1. Field of the Invention
The present invention relates to an apparatus and a method for embedding information for tamper detection and detecting tampering, and a recording medium having a program for carrying out the method recorded thereon. More specifically, the present invention relates to an apparatus for embedding authentication data for tamper detection in a digital image signal, extracting embedded data therefrom to detect any partial change in the digital image and localizing its position, a method carried out by the apparatus, and a recording medium having a program for carrying out the method recorded thereon.
2. Description of the Background Art
Recently, more and more information are available through the use of the Internet. Especially, WWW (World Wide Web) is being frequently used for transmitting and receiving information including images and audio. Under such a network environment opened for everyone, however, an indefinite number of people can copy digital information such as an image without difficulty. Further, the copied image can be easily edited or processed by image processing software available. Accordingly, there may be a case that a recipient of the digital image is not aware of any tampering therewith that may have been made by a third party during the transmission.
Therefore, immediate establishment is required of a technique capable of determining whether the transmitted digital image has been tampered with or not. An electronic authentication technique has been conventionally known as one of the solutions.
FIG. 14 is a diagram explaining an outline of the procedure of a conventional electronic authentication.
A transmitting side subjects an original digital image to data compression by a hash function to generate a digest of the digital image, and then encrypts the digest with a secret key predetermined by the transmitting side. The transmitting side transmits the original digital image and the encrypted digest to a receiving side over the network.
Similarly to the transmitting side, the receiving side first subjects the digital image received over the network to data compression by the hash function to generate a digest of the received digital image. The receiving side also decrypts the encrypted digest received over the network with a public key predetermined by the transmitting side. The receiving side compares the digest generated from the digital image with the decrypted digest. If the digests are identical with each other, the receiving side determines that the digital image has not been tampered with, and if not identical, determines that the digital image has been tampered with (electronic authentication).
In the conventional electronic authentication, however, the transmitting side needs to transmit two types of data, i.e., the original digital image and the encrypted digest, to the receiving side. If there are many digital images, the transmitting side indispensably needs to manage which digest is for which digital image in order to correctly transmit such two types of data over the network.
To avoid such management in the electronic authentication, (i.e., to avoid transmission of two types of data), a digital watermarking technique has been conventionally applied. The digital watermarking is a technique for embedding digital information in digital image data in an insensible form for human being. A typical prior art which relates to the electronic authentication applying the digital watermarking technique is disclosed in, for example, the document “PROCEEDINGS OF THE IEEE, VOL. 87, NO. 7, JULY 1999, pp. 1167 to 1180”.
Now, described is a case of applying the digital watermarking technique to the aforementioned electronic authentication using the digests.
The transmitting side generates a digest of a digital image only for a predetermined number of high-order bits of the digital image (pixels). Thereafter, the transmitting side encrypts the digest with a secret key predetermined by a transmitting side, and embeds the encrypted digest in low-order bits of the digital image. The transmitting side then transmits the digest-embedded digital image to the receiving side over the network.
The receiving side extracts the encrypted digest embedded in the low-order bits of the digital image received over the network. The receiving side decrypts the extracted digest with a public key predetermined by the transmitting side. The receiving side also generates a digest, for verification, only for the predetermined number of high-order bits of the received digital image. The receiving side compares the generated digest with the decrypted digest. If the digests are identical with each other, the receiving side determines that the digital image has not been tampered with, and if not identical, determines that the digital image has been tampered with.
With the conventional digital watermarking technique, however, it is possible to know that the digital image has been changed during its transmission, but can not localize the position that has been changed.
Further, with the conventional digital watermarking technique, specific information is embedded utilizing-high-frequency components which are normally insensible to human eyes. For this reason, if the digital image is subjected to irreversible image processing (compression and decompression) such as JPEG after being embedded with the information, such information is varied, making it impossible to extract the information correctly. That means that distinction is not possible between the tampering intentionally made by an unauthorized person and the change unintentionally caused by the ordinary irreversible image processing.
Still further, the high frequency components normally corresponds to an edge and texture part of an image. Accordingly, if the image is much composed of a monotonous part (image with little contrast variation), the information is not evenly embedded in the image (screen). As a result, a tampering with such monotonous part may not be detected.