300 likes | 643 Vues
Visual Cryptography. Jiangyi Hu. Visual Cryptography. Example Secret sharing Visual cryptography Model Extensions. Example. What is visual cryptography?. Secret Sharing. The General Idea All n parties can get together and recover secret s .
E N D
Visual Cryptography Jiangyi Hu
Visual Cryptography • Example • Secret sharing • Visual cryptography • Model • Extensions
Example What is visual cryptography?
Secret Sharing The General Idea • All n parties can get together and recover secret s. • Less than n parties cannot recover secret s.
Secret Sharing (Cont.) • Suppose two parties are going to share a secret bit string 1011. • A coin toss is used to generate the first bit of the first share. If the result of the coin toss is a head, then the bit is 0; otherwise, the bit is a 1. • Now generate the first bit of the second share. If the first bit of the first share was 0, then copy the first bit of the secret. Otherwise, if the bit of the first share was 1, then flip the first bit of the secret and use that. • Repeat this random process for each bit of the secret.
Secret: 1011 S2:1101 S1:0110 Secret Sharing (Cont.) • Suppose the secret is 1011, toss the coin 4 times and get the sequence head, tail, tail, and head. Then the first share would simply be 0110. As a result, the bits of the second share would be 1101 (the XOR of 0110 and 1011). • No information about the secret will be gained by looking at either the first share or the second share. • Combine two share and can discover the secret: S1 XOR S2 = Secret.
Visual Cryptography • Visual cryptography was introduced by Naor and Shamir at EUROCRYPT '94. • It is used to encrypt written material (printed text, handwritten notes, pictures, etc) in a perfectly secure way. • The decoding is done by the human visual system directly.
Visual Cryptography (Cont.) • For a set P of n participants, a secret image S is encoded into n shadow images called shares, where each participant in P receives one share. • Certain qualified subset of participants can visually recover the secret image, but other, forbidden, sets of participants have no information on S.
Visual Cryptography (Cont.) • A visual recovery for a set X of participants consists of copying the shares onto transparencies, then stacking them on a projector. • The participants in a qualified set X will be able to see the secret image without any knowledge of cryptography and without performing any cryptographic computation.
Model • Assume the message consists of a collection of black and white pixels and each pixel is handled separately. • Each share is a collection of m black and white subpixels. • Boolean matrix S=[sij] where sij =1 iff the jth subpixel in the ith transparency is black. • The grey level of the combined share is interpreted by the visual system as black if and as white if .
Model (Cont.) • is some fixed threshold and is the relative difference. • H(V) is the hamming weight of the vector. • The visual effect of a black subpixel in one transparency can’t be undone by the color of that subpixel in other transparencies which are laid over it.
2 out of 2 scheme (Cont.) • A pixel P is split into two subpixels. • If P is white, then a coin toss is used to randomly choose one of the first two rows in the figure above. • If P is black, then a coin toss is used to randomly choose one of the last two rows in the figure above. • The pixel P is encrypted as two subpixels in each of the two shares, as determined by the chosen row in the figure. • Every pixel is encrypted using a new coin toss.
2 out of 2 scheme (Cont.) • For each pixel, neither the first share nor the second gives any clue as to whether the pixel is black or white. • Since all the pixels in the secret image were encrypted using independent random coin flips, there is no information to be gained by looking at pixels on a share, either. • This demonstrates the security of the scheme.
2 out of 2 scheme (Cont.) • When superimpose the two shares, consider one pixel P. • If P is black, we get two black subpixels. • If P is white, we get one black subpixel and one white subpixel. • Thus, the reconstructed pixel (consisting of two subpixels) has a grey level of 1 if P is black, and a grey level of 1/2 if P is white. • There will be a 50% loss of contrast in the reconstructed image, but it is still be visible.
3 out of 3 visual cryptography 0011 1100 0101 1010 0110 1001 horizontal shares vertical shares diagonal shares
3 out of 3 scheme (Cont.) • Each matrix in either C0 and C1 contains one horizontal share, one vertical share and one diagonal share. • The analysis of one or two shares makes it impossible to distinguish between C0 and C1. • A stack of three transparencies from C0 is only ¾ black, whereas a stack of transparencies from C1 is completely black.
Extension and enhancement • Each pixel in each one of the two transparencies is presented by a rotated half circle. • Send innocent looking transparencies, e.g.. Send images a dog, a house, and get a spy message with no trace. • Color visual cryptography
Color Visual Cryptography • Verheul and van Tilborg’s method • For a C-color image, we expand each pixel to C subpixels on two images. • For each subpixel, we divide it to C regions. One fixed region for one color. • If the subpixel is assigned color C1 , only the region belonged to C1will have the color.Other regions are left black.
Color Visual Cryptography (Cont.) Four subpixels Four regions One pixel on four- color image Combined
Color Visual Cryptography(cont.) • Rijmen and Preneel’s method • Each pixel is divided into 4 subpixels, with the color red, green, blue and white. • In any order, we can get 24 different combination of colors.We average the combination to present the color. • To encode, choose the closest combination, select a random order on the first share. According to the combination, we can get the second share.
Rijmen and Preneel’s method Combined Result Combined Result Pattern1 Pattern2 Pattern1 Pattern2
Some References • Naor, M. and A. Shamir, Visual Cryptography, Eurocrypt ’94 Proceedings • G.Ateniese, C. Blundo, A. De Santis and D.R. Stinson. Visual Cryptography for General Access Structures, Information and Computation, 1996 • www.dia.unisa.it/VISUAL/ • www.cacr.math.uwaterloo.ca/~dstinson/visual.html • www.leemon.com/crypto/visualCrypto.html