On the security of the digest function in the SARI image authentication system

Regunathan Radhakrishnan, Nasir Memon

    Research output: Contribution to journalArticle

    Abstract

    In this paper, we investigate the image authentication system SARI, proposed by Lin and Chang, that distinguishes JPEG compression from malicious manipulations. In particular, we look at the image digest component of this system. We show that if multiple images have been authenticated with the same secret key and the digests of these images are known to an attacker, Oscar, then he can cause arbitrary images to be authenticated with this same but unknown key. We show that the number of such images needed by Oscar to launch a successful attack is quite small, making the attack very practical. We then suggest possible solutions to enhance the security of this authentication system.

    Original languageEnglish (US)
    Pages (from-to)1030-1033
    Number of pages4
    JournalIEEE Transactions on Circuits and Systems for Video Technology
    Volume12
    Issue number11
    DOIs
    StatePublished - Nov 2002

    Fingerprint

    Authentication

    Keywords

    • Image authentication
    • Image digest functions
    • Salt
    • SARI

    ASJC Scopus subject areas

    • Electrical and Electronic Engineering

    Cite this

    On the security of the digest function in the SARI image authentication system. / Radhakrishnan, Regunathan; Memon, Nasir.

    In: IEEE Transactions on Circuits and Systems for Video Technology, Vol. 12, No. 11, 11.2002, p. 1030-1033.

    Research output: Contribution to journalArticle

    @article{85a63282679147cd9e2a948a2897234e,
    title = "On the security of the digest function in the SARI image authentication system",
    abstract = "In this paper, we investigate the image authentication system SARI, proposed by Lin and Chang, that distinguishes JPEG compression from malicious manipulations. In particular, we look at the image digest component of this system. We show that if multiple images have been authenticated with the same secret key and the digests of these images are known to an attacker, Oscar, then he can cause arbitrary images to be authenticated with this same but unknown key. We show that the number of such images needed by Oscar to launch a successful attack is quite small, making the attack very practical. We then suggest possible solutions to enhance the security of this authentication system.",
    keywords = "Image authentication, Image digest functions, Salt, SARI",
    author = "Regunathan Radhakrishnan and Nasir Memon",
    year = "2002",
    month = "11",
    doi = "10.1109/TCSVT.2002.805505",
    language = "English (US)",
    volume = "12",
    pages = "1030--1033",
    journal = "IEEE Transactions on Circuits and Systems for Video Technology",
    issn = "1051-8215",
    publisher = "Institute of Electrical and Electronics Engineers Inc.",
    number = "11",

    }

    TY - JOUR

    T1 - On the security of the digest function in the SARI image authentication system

    AU - Radhakrishnan, Regunathan

    AU - Memon, Nasir

    PY - 2002/11

    Y1 - 2002/11

    N2 - In this paper, we investigate the image authentication system SARI, proposed by Lin and Chang, that distinguishes JPEG compression from malicious manipulations. In particular, we look at the image digest component of this system. We show that if multiple images have been authenticated with the same secret key and the digests of these images are known to an attacker, Oscar, then he can cause arbitrary images to be authenticated with this same but unknown key. We show that the number of such images needed by Oscar to launch a successful attack is quite small, making the attack very practical. We then suggest possible solutions to enhance the security of this authentication system.

    AB - In this paper, we investigate the image authentication system SARI, proposed by Lin and Chang, that distinguishes JPEG compression from malicious manipulations. In particular, we look at the image digest component of this system. We show that if multiple images have been authenticated with the same secret key and the digests of these images are known to an attacker, Oscar, then he can cause arbitrary images to be authenticated with this same but unknown key. We show that the number of such images needed by Oscar to launch a successful attack is quite small, making the attack very practical. We then suggest possible solutions to enhance the security of this authentication system.

    KW - Image authentication

    KW - Image digest functions

    KW - Salt

    KW - SARI

    UR - http://www.scopus.com/inward/record.url?scp=0036865504&partnerID=8YFLogxK

    UR - http://www.scopus.com/inward/citedby.url?scp=0036865504&partnerID=8YFLogxK

    U2 - 10.1109/TCSVT.2002.805505

    DO - 10.1109/TCSVT.2002.805505

    M3 - Article

    VL - 12

    SP - 1030

    EP - 1033

    JO - IEEE Transactions on Circuits and Systems for Video Technology

    JF - IEEE Transactions on Circuits and Systems for Video Technology

    SN - 1051-8215

    IS - 11

    ER -