SECURITY SOLUTIONS FOR STILL VISUAL DATA

Abstract

Advancement in communication and networking has led to numerous image applications in day-to-day life. With an increase in transmission and distribution of digital image data, piracy operations/illegal activities have also increased. To restrain these activities, security of digital data is required at different stages of data archival, transmission and distribution. Encryption provides data confidentiality, and is considered as the first line of defence in digital rights management (DRM) security solutions. This prevents illegal copying and distribution of valuable data; this consequently saves huge financial losses and avoids adverse societal impact. To attain this, diverse image applications require different data confidentiality level and support of various other objectives. These objectives mainly in clude format-compliance, support for content access control, transparency to adaptation techniques, scalability, high compression ratio, and better encryption efficiency. Owingto the contradictory nature of few of these objectives, an application-specific se curity solution necessitates trade-off between various factors. To achieve an optimal trade off, the present research work explores the impact of placement position of the encryption function in an image communication process. Based on the placement position of encryp tion function, different frameworks are discriminated as: uncompressed or compressed do main encryption. The former includes spatial and transformation domain encryption, while the latter involves encryption at intermediate or final stages of compression function. The merits and demerits of the existing techniques of these frameworks have been analysed. To overcome the limitations of existing techniques, novel encryption techniques and frame works have been proposed. In spatial domain, the pseudorandom output of chaotic maps is being efficiently utilised to introduce data incomprehensibility. However, with the successful establishment of chaos in cryptography, objectives and challenges for secure chaotic ciphers have increased. De velopment of a highly chaotic map necessitates re-designing of the complete cryptosystem, i Abstract that consumes high computational resources. In addition to this, the tools developed to dis cern chaos are used to launch error function attack. This makes it easy to cryptanalyse the chaotic cryptosystem. Considering these objectives, a spatial domain based chaotic cryptosystem has been developed using permutation-substitution architecture. Higher dimensional discrete chaotic maps are combined in a cascade structure. This allows the replacement of an existing chaotic map in a cryptosystem, with a different map at a later stage. This avoids the neces sity of re-designing the cryptosystem, with a change in chaotic map. Multiple iterations of the cipher have been performed to attain resistance against various cryptanalytic attacks. Performance and security analysis reflects the ability of the proposed cryptosystem to with stand basic cryptanalytic and error function attacks, that are specifically designed for chaos based cryptosystems. In the next stage of image communication process, the spatial domain image is con verted into transformation domain, that is an ideal domain for selective encryption of data. Among the various transformation domains, fractional wavelet domain (FRWT) exhibits high computational performance, due to its ability of optical realisation. It also offers frac tional order as an additional security key. While performing selective encryption, empha sising on fractional order as the main security key and overlooking the varying significance of image data, consumes high computational resources without any proportional effect on the security. To attain a high security level with less computational resources, an efficient FRWT domain based cryptosystem is developed. Relationship between normalised information energy and perceptual intelligibility of subband has been established to identify the signif icant region. Encryption of the selected significant subbands is performed using a chaotic stream cipher. This yields a large key space, that has fractional order as just a part of the entire key structure. Security and performance analysis of the proposed technique has been demonstrated using standard evaluation parameters. To assess the attained percep tual security, novel evaluation parameters based on the structural information of an image, have also been proposed. Performance and comparative analysis reflects better perceptual and cryptographic security with less computational time. An image comprises of different data regions of varying significance. While developing total encryption techniques, equal security level to data of different significance need not ii Abstract be provided. Significant computational resources can be saved by considering the data significance and providing different security level to data of varied significance. A novel cryptosystem is proposed, that implements different encryption techniques to distinct parts of the image data. The proposed combinational domain based cryptosystem totally en crypts the significant data in spatial domain and partially encrypts the less significant data in transformation domain. Extensive performance and security analysis ascertains the ef ficacy of the proposed cryptosystem. As compared to complete spatial and transformation domain encryption, the proposed cryptosystem drastically reduces the computational time. In compressed domain, encryption is generally integrated with compression function to achieve high compression and encryption efficiency. This is suitable for real-time appli cations and can be efficiently employed for end-to-end image communication. To achieve end-to-end communication, support for format-compliance is required, so that content adap tation can be performed directlyon the encrypted data. With these considerations, networkfriendly selective encryption techniques have been developed, that employ Huffman en coder and set partitioning in hierarchical tree (SPIHT) encoder at the entropy coding stage. The first framework integrates encryption with compression, using Huffman encoding. Non-compliance of the prefix condition of the Huffman codewords and violation of the opti mally condition generates significant compression overhead and an invalid dictionary; this consequently crashes the decoder. With the consideration of intricacies involved due to Huffman encoding, chaos based map has been utilised to modify the dictionary. Probability distribution of the source symbols has been considered to maintain the compression ra tio, even after encryption. To ensure adaptation of encrypted content, the prefix condition of the Huffman codewords and distinct nature of Huffman symbols has been considered. Extensive security analysis has been performed to validate the ability to withstand various cryptanalytic attacks. The ability to decode the Huffman encoded data with a scrambled dictionary, ascertains its utility for real time secure end-to-end image communication. Another network-friendly encryption technique has been developed using scalable SPIHT encoder at the entropy coding stage. As all the SPIHT compressed bits do not equally contribute to the security level, encryption of only the significant bits is targeted. However, determination of bit significance is a challenging task. Considering the SPIHT bitstream generation logic, a deciding criterion, to select the significant bits, has been de veloped. The selected bits have been encrypted using a block and a stream cipher. This provides a two-tier security level by not only encrypting the bit values but also maintaining iii Abstract the secrecy of encrypted bit locations. Extensive performance and security analysis has been demonstrated to ascertain the high perceptual and cryptographic security attained. Analysis has also been demonstrated to validate the scalability property of the encrypted bitstream. This would make the proposed cryptosystem suitable for heterogeneous net works. Apart from encryption at different placement positions, a second line of defence used in DRM technologies is watermarking. This is a reactive security solution, that embeds an identity mark in the original content to prove content ownership at a later stage. To achieve an enhanced security level, watermarking and encryption are combined with each other. However, combination of these two techniques with the compression function, requires careful consideration. This is due to the fact that compression is an important part of real time image communication, and at the same time, an attackfor the embedded watermark. Considering the intricacies involved due to compression, a novel joint watermarking and encryption framework hasbeen developed. It embeds the watermark in singular values of the transformed image, and selectively encrypts the watermarked image during SPIHT compression. Visibility of the watermark is controlled by varying the watermark strength. Thorough analysis has been performed to ascertain the robustness of embedded water mark against compression and other image processing attacks. It has been ascertained that there is no adverse effect on the compression efficiency of the SPIHT encoder. Anal ysis has been performed to prove content ownership from compressed, encrypted as well as attacked image. Comparative analysis reflects a better performance of the proposed framework, despite less amountof data being secured. To summarise the present state of affairs, the diversity in the kinds of digital data, its different applications, and their specific security requirements, makes it impractical to implement a single encryption technique for all such applications. The present work is an effort to contribute to this important field by proposing new solutions and framework, with the consideration of various constraints andapplication requirements. Continuous and productive efforts are required to keep pace with the emerging image applications and their security requirements.