System and method for authentication of JPEG image data
First Claim
1. A system for authentication of JPEG compressed image data on multi-function equipment comprising:
- means for receiving said JPEG image data; and
a CPU and MEMORY sufficient to enable the decoding steps of;
a) deriving a hashing function from a first section of JPEG compressed image data such that any changes subsequently made to said section of data would be reflected in a different hashing function being derived therefrom and producing a first integrity checking number from said derived hashing function;
b) identifying a second section of data and decoding therefrom an embedded signature string;
c) decrypted said signature string to recover a second integrity checking number;
d) comparing said recovered second integrity checking number with said first derived integrity checking number and, if the two numbers match, then authenticating the data;
e) repeating steps A-D for each successive data sections until the very last data section is reached; and
f) at the very last data section, equating said last section of data as said second section and performing steps A-D.
3 Assignments
0 Petitions
Accused Products
Abstract
What has been disclosed is a system and method for authentication of JPEG image data prior to transmission to an intended recipient which enables the recipient to ascertain whether the received image file originated from a known identified source or whether the contents of the file have been altered in some fashion prior to receipt. In accordance to the present invention, to encode verification information a unique hashing function is derived from a first section of image data contained in the JPEG compressed image in such a way that any changes subsequently made to said first section of image data would be reflected in a different hashing function being derived therefrom. An integrity checking number is produced from the first section'"'"'s derived hashing function. The integrity checking number is subsequently encrypted into a signature string. The signature string is then embedded into a next section of the image data. The process is repeated until all sections of image data have been processed. The signature string corresponding to the very last section of data is self-embedded therein. As the embedding of a previous section'"'"'s integrity checking number is done without modifying the JPEG bit stream any JPEG decoder found in the arts can thereafter properly decode the image. The image file is then transmitted to an intended recipient. To decode the embedded verification information upon receipt of the JPEG image file by the recipient a hashing function is computed by the recipient from a first section of image data contained in the received image file. A second section of data is identified wherein the signature string for the first section of data had been embedded. The signature is then decoded from the data. The signature string is thereafter decrypted to yield the hashing function (integrity checking) number contained therein. The two numbers are then compared against each other. If the first checking number matches the number contained in retrieved signature string which had been previously embedded therein by the author then it can be ascertained that the image data for that first section is authentic. The process is repeated for each successive section of data until all the data sections of the image file have been processed.
46 Citations
9 Claims
-
1. A system for authentication of JPEG compressed image data on multi-function equipment comprising:
-
means for receiving said JPEG image data; and
a CPU and MEMORY sufficient to enable the decoding steps of;
a) deriving a hashing function from a first section of JPEG compressed image data such that any changes subsequently made to said section of data would be reflected in a different hashing function being derived therefrom and producing a first integrity checking number from said derived hashing function;
b) identifying a second section of data and decoding therefrom an embedded signature string;
c) decrypted said signature string to recover a second integrity checking number;
d) comparing said recovered second integrity checking number with said first derived integrity checking number and, if the two numbers match, then authenticating the data;
e) repeating steps A-D for each successive data sections until the very last data section is reached; and
f) at the very last data section, equating said last section of data as said second section and performing steps A-D. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
Specification