TAMPERPROOF QUESTION PAPERS-AN APPLICATION USING VISUAL CRYPTOGRAPHY SCHEMES

Similar documents
Public-key Cryptography: Theory and Practice

A NOVEL SECURED BOOLEAN BASED SECRET IMAGE SHARING SCHEME

Secret Image Sharing Scheme Based on a Boolean Operation

Zero private information leak using multi-level security and privileged access for designated authorities on demand

CPSC 467: Cryptography and Computer Security

A NovelQR-Code Authentication Protocol Using Visual Cryptography for Secure Communications

Network Security Issues and Cryptography

A Modified Approach for Kerberos Authentication Protocol with Secret Image by using Visual Cryptography

DISCLOSURE PROTECTION OF SENSITIVE ATTRIBUTES IN COLLABORATIVE DATA MINING V. Uma Rani *1, Dr. M. Sreenivasa Rao *2, V. Theresa Vinayasheela *3

Privacy: Whose Information Is It?

Distributed Systems. Lecture 14: Security. Distributed Systems 1

Distributed Systems. Lecture 14: Security. 5 March,

Reversible Data Hiding in Encrypted Images with Private Key Cryptography

Design and Performance Evaluation of Boolean based Secret Image Sharing Scheme

Basic Concepts and Definitions. CSC/ECE 574 Computer and Network Security. Outline

IBM i Version 7.2. Security Digital Certificate Manager IBM

IMPROVED ALGORITHM FOR VISUAL CRYPTOGRAPHY USING REGION INCREMENTATION

Use of Visual Cryptography and Neural Networks to Enhance Security in Image Steganography

CSE 3461/5461: Introduction to Computer Networking and Internet Technologies. Network Security. Presentation L

IBM. Security Digital Certificate Manager. IBM i 7.1

Research Article Improvements in Geometry-Based Secret Image Sharing Approach with Steganography

Lecture 1 Applied Cryptography (Part 1)

A New Symmetric Key Algorithm for Modern Cryptography Rupesh Kumar 1 Sanjay Patel 2 Purushottam Patel 3 Rakesh Patel 4

CSCI 454/554 Computer and Network Security. Topic 2. Introduction to Cryptography

Security Digital Certificate Manager

CS682 Advanced Security Topics

Outline. Cryptography. Encryption/Decryption. Basic Concepts and Definitions. Cryptography vs. Steganography. Cryptography: the art of secret writing

SPECIAL ISSUE, PAPER ID: IJDCST-09 ISSN

Biometrics. Overview of Authentication

NYDFS Cybersecurity Regulations

E-Voting System based on Mobile using NIC and SIM

A Novel Model for Encryption of Telugu Text Using Visual Cryptography Scheme

E-guide CISSP Prep: 4 Steps to Achieve Your Certification

The Research on PGP Private Key Ring Cracking and Its Application

Princess Nora Bint Abdulrahman University College of computer and information sciences Networks department Networks Security (NET 536)

Chapter 3: User Authentication

BioTechnology. An Indian Journal FULL PAPER. Trade Science Inc. Study on secure data storage based on cloud computing ABSTRACT KEYWORDS

A Survey on Secure Sharing In Cloud Computing

No Country for Old Security Compliance in the Cloud. Joel Sloss, CDSA Board of Directors May 2017

Maria Hishikawa MSIX Technical Lead Sarah Storms MSIX Contractor Security

Governance Ideas Exchange

Secret Sharing. See: Shamir, How to Share a Secret, CACM, Vol. 22, No. 11, November 1979, pp c Eli Biham - June 2, Secret Sharing

Sharing Several Secrets based on Lagrange s Interpolation formula and Cipher Feedback Mode

Computers and Security

Encryption and Forensics/Data Hiding

Hill Cipher with Parallel Processing Involving Column, Row Shuffling, Permutation and Iteration on Plaintext and Key

Authentication & Authorization

CS475 Network and Information Security

HY-457 Information Systems Security

ANALYSIS OF AES ENCRYPTION WITH ECC

Department of Computer Science and Engineering. CSE 3482 Introduction to Computer Security. Instructor: N. Vlajic Date: Mar 1, 2017

Course 832 EC-Council Computer Hacking Forensic Investigator (CHFI)

A New Approach to Authenticate Images in Different Datasets Using a Lossless Image Watermarking Technique

arxiv:cs/ v2 [cs.cr] 27 Aug 2006

The Comparative Study on Visual Cryptography and Random Grid Cryptography

A Secure Network Access Protocol (SNAP)

ICT 6541 Applied Cryptography Lecture 8 Entity Authentication/Identification

PRODUCT AUTHENTICATION USING QR-CODE THROUGH CLOUD

THIRD PARTY AUDITING FOR SECURE DATA STORAGE IN CLOUD THROUGH DIGITAL SIGNATURE USING RSA

CompTIA Cybersecurity Analyst+

The exam registration is performed by the primary level user [Lecturer/ Course advisor].

MULTI - KEYWORD RANKED SEARCH OVER ENCRYPTED DATA SUPPORTING SYNONYM QUERY

Principles of Information Security, Fourth Edition. Chapter 8 Cryptography

n Learn about the Security+ exam n Learn basic terminology and the basic approaches n Implement security configuration parameters on network

Visual Cryptography Scheme for Colored Image using XOR with Random Key Generation

Public Key Cryptography and RSA

Cryptography Basics. IT443 Network Security Administration Slides courtesy of Bo Sheng

9/30/2016. Cryptography Basics. Outline. Encryption/Decryption. Cryptanalysis. Caesar Cipher. Mono-Alphabetic Ciphers

Privacy-Enhancing Technologies & Applications to ehealth. Dr. Anja Lehmann IBM Research Zurich

Encryption / decryption system. Fig.1. Block diagram of Hummingbird

Implementation of IRIS recognition for Securing Online Payment

Meaningful Shadows for Image Secret Sharing with Steganography and Authentication Techniques

lifeid Foundation FAQ v.1

2.1 Basic Cryptography Concepts

Three Level Authentication for Student Attendance Management System

Lecture Note 6 KEY MANAGEMENT. Sourav Mukhopadhyay

Full file at

General Data Protection Regulation policy (exams) 2018/19

COCHIN UNIVERSITY OF SCIENCE AND TECHNOLOGY

General Data Protection Regulation policy 2017/18

INCOMMON FEDERATION: PARTICIPANT OPERATIONAL PRACTICES

Frequently Asked Questions

Guide to cyber security/cip specifications and requirements for suppliers. September 2016

When Recognition Matters WHITEPAPER CLFE CERTIFIED LEAD FORENSIC EXAMINER.

Plaintext (P) + F. Ciphertext (T)

Security issues: Encryption algorithms. Threats Methods of attack. Secret-key Public-key Hybrid protocols. CS550: Distributed OS.

The challenges of the NIS directive from the viewpoint of the Vienna Hospital Association

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 11 Basic Cryptography

Cryptanalysis. Ed Crowley

DataTraveler 5000 (DT5000) and DataTraveler 6000 (DT6000) Ultimate Security in a USB Flash Drive. Submitted by SPYRUS, Inc.

ScienceDirect. A Secure and Light Weight Authentication Service in Hadoop using One Time Pad

HIPAA COMPLIANCE AND DATA PROTECTION Page 1

Threat analysis. Tuomas Aura CS-C3130 Information security. Aalto University, autumn 2017

A Combined Encryption Compression Scheme Using Chaotic Maps

Provisional Translation

Wireless Network Security Spring 2011

Cryptography ThreeB. Ed Crowley. Fall 08

Security Technologies for Dynamic Collaboration

CS 470 Spring Security. Mike Lam, Professor. a.k.a. Why on earth do Alice and Bob need to talk so much?!? Content taken from the following:

National Institute of Information and Communications Technology. Cybersecurity Laboratory Security Fundamentals Laboratory Planning Office

Transcription:

Chapter 5 TAMPERPROOF QUESTION PAPERS-AN APPLICATION USING VISUAL CRYPTOGRAPHY SCHEMES 5.1 Introduction This chapter explains new applications of tamperproof preparation and transmissions of online question papers using visual cryptography schemes. The present method of conducting various competitive examinations like UPSC exams, IIT-JEE, UGC-NET, GATE, MAT etc. and also regular school and university examinations is by using printed question papers. These types of question papers can be easily leaked out or tampered with and we often hear of such incidents and subsequent cancellation of examinations. This causes loss of money and time and also creates political and social embarrassment. The genuine students and candidates become upset and are put under pressure. The Kerala SSLC Examination 2005, All India Medical Entrance Examination 2005 and AIEEE 2011 are examples. Nowadays, people are very conscious and concerned about their education and in our system the ability of an individual is assessed through examinations. So the reliability and security of question papers is of paramount importance to ensure educational and social justice. This chapter discuss the security of

Chapter-5 question papers and suggest a new technique for preparing tamperproof e-question papers. The technique is perfectly secure using visual cryptographic techniques and is also very easy to implement. The secure transmission of fingerprint images with the help of visual cryptography schemes is included in this chapter. This technique provides a very secure way to encrypt and decrypt fingerprint images without any complex computations. 5.2 The Tamperproof Question Paper 1 The presented Tamperproof Question Paper (TQP) provides a very secure way to hide a question paper in different shares. In this application, the question paper is broken up into n pieces, which individually yield no information about the question paper. These pieces of the question paper, called shares or shadows, may then be distributed among a group of n participants/dealers. By combining any k of these shares the question paper can be recovered, but combining less than k of them will not reveal any information about the question paper. In this method, the reconstruction of the question paper is based on XOR operation. This will enable one to obtain back a perfect question paper completely true to the original. 1 Thomas Monoth and Babu Anto P, Tamperproof Question Papers Using Visual Cryptography, Proc. of the 19 th Kerala Science Congress, Kannur, Kerala, pp.929-930, 2007. (KSCSTE, Govt. of Kerala). 156 Department of Information Technology, Kannur University

Tamperproof Question papers-an Application using Visual Cryptography Schemes The schematic diagram for preparation and transmission of tamperproof question papers using visual cryptography is shown below: Figure 5.1 The implementation model for TQP using VCS The question papers are normally set up by a trusted authority who computes all the shares (unintelligent pieces of the question papers) and distributes them to participants via secure channels. The trusted authority who sets up the scheme is called a dealer. The participants hold their shares until some of them have to pool together their shares and recreate the question papers. The recovery of the question papers is done by the combiner who on behalf of the cooperating group compute the question papers. The combiner is successful only if the cooperating group has at least k members. The medium is used to transmit shares from the dealer to participants and participants to the combiner. It may be secure communication channels, email or direct handing over to participants/combiner using any portable devices (CD/DVD/Pen drive etc.). Department of Information Technology, Kannur University 157

Chapter-5 The major attractions of this application are: The scheme is perfectly secure and very easy to implement. Very low computational complexity. The devices required are also very economical. 5.2.1 General Phases of the TQP The basic idea for the method is to divide a question paper (QP) according to a given access structure. The access structure of a given scheme is the collection of authorized subsets of shareholders/participants that are allowed to reconstruct the QP. The QP is divided into a number of shares (S 1 to S n ) such that only pre-specified subsets of Si s are eligible to rebuild the QP. Thus, the proposed method will have three phases: 1. QP shares building phase 2. QP shares distribution phase 3. QP reconstruction phase The details of the three phases are given below. 5.2.2 QP Shares Building Phase During this phase, a trusted entity, usually called the share builder/dealer, is supplied with the required input to produce a share for each shareholder/participant (See Figure 5.2). It requires the following information: 1. The QP: usually the question paper is represented as a binary image. 158 Department of Information Technology, Kannur University

Tamperproof Question papers-an Application using Visual Cryptography Schemes 2. The trusted participants (shareholders): the people/machines that will be given shares of the QP to keep. 3. The qualified subsets (access structure): A qualified subset is a subset of the shareholders that is able to rebuild the QP. The Question Paper (QP) Number of Participants (Pn) Qualified Subsets (Qs) QP Pn Qs Shares Builder S 1. S n Figure 5.2 The Schematic representation of shares builder phase Based on the qualified subsets, the share-builder will produce one share for each participant. In some schemes giving more than one share to a higher privileged participant is suggested. Department of Information Technology, Kannur University 159

Chapter-5 5.2.3 QP Shares Distribution Phase In the shares distribution phase, the shares produced in the first phase are delivered to the participants (see Figure 5.3). Usually secure channels are used for communication between share-builder and participants. Participant 4 (P 4 ) Participant 3 (P 3 ) Participant 5 (P 5 ) Shares Builder Participant 6 (P 6 ).... Participant 2 (P 2 ) Participant 1 (P 1 ) Participant n (P n ) Figure 5.3 The Schematic diagram for shares distributing phase 5.2.4 QP Reconstruction Phase In the shares reconstruction phase, a qualified subset of participants (any k participants) will pool their shares with a trusted entity, usually called QP builder, to reconstruct the QP (Figure 5.4). Reconstructing the QP needs to be secure and hence the required shares should be submitted to the QP builder over secure channels to insure privacy. 160 Department of Information Technology, Kannur University

Tamperproof Question papers-an Application using Visual Cryptography Schemes Participant 3 (P 3 ).. Participant 2 (P 2 ) QP Builder Participant k (P k ) Participant 1 (P 1 ) Figure 5.4 The schematic diagrams for QP reconstruction phase 5.2.5 The Execution of Different Phases of the TQP The executions of different phases of TQP are explained with the help of the University examination system. The execution of TQP system is shown in figure 5.5. In this system, the Controller of Examinations (CE) of the University is the share builder/dealer. The Principal/Head of examination centers and external examiner posted by the University are the participants. The CE is responsible for the generation and distribution of shares to the participants via a secure medium. The CE generates two shares from the QP by using 2-out-of-2 visual cryptography scheme. Then the first share is sent to the Center Head (CH) and the second share is sent to the External Examiner (EE) via Department of Information Technology, Kannur University 161

Chapter-5 a secure medium. If there are more than one centres of examination, this process will be repeated for each centre. In this case, the CE generates two separate sets of shares for each examination centre. The same sets of shares will not be used for more than one center, which will affect the security of the QP. On the day of examination, the CH and EE pool their shares to reconstruct the QP. That is: QP = Share1 Share2 where the symbol represents XOR operation. Share 1 and share 2 are kept by CH and EE respectively. The representation for the TQP model is shown below: 162 Department of Information Technology, Kannur University

Tamperproof Question papers-an Application using Visual Cryptography Schemes Figure 5.5 The execution of TQP model Department of Information Technology, Kannur University 163

Chapter-5 From the figure 5.5, we can see that the QP can be reconstructed by CH and EE in their respective center only. Even if EE of one centre and CH of another centre pool their shares, it will not reveal any information about the QP. Similarly EE of two different centers are also unable to reconstruct the QP. If the shares kept by EE or CH are lost or damaged, the CE can generate two new shares and send them to CH and EE via a secure channel. Therefore, this model provides perfect security and reliability. 5.2.6 Experimental Result For the experiment, the QP considered is a binary image file. To perform the encryption process, the QP is encrypted into two shares so that the original image is visible only when the two shares are overlaid using XOR operation. The Figure 5.6 depicts the encryption and decryption processes of the QP using VCS based on XOR operation. 164 Department of Information Technology, Kannur University

Tamperproof Question papers-an Application using Visual Cryptography Schemes Figure 5.6a Copy of actual question paper (Sample) Department of Information Technology, Kannur University 165

Chapter-5 Figure 5.6b Share 1 166 Department of Information Technology, Kannur University

Tamperproof Question papers-an Application using Visual Cryptography Schemes Figure5.6c Share 2 Department of Information Technology, Kannur University 167

Chapter-5 Figure 5.6d Decrypted QP using VCS with XOR operation 168 Department of Information Technology, Kannur University

Tamperproof Question papers-an Application using Visual Cryptography Schemes 5.3 Fingerprints and Visual Cryptography 2 A fingerprint has its own distinctiveness and this property has been used for personal identification for several years. Fingerprint identification is based on two basic premises: Persistence: the basic characteristics of fingerprints do not change with time. Individuality: everybody has a unique fingerprint. Fingerprint can be used in one of two modes: the identification mode, in which the identity of an unknown user is determined, and the verification mode, in which a claimed identity is either accepted or rejected. Fingerprints are applied in many high end applications with governments, defense and airport security being major customers. However, there are some areas in which fingerprints are increasingly being used in commercial and administrative applications, namely, network/pc login security, web page security, employee recognition, time and attendance systems, voting etc. The fingerprint systems also enhance user convenience by alleviating the need to design and remember passwords. Fingerprint information is being stored and transmitted increasingly using computer systems and networks everyday. Therefore secure and reliable transmission of fingerprint has great importance. 2 Thomas Monoth and Babu Anto P, Tamperproof Transmission of Fingerprints Using Visual Cryptography Schemes, Journal of Procedia Computer Science, Vol. 2, pp. 143-148, 2010. (Elsevier). Department of Information Technology, Kannur University 169

Chapter-5 Visual cryptography provides a secure way to transmit fingerprint image without any computational complexity. In this method the fingerprint image is combined with visual cryptography; the resulting cipher will become very hard to break, because it uses two different security techniques. Figure 5.7 A diagrammatic description for fingerprint and VCS system In this system the fingerprint image is encrypted into ciphertext (C) by using visual cryptography schemes. The ciphertext (C) is a collection of shares which individually yield no information about the fingerprint image. In many cases, multiple encryptions do not strengthen the cipher and hence it is a waste of time; but in this case, it strengthens the cipher considerably. This type of cryptosystem easily overcomes any type of attacks. 5.3.1 Experimental Result Experiments were conducted using 2-out-of-2 VCS. In this experiment, consider the fingerprint in binary image format. In the encryption process, the fingerprint image files are encrypted into two shares so that the original image is revealed only by stacking the two shares using XOR operation. The Figure 5.8 depicts the experimental results. 170 Department of Information Technology, Kannur University

Tamperproof Question papers-an Application using Visual Cryptography Schemes Figure 5.8a Fingerprint Image Figure 5.8b Share 1 Figure 5.8c Share 2 Figure 5.8d Decrypted fingerprint image using XOR operation The scheme is perfectly secure and very easy to implement. To decode the encrypted information, i.e., to get the original information back, the shares are stacked and the fingerprint image pops out. The major advantage of this method is that the decryption process (fingerprint reconstruction phase) does not require any complex algorithm and computations. Department of Information Technology, Kannur University 171

Chapter-5 5.4 Conclusion The application of 2-out-of-2 VCS has been demonstrated and explained here using a simple example. Variations of this method are also possible to various needs. Very sensitive and strategically important information is being stored and transmitted increasingly using computer systems and networks everyday. This revolution, however, has brought with it new threats and computer crimes as evidenced by the increasing number of computer attacks and break-ins. Therefore, there is a great need to keep information in a secure and reliable manner. This method also leaves open the scope for future expansions, which address emerging examination needs and security requirements, especially in the context of the ever-increasing applicability and relevance of online learning programs and examinations. The fingerprint has direct application in individual identity verification and security requirements for e-documents, because online fingerprint transactions and applications are increasing in all areas of exchange in geometric proportions. 172 Department of Information Technology, Kannur University

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback