh

content decryption key. In the proposed scheme, the activating share is used to carry copyright or

usage rights data. The bit stream that represents this data is also embedded in the content as a

visual watermark. When the encryption key needs to change, the data source generates a new

activating share, and encrypts the corresponding data with the key constructed from the new

activating share. Before transmission, the encrypted data is embedded in a multimedia stream.

Each receiver can extract the encrypted data from the host image, and decrypt this data after

reconstructing the same key.

3. ENCRYPTION AND WATERMARKING ALGORITHMS USED

3.1 Encryption Algorithm

a) Symmetric Stream Cipher

In cryptography, a stream cipher is a symmetric key cipher where plaintext digits are

combined with a pseudorandom cipher digit stream (key stream). In a stream cipher

each plaintext digit is encrypted one at a time with the corresponding digit of the key stream, to

give a digit of the ciphertext stream [10]. An alternative name is a state cipher, as the

encryption of each digit is dependent on the current state. In practice, a digit is typically

a bit and the combining operation an exclusive-or (XOR).

A stream cipher generates successive elements of the key stream based on an internal state

[10]. This state is updated in essentially two ways: if the state changes independently of the

plaintext or ciphertext messages, the cipher are classified as a synchronous stream cipher as

shown in figure 1. By contrast, self-synchronising stream ciphers update their state based on

previous cipher text digits as shown in figure 2.

Fig.1 Principle of synchronous stream cipher

Fig.2 Principle of auto-synchronous stream cipher

b) Symmetric Bloc Cipher (AES)

AES is based on a design principle known as a substitution-permutation network, and is fast in

both software and hardware [11]. AES is a variant of Rijndael [12] which has a fixed block

28


size of 128 bits, and a key size of 128, 192, or 256 bits. By contrast, the Rijndael specification per

se is specified with block and key sizes that may be any multiple of 32 bits, both with a minimum

of 128 and a maximum of 256 bits [13].

AES operates on a 4×4 column-major order matrix of bytes, termed the state, although some

versions of Rijndael have a larger block size and have additional columns in the state. Most AES

calculations are done in a special finite field.

The key size used for an AES cipher specifies the number of repetitions of transformation

rounds that convert the input, called the plaintext, into the final output, called the ciphertext. The

number of cycles of repetition are as follow:

• 10 cycles of repetition for 128-bit keys [13].



Each round consists of several processing steps, each containing five similar but different

stages, including one that depends on the encryption key itself. A set of reverse rounds are

applied to transform ciphertext back into the original plaintext using the same encryption key.

Figure 3 shows the principle of AES encryption

Fig.3 AES encryption [1]

c) Asymmetric Encryption (RSA):

RSA is an algorithm for public-key cryptography that is based on the presumed difficulty

of factoring large integers, the factoring problem [16]. The RSA algorithm involves three

steps: key generation, encryption and decryption.

A user of RSA creates and then publishes the product of two large prime numbers, along with

an auxiliary value, as their public key. The prime factors must be kept secret. Anyone can use

the public key to encrypt a message, but with currently published methods, if the public key is

large enough, only someone with knowledge of the prime factors can feasibly decode the

message [16]. Whether breaking RSA encryption is as hard as factoring is an open question

known as the RSA problem.

Figure 4 shows the principle of asymmetric cryptography

Fig.4 Asymmetric encryption



3.2 Watermarking Method

The concept of Image watermarking mainly came into existence in 1990s because of the

widespread of the Internet [17]. At that time an invisible watermark message was inserted into

an image which is to be transferred such that the invisible message will survive intended or

unintended attacks. The process of watermarking begins when the encoder inserts watermark into image,

producing watermarked image. The decoder extracts and validates the presence of watermarked input or unmarked input [18].

The transform domain watermarking systems are based on Fourier and Cosine transform which are the invertible transform applied to the image where the coefficients are modified by the watermark data. The Discrete Cosine transform watermarking [19] divides the image into different frequency band and choose the middle frequency band for watermarking. The method that we are going to use on our approach is wavelet watermarking.

The Wavelet domain watermarking system is the multi-band watermarking scheme. The attacker may not be able to detect the embedded watermark without knowing the parameter. The original image is decomposed into wavelet coefficients and then multi-energy watermarking scheme based on the qualified significant wavelet tree.

a) Embedding Watermark

The host image is taken as the input is decomposed with the fingerprint image using wavelet transform. The fingerprint image of is taken as the copyright image is embedded in the approximate and detailed coefficient diagonally of the host image. Then the inverse wavelet transform is applied on these coefficients. The embedding process is performed by using the following steps:

a. The image is decomposed using wavelet gives approximate coefficient (LL) and detailed coefficient of horizontal (HL), vertical (LH) and diagonal (HH) shown in figure 5 of the input image are estimated by using the equation (3).

Figure 5: Wavelet decomposition

′,

√ ∑ ∑ , ,

√

∑ ∑ , Ω,

(3)

Where W (m, n) is the Wavelet Series of the host image.

b. The fingerprint image is embedded in the coefficient of LL and HH by using the equation (4) and (5)

LLi,j ∑ ∑ !!, ɛ ∗ !!, ∗ , $

$ (4)

LL’i,j= LLi,j Else

HHi,j %% &'( ∑ ∑ !!, ɛ ∗ )), ∗ , $

$ (5)

HH’i,j= HHi,j *+,(

30


Where m is height of original image, n is the width of original image. The threshold value of

the approximate coefficient LLi, j for embedding the watermarking is defined as ThLL of 15

with the embedding strength of is 0.06. Then the detailed coefficients HHi, j is embedded with

W using the threshold value of ThHH is 45 and embedding strength of is 3.5. The constant

values will be varied according to the visibility of the watermarked image.

c. The watermarked image is obtained by applying inverse discrete wavelet transform (IDWT)

on the coefficient obtained during step 2 using equation (6).

′,

√ ∑ ∑ ,, ,

∑ ∑ ,, Ω,

(6)

b) Extracting Watermark

In the extraction process, the watermarked image and the copyright image (fingerprint image)

are processed by the following steps

a. The watermarked image is decomposed using wavelets gives approximate coefficient (LL)

and detailed coefficient of horizontal (HL), vertical (LH) and diagonal (HH) of the input image

are estimated by using the equation (7)

-,

√ ∑ ∑ -, ,

√

∑ ∑ -, Ω,

(7)

b. The watermarked image is extracted using the equation (8) and (9).

LL’i,j ∑ ∑ .!, !!, ∗ , $

$ (8)

LL’’i,j = LL’i,j Else

HH’i,j %% &'( ∑ ∑ .!, )), ∗ , $

$ (9)

HH’’i,j= HH’i,j *+,(

Where ZL (i, j) is 0

c. The inverse DWT (IDWT) is applied on the coefficient obtained during step 2 using

equation (10). The fingerprint image (copyright image) is extracted.

,

√ ∑ ∑ ′,, ,

∑ ∑ ′,, Ω,

(10)

4. ENCRYPTION-WATERMARKING COMBINATION

Recall that the asymmetric methods are not suitable for encrypting images because they are

too long computation time. We should therefore use a conventional secret key encryption with

transmission channel for transferring the key.

We have developed a method that combines a symmetric encryption algorithm for image,

asymmetric encryption algorithm to encrypt the secret key and discrete wavelet transform for

watermarking.

We suppose that a person M wish to send an image securely to another person S. M will use a

symmetric algorithm to encrypt the image.



In our approach, we have the choice to use a synchronous stream cipher or bloc cipher (AES)

to encrypt the image, while we will encrypt the secret key with an asymmetric algorithm such as

RSA.

Firstable, M generates his secret key to encrypt the image with it, then this secret key will be

encrypted too with a RSA public key ( RSApub-key) to obtain an encrypted secrete key k’ which

will be then inserted in the encrypted image using discrete wavelet transform (DWT) to get at the

end an encrypted watermarked image.

Finally, M send the image to S as shown in figure 6. S then receives the image, extracted the

mark (the encrypted secret key k’) and decrypted it using his RSA private key, So he can decrypt

the image that M send it to him and viewed it.

Fig.7 Encryption and watermarking combination

If M wants to send a new image to S, it will use a new secret key K1 for this new session. The

method will then be identical, but the public and private keys will not be used in the same order.

Although five keys are needed per session, most of them are transparent to users. In fact, the

private key can be associated with the software, and the two parties, it is not useful to know the

secret key that is inserted in the image. However, for each session, the value of the secret key K

must change. Indeed, if the secret key wasn’t changed every person has the software can encrypt

all images.

5. THE EXPERIMENTAL RESULTS

We applied our method to an image size of 64 * 64. First using the synchronous stream cipher

and secondly with the AES block cipher.

In following figures, we’ll show an example of our application with results.

Consider that Alice wants to send an image to Bob. First Bob should generate his public and

private key, and then send the public one to Alice. Figure 8 illustrates the generation of RSA

keys.

32


Fig.9 Generation of RSA keys

Once the keys are generated, click on the button ‘send the public key’ to send the public key

and display the main interface. Figure 10 shows the main interface of the application.

Fig.10 Main interface

In this interface, we choose which method we want to encrypt our image, giving the radio

button to select whether we wish to encrypt by synchronous stream cipher or by block cipher

(AES). The secret key is displayed in the listbox.

The button ‘Encrypt the key by RSA’ is activated to allow encryption for the secret key of the

stream cipher by RSA;The result is displayed in the listbox surrounded below on figure 11.



Fig.11 Result of secret key encrypted by RSA

After that Alice will watermark the stream cipher encrypted image by the encrypted secret key

using DWT, so she can send securely the encrypted watermarked image to Bob.

Once Bob got the image, hi will extract the mark (means the encrypted secret key) and

decrypted it using his RSA private key. Figure 12 shows the mark extracted and decrypted.

Fig.12 Extract and decrypt the mark from the watermarked image

After encrypting the image, we have watermarked it with the secret key using wavelet discrete

transform (figure 13.c) with a difference between the stream cipher encrypted image and the

encrypted watermarked image ( PSNR=32.32 db) appears on figure 13.e where we can see the

pixel used for watermarking. For the block cipher, the encrypted-watermarked image is shown on

figure 8.d with a difference (PSNR=41.29 db) illustrate in figure 13.f.

34


After decryption, we can see very well the difference between using synchronous stream

cipher in figure 13.g (PSNR=18.62 db) and the bloc cipher (AES) in figure 13.h with

PSNR=8.09db.

Even after applying a noise for the encrypted watermarked image, we note that the stream

cipher is more robust to noise than the AES encryption with a difference (PSNR = 16.41db) for

decryption stream in figure 13.i and (PSNR = 8.02 db) in figure 13.j for the AES decryption.

(a) (b) (c) (d)

(e)

(f) (g) (h)

(i)

(j) Fig. 13 a) Stream cipher encrypted image, b) Image (a) watermarked, c) Difference between (a) and (b),

d) Image (b) decrypted with synchronous stream cipher, e) AES encrypted image, f) Image (e)

watermarked, g) Difference between (e) and (f), h) Image (f) decrypted with AES, i) i) Difference entre

original image and stream cipher decrypted image, j) Difference between the original and decrypted

image with AES

6. CONCLUSION

In this paper, we present a method combined encryption and watermarking algorithms for

images secure transfer. We choose to encrypt the image with a symmetric algorithm (stream

cipher synchronous and bloc cipher ‘AES’) and encrypt the image with an asymmetric algorithm

(RSA). To embed the encrypted key we use a discrete wavelet transform DWT, we prefer to use

multi resolution field because it resists noising that may occur during the transfer.

From the experimental results, we find that the method of stream ciphers makes the most

optimal final image, while the block cipher does not give good results.



7. REFERENCES

[1] W. Puech, J. M. Rodrigues and J.-E. Develay-Morice. “Safe Transfert of Medical Images by

Conjoined Coding: Selective Encryption by AES Using the Stream Cipher Mode OFB and JPEG

Compression.” traitement du signal 2006_volume 23_numéro 6.

[2] S. Lian, Multimedia Content Encryption. CRC Press, 2009.

[3] P. Bas and S. K. et al., “First summary report on hybrid systems,” European Project IST-2002-

07932, ECRYPT - Network of Excellence in Cryptology, Deliverable D.WVL.5, 2005. [4] N. Merhav, “On joint coding for watermarking and encryption,” IEEE Transactions on

Information Theory 52, January 2006. [5] S. Lian, Z. Liu, and H. Wang, “Commutative watermarking and encryption for media data,”

Optical Engineering Letters 45, August 2006. [6] Samir Kumar Bandyopadhyay and Tuhin Utsab Paul and Avishek Raychoudhur. “Invisible Digital

Watermarking Through Encryption » International Journal of Computer Applications (0975 –

8887) Volume 4– No.8, August 2010. [7] D. Kundur and D. Hatzinakos. A robust digital image watermarking scheme using the wavelet-

based fusion. In IEEE Signal Processing Society 1997 International Conference on Image

Processing (ICIP'97), Santa Barbara, California, October 1997. [8] J. Herrera-Joancomarti, S. Katzenbeisser, D. Megias, J. Minguillion, A. Pommer, M. Steinebach,

and A. Uhl, .ECRYPT European Network of Excellence in Cryptology, First Summary Report on

Hybrid Systems,. 2005. [Online]. Available: http://www.ecrypt.eu.org/ecrypt1/

documents/D.WVL.5-1.0.pdf.

[9] M.A. Mohamed and A.M. El-Mohandes “Hybrid DCT-DWT Watermarking and IDEA Encryption

of Internet Contents”. IJCSI International Journal of Computer Science Issues, Vol. 9, Issue 1, No

2, January 2012.

[10] Matt J. B. Robshaw, Stream Ciphers Technical Report TR-701, version 2.0, RSA Laboratories,

1995.

[11] Bruce Schneier, John Kelsey, Doug Whiting, David Wagner, Chris Hall, Niels Ferguson,

Tadayoshi Kohno, Mike Stay (May 2000). "The Twofish Team's Final Comments on AES

Selection". [12] J. Daemen and V. Rijmen. The Design of Rijndael. SpringerVerlag New York, Inc. Secaucus, NJ,

USA, 2002.

[13] Pascal Junod et Serge Vaudenay. Une nouvelle famille d'algorithmes de chiffrement par bloc.

Université J. Fourier, Grenoble 2003.

[14] James Nechvatal, Elaine Barker, Lawrence Bassham, William Burr, Morris Dworkin, James Foti,

Roback, « Report on the Development of the Advanced Encryption Standard (AES) » , 2 octobre

2000. Consulté le 8 juin 2009.

[15] R. Anderson, E. Biham and L. Knudsen “The Case for Serpent” 24th March 2000. [16] Rivest, R.; A. Shamir; L. Adleman (1978). "A Method for Obtaining Digital Signatures and

Public-Key Cryptosystems". Communications of the ACM 21 (2): 120–126. [17] R.G. van Schyndel, A.Z. Tirkel, and C.F. Osborne, "A digital watermark", ICIP'94, vol. 2, pp. 86-

90, Austin, USA, 1994. [18] J.J.K.O Ruanaidh, W.J. Dowling, and F.M. Boland, "Watermarking digital images for copryright

protection", IEE Proc.-Vis. Image Signal Process., vol. 143, n° 4, pp. 250-256, 1996.

[19] Mei Jiansheng,, Li Sukang and Tan Xiaomei “A Digital Watermarking Algorithm Based On DCT

and DWT” ISBN 978-952-5726-00-8 (Print), 978-952-5726-01-5 (CD-ROM)Proceedings of the

2009 International Symposium on Web Information Systems and Applications

(WISA’09)Nanchang, P. R. China, May 22-24, 2009, pp. 104-107.

Authors

Youssra LAKRISSI Obtained a master's degree in business

intelligence from the faculty of science and technology, Beni Mellal at

Morocco in 2013. Her research concerns image processing and

cryptography.

36


Mohammed ERRITALI Obtained a master's degree in business

intelligence from the faculty of science and technology, Beni Mellal at

Morocco in 2010. His current interests include developing

specification and design techniques for use within Intelligent Network,

data mining, image processing and cryptography.

He is currently a professor at the Faculty of Science and

Technology, University Sultan Moulay Slimane , and also a member

of the LRI laboratory at the faculty of sciences, Mohamed V Agdal

University, Rabat.

Dr Mohamed FAKIR obtained a degree in Master of Electrical

Engineering from Nagaoka University of Technology in 1991 and a

Ph.D. degree in electrical engineering from the University of Cadi

Ayyad, Morocco. He was a team member in Hitachi Ltd., Japan

between 1991 and 1994. He is currently a professor at the Faculty of

Science and Technology, University Sultan Moulay Slimane,

Morocco.His research concerns the recognition and artificial

intelligence.

A Joint Encryption/Watermarking Algorithm for Secure Image Transfer

Technology

image encryption

image cover image

image integrity

authenticity of image

target image

image legible

image transmission

final encrypted image