New attacks on SARI image authentication system
نویسندگان
چکیده
The image authentication system SARI proposed by Lin and Chang passes JPEG compression and rejects other malicious manipulations. Some vulnerabilities of the system have been reported recently. In this paper, we propose two new attacks that can compromise the SARI system. The first attack is called a histogram attack which modifies DCT coefficients yet maintains the same relationship between any two DCT coefficients and the same mean values of DCT coefficients. Such a modified image can pass the SARI authentication system. The second attack is an oracle attack which uses an oracle to efficiently find the secret pairs used by SARI in its signature generation. A single image plus an oracle is needed to launch the oracle attack. Fixes to thwart the proposed attacks are also proposed in this paper.
منابع مشابه
HMAC-Based Authentication Protocol: Attacks and Improvements
As a response to a growing interest in RFID systems such as Internet of Things technology along with satisfying the security of these networks, proposing secure authentication protocols are indispensable part of the system design. Hence, authentication protocols to increase security and privacy in RFID applications have gained much attention in the literature. In this study, security and privac...
متن کاملSecurity Analysis of Lightweight Authentication Scheme with Key Agreement using Wireless Sensor Network for Agricultural Monitoring System
Wireless sensor networks have many applications in the real world and have been developed in various environments. But the limitations of these networks, including the limitations on the energy and processing power of the sensors, have posed many challenges to researchers. One of the major challenges is the security of these networks, and in particular the issue of authentication in the wireles...
متن کاملOn the security of the SARI image authentication system
In this paper we investigate the image authentication system SARI, proposed by C.Y. Lin and S.F. Chang [1], that distinguishes JPEG compression from malicious manipulations. In particular, we look at the image digest component of this system. We show that if multiple images have been authenticated with the same secret key and the digests of these images are known to an attacker, Oscar, then he ...
متن کاملGame-Based Cryptanalysis of a Lightweight CRC-Based Authentication Protocol for EPC Tags
The term "Internet of Things (IoT)" expresses a huge network of smart and connected objects which can interact with other devices without our interposition. Radio frequency identification (RFID) is a great technology and an interesting candidate to provide communications for IoT networks, but numerous security and privacy issues need to be considered. In this paper, we analyze the security and ...
متن کاملCompressed Image Hashing using Minimum Magnitude CSLBP
Image hashing allows compression, enhancement or other signal processing operations on digital images which are usually acceptable manipulations. Whereas, cryptographic hash functions are very sensitive to even single bit changes in image. Image hashing is a sum of important quality features in quantized form. In this paper, we proposed a novel image hashing algorithm for authentication which i...
متن کامل