DIGITAL IMAGE WATERMARKING SYSTEM DESIGN & ANALYSIS FOR FPGA AND STANDARD CELL IMPLEMENTATION

1. INTRODUCTION 2. IMAGE WATERMARKING: THEORY OF IMPLEMENTED APPROACH 3. THE SYSTEM 4. HARDWARE IMPLEMENTATION 5. FPGA/STANDARD CELL/VPR ANALYSIS 6. WATTCH ANALYSIS 7. PROBLEMS FACED 8. CONCLUSION 9. REFERENCES

Introduction Motivation The recent growth of networked multimedia systems has increased the need for the protection of digital media. This is particularly important for the protection and enforcement of intellectual property rights. Copyright protection involves the authentication of image ownership, and the identification of illegal copies of a (possibly forged) image. Techniques are needed to prevent the copying, forgery and unauthorized distribution of images and video. Without such methods, placing images or video sequences on a public network puts them at risk of theft and alteration.

The basic scenario is as follows: A user has created an electronic image at some effort and expense, and wants to make it available on a communications network. When unauthorized copies or forgeries of the image appear elsewhere on the network, the user needs to prove that the image belongs to them. One also needs to determine if and by how much the image has been changed from the original. With the increase in the availability of digital data such as multimedia services on the Internet, there is a pressing need to manage and protect the illegal duplication of data. In the past few years many new techniques and concepts based on data hiding or steganography have been introduced as a means for tamper detection in digital images and for image authentication. One approach involves adding an invisible structure to a host image to ‘mark’ ownership of it. To be effective, a watermark must be imperceptible within its host, discrete to prevent unauthorized removal, easily extracted by the owner and robust to incidental and accidental distortions.

What is a “Digital Image Watermark” A digital watermark is a digital signal or pattern inserted into a digital image. Since this signal or pattern is present in each unaltered copy of the original image, the digital watermark may also serve as a digital signature for the copies. A given watermark may be unique to each copy (e.g. to identify the intended recipient), or be common to multiple copies (e.g. to identify the document source). In either case, the watermarking of the document involves the transformation of the original into another form. This distinguishes digital watermarking from digital fingerprinting, where the original file remains intact and a new created file 'describes' the original file's content. Digital watermarking is also to be contrasted with public-key encryption, which also transform original files into another form. It is a common practice nowadays to encrypt digital documents so that they become un-viewable without the decryption key. Unlike encryption, however, digital watermarking leaves the original image (or file) basically intact and recognizable. In addition, digital watermarks, as signatures, may not be validated without special software. Further, decrypted documents are free of any residual effects of encryption, whereas digital watermarks are designed to be persistent in viewing, printing, or subsequent re-transmission or dissemination.

For this purpose. Requirements of Watermarks . are potentially useful as a means of identifying the source. where the opacity of paper is altered by physically stamping it with an identifying pattern. and distributor or authorized consumer of a document or image. the receipt of copyright revenues. on the other hand. whereas invisible watermarks increase the likelihood of successful prosecution. Invisible watermarks. the objective is to permanently and unalterably mark the image so that the credit or assignment is beyond dispute. the watermark would facilitate the claim of ownership. Invisible watermarks. the illicit duplication may be convincingly demonstrated. The invisible watermark may also act as a deterrent if perpetrator is aware of their possible use. owner. on the other hand. modern digital networks make largescale dissemination simple and inexpensive. The main advantage is that they virtually eliminate the commercial value of the document to a wouldbe thief without lessening the document's utility for legitimate. are more of an aid in catching the thief than discouraging the theft in the first place. In the event of illicit usage. If that buyer then makes an illicit copy. Watermarking has also been proposed to trace images in the event of their illicit redistribution. author. Digital watermarking makes it possible to uniquely mark each image for every buyer. authorized purposes. Whereas past infringement with copyrighted documents was often limited by the unfeasibility of large-scale photocopying and distribution. One might view digitally watermarked documents and images as digitally 'stamped'. "Visible watermarks" are used in much the same way as their bond paper ancestors. A familiar example is in the video domain where a logo is placed in a corner of the screen image. creator. "visible watermarks" diminish the commercial value of a document or image. This is done to mark the paper manufacturer or paper type. depending upon whether the watermark appears visible or invisible to the casual viewer. Visible Vs Invisible watermarks "Visible watermarks" are especially useful for conveying an immediate claim of ownership. In general. or the success of prosecution.The types of digital watermarks Two types of digital watermarks may be distinguished.

In this way. and then a randomly generated (by some preferred distribution) watermark signal is superimposed upon a selected set of transform coefficients by adaptively modifying them. The resulting mark may be visible or not. e. 2. watermarks should be readily detectable by the proper authorities. However. compression). cropping. The watermark must survive image modifications that are common to typical image-processing applications (e. un-watermarked image would be necessary for efficient recovery of property and subsequent prosecution. dithering. the values of chosen frequencies can be altered from the original. This renders the watermark visibly subtle such that it is difficult to detect under regular viewing. The watermark must be difficult or impossible to remove. at least without visibly degrading the original image. Techniques of watermarking Several different methods enable watermarking in the spatial domain. Picture cropping.g. depending upon the intensity value. can be used to eliminate the watermark. In a similar manner to spatial domain watermarking. A more robust watermark can be embedded by superimposing a symbol over an area of the picture.. The original image is first transformed to the selected domain. the watermark appears in only one of the color bands. scaling. The Discrete Cosine Transform (DCT) and the Discrete Wavelet Transform (DWT) are the two most commonly used image transforms.To be effective in the protection of the ownership of intellectual property. For some algorithms. the invisibly watermarked image should satisfy several criteria: 1. Such decidability without requiring the original. The simplest is just to flip the lowest-order bit of chosen pixels. Spatial watermarking can also be applied using color separation. even if imperceptible to the average observer. This works well only if the image is not subject to any modification. and 4. An invisible watermark should be imperceptible so as not to affect the experience of viewing the image. the mark appears immediately when the colors are separated for printing. For some invisible watermarking applications. . Watermarking can be applied in the frequency domain (and other transform domains) by first applying a transform like the Fast Fourier Transform (FFT).g. 3. The watermarked image is obtained as an inverse transformation of the modified coefficients. (a common operation of image editors).

But in spatial domain technique. since the watermark is in effect applied indiscriminately across the spatial image. But in most of the natural images majority of the visual information are concentrated on the lower end of the frequency band. The perceptually invisible data hiding needs insertion of watermark in higher spatial frequency of the cover image since human eye is less sensitive to this frequency component. Frequency or transformed domain approach offers robust watermarking but in most cases implementation needs higher computational complexity. There is a current trend towards approaches that make use of information about the human visual system (HVS) to produce a more robust watermark. this method is not as susceptible to defeat by cropping as the spatial technique. applied adaptively to frequencies that contain important information of the original picture. Moreover the transform domain technique is global in nature (global within the block in block-based approach) and cannot restrict visual degradation of the cover image. Since high frequencies will be lost by compression or scaling. Such techniques use explicit information about the HVS to exploit the limited dynamic range of the human eye. the transform coefficients having the strongest magnitudes are chosen for embedding the watermark signal. IMAGE WATERMARKING: THEORY OF IMPLEMENTED APPROACH Fragile Image Watermarking A fragile watermark is a mark that is readily altered or destroyed when the host image is modified through a linear or nonlinear . the watermark signal is applied to lower frequencies. or better yet. there is more a tradeoff here between invisibility and decodability. Spatial Vs Frequency domain Spatial watermarking is easy to implement from computational point of view but too fragile to withstand large varieties of external attacks.in order for the embedded watermark to withstand various forms of image processing and attack. So the information hidden in the higher frequency components might be lost after quantization operation of lossy compression. degradation in image quality due to water marking could be controlled locally leaving the region of interest unaffected. However. Since watermarks applied to the frequency domain will be dispersed over the entirety of the spatial image upon inverse transformation.

The marking key is used to generate the watermark and is typically an identifier assigned to the owner or image. The marking key should be difficult to deduce from the detection side information. Fragile watermarks are designed to detect every possible change in pixel values. Detect tampering: A fragile marking system should detect (with high probability) any tampering in a marked image. 5. Desirable features of fragile marking system 1. The marked image is perceptually identical to the original image under normal observation. The Image Authentication Framework An owner embeds the mark into an original image. 3. The sensitivity of fragile marks to modification leads to their use in image authentication. Detector should be able to locate and characterize alterations made to a marked image: This includes the ability to locate spatial regions within an altered image which are authentic or corrupt. 6. In many schemes it can be shown that without the secret key. The watermark should remain detectable after image cropping. Fig.transformation. Perceptual transparency: An embedded watermark should not be visible under normal observation or interfere with the functionality of the image. The insertion of a mark by unauthorized parties should be difficult. 2.1 Watermark Embedding . 4. the probability of a modification that will not be detected can be related to a cryptographic element present in the scheme such as a hash function.

Fridrich et al Background Wong’s scheme (P. It works by partitioning the image into a number of blocks and inserting a digital signature for authentication on a block-wise basis. a digital signature is computed after truncation of the LSBs. In the embedding process. the digital signature of each block is recomputed after truncation of LSBs and the block is then authenticated by validating each block using the embedded information in the LSBs of the block. The detection process may require knowledge of the marking key. N.Security and Watermarking of multimedia contents . At the receiving end. SPIE .When a user receives an image.San Jose. The signature for each block is then embedded in the LSBs in conjunction with a logo image. Unauthenticated blocks are assumed to have been manipulated.Memon. Fragile Authentication Watermark with Localization – J.Secret and Public Key authentication Watermarking Schemes that resist Vector Quantization Attack: Proc. Fig. the watermark and the original image. If it is not authentic then it would be desirable for the detector to determine where the image has been modified.2 Watermark Detection Algorithm implemented for Image watermarking and detection: Secure.Fridrich et al) differs from Wong’s approach in the construction of the logo (watermark).Wong. Algorithm Description The algorithm implemented (Fragile Authentication Watermarking with localization – J. The detector is usually based on statistical detection theory whereby a test statistic is generated and from that test statistic the image is determined to be authentic. The binary logo in this case is . for each block. Jan 2000) is one of the first public key spatial fragile watermarking algorithms. he uses the detector to evaluate the authenticity of the received image. which provides the mechanism for localization of image manipulations.

6. The MD5 algorithm was designed by Prof. 5. Ronald Rivest at MIT in 1991 to replace the previous MD4 algorithm. Xor the Hash with the Watermark bitstream (binary logo). Xor the decrypted bitstream with the Hash Function output. 2. (For eg. For each block . the block content will be authenticated by creating a simply recognizable structure in each binary logo. Divide the 8-bit grayscale image into 8x16 blocks (each block comprising of 128 8-bit pixels). 5. Compare the output of the above step with the Watermark (Binary logo) bitstream. Inserted the encrypted bitsream into the corresponding LSB positions of the image block being watermarked. and is also commonly used to check the integrity of files. 3. MD5(Message-Digest algorithm 5) is a widelyused cryptographic hash function with a 128-bit hash value. Algorithms used for individual operations Hashing: MD5 algorithm In cryptography. 4. it indicates that the block content is authentic. calculate the hash H of the MSBs of all 128 pixels. Watermark Detection/Verification 1. 4. MD5 has been employed in a wide variety of security applications.used to carry information about the block position and image index and possibly other information relevant to the image such as its original dimensions. Swapping blocks and cropping can thus be readily detected. Furthermore. For each block. As an Internet standard (RFC 1321). Divide the 8-bit grayscale image into 8x16 blocks (each block comprising of 128 8-bit pixels). MD5 processes a variable length message into a fixed-length output of . author ID etc. calculate the hash H of the MSBs of all 128 pixels. a 128 bit binary logo could comprise of 2 repetitions of a 64-bit stream) Watermark Embedding 1. 2. Encrypt the xor’ed output. Decrypt the bitstream corresponding to the LSB positions of the image block under consideration. If the 1st 64 bits of the generated watermark coincide with the next 64 bits. 3.

The padding works as follows: first a single but. grouped in four rounds of 16 operations. termed rounds. Figure 1 illustrates one operation within a round. The main algorithm then operates on each 512-bit message block in turn. 1. OR and NOT operations respectively. F is a non linear function. The processing of a message block consists of four similar stages. . and D.3 One MD5 operation --. and Ki denotes a 32-bit constant. B. modular addition. The main MD5 algorithm operates on a 128-bit state. divided into four 32-bit words. The input message is broken up into chunks of 512-bit blocks. Mi denotes a 32-bit block of the message input. each block modifying the state. The remaining bits are filled up with a 64-bit integer representing the length of the original message. s denotes a left bit rotation by s places. C. There are four possible functions F. a different one is used in each round. These are initialized to certain fixed constants. is appended to the end of the message. This is followed by as many zeros as are required to bring the length of the message up to 64 bit less than a multiple of 512. denoted A. AND. each round is composed of 16 similar operations based on a non-linear function F. s varies for each operation. the message is padded so that its length is divisible by 512.128 bits. and left rotation. Denote the XOR. different for each operation.MD5 consists of 64 of these operations. Fig. one function is used in each round. denotes addition module 232.

15.21.23} r[48:63] := {6.16.17.20} r[32:47] := {4.11.9.15.11.16.5.20.14.14.12.11.7.15.5.7.10.23.10.10.6.22} r[16:31] := {5.11.6.14.23.21} //Use binary integer part of the sines of integers as constants: for i from 0 to 63 k[i] := floor(abs(sin(i+1))x2^32) //Intitialize variable: var inth0 var int h1 var int h2 var int h3 := := := := 0x67452301 0xEFCDAB89 0x98BADCFE 0x10325476 // Pre-processing .22.12.k.21.17.10.4.21.16.9.20.Pseudo code for the MD5 algorithm //Define r as the following var int[64] r.23.4.9.12. r[0:15] := {7.17.17.15.16.5.22.14.12.9.4.20.6.

(5xi+1)mod 16 elseif32<=i<=47 f:=b xor c xor d g:=(3xi+5)mod 16 elseif 48<=i<=63 f:= c xor (b or (not d)) g:=(7xi)mod 16 temp := d d:=c c:=b b:=((a+f+k(i)+w(g) leftrotate(i))+b a:=temp //Add this chunk' hash to result so far: h0:=h0+a h1:=h1+b .append "1" bit to message append "0" bits until message length in bits = 448(mod 512) append bit length of message as 64-bit little-endian integer to message //Process the message in succesive 512-bit chunks: foreach 512-bit chunck of message breakchunk into sixteen-bit-little-endianwords w(i). elese if 16<i<31 f:=(b and d)or ((not b and c) g:. 0<i<15 //Initialize hash value for this chunk var var var var int int int int a b c d := := := := h0 h1 h2 h3 // Main loop for 1 from 0 to 63 if 0<=1<=15 then f:=(b and c)or((not b) and d) g := .

These messages can only be decrypted by use of the private key. which are related mathematically. but only the holder of a private keycan actually decrypt the message and read it. 2. The public key consists of • n. designed as public key and private key. In cryptography. It was described in 1977 by Ron Rivest. 5. Compute the quotient Ф(n) = (p-1)(q-1) 4. The following steps are used to generate a public key and a private key: 1. In other words. the modulus and • e. the public exponent (also called encryption constant) The private key consists of • n. randomly and independently of each other.h2:=h2+c h3:=h3+d var int digest:=h0 append h1 append h2 append h3 //(expressed as little-endian) Public Key Cryptosystem: Encryptor and Decryptor algorithm (RSA) Public key cryptography is a form of cryptography which generally allows users to communicate securely without having prior access to a shared secret key. Choose two large prime numbers p and q such that p is not equal to q . Adi Shamir and Len Adleman at MIT. Choose an integer e such that 1<e< Ф(n) which is co prime to Ф(n). anyone can encrypt a message. Compute n = pq 3. This is done by using a pair of cryptographic keys. Compute d such that de=1 (mod Ф(n)). RSA invloves 2 keys: public key and private key (a key is a constant number later used in the encryption formula) . the modulus which appears in the public key and . RSA is an algorithm for public key encryption.The public key is known to everyone and is used to encrypt messages.

4 Encoder Block Diagram reset Msg_out_valid ready Hashing_function Watermark_Key XOR lsb_enable clock E[4:0] Dataready_in Dataready_out Encryptor . the private exponent (also called decryption constant which must be kept secret) Encrypting messages : The cipher text corresponding to message ‘m’ is given as c = me mod n Decrypting messages : Message ‘m’ is recovered from c as m= cd mod n A working example: Let p = 61 — first prime number q = 53 — second prime number n = pq = — modulus (to be made public) 3233 e = 17 — public exponent (to be made public) d = — private exponent (to be kept secret) 2753 Clock The public key is (e.n) and the private key is d. The decryption function is: 128 Reg_lsb[127:0] pixels Decrypt(c) = cd mod n = c2753 mod 3233 where c is the cipher text. To encrypt the plain text 123 we calculate Encrypt(123) = 12317 mod 3233 = 855 To decrypt the cipher text 855.Reg_enable The encryption function is: Data[7:0] Encrypt(m) = me mod n = m17 mod 3233 where m is the message. we calculate Decrypt(855) = 8552753 mod 3233 = 123 Reg_msb[127:0] 8-BIT GRAYSCALE IMAGE 128x8 bit Register Bank msb_enable THE SYSTEM clock Fig.• d.

The “msg_in_width” is set to 128-bits for the . Every time the register “reg_msb” gets loaded with data. “reg_lsb” is used to hold the watermark encoded bit stream that is ultimately loaded onto the 128 LSBs of the corresponding pixels. 2. For each of these image blocks the watermark insertion is carried out sequentially. 3.Encoder (Watermark Embedder) operation 1. The entire 8-bit grayscale image is divided into blocks of 16x8 (=128) pixels. This flag correspond to the signal “msg_in_valid” of the Hasher. The Hasher is reset before every hashing operation. the flag “msb_enable” goes high. The 128 pixel block is loaded onto a register file 1 pixel at a time with a “reg_enable” flag used to indicate every time 8-bits of a pixel are successfully loaded. The register file comprises of a bank of 128 8-bit registers to store the corresponding pixels. It also comprises of 2 128-bit registers namely “reg_lsb” and “reg_msb”. “reg_msb” is used to hold the 128 MSB’s of the pixels that are going to be embedded with the watermark.

the “msg_out_valid” signal goes high indicating completion of the hash operation. Simultaneously.4. 6. When “msg_in_valid” goes high. Fig. The “dataready_out” signal corresponds to the “lsb_enable” signal of the register file. the hasher takes in the 128 bit stream stored in “reg_msb” through the “msg_in[127:0]” port and generates a 128 bit hashed stream using the MD5 algorithm which is output to the port “msg_output[127:0]”. (The same key is used for the entire image). When the “dataready_in” signal of the Decryptor goes high it loads the XOR output stream through the port “datain[127:0]”. the “dataready_in” signal of the Decryptor is made high. When the Encryptor completes its operation it makes “dataready_out” signal high and outputs the data to the port “dataout[127:0]”. entire length of operation.5 Decoder Block Diagram Reg_msb[127:0] msb_enable clock reset Msg_out_valid ready Watermark_Key XOR XOR 0 Hashing_function Detection_result (all 0's indicate MATCH) clock D[7:0] Dataready_in Dataready_out Decryptor lsb_enable . As soon as the computation is performed . 5. The encryption exponent (E) is input. The Encryptor encrypts 16-bits of data at a time using the RSA algorithm for encryption. TheClock bitstream present in “reglsb” is then used to replace the LSBs of pixels of the image Data[7:0] block under consideration. As soon as the hashed output is obtained at the above mentioned port. the hasher output is taken and XORed with the Watermark bitstream. (replacing bits in the 128 LSB 128 positions) Reg_lsb[127:0] pixels The watermark embedded image128x8 bit Register Bank stored back at the block is then 8-BIT GRAYSCALE IMAGE same location and the whole process begins again. When the “msg_out_valid” signal goes high. the “ready” signal also goes high indicating that the hasher is ready to receive the next stream of 128-bit data. 7. When “lsb_enable” goes high the register file takes the data from the port “dataout[127:0] and Reg_enable loads it into the register “reglsb”.

4. their respective flags “lsb_enable” and “msb_enable” go high. 3. the hasher takes in the 128 bit stream stored in “reg_msb” through the “msg_in[127:0]” port and generates a 128 bit hashed stream using the MD5 algorithm which is then output to the port “msg_output[127:0]”. The “msg_in_width” is set to 128-bits for the entire length of operation. The entire 8-bit grayscale image is divided into blocks of 16x8 (=128) pixels. the “msg_out_valid” signal goes high indicating completion of the hash operation. The 128 pixel block is loaded onto a register file 1 pixel at a time with a “reg_enable” flag used to indicate every time 8-bits of a pixel are successfully loaded. It also comprises of 2 128-bit registers namely “reg_lsb” and “reg_msb” that are used to store the LSB’s and MSB’s of the pixels. The register file comprises of a bank of 128 8-bit registers to store the corresponding pixels. The Hasher is reset before every hashing operation. Every time the registers “reg_lsb” and “reg_msb” get loaded with their corresponding data. . As soon as the hashed output is obtained at the above mentioned port. When “msg_in_valid” goes high. 2.Decoder (Watermark Extractor) operation 1. These flags correspond to the signals “msg_in_valid” and “dataready_in” of the Hasher and Decryptor functions respectively (within the decoder). For each of these image blocks the watermark extraction and detection is carried out sequentially.

6 E Functional verification of the Encoder Fig.e.6 B Functional verification of the Decryptor Fig.6 D Functional verification of the Register File (decoder) Fig. the “ready” signal also goes high indicating that the hasher is ready to receive the next stream of 128-bit data.5. (The same key is used for the entire image).6 F Functional verification of the Decoder . Fig. The decryption exponent is input. HDL IMPLEMENTATION The modules for the Encoder and the Decoder were written in Verilog and their functional verification was done using MODELSIM 6. the outputs of the Hasher and the Decryptor i. The extracted watermark is then compared with the watermark bitstream originally embedded by XORing the 2 bitstreams. “msg_output” and “dataout” are XORed .0a. The whole process begins again with the loading of the next block of image data onto the register file. When the “dataready_in” signal of the Decryptor goes high it loads the contents of “reglsb” register through the port “datain[127:0]”. A stream of all zeroes indicates a perfect match and correct detection. Simultaneously. 8. Once the detection is done the signal “decout_ready” goes high indicating the decoder is ready to decode the next block of image data. 9. When both “msg_out_valid” and “dataready_out” are high. The resultant bitstream represents the comparison result. The decryptor decrypts 16-bits of data at a time using the RSA algorithm. 7.When the Decryptor completes its operation it makes “dataready_out” signal high and outputs the data to the port “dataout[127:0]”. The resultant bitstream represents the extracted watermark of the particular image block.6 C Functional verification of the Hasher Fig. If it comprises of identical bitvalues in its LSB and MSB halves. 6.6 A Functional verification of the Encryptor Fig. that indicates an uncorrupted watermark.

The Verilog netlist was .17 2. Also.1 T_c Analysis Summary For all the modules. power and timing analyzer.FPGA/STANDARD CELL ANALYSIS FPGA The HDL designs for both the Watermarking Encoder and Decoder were Placed and Routed using the QuartusII software suite for the Altera DE2 board.219 48. These files were converted into Structural Verilog format using a perl script. The verified design was then technology mapped to a set of gates with a maximum fan-in of three. Area Modules\Analysi s Encoder Decoder Hasher Encryptor Decryptor Register File Encoder Register File Decoder Logic I/O pins elements DSP (Max:426 (Max:10345 blocks ) ) 6356 48 399 6343 48 372 3121 0 269 3209 48 264 3210 48 267 0 0 0 0 256 256 Interconnec t Usage (%) 45 51 33 35 33 17 14 T_setu p (ns) 2. The encryptor and the decryptor modules were found to be the most sensitive to setup time violations. The Verilog netlist was then verified using Synopsys Design Compiler. we see that the hasher module consumes the maximum amount of power as it repeatedly operates on 128 bit data. even though the device I/O utilization was very high.789 11.03 1. STANDARD CELL BASED The modules of the encoder and decoder were in Behavioral Verilog format.852 1. The following results were obtained after running the placement. the logic utilization was relatively low.204 46.

32 W 19. Analysis Summary As compared to the FPGA based approach.87 38.4 34.9 W 1760883. Since the Design Compiler tool works on 250nm . 4.5 W 989069.3 Standard Cell Layout Diagrams Fig7a.5 W 57. Encoder Fig7d. there was a marked increase in power consumption in the Standard Cell based approach (orders of magnitude). 5.0 for better clarity while displayed here.9 W Power Net To Switchin Dyn g Power Po 14.converted into standard cells using Synopsys Design Analyzer.f Register File (Decoder) All the images above are the GDSII layouts of the individual modules and the encoder/decoder as a whole.875 14.5 10. power and timing of these standard cells.2 W 34418.1 3. The above layouts were imported into CoolViewPlus v7. Hasher Fig7c. Analysis was done on the area. Area Modules\Analysi s Encoder Decoder Hasher Encryptor Decryptor Register File Encoder Register File Decoder # Ports 527 526 269 264 267 260 261 #Net s 10661 10403 9790 1265 1269 261 273 #Cell s 14562 13932 9491 381 369 131 127 Cell Total Cell Internal Area (um2) Power 1820151.93 17.e Decoder Fig7.8 W 857681.7 W 27. Encryptor Fig7.85 W 9.273 6.3 W 63.6 W 929877.4 W 6.43 11. Register File (Encoder) Fig7b.88 W 16.132 38808. 12.d Decryptor Fig7.10 W 4. 8.

Per CLB: 3730.based library.34263e+06.31675e+06. Per CLB: 4278. Per CLB: 2837. The conversion was done using ABC (A System for Sequential Synthesis and Verification. Total: 3. Total: 2. developed by Berkeley Logic Synthesis and Verification Group).73 Decoder: 4: 10 Routing area (in minimum width transistor areas): Assuming no buffer sharing (pessimistic). The gate level netlist was a BLIF netlist.71946e+06. of min. These blif files were then used for VPR based Placement and Routing analysis.09 . Per CLB: 6318.36335e+06.48 Encoder:1:4 Routing area (in minimum width transistor areas): Assuming no buffer sharing (pessimistic).06824e+06.78 Assuming buffer sharing (slightly optimistic). a logic minimization tool. VPR ANALYSIS The Verilog netlist obtained from above was converted into a gate level netlist. Total: 2. the leakage power is always a negligible fraction of the total power consumption. Per CLB: 3286.40 Assuming buffer sharing (slightly optimistic). Total: 6.26332e+06. Circuit Optimum Array Size :#BLE/cluster Channel ( # of :# width CLBs) Inputs/cluster (W-detailed) Encoder:4:10 32 x 32 34 Encoder:1:4 63 x 63 13 Decoder:4:10 31 x 31 27 Decoder:1:4 60 x 60 11 # of transistors Per logic cluster 1432 205 1398 198 Total # of logic transistors 1466368 813645 1343478 712800 Routing area in terms of no. Per CLB: 2229.85 Assuming buffer sharing (slightly optimistic). Total: 4. width transistors as reported by VPR Encoder: 4:10 Routing area (in minimum width transistor areas): Assuming no buffer sharing (pessimistic). Total: 2.

80 Assuming buffer sharing (slightly optimistic). The power estimates are based on a suite of parametrizable power models for different hardware structures and on per-cycle resource usage counts generated through cycle level simulation. SimpleScalar provides a simulation environment for modern out-of-order processors with 5-stage pipelines: fetch. writeback and commit. issue. decode. The power oriented modifications provided by WATTCH (whose modules are integrated within SimpleScalar) track which units are . Speculative execution is also supported.37 For both encoder and decoder circuits the cluster size of 4 with 10 distinct inputs was found to be more area efficient as compared to the cluster size of 1 with 4 distinct inputs. This is because in a clustered FPGA many nets are completely absorbed within the clusters and their routing is taken care of by the intra-cluster multiplexers. Per CLB: 1843. Per CLB: 2704. “WATTCH” ANALYSIS Background “WATTCH” is an architectural simulator that estimates CPU power consumption.37527e+06. A modified version of SimpleScalar’s sim-outorder is used to collect results by WATTCH. Total: 7.Decoder: 1: 4 Routing area (in minimum width transistor areas): Assuming no buffer sharing (pessimistic). The power models have been integrated into the “Simple Scalar” architectural simulator. Total: 5.88719e+06. Separate banks of 32 integer and floating point registers make up the architected register file and are only written on commit.

These power modules have been verified against industrial circuits and have been found to be within 10% for low level capacitance estimates.6674 2.61 WM_Algo 0.accessed on each cycle and how and compute the power values associated with those units accordingly. Fast Cosine Transform based and Sub-band Discrete Cosine Transform based (All developed by Vassilis Fotopoulis: signal processing ‘98. Experimental Setup To evaluate the power-performance of the Watermarking algorithm (used for FPGA and Standard Cell based implementation in this project) in a general purpose processor environment WATTCH was used to simulate the algorithm.315 Subband DCT 0. The GNU tool chain used for generating the PISA binaries for SimpleScalar is very selective in the sort of commands it would allow for compilation and unfortunately most of the algorithms could not be compiled using this tool chain.7015 2.95 . Despite the availability of source codes of a lot many other watermarking algorithms.613 0. European Signal Processing Conference ’00).661 1.301 0.4601 0.6034 0.299 Fast Cosine Transfor m 0. the analysis was restricted to the above algorithms due to the high level of complexity involved in generating PISA binaries (requisite for SimpleScalar simulation) for them.5671 0.5051 0.4988 0.6547 2. Simulation Results Power dissipated Encoders per simulation cycle in milli-watts by Hartley Transfor m Branch Prediction Unit ResultBus Unit Instruction Cache Unit ALU Unit 0. Similar simulations were performed using binaries of three other watermarking algorithms namely Hartley Transform based.4666 0.

5 1 0.5 0 Hartley Transform Fast Sub-band Cosine W M_algo DCT Transform ALU Unit Instruction Cache Unit ResultBus Unit Branch Prediction Unit B ranch Prediction Unit ResultBus Unit Instruction Cache Unit A LU Unit Performance Penalty Hartley Transfor m #of simulation cycles 15158 Fast Cosine Transfor m 17250 Subband DCT 20898 WM_Algo 15230 .Pow er dissipated per simulation cycle in milli-w atts by Watermark Encoder (on WATTC H ) 3 2.5 2 1.

415 0.Total simulation time of the Encoders(# of SIMPLESCALAR simulation cycles) 25000 20000 # of simulation cycles 15000 # of simulation cycles 10000 5000 0 Hartley Transform Fast Cosine Transform Sub-band DCT WM_algo Algorithm Power dissipated Decoders per simulation cycle in milli-watts by Hartley Transfor m Branch Prediction Unit ResultBus Unit Instruction Cache Unit ALU Unit 0.67 Subband DCT 0.4887 0.412 0.412 0.7124 3.4004 0.6672 0.654 2.79 3.7328 3.92 WM_algo 0.98 .65 Fast Cosine Transfor m 0.6152 0.5034 0.

5 3 2.Power dissipated per simulation cycle in milli-watts by Watermark Decoder (on WATTCH) 4 3.5 2 1.5 1 0.5 0 Hartley Transform Fast Sub-band Cosine WM_algo DCT Transform ALU Unit Instruction Cache Unit ResultBus Unit Branch Prediction Unit Branch Prediction Unit ResultBus Unit Instruction Cache Unit ALU Unit Performance Penalty Hartley Transfor m # of simulation cycles 16240 Fast Cosine Transfor m 19310 Subband DCT 21650 WM_algo 16348 .

The power benefits did not incur a big increase in the simulation time. PROBLEMS FACED The conversion of Behavioral to Structural Verilog was very tedious due to the selectiveness of the Design Compiler library. CONCLUSION . total power dissipation units). Generating PISA binaries for existent and our image watermarking source code was extremely difficult. the Watermarking algorithm implemented by us in this project (as against the other algorithms) did much better in terms of average power dissipation by the 4 most power hungry resource units (top 4 max.Total simulation time of Decoders (# of simulation cycles on SIMPLESCALAR) 25000 20000 Algorithm 15000 # of simulation cycles 10000 5000 0 Hartley Transform Fast Cosine Transform Sub-band DCT WM_algo # of simulation cycles Analysis Summary Expectedly. The appreciable difference in the power values were anticipated since any spatial watermarking algorithm is much less computationally intensive as compared to a frequency domain watermarking algorithm and thus exercises the resource units much lesser.

http://www. Shamir and L. 1997 6. Secret and Public Key Image Watermarking Schemes for Image Authentication and Ownership Verification – Ping Wah Wong and Nasir Memon.altera. Secret and Public Key Authentication Watermarking Schemes that resist Vector Quantization attack – P Wong and N Memon. IEEE Proceedings 5. http://www. Eli Saber and Murat Tekalp. The design was ported to a suitable format for analysis using academic software tools .L.com 10.wikipedia. The watermarking process did not introduce visual artifacts and retained the quality of the images. SUNY Binghamton 2. Gaurav Sharma. On all platforms the basic area.A Fragile watermarking system in spatial domain was successfully implemented on FPGA and Standard Cell. A Method for Obtaining Digital Signatures and Public Key Cryptosystems – R. MIT 7. Watson Research Center.watermark-world. An Invisible Watermarking Technique for Image Verification – Minerva Yeung and Fred Mintzer. Rivest.com . MD5 Message Digest Algorithm – R. REFERENCES 1.VPR and Wattch. IEEE Proceedings 8. power and timing results were determined.0 Pro and Synopsys Design Compiler.Fridrich. Oct 2000. IBM T. SPIE Jan 2000 9. MIT Lab for Computer Science and RSA Data Security Inc.J.Rivest. June 2001. A. April 1992 3. http://www. A Review of Fragile Image Watermarks – Eugene Lin and Edward Delp.com 11. The analysis was done using Altera Quartus 2. Adleman. Security of Fragile Authentication Watermarks with Localization – J. Purdue University 4. A Hierarchical Image Authentication Watermark with Improved Localization and Security – Mehmet Celik.

Sign up to vote on this title
UsefulNot useful