A Secret-Sharing-Based Method for Authentication of Grayscale Document Images via the Use of the PNG Image With a Data Repair CapabilityAbstract

A new blind authentication method based on the secret sharing technique with a data repair capability for grayscale document images via the use of the Portable Network Graphics (PNG) image is proposed. An authentication signal is generated for each block of a grayscale document image, which, together with the binarized block content, is transformed into several shares using the Shamir secret sharing scheme. The involved parameters are carefully chosen so that as many shares as possible are generated and embedded into an alpha channel plane. The alpha channel plane is then combined with the original grayscale image to form a PNG image. During the embedding process, the computed share values are mapped into a range of alpha channel values near their maximum value of 255 to yield a transparent stego-image with a disguise effect. In the process of image authentication, an image block is marked as tampered if the authentication signal computed from the current block content does not match that extracted from the shares embedded in the alpha channel plane. Data repairing is then applied to each tampered block by a reverse Shamir scheme after collecting two shares from unmarked blocks. Measures for protecting the security of the data hidden in the alpha channel are also proposed. Good experimental results prove the effectiveness of the proposed method for real applications. Introduction

DIGITAL image is a form for preserving important information. However, with the fast advance of digital technologies, it is easy to make visually imperceptible modifications to the contents of digital images. How to ensure the integrity and the authenticity of a digital image is thus a challenge. It is desirable

to design effective methods to solve this kind of image authentication problem , particularly for images of documents whose security must be protected. It is also hoped that, if part of a document image is verified to have been illicitly altered,the destroyed content can be repaired. Such image content authentication and self-repair capabilities are useful for the security protection of digital documents in many fields, such as important certificates, signed documents, scanned checks, circuit diagrams, art drawings, design drafts, last will and testaments, and so on.Document images, which include texts, tables, line arts, etc., as main contents, are often digitized into grayscale images with two major gray values, one being of the background (including mainly blank spaces) and the other of the foreground (including mainly texts). It is noted that such images, although gray valued in nature, look like binary. For example, the two major gray values in the document

respectively. It seems that such binary-like grayscale document images may be thresholded into binary ones for later processing, but such a thresholding operation often destroys the smoothness of the boundaries of text characters, resulting in visually unpleasant stroke appearances with zigzag contours. Therefore, in practical applications, text documents are often digitized and kept as grayscale images for later visual inspection. In general, the image authentication problem is difficult for a binary document image because of its simple binary nature that

leads to perceptible changes after authentication signals are embedded in the image pixels. Such changes will arouse possible suspicions from attackers. A good solution to such binary image authentication should thus take into account not only the security issue of preventing image tampering but also the necessity of keeping the visual quality of the resulting image. In this paper, we propose an authentication method that deals with binary-like grayscale document images instead of pure binary ones and simultaneously solves the problems of image tampering detection and visual quality keeping.

Several methods for binary image authentication have been proposed in the past. Wu and Liu manipulated the so-called flippable pixels to create specific relationships to embed data for authentication and annotation of binary images. Yang and Kot proposed a two-layer binary image authentication method in which one layer is used for checking the image fidelity and the other for checking image integrity. In the method, a connectivity- preserving transition criterion for determining the flippability of a pixel is used for embedding the cryptographic signature and the block identifier. Later, Yang and Kot proposed a pattern-based data hiding method for binary image authentication in which three transition criteria are used to determine the flippabilities of pixels in each block, and the watermark is adaptively embedded into embeddable blocks to deal with the uneven

embeddability condition in the host image. In the method proposed in, a set of pseudorandom pixels in a binary or halftone image are chosen and cleared, and authentication codes are accordingly computed and inserted into selected random pixels. In Tzeng and Tsais method , randomly generated authentication codes are embedded into image blocks for use in image authentication, and a so-called code holder is used to reduce image distortion resulting from data embedding. Lee et al. proposed a Hamming-code-based data embedding method that flips one pixel in each binary image block for embedding a watermark, yielding small distortions and low false negative rates. Lee et al. Improved the method later by using an edge line similarity measure to select flippable pixels for the purpose of reducing the distortion.

Literature Review

1.Multipurpose watermarking for image authentication and protection

We propose a novel multipurpose watermarking scheme, in which robust and fragile watermarks are simultaneously embedded, for copyright protection and content authentication. By quantizing a host image's wavelet coefficients as masking threshold units (MTUs), two complementary watermarks are embedded using cocktail watermarking and they can be blindly extracted without access to the host image. For the purpose of image protection, the new scheme guarantees that, no matter what kind of attack is encountered, at least one watermark can survive well. On the other hand, for the purpose of image authentication, our approach can locate the part of the image that has been tampered with and tolerate some incidental processes that have been executed. Experimental results show that the performance of our multipurpose watermarking scheme is indeed superb in terms of robustness and fragility.

2. Hierarchical watermarking for secure image authentication with localization

Several fragile watermarking schemes presented in the literature are either vulnerable to vector quantization (VQ) counterfeiting attacks or sacrifice localization accuracy to improve security. Using a hierarchical structure, we propose a method that thwarts the VQ attack while sustaining the superior localization properties of blockwise independent watermarking methods. In particular, we propose dividing the image into blocks in a multilevel hierarchy and calculating block signatures in this hierarchy. While signatures of small blocks on the lowest level of the hierarchy ensure superior accuracy of tamper localization, higher level block signatures provide increasing resistance to VQ attacks. At the top level, a signature calculated using the whole image completely thwarts the counterfeiting attack. Moreover, "sliding window" searches through the hierarchy enable the verification of untampered regions after an image has been cropped. We provide experimental results to demonstrate the effectiveness of our method.

3. Data hiding in binary image for authentication and annotation

This paper proposes a new method to embed data in binary images, including scanned text, figures, and signatures. The method manipulates "flippable" pixels to enforce specific block-based relationship in order to embed a significant amount of data without causing noticeable artifacts. Shuffling is applied before embedding to equalize the uneven embedding capacity from region to region. The hidden data can be extracted without using the original image, and can also be accurately extracted after high quality printing and scanning with the help of a few registration marks. The proposed data embedding method can be used to detect unauthorized use of a digitized signature, and annotate or authenticate binary documents. The paper also presents analysis and discussions on robustness and security issues.

Existing System:

Several methods for binary image authentication have been proposed in the past. Wu and Liu manipulated the so-called flippable pixels to create specific relationships to embed data for authentication and annotation of binary images.

Yang and Kot proposed a two-layer binary image authentication method in which one layer is used for checking the image fidelity and the other for checking image integrity. In the method, a connectivity- preserving transition criterion for determining the flippability of a pixel is used for embedding the cryptographic signature and the block identifier.

Yang and Kot proposed a pattern-based data hiding method for binary image authentication in which three transition criteria are used to determine the flippabilities of pixels in each block, and the watermark is adaptively embedded into embeddable blocks to deal with the uneven embeddability condition in the host image. In the method proposed a set of pseudorandom pixels in a binary or halftone image are chosen and cleared, and authentication codes are accordingly computed and inserted into selected random pixels.

In Tzeng and Tsais method, randomly generated authentication codes are embedded into image blocks for use in image authentication, and a so-called code holder is used to reduce image distortion resulting from data embedding.

Lee et al. proposed a Hamming-code-based data embedding method that flips one pixel in each binary image block for embedding a watermark, yielding small distortions and low false negative rates.

Lee et al. improved the method later by using an edge line similarity measure to select flippable pixels for the purpose of reducing the distortion.Proposed SystemIn this paper, a method for the authentication of document images with an additional self-repair capability for fixing tampered image data is proposed. The input cover image is assumed to be a binary-like grayscale image with two major gray values. After the proposed method is applied, the cover image is transformed into a stego-image in the Portable Network Graphics (PNG) format with an additional alpha channel for transmission on networks or archiving in databases. The stego-image, when received or retrieved, may be verified by the proposed method for its authenticity. Integrity modifications of the stego-image can be detected by the method at the block level and repaired at the pixel level. In case the alpha channel is totally removed from the stego-image, the entire resulting image is regarded as inauthentic, meaning that the fidelity check of the image fails. The proposed method is based on the so-called -threshold secret sharing scheme proposed by Shamir in which a secret message is transformed into shares for keeping by participants, and when of the shares, not necessarily all of them, are collected, the secret message can be losslessly recovered. Such a secret sharing scheme is useful for reducing the risk of incidental partial data loss.

Conventionally, the concepts of secret sharing and data hiding for image authentication are two irrelevant issues in the domain of information security. However, in the proposed method, we combine them together to develop a new image authentication technique. The secret sharing scheme is used in the developed technique not only to carry authentication signals and image content data but also to help repair tampered data through the use of shares.Hardware requirements:

Processor : Any Processor above 500 MHz.

Ram : 1 GB.

Hard Disk : 10 GB.

Compact Disk : 650 Mb.

Input device : Standard Keyboard and Mouse.

Software requirements:

Operating System : Windows Xp.

Technology : Net Beans 7.1

: Jdk1.6

System Architecture

Modules

1. Stego Image Generation2. Embedding authentic signals3. Stego Image verification4. Self Repairing

Module Description

1. Stego Image Generation

In this module we generate the stego image. The Image can be generated using adding a alpha plane channel.2. Embedding authentic signals

The following step will be used to embed the authentication signal in stego image. a. Convert gray scale image to binary image

b. Transform the cover image into the PNG formatc. Create of authentication signalsd. Create of data for secret sharinge. Partial share generationf. Map partial sharesg. Embed two partial shares in the current blockh. Embed remaining partial shares at random pixels3. Stego Image verification

In this module we extract the embedded gray scale values and verify the stego image.

The following step will be used to verify the stego image.

a. Extraction of the hidden authentication signalb. Computation of the authentication signal from the current block contentc. Matching of the hidden and computed authentication signals and marking of tampered blocks4. Self Repairing

In this module we extract the remaining partial shares and repair the tampered regions. Data Flow Diagram

DFD

Use Case Diagram

Class Diagram

Activity Diagram

Sequence Diagram

Collaboration Diagram

Software DescriptionJava Technology

Java technology is both a programming language and a platform.

The Java Programming Language

The Java programming language is a high-level language that can be characterized by all of the following buzzwords:

Simple

Architecture neutral

Object oriented

Portable

Distributed

High performance

Interpreted

Multithreaded

Robust

Dynamic

Secure

With most programming languages, you either compile or interpret a program so that you can run it on your computer. The Java programming language is unusual in that a program is both compiled and interpreted. With the compiler, first you translate a program into an intermediate language called Java byte codes the platform-independent codes interpreted by the interpreter on the Java platform. The interpreter parses and runs each Java byte code instruction on the computer. Compilation happens just once; interpretation occurs each time the program is executed. The following figure illustrates how this works.

WORKING OF JAVA

You can think of Java bytecodes as the machine code instructions for the Java Virtual Machine (Java VM). Every Java interpreter, whether its a development tool or a Web browser that can run applets, is an implementation of the Java VM. Java bytecodes help make write once, run anywhere possible. You can compile your program into bytecodes on any platform that has a Java compiler. The bytecodes can then be run on any implementation of the Java VM. That means that as long as a computer has a Java VM, the same program written in the Java programming language can run on Windows 2000, a Solaris workstation, or on an iMac.

The Java Platform

A platform is the hardware or software environment in which a program runs. Weve already mentioned some of the most popular platforms like Windows 2000, Linux, Solaris, and MacOS. Most platforms can be described as a combination of the operating system and hardware. The Java platform differs from most other platforms in that its a software-only platform that runs on top of other hardware-based platforms.

The Java platform has two components:

The Java Virtual Machine (Java VM)

The Java Application Programming Interface (Java API)

Youve already been introduced to the Java VM. Its the base for the Java platform and is ported onto various hardware-based platforms.

The Java API is a large collection of ready-made software components that provide many useful capabilities, such as graphical user interface (GUI) widgets. The Java API is grouped into libraries of related classes and interfaces; these libraries are known as packages. The next section, What Can Java Technology Do?, highlights what functionality some of the packages in the Java API provide.

The following figure depicts a program thats running on the Java platform. As the figure shows, the Java API and the virtual machine insulate the program from the hardware.

THE JAVA PLATFORM

Native code is code that after you compile it, the compiled code runs on a specific hardware platform. As a platform-independent environment, the Java platform can be a bit slower than native code. However, smart compilers, well-tuned interpreters, and just-in-time bytecode compilers can bring performance close to that of native code without threatening portability.

What Can Java Technology Do?

The most common types of programs written in the Java programming language are applets and applications. If youve surfed the Web, youre probably already familiar with applets. An applet is a program that adheres to certain conventions that allow it to run within a Java-enabled browser.

However, the Java programming language is not just for writing cute, entertaining applets for the Web. The general-purpose, high-level Java programming language is also a powerful software platform. Using the generous API, you can write many types of programs.

An application is a standalone program that runs directly on the Java platform. A special kind of application known as a server serves and supports clients on a network. Examples of servers are Web servers, proxy servers, mail servers, and print servers. Another specialized program is a servlet. A servlet can almost be thought of as an applet that runs on the server side. Java Servlets are a popular choice for building interactive web applications, replacing the use of CGI scripts. Servlets are similar to applets in that they are runtime extensions of applications. Instead of working in browsers, though, servlets run within Java Web servers, configuring or tailoring the server.

How does the API support all these kinds of programs? It does so with packages of software components that provide a wide range of functionality. Every full implementation of the Java platform gives you the following features:

The essentials: Objects, strings, threads, numbers, input and output, data structures, system properties, date and time, and so on.

Applets: The set of conventions used by applets.

Networking: URLs, TCP (Transmission Control Protocol), UDP (User Data gram Protocol) sockets, and IP (Internet Protocol) addresses.

Internationalization: Help for writing programs that can be localized for users worldwide. Programs can automatically adapt to specific locales and be displayed in the appropriate language.

Security: Both low level and high level, including electronic signatures, public and private key management, access control, and certificates.

Software components: Known as JavaBeansTM, can plug into existing component architectures.

Object serialization: Allows lightweight persistence and communication via Remote Method Invocation (RMI).

Java Database Connectivity (JDBCTM): Provides uniform access to a wide range of relational databases.

The Java platform also has APIs for 2D and 3D graphics, accessibility, servers, collaboration, telephony, speech, animation, and more. The following figure depicts what is included in the Java 2 SDK.

FIGURE 4 JAVA 2 SDK

ODBC

Microsoft Open Database Connectivity (ODBC) is a standard programming interface for application developers and database systems providers. Before ODBC became a de facto standard for Windows programs to interface with database systems, programmers had to use proprietary languages for each database they wanted to connect to. Now, ODBC has made the choice of the database system almost irrelevant from a coding perspective, which is as it should be. Application developers have much more important things to worry about than the syntax that is needed to port their program from one database to another when business needs suddenly change.

Through the ODBC Administrator in Control Panel, you can specify the particular database that is associated with a data source that an ODBC application program is written to use. Think of an ODBC data source as a door with a name on it. Each door will lead you to a particular database. For example, the data source named Sales Figures might be a SQL Server database, whereas the Accounts Payable data source could refer to an Access database. The physical database referred to by a data source can reside anywhere on the LAN.

Windows 95 does not install the ODBC system files on your system. Rather, they are installed when you setup a separate database application, such as SQL Server Client or Visual Basic 4.0. When the ODBC icon is installed in Control Panel, it uses a file called ODBCINST.DLL. It is also possible to administer your ODBC data sources through a stand-alone program called ODBCADM.EXE. There is a 16-bit and a 32-bit version of this program, and each maintains a separate list of ODBC data sources.

From a programming perspective, the beauty of ODBC is that the application can be written to use the same set of function calls to interface with any data source, regardless of the database vendor. The source code of the application doesnt change whether it talks to Oracle or SQL Server. We only mention these two as an example. There are ODBC drivers available for several dozen popular database systems. Even Excel spreadsheets and plain text files can be turned into data sources. The operating system uses the Registry information written by ODBC Administrator to determine which low-level ODBC drivers are needed to talk to the data source (such as the interface to Oracle or SQL Server). The loading of the ODBC drivers is transparent to the ODBC application program. In a client/server environment, the ODBC API even handles many of the network issues for the application programmer.

The advantages of this scheme are so numerous that you are probably thinking there must be some catch. The only disadvantage of ODBC is that it isnt as efficient as talking directly to the native database interface. ODBC has had many detractors make the charge that it is too slow. Microsoft has always claimed that the critical factor in performance is the quality of the driver software that is used. In our humble opinion, this is true. The availability of good ODBC drivers has improved a great deal recently. And anyway, the criticism about performance is somewhat analogous to those who said that compilers would never match the speed of pure assembly language. Maybe not, but the compiler (or ODBC) gives you the opportunity to write cleaner programs, which means you finish sooner. Meanwhile, computers get faster every year.

Conclusion A new blind image authentication method with a data repair capability for binary-like grayscale document images based on secret sharing has been proposed. Both the generated authentication signal and the content of a block have been transformed into partial shares by the Shamir method, which have been then distributed in a well-designed manner into an alpha channel plane to create a stego-image in the PNG format. The undesired opaque effect visible in the stego-image coming from embedding the partial shares has been eliminated by mapping the share values into a small range of alpha channel values near their maximum

transparency value of 255. In the process of image block authentication, a block in the stego-image has been regarded as having been tampered with if the computed authentication signal does not match that extracted from corresponding partial shares in the alpha channel plane. For the self-repairing of the content of a tampered block, the reverse Shamir scheme has been used to compute the original

content of the block from any two untampered shares. Measures for enhancing the security of the data embedded in the alpha channel plane have been also proposed. Experimental results have been shown to prove the effectiveness of the proposed

method. Future studies may be directed to choices of other block sizes and related parameters (prime number, coefficients for secret sharing, number of authentication signal bits, etc.) to improve data repair effects. Applications of the proposed method to the authentication and the repairing of attacked color images

may be also tried.

References

[1] C. S. Lu and H. Y. M. Liao, Multipurpose watermarking for image authentication and protection, IEEE Trans. Image Process., vol. 10, no. 10, pp. 15791592, Oct. 2001.

[2] M. U. Celik, G. Sharma, E. Saber, and A. M. Tekalp, Hierarchical watermarking for secure image authentication with localization, IEEE Trans. Image Process., vol. 11, no. 6, pp. 585595, Jun. 2002.

[3] Z. M. Lu, D. G. Xu, and S. H. Sun, Multipurpose image watermarking

algorithm based on multistage vector quantization, IEEE Trans. Image Process., vol. 14, no. 6, pp. 822831, Jun. 2005.[4] M. Wu and B. Liu, Data hiding in binary images for authentication and annotation, IEEE Trans. Multimedia, vol. 6, no. 4, pp. 528538, Aug. 2004.

[5] H. Yang and A. C. Kot, Binary image authentication with tampering localization by embedding cryptographic signature and block identifier, IEEE Signal Process. Lett., vol. 13, no. 12, pp. 741744, Dec. 2006.

[6] H. Yang and A. C. Kot, Pattern-based data hiding for binary images authentication by connectivity-preserving, IEEE Trans. Multimedia, vol. 9, no. 3, pp. 475486, Apr. 2007.

[7] H. Y. Kim and A. A?f, Secure authentication watermarking for halftone and binary images, Int. J. Imag. Syst. Technol., vol. 14, no. 4, pp. 147152, 2004.

[8] C. H. Tzeng and W. H. Tsai, A new approach to authentication of binary images for multimedia communication with distortion reduction and security enhancement, IEEE Commun. Lett., vol. 7, no. 9, pp. 443445, Sep. 2003.

[9] Y. Lee, J. Hur, H. Kim, Y. Park, and H. Yoon, A new binary image authentication scheme with small distortion and low false negative rates,

IEICE Trans. Commun., vol. E90-B, no. 11, pp. 32593262, Nov. 2007.

[10] Y. Lee, H. Kim, and Y. Park, A new data hiding scheme for binary image authentication with small image distortion, Inf. Sci., vol. 179, no. 22, pp. 38663884, Nov. 2009.

Appendix

Screen shots

Source Document Image

Add Alpha Channel Plane

Embed Authentication Signals

Generate Stego Image

Check Authentic

Repair Tampered Blocks

Remove alpha Channel Plane

Get Original or repaired document Image

User

Add Alpha Channel Plane

Source Document Image

Binarization

Embedding

Secret Sharing Scheme

Data For authentication and repairing

Mapping

Partial Shares

Mapped Partial Shares

Stego Image

Stego Image

Extract Shares

Inverse secret Sharing Scheme

Binarization

Compute Authenticate Data

Compare

Authentic

Match

No Match

Repair