Presentation is loading. Please wait.

Presentation is loading. Please wait.

Fingerprinting and Broadcast Encryption Multimedia Security.

Published bySherman Robinson Modified over 9 years ago

Similar presentations

Presentation on theme: "Fingerprinting and Broadcast Encryption Multimedia Security."— Presentation transcript:

1 Fingerprinting and Broadcast Encryption Multimedia Security

2 2 Outline Introduction Collusion attack Traitor tracing for broadcast encryption Collusion-resilient fingerprinting Conclusions

3 3 Introduction Two types of fingerprinting –Type I: Embed fingerprints to contents –Type II: Extract fingerprints from contents … … EmbedExtract

4 4 Introduction - Type I Fingerprinting What –The process of assigning a unique key for each user' s content Why –To identify the person who acquired a particular copy –To prevent users from destroying the identification information –To trace the traitors How –Watermarking the contents with the unique keys

5 5 Introduction - Type II Fingerprinting What –Extract unique and robust image descriptors from contents Why –For the detection of replicas –For content-based image retrieval How –Select the features that best describe a given content

6 6 Introduction Talk focus –Type I fingerprinting Some related terms –Collusion attack –Traitor tracing

7 7 Introduction Collusion attack –A coalition of traitors collude to destroy the identification information and leak the content (keys) 1101110 Extraction 1001100110110100011011001111 …. Collusion attack 1101110 Pirate code

8 8 Introduction Traitor tracing –Find at least one of the colluders {,,,…, } –Can not frame innocent users {,…..} –Related researches: From Broadcast Encryption to Fingerprinting

9 9 Collusion attack Broadcast encryption –e.g. u 1 : {k 1,k 3,k 7 } u 2 :{k 3,k 5,k 7 }  pirate decoder box: {k 1,k 5,k 7 } Digital fingerprinting –Linear & non-linear collusion attacks Copy-and-paste attack

10 10 Collusion attack P d of the T N statistics under different attacks –Z. J. Wang, M. Wu, H. Zhao, W. Trappe, & K. J. R. Liu, 2003

11 11 Collusion attack Analyze the statistical features to improve the detection performance –H. V. Zhao, M. Wu, Z. J. Wang, & K. J. R. Liu, 2004 –e.g. Observe the histograms of sample means of extracted fingerprints under the average, minimum and randomized negative attacks, respectively

12 12 Traitor tracing for broadcast encryption Broadcast encryption –Amos Fiat & Moni Naor, CRYPTO’93 –Scenario of broadcast scheme A center and a set of users U The center provides the users with prearranged keys when they join the system The center wishes to broadcast a message (e.g. a key) to a dynamically changing privileged subset T in such a way that non-members cannot learn the message –Goal Securely transmit a message to all members of the privileged subset

13 13 Traitor tracing for broadcast encryption Key management –How to assign and store the keys –How to save the key storage for both the server and clients –A comprehensive survey A. Wool, 2000 A simple scheme –The extended-header scheme Suppose that a program p belongs to t packages for t users Broadcast ENC Kp (p) to users Header: IDKey 1E s1 (K p ) ….… tE st (K p )

14 14 Resiliency –A broadcast scheme is called resilient to set S if for every subset T (T∩S=Φ), no eavesdropper that has all secrets associated with members of S, can obtain knowledge of the secret common to T –k-resilient The scheme is resilient to any set S  U of size k Traitor tracing for broadcast encryption TSk U

15 15 The basic scheme –For every set B  U, 0  |B|  k, define a key K B and give K B to every user x  U-B –The common key to the privileged set T is the exclusive or of all keys K B, B  U-T –Every coalition S with less than k users will all be missing key K S and will therefore be unable to compute the common key for any privileged set T (T∩S=Φ) Traitor tracing for broadcast encryption B1B1 K B1 B2B2 BjBj K Bj K B2 T S

16 16 Tracing traitors –B. Chor, A. Fiat, M. Naor, & B. Pinkas, CRYPTO’94 & 98 –Confiscate a pirate decoder to determine the identity of a traitor –Randomly assign the decryption keys to users –Make the probability of exposing an innocent user negligible Traitor tracing for broadcast encryption

17 17 Traitor tracing for broadcast encryption A simple scheme –Keys –l hash functions h 1, h 2, …, h l h i : {1,…,n}  {1,…,2k 2 } h i (u) the ith key for user u … … ……… … … l 2k22k2

18 18 Traitor tracing for broadcast encryption –Personal key of user u –2k 2 l encrypted keys –Decrypt s i and compute secret s … … ……… … … Cipher block s Decrypt Enabling block

19 19 Traitor tracing for broadcast encryption Tracing {user 1, user 5}, {user 2, user 3, user 5}, {user5, user 6}, …,{user 2, user 7, user 9}, ….,{…} user 1 x x user 2 x …. user 5 x x x x x … user n x x

20 20 Tracing algorithm –Static tracing –Dynamic tracing –Sequential tracing Traitor tracing for broadcast encryption

21 21 Traitor tracing for broadcast encryption Static tracing –Confiscate a pirate decoder to determine the identity of a traitor –Ineffective if the pirate were simply to rebroadcast the original content –Use watermarking methods to allow the broadcaster to generate different versions of the original content –Use the watermarks found in the pirate copy to trace its supporting traitors –Drawback: requires one copy of content for each user and so requires very high bandwidth

22 22 Traitor tracing for broadcast encryption Dynamic tracing (Fiat & Tassa, 2001 ) –The content is divided into consecutive segments –Embed one of the q marks in each segment ( q versions of the segment ) Need the watermarking scheme –In each interval, the user group is divided into q subsets and each subset receives on version of the segment –The subsets are varied in each interval using the rebroadcasted content –Trace all colluders with lower bandwidth –Drawback: Vulnerable to a delayed rebroadcast attack High real-time computation for regrouping the users and allocating marks to subsets Impractical in many scenarios

23 23 Traitor tracing for broadcast encryption Sequential tracing ( Reihaneh, 2003) –The channel feedback is only used for tracing and not for allocation of marks to users –The mark allocation table is predefined and there is no need for real-time computation to determine the mark allocation of the next interval The need for real-time computation will be minimized Protects against the delayed reboradcast attack –The traitors are identified sequentially

24 24 Collusion-resilient fingerprinting Boneh-Shaw scheme –D. Boneh & J. Shaw, “Collusion-secure fingerprinting for digital data”, CRYPTO’95 –Watermarking the digital data (e.g. software, documents, music, and videos) with fingerprints –Based on Marking Assumption –Too long (too many keys) B. Chor et al. claimed: “It is much less efficient than our schemes”

25 25 Collusion-resilient fingerprinting Marking Assumption –Any coalition of c users is only capable of creating an object whose fingerprint lies in the feasible set of the coalition –Feasible set (  is the code, C is the collusion coalition, R is the set of undetectable positions, and w is the pirate code) –e.g. A: 3 2 3 1 2 B: 1 2 2 1 2 F=  ’2  ’ 1 2

26 26 Collusion-resilient fingerprinting c-Frame Proof Codes (c-FPC(l,n)) Totally c-secure code C cc x C cc Ux A x UCUC

27 27 Collusion-resilient fingerprinting Boneh & Shaw: “ There are no totally c-secure codes ” Lemma

28 28 Collusion-resilient fingerprinting n-secure code with  -error –  0 (n,d): l=d(n-1)=O(n 3 log(n/  ))  too long! –e.g.  0 (4,3) A: 111 111 111 111 111 111 B: 000 111 111 011 101 101 C: 000 000 111 000 001 101 D: 000 000 000 000 000 000 Random permutation

29 29 Collusion-resilient fingerprinting c-secure code with  -error of log length –  ’(L,N,n,d) –Compose  0 (n,d) with an (L,N)-code C x=(  (1) ||  (2) || … ||  (L))  (i)  0 |  0 |=alphabet size of C –l=O(c 4 log(N/  )log(1/  ))

30 30 Collusion-resilient fingerprinting Combinatorial designs –D. R. Stinson & R. Wei, “Combinatorial properties and constructions of traceability schemes and frameproof codes”, 1997 –Give combinational descriptions of the following two objects in terms of set systems Traceability schemes for broadcast encryption Frameproof codes for digital fingerprinting

31 31 Collusion-resilient fingerprinting –t-design (t-(v,k, )) 2-design : BIBD (Balanced incomplete block design) (9,3,1)-BIBD {0,1,6},{0,2,5},{0,3,4},{1,2,4},{3,5,6},{1,5,7}, {5,4,8},{4,6,7},{6,2,8},{2,3,7},{3,1,8},{0,7,8} e.g. J. Dittmann, P. Schmitt, E. Saar and J. Ueberberg, “Combining Digital Watermarks and Collusion Secure Fingerprints for Digital Images”, 2000 2-detecting code

32 32 Collusion-resilient fingerprinting c-Traceability Scheme (c-TS(l,n,q)) C cc U F

33 33 Collusion-resilient fingerprinting It needs tricks to construct a suitable code

34 34 Collusion-resilient fingerprinting Error correcting code (ECC) –Has systematic encoding and decoding algorithms –Distance-based decoding criterion Resilient to attacks for multimedia data  Robust than the t-design codes

35 35 Collusion-resilient fingerprinting c-TA codes (c-traceability codes) Larger minimum distances imply higher tracing ability CiCi cc xw z

36 36 Collusion-resilient fingerprinting –e.g. 2-TA: (15,3,11) 4 -BCH (120,2,96) 4 -code –It’s not easy to find practical ECCs with so large minimum distances –Reed-Solomon code (l,k,d)-RS over GF(q m ) : d=l-k+1=q m -1-k+1=q m -k –A code for sequential traitor tracing R. Safavi-Naini & Y. Wang, 2003

37 37 Collusion-resilient fingerprinting Assign one of the q versions for each movie segment (q-ary code) –H. Jin, J. Lotspiech, & S. Nusser (IBM Almaden research), 2004

38 38 Collusion-resilient fingerprinting Orthogonal signals –W. Trappe, M. Wu, Z. J. Wang, and K. J. R. Liu, “Anti- collusion fingerprinting for multimedia”, 2003 –Orthogonal fingerprint Orthogonal modulation w j =u j # of fingerprints=# of ortho. bases Modulate the code based on BIBD by noise-like signals # of fingerprints>># of orthogonal bases (7,3,1)-BIBD {{0,1,3},{0,2,5},{0,4,6},{1,2,4},{1,5,6},{2,3,6},{3,4,5}}

39 39 Collusion-resilient fingerprinting The bit-complement of the incidence matrix for a (7,3,1)-BIBD Modulate the codewords by 7 orthogonal bases

40 40 Collusion-resilient fingerprinting If user 1 and user 2 are colluders –Average attack: the pirate code is (w 1 +w 2 )/2 –The coefficient vector is (-1,0,0,0,1,0,1) –1 occurs in the fifth and seventh location uniquely identifies users 1 and 2 as colluders Experiments –(16,4,1)-BIBD –20 users –c=3

41 41 Collusion-resilient fingerprinting –Tree-structured detection

42 42 Collusion-resilient fingerprinting Orthogonal signals –Z. J. Wang, M. Wu, H. Zhao, W. Trappe, and K. J. Liu, 2003 ~ –Gaussian signals (suitable for multimedia content) –Performance is limited if the number of Gaussian signals is larger

43 43 Collusion-resilient fingerprinting Joint fingerprint embedding and decryption based on coefficient set scrambling –D. Kundur & K. Karthik, 2004

44 44 Collusion-resilient fingerprinting Original, encrypted, and fingerprinted images PSNR=22dB PSNR=34dB

45 45 Collusion-resilient fingerprinting Make the colluded copy useless –U. Celik, G. Sharma, & A. M. Tekalp, “Collusion- resilient fingerprinting by random pre-warping”, 2004 –The host signal is warped randomly prior to watermarking

46 46 Collusion-resilient fingerprinting

47 47 Collusion-resilient fingerprinting Fingerprint multicast in secure video streaming –H. V. Zhao & K. J. R. Liu, 2006 –Tree-structure-based fingerprint scheme

48 48 Collusion-resilient fingerprinting MPEG-2-based joint fingerprint design and distribution scheme for video on demand applications The fingerprint embedding and distribution process at the server’s side

49 49 Possible future research Collusion-resilient fingerprint scheme –Robust against collusion attacks Fingerprint - Hard to be removed by collusion attacks Content - Useless after being attacked –Traceability code Short l Large n Large c –Tracing algorithm & detection strategy High hit ratio Low false alarm rate  Fast Low computational overhead

50 50 Dynamic tracing q versions for every segment

Download ppt "Fingerprinting and Broadcast Encryption Multimedia Security."

Similar presentations

Efficient Fingerprinting to Protect Digital Content Josh Benaloh Gideon Yuval Microsoft Research FingerMark Andrew Rosen Microsoft Studios.

Efficient Fingerprinting to Protect Digital Content Josh Benaloh Gideon Yuval Microsoft Research FingerMark Andrew Rosen Microsoft Studios.
Pseudo-Relevance Feedback For Multimedia Retrieval By Rong Yan, Alexander G. and Rong Jin Mwangi S. Kariuki 2008-11629.

Pseudo-Relevance Feedback For Multimedia Retrieval By Rong Yan, Alexander G. and Rong Jin Mwangi S. Kariuki
Data Compression CS 147 Minh Nguyen.

Data Compression CS 147 Minh Nguyen.
Spread Spectrum Chapter 7. Spread Spectrum Input is fed into a channel encoder Produces analog signal with narrow bandwidth Signal is further modulated.

Spread Spectrum Chapter 7. Spread Spectrum Input is fed into a channel encoder Produces analog signal with narrow bandwidth Signal is further modulated.
Efficient Information Retrieval for Ranked Queries in Cost-Effective Cloud Environments Presenter: Qin Liu a,b Joint work with Chiu C. Tan b, Jie Wu b,

Efficient Information Retrieval for Ranked Queries in Cost-Effective Cloud Environments Presenter: Qin Liu a,b Joint work with Chiu C. Tan b, Jie Wu b,
Computer Networking Error Control Coding

Computer Networking Error Control Coding
Introduction to Watermarking Anna Ukovich Image Processing Laboratory (IPL)

Introduction to Watermarking Anna Ukovich Image Processing Laboratory (IPL)
A New Scheme For Robust Blind Digital Video Watermarking Supervised by Prof. LYU, Rung Tsong Michael Presented by Chan Pik Wah, Pat Mar 5, 2002 Department.

A New Scheme For Robust Blind Digital Video Watermarking Supervised by Prof. LYU, Rung Tsong Michael Presented by Chan Pik Wah, Pat Mar 5, 2002 Department.
Short 3-Secure Fingerprinting Codes for Copyright Protection Francesc Sebé and Josep Domingo-Ferrer Dept. of Computer Engineering and Mathematics Universitat.

Short 3-Secure Fingerprinting Codes for Copyright Protection Francesc Sebé and Josep Domingo-Ferrer Dept. of Computer Engineering and Mathematics Universitat.
Traitor Tracing Vijay Ramachandran CS 655: E-commerce Foundations October 10, 2000.

Traitor Tracing Vijay Ramachandran CS 655: E-commerce Foundations October 10, 2000.
Traitor Tracing Papers Benny Chor, Amos Fiat and Moni Naor, Tracing Traitors (1994) Moni Naor and Benny Pinkas, Threshold Traitor Tracing (1998) Presented.

Traitor Tracing Papers Benny Chor, Amos Fiat and Moni Naor, Tracing Traitors (1994) Moni Naor and Benny Pinkas, Threshold Traitor Tracing (1998) Presented.
Broadcast Encryption and Traitor Tracing 2001. 12. 2001507 Jin Kim.

Broadcast Encryption and Traitor Tracing Jin Kim.
VIPER DSPS 1998 Slide 1 A DSP Solution to Error Concealment in Digital Video Eduardo Asbun and Edward J. Delp Video and Image Processing Laboratory (VIPER)

VIPER DSPS 1998 Slide 1 A DSP Solution to Error Concealment in Digital Video Eduardo Asbun and Edward J. Delp Video and Image Processing Laboratory (VIPER)
N-Secure Fingerprinting for Copyright Protection of Multimedia

N-Secure Fingerprinting for Copyright Protection of Multimedia
Collusion-resistant fingerprinting for multimedia Wade Trappe, Min Wu, K.J. Ray Liu.

Collusion-resistant fingerprinting for multimedia Wade Trappe, Min Wu, K.J. Ray Liu.
Digital Watermarking for Multimedia Security R. Chandramouli MSyNC:Multimedia Systems, Networking, and Communications Lab Stevens Institute of Technology.

Digital Watermarking for Multimedia Security R. Chandramouli MSyNC:Multimedia Systems, Networking, and Communications Lab Stevens Institute of Technology.
CSCE 715 Ankur Jain 11/16/2010. Introduction Design Goals Framework SDT Protocol Achievements of Goals Overhead of SDT Conclusion.

CSCE 715 Ankur Jain 11/16/2010. Introduction Design Goals Framework SDT Protocol Achievements of Goals Overhead of SDT Conclusion.
Fifth International Conference on Information

Fifth International Conference on Information
Content Protection for Recordable Media Florian Pestoni IBM Almaden Research Center.

Content Protection for Recordable Media Florian Pestoni IBM Almaden Research Center.
Buyer-Seller Watermarking (BSW) Protocols Geong Sen Poh 31 Oct 2006.

Buyer-Seller Watermarking (BSW) Protocols Geong Sen Poh 31 Oct 2006.

Similar presentations

Ads by Google