01-06-2012, 12:31 PM
e-Fraud Prevention based on the Self-Authentication of e-Documents
e-Fraud Prevention based on the Self-Authentication.pdf (Size: 4.08 MB / Downloads: 48)
Abstract
—We consider a method for preventing e-Fraud in
which a binary image is encrypted with a floating point cipher
using a convolution operation and the output quantized into a
1-bit array generating a binary image ciphertext. The output
is then ‘embedded’ in a host image to hide the encrypted
information. Embedding is undertaken either in the lowest 1-
bit layer or multiple 1-bit layers.
INTRODUCTION
One of the principal weaknesses of all encryption systems
is that the form of the output data (the ciphertext), if
intercepted, alerts the intruder to the fact that the information
being transmitted may have some importance and that it is
therefore worth attacking and attempting to decrypt it. This
aspect of ciphertext transmission can be used to propagate
disinformation, achieved by encrypting information that is
specifically designed to be intercepted and decrypted. In this
case, we assume that the intercept will be attacked, decrypted
and the information retrieved. The ‘key’ to this approach
is to make sure that the ciphertext is relatively strong
(but not too strong!) and that the information extracted is
of good quality in terms of providing the attacker with
‘intelligence’ that is perceived to be valuable and compatible
with their expectations, i.e. information that reflects the concerns/
interests of the individual(s) and/or organisation(s) that
encrypted the data.
STEGANOGRAPHY
The word ‘Steganography’ is of Greek origin and means
‘covered’, or ‘hidden writing’. In general, a steganographic
message appears as something else known as a covertext.
The conversion of a ciphertext to another plaintext form
is called Stegotext conversion and is based on the use of
Covertext.
STOCHASTIC CONFUSION AND DIFFUSION
In terms of plaintexts, diffusion is concerned with the
issue that, at least on a statistical basis, similar plaintexts
should result in completely different ciphertexts even when
encrypted with the same key. This requires that any element
of the input block influences every element of the output
block in an irregular fashion. In terms of a key, diffusion
ensures that similar keys result in completely different
ciphertexts even when used for encrypting the same block of
plaintext. This requires that any element of the input should
influence every element of the output in an irregular way.
This property must also be valid for the decryption process
because otherwise an intruder may be able to recover parts
of the input from an observed output by a partly correct
guess of the key used for encryption. The diffusion process
is a function of the sensitivity to initial conditions that all
cryptographic systems must have.
DISCUSSION
The use of the internet to transfer documents as image
attachments has and continues to grow rapidly as part of
a global EDI infrastructure. It is for this ‘market’ that
the approach reported in this paper has been developed.
Inserting a binary watermark into a host image obtained by
binarizing a floating point ciphertext of a document provides
a cryptographically secure solution. Although the watermark
can be easily removed from the covertext image - unless 2-
bit randomization is implemented as discussed in Section
IV(D) - it can not be decrypted without the recipient having
access to the correct cryptographically secure algorithm and
key.