SHA-256 of the recovered image will be compared with the extracted watermark for authentication. Keywordsâ DICOM, image authenticity and integrity,.
1 of 4
Reversible watermarking for authentication of DICOM images J. M. Zain, L.P Baldwin, M. Clarke Department of Information Systems and Computing, Brunel University, Uxbridge UB8 3PH, United Kingdom
Abstract—We propose a watermarking scheme that can recover the original image from the watermarked one. The purpose is to verify the integrity and authenticity of DICOM images. We used 800x600x8 bits ultrasound (US) images in our experiment. SHA-256 of the whole image is embedded in the least significant bits of the RONI (Region of Non-Interest). If the image has not been altered, the watermark will be extracted and the original image will be recovered. SHA-256 of the recovered image will be compared with the extracted watermark for authentication. Keywords— DICOM, image authenticity and integrity, watermarking.
I. INTRODUCTION Modern health care infrastructure is based on digital information management. The digital imaging and communication in medicine (DICOM) standard facilitates the communication of digital image information regardless of device manufacturer. It is usual that a medical image is diagnosed before storing the image in the long-term storage, so the significant part of the image is already determined [1]. The significant part is called ROI (Region of Interest). Although the recent advancement in information and communication technologies provide new means to access, handle and move medical images, they also allow easy manipulation and replication [2]. It is common view that there is an urgent need of security measures in medical information system. Digital watermarking can imperceptibly embeds messages without changing image size or format. When applied for medical images, the watermarked image can still conform to the DICOM format [3]. Some researchers already apply watermarking technique for medical data. Zhou et al present a watermarking method for verifying authenticity and integrity of digital mammography image [4]. They used digital envelope as watermark and the least significant bits (LSB) of one random pixel of the mammogram is replaced by one bit of the digital envelope bit stream. Instead of the whole image data, only partial image data, i.e. the most significant bits (MSB) of each pixel is used for verifying integrity. Other researchers adapt digital watermarking for interleaving patient information with medical images to reduce storage and transmission overheads [5]. Again, the LSB of image pixels are replaced for embedding. Chao et al propose a discrete cosine transform (DCT) based data-hiding technique that is capable of hiding those EPR related data into a marked image [6].
The information is embedded in the quantized DCT coefficients. The drawback of the above watermarking approaches is that the original medical image is distorted in a non-invertible manner. Therefore it is impossible for watermark decoder to recover the original image. A reversible watermarking scheme involves inserting a watermark into the original image in an invertible manner in that when the watermark was later extracted, the original image can be recovered completely [7-10]. Research has also been done in the area of reversible watermarking in medical images. Trichili et al proposes an image virtual border as the watermarking area [11]. Patient data is then embedded in the LSBs of the border. Guo and Zhuang present a scheme where the digital signature of the whole image and patient information is embedded [3]. Cao et al extend their work on digital envelope and embed their DE by making a random walk sequence and replace LSB of each selected pixel [12]. In this paper, we propose a lossless watermarking scheme being capable of verifying authenticity and integrity of DICOM images. Besides that the original image can be exactly recovered at the receiver site, the whole image’s integrity can be strictly verified. In Section II, we present our watermarking scheme, including data embedding, extracting and verifying procedure. In Section III, experimental results are provided to demonstrate that such scheme can embed large payload while keeping distortion level very low. In Section IV, conclusions are made with some remarks. II. METHODOLOGY Fig. 2 describes a general methodology and principles as listed below: At sender site 1) Define Area: This will define the ROI where the smallest rectangle is obtained. The size of the rectangle is the same for all US images. The case will be different for other image modalities. Fig. 1 shows a US image with a rectangle defining ROI.
2 of 4
Fig. 1 ROI is defined inside the rectangle
2) SHA-256: Compute the hash value for the whole image. SHA-256 has the characteristics of a oneway hash function. It is easy to generate a hash given an image, but virtually impossible to generate the image given a hash value. SHA-256 as its name suggests give out a 256-bit hash value. 3) Embed: This will embed the hash value to the RONI in their LSB. LSB is chosen because of its vulnerability to attack that makes it a perfect candidate for verifying authenticity and integrity of an image. The exact location where the hash value is watermarked is not important in this paper because the image quality does not depends on where the watermark is embedded, but how many pixels have been changed. In our experiment, we determine the area within RONI. At receiver site: Fig. 2. Watermarking System
1) Extract watermark: At the receiver end, the watermark is extracted by visiting the back to the watermarking area and read the LSB value. 2) Flipping: The beauty of US images and all other medical images is that the LSB for all pixels in the RONI are zeroes. The ‘flipping’ function is not literally means that. This function resets the corresponding LSBs back to zero. 3) SHA-256: In theory, the extracted image is the same pixel by pixel as the original image. Applying SHA-256 to the extracted image will give the same hash value to the one produced by the original image. 4) Authentication: This can be achieved by comparing the extracted hash values with the hash of the extracted image. If they are the same, then the image is authentic and that it has not been tampered with (integrity).
III. RESULTS The following results are an example obtained from one 800x600x8 bits US image. Table 1 shows the high capacity of LSB watermarking. We used peak signal to noise ratio (PSNR) to measure the distortion of the image. Although our threshold for quality is set at 32dB, we also include the results for PSNR at 27.4 dB to show the imperceptibility of the watermark. Fig. 3 shows the watermarked image with payload of 270kb and 550kb respectively where our human visual system could not spot the difference between the two. TABLE I CAPACITY AND PSNR FOR 800X600 US IMAGE Capacity (kb)
PSNR (dB)
270 430 475 510 550
249.6 51.5 42.9 31.7 27.4
3 of 4
(a)
(b) Fig. 4 a) Image histogram of original image b) image histogram of fig. 3(b)
(a)
(b) Fig. 3 a) watermarked image with 270 kb payload b) watermarked image with 550 kb payload (b)
(c)
(a)
Fig. 5 a) original 800 x 600 US image b) Watermarked image with hash value of the original image “fcc29cbb8ea81be407cdd93e0326bf2bb68dca3d7872c9b6a033a98 1e184f989”, embedded in the image. PSNR= 1.366x107 c) the recovered image. The computed hash value, “fcc29cbb8ea81be407cdd93e0326bf2bb68dca3d7872c9b6a033a98 1e184f989”, is identical to that of the original one, no single bit of information is altered.
4 of 4 Fig. 4 shows the image histogram of the original image and the image histogram of a watermarked image with 570kb payload. The histogram clearly shows the dramatic increase in the pixels with values 1 and 3, but keep the remaining pixels exactly the same. Fig. 5 shows the result of watermarking the hash value of the original image. The original image can exactly be recovered, this can be verified by comparing the recovered image with the original pixel by pixel, or by comparing the embedded hash value with that computed from the recovered image. IV. CONCLUSION Watermarking in medical images has a lot of potential. From the large capacity available for embedding, a lot more information can be added to the image to make it more secure. Few researchers have included patient’s data and digital signature as watermark [4, 11, 12]. Combining cryptography and compression will add security and more information to the limited capacity. The most important aspect regarding watermarking for medical image communications is that the image is still conforms to the DICOM image format after watermarking takes place. In keeping distortion level very low, we could make sure that the watermarked image can still be valuable for other purpose, such as case study in school, with the patient’s confidential information is not being disclosed. We proposed a lossless watermarking scheme being capable of verifying authenticity and integrity of DICOM images. Besides that the original image can be exactly recovered at the receiver site, the whole image’s integrity can be strictly verified. We presented our watermarking scheme, including data embedding, extracting and verifying procedure. Experimental results showed that such scheme could embed large payload while keeping distortion level very low. REFERENCES [1] A. Wakatani, "Digital Watermarking for ROI Medical Images by Using Compressed Signature Image," in 35th Annual Hawaii International Conference on System Sciences (HICSS-35'02), 2002, pp. 2043-2048. [2] G. Coatrieux, B. Sankur and H. Maitre, "Strict Integrity Control of Biomedical Images," in SPIE Conf. 4314: Security and Watermarking of Multimedia Contents III, 2001, [3] X. Guo and T. Zhuang, "A lossless watermarking scheme for enhancing security of medical data in PACS," in Medical Imaging 2003: PACS and Integrated Medical Information Systems: Design and Evaluation, Feb 18-20 2003, 2003, pp. 350-359. [4] X.Q. Zhou, H.K. Huang and S.L. Lou, "Authenticity and integrity of digital mammography images," IEEE Transactions on Medical Imaging, vol. 20, pp. 784-791, August 2001. 2001. [5] R. Acharya, D. Anand, S. Bhat and U.C. Niranjan, "Compact storage of medical images with patient information," IEEE Trans.Inf.Technol.Biomed., vol. 5, pp. 320-323, Dec. 2001. [6] H.M. Chao, C.M. Hsu and S.G. Miaou, "A data-hiding technique with authentication, integration, and confidentiality for electronic patients
records," IEEE Transactions Information Technology in Biomedicine, vol. 6, pp. 46-53, March 2002. 2002. [7] J. Fridrich, M. Goljan and R. Du, "Lossless data embedding-new paradigm in digital watermarking," Applied Signal Processing, pp. 185196, 2002. [8] J. Fridrich, M. Goljan and R. Du, "Invertible authentication," in Security and Watermarking of Multimedia Contents III, Jan 22-25 2001, 2001, pp. 197-208. [9] M.U. Celik, G. Sharma, A.M. Tekalp and E. Saber, "Reversible data hiding," 2002, pp. II-157-II-160 vol.2. [10] J. Tian, "High capacity reversible data embedding and content authentication," 2003, pp. III-517-20 vol.3. [11] H. Trichili, M. Bouhlel, N. Derbel and L. Kamoun, "A new medical image watermarking scheme for a better telediagnosis," in 2002 IEEE International Conference on Systems, Man and Cybernetics, Oct 6-9 2002, 2002, pp. 557-560. [12] F. Cao, H.K. Huang and X.Q. Zhou, "Medical image security in a HIPAA mandated PACS environment," Comput.Med.Imaging Graphics, vol. 27, pp. 185-196, 0. 2003.
