2009 International Conference on Multimedia Information Networking and Security
A Biometric Templates Secure Transmission Method Based on Bi-layer Watermarking and PKI ChunLei Li1,2, YunHong Wang1, LiNing Liu1 2 School of Electronic and Information Engineering Zhongyuan University of Technology ZhengZhou, China
1 School of Computer Science and Engineering Beihang University Beijing, China
[email protected],
[email protected],
[email protected] watermarking and PKI is proposed. The encrypted biometric templates are embedded in the first-layer. And signature of biometric templates appended encrypted secret key of the first-layer is encrypted using the private key of the sender and the public key of the receiver, then embedded into the second-layer. The secrecy of all transmitted data can be guaranteed by watermarking technology. And PKI can ensure security, authenticity and non-repudiation of data.
Abstract—In this paper, a novel framework combining bilayer watermarking and PKI for biometric templates secure transmission is proposed. We design a novel bilayer watermarking algorithm. At the first-layer, DCTbased blind data hiding algorithm is employed. At the second-layer, the employed watermarking algorithm is public to all receivers and removable. The encrypted biometric templates and signature of biometric templates appended encrypted secret key are used as dual watermark, which are embedding into the same host image. Experimental results show that the bi-layer watermarking does not affect each other, and the proposed scheme has good performance while transmitting biometric templates over a noisy network.
II.
The transmitted data includes biometric templates, signature of biometric templates and secret key. The biometric templates are embedded into the host image by a secret key. The secret key also needs to be embedded into the host image, and all the receivers can extract it. Both of them should be embedded separately. PKI can guarantee security, integrity, authenticity and non-repudiation of data. So, a novel framework combining bi-layer watermarking and PKI for biometric templates secure transmission is proposed. The flow chart is illustrated in Figure 1. In Figure 1, the notations are defined as follows. : Data conjunction character. : Watermark embedding/extracting. : Data comparison character. The biometric template B is encrypted using Ks . It is used as W1 which is embedded into the first-layer using secret Ks , and IW1 is generated. A random sequence of 128 bits Ab which is used as verifying the integrity of biometrics data is generated with the help of a standard hashing algorithm MD5, and secret key Ks are united as a binary sequence ( Ks + Ab) , which is encrypted using the private key K apr of the
Keywords-biometric template; secure transmission; bilayer; watermarking; PKI;
I.
INTRODUCTION
At present, biometric-based remote verification systems are applied widely than before, which causes the demand for ensuring the security, integrity and secrecy of biometrics data during transmission over insecure network. Cryptography is the mostly used way of data security. Watermarking technology provides a hidden channel to guarantee the secrecy of the transmission. The combination of watermarking technology and cryptography technology has been an active research topic [1-4]. The work proposed in [1, 2, 3] embedded the message into the host image, and encrypted the watermarked image. These methods are comparatively much more computationally intensive and the encrypted images are also obvious during transmission. The method proposed in [2] embedded the encrypted message into the host image, and the integrity cannot be verified by receiver. On the other hand, all the above methods need to negotiate a secret key before transmission or send a secret key separately. For the former, it is inconvenient for both sides. For the latter, the secrecy of secret key cannot be guaranteed. In this paper, a novel scheme for biometric templates secure transmission using bi-layer
978-0-7695-3843-3/09 $26.00 © 2009 IEEE DOI 10.1109/MINES.2009.70
FRAMEWORK OF SECURE TRANSMISSION
sender and the public key Kbpu of the receiver. It is used as watermark W2 . The watermark W2 is embedded into the second-layer by a random position sequence generated by the public key K apu of the sender. Then the watermarked image IW2 is sent to the receiver.
95
I W1
B
IW1 K apr
Ks
Kbpu
W2
Ab
IW2
Iw1'
B'
Ks
Ab''
Ab'
W2'
K apu
Kbpr
Figure 1. Secure transmission using dual watermarking and cryptography
Receiver first extracts the watermark W2 by the public key of the sender. The sender can be authenticated and the encrypted data can be decrypted by using the private key K bpr and public key K apu of the sender. The secret
b) Generate a random position sequence f (i ) = I i , i = 1, 2,..., n with the same length as the biometrics data Bi , i = 1, 2,..., n using secret key Ks . c)
key Ks and a random sequence Ab are obtained simultaneously. The former is used as extracting the watermark W1 and decrypting the encrypted biometric
DCT
block
{X i , 1 ≤ i ≤ N}
selected
from X = { X1 , X 2 , ⋅ ⋅ ⋅, X N } are spitted into n / 4 groups, and each group can be represented k k k as G = { X f (4 k +1) , X f (4 k + 2) , X f (4 k + 3) , X kf (4 k + 4) },
templates, and get B ' . The 128 bits Ab'' is generated with the help of MD5 from B ' , and verify whether it equals Ab' . The verified result can tell us whether we receive the right biometrics data. III.
n
k = 0,1,..., n / 4 − 1 . d) Four sequential coefficients whose index is more than h (the pre-determined index which is the lowest index of the four watermarkable coefficients) are selected for each block among one group. Four biometrics bits are embedded into one group block : ⎧ Δ B(4 k +1) l = 1 ⎪ ⎪ Δ B(4 k + 2) l = 2 X kf (4 k + b ) (h + l ) = ⎨ b = 1, 2,3, 4 (1) ⎪ Δ B(4 k +3) l = 3 ⎪ Δ B l=4 (4 k + 4) ⎩
BI-LAYER WATERMARKING SCHEME
The two layers watermark should have the capability of self-correction to resist JPEG compression and noise attack. The second-layer watermark can be removable and the bilayer watermarking does not affect each other. A. First-layer watermarking In order to improve the robustness of algorithm, DCTbased blind data hiding algorithm is employed. 1) Watermark embedding algorithm: The watermark embedding can be implemented according to the following steps. a) The host image I is divided into 8 × 8 image blocks; perform DCT on the image blocks. Then quantize the DCT coefficients with the JPEG quantization table of the perdetermined quality factor Q . The set of quantized DCT coefficient blocks can be represented as X = { X1 , X 2 , ⋅ ⋅ ⋅, X N } . Each block of DCT coefficients is along zigzag order from low-frequency to highfrequency. X i ( j ) is the j th coefficient of the DCT block X i .
Where Δ denotes the embedding strength. For each group, repeat (d). Then the watermarked image can be acquired. 2) Watermark extracting algorithm: The watermark extracting algorithm can be divided into three steps. a) Decode the received JPEG image to get the quantized DCT blocks X i . Then, generate random position sequence f using secret key Ks . b) For group
a G = { X kf (4 k +1) , X kf (4 k + 2) , X kf (4 k + 3) , X kf (4 k + 4) },
k = 0,1,..., n / 4 − 1 , four biometric bits are extracted according to the following steps. Suppose l =1, C0={0,0,0,0}, C1={1,1,1,1}.
96
•
result in the failure of transmission. The watermarking algorithm needs to be robust and the data can be completely extracted even if the watermarked image suffering from some certain strength of JPEG compression and noise attack.
Extract four coefficients from a group block according to formula (2): (2) Sb = X kf (4 k + b ) (h + l ) b = 1, 2,3, 4 Then covert Sb , b = 1, 2,3, 4 into a four binary bits sequence C ' according to formula (3): Sb < Δ / 2 ⎧ 0, Cb' = ⎨ otherwise ⎩1,
•
•
A. Watermarking Algorithm Performance For the first-layer watermarking algorithm, the PSNR and retrieval accuracy is controlled by quality factor Q and embedded strength Δ . It seems that as the value of Q and Δ is increased; the watermarked image has poorer quality. So the optimum value of the two parameters should be a small value. However, the decoder has the lower recovery accuracy with the decrement of the value. Higher values improve the recovery accuracy but at the same time the quality of the image is reduced. It needs to make a tradeoff between recovery accuracy and the quality of the image. In the experiments we set the parameter values of Δ and Q (4, 0.4) to analyze. For the second-layer watermarking algorithm, it embeds the second watermark into the watermarked image which has been embedded into the first watermark. Parameters are set to: A=100, B=1000, q=0.10. In order to evaluate the performance of the proposed dual watermarking scheme, the recovery accuracy is given under the simulated network environment which is illustrated in Figure 2.
(3)
Calculate the distance between C ' and C0 or C1 which can be represented as d (C ' , C0 ) and d (C ' , C1 ) . The biometrics data Bi can be obtained according to formula (4): ⎧ 0, d (C ' , C0 ) ≤ d (C ' , C1 ) Bi = ⎨ (4) otherwise ⎩1, Add “1” to l , repeat step 2.1, step2.2 until l =4. For each group block, repeat step 2 until all biometrics data is extracted.
B. Second-layer Watermarking Jain [5] proposed a novel watermarking scheme to take account into local image information such as gradient PGM and standard deviation PSD . The embedded equation is as formula (5): PWM (i, j ) = P(i, j ) + (2s − 1) PAV (i, j ) ×
PSD (i, j ) P (i, j ) (5) )(1 + GM ) A B Where s represents the watermark bit. The parameters A and B aid in adjusting the strength of the standard deviation and gradient when modulating the bits to be watermarked. P(i, j ) is the pixel intensity at (i, j ) , PAV (i, j ) represents the average pixels in a c × c neighborhood centered around (i, j ) , and PWM (i, j ) represents the intensity of the watermarked pixels. The extracting process is accomplished by estimating a linear combination of the pixels in a cross-shaped neighborhood around the extracted bit as formula (6): c c ij = 1 ( (6) B B + i+k , j ∑ Bi, j + k − 2 Bij ) 4c k∑ =− c k =− c Where c denotes the size of the neighborhood. After estimating the pixel B i j value, the difference between the estimated and watermarked pixels is averaged over all embedding location among a block for that bit. Finally the sign of this value indicates the bit. In order to reduce the effect on the first-layer watermarked image, an estimate of the first-layer watermarked image is found via replacing the ij value. watermarked image with the B q(1 +
IV.
Receiver
Sender JPEG Compression
Noisy Channel
Figure 2. Simulated network environment
The watermarks are embedded into the quantized image, and it is robust to JPEG compression Recovery accuracy
1 0.98 0.96 0.94 Second-layer First-layer
0.92 0.9 0.5
1
1.5
2 2.5 3 3.5 Variance=0.0005:0.005
4
4.5
5 -3
x 10
Figure 3. Recovery accuracy under Gaussian noise attack
Recovery accuracy
1
EXPERIMENTAL RESULT
0.98 0.96 0.94
0.9 0.5
The proposed scheme for secure transmission is robustness-critical for watermarking algorithm. If any bit of transmitted information is suffering modifying, then it will
Without Second-layer Wiht Second-layer
0.92 1
1.5
2 2.5 3 3.5 Variance=0.0005:0.005
4
4.5
5 -3
x 10
Figure 4. The effect of second-layer on first-layer
97
The ability to extract watermarks under noise attack is given in Figure 3. In this paper, Gaussian noise (0, variance) is used as the noise model. The x-axis represents different variance which range from 0.0005 to 0.0045. The y-axis represents recovery accuracy of watermark under Gaussian noise. The second-layer watermarks can be extracted with very high accuracy, and the recovery accuracy of the firstlayer decrease along with the augment of noise strength. Figure 4 illustrates the effect of the second-layer on the firstlayer under Gaussian noise, the difference of the recovery accuracy of the first-layer without second-layer and with second-layer is very small. V.
VI.
This paper proposes a novel scheme for biometric template secure transmission using bi-layer watermarking and PKI. The security of the proposed scheme can be guaranteed by the following aspects: • The secret key is a one-time-key, each transmission adopts different key, and the secret key is encrypted. The security of the secret key can be ensured. • Even if the second-layer watermark is public to all receivers, only the receiver who has the right private key can decrypt the second-layer watermark. Then, the first-layer watermark can be extracted. • PKI signature can ensure integrity, security, authenticity and non-repudiation of data. • All transmitted data is embedded into the host image, which guarantees its secrecy. • The second-layer can be removable, and the bi-layer watermark does not affect each other.
SECURE TRANSMISSION PERFORMANCE
Figure 5 shows various stages of watermark embedding and extracting for the host image. Figure 5(a) is the original image. After embedding the first watermark, the watermarked image is shown in Figure 5(b). Figure 5(c) illustrates the final watermarked image after embedding the two watermarks. Input face image is shown is shown in figure 5(d). The biometrics needs to be transmitted occupies 32m=2048bits, corresponding to the m=64 Eigen-face coefficients (32 bits per coefficient). Figure 5(e) illustrates the face image reconstructed from 64 coefficients
(a)
(b)
(c)
(d)
VII. CONCLUSIONS The combination of bi-layer watermarking and PKI offers various attractive features and advantages for transmitting biometric templates. All the data is transmitted through the hidden channel provided by watermarking technology, the secrecy can be ensured. PKI can ensure integrity, security, authenticity and non-repudiation of data. The secret key is also embedded into the host image, and it is transmitted along with the watermarked image, which provides convenience for both sides. Beyond the attractive features of the framework, a robustness bi-layer watermarking algorithm is proposed. Experimental results show that the bi-layer watermarking does not affect each other, and the proposed scheme can be used as secure transmission of biometrics even if over a noisy network.
(e)
Figure 5. Watermark embedding: (a) Original image. (b) Firstlayer watermarked image. (c) Bi-layer watermarked image. (e) Input face image. (f) Face image recovered from 64 coefficients.
In order to evaluate the performance of the proposed scheme for transmitting biometrics, fifty-time transmissions under different strength of Gaussian noise are implemented. Table 1 illustrates the results.
ACKNOWLEDGMENTS This work was supported by the National Natural Science Foundation of China (Grant No.60873158). REFERENCES
Table 1. Experimental results under different condition Variance 0 0.0005 0.001 0.0015 0.002 0.0025
Successful transmission (times) 50 50 41 39 21 8
SECURITY DISCUSSION
[1]
Fail to transmit (times) 0 0 9 11 29 42
[2]
[3]
In Khan [4], the recovery accuracy of biometric templates is 93.83% under Gaussian noise (0, 0.001), which will decrease the recognition rate. Moreover, the integrity of biometric templates cannot be guaranteed.
[4]
[5]
98
Jin Wu, Beibei Xia et al, “A Secure Image Transmission Scheme Based on Digital Watermark and cryptography”, in Proc. ISIMVSP2004, pp.278-281. N. Bartlow, N. Kalka, B. Cukic and A. Ross, “Protecting Iris Images through Asymmetric Digital Watermarking”, in Proc. of 5th IEEE Workshop on Automatic Identification Advanced Technologies (AutoID), 2007, pp.191-197. W. Puech and J. M. Rodrigues, “A new crypto-watermarking method for medical images safe transfer”, in Proc. of 12th European Signal Processing Conference (EUSIP2004), Sept.2004, pp.1481–1484. M.K. Khan, J.s. Zhang, “Chaotic Secure Content-based Hidden Transmission of Biometric Templates”, Chaos, Solitons & Fractals, 2007, pp. 1449-1459. A.K. Jain, U. Uludag, and R.L. Hsu, “Hiding a face in a fingerprint image”, in Proc of International Conference on Pattern Recognition (ICPR2002), 2002, pp. 756-759.
