Fabien A. P. Petitcolas

Information hiding-a survey

Information-hiding techniques have recently become important in a number of application areas. Digital audio, video, and pictures are increasingly furnished with distinguishing but imperceptible marks, which may contain a hidden copyright notice or serial number or even help to prevent unauthorized copying directly. Military communications systems make increasing use of traffic security techniques which, rather than merely concealing the content of a message using encryption, seek to conceal its sender, its receiver, or its very existence. Similar techniques are used in some mobile phone systems and schemes proposed for digital elections. Criminals try to use whatever traffic security properties are provided intentionally or otherwise in the available communications systems, and police forces try to restrict their use. However, many of the techniques proposed in this young and rapidly evolving field can trace their history back to antiquity, and many of them are surprisingly easy to circumvent. In this article, we try to give an overview of the field, of what we know, what works, what does not, and what are the interesting topics for research.

On the limits of steganography

In this paper, we clarify what steganography is and what it can do. We contrast it with the related disciplines of cryptography and traffic security, present a unified terminology agreed at the first international workshop on the subject, and outline a number of approaches-many of them developed to hide encrypted copyright marks or serial numbers in digital audio or video. We then present a number of attacks, some new, on such information hiding schemes. This leads to a discussion of the formidable obstacles that lie in the way of a general theory of information hiding systems (in the sense that Shannon gave us a general theory of secrecy systems). However, theoretical considerations lead to ideas of practical value, such as the use of parity checks to amplify covertness and provide public key steganography. Finally, we show that public key information hiding systems exist, and are not necessarily constrained to the case where the warden is passive.

Attacks on Copyright Marking Systems

In the last few years, a large number of schemes have been proposed for hiding copyright marks and other information in digital pictures, video, audio and other multimedia objects. We describe some contenders that have appeared in the research literature and in the field; we then present a number of attacks that enable the information hidden by them to be removed or otherwise rendered unusable.

Fair benchmark for image watermarking systems

Since the early 90s a number of papers on robust digital watermarking systems have been presented but none of them uses the same robustness criteria. This is not practical at all for comparison and slows down progress in this area. To address this issue, we present an evaluation procedure of image watermarking systems. First we identify all necessary parameters for proper benchmarking and investigate how to quantitatively describe the image degradation introduced by the watermarking process. For this, we show the weaknesses of usual image quality measures in the context watermarking and propose a novel measure adapted to the human visual system. Then we show how to efficiently evaluate the watermark performance in such a way that fair comparisons between different methods are possible. The usefulness of three graphs: attack vs. visual-quality, bit-error vs. visual quality, and bit-error vs. attack are investigated. In addition the receiver operating characteristic (ROC) graphs are reviewed and proposed to describe statistical detection behavior of watermarking methods. Finally we review a number of attacks that any system should survive to be really useful and propose a benchmark and a set of different suitable images.

Evaluation of copyright marking systems

Hidden copyright marks have been proposed as a solution for solving the illegal copying and proof of ownership problems in the context of multimedia objects. Many systems have been proposed, but it is still difficult to have even a rough idea of their performance and hence to compare them. So we first describe some general attacks on audio and image marking systems. Then we propose a benchmark to compare image marking software on a fair basis. This benchmark is based on a set of attacks that any system ought to survive.

StirMark benchmark: audio watermarking attacks

We briefly present the architecture of a public automated evaluation service we are developing for still images, sound and video. We also detail new tests that will be included in this platform. The set of tests is related to audio data and addresses the usual equalisation and normalisation but also time stretching, pitch shifting and specially designed audio attack algorithms. These attacks are discussed and results on watermark attacks and perceived quality after applying the attacks are provided.

Public automated web-based evaluation service for watermarking schemes: StirMark benchmark

One of the main problems, which darkens the future of digital watermarking technologies, is the lack of detailed evaluation of existing marking schemes. This lack of benchmarking of current algorithms is blatant and confuses rights holders as well as software and hardware manufacturers and prevents them from using the solution appropriate to their needs. Indeed basing long-lived protection schemes on badly tested watermarking technology does not make sense. In this paper we will present the architecture of a public automated evaluation service we have developed for still images, sound and video. We will detail and justify our choice of evaluation profiles, that is the series of tests applied to different types of wa-termarking schemes. These evaluation profiles allow us to measure the reliability of a marking scheme to different levels from low to very high. Beside the known StirMark transformations, we will also detail new tests that will be included in this platform. One of them is intended to measure the real size of the key space. Indeed, if one is not careful, two different watermarking keys may produce interfering watermarks and as a consequence the actual space of keys is much smaller than it appears. Another set of tests is related to audio data and addresses the usual equalisation and normalisation but also time stretching, pitch shifting. Finally we propose a set of tests for fingerprinting applications. This includes: averaging of copies with different fingerprint, random ex-change of part between different copies and comparison between copies with selection of most/less frequently used position differences.

Blind pattern matching attack on watermarking systems

Billions of dollars allegedly lost to piracy of multimedia content have triggered the industry to rethink the way music and films are distributed on the Internet. As encryption is vulnerable to digital or analog re-recording, currently almost all copyright protection mechanisms rely to a certain extent on watermarking. A watermark is an imperceptive secret hidden into a host signal. We analyze the security of multimedia copyright protection systems that use watermarks by proposing a new breed of attacks on generic watermarking systems. A typical blind pattern matching attack relies on the observation that multimedia content is often highly repetitive. Thus, the attack procedure identifies subsets of signal blocks that are similar and permutes these blocks. Assuming the permuted blocks are marked with distinct secrets, it can be shown that any watermark detector is facing a task of exponential complexity to reverse the permutations as a preprocessing step for watermark detection. We describe the logistics of the attack and an implementation against a spread-spectrum and a quantization index modulation data hiding technology for audio signals.

Defining security in steganographic systems

Intuitively, the security of a steganographic communication between two principals lies in the inability of an eavesdropper to distinguish cover-objects from stego-objects, that is objects which contain secret messages. A system should be already considered insecure, if an eavesdropper can suspect the presence of secret communication. Several definitions of steganographic security were proposed in the literature. However, they all consider only perfectly secure steganographic systems, where even a computationally unbounded observer cannot detect the presence of a secret message exchange. Second, it might be difficult to construct secure schemes usable in practice following these definitions. Third, they all require the knowledge of the probability distribution of normal covers; although it might be possible in certain cases to compute this probability, it will in general be infeasible to obtain. In this paper, we propose a novel approach for defining security in steganographic systems. This definition relies on a probabilistic game between the attacker and a judge. Given the ability to observe the normal communication process and the steganographic system, the attacker has to decide whether a specific object (given to him by a judge) is in fact a plain cover or a stego-object. We discuss the applicability of this new definition and pose the open problem of constructing provably secure steganographic systems.

Digital rights management for digital cinema

There is a wide consensus among the feature film production studios that the Internet era brings a new paradigm for film distribution to cinemas worldwide. The benefits of digital cinema to both producers and cinemas are numerous: significantly lower distribution and maintenance costs, immediate access to film libraries, higher presentation quality, and strong potential for developing new business models. Despite these advantages, the studios are still reluctant to jump into the digital age. The main showstopper for digital cinema is the danger of widespread piracy. Piracy already costs Hollywood an estimated two billion dollars annually and digital cinema without proper copyright enforcement could increase this number. In this paper, we present a copyright management system that aims at providing the set of necessary security tools: standard cryptographic primitives and copyright protection mechanisms that enable a reliable and secure feature film delivery system.