Technological University Dublin Technological University Dublin
ARROW@TU Dublin ARROW@TU Dublin
Conference papers School of Electrical and Electronic Engineering
2014
Stegacryption of DICOM Metadata Stegacryption of DICOM Metadata
Jonathan Blackledge
Technological University Dublin
, jonathan.blackledge@tudublin.ie
A. Al-Rawi
University of Bahrain
, abdulrahman.alrawi@gmail.com
Follow this and additional works at: https://arrow.tudublin.ie/engscheleart
Recommended Citation Recommended Citation
Blackledge, J., Al-Rawi, A.: Stegacrypion of DICOM Metadata. IET ISSC 2014, University of Limerick,
Ireland, June 26-27, 2014.
This Conference Paper is brought to you for free and
open access by the School of Electrical and Electronic
Engineering at ARROW@TU Dublin. It has been accepted
for inclusion in Conference papers by an authorized
administrator of ARROW@TU Dublin. For more
information, please contact arrow.admin@tudublin.ie,
aisling.coyne@tudublin.ie.
This work is licensed under a Creative Commons
Attribution-Noncommercial-Share Alike 4.0 License
IET ISSC 2014, University of Limerick, June 26–27
Stegacryption of DICOM Metadata
J. Blackledge
⇤
and A. Al-Rawi
⇤⇤
⇤
School of Electrical
⇤⇤
College of Applied Studies
and Electronic Engineering University of Bahrain
Dublin Institute of Technology, Ireland Kingdon of Bahrain
E-mail:
⇤
jonathan.blackledge@dit.ie
⇤⇤
aalrawi@uob.edu.bh
Abstract — Digital Imaging and Communications in Medicine (DICOM) files are an
international data standard for storing, distributing and processing medical images of
all types. DICOM files include a header file containing Metadata on details which may
include information on the patient. This often inhibits the free distribution of DICOM
files due to issues relating to the confidentiality of data on identifiable living people,
thereby limiting the potential for other radiologists to provide a diagnosis, for example,
through distribution of the data over the Internet. This problem is a current limiting
condition with regard to the development of Tele-medical imaging. Thus in this paper we
consider a method of encrypting and embedding (or Stegacrypting) DICOM Metadata
into the DICOM image, thereby providing a solution to a problem that currently inhibits
the distribution of medical images using a file type that is an established international
standard. The proposed method removes or ‘anonymises’ the private data, encrypt
it and then embeds it into the DICOM image in an imperceptible way. The specific
algorithm developed retains the private data attache d to a DICOM image even when
the image is converted into a standard image file format.
Keywords — Coding and Encryption, Information Hiding , Medical Image Processing,
Digital Imaging and Communications in Medicine
IIntroduction
The Digital Imaging and Communications in
Medicine or DICOM format is an international
standard for visualising and and p r ocessing med-
ical images. A number of ‘DICOM viewers’ are
now available for interpreting and processing med-
ical images such as OsiriX [1]. The increasing use
of such facilities means that DICOM data is and
will continue to become an increasingly import ant
and essential aspect of Tele-medical imaging world
wide for empowering mobile health using m ed ic al
informatics technologies such as MedoPad [2] and
tele-medical imaging systems such as MoletestUK
[3], for example. In this regard, one of the princi-
pal proble ms associated with the world wide dis-
tribution of DICOM data over the internet is the
confidentiality of th e patient information which is
held in the Metadata associated with a DICOM
image by default. Thus the problem is to find a
solution to the distribution of DICOM files that
conforms to data protection legislation which pre-
vents the processing and analysis of data on iden-
tifiable livi ng people and thereby includes patient
data associated with a DICOM file.
Figiure 1 show a typical example of a DICOM
image visualised using the OsiriX imaging software
and an example of a section of the Metadata asso-
ciated with such images. In the context of this fig-
ure, we consider a method of encrypting the Meta-
data and hiding the resulting ciphertext in the cor-
responding image so that the image can then be
distributed as a DICOM file or otherwise with a
guarantee of patient confidentiality. The method
of both encrypting th e data and using Stegano-
graphic methods of hiding it in an image is known
as Stegacryption and in this paper we provid e an
algorithm that uses an integer wavelet t ran sf or m
whose output is used to embedded a b in ar y cipher-
text.
Fig. 1: Example DICOM image viewed using OsiriX [1]
(above) and some example DICOM Metadata (below).
II Digital Imaging and Communications
in Medicine
Digital Imaging and Communications in Medicine
(DICOM) is a standard for handling, storing, and
transmitting information in medical imaging. DI-
COM files can be exchanged between two entities
that are capable of receiving image and patient
data in DICOM format. The Nati on al Electri-
cal Manufacturers Association (NEMA) holds the
copyright to this standard [4] and is t h e interna-
tional standard for medical images and related in-
formation (ISO 12052). DICOM defines the for-
mats for medical images that can be exchanged
with the data and quality necessary for clinical use
and is implemented in almost every radiology, car-
diology imaging, and radiotherapy device (X-ray,
CT, MRI, ultrasound, etc.), and, increasingly, in
devices in other medical domains such as ophthal-
mology and dentistry [5].
DICOM was introduced in 1993 after some ten
years of standards development from the early
1980s when only manufacturers of CT or MR imag-
ing devices could deco d e the images that the early
machines generated. It di↵ers from some, but not
all, data formats in that it group s information into
data sets. Thus, for example, a fi le of an X-Ray
image actually contains the patient ID, Name, etc.
within the file, so that the image can never be
separated from this information by mistake. This
is similar to the way that image format s such as
JPEG can also have embedded tags to identify and
describe the image.
DICOM has an information model which di↵er-
entiates it from other standards used in the medi-
cal industries sector. The model is based on infor-
mation objects which include d efi ni t i ons on the in-
formation to be exchanged. Each image type, and
therefore information object , has specific charac-
teristics. A CT image, for example, requir es dif-
ferent descriptors in the image header compared to
an ultrasound image or an ophthalmology image.
These templates are identified by unique identi-
fiers which are registered by the National Electrical
Manufacturers Association (NEMA), the DICOM
standard facilitator. Information objects ar e also
known as part of the Service Object Pair (SOP)
Classes. An example of a SOP Class is the CT
Storage S O P Class, which allows CT images to be
exchanged [6].
The DICOM standar d contains a number of ma-
jor enhancements to previous versions of the ACR-
NEMA Standard including the following [7]:
1. It is applicable to a networked environment,
whereas the ACR-NEMA Standard was appli-
cable in a point- t o-point environment only.
2. It is applicable to an o↵-line media environ-
ment, while the ACR-NEMA Standard did
not specify a file format or choice of physical
media or logical files ystem.
3. It specifies how devices claiming conformance
to the Standard react to commands and data
exchanged in addition to specifying levels of
conformance.
4. It is structured as a multi-part document.
5. It intr oduces explicit Information Objects not
only for images and graphics but also for
waveform s, r eports, printing, etc.
6. It specifies an established technique for
uniquely identifying any Information Object.
In the following section, we re vi e w some of the
principal encrypted or otherwise information hid-
ing techniques that have been specifically d esi gn ed
for medical images including DICOM data.
III Medical Image Information Hiding
A number of techniques have been proposed for
both encrypting and hiding data relating to t he
medical imaging field using both spatial and trans-
form based techniques. For exampl e , in [8], a
method for imperceptibly embedding patient in-
formation in an associated medical images is con-
sidered. The patient’s name and ID are converted
into contiguous binary streams and each stream
encoded using arithmetic coding. The encoded in-
formation is then embedded into the image pixels
using a basic Least Significant Bits approach and
sent to the receiver. The receiver requires the de-
coding software to decode the extracted data and
regenerate the patients personal information. A
medical image watermarking scheme base d on his-
togram modification and block division di↵erences
is considered in [9] and a block-based approach
coupled with a histogram shift between the local
minimum and maximum frequencies is considered
in [10] and [15]. Specific organ segmentation based
approaches are considered in [11] for CT imagi n g,
an LSB modification scheme that detects and re-
covers image tampering using a Region-of-Interest
approach is considered in [12], [13] and [14] and
a method for distor t ion -f r ee, reversible and frag-
ile medi cal image watermarking is given in [16].
Other watermarking schemes that focus on appli-
cations in medical imaging include those that com-
bine lossless compressi on and encryption [17] in-
cluding blind watermarking assuming a DICOM
format [18], [19] and [20].
Application of the Discrete Cosine Transform
for watermarking medical images and high capac-
ity multiple watermarking methods are reported
in [21] and [22], respectively. An approach that
utilises the wavelet transform is considered in [23]
in wh i ch a dual-tree wavelet transform with Bi-
variate Shri nkage is use d. The Dual-Tree Com-
plex Wavelet Transform (D T- C WT ) uses a dual
tree composed of a discrete and complex wavelet
transform which enh anc es the robustness of the
method an d overcomes DWT drawbacks such as
poor directionality, shift sensitiv i ty and absence of
phase information. However, Bivariate Shrinkage,
a method for image thresholding, yields high per-
formance with regard to de-noising images utilising
the statistical dependence between wavelet coeffi-
cients and th ei r parent. The embedding method
starts by computing the wavelet transform using
the DT-CWT and select in g the appropriate sub-
bands. The watermark is ‘managed’ by rep et i -
tion (using a key) for increased robustness and
the data is embedded into the wavelet coefficients
with an ability to b al anc e robustness and fidelity.
The extraction process is performed by estimatin g
the appropriate coefficients from the CWT trans-
form of the stego image and resorting the water-
mark bits. An adaptive data hiding method us-
ing i nteger wavelet transform coefficient s is pro-
posed in [24] using the adaptive data hiding algo-
rithm presente d in [25]. The original medical im-
age histogram is modified to overcome the under-
flow/overflow problem and a 4-level integer trans-
form undertaken. The multiple embedding water-
mark process start s by first deciding upon the hid-
ing capacity followed by embedding the data into
the LH1, the EPR data into HL2 and LH3, the in-
dex watermark in HL3 and LH3 and fin all y, the
IAC (Image Authenticat ion Code) data in HL4
and LH4. Data extraction is achieved using the
same method after assessment of the embedding
data length, watermark embedding (wh i ch is based
on the ‘edge coefficients’) being bas e d on the ab-
solute values.
Hav i ng researched the relevant literature , it is
clear that there are no methods currently available
for Stegacrypting DICOM images and no interna-
tional standard has been developed to-date. In th is
context, the following section considers a new algo-
rithm that has been prototyped using a MATLAB
programming environment based on extending the
approach used in [24] .
IV DICOM Information Hiding
The method proposed in this section aims to pro-
tect the private information asso c iat e d with a DI-
COM image from unauthorised access. The DI-
COM standard embeds the confidential data into
the DICOM header. Here, we embed the en-
crypted con fi de ntial information into the DICOM
image itself and remove it from the DICOM ‘Ob-
ject’. This provides a way of protecting the private
data from unauthorised personnel while keepin g
that data accessible to authorised users even when
the DICOM object is converted into an ordinary
image format. This is of particular value with re-
gard to the distribution of DICOM images between
radiologists as curre nt practices restrict this activ-
ity due to the confidential nature of the patient
information th at accompanies a DICOM image.
In turn, this restriction limits the open access ap-
proach asso ci at ed with ‘best practice’ in terms of
research and development in medical image analy-
sis and the implementation of new medical image
processing algorit hm s for specific medical condi-
tions, diagnostic requirements and training.
Figure 2 illustrates the proposed DICOM infor-
mation embedding and extraction algorithms.
The principal algorithms associ ate d with the
proposed DICOM Metadata inform at ion hiding
methods are summarised as follows
a) Algorithm I: DICOM Encryption and Embed-
ding Algorithm
Step 1: Read the DICO M image data as img and
the DICOM Metadata as info.
Fig. 2: DICOM information hiding. (a) Embedding
algorithm; (b) Extraction algorithm.
Step 2: Specify the confidential attributes in the
info structure based on the Confidentiality Profile
At t r ib u te s li st ed in [26].
Step 3: Encrypt the info c onfi d ential attributes
and convert them into a binary s t re am .
Step 4: Apply an Integer Wavelet Transform to
the DICOM image data img to obtain the LL1,
LH1, HL1 and HH1 coefficients.
Step 5: Determine the LSBs to be used as the
embedding location(s) in the LL sub-band of the
Wavelet transform.
Step 6: Determine the DICOM image data img
LSB to be used as the embedding location(s).
Step 7: Embed the encrypted binary stream into
the specified embedding location.
Step 8: Remove the confidential attributes con-
tent from the info structure.
Step 9: Reconstruct the original image data img
by applying the Inverse Integer Wavelet Trans-
form.
Step 10: Write the modified img an d info into a
new stego-DICOM file.
The following points sh oul d be noted:
• Any commercial or otherwise encryption
method can be ap pl i ed that generates a bi-
nary ciphertext of the Matedata.
• If t he DICOM image is to be saved as an or-
dinary image, the img pixel values must be
quantised to the intended image pixel colour
range (8-bi s, 16-bits, etc.). The original img
range (min i mum and maximum values) must
be also stored.
• The LL sub-band of the transformed medi-
cal image is selected for embedding the water-
mark because it is more robust to attacks such
as low-pass filtering. However, changing the
LL coefficients causes more perceptual distor-
tion to the DICOM image if many pixels are
altered. This issue can be solved by compress-
ing the watermark data (before encryption).
b) Algorithm II: DICOM Extraction and Decr y p-
tion Algorithm
Step 1: Read the stego-DICOM image data as
img and the DICOM Metadata as info.
Step 2: Specify the confidential attributes in the
info structure based on the Confidentiality Profile
At t r ib u te s li st ed in [26].
Step 3: Apply the Integer Wavelet Transform to
the DICOM image data img to obtain t h e LL1,
LH1, HL1 and HH1 coefficients.
Step 4: Determine the DICOM image data img
LSBs used in the embedding process from the LL
sub-band of the Wavelet transform, and then ex-
tract the hidden data.
Step 5: Decrypt the extracted bits using the same
encryption key to recover the confidential attribute
values.
Step 6: Re-write the extracted values to the con-
fidential attributes in the info structure.
Step 7: Write the modified info to a DICOM file.
The following point should be note d: if the im-
age to be read in Step 1 is not DICOM, the stored
DICOM image data range (minimum and maxi-
mu m values) must be used to extract the hidden
information.
Figure 3 illustrates the perceptual quality of a
typical modified medical image using the proto-
type m-code for impleme nting the Algorithms I
and II as given in [27].
c) Example Results
A set of 10 DICOM images of di↵erent sizes are
examined in 4. The original and stego medical
images are shown in ord er to illustrate the per-
ceptual quality of the modified images. Moreover,
the MSE (Mean Square Error) and PSNR (Peak
Signal-to-Noise Ratio) values are listed as subjec-
tive measures for the Stegocrypted images.