Welcome to Scribd, the world's digital library. Read, publish, and share books and documents. See more ➡
Download
Standard view
Full view
of .
Add note
Save to My Library
Sync to mobile
Look up keyword
Like this
0Activity
×
0 of .
Results for:
No results containing your search query
P. 1
51789996 Fundamentals of Digital Watermarking

51789996 Fundamentals of Digital Watermarking

Ratings: (0)|Views: 21|Likes:
Published by Sanket Nayak

More info:

Published by: Sanket Nayak on Oct 25, 2012
Copyright:Attribution Non-commercial

Availability:

Read on Scribd mobile: iPhone, iPad and Android.
download as PDF, TXT or read online from Scribd
See More
See less

12/04/2012

pdf

text

original

 
Fundamentals of Digital ImageWatermarking
 
1
Watermarking techniques foralternative requirements
Teddy Furon1.1 Introduction
So far, watermarking has been presented in this book as a primitive robustly hidingbinary messages in host media. It truly reflects the main use of digital watermarking.However, some applications needs adaptations of the basic primitive. The aim of thissection is to detail such possible enrichments.However, this section is not only a list of less classical watermarking applications.The relationship between cryptography and watermarking is the base supporting thischapter. Cryptography and watermarking tackles the same issue: computer security(but note that watermarking doesn’t only target secure applications). The presentedenrichments are largely inspired by known functionalities of cryptography. The differ-ences are sometimes quite subtle but important. It would not make sense that water-marking only mimics functionalities of cryptography whose theoretical and practicalsecurity levels are assessed for decades. Therefore, this chapter focuses on the inter-actions between these two technologies. All cryptographic references in this chapterare taken from Menezes et al. (1996).This chapter makes an overview of four different applications: authentication,fingerprinting, watermarking protocols (embedding and detection), and asymmetricwatermarking.
1.2 Authentication
Watermarkers call authentication a tool providing the users a means to check theintegrity of content. The framework is quite simple: First, a
signer 
modifies original
 
WATERMARKING TECHNIQUES FOR ALTERNATIVE REQUIREMENTS 2content in a secret way to produce signed content. A second function, the
verifier 
,takes a piece of content as an input, and gives a binary output:
true
means that themedia is authentic,
false
means that the media is unsigned or deemed tampered. Inthis later case, it is desirable to see where the changes have occurred, or to know howthe authenticity has be broken.
1.2.1 Cryptographic digital signature and message authenti-cation
This functionality exactly corresponds to a digital signature or a message authen-tication, except that these cryptographic primitives only work on binary files. Thissubsection explains in brief how a Digital Signature (DS) and a Message Authentica-tion Code (MAC) work. The book of Menezes et al. (1996) is more than advised.Let
m
M
be the message to be signed, and
K
the key space. The signingfunction
:
M×K M
(i.e., whose domain is
M×K
and range is
M
) is typicallycharacterized by a secret key
k
:
m
=
(
m
,k
). Usually, there is two phases: First,a hash-value of the message is calculated:
h
= Hash(
m
). Then, it is encrypted witha private key
k
and simply appended to the message:
m
= (
m
||
(
h
,k
)). Notethat, in this definition,
M
is the set of binary messages whose length is finite (nota priori fixed). However, the size of piece of information appended to the message isfixed and not dependent on the original message length.At the reception of a signed message, the verifier
:
M×K {
0
,
1
}
is also akeyed function:
v
=
(
m
,k
). Usually, there is two phases: It calculates the hash-value of the data:
h
= Hash(
m
). Then, it decrypts the appended code with key
k
and compares both results:
D
(
(
h
,k
)
,k
)
?
=
h
. The equality assesses the integrityof the data.There is one strong difference between a DS and a MAC. In a MAC scheme,the hash-value is encrypted with a symmetric crypto-system (or, in a more generaldefinition, it is calculated with a secret keyed hash function). This implies that
k
=
k
, and that the verifier must be a trusted entity as it can also sign messages. Ina DS scheme, the hash is encrypted with an asymmetric crypto-system. This meansthat the verification key is public and different from the encryption key, which mustremain secret. Hence, anyone can check the DS that only the encryption key holderhas issued.Two inseparable key ideas appear:
Data integrity 
. Data integrity is provided by the extremely ‘sensitive’ functionHash(
.
), so that the slightest change in the message yields a completely differenthash-value, resulting in an incorrect verification.
Data origin authentication 
. Only encryption key holders are able to sign thehash. There is only one private key holder in a DS scheme. There are at leasttwo entities sharing the secret key in a MAC scheme (nothing distinguishes thesigner from the verifier). A correct verification not only assesses data integritybut also data origin authentication.

You're Reading a Free Preview

Download
/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->