International journal of Computer Networking and Communication (IJCNAC)Vol. 1, No.

1(August 2013)

25

A Joint Encryption/Watermarking Algorithm for Secure Image Transfer

Youssra LAKRISSI, Mohammed ERRITALI, Mohammed FAKIR
Information Processing and Telecommunication Teams, University Sultan Moulay Slimane, Benimallal, Morocco
lakrissi.youssra@gmail.com m.erritali@usms.ma fakfad@yahoo.fr

Abstract
This paper presents a method combining encryption and watermarking for secure images transfer. The proposed solution gives access to the outcomes of the image integrity and of its origins as its attachment to one user even if the image is stored encrypted. This method is based on the combination of encryption algorithms publicprivate keys and secret keys, and watermarking. The algorithm for image encryption uses a secret key. We encrypt the secret key with an asymmetric algorithm. This encrypted secret key is then inserted into the encrypted image using watermark algorithm.

Keywords: Encryption, symmetric encryption, asymmetric encryption, hybrid

encryption, stream cipher, bloc cipher, watermarking, discrete wavelet transform.

1. INTRODUCTION
Rapid growth of Internet has contributed a lot in the increase of multimedia contents over internet including digital images and videos. Due to exponential rise in multimedia contents, it has become a trend to share information using digital images and video and at the same time it has become a challenging issue to protect these contents from tempering in order to avoid a misuse and retain confidentiality of data [1]. The security of data is pursued by assuring, among others authentication, to verify the identity claimed by or for any system entity, data confidentiality to protect data against unauthorized disclosure, data integrity to verify that data have been changed, destroyed or lost in an accidental manner [1]. Actually, encrypted data need an additional level of protection in order to keep control on them after the decryption phase. In fact, when the ciphered data is deciphered by the authorized user, it is unprotected and it can be easily modied, tampered, or stolen. The scientic community started focusing on the possibility of providing both security services simultaneously and therefore to have the chance of watermarking encrypted data and detecting the watermark before and after decryption. This allows to work in the encrypted domain, operating on ciphered data without giving access to the plain one and increasing the operation eciency. Lian et al [2] draw a detailed scenario concerning video encryption and video watermarking and proposes a new combined approach. Bas et al [3] give an overview on the possible scenarios where the combination of both level of protection can be exploited, while Merhav [4] presents a theoretic analysis of this problem. In literature a commutative scheme is presented by Lian et al [5]: the image is wavelet transformed and some sub bands are ciphered while some others are both ciphered (with sign encryption) and watermarked.
www.arpublication.org

26

In fact several methods have been developed to solve the problems of security and authenticity in image transfer. In this paper, we present a hybrid coding approach where we propose to use several types of encryption with the watermarking in order to secure the image transmission. Samir Kumar [6] proposed a technique for invisible Digital Watermarking through Encryption where the image is encoded within another image (cover image). Firstly, the cover image and the target image can be adjusted by resize function. Secondly, only the final encrypted image i.e. cover image and target image is sent over the network. This image is finally decoded at the receiver end. Puech and Rodrigues [1] present a method of partial or selective encryption for JPEG images. It is based on encoding of some Huffman bit stream with AES cipher. We propose a method combining symmetric encryption and watermarking which is robust to noise and ensure the integrity (perceptual) and the Authenticity of image beside of hiding associated data (high capacity) in image. This approach can access in different resolution levels of image due to the wavelet watermarking and can process in real time. Before embedding the secret key in the image, we are going to crypt it with an asymmetric algorithm. At the reception, only public-private key will be needed to extract and decrypt the secret key to get our image legible. To encrypt the image, we have chosen to work with a symmetric stream cipher and symmetric bloc cipher so we can make a comparison between them. To embed the secret key, we selected a watermarking method based on discrete wavelet transform DWT [7]. The remainder of this paper is organized as follow. In Section II, we explain the encryption a watermarking algorithms and in section III we detail the proposed method, before concluding, we illustrate the results and discuss the performances of our approach in Sections 3 and 4 respectively.

2. RELATED WORK
2.1 Commutative Watermarking-Encryption (CWE) One approach to commutative watermarking is provided by deploying homomorphic encryption techniques so that some basic algebraic operations such as addition and multiplication on the plaintexts can be transferred onto the corresponding cipher texts, i.e., they are transparent to encryption [8]. Especially, if both the encryption and the watermarking process consist of the same homomorphic operation, one gets a commutative watermarking-encryption scheme. Examples of homomorphic operations are exponentiation modulo n, multiplication modulo n, addition modulo n and the XOR operation. One major drawback of this approach is the influence of encryption on robustness of the watermarking algorithm because after encryption there is no visual information available for the watermark embedder to adapt itself to increase robustness while at the same time minimizing visual quality degradation [2]. In partial encryption schemes, the plaintext multimedia data is partitioned into two disjoint parts, where one part is encrypted and the other part is watermarked. Since the encryption part is independent of the watermarking part, they are naturally commutative. Because there is some information leakage through the unencrypted parts, in order to get a high level of perceptual security, the data parts which are significant for perception are encrypted, while only the perceptually unimportant parts are watermarked, leaving the door open for an attacker trying to remove the watermark. This lack of robustness against malicious attacks seems to be a general problem with CWE.

www.arpublication.org

International journal of Computer Networking and Communication (IJCNAC)Vol. 1, No. 1(August 2013)

27

2.2 Hybrid DCT-DWT Watermarking and IDEA Encryption of Internet Contents M.A. Mohamed [9] proposed a hybrid image protection scheme to establish a relation between the data encryption key and the watermark. Prepositioned secret sharing allows the reconstruction of different encryption keys by communicating different activating shares for the same prepositioned information. Each activating share is used by the receivers to generate a fresh content decryption key. In the proposed scheme, the activating share is used to carry copyright or usage rights data. The bit stream that represents this data is also embedded in the content as a visual watermark. When the encryption key needs to change, the data source generates a new activating share, and encrypts the corresponding data with the key constructed from the new activating share. Before transmission, the encrypted data is embedded in a multimedia stream. Each receiver can extract the encrypted data from the host image, and decrypt this data after reconstructing the same key.

3. ENCRYPTION AND WATERMARKING ALGORITHMS USED

3.1 Encryption Algorithm

a) Symmetric Stream Cipher

In cryptography, a stream cipher is a symmetric key cipher where plaintext digits are combined with a pseudorandom cipher digit stream (key stream). In a stream cipher each plaintext digit is encrypted one at a time with the corresponding digit of the key stream, to give a digit of the ciphertext stream [10]. An alternative name is a state cipher, as the encryption of each digit is dependent on the current state. In practice, a digit is typically a bit and the combining operation an exclusive-or (XOR). A stream cipher generates successive elements of the key stream based on an internal state [10]. This state is updated in essentially two ways: if the state changes independently of the plaintext or ciphertext messages, the cipher are classified as a synchronous stream cipher as shown in figure 1. By contrast, self-synchronising stream ciphers update their state based on previous cipher text digits as shown in figure 2.

Fig.1 Principle of synchronous stream cipher

Fig.2 Principle of auto-synchronous stream cipher

b) Symmetric Bloc Cipher (AES) AES is based on a design principle known as a substitution-permutation network, and is fast in both software and hardware [11]. AES is a variant of Rijndael [12] which has a fixed block
www.arpublication.org

28

size of 128 bits, and a key size of 128, 192, or 256 bits. By contrast, the Rijndael specification per se is specified with block and key sizes that may be any multiple of 32 bits, both with a minimum of 128 and a maximum of 256 bits [13]. AES operates on a 44 column-major order matrix of bytes, termed the state, although some versions of Rijndael have a larger block size and have additional columns in the state. Most AES calculations are done in a special finite field. The key size used for an AES cipher specifies the number of repetitions of transformation rounds that convert the input, called the plaintext, into the final output, called the ciphertext. The number of cycles of repetition are as follow: 10 cycles of repetition for 128-bit keys [13]. 12 cycles of repetition for 192-bit keys [14]. 14 cycles of repetition for 256-bit keys [15]. Each round consists of several processing steps, each containing five similar but different stages, including one that depends on the encryption key itself. A set of reverse rounds are applied to transform ciphertext back into the original plaintext using the same encryption key. Figure 3 shows the principle of AES encryption

Fig.3 AES encryption [1] c) Asymmetric Encryption (RSA): RSA is an algorithm for public-key cryptography that is based on the presumed difficulty of factoring large integers, the factoring problem [16]. The RSA algorithm involves three steps: key generation, encryption and decryption. A user of RSA creates and then publishes the product of two large prime numbers, along with an auxiliary value, as their public key. The prime factors must be kept secret. Anyone can use the public key to encrypt a message, but with currently published methods, if the public key is large enough, only someone with knowledge of the prime factors can feasibly decode the message [16]. Whether breaking RSA encryption is as hard as factoring is an open question known as the RSA problem. Figure 4 shows the principle of asymmetric cryptography

Fig.4 Asymmetric encryption

www.arpublication.org

International journal of Computer Networking and Communication (IJCNAC)Vol. 1, No. 1(August 2013)

29

3.2 Watermarking Method The concept of Image watermarking mainly came into existence in 1990s because of the widespread of the Internet [17]. At that time an invisible watermark message was inserted into an image which is to be transferred such that the invisible message will survive intended or unintended attacks. The process of watermarking begins when the encoder inserts watermark into image, producing watermarked image. The decoder extracts and validates the presence of watermarked input or unmarked input [18]. The transform domain watermarking systems are based on Fourier and Cosine transform which are the invertible transform applied to the image where the coefficients are modified by the watermark data. The Discrete Cosine transform watermarking [19] divides the image into different frequency band and choose the middle frequency band for watermarking. The method that we are going to use on our approach is wavelet watermarking. The Wavelet domain watermarking system is the multi-band watermarking scheme. The attacker may not be able to detect the embedded watermark without knowing the parameter. The original image is decomposed into wavelet coefficients and then multi-energy watermarking scheme based on the qualified significant wavelet tree. a) Embedding Watermark The host image is taken as the input is decomposed with the fingerprint image using wavelet transform. The fingerprint image of is taken as the copyright image is embedded in the approximate and detailed coefficient diagonally of the host image. Then the inverse wavelet transform is applied on these coefficients. The embedding process is performed by using the following steps: a. The image is decomposed using wavelet gives approximate coefficient (LL) and detailed coefficient of horizontal (HL), vertical (LH) and diagonal (HH) shown in figure 5 of the input image are estimated by using the equation (3).

Figure 5: Wavelet decomposition

, ,

, ,

(3)

Where W (m, n) is the Wavelet Series of the host image. b. The fingerprint image is embedded in the coefficient of LL and HH by using the equation (4) and (5)
LLi,j , , ,

(4)

LLi,j=

LLi,j Else
HHi,j , , ,

(5)

HHi,j=

HHi,j
www.arpublication.org

30

Where m is height of original image, n is the width of original image. The threshold value of the approximate coefficient LLi, j for embedding the watermarking is defined as ThLL of 15 with the embedding strength of is 0.06. Then the detailed coefficients HHi, j is embedded with W using the threshold value of ThHH is 45 and embedding strength of is 3.5. The constant values will be varied according to the visibility of the watermarked image. c. The watermarked image is obtained by applying inverse discrete wavelet transform (IDWT) on the coefficient obtained during step 2 using equation (6). ,
, , , , , ,

(6)

b) Extracting Watermark In the extraction process, the watermarked image and the copyright image (fingerprint image) are processed by the following steps a. The watermarked image is decomposed using wavelets gives approximate coefficient (LL) and detailed coefficient of horizontal (HL), vertical (LH) and diagonal (HH) of the input image are estimated by using the equation (7) ,
, , , ,

(7)

b. The watermarked image is extracted using the equation (8) and (9).
LLi,j , , ,

(8)

LLi,j =

LLi,j Else
HHi,j , , ,

(9)

HHi,j=

HHi,j

Where ZL (i, j) is 0 c. The inverse DWT (IDWT) is applied on the coefficient obtained during step 2 using equation (10). The fingerprint image (copyright image) is extracted. ,
, , , , , ,

(10)

4. ENCRYPTION-WATERMARKING COMBINATION
Recall that the asymmetric methods are not suitable for encrypting images because they are too long computation time. We should therefore use a conventional secret key encryption with transmission channel for transferring the key. We have developed a method that combines a symmetric encryption algorithm for image, asymmetric encryption algorithm to encrypt the secret key and discrete wavelet transform for watermarking. We suppose that a person M wish to send an image securely to another person S. M will use a symmetric algorithm to encrypt the image.
www.arpublication.org

International journal of Computer Networking and Communication (IJCNAC)Vol. 1, No. 1(August 2013)

31

In our approach, we have the choice to use a synchronous stream cipher or bloc cipher (AES) to encrypt the image, while we will encrypt the secret key with an asymmetric algorithm such as RSA. Firstable, M generates his secret key to encrypt the image with it, then this secret key will be encrypted too with a RSA public key ( RSApub-key) to obtain an encrypted secrete key k which will be then inserted in the encrypted image using discrete wavelet transform (DWT) to get at the end an encrypted watermarked image. Finally, M send the image to S as shown in figure 6. S then receives the image, extracted the mark (the encrypted secret key k) and decrypted it using his RSA private key, So he can decrypt the image that M send it to him and viewed it.

Fig.7 Encryption and watermarking combination

If M wants to send a new image to S, it will use a new secret key K1 for this new session. The method will then be identical, but the public and private keys will not be used in the same order. Although five keys are needed per session, most of them are transparent to users. In fact, the private key can be associated with the software, and the two parties, it is not useful to know the secret key that is inserted in the image. However, for each session, the value of the secret key K must change. Indeed, if the secret key wasnt changed every person has the software can encrypt all images.

5. THE EXPERIMENTAL RESULTS

We applied our method to an image size of 64 * 64. First using the synchronous stream cipher and secondly with the AES block cipher. In following figures, well show an example of our application with results. Consider that Alice wants to send an image to Bob. First Bob should generate his public and private key, and then send the public one to Alice. Figure 8 illustrates the generation of RSA keys.

www.arpublication.org

32

Fig.9 Generation of RSA keys

Once the keys are generated, click on the button send the public key to send the public key and display the main interface. Figure 10 shows the main interface of the application.

Fig.10 Main interface

In this interface, we choose which method we want to encrypt our image, giving the radio button to select whether we wish to encrypt by synchronous stream cipher or by block cipher (AES). The secret key is displayed in the listbox. The button Encrypt the key by RSA is activated to allow encryption for the secret key of the stream cipher by RSA;The result is displayed in the listbox surrounded below on figure 11.

www.arpublication.org

International journal of Computer Networking and Communication (IJCNAC)Vol. 1, No. 1(August 2013)

33

Fig.11 Result of secret key encrypted by RSA

After that Alice will watermark the stream cipher encrypted image by the encrypted secret key using DWT, so she can send securely the encrypted watermarked image to Bob. Once Bob got the image, hi will extract the mark (means the encrypted secret key) and decrypted it using his RSA private key. Figure 12 shows the mark extracted and decrypted.

Fig.12 Extract and decrypt the mark from the watermarked image

After encrypting the image, we have watermarked it with the secret key using wavelet discrete transform (figure 13.c) with a difference between the stream cipher encrypted image and the encrypted watermarked image ( PSNR=32.32 db) appears on figure 13.e where we can see the pixel used for watermarking. For the block cipher, the encrypted-watermarked image is shown on figure 8.d with a difference (PSNR=41.29 db) illustrate in figure 13.f.
www.arpublication.org

34

After decryption, we can see very well the difference between using synchronous stream cipher in figure 13.g (PSNR=18.62 db) and the bloc cipher (AES) in figure 13.h with PSNR=8.09db. Even after applying a noise for the encrypted watermarked image, we note that the stream cipher is more robust to noise than the AES encryption with a difference (PSNR = 16.41db) for decryption stream in figure 13.i and (PSNR = 8.02 db) in figure 13.j for the AES decryption.

(a)

(b)

(c)

(d)

(e)

(f)

(g)

(h)

(i)

(j)

Fig. 13 a) Stream cipher encrypted image, b) Image (a) watermarked, c) Difference between (a) and (b), d) Image (b) decrypted with synchronous stream cipher, e) AES encrypted image, f) Image (e) watermarked, g) Difference between (e) and (f), h) Image (f) decrypted with AES, i) i) Difference entre original image and stream cipher decrypted image, j) Difference between the original and decrypted image with AES

6. CONCLUSION
In this paper, we present a method combined encryption and watermarking algorithms for images secure transfer. We choose to encrypt the image with a symmetric algorithm (stream cipher synchronous and bloc cipher AES) and encrypt the image with an asymmetric algorithm (RSA). To embed the encrypted key we use a discrete wavelet transform DWT, we prefer to use multi resolution field because it resists noising that may occur during the transfer. From the experimental results, we find that the method of stream ciphers makes the most optimal final image, while the block cipher does not give good results.

www.arpublication.org

International journal of Computer Networking and Communication (IJCNAC)Vol. 1, No. 1(August 2013)

35

7.
[1]

REFERENCES
W. Puech, J. M. Rodrigues and J.-E. Develay-Morice. Safe Transfert of Medical Images by Conjoined Coding: Selective Encryption by AES Using the Stream Cipher Mode OFB and JPEG Compression. traitement du signal 2006_volume 23_numro 6. S. Lian, Multimedia Content Encryption. CRC Press, 2009. P. Bas and S. K. et al., First summary report on hybrid systems, European Project IST-200207932, ECRYPT - Network of Excellence in Cryptology, Deliverable D.WVL.5, 2005. N. Merhav, On joint coding for watermarking and encryption, IEEE Transactions on Information Theory 52, January 2006. S. Lian, Z. Liu, and H. Wang, Commutative watermarking and encryption for media data, Optical Engineering Letters 45, August 2006. Samir Kumar Bandyopadhyay and Tuhin Utsab Paul and Avishek Raychoudhur. Invisible Digital Watermarking Through Encryption International Journal of Computer Applications (0975 8887) Volume 4 No.8, August 2010. D. Kundur and D. Hatzinakos. A robust digital image watermarking scheme using the waveletbased fusion. In IEEE Signal Processing Society 1997 International Conference on Image Processing (ICIP'97), Santa Barbara, California, October 1997. J. Herrera-Joancomarti, S. Katzenbeisser, D. Megias, J. Minguillion, A. Pommer, M. Steinebach, and A. Uhl, .ECRYPT European Network of Excellence in Cryptology, First Summary Report on Hybrid Systems,. 2005. [Online]. Available: http://www.ecrypt.eu.org/ecrypt1/ documents/D.WVL.5-1.0.pdf. M.A. Mohamed and A.M. El-Mohandes Hybrid DCT-DWT Watermarking and IDEA Encryption of Internet Contents. IJCSI International Journal of Computer Science Issues, Vol. 9, Issue 1, No 2, January 2012. Matt J. B. Robshaw, Stream Ciphers Technical Report TR-701, version 2.0, RSA Laboratories, 1995. Bruce Schneier, John Kelsey, Doug Whiting, David Wagner, Chris Hall, Niels Ferguson, Tadayoshi Kohno, Mike Stay (May 2000). "The Twofish Team's Final Comments on AES Selection". J. Daemen and V. Rijmen. The Design of Rijndael. SpringerVerlag New York, Inc. Secaucus, NJ, USA, 2002. Pascal Junod et Serge Vaudenay. Une nouvelle famille d'algorithmes de chiffrement par bloc. Universit J. Fourier, Grenoble 2003. James Nechvatal, Elaine Barker, Lawrence Bassham, William Burr, Morris Dworkin, James Foti, Roback, Report on the Development of the Advanced Encryption Standard (AES) , 2 octobre 2000. Consult le 8 juin 2009. R. Anderson, E. Biham and L. Knudsen The Case for Serpent 24th March 2000. Rivest, R.; A. Shamir; L. Adleman (1978). "A Method for Obtaining Digital Signatures and Public-Key Cryptosystems". Communications of the ACM 21 (2): 120126. R.G. van Schyndel, A.Z. Tirkel, and C.F. Osborne, "A digital watermark", ICIP'94, vol. 2, pp. 8690, Austin, USA, 1994. J.J.K.O Ruanaidh, W.J. Dowling, and F.M. Boland, "Watermarking digital images for copryright protection", IEE Proc.-Vis. Image Signal Process., vol. 143, n 4, pp. 250-256, 1996. Mei Jiansheng,, Li Sukang and Tan Xiaomei A Digital Watermarking Algorithm Based On DCT and DWT ISBN 978-952-5726-00-8 (Print), 978-952-5726-01-5 (CD-ROM)Proceedings of the 2009 International Symposium on Web Information Systems and Applications (WISA09)Nanchang, P. R. China, May 22-24, 2009, pp. 104-107.

[2] [3] [4] [5] [6]

[7]

[8]

[9]

[10] [11]

[12] [13] [14]

[15] [16] [17] [18] [19]

Authors

Youssra LAKRISSI Obtained a master's degree in business intelligence from the faculty of science and technology, Beni Mellal at Morocco in 2013. Her research concerns image processing and cryptography.
www.arpublication.org

36

Mohammed ERRITALI Obtained a master's degree in business intelligence from the faculty of science and technology, Beni Mellal at Morocco in 2010. His current interests include developing specification and design techniques for use within Intelligent Network, data mining, image processing and cryptography. He is currently a professor at the Faculty of Science and Technology, University Sultan Moulay Slimane , and also a member of the LRI laboratory at the faculty of sciences, Mohamed V Agdal University, Rabat.

Dr Mohamed FAKIR obtained a degree in Master of Electrical Engineering from Nagaoka University of Technology in 1991 and a Ph.D. degree in electrical engineering from the University of Cadi Ayyad, Morocco. He was a team member in Hitachi Ltd., Japan between 1991 and 1994. He is currently a professor at the Faculty of Science and Technology, University Sultan Moulay Slimane, Morocco.His research concerns the recognition and artificial intelligence.

www.arpublication.org