Page 1

Page 2

Editor in Chief Dr. Haralambos Mouratidis

International Journal of Computer

Science and Security (IJCSS)

Book: 2009 Volume 3, Issue 6

Publishing Date: 30-01-2010

Proceedings

ISSN (Online): 1985-1553

This work is subjected to copyright. All rights are reserved whether the whole or

part of the material is concerned, specifically the rights of translation, reprinting,

re-use of illusions, recitation, broadcasting, reproduction on microfilms or in any

other way, and storage in data banks. Duplication of this publication of parts

thereof is permitted only under the provision of the copyright law 1965, in its

current version, and permission of use must always be obtained from CSC

Publishers. Violations are liable to prosecution under the copyright law.

IJCSS Journal is a part of CSC Publishers

http://www.cscjournals.org

©IJCSS Journal

Published in Malaysia

Typesetting: Camera-ready by author, data conversation by CSC Publishing

Services – CSC Journals, Malaysia

CSC Publishers

Page 3

Table of Contents

Volume 3, Issue 6, January 2010.

Pages

448 - 461

A Wavelet - Based Object Watermarking System for MPEG4

Video

Essaouabi Abdessamad, E.Ibnelhaj, F.Regragui

462 - 472

473 - 481

482 - 490

491 – 507

High Capacity and Security Steganography Using Discrete

Wavelet Transform

H S Manjunatha Reddy, K B Raja

Hybrid Compression Encryption Technique for Securing SMS

Tarek, Bahgat A. Abdel-latef, Awny A. Ahmed, Ahmed M

Mahfouz

On the Usage of Chained Codes in Cryptography

Omessaad Hamdi, Ammar Bouallegue, Sami Harari

A Parallel Framework For Multilayer Perceptron For Human Face

Recognition

Mrinal Kanti Bhowmik, Debotosh Bhattacharjee , Mita

Nasipuri, Dipak Kumar Basu, Mahantapas Kundu

Page 4

508 – 517

518 - 524

525 – 535

536 - 549

A Novel Method for Quantitative Assessment of Software Quality

C. V. Srikrishna, Neelam Bawane

Hierarchical Non-blocking Coordinated Checkpointing Algorithms

for Mobile Distributed Computing

Surender, R.K. Chauhan, Parveen Kumar

Implementation of Agent Based Dynamic Distributed Service

Ravi Prakash Reddy, A.Damodaram

A Havoc Proof for Secure and Robust Audio Watermarking

K.Vaitheki, R.Tamijetchelvy

550 - 558

559- 568

Distributed Co-ordinator Model for Optimal Utilization of Software

and Piracy Prevention

Vineet Kumar Sharma, S.A.M. Rizvi, S. Zeeshan Hussain,

Vignesh

Knowledge Discovery Through Data Visualization Of Drive Test

Data

Shalini Saxena, Abhijit S. Pandya, Robert Stone, Saeed

Rajput, Sam Hsu

569 – 577 A lexisearch algorithm for the Bottleneck Traveling Salesman

Problem

Zakir H. Ahmed

Page 5

578 – 582 An Analysis of Fraudulence in Fuzzy Commitment Scheme With

Trusted Party

Ajay Sharma, Ramveer Singh, Awakash Mishra, Abhishek

Dwivedi, Deo Brat Ojha, Shree Garg

583 – 594 Maximizing Lifetime of Homogeneous Wireless Sensor Network

through Energy Efficient Clustering Method

Asfandyar Khan, Nurul Hasan, Azween Abdullah

International Journal of Computer Science and Security (IJCSS), Volume (3), Issue (6)

Page 6

A.Essaouabi, E.Ibnelhaj & F.Regragui

International Journal of Computer Science and Security (IJCSS), Volume (3): Issue (6) 448

A wavelet - Based Object Watermarking System for MPEG4

Video

A.Essaouabi

Department of physics, LIMIARF Laboratory,

Mohammed V University

Rabat, Morocco

E.Ibnelhaj ibnelhaj@inpt.ac.ma

Institut National of Posts and Telecommunications,

Rabat, Morocco

F.Regragui regragui@fsr.ac.ma

Department of physics, LIMIARF Laboratory,

Mohammed V University

Rabat, Morocco

abdessamad1977@yahoo.fr

Abstract

Efficient storage, transmission and use of video information are key requirements

in many multimedia applications currently being addressed by MPEG-4. To fulfill

these requirements, a new approach for representing video information which

relies on an object-based representation, has been adopted. Therefore, object-

based watermarking schemes are needed for copyright protection. This paper

presents a novel object based watermarking solution for MPEG4 video

authentication using the shape adaptive-discrete wavelet transform (SA-DWT). In

order to make the watermark robust and transparent, the watermark is

embedded in the average of wavelet blocks using the visual model based on the

human visual system. Wavelet coefficients n least significant bits (LSBs) are

adjusted in concert with the average. Simulation results show that the proposed

watermarking scheme is perceptually invisible and robust against many attacks

such as lossy compression (e.g. MPEG1 and MPEG2, MPEG-4, H264).

Keywords: Watermark, Visual model, Robustness, Shape adaptive-discrete wavelet transform.

1. INTRODUCTION

With the emergence of new multimedia standards such as Mpeg-4, the notion of video-object or

image object is more and more widespread [1][2]. Consequently, protecting the different objects

of an image or a video appeared necessary. Therefore several object-based watermarking

techniques, those consist at introducing an invisible signal known as a digital watermark into an

image or video sequence, aim at solving this type of problem. Wu and al. [3] proposed a

multiresolution object watermarking approach based on 2D and 3D shape adaptive wavelet

transforms. The advantage of the multiresolution watermarking method is its robustness against

image/video compression and computational saving. However, the main disadvantage is that

original image/video object is required for watermark detection. Kim and al. [4] proposed an

object-based video watermarking method using the shape adaptive-discrete cosine transforms

Page 7

A.Essaouabi, E.Ibnelhaj & F.Regragui

International Journal of Computer Science and Security (IJCSS), Volume (3): Issue (6) 449

(SA-DCT). The SA-DCT method is superior to all other padding methods in terms of robustness

against the image deformations. Yet, the watermark can be damaged by a wavelet-based image

codec in the quantization stage. Therefore, this method limits their applications in the context of

JPEG2000 and MPEG-4 due to the fact that the wavelet transform is playing an important role in

JPEG2000 and MPEG-4. Piva and al. [5] propose an object watermarking system for MPEG-4

streams. Since this method applies the discrete wavelet transform (DWT) to the whole image and

the watermark is embedded in all the wavelet coefficients belonging to the three detail bands at

level 0, this may lead to loss of the watermark which is embedded in the region outside the

object. Barni and Bartolini [6] proposed a method that consists in embedding a watermark in

each video object of an MPEG-4 coded video bit-stream by imposing specific relationships

between some predefined pairs of quantized DCT middle frequency coefficients in the luminance

blocks of pseudo-randomly selected macroblocks. The quantized coefficients are recovered from

the MPEG-4 bit-stream, they are modified to embed the watermark and then encoded again. The

main drawback of this technique is that, since the code is directly embedded into the compressed

MPEG-4 bit-stream, the copyright information is lost if the video file is converted to a different

compression standard, like MPEG-2. In order to be robust against format conversions, the

watermark has to be inserted before compression, i.e. frame by frame.

In order to satisfie the previous requirements we propose in this paper an object based

watermarking solution for MPEG4 video authentication based on in place lifting SA-DWT . The

watermark signal is embedded in the wavelet coefficients n LSBs before MPEG4 encoding and

not embedded in the region outside object. Unlike most watermark schemes, watermark

embedding is performed by modulating the average of the wavelet coefficients instead of the

individual coefficients in the wavelet block. Visual model is employed to achieve the best tradeoff

between transparent and robustness to signal processing. Watermark detection is accomplished

without the original. Experimental results demonstrate that the proposed watermarking scheme is

perceptually invisible and robust against unintentional and intentional attacks such as lossy video

compression (e.g. MPEG2 and MPEG-4,MPEG1 and H264).

The rest of this paper is organized as follows:

In section 2, we briefly describe the SA-DWT, section 3 will describe the basic functionalities of

watermarking embedding and extraction procedure, section 4 will give the simulations results,

finally section 5 will give the conclusion.

2. IN-PLACE LIFTING SHAPE ADAPTIVE-DISCRETE WAVELET

TRANSFORM

Given an arbitrarily shaped object with shape mask information, with in place lifting

SA-DWT[8][9], the number of transformed coefficients is equal to the number of pixels in the

arbitrarily shaped segment image, and the spatial correlation across subbands is well preserved.

Fig. 1 illustrates the result of one-level wavelet decomposition of an arbitrarily shaped object.

The in-place lifting DWT implementation has special implications for the SA-DWT[9], which can

best be understood visually as shown in Fig. 1. As the SA-DWT is performed, the spatial domain

shape mask remains intact with no requirement to derive a shape mask for each subband. How

the subbands are arranged in this pseudo-spatial domain arrangement is shown in Fig. 2(a).

Each subband can in fact be extracted from the interleaved subband arrangement using the lazy

wavelet transform (LWT) [10]. After the one-level SA-DWT is performed, the LL1 subband can be

extracted using a coordinate mapping from the interleaved subband coordinates (i,j) to the LL1

subband coordinates (iLL1,jLL1) as follows:

(iLL1, jLL1)←([i/2], [j/2]) (1)

Page 8

A.Essaouabi, E.Ibnelhaj & F.Regragui

International Journal of Computer Science and Security (IJCSS), Volume (3): Issue (6) 450

Similarly, the mapping for the HL1 subband is (iHL1, jHL1) ← ([i/2]+1,[j/2]); for the LH1 subband

(iLH1, jLH1)←([i/2],[j/2]+ 1); and for the HH1 subband (iHH1, jHH1) ← ([i/2]+1,[j/2]+1).

After the first level of the SA-DWT, the interleaved subband arrangement is made up of 2 × 2

basic blocks of coefficients. As shown in the left side of Fig. 2 (b), the top-left coefficient of each

block is an LL1 subband coefficient, the top-right coefficient is an HL1 subband coefficient, and so

on The second level SA-DWT is performed by first extracting the LL1 subband using the

coordinate mapping (1) and then performing the one-level SA-DWT using the LL1 subband as the

new input. The output is the four interleaved subbands, LL2, HL2, LH2, and HH2. This is then

placed back into the original interleaved subband arrangement where the LL1 coefficients were

extracted from. This creates a two-level interleaved subband arrangement. As shown in the

middle of Fig.2(b), the two-level interleaved subband arrangement is made of a basic 4×4

coefficient block, with the top-left coefficient of each block being an LL2 coefficient. The

coordinate mappings to extract the second and subsequent level subbands are simply derived by

applying the one level coordinate mappings iteratively to the LL subband coordinate mapping

from the previous level.

FIGURE 1: One-Level Two-Dimensional SA-DWT Using In-Place Lifting DWT Implementation

Page 9

A.Essaouabi, E.Ibnelhaj & F.Regragui

International Journal of Computer Science and Security (IJCSS), Volume (3): Issue (6) 451

FIGURE 2: (a) Interleaved Subband Abstraction (b) Basic Group of Coefficients for Each Level of In-Place

DWT

3. PROPOSED WATERMARKING SCHEME

A content-based watermarking system for content integrity protection is illustrated in Fig. 3.

Page 10

A.Essaouabi, E.Ibnelhaj & F.Regragui

International Journal of Computer Science and Security (IJCSS), Volume (3): Issue (6) 452

(a)

(b)

FIGURE 3 : Block Diagrams for The Proposed Watermarking Scheme. (a) Watermark Embedding (b)

Watermark Detection.

3.1

Fig.3 (a) shows the watermarking embedding procedure. Firstly, the MPEG-4 coded video bit

stream is decoded obtaining a sequence of frames. Each frame is segmented into foreground

(objects) and background and we apply the three levels SA-DWT to foreground object frame by

frame. Then, we apply the algorithm scheme at each third level basic block (see fig 2(b)). NхN is

the size of the matrix wavelet block and Ii(k) is the ith wavelet coefficient in the kth wavelet block

where i Є [1, N×N].

Watermark Embedding

Page 11

A.Essaouabi, E.Ibnelhaj & F.Regragui

International Journal of Computer Science and Security (IJCSS), Volume (3): Issue (6) 453

The rest of the watermarking embedding procedure is presented in and resumed in the following.

The n LSBs of Ii(k) is defined as :

Îi(k)=mod(Ii(k),2n) (2)

The average of the wavelet block is defined as follows:

N

=∑

)(

NN

Î

kAverage

N

i

i

×

×

=1

(k)

(3)

In the proposed watermarking, we choose the blocks with an average value different from zero. If

a few of Ii (k) are changed by Ω due to some distortions, the average of the wavelet block will

only have a small change. Assuming that I′i( k) is the ith wavelet coefficient in the kth wavelet

block after the watermark embedding, Îi′ (k) is the n LSBs of I′i (k) and Average′(k ) is the average

of Îi ′(k) in the kth wavelet block accordingly. The watermark W, consisting of a binary pseudo

random sequence, W(k) Є {−1, 1}, is embedded by adjusting the average of wavelet blocks in

this way :

[

To adapt the watermark sequence to the local properties of the wavelet block, we use the model

based on HVS in the watermark system. The model is similar to that proposed in [7], but it is

developed independently. The visual model takes into account the brightness sensitivity and

texture sensitivity of the wavelet block to noise. The visual model function Vm(k) is defined as:

Vm(k)=brightness (k)х texture(k)β (5)

[

)

)

∈

−=

=

−

−

1)(,2 , 0

1)(,2 ,2

'

1

1

)(

kWif

kW if

n

nn

kAverage

(4)

where

[]

2

1

)()(

)(

NN

kIk brightness

k texture

NN

i

i

×

−

=∑

×

=

NN

kI

kbrightness

NN

i

i

×

=∑

×

=1

)(

)(

β is a parameter used to control the degree of texture sensitivity. This visual model function

indicates that the human eye is less sensitive to noise in the highly bright and the highly textured

areas of the image. Hence, the wavelet blocks are divided into two parts depending on the value

of Vm(k): high activity wavelet block and low activity wavelet block. For simplicity, the threshold

Tc is set to the average of Vm(k). The following function can be applied to distinguish high or low

activity wavelet block:

T(k)=sign(Vm(k)-Tc) (6)

Considering the tradeoff between robustness and transparency, the proposed watermark

embedding algorithm can be formulated as follows:

I’i(k)=Ii(k)+αW(k)Fi(k)[2n-2-S(k)+T(k)х2n-3] (7)

Page 12

A.Essaouabi, E.Ibnelhaj & F.Regragui

International Journal of Computer Science and Security (IJCSS), Volume (3): Issue (6) 454

where α is a scaling factor used to control the strength of the inserted watermark. The flag

function is defined as follows:

Fi(k)=sign((2n-1-Ii(k))хW(k)) (8)

where

=

≥

<−

01

01

)(

xif

xif

xsign

The strength function is defined as follows:

S(k)=sign(X(k)) (9)

Where

X(k)=(2n-1-Average(k))хW(k)

Details concerning the flag function and the strength function are described in table 1.

W(k)

-1

-1

1

1

2n-1-Îi(k)

>0

≤0

>0

≤0

2n-1-Average(k)

>0

≤0

>0

≤0

Fi(k)

-1

1

1

-1

S(k)

-1

1

1

-1

TABLE 1: The Detailed Results of Fi(K) and S(K)

In light of the above, the n LSBs of wavelet coefficients have been adjusted by using equation (7).

Naturally, their average has been updated depending on the requirement of W(k) as show in

equation (4). In other word, the watermark has been embedded.

3.2 Watermark Extraction and Detection

The watermark sequence can be extracted without the original object. From the process of the

watermark embedding, we can obtain the watermarked objects by applying the function of

equation (3). Thus, for a given watermarked object, the watermark can be extracted as:

−

, 1

)( '

Average if

[

)

[

2 , 0

)

=

−

−

∈

)

∈

)

1

1

(

2 ,2(, 1

n

nn

k Averageif

k

kW

(10)

In order to detect the watermark W′ extracted from the watermarked object, we firstly evaluate the

detector response (or similarity of W′ and W ) as :

Page 13

A.Essaouabi, E.Ibnelhaj & F.Regragui

International Journal of Computer Science and Security (IJCSS), Volume (3): Issue (6) 455

L

kWkW

kW

kWkW

WW

(

L

k

L

k

L

k

)() ( '

)( '

)()( '

) , '

1

1

2

1

∑

=

×

=

×

=

∑

=

∑

=

ρ

(11)

where, L is the length of the watermark signal. The Threshold Tρ is set so as to minimize the sum

p of the probability of error detection and the probability of false alarm. If ρ ≥ Tρ, we considered

the watermark is present, otherwise absent.

4. EXPERIMENTS RESULTS

We tested our scheme on a number of video (“akiyo”, ”news”, ”sean”) as show in Fig.4, we only

report in detail results for ‘Akiyo’. In our experiments, the parameters considered are : the

threshold Tρ = 0.1, β = 0.318, n = 5, N=8 ,wavelet-level = 3, wavelettype ='haar', L=1600 and

scaling factor α Є [0.1, 0.5].

In order to test the performance of the proposed watermarking scheme, 200 watermarks were

randomly generated.

The PSNR result between the original object and the watermarked object is 39.26 dB, As shown

in Fig. 5, the watermark is perceptual invisible and the object with watermark appears visually

identical to the object without watermark.

In Fig. 6 the absolute difference between the original object and the watermarked one, it is

evident that there is no watermark embedded in the region outside the object. Fig. 7 shows the

response of the watermark detector to 200 randomly generated watermarks of which only one

matches the watermark present. The response to the correct watermark (i.e. number 100) is

much higher than the responses to incorrect watermarks.

Added experiment results are described in details in the following and added experiment for other

video are listed in table 2.

(a)

Page 14

A.Essaouabi, E.Ibnelhaj & F.Regragui

International Journal of Computer Science and Security (IJCSS), Volume (3): Issue (6) 456

(b)

(c)

FIGURE 4: (a)Original Video (Object) Akiyo, (b)Original Video(Object) News, (c)Original Video(Object)

Scene.

FIGURE 5: Watermarked Object Akiyo (PSNR=39.26 dB)

FIGURE 6: Absolute Difference Between the Original Object and The Watermarked

FIGURE 7: Detector Response of the Watermarked Object Akiyo for 200 Randomly Generated Watermark

4.1

MPEG-4 Compression

Page 15

A.Essaouabi, E.Ibnelhaj & F.Regragui

International Journal of Computer Science and Security (IJCSS), Volume (3): Issue (6) 457

The watermarks are embedded in video objects, frame by frame, using MPEG-4 video object

watermarking scheme, as shown in Fig. 3(a). The MPEG-4 video stream is next decompressed

and two different objects are obtained as shown in Figs 8,9and 10, where the watermark

detection process is applied, as shown in Fig. 3(b). The watermark detector responses of the

decoded foreground objects of akiyo sequence are 0.4735 (foreground) and 0.8834(background),

as shown in Fig. 11 and 13. The responses are well above the threshold Tρ and indicate that our

proposed watermarking scheme is robust to MPEG-4 compression.

FIGURE 8: A Frame of The Video Sequence ‘Akiyo’ The Video Object 3 ‘Background’.

FIGURE 9: A Frame of The Video Sequence ‘Akiyo’ The Video Object 3 ‘Foreground’.

FIGURE 10 : A Frame of The Video Sequence ‘Akiyo’ The Video Object 3.

Page 16

A.Essaouabi, E.Ibnelhaj & F.Regragui

International Journal of Computer Science and Security (IJCSS), Volume (3): Issue (6) 458

FIGURE 11: Watermark Detection Response Relating To The Video Object 3(Foreground) After MPEG-4

Compression.

FIGURE 12 : Watermark Detection Response Relating To The Video Object 3(Background) After MPEG-4

Compression.

4.2

The watermarked MPEG-4 video bitstream is decompressed and frames are obtained. These

frames are compressed MPEG-2 coded video bitstream using AVS video converter 6.2 and Easy

video converter V.4.2. Next, the MPEG-2 coded video bitstream is decompressed, and each

frame is separated so different objects are obtained, where the watermark detection process is

applied. As shown in Fig.13 and 14, both watermarks embedded in the two objects are easily

detected which indicates that the proposed scheme is robust to conversion from MPEG-4 to

MPEG-2.

Format Conversion from MPEG-4 to MPEG-2

Page 17

A.Essaouabi, E.Ibnelhaj & F.Regragui

International Journal of Computer Science and Security (IJCSS), Volume (3): Issue (6) 459

FIGURE 13 : Watermark Detection Response Relating To The Video Object 0 (Foreground) After Format

Conversion From MPEG-4 To MPEG-2.

FIGURE 14: Watermark Detection Response Relating To The Video Object 1 (Background) After Format

Conversion From MPEG-4 To MPEG-2.

Page 18

A.Essaouabi, E.Ibnelhaj & F.Regragui

International Journal of Computer Science and Security (IJCSS), Volume (3): Issue (6) 460

Detector responses

No attack(foreground)

MPEG-4 Compression

(foreground)

akiyo

0.7101

0.4506

News

0.7212

0.5535

Sean

0.7131

0.5944

MPEG-4 Compression

(background)

MPEG-4 to MPEG-2

(foreground)

MPEG-4 to MPEG-2

(background)

MPEG-1(foreground)

MPEG-1(background)

H264(foreground)

H264(background)

0.8723 0.8077 0.8606

0.2376 0.3253 0.3962

0.8491 0.8652 0.8245

0.4231

0.8296

0.4673

0.8024

0.4179

0.8019

0.4798

0.8266

0.5481

0.8022

0.4022

0.8070

TABLE 2: Watermark Detector Responses After Attacks

5. CONSLUSION

In this article, a novel blind object watermarking scheme for MPEG4 video streams using the

SA-DWT has been proposed. To make the watermark robust and transparent, we embed it in the

average of the wavelet blocks using visual model. The visual model takes into account sensitivity

to brightness and texture. Efficiency of the method is revealed on the basis of the following

results:

(1) The average has a smaller change than that of individual coefficient. Thus, unlike most

watermarking schemes, the watermark is not embedded by just an individual wavelet coefficient

but by modulating the average of the wavelet blocks.

(2) Visual model allowed to achieve the best tradeoff between transparency and robustness.

(3) Watermark detection is accomplished without the original.

(4) Many parameters can be used as private key to that they are unknown to public.

6. REFERENCES

1. MPEG Requirements Group. “MPEG-4 requirements”. Doc. ISO/IEC JTC1/SC29/WG11

N1595, Sevilla MPEG meeting, February 1997

2. F. Hartung and M. Kutter. “Multimedia watermarking techniques”. In Proceedings of the IEEE,

vol. 87, no. 7,pp. 1079–1107, july 1999.

3. X. Wu, W. Zhu, Z. Xiong and Y. Zhang. “Object-based multiresolution watermarking of images

and video”. In Proceedings of ISCAS’2000, Geneva, Switzerland, pp. 212–215, May 23–31,

2000

4. G.Y. Kim, J. Lee and C.S. Won. “Object-based video watermarking”. In Proceedings of

ICCE’99, pp. 100–101, June 22–24, 1999.

5. A. Piva, R. Caldelli and A.D. Rosa. “A DWT-based object watermarking system for MPEG-4

video streams”. In Proceedings of ICIP’2000,Vancouver, Canada, September 2000, vol. III, pp. 5–

8, 2000.

6. M. Barni, F. Bartolini, V. Capelini, and N. Checacci. “Object Watermarking for MPEG-4 video

streams copyright protection”. In Proceedings of IST/SPIE’s : Security and Watermarking of

Multimedia Content II, SPIE Proceedings, San Jose, CA, vol 3971, pp. 465-476, 2000

Page 19

A.Essaouabi, E.Ibnelhaj & F.Regragui

International Journal of Computer Science and Security (IJCSS), Volume (3): Issue (6) 461

7. K. Xiangwei, L. Yu, L. Huajian and Y. Deli. “Object watermarks for digital images and video”.

Image and Vision Computing, Vol.22, No.8, pp.583-595, Aug.2004.

8. M .Karl, L.Rastislav and, N. P. Konstantinos. “ SPIHT-based Coding of the Shape and Texture

of Arbitrarily-Shaped Visual Objects”. Circuits and Systems for Video Technology, IEEE

Transactions on Volume 16, Issue 10, pp:1196 – 1208 Oct. 2006

9. S. Li and W. Li. “Shape-adaptive discrete wavelet transforms for arbitrarily shaped visual object

coding”. In Proceedings of IEEE Trans. Circuits Syst. Video Technol., vol. 10, pp. 725–743, Aug.

2000.

10. W. Sweldens. “The lifting scheme: A new philosophy in biorthogonal wavelet constructions”.

In Wavelet Applications in Signal and Image Processing III, A. F. Laine and M. Unser, Eds. Proc.

SPIE 2569, pp. 68–79, 1995.

Page 20

H S Majunatha Reddy, & K B Raja

International Journal of Computer Science and Security (IJCSS), Volume (3): Issue (6) 462

HIGH CAPACITY AND SECURITY STEGANOGRAPHY USING

DISCRETE WAVELET TRANSFORM

H S Manjunatha Reddy

Dept. of Electronics and Communication

Global Academy of Technology, Bangalore, India-560098

K B Raja

Dept. of Computer Science and Engg

University Visvesvarya College of Engg,

Bangalore University, Bangalore-01

manjunathareddyhs @rediffmail.com

raja_kb@yahoo.com

Abstract

The secure data transmission over internet is achieved using Steganography. In

this paper High Capacity and Security Steganography using Discrete wavelet

transform (HCSSD) is proposed. The wavelet coefficients of both the cover and

payload are fused into single image using embedding strength parameters alpha

and beta. The cover and payload are preprocessed to reduce the pixel range to

ensure the payload is recovered accurately at the destination. It is observed that

the capacity and security is increased with acceptable PSNR in the proposed

algorithm compared to the existing algorithms

Keywords: Steganography, Wavelet Fusion, Security, Embedding strength parameters, Imperceptibility.

1. INTRODUCTION

The development in technology and networking has posed serious threats to obtain secured data

communication. This has driven the interest among computer security researchers to overcome

the serious threats for secured data transmission. One method of providing more security to data

is information hiding. The approach to secured communication is cryptography, which deals with

the data encryption at the sender side and data decryption at the receiver side. The main

difference between steganography and cryptography is the suspicion factor. The steganography

and cryptography implemented together, the amount of security increases. The steganography

make the presence of secret data appear invisible to eaves droppers such as key loggers or

harmful tracking cookies where the users keystroke is monitored while entering password and

personal information. The Steganography is used for secret data transmission. Steganography is

derived from the Greek word steganos which means “covered” and graphia which means

“writing”, therefore Steganography means “covered writing”. In steganography the secret image is

embedded in the cover image and transmitted in such a way that the existence of information is

undetectable. The digital images, videos, sound files and other computer files can be used as

carrier to embed the information. The object in which the secret information is hidden is called

covert object. Stego image is referred as an image that is obtained by embedding secret image

into covert image. The hidden message may be plain text, cipher text or images etc. The

steganography method provides embedded data in an imperceptible manner with high payload

capacity. Encrypting data provides data confidentiality, authentication, and data integrity.

Steganography, copyright protection for digital media and data embedding are the data hiding

techniques. Steganography is a method of hiding secret information using cover images.

Copyright marking classified into watermarking and fingerprinting. Watermarking is the process of

possibly irreversibly embedding information into a digital signal. The signal may be audio, pictures

Page 21

H S Majunatha Reddy, & K B Raja

International Journal of Computer Science and Security (IJCSS), Volume (3): Issue (6) 463

or video etc. Fingerprinting attaches a serial number to the copy of digital media. Copyright

protection prevents illegal transfer of data. In data embedding systems the receiver will know

about the hidden message and the task is to decode the message efficiently. The main aspect of

steganography is to achieve high capacity, security and robustness. Steganography is applicable

to (i) Confidential communication and secret data storing, (ii) Protection of data alteration, (iii)

Access control system for digital content distribution, (iv) Media Database systems etc.

The various steganographic techniques are: (i) Substitution technique: In this technique only the

least significant bits of the cover object is replaced without modifying the complete cover object. It

is a simplest method for data hiding but it is very weak in resisting even simple attacks such as

compression, transforms, etc. (ii)Transform domain technique: The various transform domains

techniques are Discrete Cosine Transform (DCT), Discrete Wavelet Transform (DWT) and Fast

Fourier Transform (FFT) are used to hide information in transform coefficients of the cover

images that makes much more robust to attacks such as compression, filtering, etc. (iii) Spread

spectrum technique: The message is spread over a wide frequency bandwidth than the minimum

required bandwidth to send the information. The SNR in every frequency band is small. Hence

without destroying the cover image it is very difficult to remove message completely. (iv)Statistical

technique: The cover is divided into blocks and the message bits are hidden in each block. The

information is encoded by changing various numerical properties of cover image. The cover

blocks remain unchanged if message block is zero. (v) Distortion technique: Information is stored

by signal distortion. The encoder adds sequence of changes to the cover and the decoder checks

for the various differences between the original cover and the distorted cover to recover the

secret message.

Steganalysis is the science of detecting hidden information. The main objective of Steganalysis is

to break steganography and the detection of stego image is the goal of steganalysis. Almost all

steganalysis algorithms rely on the Steganographic algorithms introducing statistical differences

between cover and stego image. Steganalysis deals with three important categories: (a) Visual

attacks: In these types of attacks with a assistance of a computer or through inspection with a

naked eye it reveal the presence of hidden information, which helps to separate the image into bit

planes for further more analysis. (b) Statistical attacks: These types of attacks are more powerful

and successful, because they reveal the smallest alterations in an images statistical behavior.

Statistical attacks can be further divided into (i) Passive attack and (ii) Active attack. Passive

attacks involves with identifying presence or absence of a covert message or embedding

algorithm used etc. Mean while active attacks is used to investigate embedded message length

or hidden message location or secret key used in embedding. (c) Structural attacks: The format of

the data files changes as the data to be hidden is embedded; identifying this characteristic

structure changes can help us to find the presence of image.

2. RELATED WORK

Neil F. Johnson and sushil jajodia et al., [1] have provided several characteristics in information

hiding methods to identify the existence of a hidden messages and also identify the hidden

information. The images are reviewed manually for hidden messages and steganographic tool to

automate the process. The developed tool is to test robustness of information hiding techniques

in images such as warping, cropping rotating and blurring. Lisa M. Marvel and Charles T. Retter

[2] have presented a method of embedding information within digital images, called Spread

Spectrum Image Steganography (SSIS). SSIS conceals a message of substantial length with in

digital images while maintaining the original image size and dynamic range. A hidden message

can be recovered using the appropriate keys without any knowledge of the original image.

Giuseppe Mastronardi et al., [3] have studied the effects of Steganography in different image

formats (BMP, GIF, JPEG and DWT) and proposed two different approaches for lossless and

lossy image. They are based on the creation of an “adhoc” palette for BMP and GIF images. LUI

Tong and QIU Zheng-ding [4] have proposed a Quantization-based Steganography scheme. In

this method the secret message is hidden in every chrominance component of a color image and

the hiding capacity is higher than that of the popular Steganography software. Since the

Page 22

H S Majunatha Reddy, & K B Raja

International Journal of Computer Science and Security (IJCSS), Volume (3): Issue (6) 464

Quantization-based hiding method is free from the interference and simulation results the hidden

message can be extracted at low BER and our scheme is robust to common attacks.

Jessica Fridrich et al., [5] have proposed a new higher-order Steganalytic method called Pairs

Analysis for detection of secret messages embedded in digital images. Although the approach is

in principle applicable to many different Steganographic methods as well as image formats, it is

ideally suited to 8-bit images, such as GIF images, where message bits are embedded in LSBs of

indices to an ordered palette. The Ezstego algorithm with random message and optimized palette

order is used as an embedding archetype on which we demonstrate Pairs Analysis and compare

its performance with the chi-square attacks. Jessica Fridrich and David Soukal [6] have presented

two approaches to matrix embedding for large payloads suitable for practical steganographic

schemes – one based on family of codes constructed from simplex codes and the second one

based on random linear codes for small dimension .The embedding efficiency of the proposed

methods is evaluated with respect to theoretically achievable bounds. Yuan-Yu Tsai and Chung-

Ming Wang [7] have proposed a novel data hiding scheme for color images using a BSP tree.

This method shows high capacity with little visual distortion. Furthermore, there is an advantage

of the tree data properties to improve the security of embedding process, making it difficult to

extract the secret message without the secret key provided. Jun Zhang et al., [8] have proposed

detection of steganographic algorithms based on replacement of the Least Significant Bit (LSB)

plane. Since LSB embedding is modeled as an additive noise process, detection is especially

poor for images that exhibit high-frequency noise.

M. Mahdavi et al., [9] presented a steganalysis method for the LSB replacement. The method is

based on the changes that occur in histogram of an image after the embedding of data. It is less

complex and more accurate than the RS steganalytic method for the images which are acquired

directly from scanner without any compression. The RS method needs to count the number of

regular and singular groups twice and also require LSB flipping for the whole image. This method

has better average and variance of error comparing to RS steganalytic method. Shilpa p. Hivrale

et al., [10] have presented various statistical measures and PMF based method of detection. It

uses the frequency count of the pixel intensities in the image to test for the detection of stego

image or not. Here LSB embedding technique is used. K. B. Raja et al., [11] have proposed a

novel image adaptive stegnographic technique in the integer wavelet transform domain called as

the Robust Image Adaptive Steganography using Integer Wavelet Transform. According to

information theoretic prescriptions for parallel Gaussian models of images, data should be hidden

in low and mid frequencies ranges of the host image, which have large energies. Jan Kodovsky

and Jessica Fridrich [12] worked out the specific design principles and elements of

steganographic schemes for the JPEG format and their security. The detect ability is evaluated

experimentally using a state of art blind steganalyser. L.Y. Por et al., [13] have proposed a

combination of three different LSB insertion algorithms on GIF image through stegcure system.

The unique feature about the stegcure is being able to integrate three algorithms in one

Steganography system. By implementing public key infrastructure, unauthorized user is forbidden

from intercepting the transmission of the covert data during a communication because the stego-

key is only known by the sender and the receiver. Gaetan Le Guelvoit [14] proposed a work

which deals with public- key Steganography in presence of passive warden. The main aim is to

hide the secret information within cover documents without giving the warden any clue and

without any preliminary secret key sharing. This work explores the use of trellis coded

quantization technique to design more efficient public key scheme.

Mohammad Ali Bani Younes and Aman Jantan [15] have proposed a steganographic approach

for data hiding. This approach uses the least significant bits (LSB) insertion to hide data within

encrypted image data. The binary representation of the data is used to overwrite the LSB of each

byte within the encrypted image randomly. The hidden data will be used to enable the receiver to

reconstruct the same secret transformation table after extracting it and hence the original image

can be reproduced by the inverse of the transformation and encryption processes. Chang-Chu

Chen and Chin-Chen Chang [16] have proposed that data hiding scheme is a modification of the

LSB-based steganography using the rule of reflected gray code. The embedding ability and

distortion level of our novel method are similar to those of the simple LSB substitution scheme.

The difference is that the LSBs of stego-image are not always the same as the secret bits while

Page 23

H S Majunatha Reddy, & K B Raja

International Journal of Computer Science and Security (IJCSS), Volume (3): Issue (6) 465

the simple LSB substitution keeps them equally. Babita Ahuja and, Manpreet Kaur [17] have

presented LSB based steganography algorithm with high data hiding capacity, as four LSB’s

are used to hide data, high confidentiality as distortions which can cause suspiscions for the

intruders, are removed through filtering techniques and two level high security is applied. Debnath

Bhattacharyya et al., [18] a security model is proposed which imposes the concept of secrecy

over privacy for text messages. The proposed model combines cryptography, steganography and

along with an extra layer of security has been imposed in between them. Chin-Chen Chang et

al.,[19] proposed a scheme embeds a larger-sized secret image while maintaining acceptable

image quality of the stego-image and also improved image hiding scheme for grayscale images

based on wet paper coding.

3 MODEL

The definitions, Wavelet Transform and HCSSD model are described in this section.

Definitions:

• Cover Image: It is defined as the original image into which the required secret message is embedded. It is also

termed as innocent image or host image. The secret message should be embedded in such a manner that there are

no significant changes in the statistical properties of the cover image. Good cover images range from gray scale

image to colored image in uncompressed format.

• Payload: It is the secret massage that has to be embedded within the cover image in a given Steganographic model.

The payload can be in the form of text, audio, images, and video.

• Stego image: It is the final image obtained after embedded the payload into a given cover image. It should have

similar statistical properties to that of the cover image.

• Hiding Capacity: The size of information that can be hidden relative to the size of the cover without deteriorating the

quality of the cover image.

• Robustness: The ability of the embedded data to remain intact if the stego image undergoes transformation due to

intelligent stego attacks.

• Security: This refers to eavesdropper’s inability to detect the hidden information.

• Mean Square Error (MSE): It is the measure used to quantify the difference between the initial and the distorted or

noisy image. Let Pi represents the pixel of one image of size N and Qi that of the other.

()()()

) 1 (

,,

1

2

1∑∑

=

i

=

×

−

=

allpixels

i

allpixels

NN

jistegojiCover

MSE

From MSE we can find Peak Signal to Noise Ratio (PSNR) to access the quality of the Stego image with respect to

cover image given by

) 2 (

255

log20

10

ESM

RNSP

=

• Haar Wavelet: It is a piecewise wavelet that provides orthogonal decomposition given as

( )

t

) 3 (

, 0

12 / 1, 1

2 / 1

≤

0 , 1

≤≤−

≤+

=

otherwise

t if

t if

ψ

• Wavelet Transform: It converts an image from time or spatial domain to frequency domain. It provides a time-

frequency representation. The Wavelet Transform is obtained by repeated filtering of the coefficients of the image

row-by-row and column-by-column.

• Approximation Band: It is the band having the lower frequency coefficients of the image in the wavelet domain. It

contains all the significant features of the image.

• Detail Band: It has high frequency components of the image in the wavelet domain and consists of insignificant

features of the image.

• Payload Encryption: Encryption of payload is done not only to protect data frame theft or alteration, but can also

be used for authentication and increase security level. Secret key cryptography is used, wherein the same key is

used for both encryption and decryption.

Page 24

H S Majunatha Reddy, & K B Raja

International Journal of Computer Science and Security (IJCSS), Volume (3): Issue (6) 466

• Inverse Wavelet Transform: It is applied over the stego image to convert it from frequency domain to spatial

domain. Hence it is frequency-time representation.

• Fusion: It is the process of adding the wavelet coefficients of both the Cover Image and Payload.

• Cover-escrow: The scheme in which the original Cover image is required at the extraction model to get the

Payload.

• Normalization: It is the division of all the pixel values of an image in the spatial domain with the maximum pixel

value of the image. For gray scale image the maximum value of any pixel is 255.

• Preprocessing: All the pixels of an image in spatial domain are multiplied by embedding strength factors alpha or

beta.

3.1 Wavelet Transform:

Wavelet transform is used to convert a spatial domain into frequency domain. The use of wavelet

in image stenographic model lies in the fact that the wavelet transform clearly separates the high

frequency and low frequency information on a pixel by pixel basis. Discrete Wavelet Transform

(DWT) is preferred over Discrete Cosine Transforms (DCT) because image in low frequency at

various levels can offer corresponding resolution needed. A one dimensional DWT is a repeated

filter bank algorithm, and the input is convolved with high pass filter and a low pass filter. The

result of latter convolution is smoothed version of the input, while the high frequency part is

captured by the first convolution. The reconstruction involves a convolution with the synthesis

filter and the results of this convolution are added. In two dimensional transform, first apply one

step of the one dimensional transform to all rows and then repeat to all columns. This

decomposition results into four classes or band coefficients.

The Haar Wavelet Transform is the simplest of all wavelet transform. In this the low frequency

wavelet coefficient are generated by averaging the two pixel values and high frequency

coefficients are generated by taking half of the difference of the same two pixels. The four bands

obtained are approximate band (LL), Vertical Band (LH), Horizontal band (HL), and diagonal

detail band (HH). The approximation band consists of low frequency wavelet coefficients, which

contain significant part of the spatial domain image. The other bands also called as detail bands

consists of high frequency coefficients, which contain the edge details of the spatial domain

image.

Research into human perception indicates that the retina of the eye splits an image into several

frequency channels, each spanning a bandwidth of approximately one octave. The single in these

channels is processed independently. Similarly in a multilevel decomposition, the image is

separated into bands of approximately equal bandwidth on a logarithmic scale. It is therefore

expected that use of the DWT will allow independent processing of the resulting components

without significant perceptible interaction between them, and hence makes the process

imperceptibility marking more effective. For this reason the wavelet decompositions is commonly

used for the fusion of images. Fusion technique include the simple method of pixel averaging to

more complicated methods such as principal component analysis and wavelet transform fusion.

Several approaches to image fusion can be distinguished; depending on whether the image is

fused in the spatial domain or any other domains, and their transform fused. Image fusion is a

process that produces a single image from a set of input images. The fused image contains more

complete information, than any individual input. Since this is a sensor-compresses information

problem, it follows that wavelets, classically useful for human visual processing, data

compression and reconstruction are useful for such merging. Other important applications of the

fusion of images include medical imaging, microscopic imaging, remote sensing, computer vision

and robotics.

3.2 High Capacity and Security Steganography using Discrete wavelet transform model (HCSSD)

(i) HCSSD Encoder: Figure 1 shows the block diagram of the embedding algorithm. The main idea behind the

proposed algorithm is wavelet based fusion. It involves merging of the wavelet decomposition of the normalized

version of both the cover image and the payload into a single fused result. Normalization is done so that the pixel

range of the image lies between 0.0 to 1.0 instead of the integer range (0, 255). Hence we convert the integer range (0,

255) of pixels into floating point values between 0.0 and 1.0. This normalized pixel values is fed as input to the floating

Page 25

H S Majunatha Reddy, & K B Raja

International Journal of Computer Science and Security (IJCSS), Volume (3): Issue (6) 467

point filters which results in reconstruction of the transformed image with better accuracy

compared to direct integer values of the pixels as input. Normalization is a process on both the

cover image and the payload in order to guarantee pixel values do not exceed their maximum

value of one due to modifying corresponding coefficients of the cover image and payload during

fusion. Both cover image and payload is convert into DWT domain. Further, apply DWT on the

payload in order to increase the security level. The single fused resultant matrix is obtained, by

the addition of wavelet coefficients of the respective sub-bands of the cover image and payload is

given by the Equation (4).

(

F

)4(),(),(),

yxPyxCyx

βα+=

) 5 (1

=+ βα

Where F is modified DWT coefficients, C is the original DWT coefficients and P is the

approximation band DWT coefficients of the payload. Also alpha and beta are the embedding

strength factors. Since alpha and beta are chosen such that the payload is not predominantly

seen in the Stego

image obtained in the spatial domain and also for full utilization of the bandwidth of both the

Cover Image and the payload. Once fusion is done, we apply Inverse Discrete Wavelet

Transform (IDWT) followed by renormalization to get the Stego image in the spatial domain.

ii) HCSSD Decoder: Figure 2 shows the block diagram for retrieval of payload from the Stego

image. The Stego image is normalized, and then DWT is taken. The extraction process involves

subtracting the DWT coefficients of the original cover image from the DWT coefficients of the

Stego image. It is then followed by decryption of the subtracted coefficients. Then first step of

IDWT on these coefficients is applied followed by second IDWT only with respect to the

approximation band of the first IDWT coefficients of the payload. Finally, denormalization is done

to get back the payload in spatial domain.

4. ALGORITHM

4.1 Problem definition

Given a cover image c of size (n * m) and payload p of size (2n * 2m).

The objectives are:

(i) to embed the Payload into the Cover image in the wavelet domain.

Page 26

H S Majunatha Reddy, & K B Raja

International Journal of Computer Science and Security (IJCSS), Volume (3): Issue (6) 468

(ii) to increase the embedding capacity into the Cover image.

(iii) to ensure reasonable PSNR of the Stego mage.

Assumptions:

Cover and payload images are grayscale uncompressed images, i.e., color images are converted

into grayscale images.

(ii) Haar wavelet Transform is used to convert spatial domain image to wavelet domain.

Table 1 gives the HCSSD Encoder algorithm. The algorithm gives high security as encrypting the

wavelet coefficients of Payload before embedding. The payload being double the size of the

cover, the capacity is high due to the fact that we are embedding only the approximation band of

the payload coefficients. For a cover image of size (n * m), when we apply two level DWT we get

matrix dimension of size (n/2 * m/2), and we take a Payload of size (2n * 2m) and apply twice two

level DWT, it gives matrix dimension of (n/2 *m/2). Since the matrix dimension of cover image

and payload are same we are able to add their respective coefficients. Table II gives HCSSD

Decoder to retrieve the Payload from the Stego image.

5. EXPERIMENTAL RESULTS AND PERFORMANCE ANALYSIS

For performance analysis we considered the Cover Images (CI) such as Lady, Aero plane,

Players, Cow boys and Flower. Payload images (PL) are Flower, Bank text, Astronauts, Dog and

Elephant. The payload is embedded into the cover image to derive the Stego image at the

sending end. The payload is recovered from the Stego image at the destination with minimum

distortion. Fig. 3(a), 4(a), 5(a), 6(a) and 7(a) are the Cover Images (CI). Fig. 3(b), 4(b), 5(b), 6(b)

and 7(b) are the Payload images (PL). Fig. 3(c), 4(c), 5(c), 6(c) and 7(c) are the Stego Images

(SI). Fig. 3(d), 4(d), 5(d), 6(d) and 7(d) are the Retrieved Payload images (RPL). Table III shows

the experimental results of the proposed HCSSD algorithm where the MSE, PSNR and Entropy

between the cover image and Stego image are computed. The PSNR, MSE and Entropy are

dependent on

image formats and sizes of the cover and Stego image. The Entropy values approximately equal

to zero which indicates that the security of the payload is high. Since all the bits in the pixel of the

Fig: 1. HCSSD Encoder

Stego

Image

Cover

Image

Normalizatio

n and

D

W

T

1

Secret

Image

Normalizatio

n

And

D

W

T

2

Encryption

Fusion

IDWT

Denormalizatio

Fig: 2. HCSSD Decoder

Cover

Image

Secr

et

Imag

Extraction

and

Decryptio

D

W

T

Normalizatio

Stego

Image

Denormalizatio

n

Normalizatio

D

W

T

IDWT

Page 27

H S Majunatha Reddy, & K B Raja

International Journal of Computer Science and Security (IJCSS), Volume (3): Issue (6) 469

cover image are used for fusion purpose, the embedding capacity reaches its maximum that is 8

bit for pixel for a gray scale cover image The size of the payload is twice to that of the cover

image. Table IV shows the experimental results of existing Wavelet Based Fusion (WBF)

algorithm, wherein the MSE, PSNR and Entropy between the cover image and Stego image are

computed. From Table III and IV, we observed that the PSNR values of proposed algorithm are within the acceptable

range along with higher capacity and highly secure as the Entropy value is approximately zero.

Table: 1 ALGORITHM OF DATA EMBEDDING

•

Input: Cover Image c and Payload image p.

• Output: Stego image s.

1. Normalize c and p, so that the wavelet coefficient

varies between 0.0 and 1.0.

2. Preprocessing on c and p

3. Transform c and p into 2 levels of decomposition using

Haar Wavelet.

4 4. Apply 2 levels DWT on the approximate band of the

payload obtained.

5. Encrypt the DWT coefficients obtained.

6. Wavelet fusion of DWT coefficients of c and p.

7 7. Inverse transform of all the subbands of the fused image.

8. Denormalize the Fused image.

9. Stego image s is generated.

Table: II ALGORITHM OF DATA EXTRACTION

•

•

1. Normalize Stego Image s.

2. Transform s in to 2 levels of wavelet decomposition.

3. Subtract DWT coefficients of c from DWT coefficients of s to

get DWT coefficients of only p.

4. Decrypt the DWT coefficients of p obtained.

5. Apply IWT of all the sub bands of p.

6. Apply IWT of payload obtained with respect to approximate

band.

7. Denormalize the resultant of step 6.

8. Payload Image is obtained p.

Table: III MSE, PSNR and Entropy of Cover and Stego

Input: Stego Image s.

Output: Payload p.

image of HCSSD

Images

Type Size MSE PSNR Entropy

Lady

Flower

JPEG

JPEG

346×396

240×240

0.17 55.6 0.00019

Aero plane

Bank Text

TIFF

PNG

400×300

810×400

2.76 43.7\ 0.0000

Player

Astronauts

JPEG

PNG

400×300

200×200

0.9 48.1 0.0004

Cow Boys

Dog

JPEG

TIFF

186×100

436×600

0.17 55.58 0.0000

Flower JPEG 200×150 0.98 48.20 0.0000

Page 28

H S Majunatha Reddy, & K B Raja

International Journal of Computer Science and Security (IJCSS), Volume (3): Issue (6) 470

Elephant JPEG 335×219

Table: IV MSE, PSNR and Entropy of Cover and Stego image WBF

Images Type Size MSE PSNR Entropy

Lady

Flower

JPEG

JPEG

346×396

240×240

2.10 44.9 0.004

Aero plane

BankText

TIFF

PNG

400×300

810×400

0.41 51.9 0.0010

Player

Astronauts

JPEG

PNG

400×300

200×200

0.49 51.1 0.0060

(a) Cover image (b) Payload Image (c) Stego Image (d) Retrieved Payload image

Fig. (3). Lady and Flower images

(a) Cover Image (b) Payload image (c) Stego Image (d) Retrieved Payload

Fig.4. Aero plane and Bank Text Images

(a) Cover image (b) Payload Image (c) Stego Image (d) Retrieved payload

Fig.5. Player and Astronauts Images

(a) Cover image (b) Payload Image (c) Stego Image (d) Retrieved Payload image

Page 29

H S Majunatha Reddy, & K B Raja

International Journal of Computer Science and Security (IJCSS), Volume (3): Issue (6) 471

Fig.6 Cow Boys and Dog Images

(a) Cover image (b) Payload Image (c) Stego Image (d) Retrieved Payload image

Fig.7 Flower and Elephant Images

6. CONCLUSIONS

The Steganography is used for secrete communication. In this paper High Capacity and Security

Steganography using Discrete wavelet transform algorithm is proposed. The cover and payload

are normalized and the wavelet coefficient is obtained by applying discrete wavelet transform.

The approximation band coefficient of payload and wavelet coefficient of cover image are fused

based on strength parameters alpha and beta. The capacity of the proposed algorithm is

increased as the only approximation band of payload is considered. The Entropy, MSE and

Capacity are improved with acceptable PSNR compared to the existing algorithm. In future the

algorithm can be tested with curvelet transform and other transform techniques.

Contributions: In this paper the two level wavelet transform is applied as cover and payload. The

payload wavelet coefficients are encrypted and fused with wavelet coefficients of cover image to

generate stego coefficients based on the embedding strength parameters alpha and beta.

Acknowledgements : The first author thank full to the management and Principal

Dr..Narendra Viswanath to support the entire research work.

7. REFERENCES

[1] Neil F. Johnson and Sushil Jajodia, “Steganalysis: The Investigation of Hidden Information,” IEEE

conference on Information Technology, pp. 113-116, 1998.

[2] Lisa M.Marvel and Charles T. Retter, “A Methodlogy for Data Hiding using Images,” IEEE

conference on Military communication, vol. 3, Issue. 18-21, pp. 1044-1047, 1998.

[3] Giuseppe Mastronardi, Marcello Castellano, Francescomaria Marino, “Steganography Effects in

Various Formats of Images. A Preliminary Study,” International Workshop on Intelligent data

Acquisition and Advanced Computing Systems: Technology and Applications, pp. 116-119, 2001.

[4] LIU Tong, QIU Zheng-ding “A DWT-based color Images Steganography Scheme” IEEE International

Conference on Signal Processing, vol. 2, pp.1568-1571, 2002.

[5] Jessica Fridrich, Miroslav Goijan and David Soukal, “Higher-order statistical steganalysis of palette

images” Proceeding of SPIE, Electronic Imaging, Security, Steganography, and Watermarking of

Multimedia ContentsV, vol. 5020, pp. 178-190, 2003.

[6] Jessica Fridrich and David Soukal, “Matrix Embedding for Large Payloads” SPIE, Electronic Imaging,

Security, Steganography, and Watermarking of Multimedia Contents , vol. 6072, pp. 727-738. 2006.

[7] Yuan-Yu Tsai, Chung-Ming Wang “A novel data hiding scheme for color images using a BSP tree”

Journal of systems and software, vol.80, pp. 429-437, 2007.

[8] Jun Zhang, Ingemar J. Cox and Gwenael Doerr.G “Steganalysis for LSB Matching in Images With

High-frequency Noise” IEEE Workshop on Multimedia Signal Processing, issue 1-3, pp.385- 388,

2007.

[9] M. Mahdavi, Sh. Samavi, N. Zaker and M. Modarres-Hashemi, “Steganalysis Method for LSB

Replacement Based on Local Gradient of Image Histogram,” Journal of Electrical and Electronic

Engineering, vol. 4, no. 3, pp. 59-70, 2008.

Page 30

H S Majunatha Reddy, & K B Raja

International Journal of Computer Science and Security (IJCSS), Volume (3): Issue (6) 472

[10]Shilpa P. Hivrale, S. D. Sawarkar, Vijay Bhosale, and Seema Koregaonkar “Statistical Method for

Hiding Detection in LSB of Digital Images: An Overview World Academy of Science, Engineering

and Technology, vol. 32, pp. 658-661, 2008.

[11]K. B. Raja, S. Sindhu, T. D. Mahalakshmi, S. Akshatha, B. K. Nithin, M. Sarvajith, K. R. Venugopal,

L. M. Patnaik, “Robust Image Adaptive Steganography using Integer Wavelets” International

conference on Communication Systems Software, pp. 614-621, 2008.

[12]Jan Kodovsky, Jessica Fridrich “Influence of Embedding Strategies on Security of Steganographic

Methods in the JPEG Domain” Proceedings of SPIE, the International Society for Optical

Engineering, vol. 6819, pp. 681902.1-681902.13, 2008.

[13] L. Y. Por, W. K. Lai, Z. Alireza, T. F. Ang, M. T. Su, B. Delina, “StegCure: A Comprehensive

Steganographic Tool using Enhanced LSB Scheme,” Journal of WSEAS Transctions on Computers,

vol. 8, pp. 1309-1318, 2008.

[14]Gaetan Le Guelvouit, “Trellis-Coded Quantization for Public-Key Steganography,” IEEE International

conference on Acostics, Speech and Signal Processing, pp.108-116, 2008.

[15]Mohammed Ali Bani Younes and Aman Jantan, “A New Steganography Approach for Images

Encryption Exchange by Using the Least Significant Bit Insertion,” International Journal of Computer

Science and Network Security, vol. 8, no. 6, pp.247-257, 2008.

[16]Chang-Chu Chen, and Chin-Chen Chang, “LSB-Based Steganography Using Reflected Grey Code,”

The Institute of Electronics, Information and communication Engineers Transaction on Information

and System,”, vol. E91-D (4), pp. 1110-1116, 2008.

[17]Babita Ahuja and, Manpreet Kaur, “High Capacity Filter Based Steganography,” International Journal

of Recent Trends in Engineering, vol. 1, no. 1, pp.672-674, May 2009.

[18]Debnath Bhattacharyya, Poulami Das, Samir kumar Bandyopadhyay and Tai-hoon Kim, “Text

Steganography: A Novel Approach,” International Journal of Advanced Science and Technology,

vol.3, pp.79-85, February2009.

[19]Chin- Chen Chang, Yung- Chen Chou and Chia- Chen Lin, “A steganography scheme based on wet

paper codes suitable for uniformly distributed wet pixels,” IEEE International Symposium on circuits

and Systems, pp. 501-504, 2009.

Page 31

Tarek M Mahmoud, Bahgat A. Abdel-latef, Awny A. Ahmed & Ahmed M Mahfouz

International Journal of Computer Science and Security (IJCSS), Volume (3): Issue (6)

473

Hybrid Compression Encryption Technique for Securing SMS

Tarek M. Mahmoud

Faculty of science/ Department

of Computer Science

Minia University

El Minia, Egypt

Bahgat A. Abdel-latef Dr_bahgat2005@yahoo.com

Faculty of science/ Department

of Computer Science

Minia University

El Minia, Egypt

Awny A. Ahmed

Faculty of science/ Department

of Computer Science

Minia University

El Minia, Egypt

Ahmed M. Mahfouz AhmedMahfouz@minia.edu.eg

Faculty of science/ Department

of Computer Science

Minia University

El Minia, Egypt

Tarek@minia.edu.eg

awny_ahmed70@yahoo.com

Abstract

Mobile communication devices have become popular tools for gathering and

disseminating information and data. When sensitive information is exchanged

using SMS, it is crucial to protect the content from eavesdroppers as well as

ensuring that the message is sent by a legitimate sender. Using an encryption

technique to secure SMS data increases its length and accordingly the cost of

sending it. This paper provides a hybrid compression encryption technique to

secure the SMS data. The proposed technique compresses the SMS to reduce

its length, then encrypts it using RSA algorithm. A signature is added to the

encrypted SMS for signing it to differentiate it from other SMS messages in

SMSINBOX. The experimental results which are based on Symbian OS show

that the proposed technique guarantees SMS data security without increasing its

size.

Keywords: Mobile Communication Devices, Short Message Service, compression, encryption, Symbian

Operating System

Page 32

Tarek M Mahmoud, Bahgat A. Abdel-latef, Awny A. Ahmed & Ahmed M Mahfouz

International Journal of Computer Science and Security (IJCSS), Volume (3): Issue (6)

474

1. INTRODUCTION

Mobile communication devices have become commonplace during the past few years, integrating

multiple wireless networking technologies to support additional functionality and services. One of

the most important developments that have emerged from communications technology is SMS. It

was designed as part of Global System for Mobile communications (GSM), but is now available

on a wide range of network standards such as the Code Division Multiple Access (CDMA) [1].

Although SMS was originally meant to notify users of their voicemail messages, it has now

become a popular means of communication by individuals and businesses. Banks worldwide are

using SMS to conduct some of their banking services. For example, clients are able to query their

bank balances via SMS or conduct mobile payments. Also, people sometimes exchange

confidential information such as passwords or sensitive data amongst each other [2].

SMS technology suffers from some risks such as vulnerabilities, eavesdroppers and unauthorized

access [3]. So, we need to find a solution to ensure that these SMS messages are secure and

their contents remain private, without increasing their lengths.

This paper provides a solution to this SMS security problem. Our approach is to secure the SMS

message using Hybrid Compression Encryption (HCE) system. The proposed technique

compresses the SMS to reduce its length, then encrypts it using RSA algorithm. A signature is

added to the encrypted SMS for signing it to differentiate it from other SMS messages in

SMSINBOX.

This paper is structured as follows: Section 2 gives an overview of Short Message Service (SMS).

Section 3 provides some details of SMS security. The Proposed Technique used for Securing

SMS is introduced in section 4. Section 5 shows our experimental results. Finally, conclusion and

future work are presented in section 6.

2. Short Message Service (SMS)

SMS is a communication service standardized in the GSM mobile communication systems; it can

be sent and received simultaneously with GSM voice, data and fax calls. This is possible because

whereas voice, data and fax calls take over a dedicated radio channel for the duration of the call,

short messages travel over and above the radio channel using the signaling path [4]. Using

communications protocols such as Short Message Peer-to-Peer (SMPP) [5] allow the interchange

of short text messages between mobile telephone devices as shown in Figure 1 that describe

traveling of SMS between parties.

FIGURE 1: The basic of SMS system.

SMS contains some meta-data [6]:

• Information about the senders ( Service center number, sender number)

• Protocol information (Protocol identifier, Data coding scheme)

• Timestamp

Page 33

Tarek M Mahmoud, Bahgat A. Abdel-latef, Awny A. Ahmed & Ahmed M Mahfouz

International Journal of Computer Science and Security (IJCSS), Volume (3): Issue (6)

475

SMS messages do not require the mobile phone to be active and within range, as they will be

held for a number of days until the phone is active and within range. SMS are transmitted within

the same cell or to anyone with roaming capability. The SMS is a store and forward service, and

is not sent directly but delivered via an SMS Center (SMSC). SMSC is a network element in the

mobile telephone network, in which SMS is stored until the destination device becomes available.

Each mobile telephone network that supports SMS has one or more messaging centers to handle

and manage the short messages [4].

SMS message packets are simple in design. The structure of SMS packet is shown in Figure 2

[2].

FIGURE 2: SMS Message structure

An SMS comprises of the following elements, of which only the user data is displayed on the

recipient’s mobile device:

• Header - identifies the type of message:

• Instruction to Air interface

• Instruction to SMSC

• Instruction to Phone

• Instruction to SIM card

• User Data - the message body (payload).

As shown in Table 1, each SMS is up to 140 bytes, which represents the maximum size of SMS,

and each short message is up to 160 characters in length when Latin alphabets are used, where

each character is 7 bits according to the 7-bit default alphabet in Protocol Data Unit (PDU) format,

and 70 characters in length when non-Latin alphabets such as Arabic and Chinese are used,

where 16-bit messages are used [7] [8].

Text length per message

segment

Coding scheme

160 characters

GSM alphabet, 7 bits

140 octets

8-bit data

Page 34

Tarek M Mahmoud, Bahgat A. Abdel-latef, Awny A. Ahmed & Ahmed M Mahfouz

International Journal of Computer Science and Security (IJCSS), Volume (3): Issue (6)

476

70 complex characters

USC2, 16 bits

TABLE 1: Relation between coding scheme and text length.

3. SMS security

SMS travels as plain text and privacy of the SMS contents cannot be guaranteed, not only over

the air, but also when such messages are stored on the handset. The contents of SMS messages

are visible to the network operator's systems and personnel. The demand for active SMS based

services can only be satisfied when a solution that addresses end-to-end security issues of SMS

technology is available, where primary security parameters of authentication, confidentiality,

integrity and non-repudiation are satisfied [9,13].

Authentication is concerned with only specific users with specific combination of device,

application, memory card, and SIM card that are allowed to access corporate data. This way the

users or unauthorized persons cannot change any part of the combination to obtain access to

sensitive data. Confidentiality is about ensuring that only the sender and intended recipient of a

message can read its content. Integrity is concerned with ensuring that the content of the

messages and transactions not being altered, whether accidentally or maliciously. Non-

repudiation is about providing mechanisms to guarantee that a party involved in a transaction

cannot falsely claim later that he/ she did not participate in that transaction[14].

An end-to-end key based encryption technology for SMS plugs the gaps in transit security of

SMS. Authentication added for resident SMS security access together with encryption, addresses

the confidentiality issue of SMS technology. Added features of message integrity and digital

signing of SMS address integrity and Non Repudiation for SMS technology[15].

4. The Proposed Technique for Securing SMS

In this section, we describe the proposed technique used to secure SMS without increasing its

length. The two main steps of this technique are the compression and encryption processes.

SMS Compression is the process of encoding SMS information using fewer bits than an

unencoded representation. The purpose of this step in the proposed technique is reducing the

consumption of expensive resources and reducing SMS length. SMS encryption is the art of

achieving security by encoding messages to make them non-readable.

The steps of the proposed technique can be described as follows:

Step 1: Get SMS.

Step 2: Determine the SMS recipient.

Step 3: Compress the SMS.

Step 4: Check the compressed SMS length.

4.1 If it is greater than 145 characters then divide it into more than one according to its

length such that each message is 145 characters to satisfy the message length limit imposed by

the proposed technique.

Step 5: Encrypt the compressed SMS using RSA algorithm.

Step 6: Add signature to the SMS.

Step 7: Send the SMS.

In Step 4, restricting the SMS length in the proposed technique to 145 characters is necessary for

the encryption process. We have conducted many experiments to determine the length of SMS

cipher (encrypted) text. Table 2 illustrates the experimental results for the relation between the

RSA Modulus bits, maximum number of SMS plain text and length of output encrypted

characters. According to these results, we selected the RSA Modulus size to be 1248 bits as

optimal value for the proposed technique, so the output cipher text will be 156 characters and the

Page 35

Tarek M Mahmoud, Bahgat A. Abdel-latef, Awny A. Ahmed & Ahmed M Mahfouz

International Journal of Computer Science and Security (IJCSS), Volume (3): Issue (6)

477

maximum input characters will be 145. As mentioned in section 2, the standard SMS length is

160 characters.

Number of Input Characters

Range

Length of Output

Encrypted Character

RSA Modulus Size (bits)

32

1 – 21

256

64

1 – 53

512

128

1 – 117

1024

156

1 – 145

1248

256

1 – 245

2048

TABLE 2: The relation between RSA Modulus bits, maximum number of Input characters and length of

output encrypted characters

In step 5, encrypting the SMS is based on RSA algorithm [10] [11].

The steps of this algorithm can be described as follows:

Step 1: choose two large primary numbers P and Q

Step 2: calculate N=P*Q

Step 3: select the public key (i.e. the encryption key) E, such that it is not a factor of (P-1) and (Q-

1)

Step 4: Select the private key (i.e. the decryption key) D, such that the following equation is true

(D*E) mod (P-1) * (Q-1) =1

Step 5: For encryption, calculate the cipher text CT from the plain text PT as follows CT=PT^E

mod N

Step 6: Send CT as the cipher text to the receiver

Step 7: For decryption, calculate the plain text PT from the cipher text CT as follows PT=CT^D

mod N

Figure 3 illustrates the SMS format after applying the proposed technique. It contains 4

characters as a signature and 156 characters as encrypted SMS data.

FIGURE 3: SMS Format after applying the proposed technique.

5. Experimental Results

This section presents the results of evaluating the efficiency of the proposed technique that is

based on Symbian OS [12]. We consider the SMS length as a criterion to evaluate the

performance of the proposed technique. The main purpose of the proposed technique is to

secure SMS. We achieved this by compressing the SMS data to reduce its length then encrypting

it to guarantee its security.

4

Signature

156

Cipher text

Page 36

Tarek M Mahmoud, Bahgat A. Abdel-latef, Awny A. Ahmed & Ahmed M Mahfouz

International Journal of Computer Science and Security (IJCSS), Volume (3): Issue (6)

478

Table 3 shows a comparison between SMS length before and after the compression step. The

1st column contains some SMS samples, the 2nd column represents the total number of SMS

characters before the compression process, and the 3rd column contains the total number of

SMS characters after compression.

Total number of SMS

characters after

compression

Total number of

SMS characters

before

compression

SMS Sample

125

160

#There are "men"

like mountains "high"

friend "honor"

comradely "warranty"

communicate with them "right

and duty

of the length of time"

forgotten "impossible".

Source,

Name : ahmed Mahfouz

Password : 02034112

Card Number : 2400139

Account Number : 0111149

Operation : withdrawal

Value : 1000$

Destination,

Name : MobiTech

Account Number : 0111133

Dear Sir

this data are important for you so take your precautions--

--------------------------------------------name : ahmed

Muhammad

balance : 100000

your password : 02710101

----------------------------------------------

142

185

119

225

TABLE 3: Comparison between SMS length before and after Compression

Table 4 illustrates the results obtained after applying the proposed technique. The 1st column

contains SMS samples, the 2nd column represents the total number of SMS characters before

the encryption process, the 3rd column contains SMS length after the compression process, the

4th column contains the percentage of compression phase, and the 5th column contains

message length using the proposed technique.

Message

length using

the

proposed

technique

Percentage

of

compression

phase

Length of

compressed

Message

Length

of

original

Message

Message

156

22% 125

160

#There are "men"

like mountains "high"

friend "honor"

comradely "warranty"

communicate with them "right

and duty

of the length of time"

Page 37

Tarek M Mahmoud, Bahgat A. Abdel-latef, Awny A. Ahmed & Ahmed M Mahfouz

International Journal of Computer Science and Security (IJCSS), Volume (3): Issue (6)

479

forgotten "impossible".

156

23% 142

185

Source,

Name : ahmed Muhamed

Password : 02034112

Card Number : 2400139

Account Number : 0111149

Operation : withdrawal

Value : 1000$

Destination,

Name : MobiTech

Account Number : 0111133

Dear Sir

this data are important for you so take

your precautions

----------------------------------------------

name : ahmed Muhammad

balance : 100000

your password : 02710101

----------------------------------------------

Your account 'Save 1' was credited with

$999.98 on

Wed 22 Nov 2006

Ref.2390809CR

Call 800800 for assistance, if required.

Thank you for SMS Banking with ABC

Bank.

Salary has been credited to your A/C

BAL A/C NO.

Balance in A/C xxxxx3329 as of 06 Aug

2009 is INR /908.8/.

Thank you for SMS Banking with ABC

Bank.

xyzBank, user test

Account Number:9820209954

Available balance in A/C xx310

On 04-Nov 2008 05:30

Is Rs. 50000

Thank you for SMS Banking with ABC

Bank

Peace be upon you Dear,Muhammed

Key 1 :

A2HBN - 3SJKL - 7HBN6 - OIKML -

YPL9N - OPF8V - TRDCV - 7HJ4D

Key 2 :

K8DFF - BN4KI - KSLOM - QPOCD -

AOPED -\x01\x33IOMN - 8GVFD

Peace be upon you

Name : Ahmed Muhamed

Account Number : 056789034

Operation type : withdrawal

Balance : 60000

Value : 10000

Outstanding Account : 40000

156

47% 119

225

156 12% 145 165

156 10% 135 150

156 11% 141 158

156 13% 144 166

Split into two

messages

32% 163 241

Page 38

Tarek M Mahmoud, Bahgat A. Abdel-latef, Awny A. Ahmed & Ahmed M Mahfouz

International Journal of Computer Science and Security (IJCSS), Volume (3): Issue (6)

480

on 15-Aug 2009 06:45

----------------------------------------------

SMS services center.

TABLE 4: Comparison between SMS lengths using compression and the proposed technique

It is clear from Table 4 that using the proposed technique for securing SMS messages caused a

considerable reduction in their lengths equal 21% approximately on average. Also, the length of

compressed message depends on its contents. It should be noted that the last message in this

table has been split into two messages because its length is greater than 145 characters.

6. Conclusion and future work

In this paper a new hybrid technique for securing SMS is introduced. The proposed technique

combines the compression and encryption processes. The proposed technique compresses the

SMS data using a lossless algorithm. After this step the compressed SMS data is encrypted using

RSA algorithm. The advantage of this technique is achieving the protection criteria such as

confidentiality and authenticity between two communication parties and at the same time

decreasing the message lengths. The experimental results show that SMS length does not

exceed the standard SMS length using the proposed technique compared with the technique that

uses only the RSA encryption process to secure SMS. Future work is required to apply the

proposed technique to other mobile operating systems and services.

REFERENCES

1. SMS document, Nokia, (2009, June). Available:http://wiki.forum.nokia.com/index.php/SMS

2. J. Li-Chang Lo, J. Bishop and J. Eloff. "SMSSec: an end-to-end protocol for secure SMS",

Computers & Security, 27(5-6):154-167, 2007.

3. P. Traynor, W. Enck, P. McDaniel and T. La Porta. "Mitigating Attacks on Open Functionality

in SMS-Capable Cellular Networks", IEEE/ACM Transactions on In Networking, 17(1):40-53,

2009

4. GSM document, Short Message

http://www.gsmfavorites.com/documents/sms/

5. SMS peer-to-peer protocol, Wikipedia,

http://en.wikipedia.org/wiki/Short_message_peer-to-peer_protocol

6. PDU-encode-decode, thought works,

http://twit88.com/home/utility/sms-pdu-encode-decode

7. N. Croft and M. Olivier, "Using an approximated One Time Pad to Secure Short Messaging

Service (SMS)", In Proceedings of the Southern African Telecommunication Networks and

Applications Conference. South Africa, 2005

8. G. Le Bodic, "Mobile Messaging Technologies and Services SMS, EMS and MMS", 2nd ed.,

John Wiley & Sons Ltd, (2005).

9. SMS vulnerabilities and XMS technology, Network Security Solutions, (2009, July). Available:

http://www.mynetsec.com/files/xms_mobile/SMS_Vulnerabilities_XMS_Technology_White_P

aper.pdf

10. Atul Kahate, "Cryptography and network security", 3rd ed., Tata McGrawHill, (2003).

11. David Pointcheval, RSA Laboratories' CryptoBytes, "How to Encrypt Properly with RSA",

Volume 5, No.1, Winter/Spring 2002, pp. 9-19.

12. Symbian developer library, Symbian Software Ltd, (2006, January). Available:

https://developer.symbian.com/main/documentation/sdl/;jsessionid=D059D9E1944BD96B3F

AA3A61E42E7FD7.worker1

13. Anita & Nupur Prakash, “Performance Analysis of Mobile Security Protocols: Encryption and

Authentication”, International Journal of Security, Volume (1) : Issue (1), June 2007.

14. Bhadri Raju MSVS, Vishnu Vardhan B, Naidu G A, Pratap Reddy L & Vinaya Babu A, "A

Noval Security Model for Indic Scripts - A Case Study on Telugu", International Journal of

Computer Science and Security, (IJCSS) Volume (3) : Issue (4), August 2009.

Service, (2009, July). Available:

(2009, May). Available:

(2009, July). Available:

Page 39

Tarek M Mahmoud, Bahgat A. Abdel-latef, Awny A. Ahmed & Ahmed M Mahfouz

International Journal of Computer Science and Security (IJCSS), Volume (3): Issue (6)

481

15. Jayaprakash Kar & Banshidhar Majhi, "An Efficient Password Security of Multi-Party Key

Exchange Protocol based on ECDLP", November 2009.

Page 40

O.Hamdi, A.Bouallegue & S.Harari

International Journal of Computer Science and Security (IJCSS), Volume (3): Issue (6) 482

Manuscript Preparation Guidelines for International Journal of

Computer Science and Security

Omessaad Hamdi

LABRI Laboratory,

Bordeaux 1, France.

Ammar Bouallegue

SYSCOM Laboratory,

Ecole Nationale d’ingénieurs

De Tunis, Tunisia

Sami Harari

USTV,

Toulon France

ohamdi@labri.fr

ammar.bouallegue@enit.rnu.tn

harari@univ-tln.fr

Abstract

We discuss the chained randomized linear code and their use in cryptography.

We show that the adoption of randomized chained codes in the framework of

McEliece cryptosystem expose the cryptosystem to some new attacks.

Key Words: Cryptography, Chained Codes, Attack, Complexity

1. INTRODUCTION

In this paper, a new variant of cryptographic schemes based on error coding is studied. Random

based techniques allow to design large families of chained codes. Therefore, in principle, such

codes can substitute Goppa codes, originally used by McEliece [2].The McEliece cryptosystem is

a public key cryptosystem based on coding theory that has successfully resisted cryptanalysis [1]

for thirty years. The original version, based on Goppa codes, is able to guarantee a high level of

security, and is faster than computing solutions, like RSA.

Despite this, it has not been considered in practical applications, due to the major drawbacks like

the large size of the public key, the low transmission rate. Moreover, there is no efficient signature

scheme based on error coding.

Several attempts have been made for overcoming such drawbacks, but the adoption of most

families of codes has not been possible without compromising the system security [2], [8], [9].

Chained codes are a particular class, able to join low complexity decoding techniques. One idea

consists in adopting this family of codes in some signature schemes.

Recently, however, new attacks have been found that are able to exploit the flaw in the

transmission from the private key to the public one [10]. Such attack seems to be effectively

countered by changing some constituent matrices like introducing some random vectors.

This works gives an overview of the chained code and weakness related to their structure. A

recent randomized version can be considered and its ability to counter the currently known

attacks is discussed.

Page 41

O.Hamdi, A.Bouallegue & S.Harari

International Journal of Computer Science and Security (IJCSS), Volume (3): Issue (6) 483

To counter this weakness, we concatenate random rows to the generator matrix. This new

structure avoids minimum codewords. However, it does not modify the dual code. Consequently,

other attacks can be generated.

The details of chained code design are given in section 2.In sections 3 and 4, a digital signature

scheme using chained code and its security are discussed. In section 5, we introduce a digital

signature using randomized chained code and before concluding we study its security.

2. CHAINED CODE

A chained code C is defined as a direct sum of γ elementary codes

∑

=

1

i

γ

CC

i

⊕=

=

1

To encode an information

(

mm =

),(

iii

knC

. This code is of

length

=

γ

inN

and of dimension

∑

=

i

=

γ

1

ikK

.

(){}

γγγ

CuCuuu

i

∈∈=

,...,;,...,

111

),...,

1

γ

m

, where

i

m is

(

u

1

ik bits, we simply multiply it by the

)

,...,

with

generator matrix to obtain the codeword

γ uG

.

mu

==

iu is the

in bits codeword

obtained from

i

m using the elementary code

i C . So, G is a diagonal matrix in blocs and whose

G of the code diagonal is formed by elementary generator matrices

ii C .

We assume that we have an efficient decoding algorithm for each elementary code

()

uu

,...,

1

=

, we apply for each codeword

( )

i

C

dec

. The decoded word is

m

=

x

{}{

0,,..,1)sup(

≠∈=

nix

i C . To

decode

γ u

iu its correspondent decoding

( )

iCi

udecm

i

=

.

)sup(x , as the set of its non

{

yS

=

algorithm

()

γ

mm

(

x

,...,

1

with

We define the support of a non zero word

)

n x

,...,

1

=

}

, denoted

zero positions.

ix

and the support of a set

}

γy

,...,

1

as the

union of the supports of its words

)sup()sup(

i

Sy

yS

iU

∈

=

. So the support of a code

),(

KNC

is

the union of its

Two words x and y are said to be connected if their supports are not disjoints i.e

Θ=∩

)sup()sup(

yx

and two sets I and J are said to be disjoints if there is no connection

subset between them.

A non zero codeword x of C is said to be minimal support if there is no codeword

)sup()sup(

xy ⊂

.

),(

KNC

and

),( '

KNC

are said to be equivalents if there is a permutation σ of

{}

N

,..,1

such as:

{}

)(

)('

N

ccCC

σσ

σ

==

. In other words, C and '

k

2 codeword supports.

Cy∈

such

that

Two codes

) 1 (,..,

C are equivalents if there

is a permutation matrix such as for any generator matrix G ofC , the matrix

generator matrix of '

C .

PGG

.'=

is a

Page 42

O.Hamdi, A.Bouallegue & S.Harari

International Journal of Computer Science and Security (IJCSS), Volume (3): Issue (6) 484

3. Chained codes and Cryptography

As we mentioned in the introduction, the drawback of the unique digital signature scheme based

on error coding is the high signature complexity which is due to Goppa decoding algorithm. One

idea to counter this drawback consists in replacing Goppa code by chained code which have

faster decoding algorithm.

Generally, the secret key of a cryptographic scheme based on error coding is the code itself, for

which an efficient decoding algorithm is known, and the public key is a transformation of the

generator or parity check matrices. We consider a digital signature scheme based on chained

code, and then we develop an algorithm to discover the private key from public key. This attack is

applicable for each cryptographic scheme since it is a structural attack.

Secret key:

−

S is a random

)(

KK ×

non singular matrix called the scrambling matrix.

Gis a

)(

NK ×

generator matrix of a chained code

P is a random

)(

NN ×

permutation matrix

Public key:

−

PGSG

..'=

is a randomly scrambled et permuted generator matrix. It is a

generator matrix of an equivalent non structured code to the chained code ∑

−

−

i

ic is

the completed correction capacities calculated as [3].

−

( )

h

is a hash function.

Signature:

The signer, first, calculates

1

).(

−

=

PMhy

, where

)(Mh

is the N bit message,

1

−

P

is the

inverse of P . Then he uses the completed decoding algorithm [3] for the original chained code

C to obtain

σ . Sx =

. Finally, the receiver obtains the signature by computing

1

−

S

is the inverse ofS .

Verification:

The verifier calculates

'.'

G

σρ =

and

)(Mh

=

ρ

∑

<

i

To avoid exhaustive attack, we use at least five different elementary codes and to avoid attack by

information set, we use a chained code with length at least equal to 1500 bits.

After developing a digital signature scheme, we discovered a weakness in this scheme. This

weakness is due to the fact that chained codes have an invariant. Code equivalence means that

one generator matrix is a permutation of the other, because matrix S does not change the code

but only performs a modification on the basis of the linear subspace. Canteaut showed that the

matrix S may be important to hide the systematic structure of the Goppa codes, therefore having

an important security role [6]. However, Heiman was the first to study this point and states that

the random matrix S used in the original McEliece scheme serves no security purpose

concerning the protection [7]. We confirm this argument and we show that the random matrix S

has no security role for cryptographic schemes based on linear codes. We state also that disjoint

elementary code supports is an invariant by permutation.

xS .

1

−

=

σ

where

The signature is valid if

icd

) ',(

ρρ

Page 43

O.Hamdi, A.Bouallegue & S.Harari

International Journal of Computer Science and Security (IJCSS), Volume (3): Issue (6) 485

The attack explores the characteristics of the code transformation in order to identify its building

blocks. Its input is a generating matrix

'

G of a randomly permuted chained code of length N and

dimensionK . Its output is a structured chained code. The algorithm’s steps are:

- Apply a Gauss elimination to the rows of the matrix

()

ZIG

.

Sendrier shows that rows of any systematic generator matrix of a code C are minimal support

codewords of C and that any minimal support codeword of C is a row of a systematic generator

matrix of C [4]. So, the systematic chained code support is formed by disjoint sets. Each set

represents the support of an elementary code. The transformation of any randomly permuted

chained code generator matrix into a systematic matrix by linear algebraic algorithms will allow us

to find these supports and thus elementary codes.

- Search the disjoint sets of rows of the systematic matrix

'

G to obtain the systematic form

d,

0=

0

G . Each set forms the elementary

code support. Use elementary decoding algorithms to decode every message. As application of

these codes, regular LDPC codes which represent chained repetition codes. Next sections

represent the proprieties of these codes.

45

2

even with so long codes (see FIGURE 1).

The complexity of this attack is less than

4. Randomized chained linear codes

To counter the attack introduced in previous section, one idea consists in concatenating random

vectors to the generator matrix. In this section, first, we define randomized chained codes then

we introduce a cryptographic scheme based on these codes.

4.1 Random vectors

The randomized chained linear code concatenates random vectors of length N to the chained

code. Using Information Theory, a N bit random binary vector is of weight closely to

the distance between two random vectors is of order

precise when N is large.

4.2 Construction of randomized chained codes

Lets consider a chained linear code generator matrix

2/

N

and

4/

N

. These approximations are more

CL

G

as described in section 2. Each

elementary linear code is of length

∑

=

1

i

Lets consider a matrix

The generator matrix G of the system using randomized linear chained code has the following

),(

r

GG =

.

in and of size

ik . Chained linear code is of length

=

γ

inN

and of dimension

∑

=

i

=

γ

1

ikK

.

r

G formed by K random rows of length N .

form:

CLG

The weight of a row of the systematic generator matrix is about

ipN

+

2/

where

ip is the

weight of ith row of the chained code generator matrix

CL

G

.

4.2.1 Encoding

m is a word of length K to be encoded. The codeword is obtained by multiplying m by the

generator matrix G of the randomized chained linear code.

mc

=

G

.

Page 44

O.Hamdi, A.Bouallegue & S.Harari

International Journal of Computer Science and Security (IJCSS), Volume (3): Issue (6) 486

4.2.2

r is the word to be decoded.

Decoding

21

.,.

eGmeGmecr

r CL

++=+=

Note by

( )

CL

dec

the chained linear decoding algorithm. Thus,

).(

1eGmdecm

CL CL

+=

. The

codeword closest to r is

G

.

mc

=

.

5. DIGITAL SIGNATURE USING RANDOMIZED CHAINED LINEAR CODES

5.1 Key generation

− Generate a sequence γ linear codes. Each code is of length

in and of dimension

ik .

− Build the chained linear code generator matrix

∑∑

==

11

ii

Generate K random vectors

CL

G

. This matrix is of size

=×=

γγ

ii

kKnN

−

iv of length N . These vectors will be stored in a

matrix

r

G of size

NK ×

.

The obtained code is of length N

(

G =

2

and size K . It has the following generator

matrix's form

),

rCLGG

To hide the code structure, we also generate

− A random invertible matrix S of size (

A permutation matrix P of size (

)(

N

)(

. 2

)()

KNN

)

N

−×−

. 2

) (

×

.

−

()

N

. 2. 2

− Determine the check parity matrix H as follows

Thus, the private key is formed by

− The generator matrix G of size

The random matrix S of size (

The permutation matrix P of size (

()

0..

=

t

PGH

NK

. 2

. 2

)

. 2

×

N

(

−

()(

. 2

N

)()

KN

))

N

) (

N

−×

. 2

−

.

−

×

.

The public key is formed by the hidden and permuted parity check Matrix

() ()

NKN

. 2. 2

×−

5.2 Signature algorithm

Let m be a message to be signed. The signer has the private key formed by G , S and P and

the hash function ( )

h

whose result is of length

( )

mh

=

ρ

of length

. 2

HSH

.

'=

of size

N

. 2

.

− Compute

'

N

− Compute

1'.

−

=

P

ρρ

.

− Divide ρ in two parts

1 ρ and

2

ρ , each one is of length N .

Page 45

O.Hamdi, A.Bouallegue & S.Harari

International Journal of Computer Science and Security (IJCSS), Volume (3): Issue (6) 487

21ρρρ =

− Decode

1 ρ using the decoding algorithm of chained linear code to obtain

information m of length K .

− Compute

Gm.

=

ν

which is a codeword.

νρ +=

the error related to the secret code which is closer to

.This error has the same syndrome as ρ.

Pee

.

=

and its weight

( )

mh

=

ρ

relatively to the public code generated by

− Compute

'e

2/

N

− Compute the error

'

( ) ewp =

. The error e has the same

syndrome as

'

PG.

The signature of m is formed by

5.3 Verification Algorithm

− The verifier has the matrix H and the hash function ( )

the signature σ .

− he checks that ( )

ew

( )

h

=

ρ

() pe,

=

σ

.

h

, the message m and

p

=

− he computes

m

'

.

− he computes

e

.

Hx

'

1=

x =

− he computes

''

2

.ρ

H

The signature is valid if

21

xx =

5.4

x

having

5.5

Forging a signature consists in determining the signature

retrieving the secret key. An attacker who has the parity check matrix of size (

may proceed as follows:

'

H a systematic matrix

Soundness

'

.

eH

=

PG. as generator matrix.

()

2

''

1

....

xPHPH

==+=

ρνρ

since

P . ν

is a codeword of the permuted code

Parameters

() pe,

=σ

message from m or

)

NNK

. 2. 2

×

,

− he transforms

() (

,

)

()

KNKN

tI

,

RH

−−

=

. 2. 20

− he guess the corresponding matrix

0

G of size

)

R

)

with

(

cc =

NK

. 2

×

:

(

IG

K,

0=

− he computes

() (

=

21,ρρρ=

MhK

=

1 ρ

and

KN −= 2

2

ρ

− he search the closest codeword

)

21,c

of length

N

. 2

to ρ .

So, he will obtain

−

(

(

)

0,

11

=ρ

Cd

−

) (

=

) 2/ . 2,

22

KNCd

−ρ

To build a secure algorithm, the difference k between p

Page 46

O.Hamdi, A.Bouallegue & S.Harari

International Journal of Computer Science and Security (IJCSS), Volume (3): Issue (6) 488

and (

based on randomized chained code. From Table 1, we show that is necessary that used code

must have a length

N

. 2

greater than 1350.

N

990 1080 1170 1260 1350 1440 1530 1520 1710 1800 1890 1980

K

253 276 299 322 345 368

K

44 48 52 56 60 64

Table 1: Signature parameters

Table 2 shows performances of randomized chained code in terms of execution complexity and

public key size.

Signature Signature with randomized code

Public key size (ko)

Signature complexity

Verification Complexity

Table 2: Performance of signature based on randomized chained codes

5.6 Solidity

The strength of the scheme depends on the choice of parameters. There are two types of attacks

on asymmetric systems.

The starting point was to hide the structure of the chained codes. Possible attack of the new

structure consists in enumerating all matrices of size (

) 2/. 2 NK

should be large enough. The table 1 shows parameters for a signature scheme

391

68

414

72

437

76

460

80

483

84

506

88

123

220

213

)

NKN

. 2. 2

×−

and test their

equivalences with

'

H . The code is formed by γ elementary codes and K random vectors. So,

()

(

!

K

chosen parameters in section 5. The concatenation of random vectors avoid minimal codewords

/

N

disjunction since the distance between two codewords is in order of N/4.

However, this new structure hides a weakness related to the dual code. In fact, concatenated

vectors do not modify the dual code. Consequently, an attacker may proceed as follows:

'

H in a systematic matrix

the number of randomized chained code is

)

!

ν

2

! 2/ / !

2

NN

which is very large considering

attack since a codeword is at least of weight

2

. Moreover, the new structure avoids support

− Transform

().,

. 20

KN

tIRH

−

=

−

than those of random vectors.

Search minimal codewords of elementary linear codes which have weight smaller

− Use the algorithm introduced in section 3 to recover dual code.

Page 47

O.Hamdi, A.Bouallegue & S.Harari

International Journal of Computer Science and Security (IJCSS), Volume (3): Issue (6) 489

FIGURE 1: Attack Complexity

The security of cryptographic schemes based on error coding is highly dependent on the class of

used codes. Some class of codes reveal their characteristics even when they go through the

permutation used to construct the public code. It is the case with chained codes and randomized

chained codes. The starting point was the observation that any systematic matrix of a chained

code is formed by small weight codeword and that the code contains so many minimal support

codewords. These two properties lead to a structural attack of digital signature scheme based on

chained code.

We have tried to counter this attack by concatenating some random vectors to the generator

matrix. However, the added vectors avoid this attack but they do not modify the dual code.

Consequently, we discover another structural weakness related to this kind of codes.

Figure 1 shows the complexity of the attacks of some cryptosystems using chained codes and

randomized chained code. The complexity is always less than

()

3000

=

N

. This complexity prohibits using chained code in cryptography.

45

2

even with so long codes

6. Conclusion

In this paper, we discussed the structure of a randomly permuted chained code. We explored

potential threats from systematic generator matrices that have particular structure. Chained code

generator matrices have the properties of disconnected elementary code supports. We have tried

to hide this property by concatenating some random vectors to the generator matrix.

Unfortunately, these vectors avoid attack by minimum codeword in the code itself. However, they

do not modify the dual code which makes weakness on cryptographic scheme based on chained

codes. This property is invariant by permutation, which make this kind of code useless in

cryptography.

Page 48

O.Hamdi, A.Bouallegue & S.Harari

International Journal of Computer Science and Security (IJCSS), Volume (3): Issue (6) 490

7. REFERENCES

1. E.R. Berlekamp, R.J. McEliece, and H.C.A. van Tilborg, "On the inherent intractability of

certain coding problems", IEEE Transactions on Information Theory, Vol.24, No.3,1978,

pp.384-386.

2. R.J. McEliece, "A public-key cryptosystem based on algebraic coding theory"; DSN Prog.

Rep., Jet Propulsion Laboratory, California Inst. Technol., Pasadena, CA, pp. 114-

116,January 1978.

3. D. J. Bernstein, T. Lange, and C. Peters. Attacking and defending the McEliece

cryptosystem. In Post-Quantum Cryptography, volume 5299 of Lecture Notes in Computer

Science, pages 31-46. Springer Berlin Heidelberg, 2008.

4. N. Courtois, M. Finiasz, and N. Sendrier, "How to achieve a McEliece-based digital signature

scheme", In C. Boyd, editor, Asiacrypt 2001, volume 2248 of LNCS, pages 157-174.

Springer-Verlag, 2001.

5. N.Sendrier, "On the structure of a linear code"AAECC, Vol.9, n3, 1998, pp.221-242.

6. A. Canteaut "Attaques de cryptosystemes a mots de poids faible et construction de

fonctions t-resilientes" PhD thesis, Universite Paris 6, October 1996.

7. R. Heiman "On the security of Cryptosystems Based on Linear Error Correcting codes" MSc.

Thesis, Feinberg Graduate School of the Weizmann Institute of Science. August 1987.

8. M. Baldi and F. Chiaraluce. Cryptanalysis of a new instance of McEliece cryptosystem based

on QC-LDPC codes. In Proc. IEEE International Symposium on Information Theory (ISIT

2007), pages 2591-2595, Nice, France, June 2007.

9. A. Otmani, J. P. Tillich, and L. Dallot. Cryptanalysis of two McEliece cryptosystems based on

quasi- cyclic codes. In Proc. First International Conference on Symbolic Computation and

Cryptography (SCC 2008), Beijing, China, April 2008.

10. O. Hamdi, A. Bouallegue, S.Harari, Weakness on Cryptographic Schemes based on

Chained Codes, The First International Workshop on Wireless and Mobile Networks Security

(WMNS-2009) in conjunction with NSS 2009, October 19~21 2009, Gold Coast, Australia.

Page 49

D. Bhattacharjee, M. K. Bhowmik, M. Nasipuri, D. K. Basu & M. Kundu

International Journal of Computer Science and Security (IJCSS), Volume (3): Issue (6) 491

A Parallel Framework for Multilayer Perceptron for Human Face

Recognition

Debotosh Bhattacharjee debotosh@indiatimes.com

Reader,

Department of Computer Science and Engineering,

Jadavpur University,

Kolkata- 700032, India.

Mrinal Kanti Bhowmik

Lecturer,

Department of Computer Science and Engineering,

Tripura University (A Central University),

Suryamaninagar- 799130, Tripura, India.

Mita Nasipuri

Professor,

Department of Computer Science and Engineering,

Jadavpur University,

Kolkata- 700032, India.

Dipak Kumar Basu dipakkbasu@gmail.com

Professor, AICTE Emeritus Fellow,

Department of Computer Science and Engineering,

Jadavpur University,

Kolkata- 700032, India.

Mahantapas Kundu mkundu@cse.jdvu.ac.in

Professor,

Department of Computer Science and Engineering,

Jadavpur University,

Kolkata- 700032, India.

mkb_cse@yahoo.co.in

mitanasipuri@gmail.com

Abstract

Artificial neural networks have already shown their success in face recognition

and similar complex pattern recognition tasks. However, a major disadvantage of

the technique is that it is extremely slow during training for larger classes and

hence not suitable for real-time complex problems such as pattern recognition.

This is an attempt to develop a parallel framework for the training algorithm of a

perceptron. In this paper, two general architectures for a Multilayer Perceptron

(MLP) have been demonstrated. The first architecture is All-Class-in-One-

Network (ACON) where all the classes are placed in a single network and the

second one is One-Class-in-One-Network (OCON) where an individual single

network is responsible for each and every class. Capabilities of these two

architectures were compared and verified in solving human face recognition,

which is a complex pattern recognition task where several factors affect the

recognition performance like pose variations, facial expression changes,

occlusions, and most importantly illumination changes. Both the structures were

Page 50

D. Bhattacharjee, M. K. Bhowmik, M. Nasipuri, D. K. Basu & M. Kundu

International Journal of Computer Science and Security (IJCSS), Volume (3): Issue (6) 492

implemented and tested for face recognition purpose and experimental results

show that the OCON structure performs better than the generally used ACON

ones in term of training convergence speed of the network. Unlike the

conventional sequential approach of training the neural networks, the OCON

technique may be implemented by training all the classes of the face images

simultaneously.

Keywords: Artificial Neural Network, Network architecture, All-Class-in-One-Network (ACON), One-Class-

in-One-Network (OCON), PCA, Multilayer Perceptron, Face recognition.

1. INTRODUCTION

Neural networks, with their remarkable ability to derive meaning from complicated or imprecise

data, can be used to extract patterns and detect trends that are too complex to be noticed by

either humans or other computer techniques. A trained neural network can be thought of as an

"expert" in the category of information it has been given to analyze [1]. This proposed work

describes the way by which an Artificial Neural Network (ANN) can be designed and implemented

over a parallel or distributed environment to reduce its training time. Generally, an ANN goes

through three different steps: training of the network, testing of it and final use of it. The final

structure of an ANN is generally found out experimentally. This requires huge amount of

computation. Moreover, the training time of an ANN is very large, when the classes are linearly

non-separable and overlapping in nature. Therefore, to save computation time and in order to

achieve good response time the obvious choice is either a high-end machine or a system which is

collection of machines with low computational power.

In this work, we consider multilayer perceptron (MLP) for human face recognition, which has

many real time applications starting from automatic daily attendance checking, allowing the

authorized people to enter into highly secured area, in detecting and preventing criminals and so

on. For all these cases, response time is very critical. Face recognition has the benefit of being

passive, nonintrusive system for verifying personal identity. The techniques used in the best face

recognition systems may depend on the application of the system.

Human face recognition is a very complex pattern recognition problem, altogether. There is no

stability in the input pattern due to different expressions, adornments in the input images.

Sometimes, distinguishing features appear similar and produce a very complex situation to take

decision. Also, there are several other that make the face recognition task complicated. Some of

them are given below.

a) Background of the face image can be a complex pattern or almost same as the color of the

face.

b) Different illumination level, at different parts of the image.

c) Direction of illumination may vary.

d) Tilting of face.

e) Rotation of face with different angle.

f) Presence/absence of beard and/or moustache

g) Presence/Absence of spectacle/glasses.

h) Change in expressions such as disgust, sadness, happiness, fear, anger, surprise etc.

i) Deliberate change in color of the skin and/or hair to disguise the designed system.

From above discussion it can now be claimed that the face recognition problem along with face

detection, is very complex in nature. To solve it, we require some complex neural network, which

takes large amount of time to finalize its structure and also to settle its parameters.

In this work, a different architecture has been used to train a multilayer perceptron in faster way.

Instead of placing all the classes in a single network, individual networks are used for each of the