Encrypt Information In Images Without Distortion

Nomikos writes "C|Net reports: Researchers have created a new way to encrypt information in a digital image and extract it later without any distortion or loss of information. A team of scientists from Xerox and the University of Rochester said that the technique, called reversible data hiding, could be used in situations that require proof that an image has not been altered."

Signed Hash

[notestein]

How is this better than a signed hash of the image?

Re:Signed Hash

[packeteer]

Thats where the encryption comes in. The watermark can only be reversed on the correct machine. Think like pgp, only the person you want to can read the email you send. They plan to work this into hardware. They would probably give the hardware a unique key and have the picture creator encrypt so only that key can open it. This way if you say wany a secure presentation you can set it so only the one projector in the white house can read it without the watermark.

once again all the early posters got it wrong

[intuition]

This is steganography with the original image hidden in the steganography as well. Hence the term, "reversible data hiding." That way, not only does the current image hold the data you are sending, but you get a copy of the original image (before steganography) as well.

The fact that every poster so far hasn't seen this fact, is a disturbing reminder of what the average poster on slashdot has become.

does anyone have any suggestions as to where to go next?

My bullshit detector is on yellow alert

[Crag]

"For instance, a digital camera that carries the new algorithms could be used to gather forensic evidence for use later in a courtroom. Any subsequent manipulations of the pictures could be detected, and the area where they occurred could be pinpointed."

Whatever the camera is doing at the scene of the crime could be faked in a lab. Even if each camera has its own PGP/GPG key, the picture is only as reliable as the security of the camera and the key.

What they should do is have the crime scene photographer and his superior digitally sign the images at the crime scene. This would remove the image format from the equation and make the data and the image as secure as the keys of the people involved.

Careful what you wish for

While this approach has many potentially socially useful applications (e.g., getting data out of censorship regimes without getting caught), it also has a more sinister application.

If you can "watermark" (not sure if that is technically the right term for what these folks are proposing) something in such a way that it is undetectable to the viewer, then that implies that you can attach a unique ID to any given file -- which is exactly what SDMI attempted to do (and failed, thanks to Prof. Felten's work at Princeton).

But didn't Felten's paper essentially demonstrate that this sort of perfect information hiding was essentially impossible theoretically? If so, then the Xerox/Rochester guys are wrong. If not, then Felten's paper is wrong and it is possible to insert permanent SDMI-style watermarks in files. I sure hope it's the former and not the latter.

Perhaps this new approach only has to do with psychovisual tricks and not psychoacoustic stuff -- in which case I suppose they could both be right. Anyone more knowledgeable about this care to comment?

-Garth M.

Re:New?

[the+eric+conspiracy]

I've had that technique for years. It's called a checksum.

All a checksum does is provide a playground for anyone with a little Linear Algebra background.

Now if you are talking about message digests based on hash function, like SHA or HMAC you are on firmer ground.

This is great!

[seanadams.com]

Researchers have created a new way to encrypt information in a digital image and extract it later without any distortion or loss of information.

So, if I can add some information to an image without any loss of information in the original, then I don't see any reason why I couldn't use this technique repeatedly, ad inifinitum, on the resulting image. Therefore, they have created a way to turn any one of my pr0n jpegs into an unlimited storage device.

This really changes everything we thought we knew about computer science and information theory. What an incredible discovery!

Steganography

[Chris+Burke]

Well, you can blame the editor, but it's really the article's fault. What they're really talking about is lossless steganography, which is a neater trick. The idea is to hide data in a standard (eg. GIF) image, and be able to extract that data while at the same time preserving the entire image. For the applications they talk about (watermarking), the hidden information is encrpyted, which may be why that word showed up.

I'm curious about their claims. Do they claim to be able to hide the data in an existing image format without image loss? For formats like GIF, it'd be tough, because compressed data (by design) lacks the redundant bits Information Theory demands before you can start cramming extra bits of data into the same space. They certainly wouldn't be able to guarantee that the image was without quality loss before removing and correcting for the watermark. ;)

So I guess I'm not sure what they're claiming.

Though I think for the applications they are stating, actual hiding of the data isn't the point. You don't care if people know that there is some data hidden in the image, you only care that they can't read it or forge it. It'd be much easier then, because you could make a new file format. Shit, all you'd have to do is take a .PNG, stick an encrpyted md5 sum at the back, and call it (S)ecurePNG.

Which isn't a bad idea, actually... You could do some of the things they talked about.

For digitizing contracts, both parties would put an md5 sum encrpyted with their private keys in the image of the contract. Anyone (e.g. the Court) can read the md5 sums and verify that a copy of the contract is legitimate.

For verifying forensics photos, the camera they used would have to encrypt all the photos it takes with a private key (the Courts, again?) not known to the police officers who do the work. I think this is unworkable.

The only problem with both of these ideas is that they are only worth as much as you can trust that the private keys have not been compromised. If you're going to be convicting people on the basis of signed police photos, you'd better be damn sure that the police couldn't have possibly discovered the private key hidden in the camera's hardware.

But like I said, this doesn't involve hiding data in a photograph. I'm just wondering what the -purpose- of the steganography was actually supposed to be. Why is it important that the information be -concealed-?

Misleading title.

[KFury]

The title "Encrypt information in images without distortion" is really misleading. It suggests (err, states) that the sego process doesn't change the image. It certainly does. The only interesting bit is that it's reversable.

So while it's not lossy in the final analysis, and the original version can be reclaimed, it does actually distort the image, while the hidden message is contained within.

Zero Distortion HOWTO

[Effugas]

Yes, I originally thought it was impossible.

Then I sat down, and realized what's going probably on here (the CNet article didn't specify, and I didn't think to track down the original work. Foo on me. So I'm pulling this out of my proverbial ass.)

Perfectly random images are indeed impossible to add data to without creating some form of irreversable distortion. Suppose you had a "remove transformation" mask embedded in the included transform. This mask itself would take information, which would then need to be added to the transform, which would increase the size of the transform, thus necessitating a bigger mask, ad nauseum. So you could never embed the reversal instructions.

However, photographs are not perfectly random. Along the light wavelengths that nature selected for humans to sense, significant patterns exist -- edges, gradients, shapes, and so on. Though precise intensities eventually hit perfect randomness at absolute sensitivity, digital photographs (even without JPEG) quantize imagery into 8 bits per channel -- 24 bits total. So those patterns we see actually create significant regions of reduced entropy -- less information in the image than there is otherwise room for.

And that's the key -- because once there's extra capacity, we can embed both some message and the means to remove that message in the extra space. Then it's just a matter of using one of a thousand ways to share the secret across all the low entropy regions of the image, and you're done.

No, it doesn't violate information theory. Yes, it's mildly cool. No, it's nothing like a public key steganographic system -- there's nothing inherent about the system that prevents unauthorized removal, or even unauthorized addition of the watermark. But it's a useful adjunct -- concievably, it'd be at the heart of a watermarking system that fingerprinted audio and video in low-entropy segments, then removed the fingerprint before it hit the d/a converter.

I'm pretty sure the strategy extends to floating point representations as well, though there's likely much less compressability due to noisy capture circuitry and higher raw entropy in the signal.

Yours Truly,

Dan Kaminsky
DoxPara Research
http://www.doxpara.com