International Journal of Engineering Trends and Technology- May to June Issue 2011

Watermarking Systems Engineering: Enabling Digital Assets Security and Other Applications
S.Vimala1, J.Saravanan2 ,T.S. Sumi1
1

Faculty, M.C.A, Panimalar Engineering College, Chennai, 2 P.G Scholar, M.C.A, Panimalar Engineering College, Chennai, 3 Faculty, M.C.A, Panimalar Engineering College, Chennai. encrypted version of the original content to all the clients but a client-specific decryption key allows decrypting the content

Abstract- Watermarking embeds ownership information in digital content. Watermark describes information that can be used to prove the ownership of relational database. Here the embedding is hidden that the presence of watermarking is invisible to the user. The proposed approach permits us to successfully combine the secure embedding of client side with the superior robustness of informed embedding techniques, providing a new powerful tool for the secure distribution of highquality multimedia contents. Open issues in the proposed framework to be addressed in the future research concern the need of higher security and the compression overhead. Clientside watermark embedding systems have been proposed as a possible solution for the copyright protection in large-scale content distribution environments. In this framework, we propose a new look-up-table-based secure client-side embedding scheme properly designed for the spread transform dither modulation watermarking method. Index Terms- content distribution, secure watermark embedding, multiple decryption, ST-DM informed embedding, fingerprinting.

I. INTRODUCTION Content protection measure for the prevention of copyright violations from unauthorized user is the new challenge in large scale content distribution environments. Watermarking is solution for this problem. This technique is used to embed into each copy the content a unique code identifying a particular user or device. Current content distribution systems are based on a clientserver architecture, where the watermark embedding is usually carried out by a trusted server. However in large scale distribution systems the server may become overloaded, due to the fact that the computational burden grows linearly with the number of users. In addition, since the distribution of individually watermarked copies requires point-to- point connections, bandwidth requirements can become prohibitive. A possible solution consists in using client-side watermark embedding: the server is allowed to send a unique copy of the content to all the interested users through broadcasting. Each client will be in charge of embedding a watermark identifying the received copy. Since the client is untrusted, the users should not have access to the original content or to the secret information required to embed the watermark. In secure watermark embedding schemes, the server transmits the same

and at the same time to implicitly embed a watermark to obtain a uniquely watermarked version of the content. Here we are interested in techniques based on encryption systems that allow the use of multiple decryption keys, which decrypt the same cipher text to slightly different plaintexts. The difference between original and decrypted content represents thus the hidden watermark. A special stream cipher, called Chameleon, which allows decrypting the cipher text in slightly different ways. During encryption, a sequence of indices is used to select four entries from a look-up-table (LUT) for each plaintext element. These entries are XORed with the plaintext to form the cipher text. The decryption is identical to encryption except for the use of a decryption LUT that superimposes some errors onto the content, thus leaving a unique watermark. Generalizations of Chameleon, suitable for embedding spread spectrum watermarks, have also been proposed. In this paper, we propose a LUT based secure embedding system designed for the Spread Transform Dither Modulation (STDM) algorithm belonging to the class of data hiding schemes defined informed embedding algorithms or hostinterference rejecting methods. II. LUT BASED WATERMARK EMBEDDING The LUT based secure embedding proposed in works as follows. The distribution server generates a long- term master encryption look-up table E of size T, whose entries E[t] are independently and randomly generated according to a Gaussian distribution. The LUT E will be used to encrypt the content to be distributed to the KU clients. Next, for the k-th client, the server generates a personalized watermark LUT Wk according to a desired probability distribution, and builds a personalized decryption LUT Dk by combining componentwise master encryption LUT E and watermark LUT Wk: Dk[t] = E[t] +Wk[t], t= 0, 1, . . . , T 1 (1)

The personalized LUTs are then transmitted once to each client over a secure channel. A content, represented as a vector x of size M, is encrypted by adding to each element R entries of the LUT E pseudo

ISSN:2231-5381

-97-

IJETT

International Journal of Engineering Trends and Technology- May to June Issue 2011
randomly selected according to a session key sk. The encrypted content c is sent to all the authorized clients along with the session key sk. The k-th client can decrypt c by using his/her personalized decryption LUT Dk, with the final effect that a spread-spectrum watermark sequence is embedded into the decrypted content yk, through an additive rule. In detail, driven by the session key sk, a set of MR values tij in the range [0, T 1] is generated, where 0 i M1, 0 j R1. Each feature xi is encrypted by adding R entries of E, obtaining the encrypted feature ci: Starting from an original vector composed by M features, a MMd projection matrix S = (s1, s2,. . . , sMd ) whose columns are orthogonal is generated. The host features are projected according to S, which, differently from the traditional ST-DM, needs to be known to the clients; in order to add a level of secrecy, only L out of Md projections will be quantized to embed the watermark, where the L directions are kept secret to the clients. Let us indicate by A the indexes corresponding to the L directions where the watermark will be introduced. To represent that only L out of Md projections are quantized we will resort to a M L matrix SA denoting a partition of S obtained by picking the columns whose indexes are in A. To embed the watermark, it is chosen to use not just two quantizers, but a set of L dithered quantizers, shifted each by a factor j with respect to a reference quantizer Q0() having a fixed step size , so that, for j A Qj(x) = Q0(x) + j . (5)

Joint decryption and watermarking is accomplished by reconstructing with sk the same sequence of indices tij and by adding R entries of Dk to each encrypted feature ci:

Each dithered quantizer is used to quantize one of the L randomly chosen projections, so the marked components are
where j A.

The result of this operation is the sequence of watermarked content features yk identifying the k-th user. A. Quantization Index Modulation approach and Spread Transform Dither Modulation The ST-DM algorithm belongs to the wider class of Quantization Index Modulation (QIM) watermarking [5]. According to the QIM approach, watermark embedding is achieved through the quantization of the host feature vector x on the basis of a set of predefined quantizers, where the particular quantizer depends on the to-be-hidden message. In the case of ST-DM, the correlation between the host feature vector x and a reference spreading signal s is computed as This correlation is then quantized by applying to it either a quantizer Q0, or a quantizer Q1, depending on the to-behidden bit, obtaining the quantized correlation rw. The watermarked features are then: y = x + (rw rx)s (4)

The vector of watermarked features is then given by:

In a forensic application, we can think that each k-th user can be identified by employing a different set of dithered quantizers, characterized by a dithering vector k = {k , j}jA. According to this approach, referring to equation (6), in yk it is possible to distinguish between a term present in all the watermarked copies of the content, the summation and a term identifying the single k-th user, i.e. the summation The detector will thus try to identify a dishonest client by looking at this uniquely distinguishing component. A. ST-DM client side embedding Let us now describe how we implement a ST-DM based secure client side embedding. A distribution server, like in [4] generates an encryption look-up table E, whose entries are i.i.d. random variables following a Gaussian distribution N(0, E); moreover, for each client, a personalized watermark LUT Wk is generated, according to N(0, W), and a decryption LUT Dk is computed by combining component-wise E and Wk. In addition, let us suppose that the projection matrix S has been generated. The personalized LUTs and the matrix S are then transmitted once to each client over a secure channel. The server encrypts a content x of size M by adding to it some entries of E; however, differently from Eq. (2), here R

To recover the embedded bit, a minimum distance decoder applied to the correlation r of the watermarked and possibly attacked features y with the vector s is adopted. The ST-DM approach can be extended in such a way that the host features are projected not only along one direction, but on a vector subspace, allowing to introduce an additional degree of freedom in the design of the scheme. III. ST-DM SECURE EMBEDDING

ISSN:2231-5381

-98-

IJETT

International Journal of Engineering Trends and Technology- May to June Issue 2011
entries are added along each of the Md orthogonal directions sj. In addition, in L randomly chosen directions the common terms present in the embedding rule are introduced, so that at the server side the host features will be modified as in the following: and the detector statistics for the k-th client is defined as: approach based on a correlation statistic, followed by a maximum detector. Namely, the detector computes a vector of quantization errors as

Decryption and watermark embedding is driven by the session key sk needed to reconstruct the sequence of indices tjh and add MdR entries of the decryption LUT Dk to each encrypted feature ci: ,then:

The decision is made according to the following test:

If we assume it is possible to set , the result of this operation is the sequence of watermarked features yk, using the dithered quantizers shifted by the set k = {k,j}jA identifying the k-th user. The joint decryption and watermarking process then becomes:

The output of the test is either the index k of the guilty client or the special symbol k = meaning that no watermark has been found on the examined content. The threshold has to be set so as to minimize the probability of detection errors. To do so, we formulate the problem as a binary hypothesis testing where the hypotheses are: H0, the content is not watermarked; Hk, the content contains the watermark of the k -th client. The detector makes an error every time it accuses a client and no watermark was present (false alarm) or it fails in detecting the watermark of the k-th client because it decides that no watermark is present (missed detection) or it wrongly accuses an innocent client (wrong accusation). The performance of the detector is then measured by the probability of false alarm Pf , the probability of missed detection Pm, and the probability of wrong accusation Pw:

The final effect of the joint decryption and watermarking, is that a ST-DM watermark has been embedded in L directions, but in (Md L) directions a spread spectrum like noise has been added. These noise terms can not be avoided, since the client is not allowed to know the L out of Md directions, indicated by the set A. IV. DETECTION It is assumed that the input to the detector is a vector of possibly altered watermarked features, denoted as y. Such a vector is projected onto the L directions carrying the watermark, yielding a vector of L watermarked projections:

Hence, the probability of correct detection should be expressed as Pd = 1 Pm Pw. The above error probabilities will depend on the threshold and on several other parameters of the system, and will allow to measure the performance of the proposed system. V. PERFORMANCE EVALUATION The system embeds a watermark into a gray level image by modifying m out of 64 block DCT coefficients. In particular, for each 88 block, the DCT coefficients are reordered in the zig-zag scan, and the ones from the second until the (m+1)th are selected. Since the host features have variable size, whereas the spreading vector has a fixed size (i.e. M), we

Since the embedding rule makes it difficult to define a likelihood ratio, the proposed detector relies on a suboptimal

ISSN:2231-5381

-99-

IJETT

International Journal of Engineering Trends and Technology- May to June Issue 2011
divide the vector of available host features into chunks of length M: each chunk is composed by the DCT coefficients belonging to l blocks, so that the length of each chunk is M = l m. If the number of 8 8 blocks inside an image is NB, the number of available chunks NC is given by: NC = (m NB) /M. For each chunk the same projection matrix is adopted, but different sets of dithering j are considered. According to this, the k-th client is identified by a vector obtained as the concatenation of NC vectors ik of length L (one for each chunk), that is in detection the vector In order to compare the performances of the proposed STDM client-side watermarking system vs. the SS version, we implemented the two systems considering the following values for the system parameters: M = 32, L = 4, m = 4, MD = 32, R = 4, E = 100, W = 0.01, T = 216, DWR = 36 dB. Parameters , and have then been derived from the fixed ones, while x and NB are estimated from the testing image (512 512 8-bit grey level images were considered). The Pf has been set to 10 3. ST-DM shows a vanishing probability of missed detection at high WNR/JPEG quality and performs better than SS when the degradation on the watermarked content is kept within an acceptable range. VI. CONCLUSIONS The proposed client-side ST-DM embedding has been compared with a previously proposed client-side SS watermarking system, showing that the advantages of the informed embedding technique, which are well known in traditional watermarking systems, are preserved in the clientside scenario. This is not an obvious result, since the clientside framework imposes some constraints that do not allow us to embed a pure ST-DM watermark. Client side watermark embedding schemes have been proposed as a possible solution for the copyright protection in large scale content distribution environments. In this framework, we propose a lookup- table based secure embedding system, designed for the Spread Transform Dither Modulation (ST-DM) watermarking algorithm, that outperforms Spread Spectrum based systems. From the point of view of the compression overhead, in the current system, the server distributes encrypted images that cannot be optimally compressed; to cope with it, two possible solutions are devised: in the first one, suitable for the distribution of very large contents like videos, the server selectively encrypts only some parts of the content, which are not compressed; in the second one, the server employs some form of distributed source coding, that, at least in theory, should guarantee a coding rate close to the entropy of the watermarked content. However, it has to be considered that already in the current system the overhead due to encryption is balanced by the possibility of broadcasting the encrypted content: if the number of clients is much greater than the best achievable compression rate, transmitting separate optimally compressed copies of the content to each client will consume more bandwidth than broadcasting a single but less compressed copy.

having size L NC = L(mNB)/M will be used. The performance analysis is carried out by defining the operating conditions in terms of Document to Watermark Ratio (DWR). The DWR expresses the ratio between the power of the host features and that of the watermark:

where (MD/M)(m/64) and (L/M)(m/64)represent the percentages of DCT coefficients suffering the quantization error introduced by the embedding process, due to the shift addition process (involving all the MD directions) and to the quantization process (involving only L directions) respectively. In order to force a given DWR value for a specific watermarked image, we introduce a parameter controlling the watermark strength and we put it as a factor multiplying the watermark LUT; specifically, we will consider E[tjh] and Dk[tjh] instead of E[tjh] and Dk[tjh] in equations (7) and (8), and consequently also the watermark LUT will result multiplied by . Since this parameter is required in decryption, the server will need to send the adopted value to all the clients. The relationship between and the DWR can be computed by taking into account that to assure that the shift value remains inside the interval [/2,+/2], and given that follows a Gaussian distribution, the standard deviation of the shifts has to be chosen in such a way that = /8 . Furthermore, since a shift value is obtained by the addition of R entries of the LUT Wk, we have that 2= R2W2. By considering that 2 = 642, equation (18) can thus be rewritten as:

and therefore by imposing a given watermark distortion (i.e. a given DWR), a proper value for is achieved.

ISSN:2231-5381

-100-

IJETT

International Journal of Engineering Trends and Technology- May to June Issue 2011
REFERENCES [1] M. Celik, A. Lemma, S. Katzenbeisser, and M. van der Veen, Lookup table based secure client-side embedding for spreadspectrum watermarks, IEEE Trans. Inf. Forensics Security, vol. 3, no. 3, pp.475 487,Sep. 2008. [2] R. J. Anderson and C. Manifavas, ChameleonA new kind of stream cipher, in Proc. 4th Int. Workshop on Fast Software Encryption (FSE 97), London, U.K., 1997, pp. 107113. [3] A. Adelsbach, U. Huber, and A.-R. Sadeghi, FingercastingJoint fingerprinting and decryption of broadcast messages, in Proc. 11th Australasian Conf. Information Security and Privacy, 2006, vol. 4058, Lecture Notes in Computer Science, pp. 136147. [4] M. Celik, A. Lemma, S. Katzenbeisser, and M. van der Veen, Secure embedding of spread-spectrum watermarks using lookup tables, in Proc. Int. Conf. Acoustics, Speech and Signal Processing (ICASSP07), Honolulu, HI, Apr. 2007, vol. 2, pp. II-153II-156. [5] I. J. Cox, M. L. Miller, and A. L. McKellips, Watermarking as Communications with side information, Proc. IEEE, vol. 87, no. 7, pp. 11271141, Jul. 1999s.

ISSN:2231-5381

-101-

IJETT