Abstract: Many image authentication systems in the DCT domain rely on the two invariant properties of the JPEG compres sion algorithm, which were found out by Lin and Chang. Based on these two assumptions, the authors of these authentication systems utilize that lossy JPEG compres sion to a pre-defined quality factor always yields the same relationships of coefficients, which can be used to gen erate image content dependent signature information. In this paper, we prove that this commonly used signature generation for an authentication purpose is not secure. If someone is intended to replace this signature generation by a cryptographically secure hash-based one, then the JPEG properties really have to be invariant. We show that a considerable amount of bit fluctuations can occur caused by rounding and clipping errors due to JPEG compres sion, which have to be taken into account. The statement of the invariants of the JPEG compression does not hold always. We determine the distribution of coefficient fluctuations and suggest using an extended secure hash based signature generation in conjunction with error correction coding to overcome these fluctuations.

  author       = {Mathias Schlauweg and Torsten Palfner and Dima Pr\"{o}frock and Erika M\"{u}ller},
  url          = {http://www.int.uni-rostock.de/uploads/media/cnis05_01.pdf},
  booktitle    = {Proc. of IASTED Int. Conference on Communication, Network and Information Security},
  volume       = {499},
  year         = {2005},
  title        = {The {Achilles'} heel of {JPEG-based} image authentication},
  pages        = {1--6},