In recent years there is need for enhance security infrastructure for telemedicine. Medical images are often transmitted over not secure or trusted channels; hence the protection of those images is really important. In this work I attempt to combine a novel key generation algorithm that generates unique keys of sender-receiver fingerprint biometrics which are shared between the two parties using the S-MIME protocol; with a binary robust image watermarking technique, which implements a detectable and extractable watermark. The algorithm for this watermark uses the multiwavelet transform called “triple tree”, which does not need the original image for the extraction process. The proposed combined algorithm is implemented in C# .Net and it will be tested by taking a set of sample dual-colour x-ray medical images and measure the encryption, decryption time and memory required in resource-aware Distributed Computing environment.
There is a huge rise of need for security in healthcare industry, since more and more healthcare devices are interconnected. Most health care organisations are more focused on the risk management of life and death decisions than on the security of their data transactions and medical images transmission, such as x-rays. This leads to system requirements such as prevention/detection of illegal viewing or copying. Digital watermarking enables information embedding inside an x-ray image to protect its context and privacy. (Hsu & Marinucci, 2013, p. 176- 178)
“Telemedicine is the use of information and communication technologies to provide health care where patients and doctors are separated by geographical distance.” (Lakshmi & Sadasivam, 2014, p. 103)
Medical images are often transmitted over not secure or trusted channels; hence the protection of those images is really important. The proposed algorithm combine a robust image watermarking technique with fingerprint biometrics on the generation of the watermark, such as the medical x-ray picture is protected, fulfilling the requirements for x-ray pictures watermarking as they are briefly presented below.
RELATED AND PREPARATORY WORK.
Medical Image Watermarking
Medical Image watermarking is used for different applications such as confidentiality and security, access control, origin identification and more. As the communication of medical images goes beyond a single hospital’s LAN, there is a change for casual, accidental or malicious attack of the medical image.
Lakshmi & Sadasivam are proposing a fragile watermarking technique as the most efficient to detect tampering (2014, p. 104) stating that “No patient likes to expose his/her x-ray pictures”. However, for my scenario, of medical dual colour x-ray images to be transmitted through unsecure resource aware distributed networks, watermarks need to be robust, such as malicious attackers should not be able to remove the watermark without harming the quality of the content to the point that it becomes worthless. (Mitchell, 2004, p. 354 – 355) Therefore, by using a robust watermarking technique there is no point of tampering detection, since if an attacker tries to remove or modify the watermark, the actual x-ray will become un-usable; hence the private and confidential patient data will be protected.
Requirements for X-ray pictures watermarking
According to Lakshmi & Sadasivam (2014, p.105) tele-radiology is the transmission of x-ray images from one location to another, for medical purposes. The security issues that need consideration are the following:
- Confidentiality: Only the authorised users can access the data
- Integrity: The image has not been modified
- Authentication: Proof of origin
- Availability: Access is free to authorized users.
Fingerprints differ from person to person and they do not change over the years or age. Fingerprints have an uneven area of ridges and valleys that create a unique pattern for every person. For this project, the ridge pattern is the only interest.
A bio-metric is a secure authentication mechanism; due to the fact that it cannot easily be forged, forgotten and stolen. Fingerprint bio-metric changes due to surgeries, burns or extreme criminal activities are outside the scope of this project. Bio-metrics, measure people’s fingerprints to recognize and/or authenticate their identity. (Liu & Silverman 2001, p. 27)
S-MIME means Secure Multipurpose Internet Mail Extensions, and describes how the messages must be formatted so that they can be exchanged between different email systems as well as supporting encryption. S-MIME protocol allows not only text but also image transmission. S-MIME provides the following cryptography related security facts: authentication, integrity, privacy and data security. (Protocols Guide: TCP/IP Protocols, p.21)
The main reason behind using multiwavelet transformation is that while multiwavelets are constructed, properties such as orthogonality, symmetry and compact are possible, which are not available to any scalar wavelet. “Wavelet-based coding is more robust under transmission and decoding errors, and also facilitates progressive images transmission.” (Nasri, Helali, Sghaier & Maaref, 2011, p. 313) The structure of this multi-wavelet transformation is illustrated in Figure 1.
There are two categories of multiwaveletes the balanced and the unbalanced ones. The unbalanced multiwavelets have irregular functions and the filter bank does not hold the preservation nor the annihilation properties; hence the need of pre-filtering operations. The balanced multiwavelets have smooth functions and the corresponding filter bank holds the preservation and annihilation properties. Since this project is focused on resource aware distributed systems, the need for less computation is profound. Therefore, the dual – colour x-ray image is transformed using the balanced multiwavelet technique, as suggested by Ragupathy, Tamilarasi & Pandian (2012, p. 14-16).
The discrete multiwavelet transform I decided to use in this project is based on the JPEG2000 compression as suggested by Kumsawat, Attakimongcol & Srikaew (2007, p. 612-613).
Where h is the matrix of low pass filter and g is the matrix of high pass filter. Those filters are matrices of the coefficients of the n × n form. (Ragupathy, Tamilarasi & Pandian, 2012, p. 14)
ANALYSIS AND SUPPORT OF PROPOSED SOLUTION
A novel algorithm has been developed for providing the most important security features i.e. authentication, integrity and confidentiality. The proposed algorithm uses Finger Print biometrics of either the receiver or the sender to ensure authentication and confidentiality. It also uses a discrete multiwavelet transformed dual-colour x-ray image. This x-ray image has the watermark embedded to it, so as integrity is ensured.
Fingerprint Secret Key Generation:
Input: A processed Finger Print image of either the sender or the receiver.
Output: Coordinate pair named: CP (x, y), which is shared only between the receiver and the sender.
Steps to follow: (Hemalatha & Athisha, 2014, p. 756)
- Select a random ridge from the Finger print image.
- Draw this ridge in coordinate axis X, Y
- Pick a random point from the coordinated ridge. Let it be CP (x, y)
- Return the coordinate pair CP (x, y) as secret key
Fingerprint Session Key Generation:
The session key is generated by both sender and receiver based on the pair of coordinates CP(x,y) that generate the secret key, as shown above.
Input: Let S (x, y) be the sender secret key and R (x, y) be the receiver secret key coordinates.
Output: The Session Key between sender and receiver, in the form of coordinate pair namely Ks (x, y)
Steps to follow: (Hemalatha & Athisha, 2014, p. 756 – 757)
- Read the inputs S (x, y) and R (x, y)
- Parse the inputs into S(x), S(y) and R(x), R(y)
- Calculate Ks(x) = S(x) + R(x) and Ks(y) = S(y) + R(y)
- Return Ks (x, y)
I assume that this session key Ks (x, y) can be shared using the S-MIME protocol; so as the watermark would be safely removed using the Kumsawat, Attakimongcol & Srikaew (2007, p. 614 – 615) algorithm.
First Input: Sender’s Secret Key CP (x, y)
Second Input: The multiwavelet transformed and watermarked dual colour X-ray image.
Steps to follow:
- “Generate a random watermark W using the sender’s secret key, where W is the set of pseudo-random watermark bits shown as: where is the length of the watermark.” (Kumsawat, Attakimongcol & Srikaew 2007, p. 614).
- Decompose the original image into four sub-bands using the discrete balanced multiwavelet transform scheme as explained in section 2.4.
- “Create the multiwavelet trees and arrange them into 3072 groups.” (Kumsawat, Attakimongcol & Srikaew 2007, p. 614).
- “Quantize each group by using JPEG quantization matrix.” (Nasri, Helali, Sghaier, Maaref, 2011, p.314- 315)
- To further increase the integrity of the watermark we order the groups using a simple light pseudo-random generation polynomial of the form of :
- “Combine the coefficients of every three groups together to form a triple tree for n = 1,2,3…1024. Each watermark bit is embedded into a triple tree.” (Kumsawat, Attakimongcol & Srikaew 2007, p. 614).
- Select trees where the length of the watermark W. is. Then we modify the coefficients in the trees as follows: (Kumsawat, Attakimongcol & Srikaew 2007, p. 614).
- “Perform inverse quantization in each group of triple trees and pass the modified coefficients through the inverse discrete multiwavelet transform to obtain the watermarked image.” (Kumsawat, Attakimongcol & Srikaew 2007, p. 614).
The watermark extracting algorithm is the same as the one suggested by Kumsawat, Attakimongcol & Srikaew (2007, p. 614 – 615).
Testing of the proposed Algorithm
I used an Intel® Core™ i7-2670QM CPU @ 2.20 GHz 2.19 GHz, 6 GB RAM, Windows 8 laptop to run all my tests.
The key generation algorithm is built in a .NET environment using C#. The fingerprint images are obtained by Fingerprint Vector Stock Photos (2000) which is a, open source- free website with random fingerprints that are slightly modified and therefore free of usage legalities and constrains.
Since those fingerprints are used, the authentication property of the algorithm is boosted. The length of the bio-generated-key that is used is 256.
The X-ray picture I used, is a scanned copy of an old dual colour X-ray of myself that shows the hip bones, for anonymity purposes I cropped the bottom of the scan before I start processing.
The performance of the algorithm is compared using the same fingerprint encryption algorithm but without the watermarking technique implemented using Cygwin64 Terminal version 4.1.16(8).
Since this paper suggests a novel algorithm, the encryption time of the watermark embedding stage is a rough estimate according to the rest of the algorithm complexities and the mathematical computations the computer has to perform. (See screenshots of the computations, on Appendix A)
Running the algorithm step by step I found that the key generation time is 256 ms (milliseconds), the watermark generation time is and the creation of the multiwavelet trees is 208 ms. and the grouping of the multiwavelet trees and the coefficients modification can be mathematically calculated as: the ms for 1 coefficient to be modified is 0,001 ms; therefore, the ms of all the coefficients to be calculated is 0,001 * Nw where Nw is 256, therefore the final ms is approximately 4 ms. Finally the encryption time should be 256 + 208 + 4 = 468 ms
|Metrics||Fingerprint Encryption without watermark||Fingerprint Encryption with watermark|
|Time taken for key generation (before watermark is applied)||256 ms||256 ms|
|Watermark generation time||N/A||208 ms|
|Encryption Time||143 ms||468 ms|
The existing algorithms are designed to either focus only on authentication and confidentiality, such as the algorithms suggested by Hemalatha & Athisha (2014, p. 756 – 758) or they implement several watermarking techniques, such as the algorithms suggested by Ragupathy, Tamilarasi & Pandian (2012, p. 14- 15) and by Kumsawat, Attakitmongcol & Srikaew (2007, p. 614), which are not enforcing encryption of any form. Further to that, a combination between fingerprint biometrics and watermarking is suggested by Meenakumari & Athisha (2014, p. 704-705) however, this technique uses a hierarchical watermarking generation method which could potentially use too many resources and it would not be feasible to implement such solution in resource aware distributed systems. As Ragupathy, Tamilarasi & Pandian (2012, p. 13) discuss, the biggest problem with hierarchical watermark method is that it uses too many bits for encoding and therefore more time to encode the entire image.
In this project a Fingerprint based watermark algorithm was proposed, in which the fingerprint based biometrics principal’s such as authentication and confidentiality can be combined with the “triple-tree” multiwavelet watermarking technique to provide the extra element of integrity, in such resource aware distributed computing environment where there is less memory. This algorithm can be used in resource limited environments, since it does not require high memory usage and the latency is limited. Unfortunately, the algorithm was not thoroughly tested; therefore the need for some future work is crucial.
A future work suggestion would be the algorithm to combine more than 1 biometric features to further enhance the integrity, as well as to measure the decryption times of the suggested algorithm. Further to that, I consider it essential to further test the application of this algorithm in more complex systems and environments.
Fingerprint Vector Stock Photos (2000) Retrieved From: http://www.dreamstime.com/photos-images/fingerprint-vector.html
Hemalatha T. & Athisha G. (2014). A secure biometric based approach for providing security services in resource-aware distributed computing environment. Journal of Theoretical and Applied Information Technology 62(3), 752- 760. Retrieved from: http://eds.a.ebscohost.com/eds/pdfviewer/pdfviewer?sid=4a7c3965-e57c-4f66-91da-44f99be881d8%40sessionmgr4003&vid=2&hid=4110
Hsu F. & Marinucci D. (Eds.) (2013) Advances in Cyber Security. New York: Fordham University Press
Kumsawat P., Attakitmongcol K. & Srikaew A. (2007, July 2) A robust Image Watermarking Scheme Using Multiwavelet Tree. Proceedings of the World Congress on Engineering. Retrieved From: http://www.iaeng.org/publication/WCE2007/WCE2007_pp612-617.pdf
Lakshmi R. P. & Sadasivam V. (2014) A survey on watermarking techniques, requirements, applications for medical images. Journal of Theoretical and Applied Information Technology 65(1), 103 – 120. Retrieved from: http://eds.a.ebscohost.com/eds/pdfviewer/pdfviewer?sid=be13ef90-5e9b-4165-aba6-226910cf5101%40sessionmgr4004&vid=6&hid=4110
Lin C.Y., Prangjarote P., Yeh C.H. & Ng H.F. (2014) Reversible joint fingerprinting and decryption based on side match vector quantization. ScienceDirect, 98, 52-61. http://dx.doi.org/10.1016/j.sigpro.2013.11.011
Liu S. & Silverman M. (2001) A practical Guide to Biometric Security Technology. IT Professional, 3(1), 27 – 32 http://dx.doi.org/ 10.1109/6294.899930
Meenakumari M. & Athisha G. (2014) Improving the protection of FPGA based sequencial IP core designs using hierarchical watermarking technique. Journal of Theoretical and Applied Information Technology 63(3), 701 – 707. Retrieved from: http://eds.a.ebscohost.com/eds/pdfviewer/pdfviewer?sid=be13ef90-5e9b-4165-aba6-226910cf5101%40sessionmgr4004&vid=9&hid=4110
Mitchell C. J. (Ed.) (2004) Security for Mobility. London: The IEE
Nasri M, Helali A., Sghaier H., Maaref H. (2011) Efficient JPEG 2000 Image Compression Scheme for Multihop Wireless Networks. TELKOMNIKA 9(2), 311-318 Retrieved from: http://eds.a.ebscohost.com/eds/pdfviewer/pdfviewer?sid=b7193ed5-29dd-4680-9ce6-ec998b210858%40sessionmgr4003&vid=2&hid=4110
Protocols Guide: TCP/IP Protocols: Application Layer Protocols: MIME (S-MIME): Multipurpose Internet Mail Extensions and Secure MIME. (2007) Retrieved from: http://eds.a.ebscohost.com/eds/detail/detail?vid=1&sid=53d75e65-82f3-4336-acee-a4d968f18c78%40sessionmgr4003&hid=4208&bdata=JnNpdGU9ZWRzLWxpdmU%3d#db=iih&AN=35048545
Ragupathy U.S., Tamilarasi A. & Pandian C. (2012) Improved Techniques for Mammographic Image compression using Balanced Multiwavelet Block Tree coding. IETE Journal of Research 58(1), 13-19 Retrieved from: http://eds.a.ebscohost.com/eds/pdfviewer/pdfviewer?sid=ab0529c4-774e-47d6-851c-a24357eb2e98%40sessionmgr4003&vid=1&hid=4110