Esteganografía y criptosistemas biométricos para la autenticación mutua en el intercambio de claves // Steganography and biometric cryptosystems for mutual authentication in the

Steganography and BiometricsFor

Remote Authentication

Sabah A. JassimApplied Computing Department

Summer University – Universidad Rey Juan Carlos - Spain 6th -8th July 2015

Outline

• Biometric Authentication – Introduction

• Remote Biometric Authentication – The challenge

• The Steganography Solution - Requirements

• Digital Steganography – Approaches and Challenges

• The SecurePhone project & Recent Face Recognition

• Suitable face biometric for Remote Authentication

• Steganography for remote Biometric authentication

Biometrics - Introduction

Biometrics are digital representations of physiological, behavioral or combined characteristics of human

Provides proof of identity for access to sensitive locations, entitlement to services, and for fighting crime and terrorism.

Widely accepted as the most effective mechanism for authentication for access control and e-banking. Privacy concerns is an obstacle!!

EU Funded FP6 Project (2004-2006)

Aims to produce a prototype of a new mobile communication system enabling biometrically authenticated users to deal legal m-contracts during a mobile phone call in an easy yet highly dependable and secure way using a biometric recogniser that fuses face, voice and handwritten signature.

The SP consortuim

SecurePhone

Solutions: Fusion of 2 or more Biometric modalities

PDA’s have multi-sensors, that can be used to Fuse two or more acceptable biometrics, perhaps none is reliable, but together produce more reliable identification.

SSL - Secure PKI (Public Key Infrastructure)

SecurePhone – The Biometric verifier

preprocessing

modellingmodellingmodelling

preprocessingpreprocessing

face voice signature

accept & release private key

reject user

fusionclient & impostor joint-score models

Zero-Knowledge Authentication.

Match on Host (MoH)

Modality 5 digits 10 digitsVoice (V) 6.1 3.4Face (F) 28.6 29.9Signature (S) 6.2 6.2V + F 4.8 3.0V + S 1.1 0.7S + F 4.8 4.7V + F + S 0.9 0.6

Result table with improved results for 5-digit and 10-digit prompts in PDAtabase (SPIE 2006)

This has been

improved to around 20%

and even lower!

Biometrics Authentication – Expectations and Myths

Biometric-based authentication are widely perceived to be more reliable than traditional schemes.

But biometric systems are vulnerable to many attacks: – Templates might be stolen and replaced by imposer’s template– A physical spoof can be created from biometric templates, e.g.

Hill climbing generates target templates (Adler, 2005) Fingerprint were constructed from standard templates

(Cappelli et al, 2007). Protecting Templates in Remote Authentication is a serious

Challenge to deployment of biometrics!!!

Template Security Approaches

Encryption of templates does not provide security.

Biometric cryptosystem - Use the biometric trait to generate a

key, or a biometric hash as a proof of identity.

Feature transformation – Matching in the secure transformed

domain. Invertible or non-invertible transforms are often

generated from a secret key. Examples include salting, secure

sketches, and random projections.

Steganography – Hiding templates in mundane communication

transactions can conceal the act of authentication.

BUT reasonable conditions are needed (Our Contribution)

Digital Steganography - Introduction

Sender Receiver

Cover Cover

Stego

Warden

Digital Steganography – Introduction

The process of hiding a secret message imperceptibly in an innocent looking image which can be transmitting over an open channel without being detected

Performance indicators include:– Capacity: How much data can be hidden in an image– Cover Quality: Invisibility of Artefacts – Robustness: Ability to avoid detection by steganalysis– Security : secret cannot be extracted even if detected

Designing a high performing steganography system in terms of all these indicators is a tough challenge.

Secret Hiding in Images – Main Approaches

Hiding in the cover image spatial domain– The Bit planes

• Embedding in the Least Significant Bit (LSB) • Embedding in other than LSB, such as 2LSB

– Selected Locations• Sequential, • randomly,• In edge regions, etc.

Hiding in the image frequency domain (DCT, Wavelet)

Here we are concerned with spatial domain schemes.

LSB Technique

Replace the LSB of the first 8 pixels of the cover image with that of the 8 bits of the first character B:

embed = (no change) embed =

Easy but not secure, anyone can extract the secret.

Embed a secret/sensitive message ‘Biometrics’ using LSB replacement.Convert the message to binary:

B (66) = 0100 0010i (105) = 0110 1001

Each character requires 8 pixels from the cover image(pixel values: 130, 132, …, 140)

Steganogrpahy solution – The BUT requirements

Biometric trait samples must be easy to transform and represent by binary strings

Capacity and invisibility requirements require the secret to be sufficiently short.

For security and privacy reasons, the process of obtaining the binary secret string cannot be reversed to obtain the original biometric trait sample

The act of embedding the secret should preserve the accuracy of matching.

Face Biometrics

Your Face is your public identity.

Natural Non-invasive mode of person identification

More acceptable biometric than many other, probably more sophisticated and reliable, biometrics.

Most people own programmable mobile smart phones endowed with reasonably good quality web camera.

Research into face biometrics have matured over the last two decades with significantly improved accuracy . A variety of face recognition schemes have been developed and many challenges have been dealt with.

Factors impacting Face Recognition deployment

Curse of Dimension: A face image defines a high dimensional

vector and a huge size digital file. Processing and analyses of

images become computationally demanding.

Significant variation in appearance due to changes in

Expression, Pose, Aging, Lighting conditions, Distance from

Camera, Low resolution and Image degradation (CCTV).

Effect of these variations maybe controlled in our application

Privacy Concerns. Remote Biometric based authentication.

Face Recognition – Main Approaches Geometric Feature matching (not sufficient, but has some use). Appearance-based matching:

Dimension reducing schemes: Principal Component Analysis (PCA), Linear Discriminant Analysis (LDA), Independent Component Analysis (ICA), Isometric projections, ...

Statistical Models (GMM and HMM). Elastic Graph Matching.

Most schemes are based on 2D images, but 3D Head model have also been used – Independent of pose and orientation.

PCA based Face Recognition

Face images are not scattered in their high dimensional space, but rather cluster/reside in much lower dimensional subspace.

PCA is based on using the most significant eigenvalues of the covariance matrix of a training set ={T1 ,T2 ,T3 , … ,Tм} of face images:

image. average the is A and , where

,

)(

)(1

1

AT

MC

ii

Ti

M

ii

The corresponding eigenvectors are used to construct face-like images known as Eigenfaces.

Projecting a face image onto the eigenspace reduces its dimension to the number of chosen most significant eigenfaces.

Trained 200 face images from the ORL database

10 most significant eigenfaces out of the 200 eigenfaces

Example

Good recognition: How many Eigenfaces needed?

DWT – Face Recognition SchemesThe Discrete Wavelet Transform (DWT) decomposes an

image into a set of different frequency subbands with different resolutions.

At a resolution depth of k, the pyramidal scheme decomposes an image I into 3k + 1 subbands: (LLk, HLk, LHk, HHk, . . . , HL1, LH1, HH1).

LLk represents the k-level approximation of the image The subbands HL1, LH1, and HH1 contain finest scale coefficients, and the coefficients get coarser as k increases, LLk being the coarsest.

Each subband represents the face at different frequency ranges and scales.

The coefficients in each subband can be used as a distinct stream for face recognition that can be fused for improved accuracy.

Verification stage

compare using

a similarity

measure

new face image

projection onto Eigenspace

k training face images

multi-stage DWT

PCA

set offeature vectors

set of Eigenfaces

Enrolment stage

multi-stage DWT feature

vector

Face verification/recognition Research at UB

Deep Learning - ConvNets

• Convolutional Neural Network – originally developed in 1980’s.

• Successive filtering and downsampling ‘layers’ where network learns optimal ‘weights’ through iterative training procedure. (Inefficient training)

• Recent advances and efficient training methods includes:

- Microsoft (DeepID) – 200K training images

- Facebook (Deepface) - 7.4M training images

- Google (DeepNet) – 260M training images!!!

Suitability for Steganogrpahy solution!!

Most schemes assume that capturing fresh biometric samples are completely controlled by the system

Unfortunately these schemes are not suitable but for different reasons.

Most can be binarised but into rather long strings from which the recorded sample can be approximated.

SecurePhone enable user devices to authenticate owners locally to sign deals remotely without sending biometrics.

A newly developed face recognition scheme can be modified to meet the stated requirements

Local Binary Patterns (Ojala et al., 1994, 2002)

The Local Binary Pattern (LBP) is an image operator that encapsulates the local texture and is illumination invariant

It replaces each pixel value g(x,y) with an 8-bit binary code whose bits indicate the order relation between g(x,y) with the grey-values in its 3×3 window neighbourhood processed in a “clockwise” direction starting from the top left corner pixel. For each neighbouring pixel p, if g(x,y) > g(p) then the corresponding bit is set to 0 else it would be set to 1, i.e.

𝐿𝐵𝑃 (𝑥𝑐 , 𝑦 𝑐 )=∑𝑛=0

𝑛=7

𝑠 (𝑖𝑛− 𝑖𝑐 ) 2𝑛 , h𝑤 𝑒𝑟𝑒 𝑠 (𝑥 )={¿1𝑖𝑓 𝑥≥ 0¿0 𝑖𝑓 𝑥<0

LBP - Example

Example Threshold Weights Result

7 0 8 1 0 1 1 2 4 2 4 9 0 1 128 8 93 4 3 5 1 0 1 64 32 16

Window of 3×3 Patterns=01011101 LBP=1+4+8+16+64= 93

(a) (b) (c) (d)

Other versions of the LBP includes changing order of pixels,

window size, and/or a sub-pattern of neighbouring pixels.

LBP can also be defined in the frequency domain (e.g. DWT)

Histograms of LBP patterns are used for face recognition

LBP Histograms

An LBP code is uniform if it contains no more than two circular transitions from 0 to 1 or from 1 to 0.

e.g. 00000000 and 01111110 are uniform whereas 11101101 and 01011011 are non- uniform patterns.

There are only 58 uniform LBP-patterns, making about 90% of LBP patterns in images. Uniform patterns are sufficient to describe image texture.

LBP histogram of 59 bins are sufficient: one for each of the 58 uniform patterns and one for the non-uniform ones.

LBP – based Face recognition (Ahonent et al., 2014) The LBP histogram (LBPH) of whole face image encodes only the

occurrences of the micro-patterns but no spatial support. To encode local texture and global ‘shape information’ of a face,

Ahonen et al. proposed a block based scheme that concatenate their LBPHs for a single feature histogram of the face.

LBP – based Face recognition in wavelet domain The 3x3 based LBP operator cannot capture dominant large

scale texture feature. LBP in different DWT subbands provides a texture analysis

tool in different frequency ranges and scales. To reduce the payload capacity for hiding face LBPH’s and to

maintain stego-image quality, our LBP face recognition in the wavelet uses only 4 neighbours. Below is one of 2 options:

The LBPH of 4-bits codes require only 16 bins (not 59 bins).

  12       1   Binary: 1001

20 10 9 1   0 Decimal: 9

  7         0      

  LL HL LH HH

Original

LBP using N8

LBP using N4

Example – Wavelet based LBPs 8-bits and 4-bits

Face Feature Extraction (LBP of Wavelet sub-bands)

• Select sub-band(s), determine the 8 or 4 LBPHs for each blocks of the original face image .

• A face image is decomposed using Haar WTLL2 HL2

HL1

LH2 HH2

LH1 HH1

12 1 Binary: 1001

20C 10 9 1 0 Decimal: 9

7 0

LBP histogram has 59 bins for 8-LBP scheme, and 16 bins for the 4-LBP scheme.

LSB types of Embedding

Most existing LSB based embedding are defeated by a targeted statistically-based steganalysis tool.

The RS (Fridrich, et al., 2001), PoV (Westfeld & Pfitzmann, 2000), WS (Fridrich & Goljan, 2004; Ker & Bohme, 2008) and the difference image histogram (DIH) (Zhang & Ping, 2003) are designed to break the LSB replacement scheme.

While Andrew Ker (2005) is used to break the steganography LSB matching embedding techniques (Sharp, 2001)

We have designed different embedding schemes that are not detected by any of the above.

.

LSB-Witness: Embedding type 1.

• Instead of changing the 1st LSB plane of the cover, we change the 2nd LSB plane.

• The message is in the 1st LSB plane

Secret bit 1st LSB2nd LSB

(Secret bit XOR 1st LSB)

0 0 0

0 1 1

1 0 1

1 1 0

• The 2nd LSB of the cover acts as a ‘witness’

[1] Rasber D. Rashid, Harin Sellahewa and Sabah A. Jassim, “Biometric feature embedding using robust steganography technique,” in Proceedings of SPIE 8755, Mobile Multimedia/Image Processing, Security, and Applications 2013, 875503 (May , 2013).

LSB-Witness: Extracting

• Extractor checks the second LSB plane which acts as a witness to the embedded bits

• Extracted bit = 1st LSB XOR 2nd LSB

2nd LSB 1st LSB Extracted bit

0 0 0

0 1 1

1 0 1

1 1 0

Experimental Data and Evaluation Protocol• Cover images: five images of size 512×512

– Yale Face Database

• ORL database

• The classification is executed using nearest neighbor (NN) with Euclidean distance.

• Experiments conducted for two different scenarios: • Single training image• 50% Training and 50% testing

• Two different block sizes, 3×3 and 5×5.

DWT LBP- Face Recognition - Accuracy

• Recognition accuracy (%), Yale database, 50% training 50% testing, with 5x5 blocks

LL1

HL1 LH1

HH1LL

2HL2 LH

2HH2

LL1,H

L1

LL1,L

H1

LL1,H

L1,LH

1

ALL Le

vel 1

LL2,H

L2

LL2,L

H2

LL2,H

L2,LH

2

ALL Le

vel 2

LL1,H

L1,LH

1, LL

2,HL2

,LH2

0

20

40

60

80

100

N8N4

• Recognition accuracy (%), ORL database, 50% training 50% testing, with 5x5 blocks

LL1

HL1 LH1

HH1LL

2HL2 LH

2HH2

LL1,H

L1

LL1,L

H1

LL1,H

L1,LH

1

ALL Le

vel 1

LL2,H

L2

LL2,L

H2

LL2,H

L2,LH

2

ALL Le

vel 2

LL1,H

L1,LH

1, LL

2,HL2

,LH2

020406080

100

N8N4

Payload vs. imperceptibility • Number of bins used in each case

• PSNR in different combination of sub-bands, each sub-band subdivided to 3 x 3

One Two Three Four Six 0

10

20

30

40

50

60

70

80

N8N4

One Two Three Four Six 0

100020003000400050006000700080009000

10000

3 x 3 N83 x 3 N45 x 5 N85 x 5 N4

Robustness against LSB targeted steganalysis

None of the two most common steganalysis techniques PoV and RS can detect the LSB- witness stego-image even when using 100% of cover pixels for embedding.

The secret message is still extracted from LSB plane but the scheme does not change the LSB

This technique does not introduce any additional visual distortion to the cover image.

Hiding LBPHs in 8-bit pattern matching (2)0 1 0 1 0 0 1 0 0 1 0 1 1 0 0 10 1 1 0 0 0 1 0 0 1 0 1 1 0 0 10 1 0 0 1 1 1 1 1 0 0 0 0 1 0 10 1 0 0 0 1 0 1 1 0 0 1 0 1 0 10 1 0 0 1 0 1 1 1 1 0 0 0 1 1 00 1 1 1 1 0 0 0 0 1 0 1 1 0 0 10 1 0 0 1 0 1 1 1 1 0 0 0 0 0 10 1 0 0 0 1 0 1 1 0 0 1 0 0 1 00 1 1 1 1 1 0 0 0 1 0 1 1 1 0 10 0 1 1 1 1 1 1 1 1 0 1 0 0 0 01 0 0 1 0 0 0 1 1 1 1 0 0 0 0 11 1 1 0 1 0 1 0 0 1 1 1 1 1 1 11 0 1 1 0 0 0 0 1 0 0 0 0 1 0 01 1 0 0 1 0 1 1 1 1 1 0 1 1 0 11 0 1 1 0 0 0 0 0 0 0 0 1 1 0 10 0 1 0 1 1 1 0 1 1 1 0 0 1 0 1

0 1 0 1 0 0 1 0 0 1 0 1 1 0 0 1 0 1 1 0 0 0 1 0 0 1 0 1 1 0 0 … 1 0 1

1 0 0 1 0 1 0 1 0 1 1 0 0 0 1 0 0 0 1 0 0 0 … 0 0 1

Cover Image

Face ImageLBP Code

LSB Plane

Extract the LSB plane

Works in 2 rounds. Matched first and then unmatched

First embed the 8-bits of the biometric secret that have a match in the cover LSB plane, then the remaining 8-bits that have a counterpart of Hamming distance 1, so on

Block selection strategies

The number of blocks in a wavelet sub-band is much smaller than the number of blocks in the cover image.

This can be exploited for different purposes: randomly for more security, or according to best matching blocks for reduced changes.

Results (Invisibility in terms of PSNR)

Payload Traditional LSB 8-bits Pattern 4-bits Pattern 22% 57.535 62.845 63.62445% 54.536 59.407 60.22368% 52.763 57.557 58.34891% 51.523 56.339 57.178

100% 51.176 55.924 56.869

22% 45% 68% 91% 100%0

10

20

30

40

50

60

70

Traditional LSB

8-bits Pattern

4-bits Pattern

Results (Detectability)

Weighted Steganalysis

Payload Technique used BaboonCamera

Man Lena Living Room

Blonde Women

0 -0.026 -0.023 -0.017 -0.038 0.241

22%T. LSB 0.177 0.213 0.227 0.206 0.478

8-bits Pattern 0.003 0.034 0.061 0.046 0.4004-bits Pattern 0.027 0.061 0.070 0.041 0.309

45%T. LSB 0.405 0.446 0.458 0.434 0.667

8-bits Pattern 0.102 0.152 0.153 0.160 0.4574-bits Pattern 0.102 0.148 0.146 0.125 0.355

68%T. LSB 0.650 0.684 0.681 0.648 0.813

8-bits Pattern 0.236 0.252 0.242 0.249 0.4994-bits Pattern 0.186 0.226 0.204 0.223 0.390

91%T. LSB 0.870 0.935 0.917 0.903 1.037

8-bits Pattern 0.348 0.367 0.349 0.350 0.5544-bits Pattern 0.264 0.304 0.278 0.301 0.447

100%T. LSB 0.948 1.020 0.994 0.980 1.113

8-bits Pattern 0.391 0.402 0.377 0.382 0.5744-bits Pattern 0.288 0.328 0.303 0.326 0.477

Robustness against LSB targeted steganalysis

The two most relevant targeted steganalysis tools of WS and DIH cannot detect the matching stego-images

The DIH cannot estimate embedding ratio for both pattern lengths. Even for full payload it returns a ration of around 0.27. i.e. the scheme is robust again DIH.

Similarly, even with full payload the WS tool estimates a payload of 6% for the 8-pattern matching algorithm and 22% for the 4-pattern matching algorithm.

Analysis

The embedded feature do not leak the original data Experiments show that 83-85% of N8 patterns in secret

biometric message match the 8-bits substrings of cover LSB plane. Also 86-88% of N4 patterns in the secret biometric match the 4-bits substrings of cover LSB plane.

High invisibility is due to minimal changes in cover image For more security, partition the cover image into non-

overlapping blocks, split the secret into substrings of the same length as the size of the image blocks, and finally apply the proposed method block by block.

Remote Face based Authentication – An outline

A number of different Remote authentication protocols can be designed to use the 8-bits (or 4-bits) pattern matching to hide the LBPH face features in an image.

Assume a bank has face LBPH template(s) of its customers A customer initiates a transaction with the bank system

from his mobile device. The bank responds with a code that may specify the blocks selection, or permutation of the bins

The customer respond by taking photo of his own face, extract the appropriate LBPH, select a cover image, and embed the LPBU as specified and send to the bank.

The bank check the customer identity.

Conclusions (Biometrics embedding)

• LBP was applied on wavelet sub-bands and features were extracted from multiple wavelet sub-bands.

• For single sub-band the recognition rates proposed is better when non-LL sub-bands

• Using our proposed, in some cases when multi-subbands used, recognition rate is reduced slightly if compared with normal uniform LBP.

• High imperceptibility is achieved

• Number of features representing a face is reduced by approx. 72% if compared with the normal uniform LBP.

Applications

SenderReceiver

Cover Cover

Acknowledgement

Thank you for your attention. Questions?

[email protected]

The End