| It is very easy to change the content of a digital image with some modern powerful image processing software such as Photoshop. People can not tell whether an image is authentic or not. Seeing is not believing nowadays. Image authentication is a technology used to detect malicious manipulations on images and to localize the tampering if any. People have proposed a lot of algorithms under different circumstances. However, many of them have security problems which may be utilized by intentional adversaries to modify images to desired contents without being detected by the schemes. Hence, people have doubts whether current image authentication technology can be trusted to check the authenticity of images, as counteracts the applications of image authentication.In this thesis, we first summarize the principles of image authentication systems. Then, we focus on analyzing the security of three kinds of classical algorithms, including fragile watermarking based image authentication schemes using look-up table (LUT-FWBIA), pixel-wise image authentication schemes based on fragile watermarking (P-FWBIA), and digital signature based Self Authentication and Recovery Image system (SARI). The first two kinds of algorithms aim to detect any manipulations and to localize malicious modifications to a single pixel, while SARI system is used to distinguish JPEG lossy compression from other manipulations. A novel secure pixel-wise image authentication scheme based on fragile watermarking is also proposed. The main work and contributions are summarized as follows:1. As for LUT-FWBIA algorithms, we exploited the fact that each pixel is perturbed if necessary to embed a desired watermark bit by using one or more secret lookup table. We then proposed an Efficient Oracle Attack (EOA), which can be launched to modify authentic images without being detected by the algorithms. The main idea of this attack is to pick up an arbitrary pixel from the image, modify the pixel value designedly, submit the modified image to the oracle and observe the output. The secret lookup table can be deduced after 255 oracle tests for 8-bit grayscale images or 765 oracle tests for 24-bit RGB color images, despite how much the image size is. Once the lookup table is found, one can modify the authentic image or counterfeit the same watermark in a new image without being detected by these algorithms.2. As to P-FWBIA schemes, some researchers have pointed out that all the watermark bits are embedded sequentially. Based on this feature, we presented another oracle attack to show that all the pixel-wise fragile watermarking schemes in the literature can not provide trustworthy authentication. When launching the attack, we find the first pixel which is detected by the oracle according to the order of watermark embedding and then repeat to adjust it and submit the modified image to the oracle until the tamper localization result shows that the current pixel has not been modified. Continue the above process for other pixels and a new authentic image can be counterfeited finally. On the average, it needs two oracle tests for a single pixel. If the watermark embedding order is unknown, it requires some more oracle tests to find the order first.3. Based on the weakness of SARI when the image features are extracted only using k=0, a so-called histogram attack is proposed to fool the system. Additionally, an effective oracle attack on SARI is also proposed when the secret block pairing is non-overlapping. The secret block pairing can be found after two-stage oracle tests. For an image with # 8×8 DCT blocks, it needs about #2/8 oracle tests to find the secret pairs and fool the system.4. We proposed a novel secure pixel-wise fragile watermarking scheme, denoted as DLSP-FWBIA, which can survive all the reported attacks in the literature. The main idea is to separate the tamper detection and tamper localization. The algorithm can detect any manipulations and can localize the modifications to a single-pixel level. Experiments show that the algorithm is very effec...
|
PDF Full Text Request