CN101562681A - Method for generating digital photo containing watermark based on state parameter - Google Patents

Method for generating digital photo containing watermark based on state parameter Download PDF

Info

Publication number
CN101562681A
CN101562681A CNA2009100594210A CN200910059421A CN101562681A CN 101562681 A CN101562681 A CN 101562681A CN A2009100594210 A CNA2009100594210 A CN A2009100594210A CN 200910059421 A CN200910059421 A CN 200910059421A CN 101562681 A CN101562681 A CN 101562681A
Authority
CN
China
Prior art keywords
key
camera
digital
photo
authentication
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CNA2009100594210A
Other languages
Chinese (zh)
Other versions
CN101562681B (en
Inventor
和红杰
陈帆
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Southwest Jiaotong University
Original Assignee
Southwest Jiaotong University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Southwest Jiaotong University filed Critical Southwest Jiaotong University
Priority to CN2009100594210A priority Critical patent/CN101562681B/en
Publication of CN101562681A publication Critical patent/CN101562681A/en
Application granted granted Critical
Publication of CN101562681B publication Critical patent/CN101562681B/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Landscapes

  • Editing Of Facsimile Originals (AREA)
  • Image Processing (AREA)
  • Studio Devices (AREA)

Abstract

一种基于状态参数的含水印数字照片的生成方法:数码相机拍摄照片时,图像信号经中央处理器处理得到数字图像数据,中央处理器读取拍摄该照片时的焦距、光圈、曝光时间、拍摄时间、感光度作为状态参数。利用相机身份号和密钥设置函数生成相机密钥。将状态参数和相机密钥作为明文,利用哈希函数生成该数字照片的认证密钥。利用认证密钥生成图像数据的含水印数字图像数据,再将其和照片的头文件EXIF合成为照片输出文件保存在相机的外存储器中。该方法生成含水印数字照片的认证密钥的保密性好,既有效地阻止“拼贴攻击”,又能有效抵抗“翻拍攻击”。同时,认证时既不需要数码相机的参与,也不需要密钥传递,实现了数字照片认证的公开和高效。

Figure 200910059421

A method for generating watermarked digital photos based on state parameters: when a digital camera takes a photo, the image signal is processed by a central processing unit to obtain digital image data, and the central processing unit reads the focal length, aperture, exposure time, and shooting time when the photo is taken. Time and sensitivity are used as state parameters. Generate a camera key using the camera ID and the key setup function. The state parameter and the camera key are used as plaintext, and the authentication key of the digital photo is generated by hash function. Use the authentication key to generate the watermarked digital image data of the image data, and then synthesize it and the header file EXIF of the photo into a photo output file and save it in the external memory of the camera. The authentication key of the watermarked digital photo generated by this method has good confidentiality, which can effectively prevent the "collage attack" and effectively resist the "remake attack". At the same time, neither the participation of the digital camera nor the transmission of the key is required during the authentication, which realizes the openness and high efficiency of the digital photo authentication.

Figure 200910059421

Description

基于状态参数的含水印数字照片的生成方法 A Method of Generating Watermarked Digital Photos Based on State Parameters

所属技术领域 Technical field

本发明涉及一种含水印数字照片的生成方法,用于方便、及时和公开地检测和验证数字照片的真实性、完整性和原始性。The invention relates to a method for generating a watermarked digital photo, which is used for conveniently, timely and openly detecting and verifying the authenticity, integrity and originality of the digital photo.

背景技术 Background technique

在计算机技术、网络通信技术和数码成像技术日益发展的今天,数码相机走进千家万户,数码相机拍摄的数字照片已成为我们获取与交换信息的主要来源和信息传播的重要载体。同时,图像的数字化存储和各种图像处理软件的出现使数字照片的编辑、修改和合成变得十分简单。一方面数字图像处理技术可以提高图像的显示质量,丰富我们的生活,方便我们的工作。另一方面,篡改和伪造数码照片如被用于新闻媒体、法庭证据和科学发等领域,会对社会的诚信、政府的公信力和科学的真实性等带来严重的负面影响。伪造数字照片的存在,使数字照片面临失去信任的威胁。如近来人们广泛关注的“广场鸽”和“藏羚羊”等事件,照片提供者利用图像处理工具对多幅数字照片进行篡改、拼贴、合成生成“伪照片”并成为获奖的新闻照片。经过多方取证和鉴定,这些事件的照片提供者已公开承认其获奖新闻照片存在修改的成份。尽管这些作品的奖项被收回,但花费了很多资源(财力、物力、时间等)以鉴定它们的真实性和完整性。这使得,人们难免会对新闻数字照片的真实性产生怀疑,新闻图片中还有多少“潜伏”的伪照片没有被发现,使数字照片的可信性问题日益演变为严重的社会诚信问题。因此,就引出了数字照片的真实性、完整性和原始性的认证问题。解决该问题的有效方法之一是通过数码相机内置的水印嵌入模块和相应的认证系统来实现。Today, with the increasing development of computer technology, network communication technology and digital imaging technology, digital cameras have entered thousands of households, and digital photos taken by digital cameras have become our main source of information acquisition and exchange and an important carrier of information dissemination. At the same time, the digital storage of images and the emergence of various image processing software make the editing, modification and synthesis of digital photos very simple. On the one hand, digital image processing technology can improve the display quality of images, enrich our life and facilitate our work. On the other hand, if tampering and forging digital photos are used in the fields of news media, court evidence and scientific development, it will have a serious negative impact on the integrity of the society, the credibility of the government and the authenticity of science. Falsifying the existence of digital photos puts digital photos at risk of losing trust. For example, in recent incidents such as the "Plaza Pigeon" and "Tibetan Antelope" that have attracted widespread attention, the photo provider used image processing tools to tamper with, collage, and synthesize multiple digital photos to generate "pseudo-photos" that became award-winning news photos. After multi-party evidence collection and identification, the photo providers of these events have publicly admitted that there are elements of modification in their award-winning news photos. Although the awards for these works were withdrawn, many resources (financial, material, time, etc.) were spent to verify their authenticity and integrity. This makes it inevitable that people will doubt the authenticity of news digital photos, and how many "lurking" fake photos in news photos have not been discovered, making the credibility of digital photos increasingly become a serious problem of social integrity. Therefore, the authenticity, integrity and originality of digital photos have been authenticated. One of the effective ways to solve this problem is to implement the watermark embedding module built in the digital camera and the corresponding authentication system.

最近的与数码相机和认证水印相关的背景技术可参阅以下几篇文献:Recent background art related to digital cameras and authentication watermarking can be found in the following documents:

[1].P.Blythe,J.Fridrich.Secure Digital Camera,Digital Forensic Research Workshop,Baltimore,August 11-13,2004[1].P.Blythe, J.Fridrich.Secure Digital Camera, Digital Forensic Research Workshop, Baltimore, August 11-13, 2004

[2].田新,刘曼,杨祥辉一种带有水印嵌入功能的数码相机,申请号2005100034309.X,公开日2007.7[2]. Tian Xin, Liu Man, Yang Xianghui A digital camera with watermark embedding function, application number 2005100034309.X, public date 2007.7

[3].Yu Miao,He Hongjie,Zhang Jiashu,A digital authentication watermarking scheme forJPEG images with superior localization and security,Sci China Ser F-Info Sci,2007.50(3):491-509.[3]. Yu Miao, He Hongjie, Zhang Jiashu, A digital authentication watermarking scheme for JPEG images with superior localization and security, Sci China Ser F-Info Sci, 2007.50(3): 491-509.

[4].X.Zhang,and S.Wang.Statistical fragile watermarking capable of locating individualtampered pixels.IEEE Signal processing Letter,October 2007,14(10):727-731[4]. X. Zhang, and S. Wang. Statistical fragile watermarking capable of locating individual tampered pixels. IEEE Signal processing Letter, October 2007, 14(10): 727-731

[5].Hongjie He,Jiashu Zhang,Fan Chen.Adjacent-block Based Statistical Detection Methodfor Self-Embedding Watermarking Techniques,Signal processing,doi:10.1016/j.sigpro.2009.02.009[5]. Hongjie He, Jiashu Zhang, Fan Chen. Adjacent-block Based Statistical Detection Method for Self-Embedding Watermarking Techniques, Signal processing, doi: 10.1016/j.sigpro.2009.02.009

以上文献[1]中揭示了在数码照片被拍摄的同时,提供了可向数码照片中嵌入水印信息功能的数码相机,该“水印信息”用来检测拍摄数码照片内容的真实性、完整性和原始性,也可用于鉴别数码照片是由某一台数码相机和某个人拍照的。为避免利用计算机伪造含水印数字照片,数字照片的认证密钥必须是保密的。这是因为如果有人获取了含水印数字照片的认证密钥,在计算机上篡改数字照片的同时重新嵌入水印也能通过认证[2]。为此,华旗资讯的田新等人[2]提出采用“封装”技术将相机密钥内置于数码相机中,以提高含水印数字照片认证密钥的保密性。同时,安全的认证水印算法研究始终是解决该问题的关键技术之一。近年来研究者从安全性[3]、定位精度[4]、篡改恢复性能[5]等方面对数字图像认证水印算法进行了深入的研究和分析。The above document [1] discloses a digital camera that provides a function of embedding watermark information into the digital photo while the digital photo is being taken. The "watermark information" is used to detect the authenticity, integrity and Originality can also be used to identify that a digital photo was taken by a certain digital camera and a certain person. In order to avoid counterfeiting digital photos with watermarks by computer, the authentication key of the digital photos must be kept secret. This is because if someone obtains the authentication key of the watermarked digital photo, he can pass the authentication while tampering with the digital photo on the computer and re-embedding the watermark [2]. For this reason, Tian Xin et al. [2] of Huaqi Information proposed to use the "encapsulation" technology to build the camera key into the digital camera, so as to improve the confidentiality of the watermarked digital photo authentication key. At the same time, research on secure authentication watermarking algorithm is always one of the key technologies to solve this problem. In recent years, researchers have conducted in-depth research and analysis on digital image authentication watermarking algorithms from the aspects of security [3], positioning accuracy [4], and tamper recovery performance [5].

然而,现有技术仍然存在以下问题:(1)拍摄数字照片的数码相机必须参与数字照片的认证过程,这在一些实际应用场合中是不可行的。例如,驻外记者发回的新闻报道要通过认证后才能发布,当拍照的数码相机回来参与防伪认证后才发表,新闻也变成了“旧闻”。(2)利用同一台数码相机,能得到众多含水印数字照片,他们的认证密钥都是相同的,这不仅增加了相机密钥泄漏的风险,而且为实施Fridrich等人(J.Fridrich,M.Goljan and N.Memon.Cryptanalysis of the Yeung-Mintzer Fragile Watermarking Technique Electronic Imaging,April2002,11(4):262-274)提出的“拼贴攻击”提供了条件。也即将同一数码相机拍摄的多张数字照片进行拼贴、合成得到的“伪照片”有可能通过认证,而要防止这种攻击则会提高认证水印算法设计的难度和复杂度。(3)最重要的是,相机拥有者利用一副或多幅数字照片,经图像处理软件编辑、修改、合成等处理后打印出合成的照片,再对打印的照片进行翻拍,由此得到的“伪照片”仍能通过认证水印的认证(这种攻击简称为“翻拍攻击”)。同时,攻击者通过篡改包括焦距、光圈、曝光时间、拍摄时间、感光度等状态参数在内的数字照片头文件EXIF,可以销毁利用光学成像的基本常识判定“翻拍照片”的明显证据,从而使认证水印算法不能提供有力证据以证明“翻拍照片”是伪造的,即现有认证水印算法很难有效抵抗“翻拍攻击”。However, the following problems still exist in the prior art: (1) The digital camera that takes the digital photo must participate in the authentication process of the digital photo, which is not feasible in some practical applications. For example, news reports sent back by journalists stationed abroad can only be released after passing the certification. When the digital camera that took the picture comes back to participate in the anti-counterfeiting certification, the news will become "old news". (2) Using the same digital camera, many watermarked digital photos can be obtained, and their authentication keys are all the same, which not only increases the risk of camera key leakage, but also provides a basis for the implementation of Fridrich et al. (J. Fridrich, M The "collage attack" proposed by Goljan and N.Memon.Cryptanalysis of the Yeung-Mintzer Fragile Watermarking Technique Electronic Imaging, April2002, 11(4):262-274) provides conditions. That is to say, the "fake photos" obtained by collaging and synthesizing multiple digital photos taken by the same digital camera may pass the authentication, and preventing such attacks will increase the difficulty and complexity of the authentication watermark algorithm design. (3) The most important thing is that the camera owner uses one or more digital photos, edits, modifies, synthesizes them with image processing software, prints out the synthesized photos, and then remakes the printed photos. The "fake photo" can still pass the authentication of the authentication watermark (this attack is called "remake attack" for short). At the same time, by tampering with the digital photo header file EXIF including the focal length, aperture, exposure time, shooting time, sensitivity and other state parameters, the attacker can destroy the obvious evidence of using the basic common sense of optical imaging to determine the "remake photo", so that the The authentication watermarking algorithm cannot provide strong evidence to prove that the "remake photo" is forged, that is, the existing authentication watermarking algorithm is difficult to effectively resist the "remake attack".

发明内容 Contents of the invention

本发明的目的是提供一种基于状态参数的含水印数字照片生成方法,该方法生成含水印数字照片的认证密钥的保密性好,既有效地阻止“拼贴攻击”,又能有效抵抗“翻拍攻击”。同时,认证时既不需要数码相机的参与,也不需要密钥传递,实现了数字照片认证的公开和高效。The purpose of the present invention is to provide a method for generating watermarked digital photos based on state parameters. The authentication key of the watermarked digital photos generated by the method has good confidentiality, which can effectively prevent "collage attack" and effectively resist "collage attack". Remake attack". At the same time, neither the participation of the digital camera nor the transmission of the key is required during the authentication, which realizes the openness and high efficiency of the digital photo authentication.

本发明解决其技术问题,所采用的技术方案为:基于状态参数的含水印数字照片的生成方法,包括如下步骤:The present invention solves its technical problem, and the adopted technical solution is: the generation method of the watermarked digital photo based on state parameters, comprising the following steps:

(1)数码相机拍摄照片时,镜头获取的信号经中央处理器处理得到数字图像数据D,同时中央处理器读取数码相机拍摄该照片时的焦距、光圈、曝光时间、拍摄时间、感光度作为状态参数S;(1) When a digital camera takes a picture, the signal acquired by the lens is processed by the central processor to obtain digital image data D, and at the same time the central processor reads the focal length, aperture, exposure time, shooting time, and sensitivity of the digital camera when the picture is taken as State parameter S;

(2)、根据数码相机只读存储器中保存的“相机身份号C”,利用密钥设置函数F(k)生成相机密钥KL,其中k为密钥;(2), according to the "camera identity number C" preserved in the digital camera read-only memory, utilize the key setting function F(k) to generate the camera key K L , where k is a key;

(3)、将步骤(1)的状态参数S和步骤(2)的相机密钥KL作为明文,利用哈希函数H()生成该数字照片的认证密钥K=H(KL,S);(3), using the state parameter S of step (1) and the camera key K L of step (2) as plaintext, utilize the hash function H() to generate the authentication key K=H(K L , S of the digital photo );

(4)、以认证密钥K作为水印嵌入密钥,利用认证水印嵌入算法在步骤(1)中的图像数据D中嵌入认证水印,生成含水印数字图像数据X;(4), with the authentication key K as the watermark embedding key, utilize the authentication watermark embedding algorithm to embed the authentication watermark in the image data D in step (1), generate digital image data X containing the watermark;

(5)将含水印数字图像数据X和包括状态参数S和相机身份号C在内的照片头文件EXIF合成为照片输出文件保存在数码相机的外存储器中。(5) Synthesize the digital image data X containing the watermark and the photo header file EXIF including the state parameter S and the camera ID number C into a photo output file and save it in the external memory of the digital camera.

与现有技术相比,本发明的有益效果是:Compared with prior art, the beneficial effect of the present invention is:

1、本发明利用哈希函数,将数字照片拍摄时数码相机的焦距、光圈、曝光时间、拍摄时间、感光度这些状态参数作为哈希函数明文的一部分生成该数字照片的“认证密钥”。由于不同数字照片的状态参数完全相同的可能性很小,根据哈希函数的性质可知,即使同一数码相机拍摄的数字照片,其认证密钥相同的可能性几乎不存在,从而消除了实施“拼贴攻击”的条件。因此本发明中使用的水印算法无需具备抵抗“拼贴攻击”的能力,从而降低了对认证水印算法设计的要求,水印算法的复杂度低。1. The present invention utilizes a hash function to generate the "authentication key" of the digital photo by using the state parameters of the digital camera such as focal length, aperture, exposure time, shooting time, and sensitivity as part of the hash function plaintext when the digital photo is taken. Since the state parameters of different digital photos are very unlikely to be exactly the same, according to the nature of the hash function, even if the digital photos taken by the same digital camera, the possibility of having the same authentication key is almost non-existent, thereby eliminating the need to implement "spelling". Post attack" condition. Therefore, the watermarking algorithm used in the present invention does not need to have the ability to resist "collage attack", thereby reducing the requirements for the design of the authentication watermarking algorithm, and the complexity of the watermarking algorithm is low.

2、对翻拍照片,如果数字照片中头文件中的参数被修改,认证系统读出的状态参数与生成认证密钥时作为明文输入的状态参数不一致,从而导致生成的认证密钥与水印嵌入时采用的认证密钥不同,翻拍数字照片将无法通过认证;另一方面,如果攻击者不篡改数字照片头文件中的状态参数,结合光学、摄影常识(如翻拍时即头文件中的焦距和真实的远景照片中的焦距,其差距非常明显),可以很容易地判断出数字照片是否为翻拍的数字照片。因此,本发明可以有效抵抗翻拍攻击。2. For the duplicated photos, if the parameters in the header file in the digital photo are modified, the state parameters read by the authentication system are inconsistent with the state parameters entered as plaintext when generating the authentication key, which will cause the generated authentication key to be different from the one when the watermark was embedded. If the authentication keys used are different, the digital photos reprinted will not be able to pass the authentication; The focal length in the distant view photo, the difference is very obvious), it is easy to judge whether the digital photo is a remake of the digital photo. Therefore, the present invention can effectively resist remake attacks.

3、利用“密钥设置函数F()”建立数码相机的身份号(即数码相机的唯一标识符)与相机密钥之间的隐蔽对应关系,一方面,实现了相机密钥的保密性和隐蔽性;另一方面,认证时根据公开的数码相机身份号,利用认证系统中的“密钥设置函数F()”生成对应的相机密钥。同时,状态参数也公开保存在数字照片的头文件中;因此,认证时既不需要密钥传递,也无需数码相机参与以提供相机密钥。认证系统根据数字照片自身就可以检测数字照片的真实性、完整性和原始性,从而实现了对数字照片公开、便捷、高效的认证过程。3. Use the "key setting function F()" to establish a hidden correspondence between the identity number of the digital camera (that is, the unique identifier of the digital camera) and the camera key. On the one hand, it realizes the confidentiality and security of the camera key. Concealment; on the other hand, according to the public digital camera ID number during authentication, use the "key setting function F()" in the authentication system to generate the corresponding camera key. At the same time, the state parameters are also publicly stored in the header file of the digital photo; therefore, neither key delivery is required for authentication, nor does the digital camera participate in providing the camera key. The authentication system can detect the authenticity, integrity and originality of digital photos according to the digital photos themselves, thus realizing an open, convenient and efficient authentication process for digital photos.

具体实施方式 Detailed ways

下面结合附图和具体实施方式对本发明作进一步详细说明。The present invention will be described in further detail below in conjunction with the accompanying drawings and specific embodiments.

图1为本发明实施例的含水印数字照片生成的逻辑框图。Fig. 1 is a logic block diagram of generating a watermarked digital photo according to an embodiment of the present invention.

图2为本发明实施例的密钥设置函数F(k)的示意图。FIG. 2 is a schematic diagram of a key setting function F(k) according to an embodiment of the present invention.

图3为本发明实施例相应的认证系统的逻辑框图。FIG. 3 is a logical block diagram of an authentication system according to an embodiment of the present invention.

图4为本发明实施例中的密钥设置函数F(k),三台不同身份号的相机与密钥k对应的相机密钥分布图。图中,符号“□”“○”“*”分别代表身份号为C1、C2、C3的三台相机在密钥k不同时的相机密钥KLFig. 4 is a key setting function F(k) in an embodiment of the present invention, and a distribution diagram of camera keys corresponding to three cameras with different ID numbers and key k. In the figure, the symbols "□", "○" and "*" respectively represent the camera keys K L of the three cameras with ID numbers C1, C2, and C3 when the key k is different.

实施例Example

图1示出,本发明的一种具体实施方式为:一种基于状态参数的含水印数字照片的生成方法,包括如下步骤:Fig. 1 shows, a kind of embodiment of the present invention is: a kind of generation method based on the watermark digital photo of state parameter, comprises the following steps:

1、数码相机拍摄照片时,镜头获取的信号经中央处理器处理得到数字图像数据D,同时中央处理器读取数码相机拍摄该照片时的焦距、光圈、曝光时间、拍摄时间、感光度作为状态参数S。1. When a digital camera takes a photo, the signal acquired by the lens is processed by the central processor to obtain digital image data D, and the central processor reads the focal length, aperture, exposure time, shooting time, and sensitivity of the digital camera when the photo is taken as the status parameter S.

2、根据数码相机只读存储器中保存的“相机身份号C”,利用密钥设置函数F(k)生成相机密钥KL,其中k为密钥。2. According to the "camera ID number C" stored in the digital camera's read-only memory, use the key setting function F(k) to generate the camera key K L , where k is the key.

本实施例中“密钥设置函数F(k)”的密钥k由认证系统和相机制造者共同设置,和密钥分配函数一起被加密封装于数码相机内部,仅能被“哈希函数H()”调用,任何对封装的破坏将导致所述的密钥设置函数F(k)不可用。In this embodiment, the key k of the "key setting function F(k)" is jointly set by the authentication system and the camera manufacturer, and is encrypted and packaged inside the digital camera together with the key distribution function, and can only be obtained by the "hash function H ()" call, any damage to the encapsulation will cause the key setting function F(k) to be unavailable.

“密钥设置函数F(k)”用来建立数码相机身份号C(数码相机的唯一标识符)与相机密钥KL的隐蔽对应关系,即KL=F(k,C)。本发明中密钥设置函数可以采用任意安全的非线性映射函数。本实施例中密钥设置函数采用如图2所示的级联-混沌映射,其中的混沌映射f采用现有文献(S.Lian,J.Sun,J.Wang,and Z.Wang A chaotic stream cipher and the usage in videoprotection,Chaos,Solitons and Fractals 34(2007)851-859)中定义的一种在整数域(定点)上实现的离散分段线性混沌映射,The "key setting function F(k)" is used to establish the concealed corresponding relationship between the digital camera identity number C (the unique identifier of the digital camera) and the camera key K L , that is, K L =F(k, C). In the present invention, the key setting function can adopt any safe non-linear mapping function. In the present embodiment, the key setting function adopts the cascade-chaotic map as shown in Figure 2, and the chaotic map f adopts the existing literature (S.Lian, J.Sun, J.Wang, and Z.Wang A chaotic stream cipher and the usage in video protection, Chaos, Solitons and Fractals 34 (2007) 851-859), a discrete piecewise linear chaotic map implemented on the integer domain (fixed point),

Figure A20091005942100071
Figure A20091005942100071

其中

Figure A20091005942100072
表示不大于a的最大整数,
Figure A20091005942100073
表示
Figure A20091005942100074
个离散状态, 0 < p < 2 n 0 - 1 是控制参数,n0是计算机的字长。考虑到现有计算机和安全性需要,后面的测试和使用中取n0=32。公式(1)表示根据控制参数p和状态zi,能确定性地生成下一个状态zi+1,初始状态z0和控制参数p是产生该随机序列的密钥。本实施例将相机身份号C以四个字符为单位分段(如果C中的字符个数不能被4整除,则在C的末尾补“0”),然后,以每段4个字符ASCII码的链接为混沌映射f的控制参数p,密钥k作为第一个混沌映射的初始状态z0,第一个混沌映射的输出作为第二个混沌映射的初始状态z0,第二个混沌映射的输出作为第三个混沌映射的初始状态z0,以此类推,最后一个混沌映射的输出作为相机密钥KL。in
Figure A20091005942100072
Indicates the largest integer not greater than a,
Figure A20091005942100073
express
Figure A20091005942100074
a discrete state, 0 < p < 2 no 0 - 1 Is the control parameter, n 0 is the word length of the computer. Considering the existing computer and security requirements, n 0 =32 is used in the following tests and uses. Formula (1) indicates that the next state z i+1 can be deterministically generated according to the control parameter p and the state z i , and the initial state z 0 and the control parameter p are the keys for generating the random sequence. In this embodiment, the camera ID number C is segmented in units of four characters (if the number of characters in C cannot be divisible by 4, "0" is added at the end of C), and then, the ASCII code of each segment is 4 characters The link is the control parameter p of the chaotic map f, the key k is used as the initial state z 0 of the first chaotic map, the output of the first chaotic map is used as the initial state z 0 of the second chaotic map, and the second chaotic map The output of the third chaotic map is used as the initial state z 0 , and so on, the output of the last chaotic map is used as the camera key K L .

3、将步骤1的状态参数S和步骤2的相机密钥KL作为明文,利用哈希函数H()生成该数字照片的认证密钥K=H(KL,S)。本实施例中的“哈希函数H()”采用现有文献(王小敏,张文芳,张家树.基于非线性数字滤波器的混沌Hash函数设计,计算机辅助设计与图形学学报,2006,18(6):870-875)中提出基于非线性滤波器的混沌哈希函数。3. Using the state parameter S in step 1 and the camera key K L in step 2 as plaintext, use the hash function H() to generate the authentication key K=H(K L , S) of the digital photo. "Hash function H ()" in the present embodiment adopts existing literature (Wang Xiaomin, Zhang Wenfang, Zhang Jiashu. Based on the chaotic Hash function design of nonlinear digital filter, Computer Aided Design and Graphics Journal, 2006, 18 (6) : 870-875) proposed a chaotic hash function based on nonlinear filters.

4、以认证密钥K作为水印嵌入密钥,利用认证水印嵌入算法在步骤(1)中的图像数据D中嵌入认证水印,生成含水印数字图像数据X。本发明中的“水印嵌入算法”可以采用任何现有的认证水印算法,如可恢复认证水印算法、定位型认证水印算法等。4. Use the authentication key K as the watermark embedding key, use the authentication watermark embedding algorithm to embed the authentication watermark in the image data D in step (1), and generate the watermarked digital image data X. The "watermark embedding algorithm" in the present invention can use any existing authentication watermark algorithm, such as recoverable authentication watermark algorithm, positioning type authentication watermark algorithm and so on.

5、将含水印数字图像数据X和包括状态参数S和相机身份号C在内的照片头文件EXIF合成为照片输出文件Y={X,S,C}保存在数码相机的外存储器中。5. Synthesize the digital image data X containing the watermark and the photo header file EXIF including the state parameter S and the camera ID number C into a photo output file Y={X, S, C} and save it in the external memory of the digital camera.

相应地,本发明的认证工作可以由通用计算机中特定的认证软件系统完成,也可以由装配相应认证系统的特定检测装置完成。认证系统的输入为被测数字照片文件Y*={X*,S*,C*},输出为认证结果,数字相机和认证系统本身的封装性可以保证密钥分配函数F(k)的保密性。图3示出,认证系统对待测数字照片Y*={X*,S*,C*}的认证过程包括以下步骤:Correspondingly, the authentication work of the present invention can be completed by a specific authentication software system in a general-purpose computer, or can be completed by a specific detection device equipped with a corresponding authentication system. The input of the authentication system is the tested digital photo file Y * = {X * , S * , C * }, and the output is the authentication result. The encapsulation of the digital camera and the authentication system itself can guarantee the confidentiality of the key distribution function F(k) sex. Figure 3 shows that the authentication process of the authentication system for the digital photo to be tested Y * ={X * , S * , C * } includes the following steps:

1、根据待测数字照片Y*={X*,S*,C*},通过“数据析取”分别得到被测数字照片的相机型号C*、状态参数S*和含水印图像数据X*1. According to the digital photo to be tested Y * = {X * , S * , C * }, the camera model C * , state parameter S * and watermarked image data X * of the digital photo to be tested are respectively obtained through "data extraction";

2、利用“密钥设置函数F(k)”,根据相机身份号C*生成对应的相机密钥KL *2. Use the "key setting function F(k)" to generate the corresponding camera key K L * according to the camera identity number C * ;

3、利用“哈希函数H()”,以状态参数S*和相机密钥KL *为明文,生成被测数字照片的认证密钥K*3. Utilize the "hash function H()" to generate the authentication key K * of the tested digital photo with the state parameter S * and the camera key KL * as plaintext;

4、利用认证密钥K*,通过相对应的“水印提取与认证”模块,给出被测数字照片的认证结果。认证结果所提供的信息可能包括:篡改定位、篡改程度、篡改恢复结果等,这主要依赖于系统中所采用认证水印算法的性能。4. Using the authentication key K * , through the corresponding "watermark extraction and authentication" module, the authentication result of the tested digital photo is given. The information provided by the authentication result may include: tamper location, tamper degree, tamper recovery results, etc., which mainly depend on the performance of the authentication watermark algorithm used in the system.

从上述认证过程可以看出,认证时仅需要被测数字照片本身,从而实现对数字照片的公开、简捷的认证过程。算法的安全性在于密钥分配函数F(k)的保密性和认证密钥的难伪造性。It can be seen from the above authentication process that only the digital photo to be tested is required for authentication, thereby realizing an open and simple authentication process for the digital photo. The security of the algorithm lies in the secrecy of the key distribution function F(k) and the hard forgery of the authentication key.

本发明的性能分析及计算机仿真测试:Performance analysis and computer simulation test of the present invention:

一、性能分析1. Performance Analysis

本发明中,将数字照片拍摄时数码相机的焦距、光圈、曝光时间、拍摄时间、感光度作为状态参数S和相机密钥KL一起,利用哈希函数生成该数字照片的认证密钥K。上述生成数字照片认证密钥的方法具有以下优点:In the present invention, the focal length, aperture, exposure time, shooting time, and sensitivity of the digital camera are used as the state parameter S and the camera key K L when the digital photo is taken, and the authentication key K of the digital photo is generated by using a hash function. The above-mentioned method for generating a digital photo authentication key has the following advantages:

(1)实现了公开认证:利用密钥设置函数F(k)为数码相机分配相机密钥KL,结合公开保存在数字照片EXIF头文件中的状态参数S和相机身份号C,无需“非对称加密”技术,就可以实现对数字照片的公开认证;(1) Public authentication is achieved: use the key setting function F(k) to assign the camera key K L to the digital camera, combined with the state parameter S and the camera identity number C publicly stored in the EXIF header file of the digital photo, there is no need for "non- Symmetric encryption" technology can realize the public authentication of digital photos;

(2)增加了认证密钥的保密性:一方面,数字照片的认证密钥对任何人来说都是未知的,增加了认证密钥的保密性。另一方面,由于数字照片拍摄时的状态参数S参与认证密钥的生成,使得同一台数码相机得到的含水印数字照片的认证密钥互不相同,消除了实施“拼贴攻击”的条件;(2) Increased confidentiality of the authentication key: On the one hand, the authentication key of the digital photo is unknown to anyone, which increases the confidentiality of the authentication key. On the other hand, since the state parameter S of the digital photo is involved in the generation of the authentication key, the authentication keys of the watermarked digital photos obtained by the same digital camera are different from each other, eliminating the conditions for implementing the "collage attack";

(3)具有抵抗“翻拍攻击”的能力:对含水印数字照片Y={X,S,C},攻击者可以通过图像编辑软件修改数字照片数据X,然后利用相同的数码相机和个人信息“翻拍”篡改的数字照片生成含水印数字照片Y*={X*,S*,C}。由光学成像原理可知,场景成像和照片翻拍的状态参数S和S*有很大差别。要想不留下明显的伪造证据,攻击者需要伪造一个与S相似的状态参数S′使等式H(F(k,C),S*)=H(F(k,C),S′)成立,从而使伪造数字照片Y′={X*,S′,C}能通过认证。由哈希函数的性质可知,寻找任何明文m≠m′,使得H(m)=H(m′)计算上不可行,因此,本发明能有效避免数字照片的提供者利用数码相机伪造含水印数字照片。(3) It has the ability to resist "remake attack": for the watermarked digital photo Y={X, S, C}, the attacker can modify the digital photo data X through image editing software, and then use the same digital camera and personal information " Generate a watermarked digital photo Y * ={X * , S * , C} from a tampered digital photo. According to the principle of optical imaging, the state parameters S and S * of scene imaging and photo reproduction are very different. In order not to leave obvious forged evidence, the attacker needs to forge a state parameter S′ similar to S so that the equation H(F(k,C),S * )=H(F(k,C),S′ ) is established, so that the fake digital photo Y'={X * , S', C} can pass the authentication. From the nature of the hash function, it can be seen that finding any plaintext m≠m' makes H(m)=H(m') computationally infeasible. Therefore, the present invention can effectively prevent digital photo providers from using digital cameras to forge watermarks digital photo.

二、计算机仿真测试2. Computer simulation test

1、认证密钥的难伪造性1. Hard to forge the authentication key

下面通过测试哈希函数对明文的敏感性说明认证密钥的难伪造性。为便于测试,我们选取初始明文序列为:“South-west Jiaotong University 2008”。利用本实施例采用的基于非线性滤波器的混沌哈希函数生成的密文序列((16进制表示的数串,即认证密钥)的值如表1的第二行“原始密文”所示。然后分别测试下面六种情况下得到的认证密钥:The difficulty of forgery of the authentication key is illustrated below by testing the sensitivity of the hash function to plaintext. For the convenience of testing, we choose the initial plaintext sequence as: "South-west Jiaotong University 2008". The value of the ciphertext sequence ((the number string represented by hexadecimal notation, i.e. the authentication key) generated by the chaotic hash function based on the nonlinear filter adopted in this embodiment is as in the second line "original ciphertext" of Table 1 Shown. Then test the authentication keys obtained in the following six situations:

情况1:第一个大写字母S改为小写;Case 1: The first capital letter S is changed to lowercase;

情况2:去除单词”South-west”中的连接符;Case 2: Remove the connector in the word "South-west";

情况3:在原始用户密钥的末尾添加一个空格;Case 3: add a space at the end of the original user key;

情况4:在原始用户密钥的末尾添加一个%;Case 4: add a % at the end of the original user key;

情况5:删除原始用户密钥末尾的单词2008;Case 5: delete the word 2008 at the end of the original user key;

情况6:将单词’Jiaotong’修改为‘Jiao tong’。Case 6: Change the word 'Jiaotong' to 'Jiao tong'.

表1不同条件下两个子密钥k1和k2的值Table 1 Values of two subkeys k 1 and k 2 under different conditions

Figure A20091005942100091
Figure A20091005942100091

表1列出了上述六种情况下生成的子密钥,对哈希函数特性的近一步测试详见文献(王小敏,张文芳,张家树.基于非线性数字滤波器的混沌Hash函数设计,计算机辅助设计与图形学学报,2006,18(6):870-875)。从表1可以看出,表中不存在两个相似的密文序列,他们可以看作是相互统计独立的随机序列构成,因此,攻击者很难伪造出有意义且等于特定密文的明文序列。Table 1 lists the sub-keys generated under the above six situations. For further tests on the characteristics of the hash function, see the literature (Wang Xiaomin, Zhang Wenfang, Zhang Jiashu. Chaotic Hash function design based on nonlinear digital filter, computer-aided design Journal of Graphics and Graphics, 2006, 18(6): 870-875). It can be seen from Table 1 that there are no two similar ciphertext sequences in the table, and they can be regarded as random sequences that are statistically independent of each other. Therefore, it is difficult for an attacker to forge a meaningful plaintext sequence that is equal to a specific ciphertext .

2、相机密钥KL的保密性2. The confidentiality of the camera key K L

本发明中密钥分配函数F(k)的安全性在于密钥k的保密性。对特定的数码相机,其相机密钥不仅依赖于相机身份号C,而且依赖于认证系统和相机制造者共同设置的密钥k。在密钥k未知的条件下,根据相机身份号C很难推断出该相机对应的相机密钥KL。为测试相机密钥KL对密钥k的敏感性,随机选择1000个密钥,对三台数码相机进行测试,三台数码相机的身份号分别为的:The security of the key distribution function F(k) in the present invention lies in the secrecy of the key k. For a specific digital camera, its camera key not only depends on the camera identity number C, but also depends on the key k set jointly by the authentication system and the camera manufacturer. Under the condition that the key k is unknown, it is difficult to infer the camera key K L corresponding to the camera according to the camera ID number C. In order to test the sensitivity of the camera key K L to the key k, 1000 keys are randomly selected to test three digital cameras. The ID numbers of the three digital cameras are:

C1=‘32167Epson Photo PC 700/750Z’C1='32167Epson Photo PC 700/750Z'

C2=‘32166Epson Photo PC 700/750Z’C2 = '32166 Epson Photo PC 700/750Z'

C3=‘321676Kodak DC-290’C3='321676Kodak DC-290'

图4是密钥k取1000个不同值时,三台数码相机与密钥k对应相机密钥的分布图,符号“□”“○”“*”分别代表身份号为C1、C2、C3的三台相机对应特定密钥k的相机密钥KL。由图4可以看出,对上述三台不同身份号(C1、C2、C3)的数码相机,其对应的相机密钥KL在整数区间[0,232(≈4.295×109)]近似随机分布。因此,在密钥k未知的条件下,即使相机身份号公开,攻击者也很难推断或猜测出数码相机对应的相机密钥KLFigure 4 is the distribution diagram of three digital cameras and the camera keys corresponding to key k when the key k takes 1000 different values. The three cameras correspond to the camera key K L for a particular key k. It can be seen from Figure 4 that for the above three digital cameras with different ID numbers (C1, C2, C3), the corresponding camera key K L is approximately randomly distributed. Therefore, under the condition that the key k is unknown, even if the camera ID number is disclosed, it is difficult for an attacker to deduce or guess the camera key K L corresponding to the digital camera.

Claims (1)

1, a kind of generation method of the moisture printing word photo based on state parameter comprises the steps:
When (1) digital camera is taken pictures, the signal that camera lens obtains is handled through central processing unit and is obtained DID D, and the focal length when central processing unit reads digital camera and takes this photo simultaneously, aperture, time for exposure, shooting time, photosensitivity are as state parameter S;
(2), according to " the camera ID C " that preserve in the digital camera read-only memory, utilize key that function F (k) is set and generate camera key K L, wherein k is a key;
(3), with the state parameter S of step (1) and the camera key K of step (2) LAs expressly, utilize hash function H () to generate the authenticate key K=H (K of this digital photos L, S);
(4), with authenticate key K as the watermark embedded key, utilize authenticating water-mark to embed among the view data D of algorithm in step (1) and embed authenticating water-mark, generate moisture printing digital image data X;
(5) moisture printing digital image data X being synthesized the photo output file with the photo header file EXIF that comprises state parameter S and camera ID C is kept in the external memory of digital camera.
CN2009100594210A 2009-05-26 2009-05-26 Method for generating digital photo containing watermark based on state parameter Expired - Fee Related CN101562681B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN2009100594210A CN101562681B (en) 2009-05-26 2009-05-26 Method for generating digital photo containing watermark based on state parameter

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN2009100594210A CN101562681B (en) 2009-05-26 2009-05-26 Method for generating digital photo containing watermark based on state parameter

Publications (2)

Publication Number Publication Date
CN101562681A true CN101562681A (en) 2009-10-21
CN101562681B CN101562681B (en) 2011-05-04

Family

ID=41221281

Family Applications (1)

Application Number Title Priority Date Filing Date
CN2009100594210A Expired - Fee Related CN101562681B (en) 2009-05-26 2009-05-26 Method for generating digital photo containing watermark based on state parameter

Country Status (1)

Country Link
CN (1) CN101562681B (en)

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103646375A (en) * 2013-11-26 2014-03-19 上海交通大学 Method for authenticating primitiveness of picture photographed by intelligent mobile terminal
CN105095775A (en) * 2015-06-30 2015-11-25 努比亚技术有限公司 Method, device and terminal for realizing information safety
WO2016115888A1 (en) * 2015-01-20 2016-07-28 中兴通讯股份有限公司 Photograph capturing method, image viewing method, system, and terminal
CN106778108A (en) * 2017-03-09 2017-05-31 深圳峰创智诚科技有限公司 Generate the method and device of digital certificates
CN108650099A (en) * 2018-05-22 2018-10-12 深圳华博高科光电技术有限公司 Picture authorization identifying opens the method, apparatus consulted and storage medium
CN108876697A (en) * 2018-06-22 2018-11-23 南开大学 Pixel-level image certification, tampering detection and restoration methods
WO2019061185A1 (en) * 2017-09-28 2019-04-04 深圳传音通讯有限公司 Method and terminal for digitally signing picture

Cited By (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103646375A (en) * 2013-11-26 2014-03-19 上海交通大学 Method for authenticating primitiveness of picture photographed by intelligent mobile terminal
CN103646375B (en) * 2013-11-26 2017-06-13 上海交通大学 The identifiable method of photo primitiveness that intelligent mobile terminal is taken pictures
WO2016115888A1 (en) * 2015-01-20 2016-07-28 中兴通讯股份有限公司 Photograph capturing method, image viewing method, system, and terminal
CN105095775A (en) * 2015-06-30 2015-11-25 努比亚技术有限公司 Method, device and terminal for realizing information safety
CN105095775B (en) * 2015-06-30 2018-07-31 努比亚技术有限公司 Implementation method, device and the terminal of information security
CN106778108A (en) * 2017-03-09 2017-05-31 深圳峰创智诚科技有限公司 Generate the method and device of digital certificates
WO2019061185A1 (en) * 2017-09-28 2019-04-04 深圳传音通讯有限公司 Method and terminal for digitally signing picture
CN108650099A (en) * 2018-05-22 2018-10-12 深圳华博高科光电技术有限公司 Picture authorization identifying opens the method, apparatus consulted and storage medium
CN108650099B (en) * 2018-05-22 2020-12-01 深圳华博高科光电技术有限公司 Method, device and storage medium for picture authorization authentication and opening lookup
CN108876697A (en) * 2018-06-22 2018-11-23 南开大学 Pixel-level image certification, tampering detection and restoration methods
CN108876697B (en) * 2018-06-22 2022-02-25 南开大学 Pixel-level image authentication, tampering detection and recovery method

Also Published As

Publication number Publication date
CN101562681B (en) 2011-05-04

Similar Documents

Publication Publication Date Title
CN101562681B (en) Method for generating digital photo containing watermark based on state parameter
CN1209730C (en) Digital anti-fake method
US20070283158A1 (en) System and method for generating a forensic file
CN101694724A (en) Method for embedding GPS information in JPEG image of digital camera and ensuring safety of image
CN107103577A (en) Half fragile uniqueness image watermark insertion and extracting method for integrity protection
CN102270336B (en) Safe fragile watermarking method based on multiple dependency structures
CN104517257A (en) Method for manufacturing and verifying anti-counterfeiting digital certificate
Almola et al. Robust method for embedding an image inside cover image based on least significant bit steganography
CN114782238A (en) Image self-authentication method based on hash function and information hiding
Johnson et al. Homomorphic signatures for digital photographs
Wen et al. Image authentication for digital image evidence
Lee et al. A Hierarchical Fragile Watermarking with VQ Index Recovery.
Kuang et al. Watermarking image authentication in hospital information system
Doke et al. Digital signature scheme for image
Nagm et al. A novel watermarking approach for protecting image integrity based on a hybrid security technique
JP2020184663A (en) High resistance digital watermarking method
Li Secure Reversible Data Hiding in Images with Scalable Capacity
CN113645367B (en) Batch image combination encryption method and device
Ahmed et al. A secure and robust hashing scheme for image authentication
Morsy et al. JPEG steganography system with minimal changes to the quantized DCT coefficients
Chang et al. Public-key inter-block dependence fragile watermarking for image authentication using continued fraction
Hou et al. An Image Authentication Scheme Based on Chaotic Maps
Liu et al. Reversible Data Hiding in a Chaotic Encryption Domain Based on Odevity Verification
Mwakajwanga et al. Digital-Signature Oriented Steganography Approach against Man-in-the-Middle Attack.
CN118200458A (en) Image protection system and method based on one-dimensional chaotic system

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
C17 Cessation of patent right
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20110504

Termination date: 20140526