On the security of the digest function in the SARI image authentication system

Regunathan Radhakrishnan, Nasir Memon

Research output: Contribution to journalArticle

Abstract

In this paper, we investigate the image authentication system SARI, proposed by Lin and Chang, that distinguishes JPEG compression from malicious manipulations. In particular, we look at the image digest component of this system. We show that if multiple images have been authenticated with the same secret key and the digests of these images are known to an attacker, Oscar, then he can cause arbitrary images to be authenticated with this same but unknown key. We show that the number of such images needed by Oscar to launch a successful attack is quite small, making the attack very practical. We then suggest possible solutions to enhance the security of this authentication system.

Original languageEnglish (US)
Pages (from-to)1030-1033
Number of pages4
JournalIEEE Transactions on Circuits and Systems for Video Technology
Volume12
Issue number11
DOIs
StatePublished - Nov 2002

Fingerprint

Authentication

Keywords

  • Image authentication
  • Image digest functions
  • Salt
  • SARI

ASJC Scopus subject areas

  • Electrical and Electronic Engineering

Cite this

On the security of the digest function in the SARI image authentication system. / Radhakrishnan, Regunathan; Memon, Nasir.

In: IEEE Transactions on Circuits and Systems for Video Technology, Vol. 12, No. 11, 11.2002, p. 1030-1033.

Research output: Contribution to journalArticle

@article{85a63282679147cd9e2a948a2897234e,
title = "On the security of the digest function in the SARI image authentication system",
abstract = "In this paper, we investigate the image authentication system SARI, proposed by Lin and Chang, that distinguishes JPEG compression from malicious manipulations. In particular, we look at the image digest component of this system. We show that if multiple images have been authenticated with the same secret key and the digests of these images are known to an attacker, Oscar, then he can cause arbitrary images to be authenticated with this same but unknown key. We show that the number of such images needed by Oscar to launch a successful attack is quite small, making the attack very practical. We then suggest possible solutions to enhance the security of this authentication system.",
keywords = "Image authentication, Image digest functions, Salt, SARI",
author = "Regunathan Radhakrishnan and Nasir Memon",
year = "2002",
month = "11",
doi = "10.1109/TCSVT.2002.805505",
language = "English (US)",
volume = "12",
pages = "1030--1033",
journal = "IEEE Transactions on Circuits and Systems for Video Technology",
issn = "1051-8215",
publisher = "Institute of Electrical and Electronics Engineers Inc.",
number = "11",

}

TY - JOUR

T1 - On the security of the digest function in the SARI image authentication system

AU - Radhakrishnan, Regunathan

AU - Memon, Nasir

PY - 2002/11

Y1 - 2002/11

N2 - In this paper, we investigate the image authentication system SARI, proposed by Lin and Chang, that distinguishes JPEG compression from malicious manipulations. In particular, we look at the image digest component of this system. We show that if multiple images have been authenticated with the same secret key and the digests of these images are known to an attacker, Oscar, then he can cause arbitrary images to be authenticated with this same but unknown key. We show that the number of such images needed by Oscar to launch a successful attack is quite small, making the attack very practical. We then suggest possible solutions to enhance the security of this authentication system.

AB - In this paper, we investigate the image authentication system SARI, proposed by Lin and Chang, that distinguishes JPEG compression from malicious manipulations. In particular, we look at the image digest component of this system. We show that if multiple images have been authenticated with the same secret key and the digests of these images are known to an attacker, Oscar, then he can cause arbitrary images to be authenticated with this same but unknown key. We show that the number of such images needed by Oscar to launch a successful attack is quite small, making the attack very practical. We then suggest possible solutions to enhance the security of this authentication system.

KW - Image authentication

KW - Image digest functions

KW - Salt

KW - SARI

UR - http://www.scopus.com/inward/record.url?scp=0036865504&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=0036865504&partnerID=8YFLogxK

U2 - 10.1109/TCSVT.2002.805505

DO - 10.1109/TCSVT.2002.805505

M3 - Article

AN - SCOPUS:0036865504

VL - 12

SP - 1030

EP - 1033

JO - IEEE Transactions on Circuits and Systems for Video Technology

JF - IEEE Transactions on Circuits and Systems for Video Technology

SN - 1051-8215

IS - 11

ER -