1. Introduction

Optical and digital techniques for information security have been widely investigated in the past two decades [1–28]. Among them, the classical double random phase encoding (DRPE) [4] may be one of the most widespread optical security techniques, which has recently been integrated with photon-counting imaging for information authentication [10]. In the amplitude-based photon-counting DRPE method, the primary amplitude image is encoded into a sparse complex-valued distribution by applying the photon-counting imaging technique [11, 12] to the double-random-phase encoded image. Photon-counting imaging has also been applied to the primary image prior to its encryption [13] and optically encoded quick response (QR) codes [14]. If the input amplitude image is digitally converted into a full phase function, fewer photons could be required for authentication [15]. Sparse data randomly extracted from double-random-phase encoded images can also be used for verification in the subsequent proposals including multiple-image authentication [16], sparse phase information authentication [17] and phase-modulated optical system [18].

On the one hand, a low sparsity of the encrypted data (Sparsity here is defined as the percentage of zero components in the representation of encrypted data) would be required for grayscale image authentication using those approaches that mainly focus on binary image authentication. On the other hand, complex holographic schemes, however, are usually required to record complex-valued encrypted images used for producing sparse data for verification in almost all of those recently proposed DRPE-based authentication methods [10, 13–17]. Ptychography [19], aperture-key encoding [20] and single-path beam-propagation-based imaging [21, 22] were recently integrated with DRPE technique to reduce the complexity of optical setup for image encryption. With these methods, the primary image can be digitally retrieved from one or several diffraction intensity patterns. It is worth mentioning that the phase retrieval algorithm that comprises two iterative cycles could be used to recover the input grayscale image from single diffraction pattern [22]. In fact, these phase retrieval algorithms also provide us a way to approximately retrieve the phase distribution in the output plane which is required for decryption. Therefore, it is possible for an encryption and authentication system to be designed without using interferometric optical path.

In this paper, we first extend the information authentication approach using sparse double-random-phase encrypted images from Fourier domain into the Fresnel domain, and then propose a new approach by integrating a median-filtering-based phase retrieval algorithm and DRPE. These two optical information encryption and authentication methods in Fresnel domain are first investigated for the purpose of comparison. To further improve the security and data sparsity of the authentication system, a novel information authentication system based on compressed double-random-phase-encoded images and QR codes is developed, where the parameters of optical lightwave are used as keys for optical decryption and the QR code is a key for verification. During the optical encryption process, an input image attached with a QR code is first encoded in a lensless DRPE scheme without using optical interferometric setup. A compressed double-random-phase encrypted image, i.e., sparse representation of a phase distribution, is generated by integrating the DRPE technique and iterative phase retrieval algorithm. Only the intensity of the encrypted data is requested, and, from this intensity pattern, a compressed double-random-phase-encoded image, i.e., the sparse phase distribution used for optical decryption, is generated by using iterative phase retrieval technique with QR code. The decrypted image is unrecognizable but can be authenticated by using QR code.

2. Fresnel domain information authentication based on the classical DRPE with holographic technique

In this section, we extend the DRPE-based information authentication method [10] from Fourier domain into the Fresnel domain, which makes the system more flexible and more compact. In the lensless DRPE optical setup [5, 7], the primary image to encoded is first multiplied by a random phase mask (RPM) $r_1$, and then Fresnel transformed with distance $d_1$. After that, the resultant complex-valued distribution is modified by another different RPM, $r_2$, and Fresnel transformed again with another distance $d_2$. Let the real and positive function $f(x,y)$ be the primary image. Let $(x,y)$, $(x^{\prime },y^{\prime })$and $(x^{″},y^{″})$ denote the coordinates of the RPM $r_1$, RPM $r_2$, and the output plane, respectively. The final complex-valued encrypted data are retrieved by using digital holographic techniques, which could be written as

In the Fourier domain information authentication [10], a sparse encrypted distribution is produced by applying optical photon-counting imaging approach to the complex-valued encrypted data and then used for decryption and authentication. However, amplitude component of the optically encrypted data is not necessarily required for authentication. Only a compressed phase distribution is used to complete the task [17].

Similarly, only phase part of the complex-valued distribution $\psi (x^{″},y^{″})$, which can be given by $\varphi (x^{″},y^{″})=\psi (x^{″},y^{″})/\left|\psi (x^{″},y^{″})\right|$, is used in this method. A sparse phase function, ${\varphi }_{sp}(x^{″},y^{″})$, can be generated by randomly extracting pixels from $\varphi (x^{″},y^{″})$. During the optical decryption process, the sparse encrypted data are illuminated by plane wave with the wavelength $\lambda$ and propagate back to the object plane. Provided that the original image is described by a real and positive function, an intensity-sensitive device such as a CCD camera can be used to retrieve the decrypted image

A normalized grayscale image as shown in Fig. 1(a) is used as the primary image for illustration. Phase distributions of the lensless double-random-phase encrypted image $\psi (x^{″},y^{″})$ can be depicted in Fig. 1(b), where the corresponding illumination wavelength and propagation distances used in encryption process are set as $\lambda =632.8nm$, $d_1=50cm$ and $d_2=30cm$, respectively.

 

Fig. 1 (a) Primary image $f(x,y)$ with $256\times 256$ pixels size; (b) phase distribution of function $\varphi (x^{″},y^{″})$.

Download Full Size | PDF

Three sparse encrypted images corresponding to 7%, 11% and 15% of the encrypted image pixel size are generated for authentication, whose phase distributions are shown in Figs. 2(a)-2(c), respectively. The decrypted results from the above-mentioned three sparse encrypted images are illustrated in Figs. 2(d)-2(f). It is impossible to visually identity these input images. But if the number of the extracted pixels in ${\varphi }_{sp}(x^{″},y^{″})$ continues to increase, the corresponding decrypted image, $f_{sp}(x,y)$, would become recognizable.

 

Fig. 2 Phase distribution of sparse encrypted data ${\varphi }_{sp}(x^{″},y^{″})$ corresponding to (a) 7%; (b) 11%; (c) 15% of the pixel size of image $\varphi (x^{″},y^{″})$; (d), (e), (f) are the decrypted results corresponding to (a), (b) and (c), respectively.

Download Full Size | PDF

To authenticate the retrieved signal $f_{sp}(x,y)$, we compare it with the original image, $f(x,y)$, used as the reference, by nonlinear correlation. In this paper, the authentication method is described as follows [17, 18]:

The correlation outputs with $\omega =0.3$ corresponding to the decrypted images shown in Figs. 2(d)-2(f) are respectively depicted in Figs. 3(a)-3(c). It can be seen from Fig. 3(a) that when the percentage of the extracted pixels is not high enough, the correlation distribution may has a serious noisy background without a correlation peak. It is obvious that a higher percentage of extracted pixels could result in a smoother background and a sharper and higher correlation peak. As shown in Fig. 3(c), a remarkable correlation peak can be achieved in a lower-level noisy environment by using the input image decrypted from the sparse distribution with 15% of extracted pixels. It is important to note that ensuring security is a premise in information authentication, which means a sharp correlation peak must be obtained from an unrecognizable decrypted image.

 

Fig. 3 Correlation outputs with $\omega =0.3$ corresponding to the decrypted data demonstrated in Figs. 2(d)-2(f), respectively.

Download Full Size | PDF

3. Information authentication based on DRPE and phase retrieval algorithm

We have given a description with a brief discussion of the lensless-DRPE-based information authentication scheme in Sec. 2. In this section, a phase retrieval algorithm is combined with the optical DRPE to reduce the complexity of optical setup, where only the intensity of the encrypted data needs to be recorded during optical encryption. From the amplitude distribution, $\left|\psi (x^{″},y^{″})\right|$, which is reconstructed from the recorded intensity data, the phase distribution in the output plane could be approximately retrieved based on the recently proposed phase retrieval algorithm where two cycles are involved [22]. In our proposal, the iterative phase retrieval algorithm is modified to obtain the phase distribution in the output plane of DRPE scheme, where the iteration process proceeds as follows:

To sum up, a flowchart of the iterative phase retrieval algorithm is depicted in Fig. 4.

 

Fig. 4 Flowchart of the iterative process for the second method.

Download Full Size | PDF

To illustrate the iterative process, relations between CC and the number of iterations for the two iteration cycles are depicted in Fig. 5, where the two random phase masks, illumination wavelength and propagation distances are the same as those used in the first set of experiments. It should be mentioned that we perform median filtering of the matrix $\left|{T^{\prime }}_m(x,y)\right|$ using 3-by-3 neighborhood in our simulations. As can be seen from Fig. 5(a), only 4 iterations for the first cycle to approach the CC value of 0.98. The CC value increases rapidly during the first ten iterations but then reaches a plateau at 0.9836. The second iteration procedure stops after 50 iterations as shown in Fig. 5(b). Figure 5(c) demonstrates the finally retrieved phase function by using $M=30$ and $N=50$. By using the proposed phase retrieval algorithm, we can recover the phase distribution in the output plane, which must be recorded holographically in previously proposed encoding and authentication systems.

 

Fig. 5 Relations between CC and the number of iterations for (a) the first cycle and (b) the second cycle; (c) Phase distribution of function $p(x^{″},y^{″})$ corresponding to $M=30$ and $N=50$.

Download Full Size | PDF

In this method, the encrypted data assigned to authorized user, $p_{sp}(x^{″},y^{″})$, are randomly extracted from the phase function $p(x^{″},y^{″})$[Fig. 5(c)]. By substituting $p_{sp}(x^{″},y^{″})$ for ${\varphi }_{sp}(x^{″},y^{″})$ in Eq. (3), the optically decrypted image intended for verification, ${f^{\prime }}_{sp}(x,y)$, is obtained. To authenticate the retrieved signal ${f^{\prime }}_{sp}(x,y)$, likewise, we compare it with the original primary image, $f(x,y)$, by nonlinear correlation described by Eq. (4). For simplicity, let us use three sparse encrypted images for decryption and authentication with the same percentages of extracted pixels as those in the first set of examples, i.e., 7%, 11%, and 15%. Their corresponding decrypted images are shown in Figs. 6(a)-6(c), and the correlation outputs in Figs. 6(d)-6(f), respectively. It can be found that the results are very similar to those obtained in the first method where holographic technique involved. As can be seen from Fig. 6(f), a sharper correlation peak with a relatively low-level noisy distribution background can be obtained by using the decrypted image shown in Fig. 6(c).

 

Fig. 6 Decrypted image corresponding to the sparse phase function with (a) 7%; (b) 11%; (c) 15% of the pixel size of $p(x^{″},y^{″})$. (d), (e), and (f) are correlation outputs with $\omega =0.3$ corresponding to the decrypted data demonstrated in (a)-(c), respectively.

Download Full Size | PDF

4. Information authentication using compressed double-random-phase-encoded images and quick-response codes

It has been proved in previous section that the complexity of the Fresnel domain optical information encryption and authentication scheme can be reduced by using a phase retrieval algorithm based on two-dimensional median filtering without decreasing performance on authentication. In the following, QR codes with the main features of small printout size, advanced error correcting and high speed scanning are combined with the optical DRPE technique to further improve the security of the authentication system and the sparsity of the encrypted data. QR code is the trademark for a two-dimensional code first designed for vehicle industry. The code consists of black modules arranged in a square pattern on a white background. It allows user friendly access, readout with mobile devices and has been one of the most popular types of two-dimensional barcodes. In 2013, QR codes began to appear in the field of optical encryption [24]. The purposes of convenience and practicability can be achieved when the plaintext is represented with a QR code, which is used as a “container” [25–28].

In our proposal, the QR code represented by function $Q(x,y)$ is used as an information “container” for the verification key and a special aperture, which is attached by the primary image $f(x,y)$ in the DRPE scheme. Thus, the intensity distribution recorded by a CCD camera in the output plane can be given by

It can be seen from Eq. (14) that a different QR code aperture results in a different encrypted distribution. There exists a number of software and online QR code generators to create the QR codes. Figure 7(a) shows the input text information and its respective QR codes used in encryption process is shown in Fig. 7(b). In return, the text can be obtained by scanning the QR code with a Smartphone. By using the same parameters of the optical lightwave used in above experiments, the optically encrypted intensity pattern recorded by a CCD camera is shown in Fig. 7(c).

 

Fig. 7 (a) Input text information and (b) its respective QR code. (c) Optically encrypted intensity pattern, $I(x^{″},y^{″})$.

Download Full Size | PDF

In this approach, a private sparse phase key is used for decryption and authentication, which can be produced by using an iterative phase retrieval algorithm where the two random phase masks, $r_1(x,y)$ and $r_2(x^{\prime },y^{\prime })$, the QR code $Q(x,y)$, and the square root of intensity pattern, $\sqrt{I(x^{″},y^{″})}$, are taken as four constraints. The iterative process can be described as follows:

The flowchart of the iterative process for phase retrieval is demonstrated in Fig. 8. Figure 9(a) shows the relations between CC and the number of iterations, where the CC curve reaches its maximum, 1, after 27 iterations. The finally retrieved phase function from the single intensity pattern shown in Fig. 7(c) is depicted in Fig. 9(b), corresponding to the number of iterations, $K=50$.

 

Fig. 8 Flow chart of the iterative process for the third method.

Download Full Size | PDF

 

Fig. 9 (a)Relations between CC and the number of iterations; (b) phase distribution of function $q(x^{″},y^{″})$ corresponding to the iteration number, $K=50$.

Download Full Size | PDF

The sparse encrypted data assigned to authorized user, $q_{sp}(x^{″},y^{″})$, are generated from the function $q(x^{″},y^{″})$. By substituting $q_{sp}(x^{″},y^{″})$ for ${\varphi }_{sp}(x^{″},y^{″})$ in Eq. (3), the optically decrypted image is obtained and can be written as

As shown in Fig. 10, two sparse encrypted phase distributions with 6% and 7.5% of extracted pixels with respect to the original encrypted image pixel size of $q(x^{″},y^{″})$ are used for decryption and authentication. Their respective decrypted images are demonstrated in Figs. 10(c) and 10(d), respectively, which are noise-like, and visually unrecognizable.

 

Fig. 10 Sparse encrypted images respectively corresponding to (a) 6% and (b) 7.5% of the pixel size of $q(x^{″},y^{″})$. (c) and (d) are optically decoded images corresponding to the decrypted data shown in (a) and (b), respectively.

Download Full Size | PDF

To authenticate the retrieved signal ${f^{″}}_{sp}(x,y)$, we compare it with the product of the original primary image, $f(x,y)$, and the QR code, $Q(x,y)$, by nonlinear correlation described by Eq. (4) where function $c(\mu ,\nu )$ is now given by

Figure 11 depicts the correlation outputs with $\omega =0.3$ corresponding to the sparse encrypted distributions shown in Figs. 10(c) and 10(d), respectively. Compared with the other two methods mentioned above, more sparsity can be expected for a successful authentication by using this new proposal. As shown in Fig. 11(a), a sharp and high correlation peak can be obtained when the sparse encrypted image with 6% of the extracted pixels. While in the previous proposed methods, no remarkable correlation peak could be observed in the correlation outputs when the sparse encrypted images with 7% of the encrypted image pixel size are used for authentication, as shown in Fig. 3(a) and Fig. 6(d). It also can be found from Fig. 11(b) that the properties of the correlation output with respect to the sparse encrypted distribution with 7.5% of the pixel size of $q(x^{″},y^{″})$, are excel than those of the two outputs shown in Fig. 3(c) and Fig. 6(f), which are respectively obtained by using the sparse distributions with 15% of the pixel sizes of their original encrypted data. Specifically, the correlation peak shown in Fig. 11(b) is sharper and higher and the distribution background is smoother. That is to say, it is possible for the DRPE-based encryption and authentication system to yield improved performance with a more data sparsity.

 

Fig. 11 Correlation outputs with $\omega =0.3$ corresponding to the sparse encrypted distributions with (a) 6% and (b) 7.5% of the pixel size of $q(x^{″},y^{″})$.

Download Full Size | PDF

Evaluation of the correlation outputs can be implemented by using peak-to-correlation (PCE) [10, 28]. The PCE parameter, defined as the ratio between the maximum intensity peak value and the total energy of the output plane, usually indicates the sharpness and height of the output correlation peak. The PCE curves versus the sparsity obtained with the above-mentioned methods are demonstrated in Fig. 12, where the same nonlinearity $\omega =0.3$ has been used in all of the authentication processes. Figure 12 clearly shows that the third authentication approach based on compressed phase function and QR code can achieve better performance than the other two methods proposed in this paper. The PCE curve obtained with the third method implies that it is possible to authenticate the signal retrieved from encrypted phase data with more sparsity.

 

Fig. 12 Relation between PCE value and sparsity in different methods with the same nonlinearity ($\omega =0.3$).

Download Full Size | PDF

The authentication results with wrong geometric parameters is shown Fig. 13, from which we can find that when the security key is wrong during optical decryption, only the noisy nonlinear correlation distributions can be achieved without any remarkable correlation peak.

 

Fig. 13 The correlation outputs with $\omega =0.3$ for the case that a wrong parameter used for authentication. (a) $\lambda =642.8nm(\Delta \lambda =10nm)$; (b) $z_1=51cm(\Delta z_1=1cm)$; (c) $z_2=31cm(\Delta z_2=1cm)$.

Download Full Size | PDF

In this proposal, the QR codes are different for each primary input image to be encrypted and each QR code needs to be sent to a user, together with its corresponding sparse encrypted phase distribution. The impact of the QR codes on the system performance on authentication is further investigated. Let us take the authentication for Fig. 10(b) for example. In Fig. 14(a) we present another input message to be typed in the software and in Fig. 14(b) the corresponding QR code, which is different from the QR code [Fig. 7(b)] used in the encryption. When the QR code shown in Fig. 14(b) is used for verification of the sparse encrypted phase distribution shown in Fig. 10(b), the correlation output is demonstrated in Fig. 14(c). The nonlinear correlation output without using any QR code is shown in Fig. 14(d). It can be seen from Figs. 14(c) and 14(d), when the security key, i.e., the exact QR code used for encrypting, is wrong during verification, only noisy correlation distributions without remarkable correlation peak could be obtained.

 

Fig. 14 (a) Representation of another input message and (b) its respective QR code. The correlation outputs (c) with QR code shown in (b); (d) without using any QR code.

Download Full Size | PDF

To test discrimination capability of the proposed algorithm, a different grayscale image, $g(x,y)$ [Fig. 15(a)], is first multiplied with QR code and then encrypted by using Eq. (14). The QR code used for encrypting image $g(x,y)$ is generated from the input text message shown in Fig. 15(b) and illustrated in Fig. 15(c). Likewise, a sparse encrypted phase distribution ${q^{\prime }}_{sp}(x,y)$ can be generated from the retrieved phase determined by Eq. (18) where the preset number of iterations is also set as $K=50$ in this set of experiments, and from this distribution that has 5% of the retrieved image pixel size, a decrypted image, $g_{sp}(x,y)$ [Fig. 15(e)], can be obtained and used for authentication. By using the correct QR code [Fig. 15(c)], the correlation output with $\omega =0.3$ corresponding to the sparse encrypted distribution [Fig. 15(d)] is shown in Fig. 15(f), which proves, once again, the effectiveness of proposed algorithm.

 

Fig. 15 (a) Image $g(x,y)$; (b) representation of another input message and (c) its respective QR code. (d) Sparse encrypted phase distribution ${q^{\prime }}_{sp}(x,y)$; (e) decrypted image $g_{sp}(x,y)$; (f) correlation output with $\omega =0.3$.

Download Full Size | PDF

In the following, the sparse encrypted phase distribution ${q^{\prime }}_{sp}(x,y)$ is used to test discrimination capability of the proposed algorithm. When the signal $g_{sp}(x,y)$ retrieved from ${q^{\prime }}_{sp}(x,y)$ is compared with the product of the original primary image, $f(x,y)$, and the QR code shown in Fig. 15(c), the resultant correlation output with $\omega =0.3$ is demonstrated in Fig. 16(a) where no remarkable correlation peak can be observed but noisy distribution. If the intruder uses the sparse data ${q^{\prime }}_{sp}(x,y)$ and the QR code that corresponds to the primary image $f(x,y)$ for decryption and authentication, the resultant correlation output by comparing the retrieved signal $g_{sp}(x,y)$ with the product of the original primary image, $f(x,y)$, and the QR code shown in Fig. 7 (b) is illustrated in Fig. 16(b).

 

Fig. 16 The correlation outputs using another sparse function ${q^{\prime }}_{sp}(x,y)$, together with (a) the QR code shown in Fig. 15 (c); (d) the QR code shown in Fig. 7 (b);

Download Full Size | PDF

These experiment results demonstrate that, one the one hand, by using the correct QR code, it is entirely feasible to authenticate the information decoded from the sparse encrypted phase function that has more sparsity [Fig. 11 and Fig. 15(f)], and, on the other hand, it is possible for the system to discriminate it from other similar images [Fig. 16].

5. Conclusions

In this paper, we have described several Fresnel domain information authentication algorithms and compared their performance. We first extend the DRPE-based information authentication method from Fourier domain into the Fresnel domain. To make the system more flexible, we then present the second encryption and authentication method by integrating a median-filtering-based phase retrieval algorithm with DRPE. At last, a new information authentication system based on compressed double-random-phase-encoded images and QR codes is developed without using optical interferometric setup. Results have shown that the last proposal greatly improves the security and data sparsity of the authentication system.