Presentation is loading. Please wait.

Presentation is loading. Please wait.

Information Hiding & Digital Watermarking Tri Van Le.

Published byErik Poole Modified over 9 years ago

Similar presentations

Presentation on theme: "Information Hiding & Digital Watermarking Tri Van Le."— Presentation transcript:

1 Information Hiding & Digital Watermarking Tri Van Le

2 Outlines Background State of the art Research goals Research plan Our approaches

3 Background Information hiding –Steganography –Digital watermarking Related work –Covert channels –Anonymous communications

4 Information Hiding Steganography –Invisible inks –Small dots –Letters Digital watermarking –Copyright information –Tracing information

5 Information Hiding Main idea –Hide messages in a cover Steganography –Secrecy of messages Watermarking –Authenticity of messages

6 Covert Channels Leakage information (e.g. viruses) –Disk space –CPU load Subliminal channels –Digital signatures –Encryption schemes –Cryptographic malwares

7 Covert Computations Computation inside computations –Secret design calculations inside a factoring computation –Secret physics simulations inside a cryptographic software or devices

8 Anonymous Communications MIX Networks –Electronic voting –Anonymous communication Onion Routings –Limited anonymous communication Blind signatures –Digital cash

9 Digital Watermarking Secure against known simple attacks –Common lossy compressions JPEG, MPEG, … –Common signal processing operations Band pass, echo, pitch, noise filters, … Crop, scale, move, reshape, … Specialized attacks

10 Information Hiding (state of the art) Many schemes were proposed –Most of them were broken Use heuristic security –Subjective measurements –Assume very specific enemy

11 Broken Schemes (I)

12 Broken Schemes (II)

13 Broken Schemes (III)

14 Broken Schemes (IV)

15 Cryptography in the 80s Beginning time of open research A lot of schemes proposed Most of them soon broken

16 Broken Cryptosystems (I) Merkle Hellman 1978-1984 Iterated Knapsack 1978-1984 Lu-Lee 1979-1980 Merlke Hellman Merlke Hellman Lu-Lee Adiga Shankar 1985-1988 Adigar Shankar Nieder- reiter 1986-1988 Neiderreiter Goodman McAuly 1984-1988 Goodman McAuly Pieprzyk 1985-1988 Pieprzyk Chor Rivest 1988-1998 Chor Rivest Okamoto 1986-1987 Okamoto 1987-1988 Okamoto

17 Broken Cryptosystems (II) Matsumoto Imai 1983-1984 Cade 1985-1986 Yagisawa 1985-1986 Matsumoto Imai CadeYasigawa TMKIF 1986-1985 Tsujii, Itoh Matsumoto Kurosama Fujioka Luccio Mazzone 1980-1981 Luccio Mazzone Kravitz Reed 1982-1982 Kravitz Reed Rao Nam 1986-1988 Rao Nam Low Degree CG 1982 High Degree CG 1988 Rivest Adleman Dertouzos 1978-1987 Rivest Adleman Dertouzos Krawczyk Boyar...

18 Proven Secure Schemes Perfectly secure schemes –Shannon (1949) Computationally secure schemes –Goldwasser and Micali (1982) –Rabin (1981)

19 Perfectly Secure Cryptosystems Shannon’s work (1949) –Mathematical proof of security –Information theoretic secrecy Enemy with unlimited power –Can compute any desired function

20 Computationally Secure Cryptosystems Rabin (81), Goldwasser & Micali (82) –Mathematical proof of security –Computational secrecy Enemy with limited time and space –Can run in polynomial time –Can use polynomial space

21 Research Goals Fundamental way –Systematic approach –Same as Shannon and Goldwasser’s work What are the properties –Hiding –Secrecy –Authenticity

22 Fundamental Models Unconditional Security –Unlimited enemy Statistical Security –Polynomial number of samples Computational Security –Polynomial time and space

23 Information Hiding Properties Hiding property –Output must look like the cover Secrecy property –No partial information on input message Authenticity property –Hard to compute valid output

24 Unconditional Hiding Definition –E: K  M  C, encryption function –K: key set, M: message set, C: cover set –P cover : probability distribution of covers –P c : probability distribution of E(k,m) Requires –P c = P cover

25 Statistical Hiding Definition –P cover : probability distribution of covers –P c : probability distribution of E(k,m) –n: description length of each cover Requires –|P c - P cover | is negligible. –|P c - P cover | 0 and n>N d.

26 Computational Hiding Definition –P cover : probability distribution of covers –P c : probability distribution of E(k,m) –n: description length of each cover Requires –P c and P cover are P-time indistinguishable

27 Computational Hiding P-time indistinguishable –For all P.P.T.M. A, d>0, and n>N d :  Prob(A(P c )=1) - Prob(A(P cover )=1)  < n -d. –Informally speaking No P-time enemy can tell apart P c and P cover

28 Unconditional Secrecy Ciphertext independence: –Prob(m|E(k,m)) = Prob(m) Informally no information on message given ciphertext

29 Statistical Secrecy Negligible advantages: –For all m in M, d>0, n>N d : |Prob(m|E(k,m)) - Prob(m)| < n -d –Informally Only negligible amount of information on message leaked when given the ciphertext.

30 Computational Secrecy Negligible chances: –For all P.P.T.M. A: –For all m in M, d>0, n>N d : |Prob(A(E(k,m))=m)| < n -d –Informally Only negligible chance of output correct m.

31 Our Approaches Arbitrary key –Steganography, watermarking Restricted key –Protection of key materials Key = Ciphertext –Secret sharing

32 Our Approaches Arbitrary key distribution –E(k,m) is distributed accordingly to P cover Applications –Steganography –Digital watermarking –Tamper-resistant hardware

33 Our Approaches Restricted key distribution –c = E(k,m) –k is distributed accordingly to P K –c is distributed accordingly to P cover Applications –No tamper-resistant hardware –Protection of key materials

34 Our Approaches Key = Ciphertext –S: M  C  C –(k 1,k 2 ) = S(m) Requires –k 1 and k 2 distributed accordingly to P cover Applications –Secret sharing –Robustness

35 Research Progress To understand information hiding –Perfect hiding (done) Necessary and sufficient conditions Computational complexity results Constructions of prefect secure schemes Constructions of schemes with non-reliability –Computational hiding (under research) Conventional constructions Public key schemes

36 Perfect Hiding Scheme Condition –P cover (c)  1/|M| Algorithms –Setup: produce |M| matrices A i –Disjoint non-zero entries –Columns sum up to P cover –Rows sum up to the same –Encrypt: –E(k,m) distributes accordingly to row A m (k).

37 Perfect Hiding Scheme Algorithms –Encrypt: –c=E(k,m) distributes accordingly to row A m (k). –Decrypt: –Output m such that A m (k,c)>0. Message distribution independence –Hiding implies privacy.

38 Other aspects –Replacing privacy by authenticity –Digital watermarking Extra problem –Robustness against modifications –Simple modifications –General modifications

39 How to exploit Quadratic residues –n = pq –S 1 = {x 2 |x in Z n * } –S 2 = {x|x in Z n * and J(x)=1} Decision Diffie-Hellman –U 1 = (g, g a, g b, g ab ) mod p –U 2 = (g, g a, g b, g r ) mod p

40 Conclusion Covert channels –Very special distribution Our work –General distribution –Proven security levels

41 Thank you Questions?

Download ppt "Information Hiding & Digital Watermarking Tri Van Le."

Similar presentations

Cryptography and Game Theory: Designing Protocols for Exchanging Information Gillat Kol and Moni Naor.

Cryptography and Game Theory: Designing Protocols for Exchanging Information Gillat Kol and Moni Naor.
Foundations of Cryptography Lecture 10 Lecturer: Moni Naor.

Foundations of Cryptography Lecture 10 Lecturer: Moni Naor.
Confidential 1 Corporate Research © THOMSON multimedia, 1999 Mixing cryptography and watermarking for copy protection in consumer electronic devices FURON.

Confidential 1 Corporate Research © THOMSON multimedia, 1999 Mixing cryptography and watermarking for copy protection in consumer electronic devices FURON.
A New Scheme For Robust Blind Digital Video Watermarking Supervised by Prof. LYU, Rung Tsong Michael Presented by Chan Pik Wah, Pat Mar 5, 2002 Department.

A New Scheme For Robust Blind Digital Video Watermarking Supervised by Prof. LYU, Rung Tsong Michael Presented by Chan Pik Wah, Pat Mar 5, 2002 Department.
CS555Topic 191 Cryptography CS 555 Topic 19: Formalization of Public Key Encrpytion.

CS555Topic 191 Cryptography CS 555 Topic 19: Formalization of Public Key Encrpytion.
Foundations of Cryptography Lecture 13 Lecturer: Moni Naor.

Foundations of Cryptography Lecture 13 Lecturer: Moni Naor.
Lect. 18: Cryptographic Protocols. 2 1.Cryptographic Protocols 2.Special Signatures 3.Secret Sharing and Threshold Cryptography 4.Zero-knowledge Proofs.

Lect. 18: Cryptographic Protocols. 2 1.Cryptographic Protocols 2.Special Signatures 3.Secret Sharing and Threshold Cryptography 4.Zero-knowledge Proofs.
Steganography in digital images. Copyright protection “Signature” or “watermark” of the creator/sender Invisible Hard to remove Robust to processing 64.

Steganography in digital images. Copyright protection “Signature” or “watermark” of the creator/sender Invisible Hard to remove Robust to processing 64.
CS 555Topic 11 Cryptography CS 555 Topic 1: Overview of the Course & Introduction to Encryption.

CS 555Topic 11 Cryptography CS 555 Topic 1: Overview of the Course & Introduction to Encryption.
1 Authenticated key agreement without using one-way hash functions Harn, L.; Lin, H.-Y. Electronics Letters, Volume: 37 Issue: 10, 10 May 2001 Presented.

1 Authenticated key agreement without using one-way hash functions Harn, L.; Lin, H.-Y. Electronics Letters, Volume: 37 Issue: 10, 10 May 2001 Presented.
CMSC 414 Computer and Network Security Lecture 6 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 6 Jonathan Katz.
RSA ( Rivest, Shamir, Adleman) Public Key Cryptosystem

RSA ( Rivest, Shamir, Adleman) Public Key Cryptosystem
Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:

Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:
Cryptography1 CPSC 3730 Cryptography Chapter 10 Key Management.

Cryptography1 CPSC 3730 Cryptography Chapter 10 Key Management.
Asymmetric Cryptography part 1 & 2 Haya Shulman Many thanks to Amir Herzberg who donated some of the slides from

Asymmetric Cryptography part 1 & 2 Haya Shulman Many thanks to Amir Herzberg who donated some of the slides from
In the last part of the course we make a review of selected technical problems in multimedia signal processing First problem: CONTENT SECURITY AND WATERMARKING.

In the last part of the course we make a review of selected technical problems in multimedia signal processing First problem: CONTENT SECURITY AND WATERMARKING.
Introduction to Modern Cryptography Instructor: Amos Fiat Strongly based on presentation and class by Benny Chor School of Computer Science Tel- Aviv Univ.

Introduction to Modern Cryptography Instructor: Amos Fiat Strongly based on presentation and class by Benny Chor School of Computer Science Tel- Aviv Univ.
WS 2006-07 Algorithmentheorie 03 – Randomized Algorithms (Public Key Cryptosystems) Prof. Dr. Th. Ottmann.

WS Algorithmentheorie 03 – Randomized Algorithms (Public Key Cryptosystems) Prof. Dr. Th. Ottmann.
CMSC 414 Computer and Network Security Lecture 6 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 6 Jonathan Katz.
WS 2006-07 Algorithmentheorie 03 – Randomized Algorithms (Public Key Cryptosystems) Prof. Dr. Th. Ottmann.

WS Algorithmentheorie 03 – Randomized Algorithms (Public Key Cryptosystems) Prof. Dr. Th. Ottmann.

Similar presentations

Ads by Google