220 likes | 264 Vues
Explore an innovative watermarking protocol addressing unbinding problems, enhancing buyer’s privacy and seller accountability. The protocol introduces one-time key pairs, ensuring secure and efficient interactions between buyers and sellers.
E N D
An Efficient and Anonymous Buyer-Seller Watermarking ProtocolC. L. Lei, P. L. Yu, P. L. Tsai and M. H. Chan, IEEE Transactions on Image Processing, VOL. 13, NO. 12, December 2004 Multimedia Security
Outline • Customer’s Right Problem • Buyer-Seller Watermarking Protocol • Unbinding Problem • The Proposed Watermarking Protocol • Discussion
Customer’s Right Problem • In traditional watermarking scenarios, the seller is entitled to the responsibility of generating and inserting digital watermarks. As a result, the seller is granted access to each watermarked copy. • A malicious seller can easily frame the buyer by releasing corresponding watermarked copy afterwards.
Memon and Wong’s Protocol EB(W’)=P(EB(W)) EB(X’)=EB(X+W’)= EB(X)+EB(W’) SignWCA(EB(W)) Privacy Homomorphism W SignWCA(EB(W)) B & IDB X’=DB-1(EB(X’))
Unbinding Problem • Failure to bind a watermark to a certain piece of content • U’=U+P1(W1), V’=V+P2(W2) • If Seller gets V’, P2(W2) is available to seller. • EB(U+P2(W2)) now can be generated
Roles • S: seller • B: buyer • CA: A trusted certification authority, issuing anonymous certificate • WCA: a trusted watermark certificate authority • ARB: arbiter
Notations • (pkI, skI) : a public-private key pair for owner I • (pk*, sk*): a one-time key pair • SignI(M): digital signature of message M signed by I • DskI /EpkI : Decryption and encryption function • X+W: watermarked version of X, + standards for watermark insertion • ARG: common agreement between buyer and seller, negotiated in advance
Registration Protocol • B first sends a randomly selected pkB to CA. When CA receives pkB,, it generates an anonymous certificate CertCA(pkB) and sends it back to B. • The registration process can be skipped if anonymity is not a concern
The Proposed Protocol X’=X+V Epk*(X’’)=Epk*(X’+W)=Epk*(X’)+Epk*(W) Store sales records
Identification and Arbitration Y, X’, CertCA(pkB), CertpkB(pk*), ARG, Signpk*(ARG), Epk*(W), Epkwca(W), SignWCA(Epk*(W), pk*, Signpk*(ARG)) W Arbiter WCA Seller Buyer using pk* CA
Solving Unbinding Problem • SignWCA(Epk*(W), pk*, Signpk*(ARG)) explicitly binds W to ARG • By introducing the one-time key pairs, it is impossible for S to fool B.
Accomplishment of Other Goals • Buyer’s privacy is well protected by using anonymous certificate. • Only one communication with seller is required for the buyer now • Trusted third parties are capable of making appropriate adjudications, no cooperation from buyer is required. • The WCA gets information about the digital content, thus a more robust watermark may be tailored.