1. Fingerprinting Text in Logical Markup Languages Christian D. Jensen G.I. Davida and Y. Frankel (Eds.): Proc. Information Security Conference 2001, Lecture Notes in Computer Science, Vol. 2200, pp. 433–445, 2001. © Springer-Verlag Berlin Heidelberg 2001 Presented by Sasank Jampana

2. Summary This paper shows Semantic Fingerprinting as the only viable fingerprinting technique for documents in logical markup languages and a working model is demonstrated using Synonym Substitution and the results are evaluated with a prototype developed for Traitor Tracing.

3. Appreciative Comments Provides a convincing argument that Semantic Fingerprinting is the only viable technique for fingerprinting text in Logical Markup Languages. –Open space fingerprinting: Vulnerable to OCR attacks. –Syntactic fingerprinting: Resist OCR attacks. Easily noticeable and can be circumvented. –Semantic fingerprinting: Limited in scope. Resist OCR attacks. Very Robust compared to other techniques.

4. Security Analysis Performs a security analysis on the credible threat models specified in the literature. –Additive Attacks: Inserting one or more fingerprints in the document, in order to mask the identity of the source of the leak. –Distortive Attacks: Modifying the text in order to distort the fingerprint. The attack is effective if the document retains value to the attacker. –Collusive Attacks: Detect fingerprints by comparing more than one copy of the document and eliminate the identified fingerprints.

5. Collusion Attack Source: Collberg and Thomborson, 2000, Watermarking, Tamper-proofing, and Obfuscation – Tools for software Protection. An effective collusive attack Alice: Author of the documentBob: Traitor (s) P: Original Document P 1 : Fingerprinted Doc. 1P 2 : Fingerprinted Doc. 2 K 1 : Key for user 1K 2 : Key for user 2. F 1 : Fingerprint 1F 2 : Fingerprint 2 Alice fingerprints the document P, using various keys. Bob detects those keys by comparing copies of the document. Once Bob detects the fingerprints he can remove them.

6. Critical Comments Hash function proposed for Synonym Substitution. H(T+Δ) = H(T) + δ H – Hash functionT – Text input Δ – Change in textδ – Change in hash value. Conditions required to be met by the hash function for an effective traitor tracing algorithm, as specified by Chor et al., are not mentioned. –Traitor tracing algorithm needs to identify at least one traitor and reduce possibilities of a false positives. –For a k-resilient open user scheme the hash function needs to satisfy. s > 4k 2 log(n) s – Set of Hash Functions Chosen. k – Maximum number of traitors colluding. n – Total number of users using the document.

7. Critical Comments In Sec. 1 Par. 7, “Traitor tracing has unique properties that makes it simpler than fingerprinting for detection of copyright violators.” –Isn’t Traitor Tracing accomplished by fingerprinting?

8. Interesting Aspects This technique can be extended to documents in other formats and languages as well. One key for one user is very practical in organizations where a few people are repeatedly sent confidential documents.

9. Question In what category of documents is “Confidentiality” more desirable than “Integrity”? Considering there has to be some tradeoff between “Integrity” and “Confidentiality” while performing semantic fingerprinting. Is it possible to add redundant information into the document, to give more possibilities for safe transformations, to completely automate the process of fingerprinting? Safe transformations are those semantic preserving text transformations that can be applied without considering the context. e.g.: Dates: December 2002  last month of the year 2002 Numbers: 15  fifteen