The need for digital image security arises from the ease with which digital images can be both distribute and duplicated [49]. These two concerns are addressed with the following two techniques:
1) Encryption, providing end to end security for image distribution [50].
2) Watermarking, providing copyright protection through owner identification [51].
Unlike conventional encryption strategies where the objective is to prevent access to the plaintext to all except those in possession of the correct private key. Image security can be applied in many different ways depending on the specific requirements which need to be satisfied.
If the requirement is for full end to end security, then the traditional approach would be to encrypt the entire image, with a standard algorithm like the Data Encryption Standard (DES) [52]. As discussed in Section 1.6.2 digital images have unique requirements which make the direct application of standard encryption algorithms unsuitable for every use case.
For example, the provider of online television services, clearly only wants to provide there content to fee paying subscribers. However they may wish to encourage future subscribers by supplying a low quality version for free. This can be achieved by applying
a transparent encryption strategy, partially degrading the broadcast video stream. The decryption process can then be realized by fee paying customers, who would be provided with the decryption key.
Encryption
Encryption can be described as a scheme which enables two parties to exchange messages with each other in the presence of an adversary, who can intercept these messages [49].
Broadly speaking encryption is the process of securing these plaintext messages [53]. In this process the encryption algorithm converts the plaintext to what is known as ciphertext [53].
Decryption is then the process of recovering the message from the ciphertext.
The study of techniques for securing information is called cryptography [54]. In its modern form there are two main approaches to securing plaintext messages against an adversary, these are:
1) Private or symmetric key cryptosystems, such as the DES and Advanced Encryption Standard (AES) [55]. In this paradigm the plaintext is encrypted with a value referred to as the private key, this can then be decrypted with the same private key or a key which can be explicitly determined from it [50]. This cryptosystem is termed symmetric because knowledge of the same private key is enough to successfully encrypt and decrypt the plaintext.
2) Public or asymmetric key cryptosystems, such as the Ron Rivest, Adi Shamir and Leonard Adleman (RSA) algorithm [55]. The idea here is that the plaintext can be encrypted with a public key and then decrypted by a separate private key. This is clearly asymmetric, with a different key being required at the encryption and decryption stages [54].
Before discussing applications of encryption to digital images, a brief overview of several types of attack, which, a digital image encryption scheme should be resistant to, is given in the next Section.
1.6.1 Cryptanalysis
Cryptanalysis can be described as, the art of deciphering encrypted messages without prior knowledge of the decryption key [50]. Depending on the amount of available information an adversary has there are several methods of attack which a cryptanalyst may use:
• Ciphertext only attacks, where an adversary only has access to one or more encrypted
messages. This level of attack is the minimum that an encryption scheme should be secure against.
• Brute force attacks. This type of attack involves an exhaustive search through all possible private keys until one is found which successfully decrypts the ciphertext.
The set of all possible private keys is referred to as the keyspace and a necessary condition for an encryption scheme is that the keyspace is large enough to prevent a brute force attack [53, 56].
• Known plaintext attack. In this type of attack an adversary in possession of the ciphertext has some knowledge regarding the plaintext from which it was generated.
This knowledge is used to help determine either part or all of the private key.
• Chosen plaintext attack. In this scenario the attacker can choose the plaintext to be encrypted. They can then use the knowledge of the plaintext, ciphertext pairs to obtain either part or all of the private key.
• Chosen ciphertext attack. Contrary to the chosen plaintext attack, here the attacker can choose the ciphertext to be decrypted which can then be used to help determine either part or all of the private key.
A secure encryption scheme should be resistant to all of these attacks. The security is then measured by the amount of computational effort required when the best known attack on the system is used [53, 54]
1.6.2 Image Encryption
From the above the natural question is, why not just apply existing public or private encryption approaches, to either to the raw or compressed version of a digital image.
Firstly this naive approach poses several problems, one of which, as mentioned above, is that images require a lot of storage space even when compressed. Therefore applying classic encryption methods to this type of data would be computationally expensive.
Another problem which arises from the properties of encrypted data [57], is the trade off between encryption and compression. If encryption is performed first, the compressibility of the resulting data is significantly reduced. Therefore to reduce the size of encrypted images, compression always has to be performed first.
A further consideration is the quality of the encrypted data. In [52] it was highlighted that the redundancy present in images can reduce the effectiveness of encryption when it is applied to the raw pixel values.
These concerns have been addressed by two alternative approaches which either par-tially or fully encrypt the image data. The first termed partial or selective encryption only encrypts part of the image data, reducing the amount processing involved, but also reducing the quality of the encryption.
Partial encryption has been proposed to secure JPEG compressed images with various approaches, including encryption of only selected DCT transform coefficients [58, 59], and encryption of only the sign of each transform coefficient [60, 61]. Alternatively partial encryption has been applied to both raw image data, encrypting only selected bit planes [62] and wavelet decompositions of digital images [63].
Many of these selective techniques are susceptible to ciphertext only attack due to visible information remaining in the encrypted images [57]. Therefore an alternative to is to use a full encryption method specifically designed for processing digital images, such as a recently proposed scheme [64] which is applied in the spatial domain applying bit manipulation to the pixels to fully encrypt the raw image data.
There are many other proposed full image encryption schemes, a large proportion of which are based on chaotic maps. In these methods chaotic maps are used either to generate pseudorandom bits [65] for use in a classic encryption approaches [66] or to perform 2D permutations in the spatial domain [67, 68].
Image Degradation
Unlike the partial encryption discussed above where the aim is to reduce the overall pro-cessing time of the encryption step while maintaining a high level of security. Transparent encryption can be applied to content distribution systems to degrade or encrypt only a proportion of the multimedia data [61, 69–71], thus enticing new customers to purchase the full service.
In [70] the author proposes a scheme which applies a linear transformation to the raw pixel values before applying the compression stage. The amount of degradation to the image can then be controlled by the broadcaster depending on the business requirements.
This scheme has a number of drawbacks one being that the costly linear transformation has to be applied to every single pixel in the original image. To improve on this in [71] a scrambling operation is applied instead to the coefficients resulting from the DCT transformation.
In line with the above, Chapters 3-4 propose a novel application of sparse image repre-sentations to partial image security, termed image folding. The application of the folding approach results in digital images where only the top section is left unencrypted. However
the method can easily be applied to only encrypt other sections of the image such as al-ternate rows or columns, which would be achieved by applying a simple reordering of the image pixels, before applying the folding procedure.