An Enhanced Approach of Image Steganographic Using Discrete Shearlet Transform and Secret Sharing

               في الآونة الأخيرة، جعل الإنترنت المستخدمين قادرين على نقل الوسائط الرقمية بطريقة أسهل. على الرغم من هذه السهولة للإنترنت، إلا أنه قد تؤدي إلى العديد من التهديدات التي تتعلق بسرية محتويات الوسائط المنقولة مثل مصادقة الوسائط والتحقق من تكاملها. لهذه الأسباب ، يتم استخدام أساليب إخفاء البيانات والتشفير لحماية محتويات الوسائط الرقمية. في هذه الورقة البحثية ، تم اقتراح طريقة معززة لإخفاء المعلومات بالصور مع التشفير المرئي. يتم تشفير الشعار السري (صورة ثنائية) بالحجم (128 × 128) عن طريق تطبيق التشفير البصري (2 out 2 share) لتوليد مشاركتين سريتين. أثناء عملية التضمين ، يتم تقسيم الصورة غطاء RGB بحجم (512 × 512) إلى ثلاث طبقات (الأحمر والأخضر والأزرق). يتم تحويل الطبقة الزرقاء باستخدام التحويل Shearlet المتقطع للحصول على معاملاتها. يتم تضمين المشاركة السرية الأولى في معاملات الطبقة الزرقاء المحولة للحصول على صورة الاخفاء. في عملية الاستخراج ، يتم استخراج المشاركة السرية الأولى من معاملات الطبقة الزرقاء لصورة الاخفاء وثم يتم تطبيق عملية XOR عليها مع المشاركة السرية الثانية لإنشاء الشعار السري الأصلي. وفقًا للنتائج التجريبية ، فإن الطريقة المقترحة قد حققت افضل نسبة من عدم الوضوح لصورة الاخفاء بقدرة الحمولة الصافية تساوي (1 bpp). أصبح الشعار السري أكثر أمانًا باستخدام التشفير المرئي (2 out 2 share)  والمشاركة السرية الثانية كمفتاح خاص ايضاً.  Recently, the internet has made the users able to transmit the digital media in the easiest manner. In spite of this facility of the internet, this may lead to several threats that are concerned with confidentiality of transferred media contents such as media authentication and integrity verification. For these reasons, data hiding methods and cryptography are used to protect the contents of digital media. In this paper, an enhanced method of image steganography combined with visual cryptography has been proposed. A secret logo (binary image) of size (128x128) is encrypted by applying (2 out 2 share) visual cryptography on it to generate two secret share. During the embedding process, a cover red, green, and blue (RGB) image of size (512x512) is divided into three layers (red, green and blue). The blue layer is transformed using Discrete Shearlet Transform (DST) to obtain its coefficients. The first secret share is embedded at the coefficients of transformed blue layer to obtain a stego image. At extraction process, the first secret share is extracted from the coefficients of blue layer of the stego image and XORed with the second secret share to generate the original secret logo. According to the experimental results, the proposed method is achieved better imperceptibility for the stego image with the payload capacity equal to (1 bpp). In addition, the secret logo becomes more secured using (2 out 2 share) visual cryptography and the second secret share as a private key

Semi-Annual Report to Congress for the Period of October 1, 1999 to March 31, 2000

This Semiannual Report of the Office of Inspector General (OIG) details some of our most significant accomplishments for the period October 1, 1999–March 31, 2000. During this period, the OIG continued to focus our audit and investigative resources on activities that support our strategic plan goals. These goals reflect our vision of providing the Department and Congress with quality information, recommendations, and technical assistance. OIG audits, investigations, and evaluations conducted during this period have resulted in $29.7 million in questioned costs;$4.3 million in recommendations that funds be put to better use; 173 indictments; and 126 convictions representing nearly $39 million in investigative recoveries, restitutions, fines, or penalties. In examples that illustrate some of our accomplishments, the OIG has: audited the Workforce Investment Act’s One-Stop systems in seven states and found that the infrastructure required for the comprehensive One-Stop system is still being developed; therefore, a strong commitment is needed by Federal, state, and local partners in order to meet the July 1, 2000, implementation date; audited the Occupational Safety and Health Act coverage of public employees and found that 17 of the 29 states reviewed lacked some important elements of an adequate safety and health program for state and local government workers, or did not extend workplace safety and health coverage to their state and local government workers; conducted audits of a number of grants and contracts and identified questioned costs due to mismanagement or lack of compliance with financial management requirements. For example, we questioned$15.8 million in costs in our audit of the Puerto Rico Department of Labor and Human Resources and nearly $6 million in our audit of the National Senior Citizens Education and Research Center; followed up on a prior audit of State Employment Security Agencies’ success in identifying hidden (or unreported) wages and collecting related tax contributions. Because of this audit, 23 states recovered more than$2.5 million of Unemployment Insurance tax contributions during calendar year 1999; issued an evaluation that recommended additional internal controls and monitoring to reduce the Black Lung Disability Program’s vulnerability to fraud and excessive costs in the areas of blood gas tests and home oxygen; completed 137 worker benefits investigations resulting in almost $14.3 million in monetary accomplishments and 75 convictions; combated labor racketeering in unions and the workplace in the areas of employee benefit plans, labor-management relations, and internal union affairs. Our criminal investigations have yielded numerous indictments and convictions. In one investigation, for example, two investment bankers were sentenced and fined for their role in the loss of$9.3 million from a union pension fund; and called attention to legislative issues impacting the Department in the areas of program evaluation, workers’ compensation, information technology and security, occupational safety and health, and law enforcement authority. We have augmented our traditional role by working collaboratively and constructively with the Department to identify, early in the process, possible impediments that may affect DOL’s success in administering its programs and in serving the American public. Illustrative of this is the technical assistance we have been providing to the Bureau of International Labor Affairs to help develop management controls over its substantial new grant programs. In addition, we continue to assist the Department in the Government Performance and Results Act process to ensure that DOL’s performance goals are outcome based and directed toward measuring performance, and to assist the Employment and Training Administration in its efforts to implement the One-Stop delivery system as required under the Workforce Investment Act. I would like to commend all the OIG staff members for their diligent work and commitment toward effecting positive change, reducing vulnerabilities, and contributing to the achievement of DOL strategic goals. The OIG looks forward to continuing to work effectively with the Secretary, management, and departmental staff at all levels in our common goal of ensuring the effectiveness, efficiency, and integrity of the programs that serve and protect American workers and retirees

Naturally Rehearsing Passwords

We introduce quantitative usability and security models to guide the design of password management schemes --- systematic strategies to help users create and remember multiple passwords. In the same way that security proofs in cryptography are based on complexity-theoretic assumptions (e.g., hardness of factoring and discrete logarithm), we quantify usability by introducing usability assumptions. In particular, password management relies on assumptions about human memory, e.g., that a user who follows a particular rehearsal schedule will successfully maintain the corresponding memory. These assumptions are informed by research in cognitive science and validated through empirical studies. Given rehearsal requirements and a user's visitation schedule for each account, we use the total number of extra rehearsals that the user would have to do to remember all of his passwords as a measure of the usability of the password scheme. Our usability model leads us to a key observation: password reuse benefits users not only by reducing the number of passwords that the user has to memorize, but more importantly by increasing the natural rehearsal rate for each password. We also present a security model which accounts for the complexity of password management with multiple accounts and associated threats, including online, offline, and plaintext password leak attacks. Observing that current password management schemes are either insecure or unusable, we present Shared Cues--- a new scheme in which the underlying secret is strategically shared across accounts to ensure that most rehearsal requirements are satisfied naturally while simultaneously providing strong security. The construction uses the Chinese Remainder Theorem to achieve these competing goals

Physical layer authenticated image encryption for Iot network based on biometric chaotic signature for MPFrFT OFDM system

In this paper, a new physical layer authenticated encryption (PLAE) scheme based on the multi-parameter fractional Fourier transform–Orthogonal frequency division multiplexing (MP-FrFT-OFDM) is suggested for secure image transmission over the IoT network. In addition, a new robust multi-cascaded chaotic modular fractional sine map (MCC-MF sine map) is designed and analyzed. Also, a new dynamic chaotic biometric signature (DCBS) generator based on combining the biometric signature and the proposed MCC-MF sine map random chaotic sequence output is also designed. The final output of the proposed DCBS generator is used as a dynamic secret key for the MPFrFT OFDM system in which the encryption process is applied in the frequency domain. The proposed DCBS secret key generator generates a very large key space of (Formula presented.). The proposed DCBS secret keys generator can achieve the confidentiality and authentication properties. Statistical analysis, differential analysis and a key sensitivity test are performed to estimate the security strengths of the proposed DCBS-MP-FrFT-OFDM cryptosystem over the IoT network. The experimental results show that the proposed DCBS-MP-FrFT-OFDM cryptosystem is robust against common signal processing attacks and provides a high security level for image encryption application. © 2023 by the authors

Diversity As A Trade Secret

When we think of trade secrets, we often think of famous examples such as the Coca-Cola formula, Google’s algorithm, or McDonald’s special sauce used on the Big Mac. However, companies have increasingly made the novel argument that diversity data and strategies are protected trade secrets. This may sound like an unusual, even suspicious, legal argument. Many of the industries that dominate the economy in wealth, status, and power continue to struggle with a lack of diversity. Various stakeholders have mobilized to improve access and equity, but there is an information asymmetry that makes this pursuit daunting. When potential plaintiffs and other diversity advocates request workforce statistics and related employment information, many companies have responded with virulent attempts to maintain secrecy, including the use of trade secret protection. In this Article, I use the technology industry as an example to examine the trending legal argument of treating diversity as a trade secret. I discuss how companies can use this tactic to hide gender and race disparities and interfere with the advancement of civil rights law and workplace equity. I argue that instead of permitting companies to hide information, we should treat diversity data and strategies as public resources. This type of open model will advance the goals of equal opportunity law by raising awareness of inequalities and opportunities, motivating employers to invest in effective practices, facilitating collaboration on diversity goals, fostering innovation, and increasing accountability for action and progress

Protecting Data by Improving Quality of Stego Image based on Enhanced Reduced difference Expansion

In this era of internet development, security of information sharing is the main problem faced by human being. Data hiding technique is one of the solutions. However, hiding credential information within a multimedia file such as image reduces its visual quality. Therefore, unauthorized users may suspect the existance of secret data within that image. In the past years, various data hiding algorithms have been developed by researchers to overcome the problem of high distortion of image after data embedding process. Achieving a high quality stego image, however, is still a challenging problem. In this paper, we proposed a new data hiding algorithm based on different expansion. It aims to enhance the quality of stego image for a given payload size. The new algorithm is evaluated on various medical images. Thereafter, the experimental results show that the visual quality is improved; and increasing the embedding capacity leads to more noises. Therefore, a better choice of base point and a reduced difference expansion affect the quality of stego image

A review on structured scheme representation on data security application

With the rapid development in the era of Internet and networking technology, there is always a requirement to improve the security systems, which secure the transmitted data over an unsecured channel. The needs to increase the level of security in transferring the data always become the critical issue. Therefore, data security is a significant area in covering the issue of security, which refers to protect the data from unwanted forces and prevent unauthorized access to a communication. This paper presents a review of structured-scheme representation for data security application. There are five structured-scheme types, which can be represented as dual-scheme, triple-scheme, quad-scheme, octal-scheme and hexa-scheme. These structured-scheme types are designed to improve and strengthen the security of data on the application

Improved Deep Hiding/Extraction Algorithm to Enhance the Payload Capacity and Security Level of Hidden Information

Steganography algorithms have become a significant technique for preventing illegal users from obtaining secret data. In this paper, a deep hiding/extraction algorithm has been improved (IDHEA) to hide a secret message in colour images. The proposed algorithm has been applied to enhance the payload capacity and reduce the time complexity. Modified LSB (MLSB) is based on disseminating secret data randomly on a cover-image and has been proposed to replace a number of bits per byte (Nbpb), up to 4 bits, to increase payload capacity and make it difficult to access the hiding data. The number of levels of the IDHEA algorithm has been specified randomly; each level uses a colour image, and from one level to the next, the image size is expanded, where this algorithm starts with a small size of a cover-image and increases the size of the image gradually or suddenly at the next level, according to an enlargement ratio. Lossless image compression based on the run-length encoding algorithm and Gzip has been applied to enable the size of the data that is hiding at the next level, and data encryption using the Advanced Encryption Standard algorithm (AES) has been introduced at each level to enhance the security level. Thus, the effectiveness of the proposed IDHEA algorithm has been measured at the last level, and the performance of the proposed hiding algorithm has been checked by many statistical and visual measures in terms of the embedding capacity and imperceptibility. Comparisons between the proposed approach and previous work have been implemented; it appears that the intended approach is better than the previously modified LSB algorithms, and it works against visual and statistical attacks with excellent performance achieved by using the detection error (PE). Furthermore, the results confirmed that the stego-image with high imperceptibility has reached even a payload capacity that is large and replaces twelve bits per pixel (12-bpp). Moreover, testing is confirmed in that the proposed algorithm can embed secret data efficiently with better visual quality

Secret-key rates and privacy leakage in biometric systems

In this thesis both the generation of secret keys from biometric data and the binding of secret keys to biometric data are investigated. These secret keys can be used to regulate access to sensitive data, services, and environments. In a biometric secrecy system a secret key is generated or chosen during an enrollment procedure in which biometric data are observed for the first time. This key is to be reconstructed after these biometric data are observed for the second time when authentication is required. Since biometric measurements are typically noisy, reliable biometric secrecy systems also extract so-called helper data from the biometric observation at the time of enrollment. These helper data facilitate reliable reconstruction of the secret key in the authentication process. Since the helper data are assumed to be public, they should not contain information about the secret key. We say that the secrecy leakage should be negligible. Important parameters of biometric key-generation and key-binding systems include the size of the generated or chosen secret key and the information that the helper data contain (leak) about the biometric observation. This latter parameter is called privacy leakage. Ideally the privacy leakage should be small, to prevent the biometric data of an individual from being compromised. Moreover, the secret-key length (also characterized by the secret-key rate) should be large to minimize the probability that the secret key is guessed and unauthorized access is granted. The first part of this thesis mainly focuses on the fundamental trade-off between the secret-key rate and the privacy-leakage rate in biometric secret-generation and secretbinding systems. This trade-off is studied from an information-theoretical perspective for four biometric settings. The first setting is the classical secret-generation setting as proposed by Maurer [1993] and Ahlswede and Csiszár [1993]. For this setting the achievable secret-key vs. privacy-leakage rate region is determined in this thesis. In the second setting the secret key is not generated by the terminals, but independently chosen during enrollment (key binding). Also for this setting the region of achievable secret-key vs. privacy-leakage rate pairs is determined. In settings three and four zero-leakage systems are considered. In these systems the public message should contain only a negligible amount of information about both the secret key and the biometric enrollment sequence. To achieve this, a private key is needed, which can be observed only by the two terminals. Again both the secret generation setting and chosen secret setting are considered. For these two cases the regions of achievable secret-key vs. private-key rate pairs are determined. For all four settings two notions of leakage are considered. Depending on whether one looks at secrecy and privacy leakage separately or in combination, unconditional or conditional privacy leakage is considered. Here unconditional leakage corresponds to the mutual information between the helper data and the biometric enrollment sequence, while the conditional leakage relates to the conditional version of this mutual information, given the secret. The second part of the thesis focuses on the privacy- and secrecy-leakage analysis of the fuzzy commitment scheme. Fuzzy commitment, proposed by Juels and Wattenberg [1999], is, in fact, a particular realization of a binary biometric secrecy system with a chosen secret key. In this scheme the helper data are constructed as a codeword from an error-correcting code, used to encode a chosen secret, masked with the biometric sequence that has been observed during enrollment. Since this scheme is not privacy preserving in the conditional privacy-leakage sense, the unconditional privacy-leakage case is investigated. Four cases of biometric sources are considered, i.e. memoryless and totally-symmetric biometric sources, memoryless and input-symmetric biometric sources, memoryless biometric sources, and stationary and ergodic biometric sources. For the first two cases the achievable rate-leakage regions are determined. In these cases the secrecy leakage rate need not be positive. For the other two cases only outer bounds on achievable rate-leakage regions are found. These bounds, moreover, are sharpened for fuzzy commitment based on systematic parity-check codes. Using the fundamental trade-offs found in the first part of this thesis, it is shown that fuzzy commitment is only optimal for memoryless totally-symmetric biometric sources and only at the maximum secret-key rate. Moreover, it is demonstrated that for memoryless and stationary ergodic biometric sources, which are not input-symmetric, the fuzzy commitment scheme leaks information on both the secret key and the biometric data. Biometric sequences have an often unknown statistical structure (model) that can be quite complex. The last part of this dissertation addresses the problem of finding the maximum a posteriori (MAP) model for a pair of observed biometric sequences and the problem of estimating the maximum secret-key rate from these sequences. A universal source coding procedure called the Context-TreeWeighting (CTW) method [1995] can be used to find this MAP model. In this thesis a procedure that determines the MAP model, based on the so-called beta-implementation of the CTW method, is proposed. Moreover, CTW methods are used to compress the biometric sequences and sequence pairs in order to estimate the mutual information between the sequences. However, CTW methods were primarily developed for compressing onedimensional sources, while biometric data are often modeled as two-dimensional processes. Therefore it is proved here that the entropy of a stationary two-dimensional source can be expressed as a limit of a series of conditional entropies. This result is also extended to the conditional entropy of one two-dimensional source given another one. As a consequence entropy and mutual information estimates can be obtained from CTW methods using properly-chosen templates. Using such techniques estimates of the maximum secret-key rate for physical unclonable functions (PUFs) are determined from a data-set of observed sequences. PUFs can be regarded as inanimate analogues of biometrics