Visual cryptography

Visual cryptography is a cryptographic technique whichallows visual information (pictures, text, etc.) to be en-crypted in such a way that decryption becomes a mechan-ical operation that does not require a computer.One of the best-known techniques has been credited toMoni Naor and Adi Shamir, who developed it in 1994.[1]They demonstrated a visual secret sharing scheme, wherean image was broken up into n shares so that only some-one with all n shares could decrypt the image, while any n− 1 shares revealed no information about the original im-age. Each share was printed on a separate transparency,and decryption was performed by overlaying the shares.When all n shares were overlaid, the original image wouldappear. There are several generalizations of the basicscheme including k-out-of-n visual cryptography.[2][3]

Using a similar idea, transparencies can be used to imple-ment a one-time pad encryption, where one transparencyis a shared random pad, and another transparency acts asthe ciphertext. Normally, there is an expansion of spacerequirement in visual cryptography. But if one of the twoshares is structured recursively, the efficiency of visualcryptography can be increased to 100%.[4]

Some antecedents of visual cryptography are in patentsfrom the 1960s.[5][6] Other antecedents are in the workon perception and secure communication.[7][8]

Visual cryptography can be used to protect biometrictemplates in which decryption does not require any com-plex computations.[9]

1 Example

A demonstration of visual cryptography. When two same-sizedimages of apparently random black-and-white pixels are super-imposed, the Wikipedia logo appears.

In this example, the image has been split into two compo-nent images. Each component image has a pair of pixelsfor every pixel in the original image. These pixel pairs areshaded black or white according to the following rule: ifthe original image pixel was black, the pixel pairs in thecomponent images must be complementary; randomly

shade one ■□, and the other □■. When these comple-mentary pairs are overlapped, they will appear dark gray.On the other hand, if the original image pixel was white,the pixel pairs in the component images must match: both■□ or both □■. When these matching pairs are over-lapped, they will appear light gray.So, when the two component images are superimposed,the original image appears. However, considered by it-self, a component image reveals no information about theoriginal image; it is indistinguishable from a random pat-tern of ■□ / □■ pairs. Moreover, if you have one com-ponent image, you can use the shading rules above to pro-duce a counterfeit component image that combines withit to produce any image at all.

2 (2, N) Visual CryptographySharing Case

Sharing a secret with an arbitrary number of people Nsuch that at least 2 of them are required to decode the se-cret is one form of the visual secret sharing scheme pre-sented by Moni Naor and Adi Shamir in 1994. In thisscheme we have a secret image which is encoded into Nshares printed on transparencies. The shares appear ran-dom and contain no decipherable information about theunderlying secret image, however if any 2 of the sharesare stacked on top of one another the secret image be-comes decipherable by the human eye.Every pixel from the secret image is encoded into mul-tiple subpixels in each share image using a matrix to de-termine the color of the pixels. In the (2,N) case a whitepixel in the secret image is encoded using a matrix fromthe following set, where each row gives the subpixel pat-tern for one of the components:{all permutations of the columns of} :

C0 =

1 0 ... 01 0 ... 0...1 0 ... 0

.While a black pixel in the secret image is encoded usinga matrix from the following set:{all permutations of the columns of} :

C1 =

1 0 ... 00 1 ... 0...0 0 ... 1

.1

2 7 REFERENCES

For instance in the (2,2) sharing case (the secret is splitinto 2 shares and both shares are required to decode thesecret) we use complementary matrices to share a blackpixel and identical matrices to share a white pixel. Stack-ing the shares we have all the subpixels associated withthe black pixel now black while 50% of the subpixels as-sociated with the white pixel remain white.

3 Cheating the (2,N) Visual SecretSharing Scheme

Horng et al. proposed a method that allows N − 1 collud-ing parties to cheat an honest party in visual cryptography.They take advantage of knowing the underlying distribu-tion of the pixels in the shares to create new shares thatcombine with existing shares to form a new secret mes-sage of the cheaters choosing.[10]

We know that 2 shares are enough to decode the secretimage using the human visual system. But examining twoshares also gives some information about the 3rd share.For instance, colluding participants may examine theirshares to determine when they both have black pixels anduse that information to determine that another participantwill also have a black pixel in that location. Knowingwhere black pixels exist in another party’s share allowsthem to create a new share that will combine with the pre-dicted share to form a new secret message. In this way aset of colluding parties that have enough shares to accessthe secret code can cheat other honest parties.

4 Simple Algorithm

There is a simple algorithm for binary (black and white)visual cryptography that creates 2 encrypted images froman original unencrypted image. The algorithm is as fol-lows: First create an image of random pixels the samesize and shape as the original image. Next, create a sec-ond image the same size and shape as the first, but where apixel of the original image is the same as the correspond-ing pixel in the first encrypted image, set the same pixel ofthe second encrypted image to the opposite color. Wherea pixel of the original image is different than the corre-sponding pixel in the first encrypted image, set the samepixel of the second encrypted image to the same color asthe corresponding pixel of the first encrypted image. Thetwo apparently random images can now be combined us-ing an exclusive-or (XOR) to re-create the original image.

5 In Popular Culture

• In the Prisoner episode Do Not Forsake Me Oh MyDarling the protagonist uses a visual cryptographyoverlay of multiple transparencies to reveal a secret

message- the location of a scientist friend who hadgone into hiding.

• In the 1997 film Con Air U.S. Marshall VinceLarkin finds in prisoner Cyrus “The Virus” Gris-som’s cell a letter in Spanish and an image of LastSupper with the eyes removed. After Larkin placesthe image over the letter, the letters C-A-R-S-O-N-C-I-T-Y appear, noting that Grissom will conspirewith a fellow prisoner in Carson City, Nevada.

6 External links• Python implementation of Visual Cryptography

• Visual Cryptography on Cipher Machines & Cryp-tology

• Doug Stinson’s visual cryptography page

7 References[1] Naor, M. and A. Shamir. Visual cryptography, Advances

in cryptology. Eurocrypt ’94 Proceeding LNCS, 950:1–12, 1995.

[2] Verheul, E.R. and H.C.A.van Tilborg. Constructions andproperties of k out of n visual secret sharing schemes. De-sign Codes and Cryptography, 11(2):179–196, 1997.

[3] Ateniese, G., C. Blundo, A. De Santis, and D. R. Stinson.Extended capabilities for visual cryptography. TheoreticalComputer Science, 250:143–161, 2001.

[4] Gnanaguruparan, M. and Kak, S. Recursive hiding of se-crets in visual cryptography. Cryptologia, vol. 26, pp.68-76, 2002.

[5] Cook, Richard C. (1960) Cryptographic process and en-ciphered product, United States patent 4,682,954.

[6] Carlson, Carl O. (1961) Information encoding and decod-ing method, United States patent 3,279,095.

[7] Kafri, O. and E. Keren. Encryption of pictures and shapesby random grids. Optics Letters, Vol. 12, Issue 6, pp.377–379 (1987)

[8] Arazi, B., I. Dinstein, O. Kafri. Intuition, perception, andsecure communication. IEEE Transactions on Systems,Man and Cybernetics. Vol. 19, Issue 5, pp. 1016–1020(1989)

[9] Askari, Nazanin; Moloney, Cecilia; Heys, Howard M.(November 2011). “Application of Visual Cryptographyto Biometric Authentication”. NECEC 2011. Retrieved12 February 2015.

[10] Horng, G, Chen, T. and Tasi, D.S. Cheating in VisualCryptography, Designs, Codes and Cryptography, 2006,pp219–236

3

8 Text and image sources, contributors, and licenses

8.1 Text• Visual cryptography Source: https://en.wikipedia.org/wiki/Visual_cryptography?oldid=683278022 Contributors: Imran, Andrew-man327, Mushroom, Giftlite, DavidCary, Matt Crypto, Vina, Blokhead, Bobo192, Andrewbadr, Drdefcom~enwiki, Oleg Alexandrov,Leeyc0, NawlinWiki, Sgeiger, Lunatim, OrphanBot, Dr. Crash, TwelveBaud, CmdrObot, WinBot, Magioladitis, JamesBWatson, Useight,TreasuryTag, Ocsenave, YonaBot, PixelBot, Johnuniq, XLinkBot, Zide, MystBot, Addbot, Lightbot, Yobot, Materialscientist, Crzer07,DARTH SIDIOUS 2, Quondum, MOAI12, Mikhail Ryazanov, ClueBot NG, Anupamkundu3, Agodbout, JYBot, Caspervk, Ashikali1607,Noyster, Mfb, M.mousaei, Gauntman1, Piyush chavare and Anonymous: 41

8.2 Images• File:Visual_crypto_animation_demo.gif Source: https://upload.wikimedia.org/wikipedia/commons/0/0e/Visual_crypto_animation_demo.gif License: Public domain Contributors: Transfered from en.wikipedia Original artist: Original uploader was Blokhead aten.wikipedia

8.3 Content license• Creative Commons Attribution-Share Alike 3.0