WO2004040903A1 - Image decryption device and method - Google Patents

Image decryption device and method Download PDF

Info

Publication number
WO2004040903A1
WO2004040903A1 PCT/IB2003/004449 IB0304449W WO2004040903A1 WO 2004040903 A1 WO2004040903 A1 WO 2004040903A1 IB 0304449 W IB0304449 W IB 0304449W WO 2004040903 A1 WO2004040903 A1 WO 2004040903A1
Authority
WO
WIPO (PCT)
Prior art keywords
image
elements
display
decryption device
encrypted
Prior art date
Application number
PCT/IB2003/004449
Other languages
French (fr)
Inventor
Pim T. Tuyls
Thomas A. M. Kevenaar
Geert J. Schrijen
Mark T. Johnson
Andrea Giraldo
Original Assignee
Koninklijke Philips Electronics N.V.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Koninklijke Philips Electronics N.V. filed Critical Koninklijke Philips Electronics N.V.
Priority to AU2003264802A priority Critical patent/AU2003264802A1/en
Publication of WO2004040903A1 publication Critical patent/WO2004040903A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N7/00Television systems
    • H04N7/16Analogue secrecy systems; Analogue subscription systems
    • H04N7/167Systems rendering the television signal unintelligible and subsequently intelligible
    • GPHYSICS
    • G09EDUCATION; CRYPTOGRAPHY; DISPLAY; ADVERTISING; SEALS
    • G09CCIPHERING OR DECIPHERING APPARATUS FOR CRYPTOGRAPHIC OR OTHER PURPOSES INVOLVING THE NEED FOR SECRECY
    • G09C5/00Ciphering apparatus or methods not provided for in the preceding groups, e.g. involving the concealment or deformation of graphic data such as designs, written or printed messages
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N1/00Scanning, transmission or reproduction of documents or the like, e.g. facsimile transmission; Details thereof
    • H04N1/32Circuits or arrangements for control or supervision between transmitter and receiver or between image input and image output device, e.g. between a still-image camera and its memory or between a still-image camera and a printer device
    • H04N1/32101Display, printing, storage or transmission of additional information, e.g. ID code, date and time or title
    • H04N1/32144Display, printing, storage or transmission of additional information, e.g. ID code, date and time or title embedded in the image data, i.e. enclosed or integrated in the image, e.g. watermark, super-imposed logo or stamp
    • H04N1/32149Methods relating to embedding, encoding, decoding, detection or retrieval operations
    • H04N1/32203Spatial or amplitude domain methods
    • H04N1/32219Spatial or amplitude domain methods involving changing the position of selected pixels, e.g. word shifting, or involving modulating the size of image components, e.g. of characters
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N1/00Scanning, transmission or reproduction of documents or the like, e.g. facsimile transmission; Details thereof
    • H04N1/32Circuits or arrangements for control or supervision between transmitter and receiver or between image input and image output device, e.g. between a still-image camera and its memory or between a still-image camera and a printer device
    • H04N1/32101Display, printing, storage or transmission of additional information, e.g. ID code, date and time or title
    • H04N1/32144Display, printing, storage or transmission of additional information, e.g. ID code, date and time or title embedded in the image data, i.e. enclosed or integrated in the image, e.g. watermark, super-imposed logo or stamp
    • H04N1/32149Methods relating to embedding, encoding, decoding, detection or retrieval operations
    • H04N1/32267Methods relating to embedding, encoding, decoding, detection or retrieval operations combined with processing of the image
    • H04N1/32272Encryption or ciphering
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N1/00Scanning, transmission or reproduction of documents or the like, e.g. facsimile transmission; Details thereof
    • H04N1/44Secrecy systems
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N1/00Scanning, transmission or reproduction of documents or the like, e.g. facsimile transmission; Details thereof
    • H04N1/44Secrecy systems
    • H04N1/448Rendering the image unintelligible, e.g. scrambling
    • H04N1/4486Rendering the image unintelligible, e.g. scrambling using digital data encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N1/00Scanning, transmission or reproduction of documents or the like, e.g. facsimile transmission; Details thereof
    • H04N1/44Secrecy systems
    • H04N1/448Rendering the image unintelligible, e.g. scrambling
    • H04N1/4493Subsequently rendering the image intelligible using a co-operating image, mask or the like
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/20Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
    • H04N21/23Processing of content or additional data; Elementary server operations; Server middleware
    • H04N21/234Processing of video elementary streams, e.g. splicing of video streams or manipulating encoded video stream scene graphs
    • H04N21/2347Processing of video elementary streams, e.g. splicing of video streams or manipulating encoded video stream scene graphs involving video stream encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/43Processing of content or additional data, e.g. demultiplexing additional data from a digital video stream; Elementary client operations, e.g. monitoring of home network or synchronising decoder's clock; Client middleware
    • H04N21/44Processing of video elementary streams, e.g. splicing a video clip retrieved from local storage with an incoming video stream or rendering scenes according to encoded video stream scene graphs
    • H04N21/4405Processing of video elementary streams, e.g. splicing a video clip retrieved from local storage with an incoming video stream or rendering scenes according to encoded video stream scene graphs involving video stream decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/47End-user applications
    • H04N21/475End-user interface for inputting end-user data, e.g. personal identification number [PIN], preference data
    • H04N21/4753End-user interface for inputting end-user data, e.g. personal identification number [PIN], preference data for user identification, e.g. by entering a PIN or password
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N2201/00Indexing scheme relating to scanning, transmission or reproduction of documents or the like, and to details thereof
    • H04N2201/32Circuits or arrangements for control or supervision between transmitter and receiver or between image input and image output device, e.g. between a still-image camera and its memory or between a still-image camera and a printer device
    • H04N2201/3201Display, printing, storage or transmission of additional information, e.g. ID code, date and time or title
    • H04N2201/3269Display, printing, storage or transmission of additional information, e.g. ID code, date and time or title of machine readable codes or marks, e.g. bar codes or glyphs
    • H04N2201/327Display, printing, storage or transmission of additional information, e.g. ID code, date and time or title of machine readable codes or marks, e.g. bar codes or glyphs which are undetectable to the naked eye, e.g. embedded codes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N2201/00Indexing scheme relating to scanning, transmission or reproduction of documents or the like, and to details thereof
    • H04N2201/32Circuits or arrangements for control or supervision between transmitter and receiver or between image input and image output device, e.g. between a still-image camera and its memory or between a still-image camera and a printer device
    • H04N2201/3201Display, printing, storage or transmission of additional information, e.g. ID code, date and time or title
    • H04N2201/3273Display

Definitions

  • the present invention relates to a method of encrypting an image, a method of decrypting an encrypted image, and a decryption device. More in particular, the present invention relates to a method of encrypting an image consisting of image elements, a method of decrypting an image consisting of image elements, as well as a decryption device for decrypting an encrypted image displayed on a display device so as to provide a decrypted image.
  • This transformation of the original image typically causes the number of image elements, also known as picture elements (pixels), to increase while the resolution decreases.
  • image elements also known as picture elements (pixels)
  • the encrypted image contains two times or, when the aspect ratio of the image is to be maintained, four times as many image elements as the original image.
  • the present invention provides a method of encrypting an image consisting of image elements, the method comprising the step of:
  • permuting the image elements so as to provide a encrypted image By permuting the image elements (pixels) of the original image an encrypted (or encoded) image is obtained which cannot be recognized.
  • the encrypted image may have exactly the same number of image elements as the original image, so an increase in the number of image elements is avoided.
  • the present invention also provides a method of decrypting an encrypted image consisting of image elements, the method comprising the steps of:
  • a decryption device capable of sensing the displayed image elements and permuting the sensed image elements so as to provide a decrypted image.
  • a decrypted image may be obtained which is identical to the original image.
  • the methods of the present invention further allow the encryption and decryption of color images, for example by using the liquid crystal display techniques described in European Patent Application serial number 02078660.4 (attorney docket PHNL020804).
  • the said permutation of the image elements may be a "pure" permutation, that is, a rearrangement or transposition of the individual image elements in different locations within the image, the transposition preferably being random or pseudo-random.
  • the (initial) permutation and the inverse permutation may be identical but will be different in most embodiments.
  • the step of permuting involves using two or more image elements of the first (original or encrypted respectively) image to produce a single image element of the second (encrypted or decrypted respectively) image. That is, the image values (e.g. "1" for black and "0" for white) of for example four image elements of the original image may be combined to produced a single encrypted image value (e.g. "1", "0” or "0.8”). Similarly, the image values of for example four image elements of the encrypted image may be combined to produced a single decrypted image value. This combining may involve adding, subtracting, averaging or other operations. The original image values maybe adjacent or may be taken from image elements scattered over the original image. This combining should be entirely or substantially reversible so as to allow decryption.
  • the step of permuting involves using a group (i.e. two or more) image elements of the first (e.g. encrypted) image to produce a group (i.e. two or more) image elements of the second (e.g. decrypted) image.
  • the step of permuting may involve cryptographically processing a group of image elements of the first image to produce a group of image elements of the second image. Again, the image elements of a group need not be adjacent.
  • the present invention further provides a decryption device for decrypting an encrypted image displayed on a display device so as to provide a decrypted image, the decryption device comprising:
  • display means for displaying the permuted image element so as to provide a decrypted image.
  • the device of the present invention allows encrypted images to be readily decrypted.
  • the device of the present invention allows a secure decryption of the encrypted image, even when the display device is not trusted. It is noted that the device of the present invention is not only suitable for carrying out the decryption method of the present invention, but may also advantageously be used to carry out the decryption of images which were encrypted using the Prior Art methods of image encryption ("classic visual cryptography") discussed above. In the latter case the device of the present invention preferably permutes groups of four image elements.
  • a preferred embodiment of the device of the present invention is arranged such that: • the sensing means comprise sensor elements arranged in a first face of the device,
  • the display means comprise display elements arranged in a second face of the device, and/or
  • the permuting means comprise connection means for providing electrical and/or optical connections between the sensor elements and the display elements.
  • connection means for providing electrical and/or optical connections between the sensor elements which sense the encrypted image on the one hand and the display elements on the other hand, the encrypted image is permuted and the decrypted image can be displayed.
  • the number of image elements of the decrypted image is preferably equal to the number of image elements of the original image.
  • electrical or optical connections producing an appropriate image transformation, such as a permutation of the image elements, the quality of the image may be maintained.
  • connection means comprise hard wired electrical connections or glue-logic. This allows the decryption device of the present invention to permute the image elements. Such a decryption technique is relatively simple. Optical fibers directly connecting each sensor element with a display element may be used in an optical alternative embodiment.
  • connection means comprise a processor for cryptographically processing image data provided by the sensor elements.
  • connection means may comprise a display driver.
  • Such a display driver may also be used for effecting an appropriate image transformation, in which case a separate processor may be omitted.
  • the decryption device of the present invention is substantially non- transparent. This causes the decryption device to shield the encrypted image, thus avoiding any undesired interference between the encrypted image and the image displayed on the decryption device. It is noted that this is in contrast with the arrangements according to the Prior Art in which is required for the "decryption device" to be at least partially transparent. It will be understood, however, that the device may be made transparent, for example to carry out Prior Art decryption methods.
  • the first and second faces of the decryption device are arranged substantially back-to-back. However, other arrangements are also possible, including arrangements in which the sensor elements and the display elements are accommodated in separate housings.
  • the first face may be provided with at least one lens.
  • Either a single lens may be provided for sensor elements, or each sensor element (or group of sensor elements) is provided with an individual lens. It will be understood that the focusing of a lens may improve the sensing capabilities of the device.
  • the decryption device of the present invention may be accommodated in a video camera, thus using the camera's lens.
  • the display elements comprise organic LED elements, preferably active matrix organic LED elements.
  • the device of the present invention can also be used to encrypt an image.
  • a camera may be used to record the image displayed by the device, or the device may be provided with a suitable output port.
  • the present invention additionally provides a system for decrypting an encrypted image, the system comprising a display device for displaying the encrypted image, and a decryption device as defined above for providing a decrypted image.
  • Fig. 1 schematically shows a method of encrypting and decrypting images according to the present invention.
  • Fig. 2 schematically shows, in perspective, a system employing a device according to the present invention.
  • Fig. 3 schematically shows, in a cross-sectional view, a first embodiment of a device according to the present invention.
  • Fig. 4 schematically shows, in a cross-sectional view, a second embodiment of a device according to the present invention.
  • Fig. 5 schematically shows, in a cross-sectional view, a third embodiment of a device according to the present invention.
  • Fig. 6 schematically shows a preferred embodiment of a sensor element and a display element for use in a device according to the present invention.
  • Fig. 7 schematically shows a system in which the present invention may be utilized.
  • the present invention pertains to a process involving a first step I, in which an original (digital) image A is encrypted to produce an encrypted image B, a second step II, in which the encrypted image B is transmitted by any suitable means (e.g. electronically via a cable, a satellite link or on a physical carrier such as a CD or floppy disc), and a third step III in which the transmitted encrypted image B is decrypted, resulting in a decrypted image C.
  • each image A, B, C consists of a number of image elements or pixels 10 (twenty pixels per image are shown in the example of Fig. 1, although actual images will have a significantly greater number of image elements).
  • the encryption may be carried out by permuting the image elements 10, the decryption being carried out by an inverse permutation. Assuming pixels ranging from (1, 1) (top left hand corner) to (4, 5) (bottom right hand corner), a permutation may be carried out as follows:
  • the resulting image B will be unrecognizable provided the permutations are sufficiently random.
  • a system according to the present invention which is shown merely by way of non-limiting example in Fig. 2 comprises a display terminal 2 and a decryption device 1.
  • the display terminal 2 may be a computer terminal, television set or a similar device capable of showing images.
  • the display terminal 2 may for example have a CRT (Cathode Ray Tube) display or an LCD display. In the cryptographic sense the display terminal 2 is an untrusted terminal.
  • CRT Cathode Ray Tube
  • the display terminal 2 displays an image B. As this image is encrypted, it cannot be recognized and is therefore apparently meaningless. This is symbolically shown by the question mark.
  • a decryption device 1 is used which is capable of sensing the encrypted image B and transforming it into a decrypted image C (shown to be the number 9 in the example of Fig. 1).
  • the decryption device 1 of the present invention has two faces, one of which is placed in front of the display device 2 in order to be able to sense the encrypted image B, and the other one of which is provided with display elements for displaying the decrypted image. In the cryptographic sense the decryption device 1 is a trusted terminal.
  • the device 1 of the present invention shown merely by way of non-limiting example in Fig. 3 comprises a first face 11 provided with sensor elements 21 for sensing the encrypted image and a second face 12 provided with display elements 22 for displaying the decrypted image.
  • the direction in which light representing the image travels is indicated by arrows.
  • the sensor elements 21 may be constituted by photo-diodes or other elements capable of transforming light into an electrical signal. These sensor elements may be embedded in the image elements.
  • the display elements 22 may be LEDs (Light Emitting Diodes), for example organic LEDs (OLEDs). It has been found that so-called Active Matrix Organic LEDs (AM-OLEDs) are particularly suitable.
  • the decryption device 1 of the present invention further comprises connection means 13 for providing electrical or optical connections between the sensor elements 21 and the display elements 22.
  • the connection means 13 are arranged in such a way that the display elements 22 together display the decrypted image (C in Figs. 1 and 2). In other words, the connection means 13 cause the encrypted image to be decrypted.
  • connection means 13 consist of hard wired connections which may be constituted by actual wires, a printed circuit board, so- called glue logic, optical fibers or other means.
  • the decryption scheme employed is fixed and may consist of a simple permutation of the picture elements. That is, each sensor element 21 may be connected to a single display element 22 having a different relative location (a small percentage of the display elements 22 could be allowed to have the same relative positions as their corresponding sensor elements 21).
  • a display driver 24 may optionally be present. Such a display driver, however, is in the embodiment of Fig. 3 not involved in the decryption process.
  • the display of the decryption device 1 is preferably non- transparent and that the only image visible is the image produced by the display elements 22.
  • the decryption device of the present invention does not produce a partial image as in the prior art where two partial images were combined to produce a single decrypted image. Instead, the device of the present invention preferably produces the entire decrypted image while masking the encrypted image.
  • the hard wired connections between the sensor elements 21 and the display elements 22 are replaced with a processor unit 23 which is capable of performing a permutation, a combined permutation and combination, or a cryptographic algorithm such as RSA, DES or a similar algorithm.
  • a processor unit 23 which is capable of performing a permutation, a combined permutation and combination, or a cryptographic algorithm such as RSA, DES or a similar algorithm.
  • all sensor elements 21 and display elements 22 are connected to the processor unit 23 which may contain a microprocessor or a dedicated cryptographic integrated circuit.
  • the processor unit could be capable of signal processing for the purpose of enhancing the contrast and/or color of the decrypted image.
  • the display driver 24 could be arranged for performing the decryption.
  • any cryptographic information such as keys
  • any firmware updates of, for example, the display driver should be either impossible or only allowed under strict security conditions.
  • FIG. 5 An alternative embodiment is shown in Fig. 5 where lenses 25 are positioned so as to focus any incident light upon the sensor elements 21. Instead of a plurality of lenses 25 as shown in Fig. 5, a single, larger lens could be used.
  • the opto-electrical circuit 6 shown by way of non-limiting example in Fig. 6 is particularly suitable for use in a device 1 of the present invention.
  • the photo diode 7 constitutes a sensor element 21 of Figs. 3 and 4, while OLED 8 corresponds with a display element 22 of Figs. 3 and 4.
  • OLED 8 corresponds with a display element 22 of Figs. 3 and 4.
  • photo diode 7 Upon the receipt of light from the encrypted image (B in Figs. 1 and 2) photo diode 7 inputs its signal into the crypto block (i.e. connection means 13 and/or cryptographic processor 23) which may in turn produce an output signal which is input to selection transistor T se ⁇ .
  • Fig. 7 schematically shows a system utilizing the invention, comprising a server 3 and several clients 2a, 2b, 2c.
  • the clients 2a-2c are embodied here as a laptop computer 2a, a palmtop computer 2b and a mobile phone 2c, they can in fact be realized as any kind of device, as long as the device is able to interactively communicate with the server 3 and is able to render graphical images on a display screen, such as an LCD screen.
  • the communication can take place over a wire, such as is the case with the laptop 2a, or wirelessly like with the palmtop computer 2b and the mobile phone 2c.
  • a network such as the Internet or a telephone network could interconnect the server 3 and any of the clients 2a- 2c.
  • the server 3 generates an image representing a message that needs to be communicated to the operator of the client 2a.
  • the image will be encrypted before transmission.
  • the graphical message can of course comprise any type of information that one could want to transmit securely and privately to another party. For example, a customer's bank balance could be communicated this way, as shown in Fig. 7 as graphical message 5.
  • Other examples include private e-mail messages, a new PIN (Personal Identification Number) code or password to be provided to the operator of client device 2a.
  • a particularly advantageous application is to securely allow the composition of a message by the operator of client 2a.
  • the server generates an image 4 which represents a plurality of input means such as keys on a keyboard.
  • Each input means represents an input word that can be used in the message that will be composed by the user.
  • the input means could also be checkboxes, selection lists, sliders or other elements typically used in user interfaces to facilitate user input.
  • the server 3 encrypts the images 4, 5 as a sequence of encrypted (or encoded) information units. This encoded sequence is then transmitted to one of the client devices 2a- 2c. Such transmissions are straightforward to implement and will not be elaborated upon here.
  • a device 1 of the present invention which is used here as a personal decryption device.
  • the device shown has a display section 15 for displaying an image and an keypad section 16 for entering data.
  • This device 1 is personal to a user and is to used to decrypt encrypted or encoded messages sent by the server 3 to any of the clients 2a- 2c.
  • entering a password or Personal Identification Number (PIN) could be required upon activation of the decryption device 1.
  • the device 1 could also be provided with a fingerprint reader, or be equipped to recognize a voice command uttered by its rightful owner, in order to provide access security. It will be understood that the invention can be used in various other systems other than the one shown in Fig. 7.
  • the processor unit of the device 1 of the present invention could be capable of checking a message authentication code (MAC) in the encrypted image.
  • MAC message authentication code
  • the "encrypted" image A is not encrypted in the true sense of the word but is provided with a MAC instead. This would allow the device of the present invention to be used as a verification device for testing the authenticity of an image.
  • the present invention is based upon the insight that a permutation of picture elements, or a similar image transformation, may be used to reversibly encrypt images while preserving their resolution as well as the number of pixels.
  • the present invention is also based upon the further insight that a trusted image decryption device is capable of providing a secure decryption of encrypted images displayed on an untrusted terminal.

Landscapes

  • Engineering & Computer Science (AREA)
  • Multimedia (AREA)
  • Signal Processing (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Human Computer Interaction (AREA)
  • Control Of Indicators Other Than Cathode Ray Tubes (AREA)

Abstract

A device (1) for decrypting an encrypted image (B) displayed on a display device (2) has sensor elements (21) for sensing the encrypted image (B) and display elements (22) for displaying the decrypted image (C). The decryption is carried out by electrical or optical connections (13) between the sensor elements (21) and the display elements (22) and may involve a permutation of the image elements. A method of decrypting an encrypted image (B) displayed on a display device (2) involves using a decryption device (1) for carrying out a permutation to produce a decrypted image (C).

Description

Image decryption device and method
The present invention relates to a method of encrypting an image, a method of decrypting an encrypted image, and a decryption device. More in particular, the present invention relates to a method of encrypting an image consisting of image elements, a method of decrypting an image consisting of image elements, as well as a decryption device for decrypting an encrypted image displayed on a display device so as to provide a decrypted image.
It is well known to encrypt an image in order to prevent the image being recognized or to prevent its contents being read by unauthorized persons. One technique of encrypting an image is disclosed in, for example, European Patent Application EP 0260 815. This technique, also known as visual cryptography, employs two patterns, each of which cannot be recognized individually, which are overlaid to produce a recognizable image. To this end, the original image is transformed into two randomized parts or patterns, neither of which contains any perceptible image information. One of these patterns is printed on a transparency or displayed on an at least partially transparent display to allow the patterns to be combined in the eye of the viewer.
This transformation of the original image, however, typically causes the number of image elements, also known as picture elements (pixels), to increase while the resolution decreases. Typically the encrypted image contains two times or, when the aspect ratio of the image is to be maintained, four times as many image elements as the original image. In addition, it is very difficult to encrypt and decrypt color images using this known technique.
It is therefore an object of the present invention to overcome at least some of these disadvantages of the above-referenced European Patent Application and to provide a method of encrypting an image which preserves the resolution of the image without substantially increasing the number of picture elements. It is another object of the present invention to provide a method of decrypting an image which allows a simple decryption of encrypted images while substantially preserving their resolution.
It is a further object of the present invention to provide a device for decrypting an encrypted image which allows a simple decryption of encrypted images while substantially preserving their resolution.
Accordingly, the present invention provides a method of encrypting an image consisting of image elements, the method comprising the step of:
• permuting the image elements so as to provide a encrypted image. By permuting the image elements (pixels) of the original image an encrypted (or encoded) image is obtained which cannot be recognized. The encrypted image may have exactly the same number of image elements as the original image, so an increase in the number of image elements is avoided.
The present invention also provides a method of decrypting an encrypted image consisting of image elements, the method comprising the steps of:
• displaying the encrypted image on a display device, and
• positioning near the display device a decryption device capable of sensing the displayed image elements and permuting the sensed image elements so as to provide a decrypted image. By first permuting the image elements to obtain the encrypted image and later inversely permuting the encrypted image to obtain the decrypted image, a decrypted image may be obtained which is identical to the original image. As a consequence, there is no loss of resolution. The methods of the present invention further allow the encryption and decryption of color images, for example by using the liquid crystal display techniques described in European Patent Application serial number 02078660.4 (attorney docket PHNL020804).
The said permutation of the image elements may be a "pure" permutation, that is, a rearrangement or transposition of the individual image elements in different locations within the image, the transposition preferably being random or pseudo-random. The (initial) permutation and the inverse permutation may be identical but will be different in most embodiments.
In an advantageous embodiment the step of permuting involves using two or more image elements of the first (original or encrypted respectively) image to produce a single image element of the second (encrypted or decrypted respectively) image. That is, the image values (e.g. "1" for black and "0" for white) of for example four image elements of the original image may be combined to produced a single encrypted image value (e.g. "1", "0" or "0.8"). Similarly, the image values of for example four image elements of the encrypted image may be combined to produced a single decrypted image value. This combining may involve adding, subtracting, averaging or other operations. The original image values maybe adjacent or may be taken from image elements scattered over the original image. This combining should be entirely or substantially reversible so as to allow decryption.
In another advantageous embodiment the step of permuting involves using a group (i.e. two or more) image elements of the first (e.g. encrypted) image to produce a group (i.e. two or more) image elements of the second (e.g. decrypted) image. In particular, the step of permuting may involve cryptographically processing a group of image elements of the first image to produce a group of image elements of the second image. Again, the image elements of a group need not be adjacent.
The present invention further provides a decryption device for decrypting an encrypted image displayed on a display device so as to provide a decrypted image, the decryption device comprising:
• sensing means for sensing the displayed image elements,
• permuting means for permuting the sensed image elements, and
• display means for displaying the permuted image element so as to provide a decrypted image. The device of the present invention allows encrypted images to be readily decrypted.
Furthermore, the device of the present invention allows a secure decryption of the encrypted image, even when the display device is not trusted. It is noted that the device of the present invention is not only suitable for carrying out the decryption method of the present invention, but may also advantageously be used to carry out the decryption of images which were encrypted using the Prior Art methods of image encryption ("classic visual cryptography") discussed above. In the latter case the device of the present invention preferably permutes groups of four image elements.
A preferred embodiment of the device of the present invention is arranged such that: • the sensing means comprise sensor elements arranged in a first face of the device,
• the display means comprise display elements arranged in a second face of the device, and/or
• the permuting means comprise connection means for providing electrical and/or optical connections between the sensor elements and the display elements. By providing appropriate electrical or optical connections between the sensor elements which sense the encrypted image on the one hand and the display elements on the other hand, the encrypted image is permuted and the decrypted image can be displayed. The number of image elements of the decrypted image is preferably equal to the number of image elements of the original image. By using electrical or optical connections producing an appropriate image transformation, such as a permutation of the image elements, the quality of the image may be maintained.
In a first embodiment, the connection means comprise hard wired electrical connections or glue-logic. This allows the decryption device of the present invention to permute the image elements. Such a decryption technique is relatively simple. Optical fibers directly connecting each sensor element with a display element may be used in an optical alternative embodiment.
In a second embodiment, the connection means comprise a processor for cryptographically processing image data provided by the sensor elements. In both embodiments, the connection means may comprise a display driver.
Such a display driver may also be used for effecting an appropriate image transformation, in which case a separate processor may be omitted.
Preferably, the decryption device of the present invention is substantially non- transparent. This causes the decryption device to shield the encrypted image, thus avoiding any undesired interference between the encrypted image and the image displayed on the decryption device. It is noted that this is in contrast with the arrangements according to the Prior Art in which is required for the "decryption device" to be at least partially transparent. It will be understood, however, that the device may be made transparent, for example to carry out Prior Art decryption methods. Preferably, the first and second faces of the decryption device are arranged substantially back-to-back. However, other arrangements are also possible, including arrangements in which the sensor elements and the display elements are accommodated in separate housings.
Advantageously, the first face may be provided with at least one lens. Either a single lens may be provided for sensor elements, or each sensor element (or group of sensor elements) is provided with an individual lens. It will be understood that the focusing of a lens may improve the sensing capabilities of the device. In one embodiment, the decryption device of the present invention may be accommodated in a video camera, thus using the camera's lens. In a very advantageous embodiment, the display elements comprise organic LED elements, preferably active matrix organic LED elements.
It is noted that the device of the present invention can also be used to encrypt an image. In such an application, a camera may be used to record the image displayed by the device, or the device may be provided with a suitable output port.
The present invention additionally provides a system for decrypting an encrypted image, the system comprising a display device for displaying the encrypted image, and a decryption device as defined above for providing a decrypted image.
The present invention will further be explained below with reference to exemplary embodiments illustrated in the accompanying drawings, in which:
Fig. 1 schematically shows a method of encrypting and decrypting images according to the present invention. Fig. 2 schematically shows, in perspective, a system employing a device according to the present invention.
Fig. 3 schematically shows, in a cross-sectional view, a first embodiment of a device according to the present invention.
Fig. 4 schematically shows, in a cross-sectional view, a second embodiment of a device according to the present invention.
Fig. 5 schematically shows, in a cross-sectional view, a third embodiment of a device according to the present invention.
Fig. 6 schematically shows a preferred embodiment of a sensor element and a display element for use in a device according to the present invention. Fig. 7 schematically shows a system in which the present invention may be utilized.
As illustrated by the example of Fig. 1, the present invention pertains to a process involving a first step I, in which an original (digital) image A is encrypted to produce an encrypted image B, a second step II, in which the encrypted image B is transmitted by any suitable means (e.g. electronically via a cable, a satellite link or on a physical carrier such as a CD or floppy disc), and a third step III in which the transmitted encrypted image B is decrypted, resulting in a decrypted image C. As schematically shown in Fig. 1, each image A, B, C consists of a number of image elements or pixels 10 (twenty pixels per image are shown in the example of Fig. 1, although actual images will have a significantly greater number of image elements). The encryption may be carried out by permuting the image elements 10, the decryption being carried out by an inverse permutation. Assuming pixels ranging from (1, 1) (top left hand corner) to (4, 5) (bottom right hand corner), a permutation may be carried out as follows:
(1, 1) => (2,5)
(2, 1) => (1, 3)
(3, 1) => (4, 2)
(4, 5) => (2, 1)
The resulting image B will be unrecognizable provided the permutations are sufficiently random.
When the inverse permutation is carried out in step III, e.g. (2, 1) => (4, 5), the original image is restored and the decrypted image C will be identical to the original image
A. In case of any transmission errors in step II, there maybe discrepancies between images A and C.
A system according to the present invention which is shown merely by way of non-limiting example in Fig. 2 comprises a display terminal 2 and a decryption device 1. The display terminal 2 may be a computer terminal, television set or a similar device capable of showing images. The display terminal 2 may for example have a CRT (Cathode Ray Tube) display or an LCD display. In the cryptographic sense the display terminal 2 is an untrusted terminal.
The display terminal 2 displays an image B. As this image is encrypted, it cannot be recognized and is therefore apparently meaningless. This is symbolically shown by the question mark. In accordance with the present invention a decryption device 1 is used which is capable of sensing the encrypted image B and transforming it into a decrypted image C (shown to be the number 9 in the example of Fig. 1). As will further be explained below, the decryption device 1 of the present invention has two faces, one of which is placed in front of the display device 2 in order to be able to sense the encrypted image B, and the other one of which is provided with display elements for displaying the decrypted image. In the cryptographic sense the decryption device 1 is a trusted terminal.
The device 1 of the present invention shown merely by way of non-limiting example in Fig. 3 comprises a first face 11 provided with sensor elements 21 for sensing the encrypted image and a second face 12 provided with display elements 22 for displaying the decrypted image. The direction in which light representing the image travels is indicated by arrows.
The sensor elements 21 may be constituted by photo-diodes or other elements capable of transforming light into an electrical signal. These sensor elements may be embedded in the image elements. The display elements 22 may be LEDs (Light Emitting Diodes), for example organic LEDs (OLEDs). It has been found that so-called Active Matrix Organic LEDs (AM-OLEDs) are particularly suitable.
The decryption device 1 of the present invention further comprises connection means 13 for providing electrical or optical connections between the sensor elements 21 and the display elements 22. The connection means 13 are arranged in such a way that the display elements 22 together display the decrypted image (C in Figs. 1 and 2). In other words, the connection means 13 cause the encrypted image to be decrypted.
In the exemplary embodiment of Fig. 3 the connection means 13 consist of hard wired connections which may be constituted by actual wires, a printed circuit board, so- called glue logic, optical fibers or other means. The decryption scheme employed is fixed and may consist of a simple permutation of the picture elements. That is, each sensor element 21 may be connected to a single display element 22 having a different relative location (a small percentage of the display elements 22 could be allowed to have the same relative positions as their corresponding sensor elements 21).
A display driver 24 may optionally be present. Such a display driver, however, is in the embodiment of Fig. 3 not involved in the decryption process.
It is noted that the display of the decryption device 1 is preferably non- transparent and that the only image visible is the image produced by the display elements 22. In its preferred embodiments the decryption device of the present invention does not produce a partial image as in the prior art where two partial images were combined to produce a single decrypted image. Instead, the device of the present invention preferably produces the entire decrypted image while masking the encrypted image.
In the embodiment of Fig. 4 the hard wired connections between the sensor elements 21 and the display elements 22 are replaced with a processor unit 23 which is capable of performing a permutation, a combined permutation and combination, or a cryptographic algorithm such as RSA, DES or a similar algorithm. In this embodiment, therefore, all sensor elements 21 and display elements 22 are connected to the processor unit 23 which may contain a microprocessor or a dedicated cryptographic integrated circuit. In addition to cryptographic processing the processor unit could be capable of signal processing for the purpose of enhancing the contrast and/or color of the decrypted image. Alternatively, the display driver 24 could be arranged for performing the decryption.
To prevent any fraudulent use of the device it is preferably arranged such that any cryptographic information, such as keys, cannot be obtained from outside the device. For the same reason, any firmware updates of, for example, the display driver should be either impossible or only allowed under strict security conditions.
An alternative embodiment is shown in Fig. 5 where lenses 25 are positioned so as to focus any incident light upon the sensor elements 21. Instead of a plurality of lenses 25 as shown in Fig. 5, a single, larger lens could be used.
The opto-electrical circuit 6 shown by way of non-limiting example in Fig. 6 is particularly suitable for use in a device 1 of the present invention. The photo diode 7 constitutes a sensor element 21 of Figs. 3 and 4, while OLED 8 corresponds with a display element 22 of Figs. 3 and 4. Upon the receipt of light from the encrypted image (B in Figs. 1 and 2) photo diode 7 inputs its signal into the crypto block (i.e. connection means 13 and/or cryptographic processor 23) which may in turn produce an output signal which is input to selection transistor Tseι. A selection signal from the display driver (24 in Figs. 3 and 4) controls transistor Tseι, which in turn controls driver transistor Tdrv- Capacitor Cs maintains the gate signal to driver transistor Tdrv which, in the embodiment shown, drives an OLED (Organic LED). Using the circuit 6 a very simple and efficient decryption device 1 can be obtained.
Fig. 7 schematically shows a system utilizing the invention, comprising a server 3 and several clients 2a, 2b, 2c. While the clients 2a-2c are embodied here as a laptop computer 2a, a palmtop computer 2b and a mobile phone 2c, they can in fact be realized as any kind of device, as long as the device is able to interactively communicate with the server 3 and is able to render graphical images on a display screen, such as an LCD screen. The communication can take place over a wire, such as is the case with the laptop 2a, or wirelessly like with the palmtop computer 2b and the mobile phone 2c. A network such as the Internet or a telephone network could interconnect the server 3 and any of the clients 2a- 2c. The server 3 generates an image representing a message that needs to be communicated to the operator of the client 2a. The image will be encrypted before transmission. The graphical message can of course comprise any type of information that one could want to transmit securely and privately to another party. For example, a customer's bank balance could be communicated this way, as shown in Fig. 7 as graphical message 5. Other examples include private e-mail messages, a new PIN (Personal Identification Number) code or password to be provided to the operator of client device 2a.
A particularly advantageous application is to securely allow the composition of a message by the operator of client 2a. In this embodiment, the server generates an image 4 which represents a plurality of input means such as keys on a keyboard. Each input means represents an input word that can be used in the message that will be composed by the user. In addition to, or instead of keys, the input means could also be checkboxes, selection lists, sliders or other elements typically used in user interfaces to facilitate user input. This application is discussed in more detail below. The server 3 encrypts the images 4, 5 as a sequence of encrypted (or encoded) information units. This encoded sequence is then transmitted to one of the client devices 2a- 2c. Such transmissions are straightforward to implement and will not be elaborated upon here. Note that it is not necessary to protect this transmission by e.g. encrypting the encoded sequence or setting up a secure authenticated channel before transmitting it. Because of the process used to choose the elements of the sequence, it is impossible for an eavesdropper to recover the images 4, 5 by using only the encoded sequence.
Also shown in Fig. 7 is a device 1 of the present invention which is used here as a personal decryption device. The device shown has a display section 15 for displaying an image and an keypad section 16 for entering data. This device 1 is personal to a user and is to used to decrypt encrypted or encoded messages sent by the server 3 to any of the clients 2a- 2c. To add extra security, entering a password or Personal Identification Number (PIN) could be required upon activation of the decryption device 1. The device 1 could also be provided with a fingerprint reader, or be equipped to recognize a voice command uttered by its rightful owner, in order to provide access security. It will be understood that the invention can be used in various other systems other than the one shown in Fig. 7.
In addition to or instead of cryptographic processing the processor unit of the device 1 of the present invention could be capable of checking a message authentication code (MAC) in the encrypted image. In this case it could be envisaged that the "encrypted" image A is not encrypted in the true sense of the word but is provided with a MAC instead. This would allow the device of the present invention to be used as a verification device for testing the authenticity of an image.
As will be clear from the above description, the present invention is based upon the insight that a permutation of picture elements, or a similar image transformation, may be used to reversibly encrypt images while preserving their resolution as well as the number of pixels. The present invention is also based upon the further insight that a trusted image decryption device is capable of providing a secure decryption of encrypted images displayed on an untrusted terminal.
It is noted that any terms used in this documents should not be construed so as limit the scope of the present invention. In particular, the words "comprise(s)" and
"comprising" are not meant to exclude any elements not specifically stated. Single (circuit) elements maybe substituted with multiple (circuit) elements or with their equivalents.
Accordingly, it will be understood by those skilled in the art that the present invention is not limited to the embodiments illustrated above and that many modifications and additions may be made without departing from the scope of the invention as defined in the appending claims.

Claims

CLAIMS:
1. A method of encrypting an image consisting of image elements, the method comprising the step of:
• permuting the image elements so as to provide a encrypted image.
2. A method of decrypting an encrypted image consisting of image elements, the method comprising the steps of:
• displaying the encrypted image on a display device, and
• positioning near the display device a decryption device capable of sensing the displayed image elements and permuting the sensed image elements so as to provide a decrypted image.
3. The method according to claim 1 or 2, wherein the step of permuting involves using one or more image elements of a first image to produce one or more image elements of a second image.
4. The method according to claim 1, 2 or 3, wherein the step of permuting involves cryptographically processing a group of image elements of a first image to produce a group of image elements of a second image.
5. A decryption device for decrypting an encrypted image displayed on a display device so as to provide a decrypted image, the decryption device comprising:
• sensing means for sensing the displayed image elements,
• permuting means for permuting the sensed image elements, and
• display means for displaying the permuted image elements so as to provide a decrypted image.
6. A decryption device according to claim 5, wherein
• the sensing means comprise sensor elements arranged in a first face of the device, • the display means comprise display elements arranged in a second face of the device, and/or
• the permuting means comprise connection means for providing electrical and/or optical connections between the sensor elements and the display elements.
7. A decryption device according to claim 5 or 6, wherein the connection means comprise hard wired electrical connections or glue-logic.
8. A decryption device according to claim 5, 6 or 7, wherein the connection means comprise a processor for cryptographically processing image data provided by the sensor elements.
9. A decryption device according to any of claims 5 to 8, wherein the connection means comprise a display driver.
10. A decryption device according to any of claims 5 to 8, which is substantially non-transparent.
11. A decryption device according to any of claims 5 to 10, wherein the first and second faces are arranged substantially back-to-back.
12. A decryption device according to any of claims 5 to 11, wherein the first face is provided with at least one lens.
13. A decryption device according to any of claims 5 to 11 , wherein the display elements comprise organic LED elements, preferably active matrix organic LED elements.
14. A decryption device according to any of claims 5 to 13, accommodated in a video camera.
15. A system for decrypting an encrypted image, the system comprising a display device for displaying the encrypted image, and a decryption device for providing a decrypted image, the decryption device comprising:
• sensing means for sensing the displayed image elements, • permuting means for permuting the sensed image elements, and
• display means for displaying the permuted image elements so as to provide a decrypted image.
PCT/IB2003/004449 2002-11-01 2003-10-07 Image decryption device and method WO2004040903A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
AU2003264802A AU2003264802A1 (en) 2002-11-01 2003-10-07 Image decryption device and method

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
EP02079579 2002-11-01
EP02079579.5 2002-11-01

Publications (1)

Publication Number Publication Date
WO2004040903A1 true WO2004040903A1 (en) 2004-05-13

Family

ID=32187230

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/IB2003/004449 WO2004040903A1 (en) 2002-11-01 2003-10-07 Image decryption device and method

Country Status (2)

Country Link
AU (1) AU2003264802A1 (en)
WO (1) WO2004040903A1 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2009000223A2 (en) * 2007-06-27 2008-12-31 Universität Tübingen Device and method for tap-proof and manipulation-proof encoding of online accounts
CN110913234A (en) * 2019-12-05 2020-03-24 福建师范大学福清分校 JPEG image encryption method

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2251760A (en) * 1988-07-12 1992-07-15 British Broadcasting Corp Descrambling system for broadcast television signals scrambled by active line rotation
US20020101988A1 (en) * 2001-01-30 2002-08-01 Jones Mark A. Decryption glasses

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2251760A (en) * 1988-07-12 1992-07-15 British Broadcasting Corp Descrambling system for broadcast television signals scrambled by active line rotation
US20020101988A1 (en) * 2001-01-30 2002-08-01 Jones Mark A. Decryption glasses

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2009000223A2 (en) * 2007-06-27 2008-12-31 Universität Tübingen Device and method for tap-proof and manipulation-proof encoding of online accounts
DE102007052734A1 (en) 2007-06-27 2009-01-02 Universität Tübingen Device and method for tapping and tamper-proof encryption for online accounts
WO2009000223A3 (en) * 2007-06-27 2009-10-01 Universität Tübingen Device and method for tap-proof and manipulation-proof encoding of online accounts
DE102007052734B4 (en) * 2007-06-27 2010-12-30 Universität Tübingen Device and method for tapping and tamper-proof encryption for online accounts
CN110913234A (en) * 2019-12-05 2020-03-24 福建师范大学福清分校 JPEG image encryption method
CN110913234B (en) * 2019-12-05 2021-11-30 福建师范大学福清分校 JPEG image encryption method

Also Published As

Publication number Publication date
AU2003264802A1 (en) 2004-05-25

Similar Documents

Publication Publication Date Title
KR100264635B1 (en) A system for embedding authentication information into an i mage and an image alteration detecting system
EP1472584B1 (en) Secure data input dialogue using visual cryptography
EP2673732B1 (en) Secure transaction method from a non-secure terminal
US20050117748A1 (en) Secure visual message communication method and device
RU2310227C2 (en) Methods and systems for authentication of components in graphic system
TWI486045B (en) Method and system for on-screen authentication using secret visual message
US20020101988A1 (en) Decryption glasses
US20180285573A1 (en) Visual cryptography and obfuscation using augmented reality
US20060098841A1 (en) Method and system for enabling remote message composition
JP2006508602A (en) Key synchronization in image encryption system
KR20050057292A (en) Image encryption method and visual decryption device
US11558375B1 (en) Password protection with independent virtual keyboard
CN108334786A (en) A kind of data ciphering method
WO2004040903A1 (en) Image decryption device and method
CN107689867B (en) Key protection method and system under open environment
JP2006511114A (en) Key synchronization in visual cryptosystems
WO2011052180A1 (en) Encrypted message transmission device, program, encrypted message transmission method and authentication system
EP3594838A1 (en) Method for recovering a secret key securely stored in a secure element
Rathod et al. Secure bank transaction using data hiding mechanisms
JPH0983512A (en) Ciphering system and optical exclusive or arithmetic unit used for the same
US20050114691A1 (en) Micro electronic device with plurality of encryption/decryption logic
CN106663388A (en) Plaintext encryption method
KR100716590B1 (en) Display device having a data decryption module
Soundarya et al. International Journal of Trend in Scientific Research and Development (IJTSRD)

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE EG ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NI NO NZ OM PG PH PL PT RO RU SC SD SE SG SK SL SY TJ TM TN TR TT TZ UA UG US UZ VC VN YU ZA ZM ZW

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IT LU MC NL PT RO SE SI SK TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
122 Ep: pct application non-entry in european phase
NENP Non-entry into the national phase

Ref country code: JP

WWW Wipo information: withdrawn in national office

Country of ref document: JP