Fax technology is commonly used to transmit legal documents and other sensitive images. If not properly secured, these images can be eavesdropped or altered without the sender or recipient knowing. The ITU standard that defines the means to transmit a facsimile image over the public switched telephone network (PSTN), T.30, provides a means to encrypt and sign the message. However, this encryption uses 40-bit session keys, which are weak by current standards. Using Secure JPEG 2000, also referred to as JPSEC, can be a method to secure the image contents with stronger encryption and data integrity. Since JPSEC is being used here to secure images sent using T.30, the same methods can be used to secure images sent in real-time over the IP network using T.38.
JPSEC provides “tools” that are used to protect the image and produce a JPSEC codestream. JPSEC tools can be applied to the original image, a JPEG 2000 codestream, or another JPSEC codestream. This allows the use of multiple tools to secure an image. The JPSEC standard can be extended through the development of tools, which can be used privately or made public by registering with the Registration Authority (RA). By default, JPSEC provides a set of normative tools, which can be used to perform encryption, authentication, or verification of data integrity. These tools need not be applied to the entire image.
There are multiple features that JPSEC provides that improve over the current means of securing fax image data. The extendibility of JPSEC allows for future improvements to be added to the standard easily. By default, JPSEC provides support for a wider range of compression schemes than T.30, as well as key sizes larger than 40 bits. The ability to secure only a part of an image also provides flexibility not found in T.30.
Despite the advantages of JPSEC, there are some issues to be considered when transmitting facsimile images secured with JPSEC. The most important consideration is that the T.30 DIS/DCS messages currently do not have a means to specify support for JPEG 2000 or JPSEC images, so transmitting them will require the use of Non-Standard Facilities (NSF) messages in order to select these image formats. In addition, a separate key management protocol must be used in order to securely share encryption keys.