Document authentication using graphical codes: reliable performance analysis and channel optimization

Phan Ho, Anh Thu; Mai Hoang, Bao An; Sawaya, Wadih; Bas, Patrick

doi:10.1186/1687-417X-2014-9

Research
Open access
Published: 05 June 2014

Document authentication using graphical codes: reliable performance analysis and channel optimization

Anh Thu Phan Ho¹,
Bao An Mai Hoang²,
Wadih Sawaya¹ &
…
Patrick Bas³

EURASIP Journal on Information Security volume 2014, Article number: 9 (2014) Cite this article

3287 Accesses
19 Citations
Metrics details

Abstract

This paper proposes to investigate the impact of the channel model for authentication systems based on codes that are corrupted by a physically unclonable noise such as the one emitted by a printing process. The core of such a system for the receiver is to perform a statistical test in order to recognize and accept an original code corrupted by noise and reject any illegal copy or a counterfeit. This study highlights the fact that the probability of type I and type II errors can be better approximated, by several orders of magnitude, when using the Cramér-Chernoff theorem instead of a Gaussian approximation. The practical computation of these error probabilities is also possible using Monte Carlo simulations combined with the importance sampling method. By deriving the optimal test within a Neyman-Pearson setup, a first theoretical analysis shows that a thresholding of the received code induces a loss of performance. A second analysis proposes to find the best parameters of the channels involved in the model in order to maximize the authentication performance. This is possible not only when the opponent’s channel is identical to the legitimate channel but also when the opponent’s channel is different, leading this time to a min-max game between the two players. Finally, we evaluate the impact of an uncertainty for the receiver on the opponent channel, and we show that the authentication is still possible whenever the receiver can observe forged codes and uses them to estimate the parameters of the model.

1 Introduction

The problem of authentication of physical products such as documents, goods, drugs, and jewels is a major concern in a world of global exchanges. The World Health Organization in 2005 claimed that nearly 25% of medicines in developing countries are forgeries [1], and according to the Organization for Economic Co-operation and Development (OECD), international trade in counterfeit and pirated goods reached more than US$250 billion in 2009 [2].

1.1 Addressed problem and related works

Authentication of physical products is generally done by using the stochastic structure of either the materials that composes the product or of a printed package associated to it. Authentication can be performed for example by recording the random patterns of the fiber of a paper [3], but such a system is practically heavy to deploy since each product needs to be linked to its high-definition capture stored in a database. Another solution is to rely on the degradation induced by the interaction between the product and a physical process such as printing, marking, embossing, carving, etc. Because of both the defaults of the physical process and the stochastic nature of the matter, this interaction can be considered as a physically unclonable function (PUF) [4] that cannot be reproduced by the forger and can consequently be used to perform authentication. In [5], the authors measure the degradation of the inks within printed color tiles and use discrepancy between the statistics of the authentic and print-and-scan tiles to perform authentication. Other marking techniques can also be used; in [6], the authors propose to characterize the random profiles of laser marks on materials such as metals (the technique is called LPUF for laser-written PUF) to use them as authentication features.

We study in this paper an authentication system which uses the fact that a printing process at very high resolution can be seen as a stochastic process due to the nature of different elements such as the paper fibers, the ink heterogeneity, or the dot addressability of the printer. Such an authentication system has been proposed by Picard et al. [7, 8] and uses 2D pseudo-random binary codes that are printed at the native resolution of the printer (2,400 dpi on a standard offset printer or 812 dpi on a digital HP Indigo printer).The principle of the studied system in this paper is depicted in Figure 1:

● The original code is secretly exchanged between the legitimate source and the receiver.

● Once printed on a package to be authenticated, the degraded code will be scanned then thresholded by an opponent (the forger). It is important to note that at this stage thresholding is necessary for the opponent because the industrial printers can only print dots, e.g., binary versions of the scanned code.

● The opponent then produces a printed copy of the original code to manufacture his forgery.

● The receiver performs a test on an observed scanned code, being either the scanned version of the original printed code or the scanned version of the fake code. Using his knowledge on the original code, he establishes a statistical test in order to perform authentication.

One advantage of this system over previously cited ones is that it is easy to deploy since the authentication process needs only a scan of the graphical code under scrutiny and the seed used to generate the original one: no fingerprint database is required in this case.

The security of this system solely relies on the use of a PUF, i.e., the impossibility for the opponent to accurately estimate the original binary code. Different security analysis have already been performed with respect to (w.r.t.) this authentication system or to very similar ones. In [9], the authors have studied the impact of multiple printed observations of same graphical codes and have shown that the power of the noise due to the printing process can be reduced in this particular setup, but not completely removed due to deterministic printing artifacts. In [10], the authors use machine learning tools in order to try to infer the original code from an observation of the printed code; their study shows that the estimation accuracy can be increased without recovering perfectly the original code. In [11], the authors propose a print and scan model adapted to graphical code and derive attacks and adapted detection metrics to counter the attacks. In [12], the authors consider the security analysis in the rather similar setup of passive fingerprinting using binary fingerprints under informed attacks (the channel between the original code and the copied code is assumed to be a binary symmetric channel). They show that in this case the security increase with the code length, and they propose a practical threshold when type I error (originally detected as a forgery) and type II error (forgery detected as an original) are equal.

1.2 Notations

We denote sets by calligraphic font, e.g., , random variables (RV) ranging over these sets by the same italic capitals, e.g., X, and their outcomes in lowercase letters, e.g., x. E_X[.] denotes the expectation over X. The cardinality of the set is denoted by $| X |$ . The sequence of N variables (X₁,X₂,....,X_N) is denoted X^N.

1.3 Setup

The binary graphical code can be seen as an authentication sequence x^N chosen at random from the message set $X^{N}$ and shared secretly with the legitimate receiver. In our authentication model, x^N is published as a noisy version y^N taking values in the set of points $V^{N}$ (see Figure 1). An opponent may observe y^N and, naturally, tries to retrieve the original authentication sequence. He obtains an estimated sequence ${\hat{x}}^{N}$ and publish a forgery as a sequence z^N taking value in the same set of points $V^{N}$ , hoping that it will be accepted by the receiver as coming from the legitimate source. When observing a sequence o^N, which may be one of the two possible sequences y^N or z^N, the destination has to decide whether this observed sequence comes from the legitimate source or not.

The authentication model involves two channels $X \to (Y, Z)$ , and in the rest of the paper, we define the main channel as the channel between the legitimate source and the receiver, and the opponent channel as the channel between the legitimate source and the receiver but passing through the counterfeiter channel (see Figure 1). The two channels $X \to (Y, Z)$ are considered being discrete and memoryless with conditional probability distribution P_{Y Z∣X}(y, z∣x). The marginal channels P_Y∣X and P_Z∣X constitute the transition probability matrices of the main channel and the opponent channel, respectively.

As we shall see in the rest of the paper, authentication performances are directly impacted by the discrimination between the two channels and can be maximized by channel optimization.

Note that the authentication sequence x^N is generated using a secure pseudo-random number generator (PRNG) having a sufficiently large key space to prevent brute-force attacks. The seed of the PRNG can practically be transmitted using both a secure lossless communication channel and via a key distribution system so that the receiver can generate x^N from the seed. The security of such a system is beyond the scope of this paper.

1.4 Contributions of the paper

The goal of this paper is twofold:

● Firstly, it provides reliable performance measurements of the authentication system based on a Neyman-Pearson hypothesis test (i.e., to compute accurately the probability of rejecting an authentic code and the probability of non-detecting an illegal copy, denoted as type I and type II errors, respectively). An asymptotic expression which is more accurate than the Gaussian expression is first proposed to compute these probabilities of errors; then, the importance sampling simulation method is provided to practically estimate them. We evaluate the impact of the Gaussian approximation of the test with respect to its asymptotic expression.

● Secondly, the computation of type I and type II errors are used to derive the most favorable channels for authentication. We show first that it is in the receiver’s interest to process directly the scanned grayscale code instead of a binary version. Then, the error probabilities are used to compute for a given channel model, the configuration which maximizes the authentication performance.

This paper is an extension of [13] in which we use the generalized Gaussian distribution family instead of the Gaussian distribution as in [13]. Moreover, the analytical formulation of these probabilities is practically confirmed by using an importance sampling method, a Monte Carlo strategy of numerical simulation that can be used to compute rare events. We also present how to design the channel in order to maximize the authentication performance for different cases of generalized Gaussian distributions and when the opponent is either passive (he undergoes the same channel as the receiver) or active (he can adapt his channel).

2 The authentication channel

2.1 Channel modeling

Let T_V∣X be the generic transition matrix modeling the whole physical processes used, more specifically the printing and scanning devices. The entries of this matrix are conditional probabilities T_V∣X(v∣x) relating an input alphabet and the output alphabet . In practical and realistic situations, is a binary alphabet standing for black (0) and white (1) elements of a digital code, and the channel output set stands for the set of gray-level values with cardinality K (for printed and scanned images, K=256). Transition matrix T_V∣X may conceptually be any discrete distribution over the set , but we will focus in Section 4.4 on some common and realistic distributions when analyzing numerically the performance.

The marginal distribution of the main channel P_Y∣X is equivalent to one print and scan process, and consequently, we have P_Y∣X=T_V∣X. On the other hand, P_Z∣X depends on the opponent processing while he has to retrieve the original sequence before reprinting it. We aim here at expressing this marginal distribution considering that the opponent tries to restore the original sequence before publishing his fraudulent sequence z^N.

When performing a detection to obtain an estimated sequence ${\hat{x}}^{N}$ of the original code, the opponent undergoes errors. These errors are evaluated with probabilities P_e,W when confusing an original white dot with a black and P_e,B when confusing an original black dot with a white. This distinction is due to the fact that the distribution T_V∣X of the physical devices is arbitrary and not necessarily symmetric. Let $D_{W}$ be the optimal decision region for decoding white dots obtained after using classical maximum likelihood decoding:

D_{W} = \{v \in V : P_{Y ∣ X} (v ∣ X = 1) > P_{Y ∣ X} (v ∣ X = 0)\} .

(1)

Error probabilities P_e,W and P_e,B are then equal to

P_{e, B} = \sum_{v \in D_{W}} P_{Y ∣ X} (v ∣ X = 0),

(2)

P_{e, W} = \sum_{v \in D_{W}^{c}} P_{Y ∣ X} (v ∣ X = 1) .

(3)

where $D_{W}^{c}$ is the complementary region in the set . The channel $X \to \hat{X}$ can be modeled as a binary input binary output (BIBO) channel with transition probability matrix $P_{\hat{X} ∣ X}$ :

\begin{align} [\begin{array}{l} P_{\hat{X} ∣ X} (\hat{x} = 0 ∣ x = 0) & P_{\hat{X} ∣ X} (\hat{x} = 1 ∣ x = 0) \\ P_{\hat{X} ∣ X} (\hat{x} = 0 ∣ x = 1) & P_{\hat{X} ∣ X} (\hat{x} = 1 ∣ x = 1) \end{array}] \\ = [\begin{array}{l} 1 - P_{e, B} & P_{e, B} \\ P_{e, W} & 1 - P_{e, W} \end{array}] \end{align}

(4)

As we can see in Figure 1, the opponent channel $X \to Z$ is a physically degraded version of the main channel. Thus, $X \to \hat{X} \to Z$ forms a Markov chain with the relation $P_{\hat{X} Z ∣ X} (\hat{x}, z ∣ x) = P_{\hat{X} ∣ X} (\hat{x} ∣ x) T_{Z / \hat{X}} (z ∣ \hat{x})$ , where $T_{Z ∣ \hat{X}}$ is the transition matrix of the counterfeiter physical device. Components of the marginal channel matrix P_Z∣X are

\begin{array}{l} P_{Z ∣ X} (v ∣ x) = \sum_{\hat{x} = 0, 1} P_{\hat{X} Z ∣ X} (\hat{x}, v ∣ x) \\ = \sum_{\hat{x} = 0, 1} P_{\hat{X} ∣ X} (\hat{x} ∣ x) T_{Z ∣ \hat{X}} (v ∣ \hat{x}) . \end{array}

(5)

Finally, we have

\begin{array}{l} P_{Z ∣ X} (v ∣ X = 0) = & (1 - P_{e, B}) T_{Z ∣ \hat{X}} (v ∣ \hat{X} = 0) \\ + P_{e, B} T_{Z ∣ \hat{X}} (v ∣ \hat{X} = 1), \end{array}

(6)

\begin{array}{l} P_{Z ∣ X} (v ∣ X = 1) = & (1 - P_{e, W}) T_{Z ∣ \hat{X}} (v ∣ \hat{X} = 1) \\ + P_{e, W} T_{Z ∣ \hat{X}} (v ∣ \hat{X} = 0) . \end{array}

(7)

2.2 Receiver’s strategies: thresholding or not?

Two strategies are possible for the receiver.

2.2.1 Binary thresholding

As a first strategy, the legitimate receiver first decode the observed sequence $o^{N}$ using a maximum likelihood criterion based on the main channel marginal distribution P_Y∣X. He then restores a binary version ${\tilde{x}}^{N}$ of the original message x^N using the same decision region as defined by (1) and naturally undergoes errors.

● In the main channel, i.e., when $O^{N} = Y^{N}$ , error probabilities are equivalent to (2) and (3).

● In the opponent channel, i.e., when $O^{N} = Z^{N}$ , we make use of (6) and (7) to express the corresponding error probabilities:

\begin{align} {\tilde{P}}_{e, W} & = \sum_{v \in D_{W}^{c}} P_{Z ∣ X} (v ∣ X = 1), \\ {\tilde{P}}_{e, W} & = (1 - P_{e, W}) \sum_{v \in D_{W}^{c}} T_{Z ∣ \hat{X}} (v ∣ \hat{X} = 1) \\ + P_{e, W} \sum_{v \in D_{W}^{c}} T_{Z ∣ \hat{X}} (v ∣ \hat{X} = 0) . \end{align}

(8)

\begin{align} {\tilde{P}}_{e, W} & = (1 - P_{e, W}) P_{e, W}^{'} + P_{e, W} (1 - P_{e, B}^{'}) \end{align}

(9)

where $P_{e, W}^{'} = \sum_{v \in D_{W}^{c}} T_{Z ∣ \hat{X}} (v ∣ \hat{X} = 1)$ and $P_{e, B}^{'} = \sum_{v \in D_{W}} T_{Z ∣ \hat{X}} (v ∣ \hat{X} = 0)$ . The same development yields

{\tilde{P}}_{e, B} = (1 - P_{e, B}) P_{e, B}^{'} + P_{e, B} (1 - P_{e, W}^{'}) .

(10)

For this first strategy, the opponent channel may be viewed as the cascade of two binary input/binary output channels:

\begin{align} [\begin{array}{l} 1 - {\tilde{P}}_{e, B} & {\tilde{P}}_{e, B} \\ {\tilde{P}}_{e, W} & 1 - {\tilde{P}}_{e, W} \end{array}] & = [\begin{array}{l} 1 - P_{e, B} & P_{e, B} \\ P_{e, W} & 1 - P_{e, W} \end{array}] \\ \times [\begin{array}{l} 1 - P_{e, B}^{'} & P_{e, B}^{'} \\ P_{e, W}^{'} & 1 - P_{e, W}^{'} \end{array}] . \end{align}

(11)

As we will see in the next section, in this particular case, the test to decide whether the observed decoded sequence ${\tilde{x}}^{N}$ comes from the legitimate source or not is tantamount to counting the number of erroneous decoded dots.

2.2.2 Gray-level observations

In the second strategy, the receiver performs his test directly on the received sequence $o^{N}$ without any given decoding. We will see in Section 3.3 that this strategy is better than the previous one (see Section 3.2).

3 Impacts of the receiver’s strategies on hypothesis testing

We consider here testing whether, for a given fixed input (x₁, …, x_N), an observed independent and identically distributed (i.i.d.) sequence (o₁, …, o_N∣x₁, …, x_N) is generated from a given distribution P_Y∣X or if it comes from an alternative hypothesis associated to distribution P_Z∣X, (o_i∣x_i) belonging to a discrete finite set . Practically, we are interested in performing authentication after observing a sequence of N samples (o_i∣x_i), attesting whereas this sequence comes from a legitimate source or from a counterfeiter. The receiver establishes then a decision based on a predefined statistical test and assigns one of the two hypothesis H₀ or H₁ corresponding, respectively, to each of the former cases. According to this test, the space $V^{N}$ will be partitioned into two regions $ℋ_{0}$ and $ℋ_{1}$ . Accepting hypothesis H₀ while it is actually a fake (the observed N sample sequence belongs to $ℋ_{0}$ while H₁ is true) leads to an error of type II having probability β. Rejecting hypothesis H₀ while actually the observed sequence comes from the legitimate source (the observed N sample sequence belongs to $ℋ_{1}$ while H₀ is true) leads to an error of type I with probability α. It is desirable to find a test with a minimal probability β for a fixed or prescribed probability of type I. An optimal decision rule will be given by the Neyman-Pearson criterion. The eponymous theorem states that under the constraint α≤α^∗, β is minimized if only if the following log-likelihood test infers the choice of H₁:

log \frac{P^{N} (o^{N} ∣ x^{N}, H_{1})}{P^{N} (o^{N} ∣ x^{N}, H_{0})} \geq γ,

(12)

where γ is a threshold verifying the constraint α≤α^∗.

3.1 Authentication via binary thresholding

In the first strategy, the final observed data is ${\tilde{x}}^{N}$ and the original sequence x^N is a side information containing two types of data (‘0’ and ‘1’). The conditional distribution of each random component $({\tilde{X}}_{i} ∣ x_{i})$ of the sequence $({\tilde{X}}^{N} ∣ x^{N})$ is the same for each given type. We compute now the probabilities that describe the two random i.i.d. sequences $({\tilde{X}}^{N} ∣ x^{N})$ , one per data type, and for each of the two possible hypothesis. We derive then the corresponding test from (12). Under hypothesis H_j, j∈{0, 1}, these probabilities are expressed conditionally to the known original code x^N. Let $N_{B} = {i : x_{i} = 0}$ and $N_{W} = {i : x_{i} = 1}$ , with $N_{B} = |N_{B}|$ and $N_{W} = |N_{W}|$ . Because of i.i.d. sequences, we have

\begin{align} P^{N} ({\tilde{x}}^{N} ∣ x^{N}, H_{j}) & = \underset{i = 1}{\prod^{N}} P ({\tilde{x}}_{i} ∣ x_{i}, H_{j}), \\ P^{N} ({\tilde{x}}^{N} ∣ x^{N}, H_{j}) & = \underset{\overset{\prod}{} i \in N_{B}}{} P ({\tilde{x}}_{i} ∣ 0, H_{j}) \\ \times \underset{\overset{\prod}{} i \in N_{W}}{} P ({\tilde{x}}_{i} ∣ 1, H_{j}) . \end{align}

Under hypothesis H₀ the channel $X \to \tilde{X}$ has distributions given by (2) and (3) and we have:

\begin{align} P^{N} ({\tilde{x}}^{N} ∣ x^{N}, H_{0}) = & {(P_{e, B})}^{n_{e, B}} {(1 - P_{e, B})}^{N_{B} - n_{e, B}} \\ \times {(P_{e, W})}^{n_{e, W}} {(1 - P_{e, W})}^{N_{W} - n_{e, W}}, \end{align}

where n_e,B and n_e,W are the number of errors $({\tilde{x}}_{i} \neq x_{i})$ when black is decoded into white and when white is decoded into black, respectively.

● Under hypothesis H₁, the channel $X \to \tilde{X}$ has distributions given by (9) and (10), and we have

\begin{align} P^{N} ({\tilde{x}}^{N} ∣ x^{N}, H_{1}) = & {({\tilde{P}}_{e, B})}^{n_{e, B}} {(1 - {\tilde{P}}_{e, B})}^{N_{B} - n_{e, B}} \\ \times {({\tilde{P}}_{e, W})}^{n_{e, W}} {(1 - {\tilde{P}}_{e, W})}^{N_{W} - n_{e, W}} . \end{align}

Applying now the Neyman Pearson criterion (12), the test is expressed as

\begin{align} L_{1} & = log \frac{P^{N} ({\tilde{x}}^{N} ∣ x^{N}, H_{1})}{P^{N} ({\tilde{x}}^{N} ∣ x^{N}, H_{0})} \overset{H 1}{\underset{H 0}{≷}} γ, \end{align}

(13)

\begin{align} L_{1} & = n_{e, B} log (\frac{{\tilde{P}}_{e, B} (1 - P_{e, B})}{P_{e, B} (1 - {\tilde{P}}_{e, B})}) \\ + n_{e, W} log (\frac{{\tilde{P}}_{e, W} (1 - P_{e, W})}{P_{e, W} (1 - {\tilde{P}}_{e, W})}) \overset{H 1}{\underset{H 0}{≷}} λ_{1}, \end{align}

(14)

where $λ_{1} = γ - N_{B} log (\frac{1 - {\tilde{P}}_{B}}{1 - P_{B}}) - N_{W} log (\frac{1 - {\tilde{P}}_{W}}{1 - P_{W}})$ . This expression has the practical advantage to only count the number of errors in order to perform the authentication task but at a cost of a loss of optimality.

3.2 Authentication via gray-level observations

In the second strategy, the observed data is $o^{N}$ . Here again, the conditional distribution of each random component $(O_{i} ∣ x_{i})$ of the sequence ( $O^{N} ∣ x^{N})$ is the same for each type of data of X. The Neyman Pearson test is expressed as

L_{2} = log \frac{P^{N} (o^{N} ∣ x^{N}, H_{1})}{P^{N} (o^{N} ∣ x^{N}, H_{0})} \overset{H 1}{\underset{H 0}{≷}} λ_{2},

(15)

which can be developed as

\begin{align} L_{2} = \sum_{i \in N_{B}} log \frac{P_{Z ∣ X} (o_{i} ∣ 0)}{P_{Y ∣ X} (o_{i} ∣ 0)} \\ + \sum_{i \in N_{W}} log \frac{P_{Z ∣ X} (o_{i} ∣ 1)}{P_{Y ∣ X} (o_{i} ∣ 1)} \overset{H 1}{\underset{H 0}{≷}} λ_{2}, \end{align}

(16)

\begin{align} L_{2} = \sum_{i \in N_{B}} log ((1 - P_{e, W}) \frac{T_{Z ∣ \hat{X}} (o_{i} ∣ 0)}{T_{Y ∣ X} (o_{i} ∣ 0)} + P_{e, W} \frac{T_{Z ∣ \hat{X}} (o_{i} ∣ 1)}{T_{Y ∣ X} (o_{i} ∣ 0)}) \\ + \sum_{i \in N_{W}} log ((1 - P_{e, B}) \frac{T_{Z ∣ \hat{X}} (o_{i} ∣ 1)}{T_{Y ∣ X} (o_{i} ∣ 1)} + P_{e, B} \frac{T_{Z ∣ \hat{X}} (o_{i} ∣ 0)}{T_{Y ∣ X} (o_{i} ∣ 1)}) \\ \overset{H 1}{\underset{H 0}{≷}} λ_{2} . \end{align}

(17)

Note that the expressions of the transition matrix modeling the physical processes T_Y∣X and $T_{Z ∣ \hat{X}}$ are required in order to perform the optimal test.

3.3 Authentication with thresholding vs authentication without thresholding

In this setup and without loss of generality, we consider only the Gaussian model with variance σ² for the physical devices T_Y∣X and $T_{Z ∣ \hat{X}}$ . Figure 2 compares the receiver operating characteristic (ROC) curves associated with the two different strategies. Note that the error probabilities are computed using the results given in the next section (see Section 4.2). We can notice that the gap between the two strategies is important. This is not surprising since the binary thresholding removes information from the gray-level observation, yet this has a practical impact because one practitioner can be tempted to count the number of errors as given in (14) as an authentication score for its easy implementation. The information theoretical analysis presented in the Appendix confirms also that authentication is more accurate without thresholding, and this result is in line with the remark of Blahut in [[14]] where in p108 he writes that ‘information is increased if a measurement is made more precise [...] (i.e. with a refinement of the set of measurement outcomes).’

Moreover, as we will see in Section 5, the plain scan of the graphical code can be used whenever the receiver needs to estimate the opponent’s channel.

4 Toward reliable performance evaluation

In the previous section we have expressed the Neyman-Pearson test for the two proposed strategies resumed by (14) and (17). These tests may then be practically performed on the observed sequence in order to make a decision about its authenticity. We aim now at expressing the error probabilities of types I and II and comparing the two possible strategies described previously. Let m=1, 2 be the index denoting the strategy; a straightforward calculation gives

α_{m} = \underset{\overset{\sum}{} l > λ_{m}}{} P_{L_{m}} (l ∣ H_{0}),

(18)

β_{m} = \underset{l > λ_{m}}{\overset{\sum}{}} P_{L_{m}} (l ∣ H_{1}) .

(19)

where $P_{L_{m}} (l ∣ H_{j})$ is the distribution of the log-likelihood ratio L_m under hypothesis H_j.

4.1 Gaussian approximation

As the length N of the sequence is generally large, we use the central limit theorem to study the distributions $P_{L_{m}}$ , m=1, 2 (a similar strategy was proposed in [15]).

● For the binary thresholding strategy, n_e,W and n_e,B in (14) are binomial random variables depending on the origin of the observed sequence. Let N_x stand for the number of data of type x in the original code and P_e,x the cross-over probabilities emerging from type x in the BIBO channels (4) or (11). When N is large enough, the binomial random variables can be approximated with a Gaussian distribution. We have

n_{e, x} \sim N (N_{x} P_{e, x}, N_{x} P_{e, x} (1 - P_{e, x})) .

(20)

● From (14), L₁ is a weighted sum of Gaussian random variables and one can obviously deduce the parameters of the normal approximation describing the log-likelihood L₁.

● For the second strategy, i.e., when the receiver tests directly the observed gray-level sequence, the log-likelihood L₂ in Equation 17 may be expressed as two sums of i.i.d. and becomes

L_{2} = \sum_{i \in N_{B}} ℓ (o_{i}, 0) + \sum_{i \in N_{W}} ℓ (o_{i}, 1) \overset{H 1}{\underset{H 0}{≷}} λ_{2},

(21)

● where ℓ(v, x) is a function $ℓ : X \times V \to ℝ$ having some distribution with mean and variance equal to

m_{x} = E [ℓ (V, x) ∣ H_{j}] = \sum_{v \in V} ℓ (v, x) P (v ∣ x, H_{j}),

(22)

and

var [ℓ (V, x) ∣ H_{j}] = \sum_{v \in V} {(ℓ (v, x) - m_{x})}^{2} P (v ∣ x, H_{j}),

(23)

● with P=P_Y∣X (respectively P=P_Z∣X) for j=0 (respectively 1). The central limit theorem is then used again to approximate the distribution of L₂ and compute type I and type II error probabilities.

4.2 Asymptotic expression

In this section, we drop the subscribe m denoting the strategy as all the subsequent analysis is common for both of them. One important problem is the fact that the Gaussian approximation proposed previously provides inaccurate error probability values when the threshold λ in (18) and (19) is far from the mean of the log-likelihood random variable L. Chernoff bound and large deviation theory [16] are preferred in this context as very small error probabilities of types I and II may be desired [17]. Given a real number s, the Chernoff bound on type I and type II errors may be expressed as

α = Pr (L \geq λ ∣ H_{0}) \leq e^{- sλ} g_{L} (s; H_{0}) for any s > 0,

(24)

β = Pr (L \leq λ ∣ H_{1}) \leq e^{- sλ} g_{L} (s; H_{1}) for any s > 0,

(25)

where the function g_L(s ; H_j), j=0, 1 is the moment generating function of the random variable L defined as

g_{L} (s; H_{j}) = E_{P_{L} (L ∣ H_{j})} [e^{sL}] .

(26)

where expectation is performed with respect to distribution P_L(L∣H_j). Reminding that L is a sum of N independent random variables, asymptotic analysis in probability theory (when N is large enough) shows that bounds similar to (24) and (25) are much more appropriate for estimating α and β than the Gaussian approximation especially when λ is far from E[L], namely when bounding the tails of a distribution [16, 17]. The tightest bound is obtained by finding the value of s that provides the minimum of the right-hand side (RHS) of (24) and (25), i.e., the minimum of e^−sλg_L(s ; H_j) for each j=0, 1. Taking the derivative, the value s that provides the tightest bound under each hypothesis is such that ^a

λ = {\frac{\frac{d g_{L} (s; H_{j})}{d s}}{g_{L} (s; H_{j})}⌋}_{s = {\tilde{s}}_{j}} = {\frac{d}{d s} ln g_{L} (s; H_{j})⌋}_{s = {\tilde{s}}_{j}} .

(27)

We introduce the semi-invariant moment generating function after an acute observation of the identity (27). The semi-invariant moment generating function of L is

μ_{L} (s; H_{j}) = ln g_{L} (s; H_{j}) .

(28)

This function has many interesting properties that ease the extraction of an asymptotic expression for (24) and (25) [17]. For instance, this function is additive for the sum of independent random variables, and we have

μ_{L} (s; H_{j}) = \sum_{i \in N_{B}} μ_{i, 0} (s; H_{j}) + \sum_{i \in N_{W}} μ_{i, 1} (s; H_{j}),

(29)

where μ_{i, x}(s ; H_j) is the semi-invariant moment generating function of the random component $ℓ (O_{i}, x)$ when the observed sequence comes from the distribution associated to hypothesis H_j. In addition, relation (27) may be expressed as the sum of the derivatives at the value ${\tilde{s}}_{j}$ optimizing the bound:

λ = \sum_{i \in N_{B}} μ_{i, 0}^{'} ({\tilde{s}}_{j}; H_{j}) + \sum_{i \in N_{W}} μ_{i, 1}^{'} ({\tilde{s}}_{j}; H_{j}) .

(30)

Chernoff bounds on type I and type II errors (24) and (25) may then be expressed as

\begin{align} α = & Pr (L \geq λ ∣ H_{0}) \\ \leq & exp [\sum_{i \in N_{B}} (μ_{i, 0} ({\tilde{s}}_{0}; H_{0}) - {\tilde{s}}_{0} μ_{i, 0}^{'} ({\tilde{s}}_{0}; H_{0})) \\ + \sum_{i \in N_{W}} (μ_{i, 1} ({\tilde{s}}_{0}; H_{0}) - {\tilde{s}}_{0} μ_{i, 1}^{'} ({\tilde{s}}_{0}; H_{0}))], \end{align}

(31)

and

\begin{align} β = & Pr (L \leq λ ∣ H_{1}) \\ \leq & exp [\sum_{i \in N_{B}} (μ_{i, 0} ({\tilde{s}}_{1}; H_{1}) - {\tilde{s}}_{1} μ_{i, 0}^{'} ({\tilde{s}}_{1}; H_{1})) \\ + \sum_{i \in N_{W}} (μ_{i, 1} ({\tilde{s}}_{1}; H_{1}) - {\tilde{s}}_{1} μ_{i, 1}^{'} ({\tilde{s}}_{1}; H_{1}))] . \end{align}

(32)

The distribution of each random component $(O_{i} ∣ x_{i})$ in the sequence $(O^{N} ∣ x^{N})$ is the same for each type of data X, and consequently, μ_{i, x}(s ; H_j)=μ_x(s ; H_j), i.e., μ_{i, x}(s ; H_j) is independent from i for each type of data x. The RHS in (31) and (32) can be simplified as

\begin{array}{l} exp [N_{B} (μ_{0} ({\tilde{s}}_{j}; H_{j}) - {\tilde{s}}_{j} μ_{0}^{'} ({\tilde{s}}_{j}; H_{j})) + N_{W} (μ_{1} ({\tilde{s}}_{j}; H_{j}) \\ - {\tilde{s}}_{j} μ_{1}^{'} ({\tilde{s}}_{j}; H_{j}))] . \end{array}

(33)

Roughly speaking, Cramér’s theorem [16] states that for sufficiently large N, the upper bounds expressed for j=0, 1 in (33) are also lower bounds for α and β, respectively. Thus, one can write for N_B≈N_W≈N/2:

\begin{align} lim_{N \to \infty} \frac{2}{N} ln α & = [μ ({\tilde{s}}_{0}; H_{0}) - {\tilde{s}}_{0} μ^{'} ({\tilde{s}}_{0}; H_{0})], \end{align}

(34)

\begin{align} lim_{N \to \infty} \frac{2}{N} ln β & = [μ ({\tilde{s}}_{1}; H_{1}) - {\tilde{s}}_{1} μ^{'} ({\tilde{s}}_{1}; H_{1})], \end{align}

(35)

where ${\tilde{s}}_{0} > 0$ , ${\tilde{s}}_{1} > 0$ , $μ ({\tilde{s}}_{j}; H_{j}) = μ_{0} ({\tilde{s}}_{j}; H_{j}) + μ_{1} ({\tilde{s}}_{j}; H_{j})$ , $μ^{'} ({\tilde{s}}_{j}; H_{j}) = μ_{0}^{'} ({\tilde{s}}_{j}; H_{j}) + μ_{1}^{'} ({\tilde{s}}_{j}; H_{j})$ . A modified asymptotic expression including a correction factor is evaluated for the sum of an i.i.d random sequence (see [17], Appendix 5A), and for large N, we have

\begin{array}{l} α = Pr (L \geq λ ∣ H_{0}), \\ \underset{N \to \infty}{\to} \frac{1}{{\tilde{s}}_{0} \sqrt{Nπ μ^{′′} ({\tilde{s}}_{0}; H_{0})}} exp \{\frac{N}{2} [μ ({\tilde{s}}_{0}; H_{0}) - {\tilde{s}}_{0} μ^{'} ({\tilde{s}}_{0}; H_{0})]\} . \end{array}

(36)

and

\begin{array}{l} β = Pr (L \leq λ ∣ H_{1}), \\ \underset{N \to \infty}{\to} \frac{1}{|{\tilde{s}}_{1}| \sqrt{Nπ μ^{′′} ({\tilde{s}}_{1}; H_{1})}} exp \{\frac{N}{2} [μ ({\tilde{s}}_{1}; H_{1}) - {\tilde{s}}_{1} μ^{'} ({\tilde{s}}_{1}; H_{1})]\}, \end{array}

(37)

where $μ^{′′} ({\tilde{s}}_{j}; H_{j}) = μ_{0}^{′′} ({\tilde{s}}_{j}; H_{j}) + μ_{1}^{′′} ({\tilde{s}}_{j}; H_{j})$ is the second derivative of the semi-invariant moment generating function of ℓ(V, x) defined by

\begin{align} ℓ (v, 1) = log ((1 - P_{e, W}) \frac{T_{Z ∣ \hat{X}} (v ∣ 1)}{T_{Y ∣ X} (v ∣ 1)} + P_{e, W} \frac{T_{Z ∣ \hat{X}} (v ∣ 0)}{T_{Y ∣ X} (v ∣ 1)}), \end{align}

(38)

\begin{align} ℓ (v, 0) = log ((1 - P_{e, B}) \frac{T_{Z ∣ \hat{X}} (v ∣ 0)}{T_{Y ∣ X} (v ∣ 0)} + P_{e, B} \frac{T_{Z ∣ \hat{X}} (v ∣ 1)}{T_{Y ∣ X} (v ∣ 0)}) . \end{align}

(39)

4.3 Numerical computations of α and β via importance sampling

This section addresses the problem of estimating numerically type I and type II error probabilities, i.e., α and β. Monte Carlo simulation method [18] gives accurate solution since these probabilities can be expressed as expectations of a function of a random variable governed by a given probability distribution. We have

\begin{align} α & = \sum_{v^{N} \in ℋ_{1}} P^{N} (v^{N} ∣ x^{N}, H_{0}), \end{align}

(40)

\begin{align} = \sum_{v^{N} \in V^{N}} P^{N} (v^{N} ∣ x^{N}, H_{0}) ϕ (v^{N}; ℋ_{1}), \end{align}

(41)

where $ϕ (v^{N}; ℋ_{1}) = 1$ whenever $v^{N} \in ℋ_{1}$ and zero if not. The probability of type I error is then expressed as the expectation of $ϕ (v^{N}; ℋ_{1})$ under distribution P^N(v^N∣x^N, H₀). In the same way, type II error probability β is the expectation of $ϕ (v^{N}; ℋ_{0})$ under distribution P^N(v^N∣x^N, H₁). In the sequel, we denote $P^{N} (v^{N} ∣ x^{N}, H_{0}) = P_{Y ∣ X}^{N}$ and $P^{N} (v^{N} ∣ x^{N}, H_{1}) = P_{Z ∣ X}^{N}$ , and we have

\begin{align} α & = E_{P_{Y ∣ X}^{N}} [ϕ (V^{N}; ℋ_{1})], \end{align}

(42)

\begin{align} β & = E_{P_{Z ∣ X}^{N}} [ϕ (V^{N}; ℋ_{0})] . \end{align}

(43)

Monte Carlo methods make use of the law of large numbers to infer an estimation for α and β by computing numerically an empirical mean for $ϕ (v^{N}; ℋ_{1})$ and $ϕ (v^{N}; ℋ_{0})$ , respectively. Clearly, the computer runs N_trials, each one generating an i.i.d. vector v^N, where samples v_n are driven from distributions P_Y∣X and P_Z∣X, respectively, which gives the following estimates:

\begin{align} \hat{α} & = \frac{1}{N_{trials}} \underset{i = 1}{\sum^{N_{trials}}} ϕ ({(v^{N})}^{(i)}; ℋ_{1}), \\ {(v_{n})}^{(i)} being generated from P_{Y ∣ X} \\ \hat{β} & = \frac{1}{N_{trials}} \underset{i = 1}{\sum^{N_{trials}}} ϕ ({(v^{N})}^{(i)}; ℋ_{0}), \\ {(v_{n})}^{(i)} being generated from P_{Z ∣ X} . \end{align}

The Monte Carlo estimator is unbiased ( $\hat{α} \to α$ and $\hat{β} \to β$ ) almost surely, and the rate of convergence is $N_{trials}^{- 1 / 2}$ . Recalling that for a zero mean and unit variance Gaussian random variable U, P(|U|≤1.96)=0.95, the confidence interval at 0.95 obtained from each estimation is

\begin{align} [\hat{α} - \frac{1.96 σ_{α}}{\sqrt{N_{trials}}}, \hat{α} + \frac{1.96 σ_{α}}{\sqrt{N_{trials}}}] \end{align}

(44)

\begin{align} [\hat{β} - \frac{1.96 σ_{β}}{\sqrt{N_{trials}}}, \hat{β} + \frac{1.96 σ_{β}}{\sqrt{N_{trials}}}], \end{align}

(45)

where σ_α (resp. σ_β) is the standard deviation of the random variable $ϕ ({(V^{N})}^{(i)}; ℋ_{1})$ (resp. $ϕ ({(V^{N})}^{(i)}; ℋ_{0})) .$ As $ϕ ({(V^{N})}^{(i)}; ℋ_{1})$ and $ϕ ({(v^{N})}^{(i)}; ℋ_{0})$ are Bernoulli random variables with parameter α and β, respectively, their variances are easily deduced, e.g., $σ_{α}^{2} = α - α^{2} \approx α$ and $σ_{β}^{2} = β - β^{2} \approx β$ . When α and β are very small, accurate estimations are then difficult to achieve with realistic number of trials. Roughly speaking, the number of trials needed is $N_{trials} > \frac{1 0^{3}}{α}$ (or $N_{trials} > \frac{1 0^{3}}{β}$ ) when the desired confidence interval at 0.95 is constrained to be about a tenth of the expected value of α or β. Actually, we need to evaluate numerically very small values of α and β to draw the curve β(α) evaluating the performance of a given test statistic. The required number of trials fails to be realistic. We propose then to use the importance sampling method [18] which enables us to generate rare events and thus reduce considerably the required number of trials. Let us consider distributions Q_Y∣X and Q_Z∣X over the set such that Q_Y∣X and Q_Z∣X>0 and rewrite (42) and (43) as

\begin{align} E_{P_{Y ∣ X}^{N}} [ϕ (V^{N}; ℋ_{1})] & = E_{P_{Y ∣ X}^{N}} [ϕ (V^{N}; ℋ_{1}) \frac{Q_{Y ∣ X}^{N}}{Q_{Y ∣ X}^{N}}], \\ E_{P_{Z ∣ X}^{N}} [ϕ (V^{N}; ℋ_{0})] & = E_{P_{Z ∣ X}^{N}} [ϕ (V^{N}; ℋ_{0}) \frac{Q_{Z ∣ X}^{N}}{Q_{Z ∣ X}^{N}}] . \end{align}

One can then alternatively express type I and type II error probabilities by

\begin{align} α & = E_{Q_{Y ∣ X}^{N}} [ϕ (V^{N}; ℋ_{1}) \frac{P_{Y ∣ X}^{N}}{Q_{Y ∣ X}^{N}}], \end{align}

(46)

\begin{align} β & = E_{Q_{Z ∣ X}^{N}} [ϕ (V^{N}; ℋ_{0}) \frac{P_{Z ∣ X}^{N}}{Q_{Z ∣ X}^{N}}] . \end{align}

(47)

Monte Carlo simulation with importance sampling method gives the following two estimates:

\begin{align} \hat{α} = \frac{1}{N_{trials}} \underset{i = 1}{\sum^{N_{trials}}} ϕ ({(v^{N})}^{(i)}; ℋ_{1}) \times [\frac{P_{Y ∣ X}^{N} ({(v^{N})}^{(i)} ∣ x^{N})}{Q_{Y ∣ X}^{N} ({(v^{N})}^{(i)} ∣ x^{N})}], \\ {(v^{N})}^{(i)} being generated from Q_{Y ∣ X}^{N}, \end{align}

(48)

\begin{align} \hat{β} = \frac{1}{N_{trials}} \underset{i = 1}{\sum^{N_{trials}}} ϕ ({(v^{N})}^{(i)}; ℋ_{0}) \times [\frac{P_{Z ∣ X}^{N} ({(v^{N})}^{(i)} ∣ x^{N})}{Q_{Z ∣ X}^{N} ({(v^{N})}^{(i)} ∣ x^{N})}], \\ {(v^{N})}^{(i)} being generated from Q_{Z ∣ X}^{N} . \end{align}

(49)

The problem of importance sampling is to choose an adequate function Q_V∣X such that the variance of the estimated probabilities in (48) and (49) are very small. The number of trials will be considerably reduced and accurate estimations of very low values of α and β may be possible. Let

Q_{Y ∣ X} (s, v ∣ x) = exp (- μ_{x} (s; H_{0}) + sℓ (v, x)) P_{Y ∣ X} (v ∣ x)

and

Q_{Z ∣ X} (s, v ∣ x) = exp (- μ_{x} (s; H_{1}) + sℓ (v, x)) P_{Z ∣ X} (v ∣ x)

be tilted distributions over the set , and μ_x(s; H_j) the semi-invariant moment generating function of ℓ(v, x) distributed under hypothesis H_j.

Proposition 1

The mean of the log-likelihood function ℓ(v, x) governed by the tilted distributions Q_Y∣X(s,v∣x) is μ x′(s; H₀).

Proof

We have indeed

\begin{align} \sum_{v \in V} ℓ (v, x) Q_{Y ∣ X} (s, v ∣ x) & = \sum_{v \in V} ℓ (v, x) exp (- μ_{x} (s; H_{0}) + sℓ (v, x)) \\ \times P_{Y ∣ X} (v ∣ x), \\ = \frac{\sum_{v \in V} ℓ (v, x) exp (sℓ (v, x)) P_{Y ∣ X} (v ∣ x)}{exp (μ_{x} (s; H_{0}))}; \end{align}

since μ_x(s; H₀)= log(g_x(s; H₀)), the denominator of the previous expression is simply g_x(s; H₀):

\begin{align} \sum_{v \in V} ℓ (v, x) Q_{Y ∣ X} (s, v ∣ x) & = \frac{\sum_{v \in V} ℓ (v, x) exp (sℓ (v, x)) P_{Y ∣ X} (v ∣ x)}{\sum_{v \in V} exp (sℓ (v, x)) P_{Y ∣ X} (v ∣ x)}, \\ = \frac{\frac{d g_{x} (s; H_{0})}{d s}}{g_{x} (s; H_{0})}, \end{align}

Finally, we have

\sum_{v \in V} ℓ (v, x) Q_{Y ∣ X} (s, v ∣ x) = μ_{x}^{'} (s; H_{0}) .

(50)

The same development yields

\sum_{v \in V} ℓ (v, x) Q_{Z ∣ X} (s, v ∣ x) = μ_{x}^{'} (s; H_{1}) .

(51)

When choosing $s = {\tilde{s}}_{0}$ for Q_Y∣X(s,v∣x) and $s = {\tilde{s}}_{1}$ for Q_Z∣X(s,v∣x), the mean of the log-likelihood function ℓ(v, x) governed by these tilted distributions will be equal to the threshold λ of the test 30.

Proposition 2

The variances of the estimations in (48) and (49) go to zero as the number of dots is sufficiently large.

Proof.

To show this, let o^N be the observed samples coming from the main channel, e.g., driven from the tilted distribution $Q_{Y ∣ X}^{N} ({\tilde{s}}_{0}, v^{N} ∣ x^{N})$ . We have

\begin{array}{l} Q_{Y ∣ X}^{N} ({\tilde{s}}_{0}, o^{N} ∣ x^{N}) = exp (- \sum_{i \in N_{B}} μ_{i, 0} ({\tilde{s}}_{0}; H_{0}) - \sum_{i \in N_{W}} μ_{i, 1} ({\tilde{s}}_{0}; H_{0}) \\ + {\tilde{s}}_{0} \sum_{i \in N_{B}} ℓ (o_{i}, 0) + {\tilde{s}}_{0} \sum_{i \in N_{W}} ℓ (o_{i}, 1)) \\ \times P_{Y ∣ X}^{N} (o^{N} ∣ x^{N}) . \end{array}

Recalling that $μ ({\tilde{s}}_{j}; H_{j}) = μ_{0} ({\tilde{s}}_{j}; H_{j}) + μ_{1} ({\tilde{s}}_{j}; H_{j})$ , for N_B≈N_W≈N/2, we have

\begin{array}{l} Q_{Y ∣ X}^{N} ({\tilde{s}}_{0}, o^{N} ∣ x^{N}) = exp (- \frac{N}{2} μ ({\tilde{s}}_{0}; H_{0}) + {\tilde{s}}_{0} (\sum_{i \in N_{B}} ℓ (o_{i}, 0) \\ + \sum_{i \in N_{W}} ℓ (o_{i}, 1))) P_{Y ∣ X}^{N} (o^{N} ∣ x^{N}) . \end{array}

By the law of large numbers, the sum of N/2 log-likelihood functions of the observed samples (o_i∣x) governed by the tilted distribution, converges in probability to its mean value as N is sufficiently large:

\begin{array}{l} \sum_{i \in N_{B}} ℓ (o_{i}, 0) \overset{P}{\to} \frac{N}{2} \sum_{v \in V} ℓ (v, 0) Q_{Y ∣ X} ({\tilde{s}}_{0}, v ∣ 0) = \frac{N}{2} μ_{0}^{'} ({\tilde{s}}_{0}; H_{0}), \\ \sum_{i \in N_{W}} ℓ (o_{i}, 1) \overset{P}{\to} \frac{N}{2} \sum_{v \in V} ℓ (v, 1) Q_{Y ∣ X} ({\tilde{s}}_{0}, v ∣ 1) = \frac{N}{2} μ_{1}^{'} ({\tilde{s}}_{0}; H_{0}) . \end{array}

Recalling that $μ^{'} ({\tilde{s}}_{j}; H_{j}) = μ_{0}^{'} ({\tilde{s}}_{j}; H_{j}) + μ_{1}^{'} ({\tilde{s}}_{j}; H_{j}),$ and from proposition 1, we have

\begin{align} (\sum_{i \in N_{B}} ℓ (o_{i}, 0) + \sum_{i \in N_{W}} ℓ (o_{i}, 1)) \overset{P}{\to} \frac{N}{2} μ^{'} (\tilde{s_{0}}; H_{0}) . \end{align}

Equivalently, when observed samples come from the opponent channel, e.g., drawn from the tilted distribution $Q_{Z ∣ X}^{N} ({\tilde{s}}_{1}, v^{N} ∣ x^{N})$ , we have

\begin{align} (\sum_{i \in N_{B}} ℓ (o_{i}, 0) + \sum_{i \in N_{W}} ℓ (o_{i}, 1)) \overset{P}{\to} \frac{N}{2} μ^{'} ({\tilde{s}}_{1}; H_{1}) . \end{align}

Finally, we have

\begin{align} Q_{Y ∣ X}^{N} ({\tilde{s}}_{0}, o^{N} ∣ x^{N}) & \overset{P}{\to} exp (- \frac{N}{2} (μ ({\tilde{s}}_{0}; H_{0}) - {\tilde{s}}_{0} μ^{'} ({\tilde{s}}_{0}; H_{0}))) \\ \times P_{Y ∣ X}^{N} (o^{N} ∣ x^{N}) \end{align}

(52)

and

\begin{align} Q_{Z ∣ X}^{N} ({\tilde{s}}_{1}, o^{N} ∣ x^{N}) & \overset{P}{\to} exp (- \frac{N}{2} (μ ({\tilde{s}}_{1}; H_{1}) - {\tilde{s}}_{1} μ^{'} ({\tilde{s}}_{1}; H_{1}))) \\ \times P_{Z ∣ X}^{N} (o^{N} ∣ x^{N}) . \end{align}

(53)

The variance of $ϕ (V^{N}; ℋ_{1}) \frac{P_{Y ∣ X}^{N}}{Q_{Y ∣ X}^{N}}$ when V^N is governed by the tilted distribution $Q_{Y ∣ X}^{N} ({\tilde{s}}_{0}, v^{N} ∣ x^{N})$ is then (the function ϕ(.) being 0 or 1)

\begin{array}{l} {var}_{Q_{Y ∣ X}^{N}} [ϕ (V^{N}; ℋ_{1}) \frac{P_{Y ∣ X}^{N}}{Q_{Y ∣ X}^{N}}] \\ = E_{Q_{Y ∣ X}^{N}} [ϕ^{2} (V^{N}; ℋ_{1}) {(\frac{P_{Y ∣ X}^{N}}{Q_{Y ∣ X}^{N}})}^{2}] - α^{2}, \\ = E_{P_{Y ∣ X}^{N}} [ϕ (V^{N}; ℋ_{1}) (\frac{P_{Y ∣ X}^{N}}{Q_{Y ∣ X}^{N}})] - α^{2}, \\ \overset{P}{\to} E_{P_{Y ∣ X}^{N}} [ϕ (V^{N}; ℋ_{1}) (\frac{1}{exp (- \frac{N}{2} (μ ({\tilde{s}}_{0}; H_{0}) - {\tilde{s}}_{0} μ^{'} ({\tilde{s}}_{0}; H_{0})))})] - α^{2} . \end{array}

The denominator in the expectation, i.e., $exp (- \frac{N}{2} (μ ({\tilde{s}}_{0}; H_{0}) - {\tilde{s}}_{0} μ^{'} ({\tilde{s}}_{0}; H_{0})))$ , is simply the inverse of the Cramér-Chernoff bound proposed in (34). We then have

\begin{align} {var}_{Q_{Y ∣ X}^{N}} [ϕ (V^{N}; ℋ_{1}) \frac{P_{Y ∣ X}^{N}}{Q_{Y ∣ X}^{N}}] \overset{P}{\to} α E_{P_{Y ∣ X}^{N}} [ϕ (V^{N}; ℋ_{1})] - α^{2} . \end{align}

Finally, since $E_{P_{Y ∣ X}^{N}} [ϕ (V^{N}; ℋ_{1})] = α$ (42), the variance goes to zero as N is large enough:

\begin{align} {var}_{Q_{Y ∣ X}^{N}} [ϕ (V^{N}; ℋ_{1}) \frac{P_{Y ∣ X}^{N}}{Q_{Y ∣ X}^{N}}] \overset{P}{\to} 0 . \end{align}

The same development gives

\begin{align} {var}_{Q_{Z ∣ X}^{N}} [ϕ (V^{N}; ℋ_{0}) \frac{P_{Z ∣ X}^{N}}{Q_{Z ∣ X}^{N}}] \overset{P}{\to} 0 . \end{align}

4.4 Practical performance analysis

Without loss of generality, we use in our analysis a generalized Gaussian distribution to model the physical device, i.e., the association of a printer with a scanner, used by the legitimate source T_Y∣X(v∣x) and by the counterfeiter $T_{Z ∣ \hat{X}} (v ∣ \hat{x})$ :

p (v ∣ x) = \frac{b}{2 aΓ (1 / b)} e^{- {(| v - m (x) | / a)}^{b}},

(54)

where m(x) is the mean and the parameter a can be computed from the variance σ²=var[V]:

a = \sqrt{σΓ (1 / b) / Γ (3 / b)} .

(55)

The parameter b is used to control the sparsity of the distribution, for example, when b=1 the distribution is Laplacian, b=2 the distribution is Gaussian, and b→+∞ the distribution is uniform. The resulting distribution is first discretized then truncated to provide values within [0,…,255] to model a scanning process. Each channel is parametrized in this case by four parameters, two per each type of dots, m_b=m(0) and σ_b for black dots and m_w=m(1) and σ_w for white dots. Note that other print and scan models that take into account the gamma transfer function or additive noise with input dependent variance can be found in [19], but the general methodology of this paper is not dependent on the model and can still be applied.

Figure 3 illustrates the different effects of the generalized Gaussian distributions on the main and the opponent channels of same mean and variance and b=1 (Laplacian distribution), b=2 (Gaussian distribution), and b=6, i.e., close to a uniform distribution.

In order to assess the accuracy of the computations of α and β using either the Gaussian approximation given by (18) and (19), the asymptotic expression given by (36) and (37), or the Monte Carlo simulations using importance sampling given by (48) and (49), we derive ROC curves for generalized Gaussian distributions and b={1,2,6}.

Figure 4 illustrates the gap between the estimation of α and β using the Gaussian approximation and the asymptotic expression or the Monte Carlo simulations. The Monte Carlo simulations confirm the fact that the derived Cramér Chernoff bounds are tight, and the difference between the results obtained with the Gaussian approximation are very important especially for close to uniform channels. We can also notice that for the same channel power, the authentication performances are better for b=6 then for b=2 and b=1.

5 Optimal configurations for authentication

The goal of this section is to derive configurations that are optimal regarding authentication, i.e., to derive configurations that for a given α minimize β.

5.1 Optimal configurations by modification of the printing channel

5.1.1 Problem setting

This authentication problem can be seen as a game where the main goal of the receiver, for a given false alarm probability α, is to find a channel that minimizes the probability of missed detection β. Practically, this means that the channel can be chosen by using a given quality of paper, a different ink, and/or by adopting an appropriate resolution. For example, if the legitimate source wants to decrease the noise variance, he can choose to use oversampling to replicate the dots; on the contrary, if the legitimate source wants to increase the noise variance, he can use a paper of lesser quality. It is important to recall that because the opponent will have to print a binary version of its observation, and because a printing device at this very high resolution can only print binary images, the opponent will in any case have to print with decoding errors after estimation $\hat{X}$ .

We analyze two scenarios described below:

● The legitimate source and the opponent have identical printing devices; practically, this means that they use exactly the same printing setup. In this case, the legitimate source will try to look for the channel such that for a given α, the legitimate party will have a probability of missed detection β^∗ such that

β^{*} = min_{C} β (α) .

(56)

In this case, the opponent is passive and has no strategy but duplicating the graphical code.

● The opponent can modify its printing channel $C_{o}$ (here, we assume that he can change the variance of its noise), practically it means that he can modify one or several parameters of the printing setup without being detected. The opponent then tries to maximize the probability of false detection by choosing the adequate printing channel, and the legitimate sources will adopt the printing channel $C_{l}$ which will minimize the probability of false detection. We end up with what is called a min-max game in game theory, where the optimal β^∗ is the solution of

β^{*} = min_{C_{l}} max_{C_{o}} β (α) .

(57)

● In this case, the opponent is active since he tries to adapt his strategy in order to degrade the authentication performance.

Because the expressions of β(α) is not simple and have to be computed using the asymptotic expressions (31) and (32), we cannot solve this problem analytically and we have to use numerical calculus instead.

We conduct this analysis for the generalized Gaussian model, where we assume that the parameters m_b and m_w are constant for the main and the opponent channels (which implies that the scanning process has the same calibration for the two types of images). We assume that the main channel and the opponent channel variances are respectively denoted $σ_{m}^{2}$ and $σ_{o}^{2}$ and are identical for black and white dots.

5.1.2 Passive opponent

Here, the opponent has to undergo a channel identical to the main channel; the only parameter of the optimization problem (56) is consequently σ_m. Figure 5 presents the evolution of β w.r.t. σ_m for α=10⁻⁶ and m_b=50, m_w=150. For each channel configuration, we can find an optimal configuration; this configuration offers a smaller probability of error for b=6 than for b=2 or b=1. It is not surprising to notice that in each case, β is important whenever σ_m is very small (i.e., when the print and scan noise is very small, hence the estimation of the original code is easy) or very large (i.e., when the print and scan noise is so important that the original and forgery become equally noisy).

5.1.3 Active opponent

In this setup, the opponent can use a channel of different variance $σ_{o}^{2}$ than the main channel $σ_{m}^{2}$ and tries to solve the game defined in (57). Figure 6 shows the evolutions of β w.r.t. σ_o for different σ_m. We can see that in each case it is in the opponent interest to optimize his channel. Note that even if we assume that the opponent print and scan channel is perfect ( ${\hat{x}}^{N} = z^{N}$ ), because the input of the printer has to be binary and because the opponent will make decoding errors by estimating the original code, the copied printed code will be necessarily different from the original printed code (see Figure 1), which implies a perfect discrimination between the two hypotheses.

Figure 7 shows the evolution of best opponent strategy $max_{σ_{o}} β$ w.r.t. σ_m. By comparing it with Figure 5, we can see that the opponent’s probability of non-detection can be multiplied by one or several orders of magnitude (×10⁷ for b=1, ×10⁵ for b=2, and ×10 for b=6).

6 Impact of the estimation of the print and scan channel

The previous scenarios assume that the receiver has a full knowledge of the print and scan channel. Here, we assume that the receiver also has to estimate the opponent channel before performing authentication. From the estimated parameters, the receiver will compute a threshold and a log-likelihood test. Depending on the number of observations N_o, the estimated model and test will decrease the performance of the authentication system.

We consider that the opponent uses a different printing device unknown from the legitimate party. According to (6) and (7), the parameters to be estimated are P_e,W, P_e,B, m_b, m_w, and σ=σ_b=σ_w. We use the classical expectation maximization (EM) algorithm combined with Newton’s method to solve the maximization step as these distributions are discrete and have the finite support of the gray-level range.

Figure 8 shows the authentication performances using an estimated Gaussian model (b=2) from N_o=2,000 observed symbols. We can notice that the performance is very close to an exact knowledge of the model. This analysis shows also that if the receiver has some assumptions of the opponent channel and enough observations, he should perform model estimation instead of using the thresholding strategy. Figure 9 shows the importance of model estimation when comparing it to a blind authentication test when the receiver assumes that both the opponent channel and his channel are identical.

7 Conclusions

This paper brings numerous conclusions on the authentication using binary codes corrupted by a manufacturing stochastic noise:

● The nature of the receiver’s input is of upmost importance, and thresholding is a bad strategy with respect to getting an accurate version of the genuine or forged code, except if the system requires it, due for example to computational requirements.

● The Gaussian approximation used to compute the ROC of the authentication system are not valuable anymore for very low type I or type II errors. Cramér Chernoff bound or Monte Carlo simulations using importance sampling can be used instead to achieve accurate values of these probabilities. The proposed methodology is not impacted by the nature of the noise and can be applied for different memoryless channels that are more realistic for modeling the printing process.

● It is in the opponent’s interest to adapt its channel in order to decrease the authentication performances of the system; this can be possible by solving a max-min game.

● If the opponent’s print and scan channel remains unknown for the receiver, he can use estimation techniques such as the EM algorithm in order to estimate the channel.

Our future works will consist in evaluating the impact of the noise model on the authentication performance; this first analysis suggests that sparse distributions are less favorable for authentication than dense distributions, but this has to be confirmed by a deeper study.

Endnote

^a One can show that e^−sλg_L(s ; H_j) is a convex function of s.

Appendix

Information theoretic comparison between hypothesis testing with and without thresholding

In this appendix, we aim at establishing an inequality between the average of the two log-likelihood tests (14) and (15). The greater is the discrimination between the two distributions involved in the log-likelihood test, the best is the authentication performance. The expected value of the log-likelihood test (12) with respect to any of the two distributions involved in the ratio is the Kullback-Leibler divergence or discrimination defined as

L (P_{Y ∣ X}^{N}; P_{Z ∣ X}^{N}) = \sum_{v^{N} \in V^{N}} P_{Y ∣ X}^{N} (v^{N} ∣ x^{N}) log \frac{P_{Y ∣ X}^{N} (v^{N} ∣ x^{N})}{P_{Z ∣ X}^{N} (v^{N} ∣ x^{N})},

(58)

the base of the logarithm being arbitrary. In the remainder of this paper, we settle on base 2.

In ([14], p. 114), the author provides an interesting inequality relating the discrimination to type I and type II errors in hypothesis testing. This relation is stated by the following lemma:

Lemma 1

(see the former reference for the proof) For any partition $(ℋ_{0}, ℋ_{1})$ of the observation space $V^{N}$ , the probabilities of type I and II errors satisfy

L (P_{Y ∣ X}^{N}; P_{Z ∣ X}^{N}) \geq α log \frac{α}{1 - β} + (1 - α) log \frac{1 - α}{β} .

(59)

In our authentication model, the likelihood test is performed conditionally to an available side information involving two types of data x. One type for black points and the second one for white points in the original code. In accordance to this, we express now the discrimination quantity for the two proposed strategies in order to establish the desired inequality:

\begin{array}{l} L (P^{N} ({\tilde{X}}^{N} ∣ x^{N}, H_{0}); P^{N} ({\tilde{X}}^{N} ∣ x^{N}, H_{1})) \\ = \sum_{{\tilde{x}}_{1}} \dots \sum_{{\tilde{x}}_{N}} P^{N} ({\tilde{x}}^{N} ∣ x^{N}, H_{0}) log \frac{P^{N} ({\tilde{x}}^{N} ∣ x^{N}, H_{0})}{P^{N} ({\tilde{x}}^{N} ∣ x^{N}, H_{1})}, \end{array}

(60)

and

\begin{array}{l} L (P^{N} (O^{N} ∣ x^{N}, H_{0}); P^{N} (O^{N} ∣ x^{N}, H_{1})) \\ = \sum_{v_{1}} \dots \sum_{v_{N}} P_{Y ∣ X}^{N} (v^{N} ∣ x^{N}) log \frac{P_{Y ∣ X}^{N} (v^{N} ∣ x^{N})}{P_{Z ∣ X}^{N} (v^{N} ∣ x^{N})} . \end{array}

(61)

For the sake of simplicity, we develop proofs and details for the second strategy only and give results for the thresholding case for which all developments are likewise the former. Regarding the additivity theorem ([14], theorem 4.3.7) for independent sequences and reminding that the distribution of each component of the sequence ( $O^{N} ∣ x^{N})$ is the same for each type of data x, the discrimination quantity becomes

\begin{array}{l} L (P^{N} (O^{N} ∣ x^{N}, H_{0}); P^{N} (O^{N} ∣ x^{N}, H_{1})) \\ = N_{W} \times \sum_{v \in V} P_{Y ∣ X} (v ∣ 1) log \frac{P_{Y ∣ X} (v ∣ 1)}{P_{Z ∣ X} (v ∣ 1)} \\ + N_{B} \times \sum_{v \in V} P_{Y ∣ X} (v ∣ 0) log \frac{P_{Y ∣ X} (v ∣ 0)}{P_{Z ∣ X} (v ∣ 0)} . \end{array}

(62)

Given a composition (or relative frequency) for X P_X={N_W/N, N_B/N}, we have

\begin{array}{l} L (P^{N} (O^{N} ∣ X^{N}, H_{0}); P^{N} (O^{N} ∣ X^{N}, H_{1})) \\ = N \times L (P_{Y ∣ X}; P_{Z ∣ X} ∣ P_{X}), \end{array}

(63)

where L(P_Y/X; P_Z/X∣P_X) is the average discrimination. Similarly, we obtain for the first strategy the relation

L (P^{N} ({\tilde{X}}^{N} ∣ X^{N}, H_{0}); P^{N} ({\tilde{X}}^{N} ∣ X^{N}, H_{1})) = N \times L (P_{e, x}; {\tilde{P}}_{e, x} ∣ P_{X}) .

(64)

Corollary 1

Given an i.i.d outcome X^N=x^N with composition, or type P_X, for any partition of the observation space $(ℋ_{0}, ℋ_{1})$ , the probabilities of type I and II errors satisfy

L (P_{Y ∣ X}; P_{Z ∣ X} ∣ P_{X}) \geq \frac{1}{N} (α log \frac{α}{1 - β} + (1 - α) log \frac{1 - α}{β}) .

(65)

Proof.

The proof is straightforward by combining (59) and (63).

Corollary 2

Consider a partition of the observation space $(ℋ_{0}, ℋ_{1})$ with probability of type I error α; then, the probability of type II error is lower bounded by

β \geq 2^{- [NL (P_{Y ∣ X}; P_{Z ∣ X} ∣ P_{X}) + h (α)] / (1 - α)} .

(66)

Proof.

From the previous corollary, we have

\begin{align} - (1 - α) log β & \leq NL (P_{Y ∣ X}; P_{Z ∣ X} ∣ P_{X}) - α log α \\ - (1 - α) log (1 - α) + α log (1 - β) . \end{align}

Setting h(α)=−α logα−(1−α) log(1−α), which is the binary entropy (≤ 1), and observing that α log(1−β)≤0, we can write the inequality

- (1 - α) log β \leq NL (P_{Y ∣ X}; P_{Z ∣ X} ∣ P_{X}) + h (α) .

(67)

It is desired that this lower bound is very small which is obviously possible with large values of the quantity L(P_Y∣X; P_Z∣X∣P_X).

Theorem 1

For the two strategies of the receiver, we have

L (P_{Y ∣ X}; P_{Z ∣ X} ∣ P_{X}) \geq L (P_{e, x}; {\tilde{P}}_{e, x} ∣ P_{X})

Proof.

\begin{align} L (P_{Y ∣ X}; P_{Z ∣ X} ∣ P_{X}) \\ = \sum_{x = 0, 1} P_{X} (x) \sum_{v \in V} P_{Y ∣ X} (v ∣ x) log \frac{P_{Y ∣ X} (v ∣ x)}{P_{Z ∣ X} (v ∣ x)}, \\ \sum_{x = 0, 1} P_{X} (x) \sum_{v \in D_{W}} P_{Y ∣ X} (v ∣ x) log \frac{P_{Y ∣ X} (v ∣ x)}{P_{Z ∣ X} (v ∣ x)}, \\ + \sum_{x = 0, 1} P_{X} (x) \sum_{v \in D_{W}^{c}} P_{Y ∣ X} (v ∣ x) log \frac{P_{Y ∣ X} (v ∣ x)}{P_{Z ∣ X} (v ∣ x)}, \\ \overset{(a)}{\geq} \sum_{x = 0, 1} P_{X} (x) \sum_{v \in D_{W}} P_{Y ∣ X} (v ∣ k) log \frac{\sum_{v \in D_{W}} P_{Y ∣ X} (v ∣ x)}{\sum_{v \in D_{W}} P_{Z ∣ X} (v ∣ x)}, \\ + \sum_{x = 0, 1} P_{X} (x) \sum_{v \in D_{W}^{c}} P_{Y ∣ X} (v ∣ x) log \frac{\sum_{v \in D_{W}^{c}} P_{Y ∣ X} (v ∣ x)}{\sum_{v \in D_{W}^{c}} P_{Z ∣ X} (v ∣ x)}, \\ \overset{(b)}{=} \sum_{x = 0, 1} P_{X} (x) (P_{e, x} log \frac{P_{e, x}}{{\tilde{P}}_{e, x}} + (1 - P_{e, x}) log \frac{(1 - P_{e, x})}{(1 - {\tilde{P}}_{e, x})}), \\ = \sum_{x = 0, 1} P_{X} (x) L (P_{e, x}, {\tilde{P}}_{e, x} ∣ x), \\ = L (P_{e, x}, {\tilde{P}}_{e, x} ∣ P_{X}) . \end{align}

(a)
is obtained from the log-sum inequality: $\underset{i = 1}{\sum^{N}} a_{i} log \frac{a_{i}}{b_{i}} \geq (\underset{i = 1}{\sum^{N}} a_{i}) log \frac{\underset{i = 1}{\sum^{N}} a_{i}}{\underset{i = 1}{\sum^{N}} b_{i}}$ .
(b)
since $P_{e, x} = \sum_{v \in D_{W}} P_{Y ∣ X} (v ∣ x)$ , ${\tilde{P}}_{e, x} = \sum_{v \in D_{W}} P_{Z ∣ X} (v ∣ x)$ , $1 - P_{e, x} = \sum_{v \in D_{W}^{c}} P_{Y ∣ X} (v ∣ x), 1 - {\tilde{P}}_{e, x} = \sum_{v \in D_{W}^{c}} P_{Z ∣ X} (v ∣ x)$ .Figure 10 plots a comparison between the Kullback-Leibler divergences with and without thresholding w.r.t. the variance of Gaussian model of the physical devices, we can see that the divergence is smaller with thresholding than without.

References

WCO: Global congress addresses international counterfeits threat immediate action required to combat threat to finance/health. . Accessed 14 Nov 2005 http://www.wcoomd.org/en/media/newsroom/2005/november
WCO: Counterfeiting and piracy endangers global economic recovery, say global congress leaders. . Accessed 3 Dec 2009 http://www.wipo.int/pressroom/en/articles/2009/article_0054.html
Haist T, Tiziani HJ: Optical detection of random features for high security applications. Optic. Comm 1998, 147(1–3):173-179.
Article Google Scholar
Suh GE, Devadas S: Physical unclonable functions for device authentication and secret key generation. In Proceedings of the 44th Annual Design Automation Conference. ACM, San Diego; 2007:9-14.
Google Scholar
Gaubatz MD, Simske SJ, Gibson S: Distortion metrics for predicting authentication functionality of printed security deterrents. In 16th IEEE International Conference on Image Processing (ICIP), 2009. Cairo, IEEE, Piscataway; 2009:1489-1492.
Chapter Google Scholar
Shariati SS, Standaert FX, Jacques L, Macq B, Salhi MA, Antoine P: Random profiles of laser marks. In Proceedings of the 31st WIC Symposium on Information Theory in the Benelux. Rotterdam; 11–12 May 2010.
Google Scholar
Picard J, Zhao J: Improved techniques for detecting, analyzing, and using visible authentication patterns. WO Patent WO/2005/067,586 28 July 2005.
Google Scholar
Picard J, Vielhauer C, Thorwirth N: Towards fraud-proof, ID documents using multiple data hiding technologies and biometrics. In SPIE Proceedings–Electronic Imaging, Security and Watermarking of Multimedia Contents VI. San Jose; 2004:123-234.
Google Scholar
Baras C, Cayre F: 2D bar-codes for authentication: a security approach. In Proceedings of EUSIPCO 2012. Bucarest; 27 Sept 2012.
Google Scholar
Diong M, Bas P, Pelle C, Sawaya W: Document authentication using 2D codes: maximizing the decoding performance using statistical inference. In Communications and Multimedia Security. Springer, Kent; 2012:39-54.
Chapter Google Scholar
Dirik AE, Haas B: Copy detection pattern-based document protection for variable media. Image Process. IET 2012, 6(8):1102-1113. 10.1049/iet-ipr.2012.0297
Article MathSciNet Google Scholar
Beekhof F, Voloshynovskiy S, Farhadzadeh F: Content authentication and identification under informed attacks. In 2012 IEEE International Workshop on Information Forensics and Security (WIFS). IEEE, Tenerife; 2012:133-138.
Chapter Google Scholar
A-T Phan Ho, B-A Hoang Mai, Sawaya W, Bas P: Document authentication using graphical codes: impacts of the channel model. In ACM Workshop on Information Hiding and Multimedia Security. Montpellier, ACM, New York; 2013.
Google Scholar
Blahut RE: Principles and Practice of Information Theory. (Addison-Wesley; 1987.
MATH Google Scholar
Picard J: Digital authentication with copy-detection patterns. Electron. Imaging 2004, 5310: 176-183.
Google Scholar
Dembo A: Large Deviations Techniques and Applications. Stochastic Modelling and Applied Probability. Springer; 2010.
Book Google Scholar
Gallager RG: Information Theory and Reliable Communication. Wiley; 1968.
MATH Google Scholar
Hammersley JM, Handscomb DC, Weiss G: Monte Carlo methods. Phys. Today 1965, 18: 55.
Article Google Scholar
Lin C-Y, Chang S-F: Distortion modeling and invariant extraction for digital image print-and-scan process. In Proceedings of International Symposium on Multimedia Information Processing. Taipei; Dec 1999.
Google Scholar

Download references

Acknowledgements

This work was partly supported by the National French project ANR-10-CORD-019 ‘Estampille’.

Author information

Authors and Affiliations

Institut-Telecom-LAGIS, Telecom-Lille, Rue Guglielmo Marconi, Villeneuve-d’Ascq, 59650, France
Anh Thu Phan Ho & Wadih Sawaya
LAGIS, Telecom-Lille, Rue Guglielmo Marconi, Villeneuve-d’Ascq, 59650, France
Bao An Mai Hoang
CNRS-LAGIS, Cite Scientifique, 59651, Villeneuve-d’Ascq, 59650, France
Patrick Bas

Authors

Anh Thu Phan Ho
View author publications
You can also search for this author in PubMed Google Scholar
Bao An Mai Hoang
View author publications
You can also search for this author in PubMed Google Scholar
Wadih Sawaya
View author publications
You can also search for this author in PubMed Google Scholar
Patrick Bas
View author publications
You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Anh Thu Phan Ho.

Additional information

Competing interests

The authors declare that they have no competing interests.

Authors’ original submitted files for images

Below are the links to the authors’ original submitted files for images.

Authors’ original file for figure 1

Authors’ original file for figure 2

Authors’ original file for figure 3

Authors’ original file for figure 4

Authors’ original file for figure 5

Authors’ original file for figure 6

Authors’ original file for figure 7

Authors’ original file for figure 8

Authors’ original file for figure 9

Authors’ original file for figure 10

Rights and permissions

Open Access This article is distributed under the terms of the Creative Commons Attribution 2.0 International License (https://creativecommons.org/licenses/by/2.0), which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

Reprints and permissions

About this article

Cite this article

Phan Ho, A.T., Mai Hoang, B.A., Sawaya, W. et al. Document authentication using graphical codes: reliable performance analysis and channel optimization. EURASIP J. on Info. Security 2014, 9 (2014). https://doi.org/10.1186/1687-417X-2014-9

Download citation

Received: 21 October 2013
Accepted: 17 April 2014
Published: 05 June 2014
DOI: https://doi.org/10.1186/1687-417X-2014-9

Document authentication using graphical codes: reliable performance analysis and channel optimization

Abstract

1 Introduction

1.1 Addressed problem and related works

1.2 Notations

1.3 Setup

1.4 Contributions of the paper

2 The authentication channel

2.1 Channel modeling

2.2 Receiver’s strategies: thresholding or not?

2.2.1 Binary thresholding

2.2.2 Gray-level observations

3 Impacts of the receiver’s strategies on hypothesis testing

3.1 Authentication via binary thresholding

3.2 Authentication via gray-level observations

3.3 Authentication with thresholding vs authentication without thresholding

4 Toward reliable performance evaluation

4.1 Gaussian approximation

4.2 Asymptotic expression

4.3 Numerical computations of α and β via importance sampling

Proposition 1

Proof

Proposition 2

Proof.

4.4 Practical performance analysis

5 Optimal configurations for authentication

5.1 Optimal configurations by modification of the printing channel

5.1.1 Problem setting

5.1.2 Passive opponent

5.1.3 Active opponent

6 Impact of the estimation of the print and scan channel

7 Conclusions

Endnote

Appendix

Information theoretic comparison between hypothesis testing with and without thresholding

Lemma 1

Corollary 1

Proof.

Corollary 2

Proof.

Theorem 1

Proof.

References

Acknowledgements

Author information

Authors and Affiliations

Corresponding author

Additional information

Competing interests

Authors’ original submitted files for images

Rights and permissions

About this article

Cite this article

Share this article

Keywords