Visual Cryptography Using Binary Amplitude-Only Holograms [Invited]

Visual cryptography (VC) is developed to be a promising approach to encoding secret information using pixel expansion rules. The useful information can be directly rendered based on human vision without the usage of decryption algorithms. However, many VC schemes cannot withstand occlusion attacks. In this paper, a new VC scheme is proposed using binary amplitude-only holograms (AOHs) generated by a modified Gerchberg-Saxton algorithm (MGSA). During the encryption, a secret image is divided into a group of unrecognizable and mutually-unrelated shares, and then the generated shares are further converted to binary AOHs using the MGSA. During image extraction, binary AOHs are logically superimposed to form a stacked hologram, and then the secret image can be extracted from the stacked hologram. Different from conventional VC schemes, the proposed VC scheme converts a secret image into binary AOHs. Due to the redundancy of the generated binary AOHs, the proposed method is numerically and experimentally verified to be feasible and effective, and possesses high robustness against occlusion attacks.

CacheHawkeye: Detecting Cache Side Channel Attacks Based on Memory Events

Cache side channel attacks, as a type of cryptanalysis, seriously threaten the security of the cryptosystem. These attacks continuously monitor the memory addresses associated with the victim’s secret information, which cause frequent memory access on these addresses. This paper proposes CacheHawkeye, which uses the frequent memory access characteristic of the attacker to detect attacks. CacheHawkeye monitors memory events by CPU hardware performance counters. We proved the effectiveness of CacheHawkeye on Flush+Reload and Flush+Flush attacks. In addition, we evaluated the accuracy of CacheHawkeye under different system loads. Experiments demonstrate that CacheHawkeye not only has good accuracy but can also adapt to various system loads.

Covert Communication Scheme Based on Bitcoin Transaction Mechanism

Due to the unique characteristics of blockchain, such as decentralization, anonymity, high credibility, and nontampering, blockchain technologies have become an integral part of public data platforms and public infrastructure. The communication between the stakeholders of a given blockchain can be used as a carrier for covert communication under cover of legal transactions, which has become a promising research direction of blockchain technology. Due to the special mechanism of blockchain, some traditional blockchain covert communication schemes are not mature enough. They suffer from various drawbacks, such as weak concealment of secret information, cumbersome identification and screening of special transactions, poor availability, and low comprehensive performance. Therefore, this paper designs a scheme of covert communication in the Bitcoin blockchain, which takes normal transactions as a mask and leverages the Bitcoin transaction mechanism to embed secret information in the public key hash field. Specifically, we propose a novel key update mechanism combined with the hash algorithm to construct a covert channel. It ensures security and can update the channel to prevent the related problems caused by address reuse. We are taking advantage of the feature of Bitcoin that cannot be double-spent to solve the problem of burning bitcoin when paying bitcoin to a fake public key hash. In our scheme, both parties to the communication are anonymous, and the attacker cannot detect the covert data or track the transaction and address. Our proposed scheme was tested in real Bitcoin blockchain network, and the experimental results were analyzed to verify its security, availability, and efficiency.

Spaces on Ships

Djoeke van Netten examines the interplay between privacy and secrecy in the ships of the Dutch East India Companies (1595-1799). Space aboard a ship was scarce and privacy a rare privilege. Netten starts with a discussion of the sources available as well as those lost to history. She then continues by examining what can be known about the protection of and access to (secret) information and (private) belongings aboard ships. Cases where privacy was violated and secrets revealed emerge as some of the most informative historical events to be examined in this context. As she confronts her historical examples with relevant theoretical and historiographical concepts, she concludes by raising important questions for further research on privacy and secrecy aboard ships.

Interpretable noninterference measurement and its application to processor designs

Noninterference measurement quantifies the secret information that might leak to an adversary from what the adversary can observe and influence about the computation. Static and high-fidelity noninterference measurement has been difficult to scale to complex computations, however. This paper scales a recent framework for noninterference measurement to the open-source RISC-V BOOM core as specified in Verilog, through three key innovations: logically characterizing the core’s execution incrementally, applying specific optimizations between each cycle; permitting information to be declassified, to focus leakage measurement to only secret information that cannot be inferred from the declassified information; and interpreting leakage measurements for the analyst in terms of simple rules that characterize when leakage occurs. Case studies on cache-based side channels generally, and on specific instances including Spectre attacks, show that the resulting toolchain, called DINoMe, effectively scales to this modern processor design.

High-Capacity Image Steganography Algorithm Based on Image Style Transfer

Steganography is a technique for publicly transmitting secret information through a cover. Most of the existing steganography algorithms are based on modifying the cover image, generating a stego image that is very similar to the cover image but has different pixel values, or establishing a mapping relationship between the stego image and the secret message. Attackers will discover the existence of secret communications from these modifications or differences. In order to solve this problem, we propose a steganography algorithm ISTNet based on image style transfer, which can convert a cover image into another stego image with a completely different style. We have improved the decoder so that the secret image features can be fused with style features in a variety of sizes to improve the accuracy of secret image extraction. The algorithm has the functions of image steganography and image style transfer at the same time, and the images it generates are both stego images and stylized images. Attackers will pay more attention to the style transfer side of the algorithm, but it is difficult to find the steganography side. Experiments show that our algorithm effectively increases the steganography capacity from 0.06 bpp to 8 bpp, and the generated stylized images are not significantly different from the stylized images on the Internet.

Рrotecting confidential information in a university environment

Активное развитие глобальной экономической среды и национальных систем происходит в условиях интенсивного внедрения инновационных технологий. Интеграция высокотехнологичных электронных устройств в различные процессы на уровне стран, видов экономической деятельности, отдельных предприятий и в частном жизни населения приводит к генерации значительных объемов информации. Отдельное место в качестве источника генерирования данных занимает сеть Интернет, что служит инструментом создания, накопления и передачи информации. В указанных условиях информация выступает в виде ресурса, который можно оценить в денежной форме исходя из специфики данных и спроса среди отдельных групп пользователей. Отдельные государства пытаются завладеть секретной информации других стран, компании используют промышленный шпионаж для получения секретной информации конкурентов, во многих случаях фиксируются случаи похищения персональной информации граждан с целью получения определенной выгоды и тому подобное. Приведенная ситуация приводит к разработке национальных стратегий защиты в сфере информационной безопасности и активной разработки специализированных продуктов, позволяющих с помощью аппаратного и программного обеспечения минимизировать потерю информационных ресурсов стран, компаний, граждан и тому подобное. Рынок представленных продуктов активно развивается и имеет значительный потенциал для роста, поскольку происходит непрерывная эволюция методов, которые нацелены на незаконное завладение коммерческой и частной информации. В отдельных случаях главной целью незаконно доступа к информации является блокирование доступа к ней владельцев или полное уничтожение данных, что негативно влияет на функционирование компании в целом или отдельных систем. Исходя из международного опыта и ситуации в России, в первую очередь речь идет о хакерской атаке в 2017 г. через специализированное бухгалтерское программное обеспечение M.E.Doc, следует отметить активизацию государственных мероприятий, которые ориентированы на предотвращение незаконного нарушения информационной безопасности. Например, после хакерских атак в 2017 г. был создан Ситуационный центр обеспечения кибернетической безопасности. Специфика функционирования учебных заведений предусматривает генерирование персональной информации учащихся, студентов и педагогических работников, баз данных с учебными материалами, текущей документации и тому подобное. Для обеспечения эффективного функционирования учебных структур необходимо создать действенную систему защиты информации, которая позволит минимизировать риски потери или повреждения соответствующих данных. The active development of the global economic environment and national systems takes place in the conditions of intensive introduction of innovative technologies. The integration of high-tech electronic devices into various processes at the level of countries, types of economic activity, individual enterprises and in the private life of the population leads to the generation of significant amounts of information. A separate place as a source of data generation is occupied by the Internet, which serves as a tool for creating, accumulating and transmitting information. Under these conditions, information acts as a resource that can be evaluated in monetary form based on the specifics of the data and demand among individual user groups. Individual states are trying to seize the secret information of other countries, companies use industrial espionage to obtain the secret information of competitors, in many cases, cases of theft of personal information of citizens for the purpose of obtaining a certain benefit are recorded, and so on. This situation leads to the development of national protection strategies in the field of information security and the active development of specialized products that allow using hardware and software to minimize the loss of information resources of countries, companies, citizens, and the like. The market of the presented products is actively developing and has a significant potential for growth, since there is a continuous evolution of methods that are aimed at illegal acquisition of commercial and private information. In some cases, the main purpose of illegal access to information is to block the owners ' access to it or completely destroy the data, which negatively affects the functioning of the company as a whole or individual systems. Based on international experience and the situation in Russia, first of all, we are talking about a hacker attack in 2017 through specialized accounting software M.E.Doc it should be noted the intensification of state measures that are aimed at preventing illegal violations of information security. For example, after the hacker attacks in 2017 A Situational center for Cybernetic security was created. The specifics of the functioning of educational institutions provide for the generation of personal information of students, students and teaching staff, databases with educational materials, current documentation, and the like. To ensure the effective functioning of educational structures, it is necessary to create an effective information protection system that will minimize the risks of loss or damage to the relevant data.

Smart Home Privacy Protection Based on the Improved LSB Information Hiding

Smart home is an emerging form of the Internet of Things (IoT), enabling people to enjoy a convenient and intelligent life. The data generated by smart home devices are transmitted through the public channel, which is not secure enough, so the secret data in smart home are easily intercepted by malicious adversaries. In order to solve this problem, this paper proposes a smart home privacy protection method combining DES encryption and the improved Least Significant Bit (LSB) information hiding algorithm, changing the practice of directly exposing smart home secret information to the Internet, first, using Data Encryption Standard (DES) encryption to encrypt the smart home information and second, the improved LSB information hiding algorithm is used to hide the ciphertext, so that the adversary cannot detect the smart home secret information. The goal of the scheme is to provide a double protection for the secure transmission of the smart home secret information. If an attacker wants to carry out an attack, it has to break through at least two defense lines, which seems impossible to do. Experiment results show that the improved LSB algorithm is more robust than the existing algorithms, and it is very safe. Therefore, the scheme proposed in this paper is very practical for protecting the smart home secret information.

Secure Data Transfer Using Image Steganography

Steganography is the art of hiding the fact that communication is taking place, by hiding information in other information. Many different carrier file formats can be used, but digital images are the most popular because of their frequency on the Internet. For hiding secret information in images, there exists a large variety of steganographic techniques some are more complex than others and all of them have respective strong and weak points. Different applications have different requirements of the steganography technique used. For example, some applications may require absolute invisibility of the secret information, while others require a larger secret message to be hidden. This paper intends to give an overview of image steganography, its uses and techniques. It also attempts to identify the requirements of a good steganographic algorithm and briefly reflects on which steganographic techniques are more suitable for which applications.

Deep Multi-Image Steganography with Private Keys

In this paper, we propose deep multi-image steganography with private keys. Recently, several deep CNN-based algorithms have been proposed to hide multiple secret images in a single cover image. However, conventional methods are prone to the leakage of secret information because they do not provide access to an individual secret image and often decrypt the entire hidden information all at once. To tackle the problem, we introduce the concept of private keys for secret images. Our method conceals multiple secret images in a single cover image and generates a visually similar container image containing encrypted secret information inside. In addition, private keys corresponding to each secret image are generated simultaneously. Each private key provides access to only a single secret image while keeping the other hidden images and private keys unrevealed. In specific, our model consists of deep hiding and revealing networks. The hiding network takes a cover image and secret images as inputs and extracts high-level features of the cover image and generates private keys. After that, the extracted features and private keys are concatenated and used to generate a container image. On the other hand, the revealing network extracts high-level features of the container image and decrypts a secret image using the extracted feature and a corresponding private key. Experimental results demonstrate that the proposed algorithm effectively hides and reveals multiple secret images while achieving high security.