Privacy-preserving information hiding and its applications

The phenomenal advances in cloud computing technology have raised concerns about data privacy. Aided by the modern cryptographic techniques such as homomorphic encryption, it has become possible to carry out computations in the encrypted domain and process data without compromising information privacy. In this thesis, we study various classes of privacy-preserving information hiding schemes and their real-world applications for cyber security, cloud computing, Internet of things, etc. Data breach is recognised as one of the most dreadful cyber security threats in which private data is copied, transmitted, viewed, stolen or used by unauthorised parties. Although encryption can obfuscate private information against unauthorised viewing, it may not stop data from illegitimate exportation. Privacy-preserving Information hiding can serve as a potential solution to this issue in such a manner that a permission code is embedded into the encrypted data and can be detected when transmissions occur. Digital watermarking is a technique that has been used for a wide range of intriguing applications such as data authentication and ownership identification. However, some of the algorithms are proprietary intellectual properties and thus the availability to the general public is rather limited. A possible solution is to outsource the task of watermarking to an authorised cloud service provider, that has legitimate right to execute the algorithms as well as high computational capacity. Privacypreserving Information hiding is well suited to this scenario since it is operated in the encrypted domain and hence prevents private data from being collected by the cloud. Internet of things is a promising technology to healthcare industry. A common framework consists of wearable equipments for monitoring the health status of an individual, a local gateway device for aggregating the data, and a cloud server for storing and analysing the data. However, there are risks that an adversary may attempt to eavesdrop the wireless communication, attack the gateway device or even access to the cloud server. Hence, it is desirable to produce and encrypt the data simultaneously and incorporate secret sharing schemes to realise access control. Privacy-preserving secret sharing is a novel research for fulfilling this function. In summary, this thesis presents novel schemes and algorithms, including: • two privacy-preserving reversible information hiding schemes based upon symmetric cryptography using arithmetic of quadratic residues and lexicographic permutations, respectively. • two privacy-preserving reversible information hiding schemes based upon asymmetric cryptography using multiplicative and additive privacy homomorphisms, respectively. • four predictive models for assisting the removal of distortions inflicted by information hiding based respectively upon projection theorem, image gradient, total variation denoising, and Bayesian inference. • three privacy-preserving secret sharing algorithms with different levels of generality

Visual cryptography with cheating shares

Visual cryptography is a technique that applies the human visual system to decode encrypted information, such as text, image and number, without any sophisticated devices and computing capabilities. Therefore, compared with the traditional cryptography, it is apparent that it saves a large amount of time and money on devices and computations. Also, visual cryptography provides the convenience for humans to carry out decryption with a portal card which is significant to the business application. In the past decade, visual cryptography has been thoroughly researched not only on its contrast and subpixel expansion, but also on its applications. The main contribution of this thesis is the security of visual cryptography related to the dishonest shareholders. This is the first known work concerning this variety of potentially secure problem. In the previous papers, the shareholders are inherently honest. However, in the real world, it is impossible to guarantee that every shareholder would be honest forever(e.g., because of the interest of business or military, some shareholders might change to be the traitors). Therefore, a new method based on visual authentication[16] is proposed and the improvement is also made. In this thesis, we also review the previous papers on different fields of the visual cryptography

New Receipt-Free E-Voting Scheme and Self-Proving Mix Net as New Paradigm

The contribution of this paper is twofold. First we present a new simple electronic voting scheme having standard re-encryption mix net back-end, which allows to cast a ballot and verify its correctness in a new way. Then we extend the proposed scheme to represent a new very efficient mix network construction. We called our mix network to be self-proving mix, because it is shown how mix process correctness can be verified without demanding from mix party a special proof. Our proposed mix network allows to reveal all the cheating occurred during a mix process at verification of decryption parties work

Entropy in Image Analysis III

Image analysis can be applied to rich and assorted scenarios; therefore, the aim of this recent research field is not only to mimic the human vision system. Image analysis is the main methods that computers are using today, and there is body of knowledge that they will be able to manage in a totally unsupervised manner in future, thanks to their artificial intelligence. The articles published in the book clearly show such a future

An improved randomization of a multi-blocking jpeg based steganographic system.

Thesis (M.Sc.)-University of KwaZulu-Natal, Durban, 2010.Steganography is classified as the art of hiding information. In a digital context, this refers to our ability to hide secret messages within innocent digital cover data. The digital domain offers many opportunities for possible cover mediums, such as cloud based hiding (saving secret information within the internet and its structure), image based hiding, video and audio based hiding, text based documents as well as the potential of hiding within any set of compressed data. This dissertation focuses on the image based domain and investigates currently available image based steganographic techniques. After a review of the history of the field, and a detailed survey of currently available JPEG based steganographic systems, the thesis focuses on the systems currently considered to be secure and introduces mechanisms that have been developed to detect them. The dissertation presents a newly developed system that is designed to counter act the current weakness in the YASS JPEG based steganographic system. By introducing two new levels of randomization to the embedding process, the proposed system offers security benefits over YASS. The introduction of randomization to the B‐block sizes as well as the E‐block sizes used in the embedding process aids in increasing security and the potential for new, larger E‐block sizes also aids in providing an increased set of candidate coefficients to be used for embedding. The dissertation also introduces a new embedding scheme which focuses on hiding in medium frequency coefficients. By hiding in these medium frequency coefficients, we allow for more aggressive embedding without risking more visual distortion but trade this off with a risk of higher error rates due to compression losses. Finally, the dissertation presents simulation aimed at testing the proposed system performance compared to other JPEG based steganographic systems with similar embedding properties. We show that the new system achieves an embedding capacity of 1.6, which represents round a 7 times improvement over YASS. We also show that the new system, although introducing more bits in error per B‐block, successfully allows for the embedding of up to 2 bits per B‐block more than YASS at a similar error rate per B‐block. We conclude the results by demonstrating the new systems ability to resist detection both through human observation, via a survey, as well as resist computer aided analysis

Cryptographic Analysis of Secure Messaging Protocols

Instant messaging applications promise their users a secure and private way to communicate. The validity of these promises rests on the design of the underlying protocol, the cryptographic primitives used and the quality of the implementation. Though secure messaging designs exist in the literature, for various reasons developers of messaging applications often opt to design their own protocols, creating a gap between cryptography as understood by academic research and cryptography as implemented in practice. This thesis contributes to bridging this gap by approaching it from both sides: by looking for flaws in the protocols underlying real-world messaging applications, as well as by performing a rigorous analysis of their security guarantees in a provable security model.Secure messaging can provide a host of different, sometimes conflicting, security and privacy guarantees. It is thus important to judge applications based on the concrete security expectations of their users. This is particularly significant for higher-risk users such as activists or civil rights protesters. To position our work, we first studied the security practices of protesters in the context of the 2019 Anti-ELAB protests in Hong Kong using in-depth, semi-structured interviews with participants of these protests. We report how they organised on different chat platforms based on their perceived security, and how they developed tactics and strategies to enable pseudonymity and detect compromise.Then, we analysed two messaging applications relevant in the protest context: Bridgefy and Telegram. Bridgefy is a mobile mesh messaging application, allowing users in relative proximity to communicate without the Internet. It was being promoted as a secure communication tool for use in areas experiencing large-scale protests. We showed that Bridgefy permitted its users to be tracked, offered no authenticity, no effective confidentiality protections and lacked resilience against adversarially crafted messages. We verified these vulnerabilities by demonstrating a series of practical attacks.Telegram is a messaging platform with over 500 million users, yet prior to this work its bespoke protocol, MTProto, had received little attention from the cryptographic community. We provided the first comprehensive study of the MTProto symmetric channel as implemented in cloud chats. We gave both positive and negative results. First, we found two attacks on the existing protocol, and two attacks on its implementation in official clients which exploit timing side channels and uncover a vulnerability in the key exchange protocol. Second, we proved that a fixed version of the symmetric MTProto protocol achieves security in a suitable bidirectional secure channel model, albeit under unstudied assumptions. Our model itself advances the state-of-the-art for secure channels