Idea of Verification

The proposed authentication signal verification method can be used to verify the integrity and fidelity of a protected XPS document. First, we use the same secret key and the same hash function as those used in Algorithm 4.1 to generate digested segments for the current text content in the protected XPS document. By extracting the superimposed authentication signals and compare them with the generated digested segments computed from the current text content of the XPS document, we can decide whether the protected XPS document has been modified or not, and point out the modified part. The process of authentication signal extraction and document verification is illustrated in Figure 4.4.

Figure 4.4 Flowchart of the proposed authentication signal extraction and XPS document verification process.

4.3.2 Proposed Algorithm

The proposed authentication signal extraction and XPS document verification process is described as an algorithm in the following.

Algorithm 4.2. Authentication signal extraction and XPS document verification.

Input: A secret key K and a hash function f both being the same as those used Algorithm 4.1; and a protected XPS document D′_.

Output: An authenticated XPS document D″_. Steps:

1. Use the same secret key K as that used in Algorithm 4.1 as an input to the hash function f, such as MD5, to generate a 64-bit digest key K′_.

2. Choose an unauthenticated text segment T in the protected XPS document D′ (with all text segments in D′ regarded as unauthenticated initially).

3. Use T as an input to the hash function f to generate a 64-bit digest T′_.

4. Compute the exclusive-OR value T′ _{⊕ K}′ to get a 64-bit encrypted text segment T″_.

5. Extract the gradient patterns p₁, p₂, …, p₁₆ which were presumably superimposed onto the text segment T.

8.2.1 Report that the text segment T has been modified.

8.2.2 Highlight the text segment T in the display of the document D′_. 9. Repeat Steps 2 through 8 until all text segments in D′ are authenticated.

10. Take the resulting D′ as an authenticated XPS document D″ with highlighted authentication result.

4.4 Security Consideration

4.4.1 Issues of Security of Proposed Method

Using the proposed method, the text content of an XPS document can be protected. As long as either the text content or the authentication signals are modified, we can detect the modification and point out which part of the text is suspicious. In addition, because we involve a secret key in the process of generating the authentication signals, it is hard to forge the authentication signals even when a malicious user knows the proposed algorithm.

However, there is still a risk that a malicious user may replace both the text and the corresponding authentication signals with a piece of other text and the corresponding authentication signals computed from the same XPS document. As a result, the XPS document is tampered with but still passes the verification process.

Certain improving security enhancement measures thus are needed. Some measures proposed in this study are described next.

4.4.2 Proposed Security Enhancement Measures

To resolve the above-mentioned problem, we may use an additional secret key to randomize the position where the authentication signals are superimposed; only when a user has this secret key can he/she find where the corresponding authentication signals of the text segments are. In this way, we can strongly protect an XPS document using the proposed data hiding method; it is nearly impossible for a malicious user to tamper with the content of the XPS document.

We may also use a third key to randomize the content of the gradient pattern encoding table (Table 4.2), so that without the key a malicious user cannot generate correct gradient patterns to be superimposed on text segments, thus being unable to create fake authentication signals to cheat.

4.5 Experimental Results

In our experiments, we created a XPS document by saving a Microsoft Office documents as an XPS document or by printing one as the same from a website using a printer named Microsoft XPS Document Writer. The content of the XPS document can be edited with an Open XML Editor and viewed by an XPS Viewer.

Two results of the experiments are illustrated as follows. Figure 4.5 is an original

XPS document. By entering a secret key, we generated authentication signals and embedded them in the XPS document. The user interface is shown in Figure 4.6. If a malicious user tries to tamper with the protected XPS document, yielding a modified document like Figure 4.7, people can verify the integrity and fidelity of it using the same secret key. The authenticated results are given in Figures 4.8 and 4.9. Figures 4.10 through 4.13 show the other result. Both results show that, using the proposed method, we can verify whether an XPS document has been tampered with or not and also detect the positions of the tampered texts.

4.6 Summary

In this chapter, a new method for authentication of the integrity and fidelity of XPS documents by a data hiding technique has been proposed. Authentication signals of the form of variable gradient patterns are generated using the text segments in an XPS document and superimposed onto the XPS document. A secret key was used also to randomize the contents of the authentication signals and the positions they are superimposed so that malicious users cannot easily forge the text content and the corresponding authentication signals. The proposed method is reliable to protect XPS documents from being tampered with, as proved by the experimental results.

Figure 4.5 The original XPS document.

Figure 4.6 A user interface used to generate authentication signals and a protected XPS document. All text segments are shown on the window.

Input file

Output file Secret key

Protected text segments

Figure 4.7 A tampered XPS document with some words modified.

Figure 4.8 User interface showing authentication result of a tampered XPS document.

The modified text segments were detected and shown in the window.

The authentication results

Figure 4.9 The XPS document with authenticated result (with modified text segments detected and marked as red).

Figure 4.10 The original XPS document printed from a website.

Figure 4.11 A tampered version of XPS document of Figure 4.10 with some words modified.

Figure 4.12 User interface showing authentication result of the tampered XPS document shown in Figure 4.11. The modified text segments were detected and shown in the window.

Figure 4.13 The XPS document with authenticated results (with the fake text segments being detected and marked as red).

The authentication results

Chapter 5

Steganography by Width-Adjustable Invisible ASCII Codes in XPS

Documents

5.1 Introduction

Steganography is a technique which has been used for thousand years to hide a message in a way that does not arouse people’s notice of the existence of the message.

An example of ancient steganography is to use invisible inks to hide a message between lines of articles, letters, etc. The steganography technique used in computer science has been developed only for about twenty years. Because messages hidden in digital files by steganography attract less attention than by cryptography especially on the Internet, researchers pay great attention to the steganography technique.

In this chapter, we describe the proposed data hiding technique which can be applied on XPS documents for steganography. The problem definition and the major idea of the proposed method are described in Section 5.1. Then, the data embedding and extraction processes are proposed in detail in Section 5.2. Some security enhancement measures for the proposed method are given additionally in Section 5.3.

Experimental results showing the feasibility of the method are illustrated in Section 5.4. Finally, a brief summary is given in the last section of this chapter.

5.1.1 Problem Definition

In Chapter 3, we proposed a data hiding method for covert communication

utilizing images in XPS documents as secret channels. However, an XPS document sometimes does not contain any image in it and texts are actually the major part in an XPS document. Thus, the aim in this chapter is to utilize texts in XPS documents efficiently to as a cover channel for data hiding. It is hoped that the secret message can be embedded into XPS documents imperceptibly.

5.1.2 Major Idea of Proposed Method by Adjusting Advance-widths of Specific ASCII Codes

The new proposed data hiding method for steganography uses a certain property of the XPS document format we found through some experiments. The major idea is described in the following.

In the XPS specification, the <Glyph> element is used to create text segments.

Figure 5.1(b) shows three text segments which are described by the XML markup with a set of attributes, such as color, font type, font size, position, text string, etc, as shown in Figure 5.1(a). Note that, in the <Glyph> element, both the Indices and UnicodeString attributes can represent a text segment. According to the XPS specification [16], the Indices attribute specifies “a series of glyph indices and their attributes used for rendering the glyphs”. The UnicodeString attribute is typically represented by “a single UTF-16 code unit and has a single corresponding glyph representation in the font”. Accordingly, the Indices attribute is optional. Only when there is no one-to-one mapping between the code units and the glyph indices should the Indices attribute be specified. We take advantage of this feature to design a data hiding method. More detailed usage will explain later.

(a)

(b)

Figure 5.1 An example of XPS documents with text segments. (a) The XML markup describing several text segments. (b) The corresponding result of (a) displayed in an XPS Viewer.

It is mentioned in the XPS specification that “within the Indices attribute, each glyph specification is separated by a semicolon,” and that “the Indices attribute must adhere to the glyph specification syntax.” For example, the simplest syntax to represent a glyph is like: GlyphIndex, AdvanceWidth, where the GlyphIndex entry is the index of the glyph in the font and the AdvanceWidth entry “indicates placement for the subsequent glyph, relative to the origin of the current glyph”. Figure 5.2 (a) is

<Glyphs Fill="#ff000000" FontUri="/Documents/1/Resources/Fonts/Fonts1.odttf"

UnicodeString="An example of text segments " />

<Glyphs Fill="#ff000000" FontUri="/Documents/1/Resources/Fonts/ Fonts2.odttf"

an example using both the Indices and UnicodeString attributes to display the text segment. The Indices attribute specifies the index of each glyph and its advance width in addition. As mentioned previously, the Indices attribute in this example actually is optional because the text string has been specified by UnicodeString attribute. Thus, we can display the text segment without specifying the index and only specify the advance width when desired, as illustrated in Figure 5.2 (b).

Based on the above findings, we can insert some ASCII space codes or control codes between words and specify the advance width to be zero so that those codes are invisible and do not occupy any space when displaying an XPS document. Figure 5.2(c) shows an example hiding so-called null spaces into the text segment. By experiments conducted in this study, it was found that only four ASCII codes, 09, 0A, 0D, and 20, are acceptable in the UnicodeString attribute without generating errors.

Indices="36;71;89;68; 81;70;72,55;3;58,95;76;71;87;75" attributes to specify. (a) An example of specifying complete indices and the

Unicode string. (b) An example only specifying the Unicode string and the advance width when desired. (c) An example of hiding white spaces by adjusting the advance width. The display is the same as (a).

In conclusion, the above-mentioned property of the XPS document format is good for use toward the aim of steganography. Specifically, a secret message can so be encoded and hidden between words invisibly by using these specific ASCII codes and modifying the advance width.

5.2 Data Embedding and Extraction Processes

In this section, detailed embedding and extraction algorithms of the proposed data hiding method for steganography are described. The embedding process is illustrated by Figure 5.3. First of all, the secret message is randomized by using a user-defined secret key. Next, the random message is separated into several pairs of bits which are then transformed according to an encoding table (Table 5.1) into the corresponding ASCII codes (one of 09, 0A, 0D, and 20). After that, we insert these ACSII codes between words in the UnicodeString attribute of every text segment and set the parameters of the Indices attribute with zero advance width. Finally, we get a stego-XPS document with the secret message embedded in it. The proposed method yields stego-documents with appearances arousing no visual notice from people.

Table 5.1 ASCII codes encoding table.

Figure 5.3 Flowchart of the proposed data embedding process.

When a person wants to extract the secret message from the stego-XPS document, he/she must have the same secret key as used in the proposed embedding process. The extraction process is similar to the embedding process but conducted in a reverse order, as illustrated in Figure 5.4. A sequence of ASCII codes (one of 09, 0A, 0D, and 20) with zero advance widths are extracted from each text segment. Then, these ASCII codes are transformed into the corresponding bit pairs (one of 00, 01, 10, and 11). After concatenating all these bit pairs and reordering them using the same secret key, we get the original secret message correctly.

5.2.1 Proposed Algorithm for Data Embedding

The proposed data embedding process is described as an algorithm in the following. At the beginning of this algorithm, we calculate the number of bits of an input secret message and the number of text segments in a cover XPS document so that we can estimate how many bits we need to embed into each text segment. We

insert specific ASCII codes (one of 09, 0A, 0D, and 20) which are invisible. Also, we modify the advance width of those ASCII codes to make them not occupying any space in the displayed stego-XPS document.

Figure 5.4 Flowchart of the proposed data extraction process.

Algorithm 5.1. Data embedding for steganography.

Input: A secret message S in binary form, a cover XPS document D, and an input secret key K.

Output: A stego-XPS document D′_. Steps.

1. Count the number l of bits in the message S and the number n of text segments in the cover document D.

2. Compute m = 

 n l

2 to get the number of bit pairs to be embedded into each text segment.

3. Use the secret key K as a seed to generate a sequence Q of random numbers.

4. Randomize the bits of the input secret message S with the random numbers Q to

get a randomized message S′_. UnicodeString attribute. If the number of words is smaller than m, insert the rest of the bit pairs at the end of the string.

8. Insert an parameter “,0;” into the corresponding positions in the Indices attribute with the parameter meaning that the advance width is zero and the glyph index is not specified.

9. Repeat Steps 7 and 8 until all ASCII codes c₁, c₂, …, c_k are embedded.

10. Recompress D with modified text segments in the XML file to get a stego-XPS document D′_.

For example, suppose that we want to hide a message 0011 into a text segment (“I love you”) in an XPS document. The original text segment is specified as given in Figure 5.5(a). First, we encode 00, 11 to become ASCII codes 09, 20 and insert them between words in the UnicodeString attribute, as shown in Figure 5.5(b). Then, set the parameters into the corresponding positions of the Indices attribute, as shown in Figure 5.5(c). As a result, we hide the message into the text segment successfully.

Indices="47;3;367;381;448;286,49;3;455,44;381;437,52"

UnicodeString="I love you"

(a)

Indices="47;3;367;381;448;286,49;3;455,44;381;437,52"

UnicodeString="I love you"

(b)

Indices="47;3;,0;367;381;448;286,49;3; ,0;455,44;381;437,52"

UnicodeString="I love you"

(c)

Figure 5.5 An example using the proposed algorithm to hide the secret. (a) An original description of a text segment. (b) Inserting ASCII codes between words. (c) Inserting parameters into the corresponding positions in the Indices attribute.

The display is the same as (a).

5.2.2 Proposed Algorithm for Data Extraction

The proposed data extraction process conducted in a reverse order of the embedding process is described as an algorithm in the following.

Algorithm 5.2. Data extraction for steganography. each text segment in the document D′ where the advance width of each ci is zero.

2. Transform c1, c2, …, ck, into a sequence of corresponding bit pairs s1, s2, …, sk

(one of 00, 01, 10, and 11).

3. Concatenate s₁, s₂, …, s_k into a string S′_.

4. Use the secret key K to reorder S′ to get the result as the desired secret message S.

5.3 Security Consideration

5.3.1 Issues of Security of Proposed Method

In this study, the secret key used in the proposed method described above is assigned by the user to protect the secret message embedded in an XPS document.

Only the user who creates the stego-XPS document and other people this user wants to share the secret with will know the secret key. Thus, even a malicious user knows the proposed algorithm; the secret message still cannot successfully be extracted without the correct secret key. However, a malicious user may disturb the secret by inserting or replacing some ASCII codes embedded in a stego-XPS document. As a result, people who have the right secret key will extract a message but they cannot determine whether the message is reliable or not. To prevent this situation, some measures are proposed in the next section.

5.3.2 Proposed Security Enhancement Measures

To prevent malicious users from disturbing a stego-XPS document, we can duplicate the embedded codes and determine the positions where these codes are to be embedded by the secret key. When extracting the secret message, we can compare all the duplicated sequence of ASCII codes and determine the correct message by voting.

Therefore, even part of the secret messages has been replaced; we still can extract the secret message correctly.

Moreover, the authentication process we proposed in Chapter 4 can be used to protect not only the contents of XPS document but also the contents of the secret message. We can transform the secret message into the corresponding gradient patterns as authentication signals and superimpose them on the XPS document. The

positions where these gradient patterns are superimposed can be determined by the user key. As a result, people can verify whether the secret message has been tampered with or not by extracting the current secret message, transforming it into gradient patterns, and comparing them with the authentication signals.

5.4 Experimental Results

In our experiments, we created an XPS document by saving a Microsoft Office documents as an XPS document. The content of the XPS document can be edited with an Open XML Editor and viewed by an XPS Viewer.

The results of an experiment conducted by us are illustrated as follows. An original XPS document as a cover media is given in Figure 5.6. The user interface to embed data for steganography is shown in Figure 5.7. We embedded a secret message with a secret key into the cover XPS document, resulting in a stego-XPS document as shown in Figure 5.8. The secret message has been encoded and hidden between the text segments of the XPS document. The difference between the original XPS document and the stego-XPS document in appearance aroused no notice from any observer. By using the same secret key as used in the embedded process, the correct secret message can be extracted, as shown in Figure 5.9. On the other hand, if a person extracts the secret using a wrong secret key, the result of the extracted message is incorrect, as illustrated in Figure 5.10. Figures 5.11 through 5.15 show another experimental result. Both results show that, using the proposed method, we can hide information secretly and imperceptibly.

5.5 Summary

In this chapter, a new data hiding technique via XPS documents for hiding secret

messages among texts by adjusting the advance widths of specific ASCII codes is proposed for steganography. An advantage of steganography is its imperceptibility which conceals the behavior of secret hiding so that the risk for the secret to be detected by malicious users decreases. The proposed method utilizes the feature of the Indices and UnicodeString attributes in the XPS format so that the secret message hidden between words are invisible from the appearance. Some security enhancement measures proposed in this study can protect the secret from being disturbed by a

messages among texts by adjusting the advance widths of specific ASCII codes is proposed for steganography. An advantage of steganography is its imperceptibility which conceals the behavior of secret hiding so that the risk for the secret to be detected by malicious users decreases. The proposed method utilizes the feature of the Indices and UnicodeString attributes in the XPS format so that the secret message hidden between words are invisible from the appearance. Some security enhancement measures proposed in this study can protect the secret from being disturbed by a

在文檔中 在XPS文件上做資訊隱藏之新研究 (頁 47-0)