Download presentation
Presentation is loading. Please wait.
1
Watermarking and Steganography
2
Watermarks First introduced in Bologna, Italy in 1282
Dandy Roll presses pattern into drying paper Changes thickness of paper fibers Uses: By paper makers to identify their product Security for stamps, official documents. Stock certificates, money, etc. Chic Other “watermarks” Printing on plastic with a window. (Australian $10 note)
3
Watermarking possible
Dandy Roll J. Plank Features In-house watermark design Computerized design process Quick-change sleeves and sections Pressed into paper during paper-making process Dandy roll 7.25" diameter Watermarking possible
4
Dandy Roll Wet pulp sprayed onto moving belt
High grade stainless steel construction Incorporates internal oscillating shower, internal pan, internal steam shower and external saveall pan Extended Header Brush for easy cleaning of shower pipe Wet pulp sprayed onto moving belt Dandy Roll pressed into pulp Dandy Roll looks like oversized printer’s roll covered with pattern
5
Laser Printed “Watermarks”
Used on bond paper, but who uses bond paper? Doesn’t work well in inkjets or laserjets “Watermarks” with most print drivers…
6
Printed Watermarks Looks great
You can even put it in your PDF file…which is the problem! No security
7
Printed Document Authentication Techniques
Microprinting – Print that is too small to produce or copy with conventional equipment Intaglio –engraved pattern used to press ink with great force; raised letters Letterpress – Ink rolled raised type, leaving depression. Used for printing numbers. Simultan press – precise registration of front and back. (see-through register). Changing ink colors (rainbowing). Optically variable inks (change color depending on angle) Metal foils & threads embedded in paper Security holograms
8
Lessons for paper authentication
Security features should convey a message relevant to the product. Use iridescent ink to print the banknote denomination Should obviously belong where they are They become “embedded in the user’s cognitive model.” Should be obvious Should not have competitors Should be standardized Source: Security Engineering, Anderson
9
Information Hiding Copyright Marks: Steganography Other applications:
Watermarks - Hidden copyright messages Fingerprints – Hidden serial numbers Steganography Hidden messages. Other applications: Closed captioning (hidden in first 21 scan lines) Audio RDS (Radio Data Service)-like service “What’s that song?”
10
Watermarks for Copyright Policy
“never copy” “copy only once” “copy only at low quality” JPMG Linnartz, “The ‘Ticket’ Concept for Copy Control Based on Embedded Signaling” (Anderson [504] ) Suggests a hash-based implementation of “copy only once:” X is the ticket Record h(h(X)) on DVD Provided with X, DVD recorded stores h(X) on second-generation copy.
11
The Broadcast Flag “Advanced Television Systems Committee Flag”
Enable/Disable: high-quality digital output Re-transmitting on an “unprotected” channel In the future: Time-shifting? Disallow fast-forward through commercials Required on all digital TV cards sold after July 2005 Only broadcast, not satellite or cable-transmitted. “Losing Control of Your TV,” Technology Review, March 3, 2004
12
Steganography A hidden message that can't be found by humans
A hidden message that can't be found by an algorithm. A hidden message that can be found by an algorithm but not by a human. A hidden message that can be found by some algorithms but not others. [Wayner 2004]
13
What is Hidden? Defining "Hidden" is not easy
We run into the usual Goedel limits that prevents us from being logical about detection. Humans are very different. Some musicians have very, very good ears. Some algorithms leave statistical anomalies. The message is often more random than the carrier signal. These statistics can give away the message.
14
Who wants it? Evil doers. If evil messages can't be seen by good people, evil will triumph. Osama bin Laden? Good doers. If the good guys can communicate in secret, then good will triumph. U.S. forces Content owners and copyright czars. Hidden messages can carry information about rights to view, copy, share, listen, understand, etc. Software Developers. "Hidden" channels can be added to data structures without crashing previous versions. Steganography can fight bit rot.
15
Models for Steganography
Replace random number generators with the message. This works if the random numbers are used in a detectable way. TCP/IP, for instance, uses a random number for connections. Some grab this for their own purposes. Replace noise with the message. Just replace the least-significant bit. Avoid the noise and tweak the salient features. Anything not affected by compression. If you have the freedom to change data without hurting the data, then you have the freedom to include another message.
16
Models for Steganography
Structured Models Run some compression algorithm in reverse If the compression models the data accurately, then running it in reverse should spit out something that models the data well. Huffman algorithms give common letters short bit strings and rare ones long ones. Change the structure or the order. GifEncoder, for instance, changes the order of the colors in the palette. Synthesize something new and use the data to guide the synthesis. Is the ghoul shooting at you in the game using a revolver or a machine gun? That's one bit.
17
Noise The least significant bit of pixels or sound files is very popular. Tweaking the LSB is only a small change. Less than 1%. 140= 141= You can encrypt, too! LSB modified to hide info
18
LSB Modification Side Effects: Add a lot of noise, and it’s obvious
The data may not have the same statistical pattern as the least significant bits being replaced. Add a lot of noise, and it’s obvious 4 LSB modified produces banding
19
More LSB Modification 6 bits 7 bits
20
8 out of 8 bits All 8 bits Bit 8 vs. Bit 1
21
Wayner Demos Information hiding at the bit level:
Encoding information through list order:
22
JPEG Watermarking “Hide and Seek: An Introduction to Steganography”
IEEE Security & Privacy Figure 2. Embedded information in a JPEG. (a) The unmodified original picture; (b) the picture with the first chapter of The Hunting of the Snark embedded in it.
23
Mesh Watermarking Robust mesh watermarking, Emil Praun, Hugues Hoppe, Adam Finkelstein, July Proceedings of the 26th annual conference on Computer graphics and interactive techniques
25
Issues to evaluate “Capability”
Payload carrying ability Detectability Robustness Securing information: Capacity is the wrong paradigm, Ira S. Moskowitz, LiWu Chang, Richard E. Newman , September Proceedings of the 2002 workshop on New security paradigms
26
SDMI – Secure Digital Media Initiative
SDMI (200+ companies) published an “Open Letter to the Digital Community” with an SDMI Challenge. Earn up to $10,000 for breaking their “watermarks” Challenge from September 15, 2000 – October 7, 2000 SDMI Systems: Designed to prevent “remixing” of privated CDs Designed to survive MP3 compression
27
SDMI & The Academics The Academics: What they did:
Scott Craver, Patrick McGregor, Min Wu, Bede Liu, (Dept. of Electrical Engineering, Princeton University) Adam Stubblefield, Ben Swartzlander, Dan S. Wallach (Dept. of Computer Science, Rice University) Edward W. Felten (Dept. of Computer Science, Princeton University) What they did: Successfully removed the digital watermark from the challenge audio samples. How did they know they did it? SDMI provided an “Oracle” that told them they did!
28
SDMI & Academics: Part 2 Academics couldn’t claim cash prize
Doing so would have required signing a “confidentiality agreement” and prohibit the academics from sharing results with the public DMCA didn’t apply… … because SDMI specifically invited the work Felton &c decided to present their findings at the 4th International Information Hiding Workshop April 25-29, 2001 April 9, RIAA Senior VP for Business and Legal Affairs sent Felton letter with veiled DMCA threats April 26, 2001 Felton declines to present paper May 3, 2001 – RIAA and SDMI say they never intended to sue June 6, 2001 – Felton files suit against RIAA asking for a declaratory judgment that they would not be infringing November 28, 2001 – Case dismissed for mootness
29
DigiMarc Leading provider of watermarking technologies
Plug-ins for Windows, PhotoShop, etc. Communicates: Copyright ownership Image ID Image content – adult, etc.
30
Tools and References Fabien a. p. penticolas
Digimarc Hiding Secrets with Steganography, by Dru Lavigne,
31
“Mosaïc attack” Defeat an embedded watermark by chopping up image and serving it in pieces <nobr> <img SRC="kings_chapel_wmk1.jpg’ BORDER="0’ ALT="1/6’ width="116’ height="140"> <img SRC="kings_chapel_wmk2.jpg’ BORDER="0’ ALT="2/6’ width="116’ height="140"> <img SRC="kings_chapel_wmk3.jpg’ BORDER="0’ ALT="3/6’ width="118’ height="140"> </nobr> <br> <nobr> <img SRC="kings_chapel_wmk4.jpg’ BORDER="0’ ALT="4/6’ width="116’ height="140"> <img SRC="kings_chapel_wmk5.jpg’ BORDER="0’ ALT="5/6’ width="116’ height="140"> <img SRC="kings_chapel_wmk6.jpg’ BORDER="0’ ALT="6/6’ width="118’ height="140"> </nobr>
32
Mosaïc assembled Some websites use mosaics to deter casual copying!
33
MP3Stego Hides information in MP3 files during the compression process
Takes advantage of the fact that MP3 provides high-quality compression of 11:1 Plenty of room for information hiding! Randomly chooses which parts of the Layer III inner loop to modify; makes sure modifications don’t exceed threshold defined by the psycho acoustic model. “Weak but better than the MPEG copyright flag defined in the standard” Defeat by decompressing & recompressing
34
MP3Stego in action
35
Translucent Databases
(More Wayner Work, if we have time…)
36
Translucent Database Instead of: Use:
INSERT INO purchases values (“bob jones”, 55424, “36”, NOW()) Use: INSERT INTO purchases values (MD5(“bob jones”, 55424, “36”, NOW())
37
TD’s with Redundency INSERT INTO salaries2 VALUES ( MD5(“Fred Smith/1313 Mockingbird Lane/ / ”), MD5(“Fred Smith/1313 Mockingbird Lane/ ”), MD5(“Fred Smith/1313 Mockingbird Lane/ ”), MD5(“Fred Smith// / ”), 60000, 5 20 )
38
Coordinating Users nameHash1 nameHash2 Message
d3b07384d113edec49eaa6238ad5ff00 2b00042f7481c7b056c4b410d28f33cf You’ve got some explaining to do D3b07384d113edec49eaa6238ad5ff00 It’s not my fault!
39
Inserting into multi-user table
INSERT INTO bboard1 Values(MD5(“Lucy”),MD5(“Ricky”),”You’ve got some explaining to do.”) INSERT INTO bboard1 Values(MD5(“Lucy”),MD5(“Ricky”),ENCRYPT(”You’ve got some explaining to do.”))
Similar presentations
© 2024 SlidePlayer.com Inc.
All rights reserved.