(IJACSA) International Journal of Advanced Computer Science and Applications,Vol. 3, No.4, 2012
76 |Page www.ijacsa.thesai.org
Reversible Anonymization of DICOM Images usingCryptography and Digital Watermarking
Youssef ZAZ*
Department of Computer SciencesFaculty of Sciences, Abdelmalek Essaadi UniversityTetuan, Morocco
Lhoussain ELFADIL
FPOIbn Zohr UniversityOuarzazate, Morocco
Abstract
—
Digital Imaging and Communications in Medicine(DICOM) is a standard for handling, storing, printing, andtransmitting information in medical images. The DICOM filecontains the image data and a number of attributes such as
identified patient data (name, age, insurance ID card,…), and
non-
identified patient data (doctor’s interpretation, imagetype,…). Medical images serve not only for examination, but can
also be used for research and education purposes. For researchthey are used to prevent illegal use of information; beforeauthorizing researchers to use these images, the medical staff deletes all the data which would reveal the patient identity toprevent patient privacy. This manipulation is calledanonymization. In this paper, we propose a reversibleanonymization of DICOM images. Identifying patient data withimage digest, computed by the well-known SHA-256 hashfunction, are encrypted using the proposed probabilistic publickey crypto-system. After compressing the Least Significant Bit(LSB) bitplan of the image using Hofmann coding algorithm, theencrypted data is inserted into a liberated zone of the LSBbitplan of the image. The proposed method allows researchers touse anonymous DICOM images and keep to authorized staff -if necessary- the possibility to return to the original image with allrelated patient data.
Keywords-DICOM images; watermaking; Hofmann coding; reversible anonymization, public key cryptosystem.
I.
I
NTRODUCTION
DICOM images contain different kind of information,intermixing identifying patient data (I-Data) and non-identifying patient data (M-data) in a single file. To use theseimages by scientific researchers or for teaching purposes,hospitals proceed to the image anonymization by deleting all I-Data to ensure the patient privacy. Several software and webbased applications were proposed to ensure this anonymization,as proposed by [5], [4] and [6].For research purposes, sometimes the return to some I-Datain order to explain typical phenomenon is inescapable, but, theimages are already anonymized and there is no way to usethose information. To deal with this problem, [2] proposed tosubstitute I-Data by a unique anonymous token. In case thatlater an authenticated user needs full access to an image, thetoken can be used for re-linking separated I-Data and M-Data.[7] proposes to extract and save identifying data in anotherdatabase and non-identifying data is stored in the archive.When data is requested, the proposed system resolves thecorrelating and gathers the person-identifying information fromthe separate database. Another web-based separation isproposed in [8]. All above methods circumvent the mainobjective of DICOM images, which is to keep the image andthe related data in the same file. To ensure the anonymizationwith keeping I-Data in the same file, the watermarkingtechniques are unavoidable. [3] proposed embedding the digestcomputed by SHA-256, in the Region of Non-Interest (RONI)of the image LSB bitplan. This method presents somedifficulties to determine the RONI.In this paper, we propose a reversible anonymization of DICOM images based on cryptography and watermarking.After liberating a space in LSB bitplan of the host image bycompressing the original LSB bitplan using the Hoffmanncoding, the I-Data and the image digest computed by SHAdigital signature algorithm, are encrypted using the proposedpublic key crypto-system and inserted in liberated zone.This paper is organized as follows: Section 2 gives a brief review of DICOM standard. Section 3 explains the securityrequirement for medical data storage. Section 4 exposes theproposed public key crypto-system. Section 5 exposes theglobal algorithm of reversible anonymization, and the lastsection concludes the paper.II.
DICOM
I
MAGES
Introduced in 1993, DICOM (Digital Imaging andCommunications in Medicine) a technology standard that isused virtually in Hospitals, clinics, imaging centers andspecialists. Its structure is designed to ensure theinteroperability of systems used to produce, store, display,
send, …, and retrieve medical images and derived structured
documents as well as to manage related workflow.DICOM is required by all Electronic
Health
Records
System
s
that include imaging information as an integral part of the patient record.DICOM is used in radiology, cardiology, radiotherapy,oncology, ophthalmology, dentistry, and so on.For more description about DICOM, see the official website [13].
(IJACSA) International Journal of Advanced Computer Science and Applications,Vol. 3, No.4, 2012
77 |Page www.ijacsa.thesai.orgIII.
S
ECURITY
R
EQUIREMENTS FOR
M
EDICAL
D
ATA
S
TORAGE
To preserve patient privacy, all medical data are consideredas sensitive. To read the content of an image, a user should beauthorized. To prevent data infiltration, the anonymizationprevents the exposure of identified patient data to unauthorizedusers. Many techniques are available to ensure the storage of medical data:
A.
File access control
Under operating systems, the administrator defines accessrestrictions (read, write and execute) to file owner, the stuff members, and public users.
B.
Data access control
Medical databases are stored in local servers and can beconsulted remotely for tele-diagnostic for example. Access ordenial to medical data should be adequately granted.
C.
File encryption and signature
To reduce considerably the risk of disclosure, the use of crypto-system is a great solution. Encrypt medical data beforetransmission upon open networks, like Internet, ensures theconfidentiality of patient identity. Adding digital signatureensure the data integrity also.
D.
File anonymization
The identified patient data or de-identified patient data -information that does not identify the individual and for whichthere is no reasonable basis to believe the individual can beidentified from it - must be kept confidential. Several softwareand web based applications can ensure the DICOManonymization by deleting certain attributes like (Name,Address, Social card
ID,…) .
IV.
P
ROPOSED
P
UBLIC
K
EY
C
RYPTOSYSTEM
A.
Overview
Formally,
PKE
= three efficient (probabilistic) algorithms:KeyGen( ):Outputs: public key
pk
and secret key
sk
Enc(
pk
,
m
):Outputs: a ciphertext
c
Dec(
sk
,
c
):Outputs: a message
m
And always, we assume that the communication isexchanged in insecure channel, and then always, we assumethat there are pirates (adversaries).The scheme is called semantically secure if the probability
21)"("
wins A y probabilit
is negligible for every efficientadversary
""
A
.Our proposed scheme is based on third order linearsequences.In [10], P. Smith and M. J. J. Lennon proposed using Lucassequences cryptosystems, and they proved that the computationcost by using Lucas sequences is half reduced instead of usingexponentiation in the standard RSA. Moreover, from [12], thesecurity of Lucas sequences is polynomial-time equivalent tothe generalized discrete logarithm problem. In [11], Gong andL. Harn introduced cryptosystems based on third order linearsequences, and they show that the computation cost of theproposed scheme is reduced by
32
instead of usingexponentiation in the standard RSA. All these given variantshave a weak point on semantic security. In this paper, aprobabilistic variant is given, together with the securityanalysis. Moreover, as the crucial property of Lucas sequencesis that cryptosystem are not formulated in terms of exponentiation, this would make them unsusceptible to variouswell known attacks that threaten the security of moretraditional exponentiation based cryptosystems like RSA.
B.
Mathematical foundation
Remind that for two integers
a
,
b
and a polynomial
1)(
23
bX aX X X f
, a third order linear characteristicsequence generated by
),(
ba
is denoted by
),(
bas
and definedby the following recurrence:
),(),(),(),(
123
basbabsbaasbas
k k k k
),(
ba
is called the generator of
),(
bas
and
k
is itsexponent.It is well known that if
21
,
and
3
are the complexroots of
)(
X f
. Then there exist three rational numbers
321
,,
aaa
such that for every integer
k
.
k k k k
aaas
332211
b)a, (
Note that the tuple
321
,,
aaa
depends only on the choiceof
),(
0
bas
,
),(
1
bas
,
),(
1
bas
and conversely. If
),(),,(
10
basbas
and
),(
1
bas
are integers, then
321
,,
aaa
are integers too.Through the paper, let
p
is an odd prime integer,
),(
bas
is a third order linear sequence such that
),(),,(
10
basbas
,
),(
1
bas
are integers and
)(mod1
321
paaa
.Then
)(mod),(
1
pbbas
,
)(mod3),(
0
pbas
,
)(mod),(
1
pabas
and for every
k
,
),(
bas
k
is an integer.Since
)(
X f
is irreducible in
X F
p
, then
)(
X f
is irreduciblein
X Q
too. In that case, let
1
QK
,
K
Z
its ring of integers,
QK
N
and
QK
T
the norm and trace of
K
. Then forevery integer
k
,
pT bas
k QK k
mod),(
1
. Since
)(mod
1
p
p
and
M
(IJACSA) International Journal of Advanced Computer Science and Applications,Vol. 3, No.4, 2012
78 |Page www.ijacsa.thesai.org
)(mod
2
1
p
p
are the conjugate of
)(mod
1
p
, we have:
)(mod1
111
2
p N
p pQK
.Thus,
1
2
p pT
is a period of
),(
bas
modulo
p
.The following cryptographic properties are well knownmodulo
p
(see [GH 99]). We give theme modulo
2
p
withoutproof.To simplify, for every integer
k
, let us denote
))(mod,(:
2
pbass
k k
.If
)(mod3),(
20
pbas
,
)(mod),(
21
pabas
and
)(mod),(
21
pbbas
. Then for every integer
k
,if
)(mod1
223
p X s X s X X f
k k k
,then
)(mod)(
2321
p X X X X f
k k k k
.In particular, for every integers
k
and
e
,
).)(mod,(),(),,(
2
pssbasbass
ek ek k k e
(3)
C.
Infrastructure
The algorithms of the proposed public key schemes arebased on the result given in Proposition.1, given in thisparagraph.Let
pqn
be an RSA,
),(
ba
two integers such that
1)(
23
bX aX X X f
is irreducible modulo
p
(resp.modulo
q
),
),(
bas
the third order linear sequence modulo
2
n
generated by
),(
ba
such that
)(mod),(
21
nbbas
,
)(mod3),(
20
nbas
,
)(mod),(
21
nabas
.Let
)1,1(
22
qq p p LCM T
)4(
be the least common multiple of
1
2
p p
and
1
2
qq
.Let
})(mod3),(,),({:
2
n y xs Z y x
T
and
nZ Z L
2
:
defined by
)(mod3),(
),(L
nn y xs y x
T
Since for every
),(
y x
,
)(mod3),(
n y xs
T
,
L
is welldefined and we have the following proposition:Proposition.1
If
),(
ba L
is invertible modulo
n
, then for every
integer
k
,
)(mod),()),(),,((
nk ba Lbasbas L
k k
Proof.For every ,let
}])[(mod1],[{:
iii
Z n x Z x
and
][][:
iiii
nZ Z L
defined by
)(mod1)(L
i
nn x x
.Then for every
2
),(
i
y x
,
)(mod1)1(1)1(1
)(L
i
nn xn y xn x y xn xy xy
.Since
i
x
, we have
)(mod1)1(
)(L
i
nn xn y xy
and then
)(L)(L)(L
iii
y x xy
.Let
)1(T
2p
p pk
. Since for every ,
)(mod1))(()(
1
2
p N
qq
k iQK k p piT i
(resp.
)(mod1
q
T i
), it follows that
)(mod1
n
T i
. Thus forevery ,
iT i
and for every integer
k
,. So,
))(mod1()1()1(3),(
321
nbas
kT kT kT kT
andFinally, , and if is invertible,then .The solely problem that remains to establish our proposedscheme, is to describe a method How to choose a couple
),(
ba
such that is invertible: if
))(mod,(
nba L
is notinvertible, we describe a method which allows us to choose acouple
),(
ba
of integers that
))(mod,(
nba L
is invertible.If
)(mod3),(
nnbas
T
, then we will keep, and. Else, i.e., if
p
or
q
divides
nbas
T
3),(
,then let
p}q,{n,:
E
and
E xn y
the largest element of
E
dividing
nbas
T
3),(
. (If
1
x
, then
x
does not divide
nbas
T
3),(
). Let
nxa A
:
, and consider
),(
b As
the characteristicsequence generated by
),(
b A
modulo
2
n
:
3,2,1:
i
3,2,1:
i
3,2,1:
i
))(mod()(
ii
nkLk L
T iT i
))(mod(13),(s
)),(s),,((s
3131k k -k
n Lk nnbababa L
T iiiikT i
))(mod,()),(s),,(L(s
k -k
nbakLbaba
))(mod,(
nba L
)(mod),()),(s),,(L(s
k -k
nk ba Lbaba
))(mod,(
nba L
)(mod),(
21
nbbas
)(mod3),(
20
nbas
)(mod),(
21
nabas
Search History:
Result 00 of 00
00 results for result for
p.
Paper 14-Reversible Anonymization of DICOM Images Using Cryptography and Digital Watermarking
Digital Imaging and Communications in Medicine (DICOM) is a standard for handling, storing, printing, and transmitting information in medical images. The DICOM file contains the image data and a number of attributes such as identified patient…
(More)
224
Reads
1
Readcasts
0
Embed Views
More From This User
Notes
Load more
