Using Digital Signature Standard Algorithm to incorporate non-invertibility in

Private Digital Watermarking Techniques.

Junaid Gilani and Aijaz Ahmad Mir

Department of Electronics &Communication Engineering,

National Institute of Technology , Hazratbal, Srinagar,Kashmir,India,190 006.

e-mail:{ junaid .gilani@yahoo.com } or { atsrinagar@yahoo.com }

Abstract. Robustness, even if recognized as a key property of

the digital watermarking, is not considered enough to prove the

ownership of the image. The aim of inversion attacks is to create

ambiguities about the authorship of an image. To thwart

inversion attacks with otherwise robust watermarking schemes,

non-invertibility of watermarking has often been stressed. We

have in this paper, by using the digital signature algorithm

(DSA), proposed a new way of incorporating non-invertibility

into digital watermarking schemes, especially the private digital

watermarking schemes. What we propose in this paper is not

only just a new watermarking technique but also a provably

secure, non-invertible scheme that has features like time-

stamping and use of asymmetric keys , all this vouchsafed by the

underlying use of digital signature algorithm (DSA) which is a

well known standard in cryptography.

Key words:-Digital watermarking, cryptography, digital

signatures, hash value.

1. Introduction

Information hiding has emerged as an exciting and important

research field which encompasses steganography, steganalysis

and digital watermarking [1]. Digital watermarking is applied to

protect the copyright of the digital media which unlike the

analog media can be stored, duplicated, and distributed without

loss of fidelity. Unauthorized copy of digital documents has

been a subject of concern for many years especially with respect

to their authorship claims. Digital watermarking, by hiding

certain information in the original data provides a solution. At

any given moment, the hidden information can be extracted to

prove ownership, to ensure integrity, or simply to get some

copyright-related information.

Watermarking is analogous to the task of communication. It can

normally be described as three stage process: watermark

generation and embedding (akin to information transmission),

distribution and possible attacks (transmission through the

channel), and watermark retrieval or detection (information

decoding at the receiver side) [2].In some applications, the

original, un-watermarked work is needed during detection. In

other applications, detection must be performed without access

to the original work. The former watermarking system is

referred to as informed detection and the latter is called blind

detection [3] . In the watermarking literature, systems that use

informed detection are often called private watermarking

systems, whereas those that use blind detection are called public

watermarking systems.

It was assumed that embedding a watermark and then its

retrieval unambiguously identifies the owner as long as a person

produces a watermark that matches the extracted watermark

from the image. However, in a pioneering work by Craver,

Memon et al. [4], these assumptions were proved to be

insufficient for determining ownership of an image. Since a

watermark could be any random pattern of binary bits,

anyone(say Bob) can claim that a work created by someone

else(say Alice) has his watermarks. This involves identifying a

feature in watermarked image and subtracting it from this

watermarked image to obtain a counterfeit original image. This

kind of attack does not remove Alice’s watermark. However, it

has removed her claim of ownership, because every piece of

evidence indicating that Alice is the originator of the image in

question is matched by an equal piece of evidence that Bob is

the originator. Such an attack is called a SWICO (Single

Watermarked Image Counterfeit Original) attack by [4] and by

later authors [5] [6] as inversion attack.

To avoid these attacks, authors of [4] proposed that the owner

should use a watermarking scheme that is non-invertible and the

watermark should be a bit sequence from the image via a one

way hash function. Zeng and Liu[7] proposed a statistical

watermarking detection without using original images for

resolving rightful ownerships of digital images. They claimed

the watermark sequence should be generated from some

meaningful signature or registered owner ID via a one way hash

function.In this backdrop, [8] proposed a digital watermark

technique to resolve the rightful ownerships of a digital image.

The original image is processed by a standard hash algorithm to

generate a hash value, which can be viewed as the fingerprint of

the image. The hash value is used as a secret key for a standard

encryption algorithm such as data encryption standard (DES) or

the advanced Encryption Standard. (AES). A meaningful

watermark is then encrypted by the standard encryption

algorithm.

The whole issue of non-invertibility is explored by Adelsbaach ,

et al. in a series of papers viz.[5],[9]. However, they claim that

that most proposed non-invertible schemes either do not come

with a satisfactory proof of security, or the proofs are flawed.

They propose the use of a trusted third party (TTP) to issue valid

watermarks. Although using a TTP is provably secure, there is

still a question of whether it can withstand attackers that probe

the system. The development of the studies of non-invertibility

seemed to lead to the conclusion that a stand-alone (in the sense

that there is no TTP) noninvertible scheme does not exist.

However, [6] argue that it is possible to have a non-invertible

scheme. They support their argument by giving a provably

secure protocol that employs a cryptographically secure pseudo-

random number generator (CSPRNG). The main idea is to show

that if the scheme is invertible, then the CSPRNG is not secure,

and this leads to a contradiction proving thereby that non-

invertible schemes are perfectly possible.

There is an emerging trend to incorporate cryptographical

primitives into digital watermarking. As mentioned by

Katzenbeisser in [10], strong cryptographic mechanisms can

978-0-7695-3642-2/09 $25.00 © 2009 IEEE

DOI 10.1109/SNPD.2009.89

399

2009 10th ACIS International Conference on Software Engineering, Artificial Intelligences, Networking and Parallel/Distributed Computing

978-0-7695-3642-2/09 $25.00 © 2009 IEEE

DOI 10.1109/SNPD.2009.89

399

guarantee the overall system employing digital watermarking.

Using a modified definition of digital signature for images, the

algorithm proposed by [11] outputs a short bit stream that

depends on the image content rather than the image bit stream

using hash algorithm based on the Radon transform. In [12]

,improvement of the embedding process is suggested using

public key cryptosystem based on elliptic curves (ECC) and

RSA methods to encrypt watermarks. Finally,[13] present a

novel scheme for authenticating video streaming in a multicast

satellite network using pre-computed hash chain by a

watermarking technique to embed security related information.

A hash function in cryptography takes a binary string of any

length as input and produces a fixed length string as output,

sometimes termed a message digest or a digital fingerprint. A

hash value (also called a "digest" or a "checksum") is a kind of

"signature" for a stream of data that represents the contents. This

is the reason that many papers that use some kind of hash

calculation in digital watermarking, connote it as the use of

digital signature although digital signature standard algorithms

have not been used; see [11],[12],[13],[14]. We believe that the

use of digital signature algorithm in watermarking has not been

attempted until now. The digital signature algorithm is different

from RSADSA (RSA digital signature algorithm) and

ECDSA(elliptic curve digital signature algorithm ) primarily

because, among others, it is not used as a cryptographic tool, but

only in generating digital signatures. The digital signature

algorithm is by its very construction a one-way non-invertible

function and a public- key technique. The question that we asked

ourselves was this: Can digital signature algorithm be used to

incorporate non-invertibility in digital watermarking techniques

and to what effect?

2.Using DSA in digital watermarking of images

The NIST (National Institute of Standard and Tech.) formulated

a digital signature standard (DSS) given in the FIPS 186-2

publication [15]. This standard specifies a suite of algorithms

which can be used to generate a digital signature. Three

algorithms suitable for digital signature generation and

verification include the standard Digital Signature Algorithm

(DSA), the RSA digital signature algorithm( RSADSA) and the

elliptic curve digital signature algorithm (ECDSA). All three

algorithms are used in conjunction with an approved hash

function. The hash function specified in the standard is the

Secure Hash algorithm,SHA-1.

A digital signature scheme uses asymmetric cryptography to

simulate the security properties of a handwritten signature on

paper. Digital signature schemes normally have two algorithms,

one for signing which involves the user's secret or private key,

and one for verifying signatures which involves the user's public

key. The output of the signature process is called the "digital

signature".

A DSA(digital signature algorithm) is used by a signatory to

generate a digital signature from data and by a verifier to verify

the authenticity of the signature. Each signatory has a public and

private keys used in the signature generation and signature

verification process respectively. For signature generation and

verification, the data which is referred to as a message, M, is

reduced by means of the Secure Hash Algorithm (SHA-1)

specified in FIPS 180-1. An adversary, who does not know the

private key of the signatory, cannot generate the correct

signature of the signatory. In other words, signatures cannot be

forged. However, by using the signatory's public key, anyone

can verify a correctly signed message.

The DSA makes use of the following parameters:

1. p = a prime modulus, where 2 L-1

< p < 2L

for

512<L< 1024 and L a multiple of 64.

2. q = a prime divisor of p - 1, where 2159

< q < 2 160

3. g = h (p-1) / q

mod p, where h is any integer with 1 < h <

p - 1 such that h (p-1) / q

mod p >1 (g has order q mod p).

4. x = a randomly or pseudo-randomly generated integer

with 0 < x < q .

5. y = g x mod p .

6. k = a randomly or pseudo-randomly generated integer with

0< k < q .

The integers, p, q and g can be public and can be common to a

group of users. A user's private and public keys are x and y,

respectively. They are normally fixed for a period of time.

Parameters x and k are used for signature generation only, and

must be kept secret. Parameter k must be regenerated for each

signature.

The signature of a message M is the pair of numbers r and s

computed according to the equations as follows:

r = (g k mod p) mod q , and

s = (k -1

( H (M) + x r) ) mod q.

In the above, k-1

is the multiplicative inverse of k mod q; i.e., (k-1

k) mod q = 1 and 0 < k-1

< q.

The value of H(M) is a 160-bit string output by the Secure Hash

Algorithm specified in FIPS 180-1 [16].

In order to use the DSA as an underlying method for

watermarking of images, we introduced some modifications both

at the stages of signature generation and signature verification

400400

Fig.1 Digital Signature Algorithm (generation) adapted to digital watermarking of images

s’

H

Compare

r’

f4

y q g

f3q

v

r’

Watermark extraction

w

Watermarked Image

Original Image

Fig2. Digital Signature Algorithm(verification) adapted to extraction of watermarks in images.

The hash value is obtained from the image, shown as H(M) in

figure 1, a schematic of our proposed algorithm. This hash

value ,H(M) is taken as one of the inputs along with other

parameters to the signature functions f1 and f2. (The details of

DSA have been omitted, these being available in the FIPS

186-2 document.) The result of two signature functions f1 and

f2 is a concatenated signature consisting of two components

labeled 'r' and 's'. This takes care of the generation of digital

watermarks. What remains now is their embedding. The

modifications proposed to the DSA thus include the use of

image instead of message to calculate the hash. Also, and most

importantly, instead of attaching the signatures to the message

as is normally done in all digital signature schemes, we are

using an embedding function to embed the generated

signatures 'r' and 's' within the image, which in other words is

watermarking of the image . These signatures act as

watermarks for they are now embedded in the image instead

of being appended to it. The underlying embedding algorithm

is discussed later. At the reception stage, detection of

watermarks (signatures) and their verification are both to be

accomplished. The proposed schematic of such an algorithm is

shown in figure 2. In order to detect the signatures we need a

watermark detection algorithm to extract the signatures r and

s.

In order to verify the signatures, we once again use the DSA

technique with some modifications. For private digital

watermarking techniques, it is necessary that the original un-

watermarked image is available at the detection stage.

This serves us well for the DSA because we need to have the

hash output of the original un-watermarked image in order to

verify the signatures. The availability of original image at the

reception end in all private digital watermarking schemes,

therefore, is not only used for detection of watermark

signatures, but also for calculating the hash value needed for

verification of signatures, in our algorithm. The verification

functions f3 and f4 are the same as in the DSA standard, see

[15].

3. Underlying stages in implementing the algorithm

Having devised a methodology for using the Digital Signature

Algorithm for digital watermarking, we can now proceed with

the individual steps of the each stage of the proposed

watermarking algorithm.

3.1. Generating and embedding the watermark. This marks the first stage in implementation of any digital

watermarking scheme [2]. Firstly, the watermarks are

generated using the secure hash algorithm (SHA-1) and the

DSA signature functions. Then these watermarks are

embedded into the image by swapping predetermined

coefficients using DCT (discrete cosine transform) on 8x8

sub-images. Using DCT coefficients for watermarking is not

necessary. Any method could be used for watermarking since

we are laying emphasis on the non-invertibility of the

M

H

embedding function

H(M)

f1

f2k

p q g

x q

sr

OriginalImage

Watermarkedimage

401401

watermark and not on its robustness, etc. These steps are

discussed in detail below.

a) Using SHA-1 to find hash of an image. There are five major steps in finding the hash of a message.

These are

i) Appending padding bits. ii) Appending length. iii)

Initializing MD buffer. iv) Processing the input in 512-bit

blocks.v) Output the results.

The details of these steps have been mentioned in the FIPS

publication 180-1 [16]. Here we will discuss the additional

steps required because we are dealing with an image as an

input. An image is generally represented using a two-

dimensional array data structure, with rows and columns

representing the spatial coordinates and the value of each

element of the matrix representing the gray level of that

particular image pixel. The input to the hash function should

be in the form of a binary string. So, in order to find the hash

of an image, we first converted the two dimensional image

matrix into a single dimensional row matrix. Thereafter, we

converted this row matrix into a binary string. This binary

string was then used as an input to the hash function.

b) Using DSA’s signature function to obtain signatures as

watermarks.

The hash value obtained from the previous stage is now taken

as input to the signature functions f1 and f2 (see fig.1).The

other inputs to these functions comprise of the private key of

the sender, x, and a set of parameters known to a group of

global communicating principals, (p,q,g),constituting a global

public key. The result of two signature functions f1 and f2 is a

signature consisting of two components labeled 'r' and 's'.

These functions are represented as

i) f1( (H(M),k,x,r,q ) = k-1

( H(M) + x r )mod q = s .

ii) f2 (k, p, q, g ) = ( g k mod p) mod q = r .

The signature components ' r ' and ' s ' obtained were then

concatenated into a single string before using them as

watermarks in the embedding function.

c) Using DCT coefficients for embedding watermarks into

an image. Accomplishing non-invertibility using DSA method is of more

interest to us than the underlying watermarking scheme.

Nevertheless, some underlying watermarking scheme had to

be used. The DCT based transform domain watermarking

technique was used although needless to emphasize, any other

watermarking technique could be used.

Following are the implementation steps

i) Given an original image, first decompose it into a number of

8×8 blocks and find their DCT coefficients. The DCT is

applied to each 8 x 8 block in the image producing a block Bi.

Each block will encode a single bit, 0 or 1.

ii) Next two locations are chosen in each sub-image or

block.The sender and receiver agree ahead of time on location

for two DCT coefficients in the 8 x 8 block. Let these be Bi

(4,1) and Bi (3,2).

iii) If the signature bit to be embedded is a 1, then the larger of

the two values ,i.e. block elements, Bi (4,1) and Bi (3,2) is put

in location (4,1), otherwise if signature bit to be embedded is a

0, the smaller of the two values is put in location (4,1).

iv) Inverse DCT is performed.

At the end of these steps we obtain a watermarked image

which contains invisible watermarks ' r ' and ' s ' generated

using the Digital Signature Algorithm.

3.2 Extracting and verifying the watermark.

Detecting the watermark is a crucial part in the watermarking

scheme. Verification of the watermark allows the owner to be

identified in case of a dispute and sometimes provides

information to the intended recipient. The stages involved for

doing this are now discussed in detail

a) Extracting watermarks from DCT coefficients

In order to detect the watermarks and extract them, we use

similar steps as were used for embedding except that they

shall operate in reverse order .These steps are:

i) On each 8x8 block of the watermarked image, DCT is

performed.

ii)The coefficient values at locations (4,1) and (3,2) are

compared.

iii) If coefficient value,i.e., block element Bi (4,1) > Bi (3,2),

then the message bit is a 1; otherwise it is a 0.

The binary string so obtained as a watermark is an appended

version of signatures ' r ' and ' s ' that were embedded at the

embedding stage. However, if the image undergoes intentional

or un-intentional modifications, the watermarks so obtained

shall be different. Let these received signatures be r' and s'. If

r'=v,(see fig.2) then the watermarked image is vouchsafed.

The parameter v is obtained from the verification function

discussed later in this section.

b) Using SHA-1 to find hash of the image. In the DSA method of verifying signatures, the hash of the

message to which the signatures have been appended, is again

calculated. In our watermarking scheme, having embedded the

signatures in the image as watermarks, we have modified the

image itself. So we cannot use the hash of the watermarked

image. We need the hash of the original image. We assume

that in case of a dispute resolution, the owner of the image will

furnish the original image so that its verification can be

achieved. Also, in all private digital watermarking schemes,

the original image is required for the detection process as well.

To find the hash of the original image , once it is available, the

procedure is same as done during signature generation part

given in section 3.1(a).

c) Using DSA’s verification function to verify the

signatures(watermarks)

Having obtained the signatures and the hash of the original

image , we can now verify the signatures as per the DSA

method of verification of the digital signatures. There are two

verification functions f3 and f4 as shown in fig.1.They take as

inputs the hash value H(M) ,public key of the sender ,y, and a

set of parameters known to a group of global communicating

principals, (q,g),constituting part of the global public key.

These functions are represented as

f3 ( s , q ) =( s ) -1

mod q = w

f4( y , q , g , H(M) ,w ,r) = ( (g ( H(M) w)mod q y rw mod q )

mod p) mod q = v.

3.3 Integrating different modules of the algorithm

Having identified the overall structure of our algorithm and

also the individual modules, we proceed to integrate the

various components. To accomplish this, we prepared a

pseudo-language algorithm both for the generating as well as

the detection and verification of the watermark.

402402

Watermark generation and embedding algorithm

Input: The original image itself or, as a variation, original

image and a watermark. The watermark could be an image or

a logo or with slight modifications it could also be text or a

random binary sequence.

Output: A watermarked image, perceptibly having no

difference with respect to the original image, yet on

processing it contains the signatures or the watermark.

Algorithm: Step1. Input the original image or the watermark as a two-

dimensional array or matrix,M.

Step2. Convert the two dimensional matrix, M to a single

dimension row matrix, M1.

Step3. Convert the row matrix M1 into a binary string, S such

that each element of the row matrix is represented by 8-bit

sequence of 1s and 0s.

Step4. Call a sub-routine for calculating the hash value with

input as the binary string, S.The output is,say H.The hash

function is the Secure Hash algorithm,SHA-1.

Step5. Obtain the pre-generated values of p and q. With these

as input call a sub-routine to calculate other parameters ,g ,y ,x

and k .

Step6. With p, q, g, x, k and H as input, calculate the digital

signatures ‘r’ and ‘s’ by calling the signature function.This

function returns the values of ‘r’ and‘s’.

Step7. Concatenate the signatures ‘r’ and‘s’ into a single

string.

Step8. Process the original image into 8x8 blocks and

calculate their DCT.

Step9. Encode each bit of the signature or watermark by

manipulating the DCT coefficients corresponding to

positions (5,2) and (4,3).

Step10.Perform an inverse DCT. We have now obtained the

watermarked image.

Watermark detection and verification algorithm

Input: The watermarked image along with the global

communicating principals (q,g,y). The original image and/or

watermark is needed for finding hash value and in detection,

as well, this being a private watermarking scheme.

Output: Digital signatures, ‘r’ ‘s’, and output of the

verification function ‘v’.

Algorithm:

Step1. Process the watermarked image into 8x8 blocks and

calculate their DCT.

Step2. Decode each bit of the signature or watermark by

seeing which of the DCT coefficients corresponding to

position (5,2) and (4,3) is greater than the other. This allows

us to obtain the signatures ‘r’ and ‘s’.

The steps 3 to 6 are the same as steps 1 to 4 in the embedding

algorithm.

Step3. Input the original image or the watermark as a two-

dimensional array or matrix,M.

Step4. Convert the two dimensional matrix, M to a single

dimension row matrix, M1.

Step5. Convert the row matrix M1 into a binary string, S such

that each element of the row matrix is represented by 8-bit

sequence of 1s and 0s.

Step6. Call a sub-routine for calculating the hash value with

input as the binary string, S. The output is, say H.

Step7. With q, g, and y known at the reception end, along with

H , r and s, we call the verification function for calculating

parameter ,v .

Step8. Compare r and v. if they are the same then the

signatures or the watermark embedded in the image are

verified.

4.Results and Conclusions

We have, by using the digital signature algorithm (DSA),

proposed a new way of incorporating non-invertibility into

digital watermarking schemes, especially the private digital

watermarking schemes. This method is relevant to public

watermarking schemes also, if it is recognized that the original

image would be presented by the author in case of an

ownership dispute.

Emulating authors of [6] we have used ,as a variation, a

watermark statistically independent from the original work,

showing thereby that it is not necessary to enforce a

relationship between an image and a watermark to achieve

non-invertibility. We have thus been able to obtain hash from

the un-watermarked original image and as a variation from

any other image taken as a watermark, as well. We found the

latter method faster since it is easy to calculate hash if input

image is smaller which invariably is the case in use of

watermarks.

It has been suggested by [17] that additional tools available to

protect images from unauthorized viewing and modification

include encrypting the watermarks and digital time stamping.

Time stamping pinpoints the owner of the image and the time

at which the image was generated. One trivial way to prove

ownership of an image is to own the earliest reliable time

stamp of the image. The DSA method of generating digital

signatures that we have used, uses a parameter, k, which is a

random or a pseudo-random number. Even if the same image

is watermarked a second time, the use of the random number

k ensures that the digital signatures generated will be different.

' k ' can be used for time stamping or to keep track of identity

of a person to whom a copy is given ,out of multiple copies of

the same original image.

A serious issue according to [18] in symmetric watermarking

scheme or private watermarking scheme is its symmetricity,

that is, the key used for watermarks embedding is identical to

the one used for watermarks detection, which implies that the

detector needs all the parameters for watermarks embedding.

However, with these parameters, the watermarks can be easily

removed. A watermarking scheme where detection of the

watermark is possible with a public key that does not give

enough information to impair the embedded watermark

scheme is called asymmetric watermarking scheme, or public

watermarking scheme and is considered advantageous. The

proposed use of DSA method of generating digital signatures

for watermarking offsets this disadvantage in private or

symmetric watermarking schemes as signature generation and

verification operate by using a private key at the sending end

and public key ,at least for verification, at the receiving end.

We successfully performed digital watermarking on various

images available at the USC-SIPI image database, which is a

collection of digitized images free of copyrights. The

miscellaneous sub-set consists of 40 images like clock ,Lena

etc., of various sizes such as 256x256 pixels, 512x512 pixels,

403403

or 1024x1024 pixels. The different parameters calculated for

one such sample image are given below.

Hash value of image=905AB611791ED71F0CE3023C6

B84C25799246840(160 bits as is the case in SHA-1)

Next step was generating primes p and q, which are public and

commonly shared among a group of users.

Three pairs of prime numbers were generated for use as per

the algorithm in FIPS 186-2, Appendix A. One set of such

values is given here: p = 92FFBDA547406D19F253EB9D8AA7970E80ABD

6A2F069773524950CDEC079BBA064B6A7FCB1EC12BCC

FAA171DE33C1828547DB5331E30E822FA0571CF072818

D98600CE412252FAEDE137EC49083FC170C54C9913F400

D829694AB2EA6AE58F1C311C1A7A0EB3A1244DE3FB8

A64FCA32D3D0D7CBB01BDD431B364BD704CC0DD87

q = DF3B8290B5EDFFCA6BCE77F3AF8A499EB7A71

73B

seed = A33AEF3ADFE4F060EC0749B02FDB6943 C35

70D93

counter = 252

From these we calculated the following parameters

The public group g obtained was

40696A1B8D4EA012C48D295D33E5CA5CCC2BFAD5DFE

4048298AD5148E16A670E466CF98A1711A0CEAA0C2599

2EEEB260F288EEC781741E0B18BEA50CB4D96C0A6D36

E206F8B9E83B5E841B767CE7405F665C09399F3B07A127

CEFB05A734D7700FD055C5947BE07151587AF19F8C8903

E6F1337B2ECB7A9EF15279B4F53F22C1

The private key x calculated was

8B533C502497096136E07257AB3FBDDB1D5FC2B5

The private session key k was calculated as

9EBBA7A6941D89B021F8F969097F5908B8C972AA

The value of k is different each time the DSA is used.

The public key y obtained was

4585038BCCA5093DC111566C933A40D27E5FAF64D35C9

78FE7B6EE4D39104919DCF2FFF61E216607A6457C138A1

B5903B0B33AB3532D3465C42BD76CE236ABB33144698

AC5D5BF96EE85D6A669778F37720BF5620EAD2A3886D

68076DCA3CA2306C938E3DCA315B6CDAA799DBD6547

7D44027DA0DDBD6373953CB67D50F17DFE

The next step was to generate digital signatures pair [r,s].

The values we obtained were

r=A1C64B9AE6F40346A8B43021A255410305ED0589

s=3EC0E1ABD9679154DEE5E5FCA5FBBE03E991F7CE

We then concatenated the signatures r and s into a single

binary string and watermarked the image.

This was followed by the verification process which was

performed on the watermarked image

v = A1C64B9AE6F40346A8B43021A255410305ED089

r=A1C64B9AE6F40346A8B43021A255410305ED0589

r = v : The signature has been verified successfully in this

case.

Summing up, we have achieved the following:

i) Tackled the primary premise of using DSA for

watermarking of digital images, using non-invertibility as the

prime feature.

ii) Derived watermarks from the original image or as a

variation from any other image independent of it.(e.g. logo)

iii) Demonstrated signing images with DSA without

increasing the file size.

iv) Made use of asymmetric keys even with private

watermarking techniques.

v) Incorporated time stamping with the use of parameter k.

Even if same image is signed with the same technique another

time , the digital signatures incorporated into it would be

different. REFERENCES

[1] P.Moulin & J.A. O’Sullivan, “Information -Theoretic Analysis of

Information Hiding”, at IEEE International Symposium on Information

Theory, Boston, MA, October, 1999.

[2] Barni, M., et al., Watermark embedding: hiding a signal within a cover

image. Comm. Magazine, IEEE, 39(8): p. 102-108. 2001.

[3] Jian Liu and Xiangjian He, Department of Computer Systems University

of Technology, Sydney, Australia, A Review Study on Digital Watermarking

IEEE,2005.

[4] Scott Craver, Nasir Memon, Boon-Lock Yeo and Minerva M. Yeung

.Resolving Rightful Ownerships with Invisible Watermarking

Techniques:Limitations, Attacks, and Implications: IEEE journal on selected

areas in Communications Vol. 16, No. 4, May 1998.

[5] A. Adelsbach, S. Katzenbeisser, and H. Veith. Watermarking schemes

provably secure against copy and ambiguity attacks. DRM’03 (Digital Rights

Management), October 27, 2003, Washington, DC, USA, pages 111–119,

2003.

[6] Qiming Li, Ee-Chien Chang, On the Possibility of Non-Invertible

Watermarking Schemes , National University of Singapore,2004.

[7] Wenjun Zeng and B. Liu, “A statistical watermark detection technique

without using original images for resolving rightful ownerships of digital

images”Image Processing, IEEE Transactions on , Volume: 8 no. 11

,Nov.1999.

[8] Yong-Cong Chen and Long-Wen Chang, A Secure and Robust Digital

Watermarking Technique The block cipher RC6 and Secure Hash Algorithm,

Department of Computer Science,National Tsing Hua University Hsinchu,

Taiwan, IEEE 2001.

[9] A. Adelsbach and A. Sadeghi. Zero-knowledge watermark detection and

proof of ownership. 4th Int. Workshop on Info. Hiding, LNCS 2137:273–288,

IEEE2000.

[10]Stefan Katzenbeisser.On integration of watermarks and

cryptography.Institute of Informatics, Germany,2004.

[11] F Lefebvre, J. Cqvz and B. Macq Robust Soft Hash Algorithm for Digital

Image Signature B-1348 Louvain-la-Neuve, Belgium, IEEE 2003.

[12] József Lenti, Steganograpic Methods ,Department of Control

Engineering and Information Tech., Budapest University of Technology and

Economics, Hungary, Periodica Polytechnica SER. EL. ENG. VOL. 44, NO.

3–4, PP. 249–258 (2000)

[13] Stefano Chessa,Roberto Di Pietro,Erina Ferro,Gaetano Giunta,Gabriele

Oligeri Mobile Application Security for Video Streaming Authentication and

Data Integrity Combining Digital Signature and Watermarking Techniques,

European Satellite Communications Network of Excellence, IEEE 2007.

[14] Tao Chen,Wang J.,Zhou Y.,Combined digital signature and digital

watermark scheme for image authentication, Department of Automation,

Tsinghua University, China, IEEE 2001.

[15] U.S. Department Of Commerce/ National Institute of Standards and

Technology,"Digital Signature Standard (DSS)" FIPS PUB 186-2(FEDERAL

INFORMATION PROCESSING STANDARDS PUBLICATION), January

27,2000.

[16] U.S. Department Of Commerce, Tech. Administration, National Institute

of Standards and Technology , FIPS PUB 180-1,"Secure Hash Standard".

[17] F. Mintzer, G. W. Braudaway and M. Yeung, “Effective and ineffective

digital watermarks,” Proceedings of the IEEE International Conference on

Image Processing,October 26-29, 1997, Santa Barbara, CA, vol. 3, pp. 9-12.

[18] Rongsheng XIE, Keshou Wu, Jiangbo Du and Chunguang Li, Survey of

Public Key Digital Watermarking Systems , Eighth ACIS International

Conference on Software Engineering, Artificial Intelligence, Networking, and

Parallel/Distributed Computing,IEEE,2007.

404404