In this paper, a novel framework combining bi-
layer watermarking and PKI for biometric templates
secure transmission is proposed. We design a novel bi-
layer watermarking algorithm. At the first-layer, DCT-
based blind data hiding algorithm is employed. At the
second-layer, the employed watermarking algorithm is
public to all receivers and removable. The encrypted
biometric templates and signature of biometric templates
appended encrypted secret key are used as dual
watermark, which are embedding into the same host
image. Experimental results show that the bi-layer
watermarking does not affect each other, and the
proposed scheme has good performance while
transmitting biometric templates over a noisy network.

Attribution Non-Commercial (BY-NC)

7 views

In this paper, a novel framework combining bi-
layer watermarking and PKI for biometric templates
secure transmission is proposed. We design a novel bi-
layer watermarking algorithm. At the first-layer, DCT-
based blind data hiding algorithm is employed. At the
second-layer, the employed watermarking algorithm is
public to all receivers and removable. The encrypted
biometric templates and signature of biometric templates
appended encrypted secret key are used as dual
watermark, which are embedding into the same host
image. Experimental results show that the bi-layer
watermarking does not affect each other, and the
proposed scheme has good performance while
transmitting biometric templates over a noisy network.

Attribution Non-Commercial (BY-NC)

- A New Image Encryption Algorithm Based Slicing and Displacement Followed by Symmetric and Asymmetric Cryptography Technique
- Encryption Project
- Password Encryption
- 70-293 MCSE Guide to Planning a Microsoft Windows Server 2003 [1]...
- 08012311
- rep
- FULLTEXT01_7
- IT-21
- SECURITY
- E Commerce
- Major Project Ppt
- Fundamentals of digital watermarking
- The PGP Trust Model-1
- Draft SP800-57-Part1-Rev3 May2011 DRAFT Recommendation for Key Management
- Px c 3875328
- 10.1.1.92.6160
- csa223ch01 introduction
- CIS Ch01Introduction
- Defending the Oracle Database With Advanced Security Features
- 3N19-IJAET0319309_v7_iss1_30-37

You are on page 1of 4

A Biometric Templates Secure Transmission Method Based on Bi-layer Watermarking and PKI

ChunLei Li1,2, YunHong Wang1, LiNing Liu1

1 School of Computer Science and Engineering Beihang University Beijing, China 2 School of Electronic and Information Engineering Zhongyuan University of Technology ZhengZhou, China

AbstractIn this paper, a novel framework combining bilayer watermarking and PKI for biometric templates secure transmission is proposed. We design a novel bilayer watermarking algorithm. At the first-layer, DCTbased blind data hiding algorithm is employed. At the second-layer, the employed watermarking algorithm is public to all receivers and removable. The encrypted biometric templates and signature of biometric templates appended encrypted secret key are used as dual watermark, which are embedding into the same host image. Experimental results show that the bi-layer watermarking does not affect each other, and the proposed scheme has good performance while transmitting biometric templates over a noisy network. Keywords-biometric template; secure transmission; bilayer; watermarking; PKI;

watermarking and PKI is proposed. The encrypted biometric templates are embedded in the first-layer. And signature of biometric templates appended encrypted secret key of the first-layer is encrypted using the private key of the sender and the public key of the receiver, then embedded into the second-layer. The secrecy of all transmitted data can be guaranteed by watermarking technology. And PKI can ensure security, authenticity and non-repudiation of data. II. FRAMEWORK OF SECURE TRANSMISSION The transmitted data includes biometric templates, signature of biometric templates and secret key. The biometric templates are embedded into the host image by a secret key. The secret key also needs to be embedded into the host image, and all the receivers can extract it. Both of them should be embedded separately. PKI can guarantee security, integrity, authenticity and non-repudiation of data. So, a novel framework combining bi-layer watermarking and PKI for biometric templates secure transmission is proposed. The flow chart is illustrated in Figure 1. In Figure 1, the notations are defined as follows. : Data conjunction character. : Watermark embedding/extracting. : Data comparison character. The biometric template B is encrypted using Ks . It is used as W1 which is embedded into the first-layer using secret Ks , and IW1 is generated. A random sequence of 128 bits Ab which is used as verifying the integrity of biometrics data is generated with the help of a standard hashing algorithm MD5, and secret key Ks are united as a binary sequence ( Ks + Ab) , which is encrypted using the private key K apr of the sender and the public key Kbpu of the receiver. It is used as watermark W2 . The watermark W2 is embedded into the second-layer by a random position sequence generated by the public key K apu of the sender. Then the watermarked image IW2 is sent to the receiver.

I.

INTRODUCTION

At present, biometric-based remote verification systems are applied widely than before, which causes the demand for ensuring the security, integrity and secrecy of biometrics data during transmission over insecure network. Cryptography is the mostly used way of data security. Watermarking technology provides a hidden channel to guarantee the secrecy of the transmission. The combination of watermarking technology and cryptography technology has been an active research topic [1-4]. The work proposed in [1, 2, 3] embedded the message into the host image, and encrypted the watermarked image. These methods are comparatively much more computationally intensive and the encrypted images are also obvious during transmission. The method proposed in [2] embedded the encrypted message into the host image, and the integrity cannot be verified by receiver. On the other hand, all the above methods need to negotiate a secret key before transmission or send a secret key separately. For the former, it is inconvenient for both sides. For the latter, the secrecy of secret key cannot be guaranteed. In this paper, a novel scheme for biometric templates secure transmission using bi-layer

95

I

B

W1

Ks

IW1

K apr Kbpu

Ab

W2

IW2

B'

' Iw1

Ab''

Ks

W2'

Ab'

K apu

Kbpr

Receiver first extracts the watermark W2 by the public key of the sender. The sender can be authenticated and the encrypted data can be decrypted by using the private key K bpr and public key K apu of the sender. The secret key Ks and a random sequence Ab are obtained simultaneously. The former is used as extracting the watermark W1 and decrypting the encrypted biometric templates, and get B ' . The 128 bits Ab'' is generated with the help of MD5 from B ' , and verify whether it equals Ab' . The verified result can tell us whether we receive the right biometrics data. III. BI-LAYER WATERMARKING SCHEME The two layers watermark should have the capability of self-correction to resist JPEG compression and noise attack. The second-layer watermark can be removable and the bilayer watermarking does not affect each other. A. First-layer watermarking In order to improve the robustness of algorithm, DCTbased blind data hiding algorithm is employed. 1) Watermark embedding algorithm: The watermark embedding can be implemented according to the following steps. a) The host image I is divided into 8 8 image blocks; perform DCT on the image blocks. Then quantize the DCT coefficients with the JPEG quantization table of the perdetermined quality factor Q . The set of quantized DCT coefficient blocks can be represented as X = { X1 , X 2 , , X N } . Each block of DCT coefficients is along zigzag order from low-frequency to highfrequency. X i ( j ) is the j th coefficient of the DCT block X i .

b) Generate a random position sequence f (i ) = I i , i = 1, 2,..., n with the same length as the biometrics data Bi , i = 1, 2,..., n using secret key Ks . c) n

DCT block

{X i , 1 i N}

selected

from X = { X1 , X 2 , , X N } are spitted into n / 4 groups, and each group can be represented k k k as G = { X f (4 k +1) , X f (4 k + 2) , X f (4 k + 3) , X k f (4 k + 4) },

k = 0,1,..., n / 4 1 . d) Four sequential coefficients whose index is more than h (the pre-determined index which is the lowest index of the four watermarkable coefficients) are selected for each block among one group. Four biometrics bits are embedded into one group block : B(4 k +1) l = 1 B(4 k + 2) l = 2 Xk ( h + l ) = b = 1, 2,3, 4 (1) f (4 k + b ) B(4 k +3) l = 3 B l=4 (4 k + 4)

Where denotes the embedding strength. For each group, repeat (d). Then the watermarked image can be acquired. 2) Watermark extracting algorithm: The watermark extracting algorithm can be divided into three steps. a) Decode the received JPEG image to get the quantized DCT blocks X i . Then, generate random position sequence f using secret key Ks . b) For group a k k k G = {X k , X , X , X }, f (4 k +1) f (4 k + 2) f (4 k + 3) f (4 k + 4)

k = 0,1,..., n / 4 1 , four biometric bits are extracted according to the following steps. Suppose l =1, C0={0,0,0,0}, C1={1,1,1,1}.

96

Extract four coefficients from a group block according to formula (2): (2) Sb = X k f (4 k + b ) ( h + l ) b = 1, 2,3, 4 Then covert Sb , b = 1, 2,3, 4 into a four binary bits sequence C ' according to formula (3): Sb < / 2 0, ' Cb = otherwise 1, (3)

result in the failure of transmission. The watermarking algorithm needs to be robust and the data can be completely extracted even if the watermarked image suffering from some certain strength of JPEG compression and noise attack.

Calculate the distance between C ' and C0 or C1 which can be represented as d (C ' , C0 ) and d (C ' , C1 ) . The biometrics data Bi can be obtained according to formula (4): 0, d (C ' , C0 ) d (C ' , C1 ) Bi = (4) otherwise 1, Add 1 to l , repeat step 2.1, step2.2 until l =4. For each group block, repeat step 2 until all biometrics data is extracted.

B. Second-layer Watermarking Jain [5] proposed a novel watermarking scheme to take account into local image information such as gradient PGM and standard deviation PSD . The embedded equation is as formula (5): P WM (i, j ) = P (i , j ) + (2 s 1) PAV (i, j )

Recovery accuracy

PSD (i, j ) P (i, j ) (5) )(1 + GM ) A B Where s represents the watermark bit. The parameters A and B aid in adjusting the strength of the standard deviation and gradient when modulating the bits to be watermarked. P(i, j ) is the pixel intensity at (i, j ) , PAV (i, j ) represents the average pixels in a c c neighborhood centered around (i, j ) , and P WM (i, j ) represents the intensity of the watermarked pixels. The extracting process is accomplished by estimating a linear combination of the pixels in a cross-shaped neighborhood around the extracted bit as formula (6): c c ij = 1 ( (6) B B + i+k , j Bi, j + k 2 Bij ) 4c k = c k = c Where c denotes the size of the neighborhood. After estimating the pixel B i j value, the difference between the estimated and watermarked pixels is averaged over all embedding location among a block for that bit. Finally the sign of this value indicates the bit. In order to reduce the effect on the first-layer watermarked image, an estimate of the first-layer watermarked image is found via replacing the ij value. watermarked image with the B q(1 + IV. EXPERIMENTAL RESULT

A. Watermarking Algorithm Performance For the first-layer watermarking algorithm, the PSNR and retrieval accuracy is controlled by quality factor Q and embedded strength . It seems that as the value of Q and is increased; the watermarked image has poorer quality. So the optimum value of the two parameters should be a small value. However, the decoder has the lower recovery accuracy with the decrement of the value. Higher values improve the recovery accuracy but at the same time the quality of the image is reduced. It needs to make a tradeoff between recovery accuracy and the quality of the image. In the experiments we set the parameter values of and Q (4, 0.4) to analyze. For the second-layer watermarking algorithm, it embeds the second watermark into the watermarked image which has been embedded into the first watermark. Parameters are set to: A=100, B=1000, q=0.10. In order to evaluate the performance of the proposed dual watermarking scheme, the recovery accuracy is given under the simulated network environment which is illustrated in Figure 2.

Sender JPEG Compression Noisy Channel Receiver

The watermarks are embedded into the quantized image, and it is robust to JPEG compression

1 Recovery accuracy 0.98 0.96 0.94 0.92 0.9 0.5 1 1.5 2 2.5 3 3.5 Variance=0.0005:0.005 Second-layer First-layer 4 4.5 x 10 5

-3

1 0.98 0.96 0.94 0.92 0.9 0.5 1 1.5 Without Second-layer Wiht Second-layer 2 2.5 3 3.5 Variance=0.0005:0.005 4 4.5 x 10 5

-3

The proposed scheme for secure transmission is robustness-critical for watermarking algorithm. If any bit of transmitted information is suffering modifying, then it will

97

The ability to extract watermarks under noise attack is given in Figure 3. In this paper, Gaussian noise (0, variance) is used as the noise model. The x-axis represents different variance which range from 0.0005 to 0.0045. The y-axis represents recovery accuracy of watermark under Gaussian noise. The second-layer watermarks can be extracted with very high accuracy, and the recovery accuracy of the firstlayer decrease along with the augment of noise strength. Figure 4 illustrates the effect of the second-layer on the firstlayer under Gaussian noise, the difference of the recovery accuracy of the first-layer without second-layer and with second-layer is very small. V. SECURE TRANSMISSION PERFORMANCE Figure 5 shows various stages of watermark embedding and extracting for the host image. Figure 5(a) is the original image. After embedding the first watermark, the watermarked image is shown in Figure 5(b). Figure 5(c) illustrates the final watermarked image after embedding the two watermarks. Input face image is shown is shown in figure 5(d). The biometrics needs to be transmitted occupies 32m=2048bits, corresponding to the m=64 Eigen-face coefficients (32 bits per coefficient). Figure 5(e) illustrates the face image reconstructed from 64 coefficients

VI.

SECURITY DISCUSSION

This paper proposes a novel scheme for biometric template secure transmission using bi-layer watermarking and PKI. The security of the proposed scheme can be guaranteed by the following aspects: The secret key is a one-time-key, each transmission adopts different key, and the secret key is encrypted. The security of the secret key can be ensured. Even if the second-layer watermark is public to all receivers, only the receiver who has the right private key can decrypt the second-layer watermark. Then, the first-layer watermark can be extracted. PKI signature can ensure integrity, security, authenticity and non-repudiation of data. All transmitted data is embedded into the host image, which guarantees its secrecy. The second-layer can be removable, and the bi-layer watermark does not affect each other. VII. CONCLUSIONS The combination of bi-layer watermarking and PKI offers various attractive features and advantages for transmitting biometric templates. All the data is transmitted through the hidden channel provided by watermarking technology, the secrecy can be ensured. PKI can ensure integrity, security, authenticity and non-repudiation of data. The secret key is also embedded into the host image, and it is transmitted along with the watermarked image, which provides convenience for both sides. Beyond the attractive features of the framework, a robustness bi-layer watermarking algorithm is proposed. Experimental results show that the bi-layer watermarking does not affect each other, and the proposed scheme can be used as secure transmission of biometrics even if over a noisy network. ACKNOWLEDGMENTS This work was supported by the National Natural Science Foundation of China (Grant No.60873158). REFERENCES

[1] Jin Wu, Beibei Xia et al, A Secure Image Transmission Scheme Based on Digital Watermark and cryptography, in Proc. ISIMVSP2004, pp.278-281. N. Bartlow, N. Kalka, B. Cukic and A. Ross, Protecting Iris Images through Asymmetric Digital Watermarking, in Proc. of 5th IEEE Workshop on Automatic Identification Advanced Technologies (AutoID), 2007, pp.191-197. W. Puech and J. M. Rodrigues, A new crypto-watermarking method for medical images safe transfer, in Proc. of 12th European Signal Processing Conference (EUSIP2004), Sept.2004, pp.14811484. M.K. Khan, J.s. Zhang, Chaotic Secure Content-based Hidden Transmission of Biometric Templates, Chaos, Solitons & Fractals, 2007, pp. 1449-1459. A.K. Jain, U. Uludag, and R.L. Hsu, Hiding a face in a fingerprint image, in Proc of International Conference on Pattern Recognition (ICPR2002), 2002, pp. 756-759.

(a)

(b)

(c)

(d)

(e)

Figure 5. Watermark embedding: (a) Original image. (b) Firstlayer watermarked image. (c) Bi-layer watermarked image. (e) Input face image. (f) Face image recovered from 64 coefficients.

In order to evaluate the performance of the proposed scheme for transmitting biometrics, fifty-time transmissions under different strength of Gaussian noise are implemented. Table 1 illustrates the results.

Table 1. Experimental results under different condition

Variance 0 0.0005 0.001 0.0015 0.002 0.0025 Successful transmission (times) 50 50 41 39 21 8 Fail to transmit (times) 0 0 9 11 29 42

[2]

[3]

In Khan [4], the recovery accuracy of biometric templates is 93.83% under Gaussian noise (0, 0.001), which will decrease the recognition rate. Moreover, the integrity of biometric templates cannot be guaranteed.

[4]

[5]

98

- A New Image Encryption Algorithm Based Slicing and Displacement Followed by Symmetric and Asymmetric Cryptography TechniqueUploaded byEditor IJRITCC
- Encryption ProjectUploaded byeyadakram
- Password EncryptionUploaded byBridget Smith
- 70-293 MCSE Guide to Planning a Microsoft Windows Server 2003 [1]...Uploaded bysam
- 08012311Uploaded byBasker
- repUploaded byapi-19588525
- FULLTEXT01_7Uploaded byapi-19660619
- IT-21Uploaded byapi-19799369
- SECURITYUploaded byapi-19799369
- E CommerceUploaded bydharmendraalone93
- Major Project PptUploaded byNitin Smile Thats All
- Fundamentals of digital watermarkingUploaded byAbdAllah El Sheikh
- The PGP Trust Model-1Uploaded byneilo_00
- Draft SP800-57-Part1-Rev3 May2011 DRAFT Recommendation for Key ManagementUploaded by_mrp
- Px c 3875328Uploaded byflourance
- 10.1.1.92.6160Uploaded byKristoforus Jawa Bendi
- csa223ch01 introductionUploaded byapi-236400138
- CIS Ch01IntroductionUploaded bytulsiparikh
- Defending the Oracle Database With Advanced Security FeaturesUploaded bydasxax
- 3N19-IJAET0319309_v7_iss1_30-37Uploaded byAjit Panada
- A New Method for Encrypting Digital Data Using Symmetric Key in Information Exchange SpacesUploaded byATS
- 13 1468642593_15-07-2016.pdfUploaded byEditor IJRITCC
- NIST.SP.800-56Br1Uploaded byNaruta
- Network Security & CryptographyUploaded byvikramvetal
- E Comm Security and EPSUploaded byavnish
- 57_frado_PS.pdfUploaded byEdmund Zin
- International Journal of Scientific Research in Science, Engineering and TechnologyUploaded byInternational Journal of Scientific Research in Science, Engineering and Technology ( IJSRSET )
- 3. Identity-Based Encryption with Cloud.docxUploaded byPidikiti Surendra Babu
- Questions BankUploaded byMuhammad Umer
- Bismuth WhitepaperUploaded bySx'ur An

- An image encryption scheme using Discrete Fractional Fourier Transform and Dual Chaotic Logistic MapsUploaded byajv1234567890
- 86 subrat 4gUploaded bychamalla
- Adaptive Steganography-Based Optical Color Image CryptosystemsUploaded byajv1234567890
- A 3D Model Data Hiding Algorithm Based on Local Coordinate SystemUploaded byajv1234567890

- Concept of Wireless LANUploaded byMahfuz Alam Parosh
- wpaUploaded byBash K. Osman
- VTU Network Security(10ec832) Unit-6 NotesUploaded byjayanthdwijesh h p
- BCCSPUploaded byPinnacle Systems Group
- 051214 China Titan RainUploaded bynicolasv
- Design thinking reportf on sql injection prevention metrhod using aesUploaded byakki c
- cisco 210-250 Secfnd Dumps VCE Guide compiled questionsUploaded byMrPakistani
- Secured Multi Cloud Storage Using CPDPUploaded byInternational Journal for Scientific Research and Development - IJSRD
- CSE403 network securityUploaded byrajat
- AWS & HIPAA ComplianceUploaded byfertalizer
- An Analysis of The Cloud Computing Security ProblemUploaded byLinh Hồ
- 2 ENG757s2lect2_FormalEvaluationUploaded byEmmanuel Owusu
- New Microsoft Word DocumentUploaded byManasi Athalye
- T1-05211740000080Uploaded byEko Setiyo Budi Purnomo
- What is Forge RockUploaded byMichael Moyal
- 2006Open_CAUploaded byamir_12877
- Methodology Firewall Reviews Pci Compliance 34195Uploaded byjaisingla
- hw6Uploaded byEneet Singh Rana
- KPMG Information Security Testing ServicesUploaded byAbe Sam Thomas
- EV SSL Certificates Improve Revenue & ProfitsUploaded bydavidjohnrace
- ECE568 Lecture 1 IntroductionUploaded byjokersandthieves
- WebFort Product SheetUploaded byneeharikat
- Program-Conferinta-Cybersecurity 24 SeptembrieUploaded byMarius Amza
- A Graphical Password Authentication SystemUploaded byArun Kumar HR
- Chapter 8 SlaterUploaded byParadise island
- (Sams) Inside Network Perimeter Security, 2nd Edition (2005) - LibUploaded byJessica LM
- LPTv4 Module 35 Log Management Penetration TestingUploaded byShanky Verma Soni
- members.bangbros.com.psUploaded byNihat Göçmez
- Chapter 7 SlidesUploaded bySmitha Vas
- An Introduction to Cryptography for Non-Cryptographers With Mathematical BackgroundUploaded bydjv