Much research has been done in the area of steganography, which is the science of concealing data in a transmission medium in such a way that it does not draw the attention of eavesdroppers. Steganography has various useful applications, such as for human rights organizations (i.e. as encryption is prohibited in some countries); smart IDs where the identification details of individuals are embedded in their photographs (i.e. content authentication); data integrity (i.e. by embedding a checksum value); medical imaging; and secure transmission of medical data, to name a few. Various algorithms have been proposed to implement steganography in digital images.
Essentially, there are three major clusters of algorithms (references provided at the end of the description): (1) algorithms using the spatial domain, such as S-Tools (Brown, 1996); (2) algorithms using the transform domain, for instance F5 (Westfeld, 2001); and (3) algorithms taking an adaptive approach, combined with one of the former two methods, for example ABCDE (A Block-based Complexity Data Embedding) (Hioki, 2002).
Most of the existing steganographic methods rely on two factors: the secret key and the robustness of the steganographic algorithm. However, all of them either do not address the issue of encryption of the payload prior to embedding or merely give a hint of using one or more of the conventional block cipher algorithms.
The renowned generic block cipher algorithms, such as Data Encryption Standard (DES), Advanced Encryption Standard (AES), International Data Encryption Algorithm (IDEA), etc., are not suitable to handle relatively bulky data, e.g. digital images, for their long computational process (Usman et al., 2007). Various hash algorithms are available, such as MD5 (Message Digest 5), Blowfish, and SHA-1 (Secure Hash Algorithm 1), which hash data strings, thus changing their state from being natural to a seemingly unnatural state. A hash function is formally defined as the mapping of bit strings of an arbitrary finite length to strings of fixed length (Yang et al., 2008).
Encryption is particularly useful for Intellectual Property Management and Protection (IPMP) standardisation groups, as well as multimedia communications that prefer handling media streams compliant to particular multimedia coding standards, such as JPEG or MPEG-1/2/4 standard (Wen et al., 2002).
The research on the design of secure encrypted images tends to focus on transferring images into chaotic maps. Chaos theory, which essentially emerged from mathematics and physics, deals with the behaviour of certain nonlinear dynamic systems that exhibit a phenomenon under certain condition known as ‘chaos’, which adopts the Shannon requirement on diffusion and confusion (Shih, 2008). Due to its attractive features such as its sensitivity to initial condition and random-like outspreading behaviour, chaotic maps are employed for various applications of data protection (Yang et al., 2008).
In the realm of 2D data, Shih (Shih, 2008) outlines the following method, called Arnold's cat map, in order to spread the neighbouring pixels into largely dispersed locations:
                                          [                                                                                x                    ′                                                                                                                    y                    ′                                                                        ]                    =                                                    [                                                                            1                                                              1                                                                                                  l                                                                                      l                        +                        1                                                                                            ]                            ⁡                              [                                                                            x                                                                                                  y                                                                      ]                                      ⁢            mod            ⁢                                                  ⁢            N                          ⁢                                  ⁢                                            where              ⁢                                                                                ⁢                                                                              ⁢                              det                ⁡                                  (                                      [                                                                                            1                                                                          1                                                                                                                      l                                                                                                      l                            +                            1                                                                                                                ]                                    )                                                      =                                          1                ⁢                                                                  ⁢                or                            ⁢                                                          -              1                                ,                                    (        1        )            and l and N denote an arbitrary integer and the width of a square image respectively. The determinant here is referred to as ‘der’.
Applying Equation (1) to the sample image ‘Lena’, with reference to FIG. 1, it can be seen that after exactly 17 iterations, termed as the stable orbit, the chaotic map converged into the original image. This Discrete Time Dynamic System (DTDS) is also the basic framework used in (Lou, D. C and Sun, C. H, 2004).
Regarding this method, it is important to note:
A) Since the algorithm uses a determinant in its process, the input matrix can only be square. This constraint was highlighted also by (Usman et al., 2007). A work around this problem might be in applying the algorithm on square blocks of a given image repetitively. However, it would generate noticeable peculiar periodic square patterns, given the nature of the process.
B) As far as the security systems are concerned, the convergence of the translated pixels into their initial locations, i.e. image exact reconstruction after some iteration, is also not an appealing factor. This is an observed phenomenon in variety of chaotic based algorithms. Given one of the iterations is used, if an attacker gains knowledge of the algorithm and obtained the parameter “1”, which is relatively easy to crack using brute force, he will be able to invest some time to add more iterations that will reveal the original image. For example, Wang et al. (2007) show that for such systems if two parameters are set to 10 and 8, then regardless of image contents, any image with the dimensions of 256×256 will converge after 128 iterations. This periodicity brings insecurity to the process (Ashtiyani et al., 2008) as methods for computing the periodicity can be formulated such as the one proposed by Bing and Jia-wei (2005).
In a more detailed and concise attempt to introduce image encryption, Pisarchik et al. (2006) demonstrated that any image can be represented as a lattice of pixels, each of which has a particular colour. The pixel colour is the combination of three components: red, green, and blue, each of which takes an integer value C═(Cr, Cg, and Cb) between 0 and 255. Thus, they create three parallel CMLs (Chaotic Map lattices) by converting each of these three colour components to the corresponding values of the map variable xc=(xcr,xcg,xcb) and use these values as the initial conditions, xc=x0.
Starting from different initial conditions, each chaotic map in the CMLs, after a small number of iterations, yields a different value from the initial conditions, and hence the image becomes indistinguishable because of an exponential divergence of chaotic trajectories (Pisarchik et al., 2006). Pisarchik introduced seven steps for encrypting images and seven steps for decryption. The algorithm does not encompass any conventional hash algorithm, i.e., MD's family, SHA's family or Blowfish. Moreover, four parameters were used of which one was set constant and another two were regulated. The settings used can impact a tremendous change to the chaotic map quality, as can be seen from FIGS. 2 and 3. Therefore, the receiver must know the decryption algorithm and the parameters which act as secret keys.
The authors suggest that the algorithm yields good results for RGB images. However, the authors used a rounding operator, which was applied recursively along the different iterations. One concern regarding this method is the difficulty of recovering the exact intensity values of the input image, as the recovered image shown in the paper might be just an approximation because of the aforementioned operator. This is important, especially in the application of steganography, where it is desirable to recover the exact embedded file rather than its approximation. This particular point was remarked independently by Kanso and Smaoui (2007), where it was stated that a sensitive generator, e.g. a generator with a rounding operator, can produce two different binary sequences (after some iterations) for the same initial values and parameters, if generated on two different machines which round off fractions after unmatched decimal places.
Usman et al. (2007) describe a method for generating a chaotic map for apparently encrypting medical images by repetitive pixel arrangement and column and row permutations. The pixel arrangement is achieved through the following system:X(i,j)→Y(k,1),wherek=[(j+(i−1)N−1)/L]+1l=(j+(i−1)N−1)mod(L)+1  (2)
Here, k, 1 denote the mapped spatial coordinates of the original location at i, j. N and L are the height of the original image and transformed image respectively in such a way that:Π(K,L)=Π(M,N),whereK≠M 
The authors show some experiments in which the deciphered phase was missing. It is suspected that the rounding operator introduced in Eq. (2) will force some pixels to collude at the same location resulting in lose of information needed for the original image reconstruction. Zou et al. (2005) reduce the number of iterations in their work by using 2D generalised Baker transformation to enhance the key space.
Ultimately, the aforementioned methods scramble image pixels using some control parameters and a number of iterations. It is worth noting here that there are several similar two dimensional image chaotic maps introduced in the literature, the most popular being Arnold Cat map, Baker map and Tent map. Discussions on these maps can be found in (Fridrich, 1997). A survey on image encryption is provided in (Shujun et al., 2004).
Generally speaking, chaos keeps image statistics intact, and as a result pixel intensities remain the same. However, the close relationship between chaos and cryptography makes a chaos based cryptographic algorithm a natural candidate for secure communication (Ashtiyani et al., 2008). The two Shannon requirements, confusion and diffusion, must be met when attempting to have any secure cipher algorithm (Claude, 1949). Chaos, given its nature of data scrambling, satisfies the first requirement but not the second, as has been stated earlier that pixel values are not changed.
Other type of image encryption include Fourier plane encoding algorithm, introduced by Refregier and Javidi (1995), which is attacked by Gopinathan et al. (2005) using an initial guess of the Fourier plane random phase while searching over a key space to minimise a cost function between the decrypted image for a given key and the original image. This spurred a variety of authors to apply the Fourier transform such as (Singh et al., 2008 and Joshi, et al., 2008).
One-time pad hash algorithms were believed to be unsuitable for image encryption, since they would require a key of the size of the ciphered image itself (Usman et al., 2007). Sinha and Singh (2003) use MD5 to generate image signature by which they encrypt the image itself using bitwise XOR operation; they coupled that with error control code, i.e. Bose-Chaudhuri Hochquenghem (BCH). The ciphered image was larger than the original because of the added redundancy due to applying the BCH. Since the message digest is smaller than the image, they XOR the signature block by block, which eventually left some traces of repetitive patterns. Hence, this method was commented on by Encinas and Dominguez, (2006) in which it was shown also how insecure the method is by some experiments, a fact that provoked Sinha and Singh, (2003) to debate the arguments raised by Encinas and Dominguez in their published reply (Sinha and Singh 2006).
In Martinian et al. (2005), an encryption key is derived from a user's biometric image itself. The added advantage is that, unlike normal passwords, the key is never stored in the open, and the user has no need to carry or remember it. However, this scheme has a number of potential flaws, one of which occurs when the biometric image is stolen—unlike passwords, a user's image is impossible to replace. Also, the same biometric image can be grabbed with different intensities, depending on intrinsic factors such as camera model, resolutions etc., or extrinsic aspects, such as environment changes, e.g. light.
In relation to specific implementations of encryption algorithms, steganography is often used in the field of biometrics. To protect photographs of individuals on ID cards, government bodies often use a physical watermark on the photos using either an iron stamp which is half visible, or a normal stamp. This fragile shield of security can be easily deceived by mimicking the same stamp.
The biometric security measurement relies heavily on facial feature extraction, and it is important to have the system integrated into an external database with a real time connection to double check for identities. On the other hand, systems on chip can be relatively expensive to roll out, and often require dedicated hardware. In addition, some chip circuits can be reverse engineered using a Radio Frequency Identification (RFID) technology. This happened recently1 in the Netherlands, where two students from the University of Amsterdam broke the Dutch Public Transit Card.
Recently, there have been large scale losses of personal sensitive data in the UK, e.g. the loss of 25 million child benefit records after HMRC sent two unregistered/unencrypted discs to the National Audit Office, and also the theft of a laptop from a Navy officer with personal details of 600,000 people. These incidents inspired further applications of steganography, which aim to develop a highly secure large-scale database using the so-called security by obscurity approach.
It is an object of the invention to provide a method of encrypting images, which is suitable for use in steganographic applications.