[ieee 2009 10th acis international conference on software engineering, artificial intelligences,...
TRANSCRIPT
Using Digital Signature Standard Algorithm to incorporate non-invertibility in
Private Digital Watermarking Techniques.
Junaid Gilani and Aijaz Ahmad Mir
Department of Electronics &Communication Engineering,
National Institute of Technology , Hazratbal, Srinagar,Kashmir,India,190 006.
e-mail:{ junaid [email protected] } or { [email protected] }
Abstract. Robustness, even if recognized as a key property of
the digital watermarking, is not considered enough to prove the
ownership of the image. The aim of inversion attacks is to create
ambiguities about the authorship of an image. To thwart
inversion attacks with otherwise robust watermarking schemes,
non-invertibility of watermarking has often been stressed. We
have in this paper, by using the digital signature algorithm
(DSA), proposed a new way of incorporating non-invertibility
into digital watermarking schemes, especially the private digital
watermarking schemes. What we propose in this paper is not
only just a new watermarking technique but also a provably
secure, non-invertible scheme that has features like time-
stamping and use of asymmetric keys , all this vouchsafed by the
underlying use of digital signature algorithm (DSA) which is a
well known standard in cryptography.
Key words:-Digital watermarking, cryptography, digital
signatures, hash value.
1. Introduction
Information hiding has emerged as an exciting and important
research field which encompasses steganography, steganalysis
and digital watermarking [1]. Digital watermarking is applied to
protect the copyright of the digital media which unlike the
analog media can be stored, duplicated, and distributed without
loss of fidelity. Unauthorized copy of digital documents has
been a subject of concern for many years especially with respect
to their authorship claims. Digital watermarking, by hiding
certain information in the original data provides a solution. At
any given moment, the hidden information can be extracted to
prove ownership, to ensure integrity, or simply to get some
copyright-related information.
Watermarking is analogous to the task of communication. It can
normally be described as three stage process: watermark
generation and embedding (akin to information transmission),
distribution and possible attacks (transmission through the
channel), and watermark retrieval or detection (information
decoding at the receiver side) [2].In some applications, the
original, un-watermarked work is needed during detection. In
other applications, detection must be performed without access
to the original work. The former watermarking system is
referred to as informed detection and the latter is called blind
detection [3] . In the watermarking literature, systems that use
informed detection are often called private watermarking
systems, whereas those that use blind detection are called public
watermarking systems.
It was assumed that embedding a watermark and then its
retrieval unambiguously identifies the owner as long as a person
produces a watermark that matches the extracted watermark
from the image. However, in a pioneering work by Craver,
Memon et al. [4], these assumptions were proved to be
insufficient for determining ownership of an image. Since a
watermark could be any random pattern of binary bits,
anyone(say Bob) can claim that a work created by someone
else(say Alice) has his watermarks. This involves identifying a
feature in watermarked image and subtracting it from this
watermarked image to obtain a counterfeit original image. This
kind of attack does not remove Alice’s watermark. However, it
has removed her claim of ownership, because every piece of
evidence indicating that Alice is the originator of the image in
question is matched by an equal piece of evidence that Bob is
the originator. Such an attack is called a SWICO (Single
Watermarked Image Counterfeit Original) attack by [4] and by
later authors [5] [6] as inversion attack.
To avoid these attacks, authors of [4] proposed that the owner
should use a watermarking scheme that is non-invertible and the
watermark should be a bit sequence from the image via a one
way hash function. Zeng and Liu[7] proposed a statistical
watermarking detection without using original images for
resolving rightful ownerships of digital images. They claimed
the watermark sequence should be generated from some
meaningful signature or registered owner ID via a one way hash
function.In this backdrop, [8] proposed a digital watermark
technique to resolve the rightful ownerships of a digital image.
The original image is processed by a standard hash algorithm to
generate a hash value, which can be viewed as the fingerprint of
the image. The hash value is used as a secret key for a standard
encryption algorithm such as data encryption standard (DES) or
the advanced Encryption Standard. (AES). A meaningful
watermark is then encrypted by the standard encryption
algorithm.
The whole issue of non-invertibility is explored by Adelsbaach ,
et al. in a series of papers viz.[5],[9]. However, they claim that
that most proposed non-invertible schemes either do not come
with a satisfactory proof of security, or the proofs are flawed.
They propose the use of a trusted third party (TTP) to issue valid
watermarks. Although using a TTP is provably secure, there is
still a question of whether it can withstand attackers that probe
the system. The development of the studies of non-invertibility
seemed to lead to the conclusion that a stand-alone (in the sense
that there is no TTP) noninvertible scheme does not exist.
However, [6] argue that it is possible to have a non-invertible
scheme. They support their argument by giving a provably
secure protocol that employs a cryptographically secure pseudo-
random number generator (CSPRNG). The main idea is to show
that if the scheme is invertible, then the CSPRNG is not secure,
and this leads to a contradiction proving thereby that non-
invertible schemes are perfectly possible.
There is an emerging trend to incorporate cryptographical
primitives into digital watermarking. As mentioned by
Katzenbeisser in [10], strong cryptographic mechanisms can
978-0-7695-3642-2/09 $25.00 © 2009 IEEE
DOI 10.1109/SNPD.2009.89
399
2009 10th ACIS International Conference on Software Engineering, Artificial Intelligences, Networking and Parallel/Distributed Computing
978-0-7695-3642-2/09 $25.00 © 2009 IEEE
DOI 10.1109/SNPD.2009.89
399
guarantee the overall system employing digital watermarking.
Using a modified definition of digital signature for images, the
algorithm proposed by [11] outputs a short bit stream that
depends on the image content rather than the image bit stream
using hash algorithm based on the Radon transform. In [12]
,improvement of the embedding process is suggested using
public key cryptosystem based on elliptic curves (ECC) and
RSA methods to encrypt watermarks. Finally,[13] present a
novel scheme for authenticating video streaming in a multicast
satellite network using pre-computed hash chain by a
watermarking technique to embed security related information.
A hash function in cryptography takes a binary string of any
length as input and produces a fixed length string as output,
sometimes termed a message digest or a digital fingerprint. A
hash value (also called a "digest" or a "checksum") is a kind of
"signature" for a stream of data that represents the contents. This
is the reason that many papers that use some kind of hash
calculation in digital watermarking, connote it as the use of
digital signature although digital signature standard algorithms
have not been used; see [11],[12],[13],[14]. We believe that the
use of digital signature algorithm in watermarking has not been
attempted until now. The digital signature algorithm is different
from RSADSA (RSA digital signature algorithm) and
ECDSA(elliptic curve digital signature algorithm ) primarily
because, among others, it is not used as a cryptographic tool, but
only in generating digital signatures. The digital signature
algorithm is by its very construction a one-way non-invertible
function and a public- key technique. The question that we asked
ourselves was this: Can digital signature algorithm be used to
incorporate non-invertibility in digital watermarking techniques
and to what effect?
2.Using DSA in digital watermarking of images
The NIST (National Institute of Standard and Tech.) formulated
a digital signature standard (DSS) given in the FIPS 186-2
publication [15]. This standard specifies a suite of algorithms
which can be used to generate a digital signature. Three
algorithms suitable for digital signature generation and
verification include the standard Digital Signature Algorithm
(DSA), the RSA digital signature algorithm( RSADSA) and the
elliptic curve digital signature algorithm (ECDSA). All three
algorithms are used in conjunction with an approved hash
function. The hash function specified in the standard is the
Secure Hash algorithm,SHA-1.
A digital signature scheme uses asymmetric cryptography to
simulate the security properties of a handwritten signature on
paper. Digital signature schemes normally have two algorithms,
one for signing which involves the user's secret or private key,
and one for verifying signatures which involves the user's public
key. The output of the signature process is called the "digital
signature".
A DSA(digital signature algorithm) is used by a signatory to
generate a digital signature from data and by a verifier to verify
the authenticity of the signature. Each signatory has a public and
private keys used in the signature generation and signature
verification process respectively. For signature generation and
verification, the data which is referred to as a message, M, is
reduced by means of the Secure Hash Algorithm (SHA-1)
specified in FIPS 180-1. An adversary, who does not know the
private key of the signatory, cannot generate the correct
signature of the signatory. In other words, signatures cannot be
forged. However, by using the signatory's public key, anyone
can verify a correctly signed message.
The DSA makes use of the following parameters:
1. p = a prime modulus, where 2 L-1
< p < 2L
for
512<L< 1024 and L a multiple of 64.
2. q = a prime divisor of p - 1, where 2159
< q < 2 160
3. g = h (p-1) / q
mod p, where h is any integer with 1 < h <
p - 1 such that h (p-1) / q
mod p >1 (g has order q mod p).
4. x = a randomly or pseudo-randomly generated integer
with 0 < x < q .
5. y = g x mod p .
6. k = a randomly or pseudo-randomly generated integer with
0< k < q .
The integers, p, q and g can be public and can be common to a
group of users. A user's private and public keys are x and y,
respectively. They are normally fixed for a period of time.
Parameters x and k are used for signature generation only, and
must be kept secret. Parameter k must be regenerated for each
signature.
The signature of a message M is the pair of numbers r and s
computed according to the equations as follows:
r = (g k mod p) mod q , and
s = (k -1
( H (M) + x r) ) mod q.
In the above, k-1
is the multiplicative inverse of k mod q; i.e., (k-1
k) mod q = 1 and 0 < k-1
< q.
The value of H(M) is a 160-bit string output by the Secure Hash
Algorithm specified in FIPS 180-1 [16].
In order to use the DSA as an underlying method for
watermarking of images, we introduced some modifications both
at the stages of signature generation and signature verification
400400
Fig.1 Digital Signature Algorithm (generation) adapted to digital watermarking of images
s’
H
Compare
r’
f4
y q g
f3q
v
r’
Watermark extraction
w
Watermarked Image
Original Image
Fig2. Digital Signature Algorithm(verification) adapted to extraction of watermarks in images.
The hash value is obtained from the image, shown as H(M) in
figure 1, a schematic of our proposed algorithm. This hash
value ,H(M) is taken as one of the inputs along with other
parameters to the signature functions f1 and f2. (The details of
DSA have been omitted, these being available in the FIPS
186-2 document.) The result of two signature functions f1 and
f2 is a concatenated signature consisting of two components
labeled 'r' and 's'. This takes care of the generation of digital
watermarks. What remains now is their embedding. The
modifications proposed to the DSA thus include the use of
image instead of message to calculate the hash. Also, and most
importantly, instead of attaching the signatures to the message
as is normally done in all digital signature schemes, we are
using an embedding function to embed the generated
signatures 'r' and 's' within the image, which in other words is
watermarking of the image . These signatures act as
watermarks for they are now embedded in the image instead
of being appended to it. The underlying embedding algorithm
is discussed later. At the reception stage, detection of
watermarks (signatures) and their verification are both to be
accomplished. The proposed schematic of such an algorithm is
shown in figure 2. In order to detect the signatures we need a
watermark detection algorithm to extract the signatures r and
s.
In order to verify the signatures, we once again use the DSA
technique with some modifications. For private digital
watermarking techniques, it is necessary that the original un-
watermarked image is available at the detection stage.
This serves us well for the DSA because we need to have the
hash output of the original un-watermarked image in order to
verify the signatures. The availability of original image at the
reception end in all private digital watermarking schemes,
therefore, is not only used for detection of watermark
signatures, but also for calculating the hash value needed for
verification of signatures, in our algorithm. The verification
functions f3 and f4 are the same as in the DSA standard, see
[15].
3. Underlying stages in implementing the algorithm
Having devised a methodology for using the Digital Signature
Algorithm for digital watermarking, we can now proceed with
the individual steps of the each stage of the proposed
watermarking algorithm.
3.1. Generating and embedding the watermark. This marks the first stage in implementation of any digital
watermarking scheme [2]. Firstly, the watermarks are
generated using the secure hash algorithm (SHA-1) and the
DSA signature functions. Then these watermarks are
embedded into the image by swapping predetermined
coefficients using DCT (discrete cosine transform) on 8x8
sub-images. Using DCT coefficients for watermarking is not
necessary. Any method could be used for watermarking since
we are laying emphasis on the non-invertibility of the
M
H
embedding function
H(M)
f1
f2k
p q g
x q
sr
OriginalImage
Watermarkedimage
401401
watermark and not on its robustness, etc. These steps are
discussed in detail below.
a) Using SHA-1 to find hash of an image. There are five major steps in finding the hash of a message.
These are
i) Appending padding bits. ii) Appending length. iii)
Initializing MD buffer. iv) Processing the input in 512-bit
blocks.v) Output the results.
The details of these steps have been mentioned in the FIPS
publication 180-1 [16]. Here we will discuss the additional
steps required because we are dealing with an image as an
input. An image is generally represented using a two-
dimensional array data structure, with rows and columns
representing the spatial coordinates and the value of each
element of the matrix representing the gray level of that
particular image pixel. The input to the hash function should
be in the form of a binary string. So, in order to find the hash
of an image, we first converted the two dimensional image
matrix into a single dimensional row matrix. Thereafter, we
converted this row matrix into a binary string. This binary
string was then used as an input to the hash function.
b) Using DSA’s signature function to obtain signatures as
watermarks.
The hash value obtained from the previous stage is now taken
as input to the signature functions f1 and f2 (see fig.1).The
other inputs to these functions comprise of the private key of
the sender, x, and a set of parameters known to a group of
global communicating principals, (p,q,g),constituting a global
public key. The result of two signature functions f1 and f2 is a
signature consisting of two components labeled 'r' and 's'.
These functions are represented as
i) f1( (H(M),k,x,r,q ) = k-1
( H(M) + x r )mod q = s .
ii) f2 (k, p, q, g ) = ( g k mod p) mod q = r .
The signature components ' r ' and ' s ' obtained were then
concatenated into a single string before using them as
watermarks in the embedding function.
c) Using DCT coefficients for embedding watermarks into
an image. Accomplishing non-invertibility using DSA method is of more
interest to us than the underlying watermarking scheme.
Nevertheless, some underlying watermarking scheme had to
be used. The DCT based transform domain watermarking
technique was used although needless to emphasize, any other
watermarking technique could be used.
Following are the implementation steps
i) Given an original image, first decompose it into a number of
8×8 blocks and find their DCT coefficients. The DCT is
applied to each 8 x 8 block in the image producing a block Bi.
Each block will encode a single bit, 0 or 1.
ii) Next two locations are chosen in each sub-image or
block.The sender and receiver agree ahead of time on location
for two DCT coefficients in the 8 x 8 block. Let these be Bi
(4,1) and Bi (3,2).
iii) If the signature bit to be embedded is a 1, then the larger of
the two values ,i.e. block elements, Bi (4,1) and Bi (3,2) is put
in location (4,1), otherwise if signature bit to be embedded is a
0, the smaller of the two values is put in location (4,1).
iv) Inverse DCT is performed.
At the end of these steps we obtain a watermarked image
which contains invisible watermarks ' r ' and ' s ' generated
using the Digital Signature Algorithm.
3.2 Extracting and verifying the watermark.
Detecting the watermark is a crucial part in the watermarking
scheme. Verification of the watermark allows the owner to be
identified in case of a dispute and sometimes provides
information to the intended recipient. The stages involved for
doing this are now discussed in detail
a) Extracting watermarks from DCT coefficients
In order to detect the watermarks and extract them, we use
similar steps as were used for embedding except that they
shall operate in reverse order .These steps are:
i) On each 8x8 block of the watermarked image, DCT is
performed.
ii)The coefficient values at locations (4,1) and (3,2) are
compared.
iii) If coefficient value,i.e., block element Bi (4,1) > Bi (3,2),
then the message bit is a 1; otherwise it is a 0.
The binary string so obtained as a watermark is an appended
version of signatures ' r ' and ' s ' that were embedded at the
embedding stage. However, if the image undergoes intentional
or un-intentional modifications, the watermarks so obtained
shall be different. Let these received signatures be r' and s'. If
r'=v,(see fig.2) then the watermarked image is vouchsafed.
The parameter v is obtained from the verification function
discussed later in this section.
b) Using SHA-1 to find hash of the image. In the DSA method of verifying signatures, the hash of the
message to which the signatures have been appended, is again
calculated. In our watermarking scheme, having embedded the
signatures in the image as watermarks, we have modified the
image itself. So we cannot use the hash of the watermarked
image. We need the hash of the original image. We assume
that in case of a dispute resolution, the owner of the image will
furnish the original image so that its verification can be
achieved. Also, in all private digital watermarking schemes,
the original image is required for the detection process as well.
To find the hash of the original image , once it is available, the
procedure is same as done during signature generation part
given in section 3.1(a).
c) Using DSA’s verification function to verify the
signatures(watermarks)
Having obtained the signatures and the hash of the original
image , we can now verify the signatures as per the DSA
method of verification of the digital signatures. There are two
verification functions f3 and f4 as shown in fig.1.They take as
inputs the hash value H(M) ,public key of the sender ,y, and a
set of parameters known to a group of global communicating
principals, (q,g),constituting part of the global public key.
These functions are represented as
f3 ( s , q ) =( s ) -1
mod q = w
f4( y , q , g , H(M) ,w ,r) = ( (g ( H(M) w)mod q y rw mod q )
mod p) mod q = v.
3.3 Integrating different modules of the algorithm
Having identified the overall structure of our algorithm and
also the individual modules, we proceed to integrate the
various components. To accomplish this, we prepared a
pseudo-language algorithm both for the generating as well as
the detection and verification of the watermark.
402402
Watermark generation and embedding algorithm
Input: The original image itself or, as a variation, original
image and a watermark. The watermark could be an image or
a logo or with slight modifications it could also be text or a
random binary sequence.
Output: A watermarked image, perceptibly having no
difference with respect to the original image, yet on
processing it contains the signatures or the watermark.
Algorithm: Step1. Input the original image or the watermark as a two-
dimensional array or matrix,M.
Step2. Convert the two dimensional matrix, M to a single
dimension row matrix, M1.
Step3. Convert the row matrix M1 into a binary string, S such
that each element of the row matrix is represented by 8-bit
sequence of 1s and 0s.
Step4. Call a sub-routine for calculating the hash value with
input as the binary string, S.The output is,say H.The hash
function is the Secure Hash algorithm,SHA-1.
Step5. Obtain the pre-generated values of p and q. With these
as input call a sub-routine to calculate other parameters ,g ,y ,x
and k .
Step6. With p, q, g, x, k and H as input, calculate the digital
signatures ‘r’ and ‘s’ by calling the signature function.This
function returns the values of ‘r’ and‘s’.
Step7. Concatenate the signatures ‘r’ and‘s’ into a single
string.
Step8. Process the original image into 8x8 blocks and
calculate their DCT.
Step9. Encode each bit of the signature or watermark by
manipulating the DCT coefficients corresponding to
positions (5,2) and (4,3).
Step10.Perform an inverse DCT. We have now obtained the
watermarked image.
Watermark detection and verification algorithm
Input: The watermarked image along with the global
communicating principals (q,g,y). The original image and/or
watermark is needed for finding hash value and in detection,
as well, this being a private watermarking scheme.
Output: Digital signatures, ‘r’ ‘s’, and output of the
verification function ‘v’.
Algorithm:
Step1. Process the watermarked image into 8x8 blocks and
calculate their DCT.
Step2. Decode each bit of the signature or watermark by
seeing which of the DCT coefficients corresponding to
position (5,2) and (4,3) is greater than the other. This allows
us to obtain the signatures ‘r’ and ‘s’.
The steps 3 to 6 are the same as steps 1 to 4 in the embedding
algorithm.
Step3. Input the original image or the watermark as a two-
dimensional array or matrix,M.
Step4. Convert the two dimensional matrix, M to a single
dimension row matrix, M1.
Step5. Convert the row matrix M1 into a binary string, S such
that each element of the row matrix is represented by 8-bit
sequence of 1s and 0s.
Step6. Call a sub-routine for calculating the hash value with
input as the binary string, S. The output is, say H.
Step7. With q, g, and y known at the reception end, along with
H , r and s, we call the verification function for calculating
parameter ,v .
Step8. Compare r and v. if they are the same then the
signatures or the watermark embedded in the image are
verified.
4.Results and Conclusions
We have, by using the digital signature algorithm (DSA),
proposed a new way of incorporating non-invertibility into
digital watermarking schemes, especially the private digital
watermarking schemes. This method is relevant to public
watermarking schemes also, if it is recognized that the original
image would be presented by the author in case of an
ownership dispute.
Emulating authors of [6] we have used ,as a variation, a
watermark statistically independent from the original work,
showing thereby that it is not necessary to enforce a
relationship between an image and a watermark to achieve
non-invertibility. We have thus been able to obtain hash from
the un-watermarked original image and as a variation from
any other image taken as a watermark, as well. We found the
latter method faster since it is easy to calculate hash if input
image is smaller which invariably is the case in use of
watermarks.
It has been suggested by [17] that additional tools available to
protect images from unauthorized viewing and modification
include encrypting the watermarks and digital time stamping.
Time stamping pinpoints the owner of the image and the time
at which the image was generated. One trivial way to prove
ownership of an image is to own the earliest reliable time
stamp of the image. The DSA method of generating digital
signatures that we have used, uses a parameter, k, which is a
random or a pseudo-random number. Even if the same image
is watermarked a second time, the use of the random number
k ensures that the digital signatures generated will be different.
' k ' can be used for time stamping or to keep track of identity
of a person to whom a copy is given ,out of multiple copies of
the same original image.
A serious issue according to [18] in symmetric watermarking
scheme or private watermarking scheme is its symmetricity,
that is, the key used for watermarks embedding is identical to
the one used for watermarks detection, which implies that the
detector needs all the parameters for watermarks embedding.
However, with these parameters, the watermarks can be easily
removed. A watermarking scheme where detection of the
watermark is possible with a public key that does not give
enough information to impair the embedded watermark
scheme is called asymmetric watermarking scheme, or public
watermarking scheme and is considered advantageous. The
proposed use of DSA method of generating digital signatures
for watermarking offsets this disadvantage in private or
symmetric watermarking schemes as signature generation and
verification operate by using a private key at the sending end
and public key ,at least for verification, at the receiving end.
We successfully performed digital watermarking on various
images available at the USC-SIPI image database, which is a
collection of digitized images free of copyrights. The
miscellaneous sub-set consists of 40 images like clock ,Lena
etc., of various sizes such as 256x256 pixels, 512x512 pixels,
403403
or 1024x1024 pixels. The different parameters calculated for
one such sample image are given below.
Hash value of image=905AB611791ED71F0CE3023C6
B84C25799246840(160 bits as is the case in SHA-1)
Next step was generating primes p and q, which are public and
commonly shared among a group of users.
Three pairs of prime numbers were generated for use as per
the algorithm in FIPS 186-2, Appendix A. One set of such
values is given here: p = 92FFBDA547406D19F253EB9D8AA7970E80ABD
6A2F069773524950CDEC079BBA064B6A7FCB1EC12BCC
FAA171DE33C1828547DB5331E30E822FA0571CF072818
D98600CE412252FAEDE137EC49083FC170C54C9913F400
D829694AB2EA6AE58F1C311C1A7A0EB3A1244DE3FB8
A64FCA32D3D0D7CBB01BDD431B364BD704CC0DD87
q = DF3B8290B5EDFFCA6BCE77F3AF8A499EB7A71
73B
seed = A33AEF3ADFE4F060EC0749B02FDB6943 C35
70D93
counter = 252
From these we calculated the following parameters
The public group g obtained was
40696A1B8D4EA012C48D295D33E5CA5CCC2BFAD5DFE
4048298AD5148E16A670E466CF98A1711A0CEAA0C2599
2EEEB260F288EEC781741E0B18BEA50CB4D96C0A6D36
E206F8B9E83B5E841B767CE7405F665C09399F3B07A127
CEFB05A734D7700FD055C5947BE07151587AF19F8C8903
E6F1337B2ECB7A9EF15279B4F53F22C1
The private key x calculated was
8B533C502497096136E07257AB3FBDDB1D5FC2B5
The private session key k was calculated as
9EBBA7A6941D89B021F8F969097F5908B8C972AA
The value of k is different each time the DSA is used.
The public key y obtained was
4585038BCCA5093DC111566C933A40D27E5FAF64D35C9
78FE7B6EE4D39104919DCF2FFF61E216607A6457C138A1
B5903B0B33AB3532D3465C42BD76CE236ABB33144698
AC5D5BF96EE85D6A669778F37720BF5620EAD2A3886D
68076DCA3CA2306C938E3DCA315B6CDAA799DBD6547
7D44027DA0DDBD6373953CB67D50F17DFE
The next step was to generate digital signatures pair [r,s].
The values we obtained were
r=A1C64B9AE6F40346A8B43021A255410305ED0589
s=3EC0E1ABD9679154DEE5E5FCA5FBBE03E991F7CE
We then concatenated the signatures r and s into a single
binary string and watermarked the image.
This was followed by the verification process which was
performed on the watermarked image
v = A1C64B9AE6F40346A8B43021A255410305ED089
r=A1C64B9AE6F40346A8B43021A255410305ED0589
r = v : The signature has been verified successfully in this
case.
Summing up, we have achieved the following:
i) Tackled the primary premise of using DSA for
watermarking of digital images, using non-invertibility as the
prime feature.
ii) Derived watermarks from the original image or as a
variation from any other image independent of it.(e.g. logo)
iii) Demonstrated signing images with DSA without
increasing the file size.
iv) Made use of asymmetric keys even with private
watermarking techniques.
v) Incorporated time stamping with the use of parameter k.
Even if same image is signed with the same technique another
time , the digital signatures incorporated into it would be
different. REFERENCES
[1] P.Moulin & J.A. O’Sullivan, “Information -Theoretic Analysis of
Information Hiding”, at IEEE International Symposium on Information
Theory, Boston, MA, October, 1999.
[2] Barni, M., et al., Watermark embedding: hiding a signal within a cover
image. Comm. Magazine, IEEE, 39(8): p. 102-108. 2001.
[3] Jian Liu and Xiangjian He, Department of Computer Systems University
of Technology, Sydney, Australia, A Review Study on Digital Watermarking
IEEE,2005.
[4] Scott Craver, Nasir Memon, Boon-Lock Yeo and Minerva M. Yeung
.Resolving Rightful Ownerships with Invisible Watermarking
Techniques:Limitations, Attacks, and Implications: IEEE journal on selected
areas in Communications Vol. 16, No. 4, May 1998.
[5] A. Adelsbach, S. Katzenbeisser, and H. Veith. Watermarking schemes
provably secure against copy and ambiguity attacks. DRM’03 (Digital Rights
Management), October 27, 2003, Washington, DC, USA, pages 111–119,
2003.
[6] Qiming Li, Ee-Chien Chang, On the Possibility of Non-Invertible
Watermarking Schemes , National University of Singapore,2004.
[7] Wenjun Zeng and B. Liu, “A statistical watermark detection technique
without using original images for resolving rightful ownerships of digital
images”Image Processing, IEEE Transactions on , Volume: 8 no. 11
,Nov.1999.
[8] Yong-Cong Chen and Long-Wen Chang, A Secure and Robust Digital
Watermarking Technique The block cipher RC6 and Secure Hash Algorithm,
Department of Computer Science,National Tsing Hua University Hsinchu,
Taiwan, IEEE 2001.
[9] A. Adelsbach and A. Sadeghi. Zero-knowledge watermark detection and
proof of ownership. 4th Int. Workshop on Info. Hiding, LNCS 2137:273–288,
IEEE2000.
[10]Stefan Katzenbeisser.On integration of watermarks and
cryptography.Institute of Informatics, Germany,2004.
[11] F Lefebvre, J. Cqvz and B. Macq Robust Soft Hash Algorithm for Digital
Image Signature B-1348 Louvain-la-Neuve, Belgium, IEEE 2003.
[12] József Lenti, Steganograpic Methods ,Department of Control
Engineering and Information Tech., Budapest University of Technology and
Economics, Hungary, Periodica Polytechnica SER. EL. ENG. VOL. 44, NO.
3–4, PP. 249–258 (2000)
[13] Stefano Chessa,Roberto Di Pietro,Erina Ferro,Gaetano Giunta,Gabriele
Oligeri Mobile Application Security for Video Streaming Authentication and
Data Integrity Combining Digital Signature and Watermarking Techniques,
European Satellite Communications Network of Excellence, IEEE 2007.
[14] Tao Chen,Wang J.,Zhou Y.,Combined digital signature and digital
watermark scheme for image authentication, Department of Automation,
Tsinghua University, China, IEEE 2001.
[15] U.S. Department Of Commerce/ National Institute of Standards and
Technology,"Digital Signature Standard (DSS)" FIPS PUB 186-2(FEDERAL
INFORMATION PROCESSING STANDARDS PUBLICATION), January
27,2000.
[16] U.S. Department Of Commerce, Tech. Administration, National Institute
of Standards and Technology , FIPS PUB 180-1,"Secure Hash Standard".
[17] F. Mintzer, G. W. Braudaway and M. Yeung, “Effective and ineffective
digital watermarks,” Proceedings of the IEEE International Conference on
Image Processing,October 26-29, 1997, Santa Barbara, CA, vol. 3, pp. 9-12.
[18] Rongsheng XIE, Keshou Wu, Jiangbo Du and Chunguang Li, Survey of
Public Key Digital Watermarking Systems , Eighth ACIS International
Conference on Software Engineering, Artificial Intelligence, Networking, and
Parallel/Distributed Computing,IEEE,2007.
404404