1 / 41

Information Hiding & Digital Watermarking

Information Hiding & Digital Watermarking. Tri Van Le. Outlines. Background State of the art Research goals Research plan Our approaches. Background. Information hiding Steganography Digital watermarking Related work Covert channels Anonymous communications. Information Hiding.

ina
Télécharger la présentation

Information Hiding & Digital Watermarking

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Information Hiding&Digital Watermarking Tri Van Le

  2. Outlines • Background • State of the art • Research goals • Research plan • Our approaches

  3. Background • Information hiding • Steganography • Digital watermarking • Related work • Covert channels • Anonymous communications

  4. Information Hiding • Steganography • Invisible inks • Small dots • Letters • Digital watermarking • Copyright information • Tracing information

  5. Information Hiding • Main idea • Hide messages in a cover • Steganography • Secrecy of messages • Watermarking • Authenticity of messages

  6. Covert Channels • Leakage information (e.g. viruses) • Disk space • CPU load • Subliminal channels • Digital signatures • Encryption schemes • Cryptographic malwares

  7. Covert Computations • Computation inside computations • Secret design calculations inside a factoring computation • Secret physics simulations inside a cryptographic software or devices

  8. Anonymous Communications • MIX Networks • Electronic voting • Anonymous communication • Onion Routings • Limited anonymous communication • Blind signatures • Digital cash

  9. Digital Watermarking • Secure against known simple attacks • Common lossy compressions • JPEG, MPEG, … • Common signal processing operations • Band pass, echo, pitch, noise filters, … • Crop, scale, move, reshape, … • Specialized attacks

  10. Information Hiding(state of the art) • Many schemes were proposed • Most of them were broken • Use heuristic security • Subjective measurements • Assume very specific enemy

  11. Broken Schemes (I)

  12. Broken Schemes (II)

  13. Broken Schemes (III)

  14. Broken Schemes (IV)

  15. Cryptography in the 80s • Beginning time of open research • A lot of schemes proposed • Most of them soon broken

  16. Broken Cryptosystems (I) Merkle Hellman 1978-1984 Iterated Knapsack 1978-1984 Lu-Lee 1979-1980 Adiga Shankar 1985-1988 Nieder-reiter 1986-1988 Merlke Hellman Merlke Hellman Lu-Lee Adigar Shankar Neiderreiter Okamoto 1987-1988 Okamoto 1986-1987 Pieprzyk 1985-1988 ChorRivest 1988-1998 GoodmanMcAuly 1984-1988 Chor Rivest Okamoto Okamoto Pieprzyk Goodman McAuly

  17. Broken Cryptosystems (II) Matsumoto Imai 1983-1984 Cade 1985-1986 Yagisawa 1985-1986 TMKIF 1986-1985 Luccio Mazzone 1980-1981 Matsumoto Imai Cade Yasigawa Tsujii, Itoh Matsumoto Kurosama Fujioka Luccio Mazzone Rivest Adleman Dertouzos 1978-1987 HighDegree CG 1988 Rao Nam 1986-1988 Low Degree CG 1982 Kravitz Reed 1982-1982 ... Krawczyk Boyar Rivest Adleman Dertouzos Rao Nam Kravitz Reed

  18. Proven Secure Schemes • Perfectly secure schemes • Shannon (1949) • Computationally secure schemes • Goldwasser and Micali (1982) • Rabin (1981)

  19. Perfectly Secure Cryptosystems • Shannon’s work (1949) • Mathematical proof of security • Information theoretic secrecy • Enemy with unlimited power • Can compute any desired function

  20. Computationally Secure Cryptosystems • Rabin (81), Goldwasser & Micali (82) • Mathematical proof of security • Computational secrecy • Enemy with limited time and space • Can run in polynomial time • Can use polynomial space

  21. Research Goals • Fundamental way • Systematic approach • Same as Shannon and Goldwasser’s work • What are the properties • Hiding • Secrecy • Authenticity

  22. Fundamental Models • Unconditional Security • Unlimited enemy • Statistical Security • Polynomial number of samples • Computational Security • Polynomial time and space

  23. Information Hiding Properties • Hiding property • Output must look like the cover • Secrecy property • No partial information on input message • Authenticity property • Hard to compute valid output

  24. Unconditional Hiding • Definition • E: KM  C, encryption function • K: key set, M: message set, C: cover set • Pcover: probability distribution of covers • Pc: probability distribution of E(k,m) • Requires • Pc = Pcover

  25. Statistical Hiding • Definition • Pcover: probability distribution of covers • Pc: probability distribution of E(k,m) • n: description length of each cover • Requires • |Pc - Pcover| is negligible. • |Pc - Pcover| < n-d for all d>0 and n>Nd.

  26. Computational Hiding • Definition • Pcover: probability distribution of covers • Pc: probability distribution of E(k,m) • n: description length of each cover • Requires • Pc and Pcover are P-time indistinguishable

  27. Computational Hiding • P-time indistinguishable • For all P.P.T.M. A, d>0, and n>Nd: • Prob(A(Pc)=1) - Prob(A(Pcover)=1) < n-d. • Informally speaking • No P-time enemy can tell apart Pc and Pcover

  28. Unconditional Secrecy • Ciphertext independence: • Prob(m|E(k,m)) = Prob(m) • Informally • no information on message given ciphertext

  29. Statistical Secrecy • Negligible advantages: • For all m in M, d>0, n>Nd: • |Prob(m|E(k,m)) - Prob(m)| < n-d • Informally • Only negligible amount of information on message leaked when given the ciphertext.

  30. Computational Secrecy • Negligible chances: • For all P.P.T.M. A: • For all m in M, d>0, n>Nd: • |Prob(A(E(k,m))=m)| < n-d • Informally • Only negligible chance of output correct m.

  31. Our Approaches • Arbitrary key • Steganography, watermarking • Restricted key • Protection of key materials • Key = Ciphertext • Secret sharing

  32. Our Approaches • Arbitrary key distribution • E(k,m) is distributed accordingly to Pcover • Applications • Steganography • Digital watermarking • Tamper-resistant hardware

  33. Our Approaches • Restricted key distribution • c = E(k,m) • k is distributed accordingly to PK • c is distributed accordingly to Pcover • Applications • No tamper-resistant hardware • Protection of key materials

  34. Our Approaches • Key = Ciphertext • S: MCC • (k1,k2) = S(m) • Requires • k1 and k2 distributed accordingly to Pcover • Applications • Secret sharing • Robustness

  35. Research Progress • To understand information hiding • Perfect hiding (done) • Necessary and sufficient conditions • Computational complexity results • Constructions of prefect secure schemes • Constructions of schemes with non-reliability • Computational hiding (under research) • Conventional constructions • Public key schemes

  36. Perfect Hiding Scheme • Condition • Pcover(c)  1/|M| • Algorithms • Setup: produce |M| matrices Ai • Disjoint non-zero entries • Columns sum up to Pcover • Rows sum up to the same • Encrypt: • E(k,m) distributes accordingly to row Am(k).

  37. Perfect Hiding Scheme • Algorithms • Encrypt: • c=E(k,m) distributes accordingly to row Am(k). • Decrypt: • Output m such that Am(k,c)>0. • Message distribution independence • Hiding implies privacy.

  38. Other aspects • Other aspects • Replacing privacy by authenticity • Digital watermarking • Extra problem • Robustness against modifications • Simple modifications • General modifications

  39. How to exploit • Quadratic residues • n = pq • S1 = {x2 |x in Zn*} • S2 = {x|x in Zn* and J(x)=1} • Decision Diffie-Hellman • U1 = (g, ga, gb, gab) mod p • U2 = (g, ga, gb, gr) mod p

  40. Conclusion • Covert channels • Very special distribution • Our work • General distribution • Proven security levels

  41. Thank you • Questions?

More Related