Information Forensics and Security: A quarter-century-long journey

Information forensics and security (IFS) is an active R&D area whose goal is to ensure that people use devices, data, and intellectual properties for authorized purposes and to facilitate the gathering of solid evidence to hold perpetrators accountable. For over a quarter century, since the 1990s, the IFS research area has grown tremendously to address the societal needs of the digital information era. The IEEE Signal Processing Society (SPS) has emerged as an important hub and leader in this area, and this article celebrates some landmark technical contributions. In particular, we highlight the major technological advances by the research community in some selected focus areas in the field during the past 25 years and present future trends

A Brief Review of RIDH

The Reversible image data hiding (RIDH) is one of the novel approaches in the security field. In the highly sensitive domains like Medical, Military, Research labs, it is important to recover the cover image successfully, Hence, without applying the normal steganography, we can use RIDH to get the better result. Reversible data hiding has a advantage over image data hiding that it can give you double security surely

Privacy-preserving information hiding and its applications

The phenomenal advances in cloud computing technology have raised concerns about data privacy. Aided by the modern cryptographic techniques such as homomorphic encryption, it has become possible to carry out computations in the encrypted domain and process data without compromising information privacy. In this thesis, we study various classes of privacy-preserving information hiding schemes and their real-world applications for cyber security, cloud computing, Internet of things, etc. Data breach is recognised as one of the most dreadful cyber security threats in which private data is copied, transmitted, viewed, stolen or used by unauthorised parties. Although encryption can obfuscate private information against unauthorised viewing, it may not stop data from illegitimate exportation. Privacy-preserving Information hiding can serve as a potential solution to this issue in such a manner that a permission code is embedded into the encrypted data and can be detected when transmissions occur. Digital watermarking is a technique that has been used for a wide range of intriguing applications such as data authentication and ownership identification. However, some of the algorithms are proprietary intellectual properties and thus the availability to the general public is rather limited. A possible solution is to outsource the task of watermarking to an authorised cloud service provider, that has legitimate right to execute the algorithms as well as high computational capacity. Privacypreserving Information hiding is well suited to this scenario since it is operated in the encrypted domain and hence prevents private data from being collected by the cloud. Internet of things is a promising technology to healthcare industry. A common framework consists of wearable equipments for monitoring the health status of an individual, a local gateway device for aggregating the data, and a cloud server for storing and analysing the data. However, there are risks that an adversary may attempt to eavesdrop the wireless communication, attack the gateway device or even access to the cloud server. Hence, it is desirable to produce and encrypt the data simultaneously and incorporate secret sharing schemes to realise access control. Privacy-preserving secret sharing is a novel research for fulfilling this function. In summary, this thesis presents novel schemes and algorithms, including: • two privacy-preserving reversible information hiding schemes based upon symmetric cryptography using arithmetic of quadratic residues and lexicographic permutations, respectively. • two privacy-preserving reversible information hiding schemes based upon asymmetric cryptography using multiplicative and additive privacy homomorphisms, respectively. • four predictive models for assisting the removal of distortions inflicted by information hiding based respectively upon projection theorem, image gradient, total variation denoising, and Bayesian inference. • three privacy-preserving secret sharing algorithms with different levels of generality

Embedding distortion analysis in wavelet-domain watermarking

Imperceptibility and robustness are two complementary fundamental requirements of any watermarking algorithm. Low-strength watermarking yields high imperceptibility, but exhibits poor robustness. High-strength watermarking schemes achieve good robustness but often infuse distortions resulting in poor visual quality in host images. This article analyses the embedding distortion for wavelet-based watermarking schemes. We derive the relationship between distortion, measured in mean square error (MSE), and the watermark embedding modification and propose the linear proportionality between MSE and the sum of energy of the selected wavelet coefficients for watermark embedding modification. The initial proposition assumes the orthonormality of discrete wavelet transform. It is further extended for non-orthonormal wavelet kernels using a weighting parameter that follows the energy conservation theorems in wavelet frames. The proposed analysis is verified by experimental results for both non-blind and blind watermarking schemes. Such a model is useful to find the optimum input parameters, including the wavelet kernel, coefficient selection, and subband choices for wavelet domain image watermarking

On the data hiding theory and multimedia content security applications

This dissertation is a comprehensive study of digital steganography for multimedia content protection. With the increasing development of Internet technology, protection and enforcement of multimedia property rights has become a great concern to multimedia authors and distributors. Watermarking technologies provide a possible solution for this problem. The dissertation first briefly introduces the current watermarking schemes, including their applications in video,, image and audio. Most available embedding schemes are based on direct Spread Sequence (SS) modulation. A small value pseudo random signature sequence is embedded into the host signal and the information is extracted via correlation. The correlation detection problem is discussed at the beginning. It is concluded that the correlator is not optimum in oblivious detection. The Maximum Likelihood detector is derived and some feasible suboptimal detectors are also analyzed. Through the calculation of extraction Bit Error Rate (BER), it is revealed that the SS scheme is not very efficient due to its poor host noise suppression. The watermark domain selection problem is addressed subsequently. Some implications on hiding capacity and reliability are also studied. The last topic in SS modulation scheme is the sequence selection. The relationship between sequence bandwidth and synchronization requirement is detailed in the work. It is demonstrated that the white sequence commonly used in watermarking may not really boost watermark security. To address the host noise suppression problem, the hidden communication is modeled as a general hypothesis testing problem and a set partitioning scheme is proposed. Simulation studies and mathematical analysis confirm that it outperforms the SS schemes in host noise suppression. The proposed scheme demonstrates improvement over the existing embedding schemes. Data hiding in audio signals are explored next. The audio data hiding is believed a more challenging task due to the human sensitivity to audio artifacts and advanced feature of current compression techniques. The human psychoacoustic model and human music understanding are also covered in the work. Then as a typical audio perceptual compression scheme, the popular MP3 compression is visited in some length. Several schemes, amplitude modulation, phase modulation and noise substitution are presented together with some experimental results. As a case study, a music bitstream encryption scheme is proposed. In all these applications, human psychoacoustic model plays a very important role. A more advanced audio analysis model is introduced to reveal implications on music understanding. In the last part, conclusions and future research are presented

NEW SECURE SOLUTIONS FOR PRIVACY AND ACCESS CONTROL IN HEALTH INFORMATION EXCHANGE

In the current digital age, almost every healthcare organization (HCO) has moved from storing patient health records on paper to storing them electronically. Health Information Exchange (HIE) is the ability to share (or transfer) patients’ health information between different HCOs while maintaining national security standards like the Health Insurance Portability and Accountability Act (HIPAA) of 1996. Over the past few years, research has been conducted to develop privacy and access control frameworks for HIE systems. The goal of this dissertation is to address the privacy and access control concerns by building practical and efficient HIE frameworks to secure the sharing of patients’ health information. The first solution allows secure HIE among different healthcare providers while focusing primarily on the privacy of patients’ information. It allows patients to authorize a certain type of health information to be retrieved, which helps prevent any unintentional leakage of information. The privacy solution also provides healthcare providers with the capability of mutual authentication and patient authentication. It also ensures the integrity and auditability of health information being exchanged. The security and performance study for the first protocol shows that it is efficient for the purpose of HIE and offers a high level of security for such exchanges. The second framework presents a new cloud-based protocol for access control to facilitate HIE across different HCOs, employing a trapdoor hash-based proxy signature in a novel manner to enable secure (authenticated and authorized) on-demand access to patient records. The proposed proxy signature-based scheme provides an explicit mechanism for patients to authorize the sharing of specific medical information with specific HCOs, which helps prevent any undesired or unintentional leakage of health information. The scheme also ensures that such authorizations are authentic with respect to both the HCOs and the patient. Moreover, the use of proxy signatures simplifies security auditing and the ability to obtain support for investigations by providing non-repudiation. Formal definitions, security specifications, and a detailed theoretical analysis, including correctness, security, and performance of both frameworks are provided which demonstrate the improvements upon other existing HIE systems

Proxy Blind Signature using Hyperelliptic Curve Cryptography

Blind signature is the concept to ensure anonymity of e-coins. Untracebility and unlinkability are two main properties of real coins and should also be mimicked electronically. A user has to fulll above two properties of blind signature for permission to spend an e-coin. During the last few years, asymmetric cryptosystems based on curve based cryptographiy have become very popular, especially for embedded applications. Elliptic curves(EC) are a special case of hyperelliptic curves (HEC). HEC operand size is only a fraction of the EC operand size. HEC cryptography needs a group order of size at least 2160. In particular, for a curve of genus two eld Fq with p 280 is needeed. Therefore, the eld arithmetic has to be performed using 80-bit long operands. Which is much better than the RSA using 1024 bit key length. The hyperelliptic curve is best suited for the resource constraint environments. It uses lesser key and provides more secure transmisstion of data

Algebraic Curves and Cryptographic Protocols for the e-society

Amb l'augment permanent de l'adopció de sistemes intel·ligents de tot tipus en la societat actual apareixen nous reptes. Avui en dia quasi tothom en la societat moderna porta a sobre almenys un telèfon intel·ligent, si no és que porta encara més dispositius capaços d'obtenir dades personals, com podria ser un smartwatch per exemple. De manera similar, pràcticament totes les cases tindran un comptador intel·ligent en el futur pròxim per a fer un seguiment del consum d'energia. També s'espera que molts més dispositius del Internet de les Coses siguin instal·lats de manera ubiqua, recol·lectant informació dels seus voltants i/o realitzant accions, com per exemple en sistemes d'automatització de la llar, estacions meteorològiques o dispositius per la ciutat intel·ligent en general. Tots aquests dispositius i sistemes necessiten enviar dades de manera segura i confidencial, les quals poden contindre informació sensible o de caire privat. A més a més, donat el seu ràpid creixement, amb més de nou mil milions de dispositius en tot el món actualment, s'ha de tenir en compte la quantitat de dades que cal transmetre. En aquesta tesi mostrem la utilitat de les corbes algebraiques sobre cossos finits en criptosistemes de clau pública, en particular la de les corbes de gènere 2, ja que ofereixen la mida de clau més petita per a un nivell de seguretat donat i això redueix de manera significativa el cost total de comunicacions d'un sistema, a la vegada que manté un rendiment raonable. Analitzem com la valoració 2-àdica del cardinal de la Jacobiana augmenta en successives extensions quadràtiques, considerant corbes de gènere 2 en cossos de característica senar, incloent les supersingulars. A més, millorem els algoritmes actuals per a computar la meitat d'un divisor d'una corba de gènere 2 sobre un cos binari, cosa que pot ser útil en la multiplicació escalar, que és l'operació principal en criptografia de clau pública amb corbes. Pel que fa a la privacitat, presentem un sistema de pagament d'aparcament per mòbil que permet als conductors pagar per aparcar mantenint la seva privacitat, i per tant impedint que el proveïdor del servei o un atacant obtinguin un perfil de conducta d'aparcament. Finalment, oferim protocols de smart metering millorats, especialment pel que fa a la privacitat i evitant l'ús de terceres parts de confiança.Con el aumento permanente de la adopción de sistemas inteligentes de todo tipo en la sociedad actual aparecen nuevos retos. Hoy en día prácticamente todos en la sociedad moderna llevamos encima al menos un teléfono inteligente, si no es que llevamos más dispositivos capaces de obtener datos personales, como podría ser un smartwatch por ejemplo. De manera similar, en el futuro cercano la mayoría de las casas tendrán un contador inteligente para hacer un seguimiento del consumo de energía. También se espera que muchos más dispositivos del Internet de las Cosas sean instalados de manera ubicua, recolectando información de sus alrededores y/o realizando acciones, como por ejemplo en sistemas de automatización del hogar, estaciones meteorológicas o dispositivos para la ciudad inteligente en general. Todos estos dispositivos y sistemas necesitan enviar datos de manera segura y confidencial, los cuales pueden contener información sensible o de ámbito personal. Además, dado su rápido crecimiento, con más de nueve mil millones de dispositivos en todo el mundo actualmente, hay que tener en cuenta la cantidad de datos a transmitir. En esta tesis mostreamos la utilidad de las curvas algebraicas sobre cuerpos finitos en criptosistemas de clave pública, en particular la de las curvas de género 2, ya que ofrecen el tamaño de clave más pequeño para un nivel de seguridad dado y esto disminuye de manera significativa el coste total de comunicaciones del sistema, a la vez que mantiene un rendimiento razonable. Analizamos como la valoración 2-ádica del cardinal de la Jacobiana aumenta en sucesivas extensiones cuadráticas, considerando curvas de género 2 en cuerpos de característica importa, incluyendo las supersingulares. Además, mejoramos los algoritmos actuales para computar la mitad de un divisor de una curva de género 2 sobre un cuerpo binario, lo cual puede ser útil en la multiplicación escalar, que es la operación principal en criptografía de clave pública con curvas. Respecto a la privacidad, presentamos un sistema de pago de aparcamiento por móvil que permite a los conductores pagar para aparcar manteniendo su privacidad, y por lo tanto impidiendo que el proveedor del servicio o un atacante obtengan un perfil de conducta de aparcamiento. Finalmente, ofrecemos protocolos de smart metering mejorados, especialmente en lo relativo a la privacidad y evitando el uso de terceras partes de confianza.With the ever increasing adoption of smart systems of every kind throughout society, new challenges arise. Nowadays, almost everyone in modern societies carries a smartphone at least, if not even more devices than can also gather personal data, like a smartwatch or a fitness wristband for example. Similarly, practically all homes will have a smart meter in the near future for billing and energy consumption monitoring, and many other Internet of Things devices are expected to be installed ubiquitously, obtaining information of their surroundings and/or performing some action, like for example, home automation systems, weather detection stations or devices for the smart city in general. All these devices and systems need to securely and privately transmit some data, which can be sensitive and personal information. Moreover, with a rapid increase of their number, with already more than nine billion devices worldwide, the amount of data to be transmitted has to be considered. In this thesis we show the utility of algebraic curves over finite fields in public key cryptosystems, specially genus 2 curves, since they offer the minimum key size for a given security level and that significantly reduces the total communication costs of a system, while maintaining a reasonable performance. We analyze how the 2-adic valuation of the cardinality of the Jacobian increases in successive quadratic extensions, considering genus 2 curves with odd characteristic fields, including supersingular curves. In addition, we improve the current algorithms for computing the halving of a divisor of a genus 2 curve over binary fields, which can be useful in scalar multiplication, the main operation in public key cryptography using curves. As regards to privacy, we present a pay-by-phone parking system which enables drivers to pay for public parking while preserving their privacy, and thus impeding the service provider or an attacker to obtain a profile of parking behaviors. Finally, we offer better protocols for smart metering, especially regarding privacy and the avoidance of trusted third parties