Multimedia forensics deals with the analysis of multimedia data to gather information on its origin and authenticity. One
therefore needs to distinguish classical criminal forensics (which today also uses multimedia data as evidence) and
multimedia forensics where the actual case is based on a media file. One example for the latter is camera forensics where
pixel error patters are used as fingerprints identifying a camera as the source of an image. Of course multimedia forensics
can become a tool for criminal forensics when evidence used in a criminal investigation is likely to be manipulated. At
this point an important question arises: How reliable are these algorithms? Can a judge trust their results? How easy are
they to manipulate? In this work we show how camera forensics can be attacked and introduce a potential
countermeasure against these attacks.
Digital watermarking has become a widely used security technology in the domain of digital rights management
and copyright protection as well as in other applications. In this work, we show recent results regarding a
particular security attack: Embedding a new message in a previously watermarked cover using the same key as
the original message.
This re-embedding can be the consequence of the absence of truly asymmetric watermarking solutions, especially
if the watermark is to be detected in public. In public detection scenarios, every detector needs the same
key the embedder used to watermark the cover. With knowledge of the embedding algorithm, everybody who is
able to detect the message can also maliciously embed a new message with the same key over the old one. This
scenario is relevant in the case that an attacker intends to counterfeit a copyright notice, transaction ID or to
change an embedded authentication code.
This work presents experimental results on mechanisms for identifying such multiple embeddings in a spreadspectrum
patchwork audio watermarking approach. We demonstrate that under certain circumstances such
multiple embedding can be detected by watermarking-forensics.
Electronic Music Distribution (EMD) is undergoing two fundamental shifts. The delivery over wired broadband
networks to personal computers is being replaced by delivery over heterogeneous wired and wireless networks,
e.g. 3G and Wi-Fi, to a range of devices such as mobile phones, game consoles and in-car players. Moreover,
restrictive DRM models bound to a limited set of devices are being replaced by flexible standards-based DRM
schemes and increasingly forensic tracking technologies based on watermarking. Success of these EMD services
will partially depend on scalable, low-complexity and bandwidth eficient content protection systems.
In this context, we propose a new partial encryption scheme for Advanced Audio Coding (AAC) compressed
audio which is particularly suitable for emerging EMD applications. The scheme encrypts only the scale-factor
information in the AAC bitstream with an additive one-time-pad. This allows intermediate network nodes to
transcode the bitstream to lower data rates without accessing the decryption keys, by increasing the scale-factor
values and re-quantizing the corresponding spectral coeficients. Furthermore, the decryption key for each user
is customized such that the decryption process imprints the audio with a unique forensic tracking watermark.
This constitutes a secure, low-complexity watermark embedding process at the destination node, i.e. the player.
As opposed to server-side embedding methods, the proposed scheme lowers the computational burden on servers
and allows for network level bandwidth saving measures such as multi-casting and caching.
The increasing availability and distribution of multimedia technology has made the
manipulation of digital images, videos or audio files easy. While this enables numerous
new applications, a certain loss of trust in digital media can be observed. In general,
there is no guarantee that a digital image "does not lie", i.e., that the image content
was not altered. To counteract this risk, fragile watermarks were proposed to protect the
integrity of digital multimedia objects. In high security applications, it is necessary to be
able to reconstruct the original object out of the watermarked version. This can be
achieved by the use of invertible watermarks. While traditional watermarking schemes
introduce some small non-invertible distortion in the digital content, invertible
watermarks can be completely removed from a watermarked work.
In the past, the security of proposed image authentication schemes based on invertible
watermarks was only analyzed using ad-hoc methods and neglected the possibility of malicious
attacks, which aim at engineering a fake mark so that the attacked object appears to
be genuine. In this paper, we characterize and analyze possible malicious attacks against
watermark-based image authentication systems and explore the theoretical limits of previous
constructions with respect to their security.
Proc. SPIE. 4675, Security and Watermarking of Multimedia Contents IV
KEYWORDS: Detection and tracking algorithms, Digital watermarking, Computer simulations, Cryptography, Oxygen, Signal processing, Multimedia, Algorithm development, Systems modeling, Information security
With the advent of the web and the creation of electronic distribution channels for multimedia objects, there is an increased risk of copyright infringements. Content providers try to alleviate this problem by using copyright protection facilities that often involve watermarking schemes as primitives. Clearly, the intention of the content provider can be subverted if the watermarking scheme is susceptible to intentional attacks, especially to attacks on the robustness of watermarks. It was noted early during the development of watermarking algorithms that the intention of resolving the copyright situation might be subverted entirely without removing any watermark contained in multimedia objects. Indeed, so-called protocol attacks try to introduce some sort of ambiguity during the copyright resolution process. After providing formal definitions for some common protocol attacks, we discuss the possibility of constructing watermarking schemes that are provably secure against ambiguity and copy attacks. Although there were several previous attempts to secure watermarking schemes against protocol attacks, we provide for the first time a formal security proof of our scheme. The security of the construction is based on a cryptographic primitive, namely an unforgeable public-key signature scheme, that is used to constrain the watermarking bits to have a specific form.
Intuitively, the security of a steganographic communication between two principals lies in the inability of an eavesdropper to distinguish cover-objects from stego-objects, that is objects which contain secret messages. A system should be already considered insecure, if an eavesdropper can suspect the presence of secret communication. Several definitions of steganographic security were proposed in the literature. However, they all consider only perfectly secure steganographic systems, where even a computationally unbounded observer cannot detect the presence of a secret message exchange. Second, it might be difficult to construct secure schemes usable in practice following these definitions. Third, they all require the knowledge of the probability distribution of normal covers; although it might be possible in certain cases to compute this probability, it will in general be infeasible to obtain. In this paper, we propose a novel approach for defining security in steganographic systems. This definition relies on a probabilistic game between the attacker and a judge. Given the ability to observe the normal communication process and the steganographic system, the attacker has to decide whether a specific object (given to him by a judge) is in fact a plain cover or a stego-object. We discuss the applicability of this new definition and pose the open problem of constructing provably secure steganographic systems.
Traditional watermarking systems require the complete disclosure of the watermarking key in the watermark verification process. In most systems an attacker is able to remove the watermark completely once the key is known, thus subverting the intention of copyright protection. To cope with this problem, public-key watermarking schemes were proposed that allow asymmetric watermark detection. Whereas a public key is used to insert watermarks in digital objects, the marks can be verified with a private key. Knowledge of this private key does not allow piracy. We describe two public-key watermarking schemes which are similar in spirit to zero-knowledge proofs. The key idea of one system is to verify a watermark in a blinded version of the document, where the scrambling is determined by the private key. A probabilistic protocol is constructed that allows public watermark detection with probability of 1/2; by iteration, the verifier can get any degree of certainty that the watermark is present. The second system is based on watermark attacks, using controlled counterfeiting to conceal real watermark data safely amid data useless to an attacker.