Académique Documents
Professionnel Documents
Culture Documents
-1- TheDirectData.com
Page 1
Digital Signature And Watermarking INDEX 1) INTRODUCTION 2) HISTORY 3) SIGNATURES AND LAWS 4) METHODS TO CREATE DIGITAL SIGNATURE 5) DSS (DIGITAL SIGNATURE STANDARD) 6) DIGITAL CERTIFICATE 7) CHALLENGES AND OPPURTUNITIES 8) DIGITAL WATERMARKING 9) PURPOSE OF DIGITAL WATERMARK 10) TECHNIQUES FOR WATERMARKING 11) TYPES OF WATERMARK 12) HOW WATERMARKING WORKS 13) TYPES OF WATERMARKING 14) LIMITATIONS OF WATERMARKING 15) FUTURE OF WATERMARKING 16) CONCLUSION 17) REFRENCES AND BIBLOGRAPHY -1-1-4-5-9-10-14-15-16-19-20-22-23-26-27-30-31-
TheDirectData.com
Page 2
HISTORY:
It is probably not surprising that the inventors of writing, the Sumerians, were also the inventors of an authentication mechanism. The Sumerians used intricate seals, applied into their clay cuneiform tablets using rollers, to authenticate their writings. Seals continued to be used as the primary authentication mechanism until recent times. Use of signatures is recorded in the Talmud (fourth century), complete with security procedures to prevent the alteration of documents after they are signed. The Talmud even describes use of a form of "signature card" by witnesses to deeds. The practice of authenticating documents by affixing handwritten signatures began to be used within the Roman Empire in the year AD 439, during the rule of Valentinian III. The subscripto - a short handwritten sentence at the end of a document stating that the signer "subscribed" to the document - was first used for authenticating wills. The practice of affixing signatures to documents spread rapidly from this initial usage, and the form of signatures (a hand-written
TheDirectData.com
Page 3
Digital Signature And Watermarking representation of ones own name) remained essentially unchanged for over 1,400 years. It is from this Roman usage of signatures that the practice obtained its significance in Western legal tradition.
DIGITAL SIGNATURE:
Digital signatures are a way to ensure the integrity of a message or other data using public key cryptography. Like traditional signatures written with ink on paper, they can be used to authenticate the identity of the signer of the data. However, digital signatures go beyond traditional signatures in that they can also ensure that the data itself has not been altered. This is like signing a check in such a way that if someone changes the amount of the sum written on the check, an Invalid stamp becomes visible on the face of the check.Digital signatures take the concept of TheDirectData.com Page 4
Digital Signature And Watermarking traditional paper-based signing and turn it into a digital "fingerprint". This "fingerprint", or coded message, is unique to both the document and the signer. The digital signature ensures that the signatory is indeed the originator of the message. Any changes made to the document after it was signed invalidate the signature, thereby protecting against forgery. Digital signatures help organizations sustain signer authenticity, accountability, data integrity and non-repudiation of documents and transactions.
It insures by means of verification and validation that the user is whom he/she
claims to be. This is done by combine the users credential to the digital certificate and in turn this method uses one point of authentication.
Digital certificates insure data Integrity giving the user piece of mind that the
message or transaction has not been accidentally or maliciously altered. This is done cryptographically.
Digital certificates ensure confidentiality and ensure that messages can only
Digital certificates also verify date and time so that senders or recipients can
TheDirectData.com
Page 5
Digital Signature And Watermarking 4. Name of the company: This section identifies the company that the signature belongs too. 5. Serial number of the Digital ID: This part is a unique number that is bundled to the signature for tracking ad extra identification reasons. 6. Digital signature of the CA (certification Authority): This is a signature that is issued by the authority that issues the certificates.
Evidence: A signature authenticates a writing by identifying the signer with the signed document. When the signer makes a mark in a distinctive manner, the writing becomes attributable to the signer.
Ceremony: The act of signing a document calls to the signer's attention the legal significance of the signer's act, and thereby helps prevent "inconsiderate engagements.
Approval: In certain contexts defined by law or custom, a signature expresses the signer's approval or authorization of the writing, or the signer's intention that it have legal effect.
Efficiency and logistics: A signature on a written document often imparts a sense of clarity and finality to the transaction and may lessen the subsequent need to inquire beyond the face of a document. Negotiable instruments, for example, rely upon formal requirements, including a signature, for their ability to change hands with ease, rapidity, and minimal interruption.
The formal requirements for legal transactions, including the need for signatures, vary in different legal systems, and also vary with the passage of time. There is also variance in the legal consequences of failure to cast the transaction in a required form. The statute of frauds of the common law tradition, for example, does not render a transaction invalid for lack of a "writing signed by the party to be charged," but rather makes it unenforceable in court, a
TheDirectData.com
Page 6
Digital Signature And Watermarking distinction which has caused the practical application of the statute to be greatly limited in case law.
METHOD 2:
Another fundamental process, termed a "hash function," is used in both creating and verifying a digital signature. A hash function is an algorithm which creates a digital representation or "fingerprint" in the form of a "hash value" or "hash result" of a standard length which is usually much smaller than the message but nevertheless substantially unique to it. Any change to the message invariably produces a different hash result when the same hash function is used. In the case of a secure hash function, sometimes termed a "one-way hash function," it is computationally infeasible to derive the original message from knowledge of its hash value. Hash functions therefore enable the software for creating digital signatures to operate on smaller and predictable amounts of data, while still providing robust evidentiary correlation to the original message content, thereby efficiently providing assurance that there has been no modification of the message since it was digitally signed. Thus, use of digital signatures usually involves two processes, one performed by the signer and the other by the receiver of the digital signature:
Digital signature creation uses a hash result derived from and unique to both the signed message and a given private key. For the hash result to be secure, there must be only a negligible possibility that the same digital signature could be created by the combination of any other message or private key.
Digital signature verification is the process of checking the digital signature by reference to the original message and a given public key, thereby determining whether the digital signature was created for that same message using the private key that corresponds to the referenced public key.
TheDirectData.com
Page 8
the signer who signs the document; the verifier who receives the signed document and verifies the signature ; the arbitrator who arbitrates any disputes between the signer and the verifier if there is a disagreement on the validity of the digital signature.
Digitally signing a document begins with producing a summary of the document using mathematical functions known as hash functions. Some examples are Message Digest-5 (MD5), Secure Hash Algorithm-1 (SHA-1) and Rseaux IP Europens (RIPE) Message Digest-160 (RIPMED-160). The output of a hash function, a document summary called the hash, always has the same number of bits e.g. 128 for MD5 and 160 for SHA-1, regardless of the length of the input document. It is obvious that different documents will produce different hashes. It is considered virtually impossible to have an identical hash even from two similar documents. The hash function is encrypted by the signer using his/her private key and forms the digital signature of the encrypted document. The verifier receives both the document and the signature, calculates the summary of the document using the same hash function used by the signer. The signature is decrypted using the signers public key. The last step is to compare the decrypted summary with the one previously computed by the verifier from the document. If the two summaries are identical then the signature has been verified. The verifier is now sure of the identity of the signer and that the data was not been modified.
TheDirectData.com
Page 9
Digital Signature And Watermarking The figure below shows the signing process again in steps.
Let us suppose that Alice is the signer and Bob the verifier: Let us suppose that Alice is the signer and Bob the verifier:
Alice calculates the summary of the document, the hash; Alice encrypts the summary with her own private key to create the digital signature; Alice sends the digital signature and the document to Bob, the verifier; Bob calculates the summary of the document, the hash; Bob decrypts the digital signature with Alices public key and obtains a summary; Bob compares the two summaries he has made; if they are equal Bob is sure that the document was not modified and that Alice really did sign the document herself.
TheDirectData.com
Page 10
A hash function is used in the signature generation process to obtain a condensed version of data, called a message digest . The message digest is then input to the DSA to generate the digital signature. The digital signature is sent to the intended verifier along with the signed data (often called the message). The verifier of the message and signature verifies the signature by using the sender's public key. The same hash function must also be used in the verification process. The hash function is specified in a separate standard, the Secure Hash Standard (SHS), FIPS 180. Similar procedures may be used to generate and verify signatures for stored as well as transmitted data.
TheDirectData.com
Page 11
The user's distinguished name (a unique identifier) The issuing Certification Authority's distinguished name The user's public key The validity period The certificate's serial number The issuing Certification Authority's digital signature, verifying the information in
Digital Signature And Watermarking Modern forensic document examiners commonly compare a suspect signature with several examples of known valid signatures, and look for signs of forgery, which include: Signatures written at a speed which is significantly slower than the genuine signatures; Frequent change of the grasp of the writing implement; Blunt line endings and beginnings; Poor line quality with wavering and tremor of the line; Retracing and patching; Stops in places where the writing should be free. These techniques are supplemented with ink and paper analysis, electrostatic detection of writing imprints, and so on. If one were to argue in court that "I didnt sign this document, my pen did," the result would probably be tittering in the courtroom, a lost case, and a possible court-ordered psychiatric evaluation. However, if one were to argue in court that "I didnt sign the data, my computer did," the response from the court might be more sympathetic, as anyone who has used a computer has had the experience of the computer doing something the operator didnt want it to do. Ultimately, people do not sign electronically - they command their computers to sign electronically on behalf of the signer. Someday an attacker will seize control of a victims signing application to fraudulently sign data, and when this attack becomes public, confidence in digital signatures may be forever shaken. Digital signatures cryptographic authentication systems bind signatures to individuals through technical and procedural mechanisms. There are strong, mathematical links between a private signature key, its associated public key, and the message signature, but the association between the signer and her private key depends on the protection afforded the private key. The association between the signer and her public key depends on the honesty and diligence of the Certification Authority (CA) issuing the signers public key certificate (a TheDirectData.com Page 13
Digital Signature And Watermarking public key certificate is a digitally signed statement by a CA that binds a public key to a signers identity). Hence, the strength of the security services provided by a digital signature is a function of the methods used to safeguard the private signature key, methods used by the CA to identify and authenticate those applying for digital certificates, the protections provided against corrupt CAs, safeguards against the computers used by the CA being subverted, and so on. The standards, practices and procedures used to ensure the validity of the binding between a signer and the signers public key represent a "certificate policy." The Internet Engineering Task Force (IETF) Public Key Infrastructure/X.509 (PKIX) working group has developed a guide for developing certificate policies that describes certificate policies more precisely as: "A named set of rules that indicate the applicability of a certificate to a particular community and/or class of application with common security requirements." The IETF goes on to list about 250 "policy elements" which can be factored into the establishment of a certificate policy. These policy elements include methods used to identify an individual, how the public/private key pairs are generated, how the private keys are protected, liability limits, and so on. Since different CAs establish and follow different policies, the strength of digital signatures varies according the policy of the CA who issued the signers certificates. Furthermore, digital signature certificates normally state a "validity interval," determined by the CA, during which the certificate may be used to verify signatures. The matter of what to do about signatures applied using a private key for which the associated public key has expired is one of many associated with the long-term validity of digital signatures.
Digital Signature And Watermarking There are at least four problems associated with the long-term archival of signed electronic records. Briefly, they are: Deterioration of the source media; Obsolescence of the record data format; Evolution of cryptographic algorithms and related standards; and, Certificate life-cycle. Source media (tapes, optical disks, floppy disks, etc.) are subject to deterioration over time. Magnetic media are prone to hydrolysis of the binder in which the magnetic particles are embedded. Hydrolysis causes the binder to become soft and sticky, and transfer from the media substrate to read/write heads and other surfaces. Another problem with magnetic media is the magnetic domains within the media "top coat" can reverse, thus changing recorded 1s to 0s and vice versa. The length of time a tape may be used to archive data varies from a minimum of about one year under tropical conditions, to about 64 years under ideal (cool, dry) conditions. The "weak link" in terms of optical disk archival is the metal reflecting layer, used to reflect the optical disk readers laser. This reflecting layer is typically made of aluminum, and subject to oxidation, because the reflecting surface is enclosed in materials that can be oxygen-permeable. As with magnetic tape, quality of the media and storage conditions play the dominant role in determining the useful archive lifetime, but manufacturers estimates and independent studies indicate that read-only optical disks should last for 100 years under ideal conditions. Lifetimes for writable optical disks are usually less - between 10 - 50 years (Dual alloy disks being an exception, with an estimated life of 100 years.) Digital signatures exacerbate the problem of technological obsolescence. They make the most common coping technique - conversion to new formats during transition periods impossible unless the original signer can resign under the new format - a solution which is always burdensome and often impossible. From a digital signature perspective, a change to a document format is indistinguishable from a change to the document content, and will result in an unverifiable signature. TheDirectData.com Page 15
Digital Signature And Watermarking A similar problem is associated with the mercurial nature of cryptographic algorithms and standards. Aside from the signers private signature key, a digital signature is a function of:
The message being signed (including any encoding of the data); The hashing algorithm used; and, The signature algorithm used.
We have already seen that the formatting of data is changing continuously. It appears that digital signature standards are also likely to undergo continuous evolution. Hashing algorithms that have been used in the short history of digital signatures include MD2, MD4, MD5, and the Secure Hashing Algorithm - 1 (SHA-1). There are frequent proposals for improving upon these algorithms as new cryptanalytic attacks are found, more efficient hashing mechanisms are devised, and computer hardware (for example the move from 16 bit to 32 bit machines) changes algorithm requirements. Earlier we explored the role of the Certification Authorities in binding identities to public keys. It must be stressed that digital signatures cannot be verified without certificates. Certificates expire. VeriSign Corporation, for example, issues certificates to end-entities for one year periods. Certificate validity dates vary from one Certification Authority to another, and a single CA can support several certificate policies with different certificate validity periods. Certificates can be renewed, but if they are not renewed, they expire, and are not supposed to be used to verify signatures thereafter.
Institutional overhead: The cost of establishing and utilizing certification authorities, repositories, and other important services, as well as assuring quality in the performance of their functions.
Subscriber and Relying Party Costs: A digital signer will require software, and will probably have to pay a certification authority some price to issue a certificate.
TheDirectData.com
Page 16
Digital Signature And Watermarking Hardware to secure the subscriber's private key may also be advisable. Persons relying on digital signatures will incur expenses for verification software and perhaps for access to certificates and certificate revocation lists (CRL) in a repository. On the plus side, the principal advantage to be gained is more reliable authentication of messages. Digital signatures, if properly implemented and utilized offer promising solutions to the problems of:
Imposters, by minimizing the risk of dealing with imposters or persons who attempt to escape responsibility by claiming to have been impersonated; Message integrity, by minimizing the risk of undetected message tampering and forgery, and of false claims that a message was altered after it was sent; Formal legal requirements, by strengthening the view that legal requirements of form, such as writing, signature, and an original document, are satisfied, since digital signatures are functionally on a par with, or superior to paper forms; and
DIGITAL WATERMARKING
Digital watermarking is a technique which allows an individual to add hidden copyright notices or other verification messages to digital audio, video, or image signals and documents. Such hidden message is a group of bits describing information pertaining to the signal or to the author of the signal (name, place, etc.). The technique takes its name from watermarking of paper or money as a security measure. Digital watermarking is not a form of steganography, in which data is hidden in the message without the end user's knowledge, although some watermarking techniques have the steganographic feature of not being perceivable by the human eye. The enormous popularity of the World Wide Web in the early 1990's demonstrated the commercial potential of offering multimedia resources through the digital networks. Since commercial interests seek to use the digital networks to offer digital media for profit, they have a strong interest in protecting their ownership rights. Digital watermarking has been proposed as one way to accomplish this. TheDirectData.com Page 17
Digital Signature And Watermarking A digital watermark is a digital signal or pattern inserted into a digital image. Since this signal or pattern is present in each unaltered copy of the original image, the digital watermark may also serve as a digital signature for the copies. A given watermark may be unique to each copy (e.g., to identify the intended recipient), or be common to multiple copies (e.g., to identify the document source). In either case, the watermarking of the document involves the transformation of the original into another form. This distinguishes digital watermarking from digital fingerprinting where the original file remains intact, but another file is created that "describes" the original file's content. As a simple example, the checksum field for a disk sector would be a fingerprint of the preceding block of data. Similarly, hash algorithms produce fingerprint files.
TheDirectData.com
Page 18
Invisible watermarks, on the other hand, are potentially useful as a means of identifying the source, author, creator, owner, distributor or authorized consumer of a document or image. For this purpose, the objective is to permanently and unalterably mark the image so that the credit or assignment is beyond dispute. In the event of illicit usage, the watermark would facilitate the claim of ownership, the receipt of copyright revenues, or the success of prosecution. Watermarking has also been proposed to trace images in the event of their illicit redistribution. Whereas past infringement with copyrighted documents was often limited by the unfeasibility of large-scale photocopying and distribution, modern digital networks make large-scale dissemination simple and inexpensive. Digital watermarking makes it possible to uniquely mark each image for every buyer. If that buyer then makes an illicit copy, the illicit duplication may be convincingly demonstrated. VISIBLE VS. INVISIBLE WATERMARKS Visible and invisible watermarks both serve to deter theft but they do so in very different ways. Visible watermarks are especially useful for conveying an immediate claim of ownership. The main advantage of visible watermarks, in principle at least, is that they virtually eliminate the commercial value of the document to a would-be thief without lessening the document's utility for legitimate, authorized purposes. A familiar example of a visible watermark is in the video domain where CNN and other television networks place their translucent logo at the bottom right of the screen image.
TheDirectData.com
Page 19
Digital Signature And Watermarking Invisible watermarks, on the other hand, are more of an aid in catching the thief than discouraging the theft in the first place. Though neither exhaustive nor definitive, Table 1 shows some anticipated primary (p) and secondary (s) benefits to digital watermarking. Table 1. Purpose validation of intended recipient non-repudiable transmission deterrence against theft diminish commercial value without utility discourage unauthorized duplication digital notarization and authentication identify source REQUIREMENTS OF WATERMARKS To be effective in the protection of the ownership of intellectual property, the invisibly watermarked document should satisfy several criteria: 1. the watermark must be difficult or impossible to remove, at least without visibly degrading the original image, 2. the watermark must survive image modifications that are common to typical imageprocessing applications (e.g., scaling, color requantization, dithering, cropping, and image compression), 3. an invisible watermark should be imperceptible so as not to affect the experience of viewing the image, and 4. for some invisible watermarking applications, watermarks should be readily detectable by the proper authorities, even if imperceptible to the average observer. Such decodability without requiring the original, un-watermarked image would be necessary for efficient recovery of property and subsequent prosecution.
visible p p s p
invisible P P P P S P S
TheDirectData.com
Page 20
Digital Signature And Watermarking One can understand the challenge of researchers in this field since the above requirements compete, each with the others. The litmus test of a watermarking method would be that it is accepted and used on a large, commercial scale, and that it stands up in a court of law. None of the digital techniques have yet to meet these tests.
Digital Signature And Watermarking schemes). Since watermarks applied to the frequency domain will be dispersed over the entirety of the spatial image upon inverse transformation, this method is not as susceptible to defeat by cropping as the spatial technique. However, there is more of a tradeoff here between invisibility and decodability, since the watermark is in effect applied indiscriminately across the spatial image. Watermarking can be applied to text images as well. Three proposed methods are: text line coding, word space coding, and character encoding. For text line coding, the text lines of a document page are shifted imperceptibly up or down. For a 40-line text page, for instance, this yields 2**40 possible codewords. For word-shift coding, the spacing between words in a line of justified text is altered (see Figure 3). For character coding, a feature such as the endline at the top of a letter, "t" is imperceptibly extended. An advantage of these methods over those applied to picture images is that, by combining two or three of these to one document, two documents with different watermarks cannot be spatially registered to extract the watermark. Of course, the watermark can be defeated by retyping the text.
Types of Watermark
Visible watermarks: Visible watermarks are an extension of the concept of logos. Such
watermarks are applicable to images only. These logos are inlaid into the image but they are transparent. Such watermarks cannot be removed by cropping the center part of the image. Further, such watermarks are protected against attacks such as statistical analysis. The drawbacks of visible watermarks are degrading the quality of image and detection by visual means only. Thus, it is not possible to detect them by dedicated programs or devices. Such watermarks have applications in maps, graphics and software user interface.
TheDirectData.com
Page 22
Public watermark: Such a watermark can be read or retrieved by anyone using the
specialized algorithm. In this sense, public watermarks are not secure. However, public watermarks are useful for carrying IPR information. They are good alternatives to labels.
Private Watermark: Private watermarks are also known as secure watermarks. To read
or retrieve such a watermark, it is necessary to have the secret key.
TheDirectData.com
Page 23
How It Works
Digital Watermarking software looks for noise in digital media and replaces it with useful information. A digital media file is nothing more than a large list of 0s and 1s. The watermarking software determines which of these 0s and 1s correspond to redundant or irrelevant details. For example, the software might identify details in an image that are too fine for the human eye to see and flag the corresponding 0s and 1s as irrelevant noise. Later the flagged 0s and 1s can be replaced by a digital watermark.
A real-world example The following two sequences of images demonstrate a typical watermark embedding and extraction process applied to a static image. It is notable that a slight degradation of the original image occurs when the watermark is embedded. However, the retrieved watermark is very close to the original watermark, which can help resolve ownership issues.
TheDirectData.com
Page 24
TYPES OF WATERMARKING:
Video watermarking Video watermarking can be considered as a superset of normal image watermarking. As such, all the techniques applicable to static images can be applied to video images. However, due to the high frame rate of video, the embedding process must occur almost in real time for live transmissions (it takes a finite time to embed the watermark, which might influence the transmission rate). If the content is generated off-line, this limitation does not exist. A very popular form of on-line (live) video watermarking is the usage of a visible watermark (normally a logo or other distinguishing sign placed in an unobtrusive place on each frame of video footage). Audio watermarking Audio watermarking is currently at the forefront of technology development in an attempt to prevent illegal reproduction and redistribution. One implementation receiving widespread attention is the MP3 approach to audio compression and watermarking. Audio watermarking can be successfully implemented at frequencies outside the normal human audible range. (This is also the approach followed by compression schemes, in which frequencies outside the human audible range are removed from the original audio soundtrack.) Text watermarking Text can be subdivided into two categories: raw unformatted ASCII text and formatted text (typically Postscript, PDF or RTF formats). Watermark information can be embedded into a formatted document using an approach based on the slight adjustment of inter-line and inter-word spacings. Another approach to watermark embedding is to consider the typeset text as one large image and thus to use the typical approaches used for images. TheDirectData.com Page 25
Digital Signature And Watermarking Raw text presents a big problem to the watermark process. At this stage no successful approach is known. One possible approach is based on adding white space characters after each sentence (and is thus hidden to the casual observer). However, this approach is easily bypassed using a normal text editor.
WATERMARKS IN USE Authentication is but one use of digital watermarking. Both symmetric and asymmetric hashing algorithms can be used to embed a unique digital imprint on a document or file. If the removal of an imprint yields the original document (which is to say that the "stripped" watermark is identical to the embedded watermark), then the copy is authentic. Once again, this assumes that the "stripping" algorithm is available to the end-user. Such authentication techniques are usually associated with some sort of encryption for the distribution of keys, programs, etc. which are related to the watermarked documents. In addition, watermarks are also used as a check for non-repudiable duplication and transmission. In this case, the owner, creator or sender imprints a watermark which is unique for each receiver. The watermark holds under subsequent re-transmission, so the "authorized" source of unauthorized copies may be easily identified after extraction. A collateral benefit is that the intended recipient of a document token could always be identified. However, these applications really only apply to the class of invisible watermarks. Visible watermarks (as in Figure 1) contribute to document and transmission security in different ways. To illustrate, visible watermarks are more overt means of discouraging theft and unauthorized use both by reducing the commercial value of a document and making it obvious to the criminally inclined that the document's ownership has been definitively established . We observe that invisible watermarks only have this effect if the digital thief is aware of the technology and the possibility that watermarks may be present on a document of interest.
TheDirectData.com
Page 26
Digital Signature And Watermarking There are several characteristics of effective watermarks. For one, they must be difficult or impossible to remove. For another, they must survive common document modifications and transformations (e.g., cropping and compressing image files). Third, they must, in principle at least, be easily detectable and removable by authorized users with such privileges (e.g., law enforcement agencies). Invisible watermarks should also be imperceptible, while visible watermarks should be perceptible enough to discourage theft but not perceptible enough to decrease the utility or appreciation of the document.
WATERMARKING PRACTICE
Watermarking techniques tend to divide into two categories, text and image, according to the type of document to be watermarked. In the case of imagery, several different methods enable watermarking in the spatial domain from simply flipping low-order bits of selected pixels to superimposing watermark symbols over an area of a graphic. Spatial domain watermarking is illustrated in Figures 2a and 2b that demonstrate how the degree of visibility of the watermark depends upon its intensity and the nature of the background.
Figures Figures 2a and 2b.Two (of many) Two watermarked images identical but for the intensity of the image. Considerable latitude is available, in terms of placement, size and intensity to blend the watermark into a graphic. Another spatial watermarking technique uses color separation. In this way, the watermark appears in only one of the color bands. This renders the watermark visibly subtle such that it is difficult to detect under regular viewing. However, the watermark appears immediately TheDirectData.com Page 27
Digital Signature And Watermarking when the colors are separated for printing. This renders the document useless to the printer unless the watermark can be removed from the color band. This approach is used commercially for journalists to inspect digital pictures from a photo-stockhouse before buying un-watermarked versions.
TheDirectData.com
Page 28
Digital Signature And Watermarking and the watermarked copy of the original (blue). Next, the extracted signature (blue) is compared against the original signature (gold). Identity signifies authenticity of the copy.
TheDirectData.com
Page 29
Digital Signature And Watermarking Here are some problems that you might encounter when deploying a watermark: Ease of Destruction: Although watermarks are designed to survive manipulation of the source media, it is nonetheless possible to perform manipulations that irrecoverably break the watermark. Furthermore, the small number of watermark software vendors results in easily detectable watermark signature patterns. There are numerous effective techniques for identifying and disabling commercial watermarks in media. Efficient Detection of Watermarks: Imagine youre working for a stock photography company. Browsing the web one day, you come across an image that looks very familiar. Suspicious, you scan the image with your companys watermarking software. Sure enough, its one of your images, and the site never purchased the right to use it! The watermark gives your legal team the ammunition it needs to force payment from the freeloaders. This scenario makes watermarking sound incredibly useful. Unfortunately, the method of detection (accidental) is not very reproducible or reliable. Automated watermark search engines exist, but they have some significant limitations. For starters, the amount of digital media on the Internet is staggering. It could take hundreds of millions of dollars in equipment to effectively scan a significant amount of Internet data for watermarks. Then theres traditional media -- scanning newspapers, magazines, TV broadcasts and films for watermarks requires a lot of manual work and therefore is rarely cost effective. Stock photography, clip art, and other variants of digital artwork are ideal candidates for watermarking. Without watermarks, a visual artist cant display their commercial images online without worrying that someone will just download and use their imagery without paying. By using a watermark search engine, our example scenario becomes a business saving strategy for these companies.
The following figure presents a very abstract watermark-embedding process. TheDirectData.com Page 30
The extraction of the embedded watermark is depicted in the next figure. Upon successful extraction of the watermark, ownership information (and other information initially embedded in the original image) is available for inspection.
TheDirectData.com
Page 31
Conclusion
In this paper we introduced the concept of digital watermarking used to protect intellectual property rights, copyrights and rightful ownership. We presented required criteria for a watermarking scheme to be successful. We also identified areas (types of digital media) where watermarking can be applied as well as other areas (such as raw text) where no current watermarking scheme exists. We finally addressed the issue of whether the presence of a watermark can prove ownership and concluded that this is only possible through the use of a higher, controlling governing body where all original media can be registered. A final conclusion: Digital watermarking can successfully be employed if the value of the digital media warrants the added expense. If not, it is an exercise in futility. Digital signature relies on the protection afforded a private signature key by the signer, and the procedures implemented by a Certification Authority. Digital signatures must be applied by a computer commanded by the signer. Forgery of digital signatures, in the absence of compromise of the private signature key, or hijacking of the signature mechanism, is virtually impossible. Due to the cryptographic nature of digital signatures, attempted forgeries are immediately obvious to any verifier, except in the case where a private signature key has been compromised, or control of the signing mechanism has been seized. In these cases, distinguishing between a valid and invalid digital signature may be impossible, even for a computer forensics specialist. . Digital signatures are fiendishly complex, involving arcane number theory, the workings of computer operating systems, communications protocols, certificate chain processing, certificate policies, and so on. There are very few people on this planet (if any) who completely understand every process involved in generating and verifying a digital signature. The potential for confused lawyers, judges and juries is extreme. TheDirectData.com Page 32
Digital Signature And Watermarking Digital signatures have the potential to have the greatest impact on commerce since the invention of money. Digital signatures allow us to identify ourselves and make commitments in cyberspace in much the same way as we do in actual space. Nonetheless, digital signature have important limitations, the most significant being their temporary nature:
TheDirectData.com
Page 33