EP1576567A1 - Schlüsselsynchronisation in einem visuellen kryptographischen system - Google Patents

Schlüsselsynchronisation in einem visuellen kryptographischen system

Info

Publication number
EP1576567A1
EP1576567A1 EP03813209A EP03813209A EP1576567A1 EP 1576567 A1 EP1576567 A1 EP 1576567A1 EP 03813209 A EP03813209 A EP 03813209A EP 03813209 A EP03813209 A EP 03813209A EP 1576567 A1 EP1576567 A1 EP 1576567A1
Authority
EP
European Patent Office
Prior art keywords
key
key identification
image
identification
hash value
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
EP03813209A
Other languages
English (en)
French (fr)
Inventor
Pim T. Tuyls
Marten E. Van Dijk
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Koninklijke Philips NV
Original Assignee
Koninklijke Philips Electronics NV
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Koninklijke Philips Electronics NV filed Critical Koninklijke Philips Electronics NV
Priority to EP03813209A priority Critical patent/EP1576567A1/de
Publication of EP1576567A1 publication Critical patent/EP1576567A1/de
Withdrawn legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • GPHYSICS
    • G09EDUCATION; CRYPTOGRAPHY; DISPLAY; ADVERTISING; SEALS
    • G09CCIPHERING OR DECIPHERING APPARATUS FOR CRYPTOGRAPHIC OR OTHER PURPOSES INVOLVING THE NEED FOR SECRECY
    • G09C5/00Ciphering apparatus or methods not provided for in the preceding groups, e.g. involving the concealment or deformation of graphic data such as designs, written or printed messages
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/12Transmitting and receiving encryption devices synchronised or initially set up in a particular manner
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/14Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N1/00Scanning, transmission or reproduction of documents or the like, e.g. facsimile transmission; Details thereof
    • H04N1/44Secrecy systems

Definitions

  • the present invention relates to key synchronization in cryptographic systems. More in particular, the present invention relates to a method of and a system for synchronizing a first key set in an encryption device and a second key set in a decryption device, the encryption device being capable of encrypting images and the decryption device being capable of decrypting images.
  • decoding decryption
  • Two types of image decrypting devices can be distinguished: transparent and non-transparent devices.
  • Transparent decrypting devices essentially mimic the transparent sheets used in the Prior Art and display one pattern ("share") of the encrypted image. As the decrypting device is at least partially transparent, the other pattern of the image can be seen through the device and the two image patterns are combined in the eye of the viewer as before.
  • the advantage of using a transparent device instead of a transparent sheet is that the device is capable of displaying a plurality of image parts rather than a single image part. Thus subsequent images can use different keys.
  • Transparent decrypting devices advantageously use LCD (Liquid Crystal Display) screens, two such screens being overlaid to "decrypt" the encrypted image so as to reconstruct the original image.
  • a suitable example of a transparent device in which LCD screens are employed is described in European Patent Application 02075527.8 [PHNL020121]. In the device of said European Patent Application, use is made of the polarization rotating effect of liquid crystal cells in a liquid crystal display. This allows a very convenient encrypting and decrypting of black-and-white images.
  • Non-transparent decrypting devices are capable of sensing the encrypted image, performing a decryption and displaying the decrypted image.
  • the decryption is carried out in the device itself and the display shows the complete, decrypted image, while the encrypted image is masked by the device.
  • An example of such a decoding device is described in European Patent Application 02079579.5 [PHNL021058].
  • the decoding device may use a key to decrypt the image.
  • An image decoding device will generally require at least one key to decrypt an image.
  • the use of a key set does, however, introduce the problem of key set synchronization. Even when a certain key sequence is predetermined, the encryption device and the decryption device may accidentally change keys at different moments, or one of the devices may not change keys at all, resulting in a loss of key synchronization. This, in turn, will result in the decryption device not being capable of decrypting the encrypted images. It is therefore an object of the present invention to provide a method and system for establishing the synchronization of an encryption device and a decryption device in a simple yet effective manner.
  • the present invention provides a method of synchronizing a first key set in an encryption device and a second key set in a decryption device, the method comprising the steps of: • the encryption device producing an encrypted image and an associated key identification using a key of the first key set,
  • the decryption device displaying the decrypted image. That is, the encryption device uses a key of its key set to encrypt the image and produces a key identification corresponding with the key used for encrypting the image. Both the encrypted image and the key identification are transmitted to the display device which allows the decryption device to detect the key identification. The decryption device uses the key identification to identify a key of its key set and then decrypts the encrypted image using the thus identified key. It is preferred that a decryption device is used of the type having both sensing means for sensing an (encrypted) image and display means for displaying a (decrypted) image.
  • a key identification By transmitting a key identification with the encrypted image, it will be possible to always maintain key synchronization. Although it is possible to transmit a key identification with every encrypted image, it may not be necessary to do so. Instead, a key identification may only be transmitted periodically, for example after a certain number of encrypted images has been transmitted, or after a certain amount of time has elapsed. Alternatively, the key identification can only be transmitted upon request. It will be understood that the step of producing a key identification can be omitted when its transmission is not required.
  • the key identification is identical to the actual key. This is, however, cryptographically not secure as the key identification may be intercepted during transmission. For this reason, it is preferred that the key identification is a code associated with the key, for example a key number. It is further preferred that the key identification is a code derived from the key. This provides a degree of tamper protection.
  • the key identification is a hash value.
  • Hash values are values which can be derived from a source value such as a cryptographic key using a hash function, a type of function which is well known in the field of cryptography.
  • a hash function is a one-way function, that is, a function for which it is not feasible to determine the inverse function.
  • the hash value of the key can be readily determined, but it is not feasible to derive the key from the hash value. In this way, interception of the key identification does not compromise the key itself.
  • any (unauthorized) alteration of a key will result in a different hash value and will prevent the unauthorized decryption of the encrypted image.
  • the step of the decryption device detecting the key identification involves the sub-steps of: -
  • the decryption device detecting the hash value and storing it as a detected hash value, • the decryption device calculating the hash values of the second key set and comparing each calculated hash value with the detected hash value until a match is found. By matching a hash value of the decryption device's key set with the detected hash value the correct key can readily be found.
  • hash values of the second key set in the decryption device It is of course possible to pre-calculate and store the hash values of the second key set in the decryption device. This requires, however, a substantial amount of memory space. It has been found that hash values can be calculated quickly and therefore it is preferred not the store the hash values.
  • the key identification can be transmitted separately, it is preferred that the key identification is part of the encrypted image. This provides both a simple transmission of the key identification and an easy detection by the decryption device.
  • the key identification can form a sub-image of the encrypted image. This sub-image can be a symbol, a code or the like.
  • the sub-image can also be encrypted using an additional key which is preferably the same for a series of images.
  • the key identification is displayed on the display device as a bar code.
  • a bar code can easily be recognized and read by the decryption device.
  • Other types of codes however, can also be used.
  • a time multiplexed code may be used where parts of the code are sequentially displayed. These parts, in turn, may or may not be constituted by bar codes.
  • the images used for synchronization according to the present invention may be monochrome images or color images. Although various techniques may be used for rendering color images in visual cryptography and similar applications, the liquid crystal display techniques described in European Patent Application 02078660.4 [PHNL020804EPP] are particularly suitable.
  • the present invention further provides a system for synchronizing a first key set in an encryption device and a second key set in a decryption device, the system comprising:
  • a decryption device for detecting the key identification, decrypting the encrypted image using a key of the second key set corresponding with the key identification, and displaying the decrypted image.
  • the present invention also provides a decryption device for use in a system as defined above, the device comprising sensor means for sensing an encrypted image including a key identification, key selection means for selecting a key on the basis of the sensed key identification, decryption means for decrypting a sensed encrypted image using the selected key, and display means for displaying a decrypted image.
  • the sensor means are part of an LED (Light Emitting Diode) circuit, preferably an OLED (Organic Light Emitting Diode) circuit.
  • LED Light Emitting Diode
  • OLED Organic Light Emitting Diode
  • Fig. 1 schematically shows a cryptographic system according to the present invention.
  • Fig. 2 schematically shows, in cross-section, a decryptor for use in the system of Fig. 1.
  • Fig. 3 schematically shows an example of an image used in the system and method according to the present invention.
  • the system shown merely by way of non-limiting example in Fig. 1 comprises a server 1, a terminal 2, a decryptor (or decoder) 3 and a communication network 4.
  • the server 1 produces and encrypts images which are transmitted via the communication network 4 to the terminal 2.
  • the communication network 4 may be constituted by a dedicated network such as a LAN, a telephone network (POTS), the Internet, or a simple cable or wire.
  • Both the server 1 and the terminal 2 may be dedicated devices or may be constituted by general purpose computers with, at least in the case of terminal 2, a display screen 21.
  • the decryptor 3 is a cryptographic device which will be discussed in more detail below.
  • the server 1 and the decryptor 3 are both provided with at least one key set consisting of a plurality of cryptographic keys.
  • the decryptor 3 is a decryption device which may include sensors 31 for sensing a displayed image, a processor 32 with an associated memory for performing cryptographic operations on the sensed image, and display elements 33 forming a display screen (34 in Fig. 1) for displaying the decrypted image. Electrical conductors or optical fibers connect the sensors 31, the processor 32 and the display elements 33. A set of cryptographic keys is stored in the processor memory. The decryptor 3 therefore is capable of sensing an encrypted image, decrypting the image, and displaying the resulting decrypted image.
  • the decryptor 3 is a trusted device which is preferably carried by its user and stored in a safe place when not in use. In this way the keys stored in the decryptor are not compromised.
  • the synchronization of key sets in the system of Fig. 1 is accomplished as follows.
  • the server (encryption device) 1 encrypts an image using a key of its key set. This image is transmitted to the terminal (display device) 2 which displays the image. As the terminal 2 is not in possession of the keys, it is not able to decrypt the encrypted image.
  • the displayed encrypted image contains no perceptible information and may have the appearance of a random image ("snow").
  • the user positions her decryptor (decryption device) 3 in such a way that the decryptor can sense the image.
  • the encrypted image schematically shown in Fig. 3 has two image portions, a first image portion 5 containing the encrypted image and a second image portion 6 containing the key identification.
  • the decryptor 3 senses both images preferably simultaneously and is preferably arranged for determining which part of the image shown on display screen 21 is the second image portion 6.
  • a section of the screen 21 is assigned to the second (key identification) image portion 6 and therefore this image portion is recognized on the basis of its location.
  • the second image portion 6 contains a bar code. It is possible for the decryptor 3 to "scan" the display 21 and detect a bar code using well-known electronic image scanning techniques. In that case, it would not be necessary to assign a particular position to the second image portion. Instead of a bar code, other codes or (combination of) symbols could be used. It is further possible that such codes are recognized by the decryptor 3 using pattern recognition techniques. It is not necessary for the entire code to be displayed at a single moment and so-called time multiplexed codes may be used in which parts of the code are displayed sequentially, that is, at different moments in time. This may be accomplished by the temporary lighting up (or flashing) of certain display elements. The said parts of the code may themselves be represented by bar codes or any other suitable codes.
  • the decryptor 3 recognizes and decodes the bar code contained in the second image portion 6 so as to obtain the key identification or a code representing the key identification.
  • the (bar) code contained in the second image portion 6 is the hash value of the key.
  • the decryptor 3 then tries to match this detected hash value with one of the keys of its key set by computing the hash value of a key, comparing it with the detected hash value, and continuing with the next key if the detected hash value and the calculated hash value do not match. If no match is found, an error must have occurred. If a match is found, the decryptor then uses the key concerned to decrypt the first image portion 5 and to display the resulting decrypted image. In the position of the second image portion 6 a masking area (e.g. a blank area) may be inserted by the decryptor to mask the key identification.
  • a masking area e.g. a blank area
  • the actual key identification may optionally be extended with a CRC (Cyclical Redundancy Check) value or similar check value which allows error detection.
  • CRC Cyclical Redundancy Check
  • the key sets of the server and the decryptor are effectively identical, that is, each key of the server key set, when used in the server encryption process, produces an image which can be decrypted using an associated key in the decryptor key set, when used in the decryptor decryption process.
  • the server key set and the decryptor key set will be identical, but this is not necessarily the case.
  • the relationship between the keys may be illustrated as follows:
  • K is a key of the first key set
  • KID is the corresponding key identification
  • K' is the key of the second key set identified by the key identification.
  • KID is the key identification
  • K' is the key of the second key set identified by the key identification.
  • KID is produced which is used by the decryptor to identify its corresponding key K'.
  • K and K' will be identical.
  • the decryptor (decryption device) 3 displays the entire decrypted image. This is not necessarily the case and embodiments can be envisaged in which the decryptor 3 only displays part of the image to allow "visual cryptography” techniques as disclosed in e.g. European Patent Application EP 0 260 815 mentioned above.
  • the decryptor 3 is at least partially transparent, one part or "share” of the image being displayed by the decryptor, the other part or “share” being displayed by the terminal display 21.
  • a suitable example of a transparent device in which LCD screens are employed is described in European Patent Application 02075527.8 [PHNL020121].
  • the present invention is based upon the insight that information identifying a key can be displayed in an encrypted image, allowing this information to be detected by a decoding device.
  • the present invention is additionally based upon the further insight that an untrusted device (i.e. the display device) can be used to provide information pertaining to keys, as the untrusted device has no knowledge of the keys themselves.
  • the present invention is in particular applicable in systems for cryptographically transferring images, such as "visual cryptography", it can also be applied in other cryptographic systems where other data items than images are cryptographically protected. It can be envisaged, for instance, that the present invention be applied in computer systems where encrypted data (files) are transferred between computers, the computer screens being used for key synchronization. It is noted that any terms used in this document should not be construed so as limit the scope of the present invention, hi particular, the words “comprise(s)” and “comprising” are not meant to exclude any elements not specifically stated. Single (circuit) elements may be substituted with multiple (circuit) elements or with their equivalents.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Health & Medical Sciences (AREA)
  • Multimedia (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Facsimile Transmission Control (AREA)
  • Two-Way Televisions, Distribution Of Moving Picture Or The Like (AREA)
EP03813209A 2002-12-18 2003-11-17 Schlüsselsynchronisation in einem visuellen kryptographischen system Withdrawn EP1576567A1 (de)

Priority Applications (1)

Application Number Priority Date Filing Date Title
EP03813209A EP1576567A1 (de) 2002-12-18 2003-11-17 Schlüsselsynchronisation in einem visuellen kryptographischen system

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
EP02080388 2002-12-18
EP02080388 2002-12-18
PCT/IB2003/005236 WO2004055757A1 (en) 2002-12-18 2003-11-17 Key synchronization in a visual cryptographic system
EP03813209A EP1576567A1 (de) 2002-12-18 2003-11-17 Schlüsselsynchronisation in einem visuellen kryptographischen system

Publications (1)

Publication Number Publication Date
EP1576567A1 true EP1576567A1 (de) 2005-09-21

Family

ID=32524053

Family Applications (1)

Application Number Title Priority Date Filing Date
EP03813209A Withdrawn EP1576567A1 (de) 2002-12-18 2003-11-17 Schlüsselsynchronisation in einem visuellen kryptographischen system

Country Status (6)

Country Link
EP (1) EP1576567A1 (de)
JP (1) JP2006511114A (de)
KR (1) KR20050091732A (de)
CN (1) CN1729495A (de)
AU (1) AU2003276597A1 (de)
WO (1) WO2004055757A1 (de)

Families Citing this family (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP5082209B2 (ja) 2005-06-27 2012-11-28 株式会社日立製作所 送信装置、受信装置、及び映像信号送受信システム
JP4379483B2 (ja) 2007-04-05 2009-12-09 富士ゼロックス株式会社 情報処理装置及びプログラム
EP2323308B1 (de) * 2009-11-12 2016-03-23 Morpho Cards GmbH Verfahren für die Zuweisung eines Geheimnisses auf ein Sicherheitstoken, Verfahren zum Betreiben eines Sicherheitstoken, Speichermedium und Sicherheitstoken
TWI430217B (zh) * 2011-08-08 2014-03-11 Ind Tech Res Inst 驗證方法與系統
CN102289869A (zh) * 2011-08-30 2011-12-21 华南理工大学 基于图像分存的信用卡防盗方法及其系统
CN103873885A (zh) * 2012-12-10 2014-06-18 鸿富锦精密工业(深圳)有限公司 流媒体共享请求系统、流媒体提供系统及其方法
BR102014007666B1 (pt) * 2014-03-28 2023-01-10 Samsung Eletrônica Da Amazônia Ltda Método para autenticação de transações móveis usando criptografia de vídeo e método para criptografia de vídeo
US11388001B2 (en) 2017-08-02 2022-07-12 Nippon Telegraph And Telephone Corporation Encrypted communication device, encrypted communication system, encrypted communication method, and program
CN109727294A (zh) * 2018-05-28 2019-05-07 成都信息工程大学 一种门限视觉密码矩阵构造方法

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5185796A (en) * 1991-05-30 1993-02-09 Motorola, Inc. Encryption synchronization combined with encryption key identification
JPH05323267A (ja) * 1992-05-26 1993-12-07 Toshiba Corp 液晶表示装置
EP1161811B1 (de) * 1999-03-22 2007-08-29 Agency for Science, Technology and Research Verfahren und vorrichtung zur verschlüsselung und entschlüsselung von daten
FR2806230B1 (fr) * 2000-03-09 2002-05-24 France Telecom Procede et dispositif de lecture confidentielle de donnees
CA2330166A1 (en) * 2000-12-29 2002-06-29 Nortel Networks Limited Data encryption using stateless confusion generators

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See references of WO2004055757A1 *

Also Published As

Publication number Publication date
JP2006511114A (ja) 2006-03-30
AU2003276597A1 (en) 2004-07-09
CN1729495A (zh) 2006-02-01
KR20050091732A (ko) 2005-09-15
WO2004055757A1 (en) 2004-07-01

Similar Documents

Publication Publication Date Title
EP1472584B1 (de) Gesicherter dateneingabedialog mittels visueller kryptographie
US20040161111A1 (en) Optical out-of-band key distribution
US20060210080A1 (en) Key synchronization in a visual cryptographic system
US20050117748A1 (en) Secure visual message communication method and device
WO1998034403A1 (en) Apparatus and method for securing captured data transmitted between two sources
KR101608184B1 (ko) 인증서버, 인증시스템, 인증방법 및 기록매체
EP1166547A1 (de) Unsichtbares kodieren von metainformationen
US20060026428A1 (en) Key synchronization in an image cryptographic systems
KR20050117552A (ko) 원격 메시지 합성을 인에이블링하는 방법 및 시스템
WO2004055757A1 (en) Key synchronization in a visual cryptographic system
JP2007287003A (ja) 磁気カード読み取りシステム
US7916863B2 (en) Security printing method and system for enhancing security printing
US20050180569A1 (en) Tamper-resistant visual encryption method and device
CN102118311B (zh) 一种数据传输方法
KR20010092752A (ko) 비디오 신호 인증 시스템
WO2011052180A1 (ja) 暗号化メッセージ送信装置、プログラム、暗号化メッセージ送信方法および認証システム
Bowers et al. Drifting keys: Impersonation detection for constrained devices
CN116644458B (zh) 一种电子系统信息安全保护系统
US7327845B1 (en) Transmission of encrypted messages between a transmitter and a receiver utilizing a one-time cryptographic pad
Cheng A Novel Rubbing Encryption Algorithm and the Implementation of a Web Based One-Time Password Token
Wang et al. Log-in authentication based on locating centers of a triangle
Rana et al. Design and Implementation of K-Split Segmentation Approach for Visual Cryptography
JP2010135950A (ja) 暗号処理装置および暗号処理方法

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

17P Request for examination filed

Effective date: 20050718

AK Designated contracting states

Kind code of ref document: A1

Designated state(s): AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IT LI LU MC NL PT RO SE SI SK TR

AX Request for extension of the european patent

Extension state: AL LT LV MK

DAX Request for extension of the european patent (deleted)
17Q First examination report despatched

Effective date: 20060704

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION IS DEEMED TO BE WITHDRAWN

18D Application deemed to be withdrawn

Effective date: 20070601