Secret image sharing based on cellular automata and steganography

Recently Lin and Tsai [Secret image sharing with steganography and authentication, The Journal of Systems and Software 73 (2004) 405-414] and Yang et al. [Improvements of image sharing with steganography and authentication, The Journal of Systems and Software 80 (2007) 1070-1076] proposed secret image sharing schemes combining steganography and authentication based on Shamir's polynomials. The schemes divide a secret image into some shadows which are then embedded in cover images in order to produce stego images for distributing among participants. To achieve better authentication ability Chang et al. [Sharing secrets in stego images with authentication, Pattern Recognition 41 (2008) 3130-3137] proposed in 2008 an improved scheme which enhances the visual quality of the stego images as well and the probability of successful verification for a fake stego block is 1/16.In this paper, we employ linear cellular automata, digital signatures, and hash functions to propose a novel (t,n)-threshold image sharing scheme with steganographic properties in which a double authentication mechanism is introduced which can detect tampering with probability 255/256. Employing cellular automata instead of Shamir's polynomials not only improves computational complexity from to O(n) but obviates the need to modify pixels of cover images unnecessarily. Compared to previous methods [C. Lin, W. Tsai, Secret image sharing with steganography and authentication, The Journal of Systems and Software 73 (2004) 405-414; C. Yang, T. Chen, K. Yu, C. Wang, Improvements of image sharing with steganography and authentication, The Journal of Systems and Software 80 (2007) 1070-1076; C. Chang, Y. Hsieh, C. Lin, Sharing secrets in stego images with authentication, Pattern Recognition 41 (2008) 3130-3137], we use fewer number of bits in each pixel of cover images for embedding data so that a better visual quality is guaranteed. We further present some experimental results.     

A comment on “Sharing secrets in stegoimages with authentication”

Recently, Chang et al.'s image secret sharing (ISS) scheme enhanced the weak authentication of two previous ISS schemes—Lin et al.'s scheme and Yang et al.'s scheme. Also, the authors claimed that the visual qualities of stegoimages were superior to the previous two schemes; however, their qualities were not really that improved. Contrarily, the qualities are significantly degraded when compared with those in Yang et al.'s scheme. This miscalculation is owing to a misunderstanding of Yang et al.'s scheme.     

A high quality image sharing with steganography and adaptive authentication scheme

With the rapid growth of numerous multimedia applications and communications through Internet, secret image sharing has been becoming a key technology for digital images in secured storage and confidential transmission. However, the stego-images are obtained by directly replacing the least-significant-bit planes (LSB) of cover-images with secret data and authentication code in most schemes, which will result in the distortion of the stego-images. In this paper, we proposed a novel secret image sharing scheme by applying optimal pixel adjustment process to enhance the image quality under different payload capacity and various authentication bits conditions. The experimental results showed that the proposed scheme has improved the image quality of stego images by 4.71%, 9.29%, and 11.10%, as compared with the schemes recently proposed by Yang et al., Chang et al., and Lin and Tsai. We also provide several experiments to demonstrate the efficacy of authentication capability of the proposed scheme. In other words, our scheme maintains the secret image sharing and authentication ability while enhances the image quality.     

A thresholding method based on two-dimensional Renyi's entropy

In this paper, we present a new thresholding technique based on two-dimensional Renyi's entropy. The two-dimensional Renyi's entropy was obtained from the two-dimensional histogram which was determined by using the gray value of the pixels and the local average gray value of the pixels. This new method extends a method due to Sahoo et al. (Pattern Recognition 30 (1997) 71) and includes a previously proposed global thresholding method due to Abutaleb (Pattern Recognition 47 (1989) 22). Further, our method extends a global thresholding method due to Chang et al. (IEEE Trans. Image Process. 4 (1995) 370) to the two-dimensional setting. The effectiveness of the proposed method is demonstrated by using examples from the real-world and synthetic images.     

Vulnerability analysis of RFID protocols for tag ownership transfer

In RFIDSec’08, Song proposed an ownership transfer scheme, which consists of an ownership transfer protocol and a secret update protocol [7]. The ownership transfer protocol is completely based on a mutual authentication protocol proposed in WiSec’08 [8]. In Rizomiliotis et al. (2009) [6], van Deursen and Radomirovic (2008), the first weaknesses to be identified (tag and server impersonation) were addressed and this paper completes the consideration of them all. We find that the mutual authentication protocol, and therefore the ownership transfer protocol, possesses certain weaknesses related to most of the security properties initially required in protocol design: tag information leakage, tag location tracking, and forward traceability. Moreover, the secret update protocol is not immune to de-synchronization attacks.     

An improved remote user authentication scheme with key agreement

In distributed systems, user authentication schemes based on password and smart card are widely used to ensure only authorized access to the protected services. Recently, Chang et al. presented an untraceable dynamic-identity-based user authentication scheme with verifiable-password-update. In this research, we illustrate that Chang et al.’s scheme violates the purpose of dynamic-identity contrary to authors’ claim. We show that once the smart card of an arbitrary user is lost, passwords of all registered users are at risk. Using information from an arbitrary smart card, an adversary can impersonate any user of the system. In addition, its password change phase has loopholes and is misguiding. The scheme has no provision for session key agreement and the smart card lacks any verification mechanism. Then we come-up with an improved remote user authentication scheme with the session key agreement, and show its robustness over related schemes.     

Meaningful secret sharing technique with authentication and remedy abilities

Lin and Tasi, Yang et al., and Chang et al.’s meaningful secret sharing schemes provided authentication mechanisms but none included a remedy ability that would cause the secret image never to be completely obtained while some information of the stego-images are losing or tampering with. This paper proposes a meaningful secret-sharing scheme which includes both authentication and remedy abilities that allow for detection of the corrupted area and use of the hidden information to repair the secret image with reasonable visual quality. In comparison with previous schemes, this approach results in superior visual qualities of the stego-images by an average of more than 3 dB.     

基于可逆信息隐藏技术的认证方案的攻击与改进

可逆信息隐藏技术一方面能够对图像的原始性和完整性进行认证和保护,同时还能够确保无失真地恢复原始图像,近年来在公安、司法等领域受到越来越多的关注。基于可逆信息隐藏的认证方案需要同时满足可逆和认证两个方面的要求,在实际中具有较大挑战性,目前成功案例较少。在文献[1]中,Hong等人提出了一种新的基于可逆信息隐藏技术的认证方法,该方法借助IPVO(Improved pixel-value-ordering)和LSB(Least significant bit)替换等技术,可以有效地对图像进行认证。本文我们对Hong等人的方法进行了深入研究,指出在该方法中仅有部分像素参与认证码的生成且攻击方能够很容易地获知这部分像素,因此在安全性上还存在不足。针对该方法存在的安全漏洞,我们提出了一种针对性的攻击方案,即攻击方可选择对图像中未参与认证码生成和嵌入的像素进行修改。该攻击方案可以在不影响所嵌入认证码提取的同时,实现有意义篡改。为了提高认证算法的安全性,本文还针对Hong等人算法的缺陷提出了相应的改进方案,即将更多像素引入认证码的生成过程中并在嵌入前对图像块进行置乱。理论分析和实验结果验证了本文提出的...     

Hand radiographs preprocessing, image representation in the finger regions and joint space width measurements for image interpretation

In this paper, the first stage of studies concerning the computer analysis of hand X-ray digital images is described. The images are preprocessed and then skeletization of the fingers is carried out. Then, the interphapangeal and metacarpophalangeal joints are detected and contoured. Joint widths are also measured. The obtained results largely concur with those obtained by other authors—see Beier et al. [Segmentation of medical images combining local, regional, global, and hierarchical distances into a bottom-up region merging scheme, Proc. SPIE 5747 (2005) 546-555], Klooster et al. [Automatic quantification of osteoarthritis in hand radiographs: validation of a new method to measure joint space width, Osteoarthritis and Cartilage 16 (1) (2008) 18-25], Ogiela et al. [Image languages in intelligent radiological palm diagnostics, Pattern Recognition 39 (2006) 2157-2165] and Ogiela and Tadeusiewicz [Picture languages in automatic radiological palm interpretation, Int. J. Appl. Math. Comput. Sci. 15 (2) (2005) 305-312].     

对两个基于智能卡的多服务器身份认证方案的密码学分析与改进

身份认证是用户访问网络资源时的一个重要安全问题。近来,Xu等(XU C, JIA Z, WEN F, et al. Cryptanalysis and improvement of a dynamic ID based remote user authentication scheme using smart cards [J]. Journal of Computational Information Systems, 2013, 9(14): 5513-5520)提出了一个基于智能卡的动态身份用户认证方案。分析指出其方案不能抵抗中间人攻击和会话密钥泄露攻击,且无法实现会话密钥前向安全性。此外,指出Choi等(CHOI Y, NAM J, LEE D, et al. Security enhanced anonymous multiserver authenticated key agreement scheme using smart cards and biometrics [J]. The Scientific World Journal, 2014, 2014: 281305)提出的基于智能卡和生物特征的匿名多服务器身份认证方案(简称CNL方案)易遭受智能卡丢失攻击、服务器模仿攻击,且不能提保护用户的匿名性。最后,基于生物特征和扩展混沌映射,提出了一个安全的多服务器认证方案,安全分析结果表明,新方案消除了Xu方案和CNL方案的安全漏洞。     

Positron emission tomography by Markov chain Monte Carlo with auxiliary variables

We propose a new algorithm for positron emission tomography (PET) image reconstruction. The algorithm belongs to the family of Markov chain Monte Carlo methods with auxiliary variables. The idea is to iteratively generate hidden variables at one step and use them for image restoration at another step. The well-known model of Vardi et al. (J. Amer. Statist. Assoc. 80 (1985) 8) for PET is combined with the Bayesian model of Lasota and Niemiro (Pattern Recognition 36 (2003) 931) for the underlying images. This latter model takes advantage of the fact that medical images often consist of relatively few grey-levels of unknown intensity. The algorithm of Lasota and Niemiro (Pattern Recognition 36 (2003) 931) is used in the image restoration part of the PET algorithm, essentially as a noise-filtering and smoothing device. It is now equipped with an additional data reconstruction step. We include simulation results which suggest that the method is truly reliable. We also describe a version of the basic algorithm, in which a random simulation step is replaced by computation of expected value, similarly as in the EM algorithm.     

Cryptanalysis and improvement of ‘a secure authentication scheme for telecare medical information system’ with nonce verification

In 2009, Xu et al. presented an improved smartcard based authentication scheme while using a security model previously applied by Bellare et al. to prove the security of their authentication methods. Later on, in 2012, Wu et al. pointed out number of authentication attacks in Xu et al. scheme. To address these issues, Wu et al. presented a Smartcard based Two-Factor Authentication (2FA) scheme for Telecare Medical Information System (TMIS) facility. In this study, we prove that authentication scheme of Wu et al. is still vulnerable to impersonation attack, offline password guessing attack, forgery attack and many other attacks. Moreover, number of performance and verification issues are also outlined in the authentication scheme of Wu et al. To overcome these issues, an improved and enhanced 3FA Smartphone based authentication method is proposed on a Cloud Computing environment. The proposed scheme is further corroborated using Burrows-Abadi-Needham logic (BAN logic) nonce verification. The detailed BAN logic verification and further security analysis shows that the proposed authentication protocol is highly reliable and secure in terms of message verifications, message freshness and trustworthiness of its origin. Moreover, the comparative security, performance and feature analysis shows that the proposed work yields an even more improved and enhanced authentication framework as compared to Wu et al. authentication scheme.     

A comment on “Using locally estimated geodesic distance to optimize neighborhood graph for isometric data embedding”

A geodesic distance-based approach to build the neighborhood graph for isometric embedding is proposed to deal with the highly twisted and folded manifold by Wen et al. [Using locally estimated geodesic distance to optimize neighborhood graph for isometric data embedding, Pattern Recognition 41 (2008) 2226-2236]. This comment is to identify the error in their example and the ineffectiveness of their algorithm.     

A secure biometric based multi-server authentication scheme for social multimedia networks

Social networking is one of the major source of massive data. Such data is not only difficult to store, manipulate and maintain but it’s open access makes it security prone. Therefore, robust and efficient authentication should be devised to make it invincible against the known security attacks. Moreover, social networking services are intrinsically multi-server environments, therefore compatible and suitable authentication should be designed accordingly. Sundry authentication protocols are being utilized at the moment and many of them are designed for single server architecture. This type of remote architecture resists each user to get itself register with each server if multiple servers are employed to offer online social services. Recently multi-server architecture for authentication has replaced the single server architecture, and it enable users to register once and procure services from multiple servers. A short time ago, Lu et al. presented two authentication schemes based on three factors. Furthermore, both Lu et al.’s schemes are designed for multi-server architecture. Lu et al. claimed the schemes to be invincible against the known attacks. However, this paper shows that one of the Lu et al.’s scheme is susceptible to user anonymity violation and impersonation attacks, whereas Lu et al.’s second scheme is susceptible to user impersonation attack. Therefore an enhanced scheme is introduced in this paper. The proposed scheme is more robust than subsisting schemes. The proposed scheme is thoroughly verified and validated with formal and informal security discussion, and through the popular automated tool ProVerif. The in-depth analysis affirms that proposed scheme is lightweight in terms of computations while attaining mutual authentication and is invincible against the known attacks, hence is more suitable for automated big data analysis for social multimedia networking environments.     

A user friendly mutual authentication and key agreement scheme for wireless sensor networks using chaotic maps

Spread of wireless network technology has opened new doors to utilize sensor technology in various areas via Wireless Sensor Networks (WSNs). Many authentication protocols for among the service seeker users, sensing component sensor nodes (SNs) and the service provider base-station or gateway node (GWN) are available to realize services from WSNs efficiently and without any fear of deceit. Recently, Li et al. and He et al. independently proposed mutual authentication and key agreement schemes for WSNs. We find that both the schemes achieve mutual authentication, establish session key and resist many known attacks but still have security weaknesses. We show the applicability of stolen verifier, user impersonation, password guessing and smart card loss attacks on Li et al.’s scheme. Although their scheme employs the feature of dynamic identity, an attacker can reveal and guess the identity of a registered user. We demonstrate the susceptibility of He et al.’s scheme to password guessing attack. In both the schemes, the security of the session key established between user and SNs is imperfect due to lack of forward secrecy and session-specific temporary information leakage attack. In addition both the schemes impose extra computational load on resource scanty sensor-nodes and are not user friendly due to absence of user anonymity and lack of password change facility. To handle these drawbacks, we design a mutual authentication and key agreement scheme for WSN using chaotic maps. To the best of our knowledge, we are the first to propose an authentication scheme for WSN based on chaotic maps. We show the superiority of the proposed scheme over its predecessor schemes by means of detailed security analysis and comparative evaluation. We also formally analyze our scheme using BAN logic.     

A secure and efficient mutual authentication scheme for session initiation protocol

The Session Initiation Protocol (SIP) as the core signaling protocol for multimedia services is receiving much attention. Authentication is becoming increasingly crucial issue when a user asks to use SIP services. Many authentication schemes for the SIP have been proposed. Very recently, Zhang et al. has presented an authentication scheme for SIP and claimed their scheme could overcome various attacks while maintaining efficiency. In this research, we illustrate that their scheme is susceptible to the insider attack and does not provide proper mutual authentication. We then propose a modified secure mutual authentication scheme to conquer the security flaws in Zhang et al.’s scheme. Through the informal and formal security analyses, we demonstrate that our scheme is resilient possible known attacks including the attacks found in Zhang et al.’s scheme. In addition, the performance analysis shows that our scheme has better efficiency in comparison with other related ECC-based authentication schemes for SIP.     

Hiding secret data in images via predictive coding

This paper presents a prediction-based image-hiding scheme that embeds secret data into compression codes during image compression. This scheme employs a two-stage structure: a prediction stage and an entropy coding stage. The secret data is embedded into the difference values of a given image after the prediction stage is performed.According to the experimental results, the image quality is better than Jpeg-Jsteg and its improved scheme (Inform. Sci. 141 (1-2) (2002) 123). The average image quality of the stego-images in the proposed scheme is greater than 50 dB when the hiding capacity is 1 bit per pixel, whereas those values in Jpeg-Jsteg and scheme in Chang et al. (Inform. Sci. 141 (1-2) (2002) 123) are 37.04 and 33.73 dB, respectively. The hiding capacity of the proposed scheme is 65,536 bits when the hiding capacity is 1 bit per pixel, whereas it is 53,248 bits in scheme (Inform. Sci. 141 (1-2) (2002) 123) and less than 3000 bits in Jpeg-Jsteg.     

An improved smart card based password authentication scheme with provable security

Password authentication has been adopted as one of the most commonly used solutions in network environment to protect resources from unauthorized access. Recently, Lee–Kim–Yoo [S.W. Lee, H.S. Kim, K.Y. Yoo, Improvement of Chien et al.'s remote user authentication scheme using smart cards, Computer Standards & Interfaces 27 (2) (2005) 181–183] and Lee-Chiu [N.Y. Lee, Y.C. Chiu, Improved remote authentication scheme with smart card, Computer Standards & Interfaces 27 (2) (2005) 177–180] respectively proposed a smart card based password authentication scheme. We show that these two schemes are both subject to forgery attacks provided that the information stored in the smart card is disclosed by the adversary. We also propose an improved scheme with formal security proof.     

A secure authentication scheme for Internet of Things

Security is one of the major issues in Internet of Things (IoT) research. The rapid growth in the number of IoT devices, the heterogeneity and complexity of these objects and their networks have made authentication a challenging task. Other constraints such as limited computational ability and power, and small storage of some embedded devices make implementation of complex cryptographic algorithms difficult. So far there has been no established industrial standard to address this problem.Recently, Kalra and Sood, and subsequently Chang et al. attempted to solve the authentication problem by proposing key agreement schemes for IoT devices. However, the security of their schemes were unproven. In this paper we demonstrate that these schemes are insecure. We extend upon their work to present a scheme that enables embedded devices to communicate securely with a server on an IoT network. We prove the security of this scheme using formal methods and demonstrate this under the intractability of some well-defined hard problems. We also discuss some practical aspects related to the implementation of the scheme.     

A secure and robust temporal credential-based three-factor user authentication scheme for wireless sensor networks

User authentication is one of the most important security services required for the resource-constrained wireless sensor networks (WSNs). In user authentication, for critical applications of WSNs, a legitimate user is allowed to query and collect the real-time data at any time from a sensor node of the network as and when he/she demands for it. In order to get the real-time information from the nodes, the user needs to be first authenticated by the nodes as well as the gateway node (GWN) of WSN so that illegal access to nodes do not happen in the network. Recently, Jiang et al. proposed an efficient two-factor user authentication scheme with unlinkability property in WSNs Jiang (2014). In this paper, we analyze Jiang et al.’s scheme. Unfortunately, we point out that Jiang et al.’s scheme has still several drawbacks such as (1) it fails to protect privileged insider attack, (2) inefficient registration phase for the sensor nodes, (3) it fails to provide proper authentication in login and authentication phase, (4) it fails to update properly the new changed password of a user in the password update phase, (5) it lacks of supporting dynamic sensor node addition after initial deployment of nodes in the network, and (6) it lacks the formal security verification. In order to withstand these pitfalls found in Jiang et al.’s scheme, we aim to propose a three-factor user authentication scheme for WSNs. Our scheme preserves the original merits of Jiang et al.’s scheme. Our scheme is efficient as compared to Jiang et al.’s scheme and other schemes. Furthermore, our scheme provides better security features and higher security level than other schemes. In addition, we simulate our scheme for the formal security analysis using the widely-accepted AVISPA (Automated Validation of Internet Security Protocols and Applications) tool. The simulation results clearly demonstrate that our scheme is also secure.