Validating a user's identity utilizing information embedded in a image file

摘要

A mechanism is provided for validating an identity of a user. A signed electronic identification document is received from the user. A signature of the signed electronic identification document is compared utilizing a public key obtained from a certificate authority forming first information and a first image associated with the user. The first information and the first image associated with the user are presented via a user interface associated with a challenge terminal. Responsive to a positive indication that the first information and the first image are associated with the user and responsive to a request to perform additional validation of the user, a read of steganographic information embedded in the first image associated with the user is attempted. Responsive to reading the steganographic information embedded in the first image associated with the user, the identity of the user is validated.

主权项

1. A method, in a data processing system, for validating an identity of a user, the method comprising:
receiving a signed electronic identification document from the user; comparing a signature of the signed electronic identification document utilizing a public key obtained from a certificate authority forming first information associated with the user and a first image of the user, wherein the certificate authority originally issued the signed electronic identification document to the user; presenting the first information associated with the user and the first image of the user via a user interface associated with a challenge terminal; responsive to a positive indication that the first information associated with the user and the first image of the user are associated with the user and responsive to a request to perform additional validation of the user, attempting a read of steganographic information embedded in the first image of the user, wherein the steganographic information is embedded in the first image of the user in the signed electronic document by modifying chrominance of pixel data in the first image of the user in the signed electronic identification document to store binary information by:
identifying the first image of the user to be included in the signed electronic identification document;identifying one or more pieces of information associated with the user to be hidden within the first image of the user;transforming color coefficients for each pixel of the first image of the user into one or more chromatic coefficient values;averaging adjacent chromatic coefficient values of the color coefficients into single chromatic coefficient values resulting in a subsampled chromatic coefficient values;transforming the subsampled chromatic coefficient values utilizing a forward Discrete Cosine Transform (DCT) into a set of frequencies thereby hiding the one or more pieces of information associated with the user;quantizing remaining frequency coefficient values by dividing each frequency coefficient value by an associated quantization value;eliminating high frequency coefficients;re-ordering all the quantized frequency coefficient values into a “zig-zag” order;executing a simple Run-Length Encoding (RLE) to compress the high frequency coefficient values;executing a Differential Pulse Code Modulation (DPCM) to compress a first low frequency coefficient value;executing a Huffman algorithm to compress all of the quantized frequency coefficient values resulting in Huffman tree information; andstoring the Huffman tree information in a header of the first image of the user in the signed electronic document; and responsive to reading the steganographic information embedded in the first image of the user in the signed electronic document, validating the identity of the user.