a fragile watermarking algorithm for content · pdf filea fragile watermarking algorithm for...

International Journal of Computing & Information Sciences Vol.2, No. 1, April 2004 27

A Fragile Watermarking Algorithm for Content Authentication

Raja’ S. Alomari and Ahmed Al-Jaber

Computer Science Department, King Abdullah II School for Information Technology,

University Of Jordan, Amman 11942, Jordan.

[email protected] [email protected]

Abstract: In many multimedia applications, there is a need to authenticate a source that has been subjected to potential tampering attacks. This application is called Content Authentication. Watermarking is among the emerging fields that are used in Content Authentication. Fragile Watermarking Algorithms are usually used in building Content Authentication Systems. This Paper Proposes a Secure Fragile Watermarking Algorithm. This algorithm is an extension of an existing data hiding scheme which is proposed for binary images by Tseng et al. in [12]. The proposed algorithm shows a very high fidelity and fragility. Those two properties enabled the applicability of this algorithm for Content Authentication. A Signature is extracted from each block of the image and is inserted in that block. Extraction of this signature and appropriate parameters for computation of this signature are studied in this paper. The technique by which this signature is extracted is a modified version of a signature extraction function proposed in [2]. A detailed study for the applicability of this algorithm for Content Authentication is done. Experimental results show a very high ability for tamper detection. Many tamper attacks are applied and analyzed. Key Words: Content Authentication, Fragile Watermarking, Hash Function, Gray Scale Image, Color Images.

Received: March 06, 2004 | Revised: February 01, 2005 | Accepted: March 01, 2005

1 Introduction Content Authentication is one of the hottest topics of research these days. Many real applications need methodology in order to assure that when delivering something to somewhere, it is delivered as is. The appropriate methodology should be simple and secure to assure the authenticity of the work and the source of the transmitted work. Two types of Authentication exist: Exact Authentication and Selective Authentication. Exact authentication is accomplished by: Fragile Watermarks, Embedded Signatures, and Erasable Watermarks. On the other hand, Selective Authentication is accomplished by semi-fragile Watermarks, Embedding Semi-fragile Signatures, and Tell-tale Watermarks [3]. For traditional data authentication, the security requirement is to reject any message that has been altered to the slightest degree which is called Exact Authentication. Some real applications need exact authentication and do not accept any alteration in the

image at all. Consider for example an image for a crime, changing any thing in the image such as a car number plate may cause suspecting a person other than the actual criminal [3, 4]. On the other hand, some real applications do not need exact authentication as above: they only need to verify some selective places in the work in order to be authenticated. Those need Selective Authentication which distinguishes between malicious and non-malicious attacks, (i.e., it distinguishes between legal distortions such as: signal processing operations and illegal distortions such as changing a person in the image). In general, minor data alterations may be acceptable if they still maintain the perceptual quality of the image [20]. Image authentication systems have applicability in: law, commerce, defense, and journalism. Since digital images are easy to modify, a secure authentication system is useful in showing that no tampering has occurred during situations where the credibility of an image may be questioned [5].

28 International Journal of Computing & Information Sciences Vol 2., No. 1 ,April 2004

A fragile watermark is a watermark that is readily altered or destroyed when the host image is modified through a linear or non-linear transformation. The sensitivity of fragile marks to modification leads to their being used in image authentication. That is, it may be of interest for parties to verify that an image has not been: edited, damaged, or altered since it was marked [20]. A good review of fragile watermarking algorithms is done in [14]. Fragile watermarking systems are categorized into two categories according to the working domain. First, fragile watermarking that works directly in the spatial domain. Second, fragile watermarking that works in a transform domain. Most fragile watermarking systems embed the mark directly through the spatial domain of a Work, such as techniques described in [9] and [14]. These techniques embed the mark in the least significant bit (LSB) plane for perceptual transparency. Their significant disadvantages include the ease of bypassing the security they provide [5] and [9]. Wong [15] described another fragile marking technique which obtains a digest using a hash function. The image, image dimensions, and marking key are hashed during the embedding and are used to modify the least-significant bit plane of the original image. This is done in such a way that when the correct detection side information and unaltered marked image are provided to the detector, a bi-level image chosen by the owner (such as a company logo or insignia), is observed. This technique has localization properties and can identify regions of modified pixels within a marked image. The technique of Yeung and Mintzer [19] is also one where the correct detection information results in a bi-level image. However, the embedding technique is more extensive than inserting a binary value into the least-significant bit plane. The marking key is used to generate several pseudo-random look-up tables (one for each channel or color component) that control how subsequent modifications of the pixel data will occur. Then, after the insertion process is completed, a modified error diffusion process can be used to spread the effects of altering the pixels making the mark more difficult to see. On the other hand, various transformations, such as: the Discrete Cosine Transform (DCT) and Wavelet Transforms are used for authentication systems. Usually those systems are semi-fragile since they are almost all robust to Lossy Compression. DCT based watermarking systems are usually robust to Joint Photographic Experts Group (JPEG) lossy compression while those work in the Wavelet

Domain are robust to Joint Photographic Experts Group 2000 (JPEG2000) Lossy Compression. Wu and Liu described a technique in [16] which is based on a modified JPEG encoder. The watermark is inserted - by changing the quantized DCT coefficients - before entropy coding. A special lookup table of binary values (whose design is constrained to ensure mark invisibility) is used to partition the space of all possible DCT coefficient values into two sets. The two sets are then used to modify the image coefficients in order to encode a bi-level image (such as a logo.) In order to reduce the blocking effects of altering coefficients, it is suggested that the DC coefficient - and any coefficients with low energy - is not marked. Kundur and Hatzinakos in [8] embed a mark by modifying the quantization process of the Haar wavelet transform coefficients. While Xie and Arce in [17] selectively inserts watermark bits by processing the image after it is in a compressed form. A wavelet decomposition of an image contains both frequency and spatial information about the image hence watermarks embedded in the wavelet domain have the advantage of being able to locate and characterize the tampering of a marked image. Two types of authentication systems are currently being investigated: global and local authentication. As the naming implies, global authentication system considers the Work as a whole, (i.e., either the Work is authentic or not). The other type of systems is local, (i.e., the authentication is based on local regions in the Work). So the authentication system output the regions in the work as authentic regions while others are not [3]. This paper introduces a detailed study of a Content Authentication System - that is built upon the proposed fragile watermark. This new proposed fragile watermarking system is an extension of an existing secure data hiding scheme technique that is built on binary images [12]. It is considered as an excellent data hiding technique for binary image in terms of similarity and data payload. Kawaguchi and Eason proposed a data hiding technique in [6] - that embeds data inside bit planes of the grayscale image in accordance with the concept of pixel complexity which can be defined in different ways. The watermarking system that is proposed in this paper uses the first bit plane to embed an authentication signature using the binary image data hiding technique introduced in [12].

2 Motivation Content authentication application intends to assure that the received work is from the authorized source, and that the work content is identical to the original.

A Fragile Watermarking Algorithm for Content Authentication 29

The past few years have witnessed an increasing use of digitally stored information. Since the digital image is easy to: edit, modify, and exploit - at the same time, image editing programs are becoming more powerful so that even an amateur can maliciously modify digital images and create perfect forgeries without leaving any trace on the original image. Techniques to establish the authenticity and integrity of digital images are essential. Especially when the work content is used for the content sensitive fields such as: photojournalism, courtroom evidence, medical applications, or commercial transaction - the originator of the content has to be verified while ensuring the content has not been: changed, manipulated or falsified [20].

3 Preparations In this section, some of the necessary concepts and terminologies used in this paper, as well as, the main ideas proposed by Tseng et al., [12]. - Definition 1: Given a cover image C and a message M to be hidden in C, then private key steganography system can be defined as: Fe: M× K → C, Such that Fe (C,M,K) = C' And Fr( Fe (C,M,K,), K) = Fr (C', K) Where K is a secret key, Fe is the embedding function, Fr is the extracting function, and C' is the stego-image. This means, that the message M can be embedded in C by the function Fe to generate the stego-image C', and the embedded message can be extracted by the extracting function Fr from C'. A scheme were proposed by Tseng et al., [12] to hide data in a binary image called CPT. This scheme can be summarized in the following algorithm: - CPT Algorithm C: is a cover image partitioned into blocks of size

m∗ n{ C1,…, Cy} K: is a random binary block of size m∗ n. W: is a weight matrix of size m∗ n, where {Wi,j, i =1..

m, j = 1..n } = 1...2r–1, 1...2r-1 ,.. L, L ≤ 2r-1 R: is the number of bits to be embedded in one block;

note that r ≤ log(mn+1) Begin

Step1: FOR each collection of bits b1..br to be embedded in block Ci

Do the following. Step2: Calculate Ci ⊕ K, where ⊕ is the exclusive

OR

Step3: Let H= SUM ((Ci⊕ K)⊗ W) where ⊗ is the pair-wise multiplication of two matrixes of equal size.

Step4: For each w, w =1,…, 2r-1 Let Sw= {(j, k); (Wj.k = w and [Ci ⊕ K]j,k= 0 } OR (Wj,k = 2r-w and [Ci ⊕ K]=1)}

Step5: let d = b1.. br - H mod 2r Step6: IF d = 0 there is no change in Ci Else

a) Randomly select h∈ {0,1, …,2r-1} such that Shd ≠ φ and S-(h-1)d ≠ φ.

b) Randomly select (j,k)∈ Shd and complement the bit [Ci]j.k

c) Randomly select (j,k)∈ S-(h-1)d and complement the bit (Ci)j,k. (Note if So is encountered then skip this step)

EndElse END. (Embedding) In this scheme, at most two bits can be modified in each host block; there is no control on the quality of the stego-Image. This scheme does not take in consideration the set of all neighbors of the modified bit. In the development of the new scheme the set of neighbors of the modified bit will be taken in consideration. This describes the achievement in this paper. - Output I’: the Watermarked Image. - Note: • The Proposed Fragile Algorithm – which will be

used in the Content Authentication System – uses the first bit plane of the image to embed a signature – which is extracted from the image itself – using the CPT algorithm.

• Each block Ii is embeddable: There isn't any need to check for embedability of the block since the first bit plane of a gray scale - or a color image - is not noticeable by the human eye. (Human Visual System). Tseng et al.[12] in the results of their experiments avoided embedding in white (all pixels are Ones) and black (all pixels are Zeros) since any change would be noticed. This is not considered here in order to accomplish the task of Content Authentication.

• For simplicity of implementation assume the following:

• Block Size is equal for all blocks (Ii) of the Image I.

• Image’s Blocks are squares. • Dimensions of Image I (Width, Height) are

multiples of Block Size.


4 Mathematical Example In this section, a mathematical example of the proposed algorithm - which will be used in the Content Authentication System - is illustrated in order to reveal any ambiguity in the formal modeling of the algorithm presented in the previous section. In this example, some cases will be discussed. The embedding would only be in the first bit plane of the image. Now, consider the following values of the required parameters. Let I be the Original un-watermarked Image as shown in table 1. The shading of the image is intended only for easily distinguishing the blocks. Numbering convention of the blocks starts from the left upper corner, so there is only six blocks I1, I2, I3, I4, I5, and I6.

Let BlockSize = 4. The number of bits that maximally can be embedded is log2 BlokSize x BlockSize + 1 . Which is 4. Let the message which embeds M be 111011010101 Let K be defined as in table 2. Let W be defined as in table 3.

Embedding Process • Table 4: shows the first bit Plane. • Table 5: shows (h = I ⊕⊕⊕⊕ K). • Table 6: shows (h ⊗ W) • Table 7: shows The Result After Complementing

some bits • Table 8: shows the watermarked image. Extraction Process • Table 8: shows the watermarked image. • Table 7: shows the first bit plane from the

watermarked image. • Table 9: shows h = I' ⊕⊕⊕⊕ K • Table 10: shows h ⊗⊗⊗⊗ W • For each Block in table 10 take the sum and find

the modulation to 24 • Concatenate the results to build the message. • Extracted message is 111011010101.


5 Content Authentication System Any Content Authentication System consists mainly of three parts. Some differences exist between Content Authentication Systems - but the general framework of any Content Authentication System can be divided into [20]: The generating function - (fg) - of the watermark Work (W) is to be added to the host Work. Typically, the watermark signal depends on a key (K). The watermark information (i) is shown in Equation 1.

W = fg (i, K) …………………. Equation (1) It may also depend on the host data, I, into which it is embedded. As shown in equation 2.

W = fg (i, K, I) ………….…… Equation (2) A hash function is usually used as a generating function. A hash function is a function that accepts a variable size message M as input and produces a fixed size message digest H (M) as output [7]. The embedding (Encoding) function, (E), incorporates the watermark signal, W, into the host data, (I), yielding the watermarked data I'. Typically, the watermark signal depends on a key, K

I' = E (I, W, K) ……………… Equation (3)

The extracting (Decoding) function (Authenticator), D, which recovers the watermark information, W', from the received watermarked data, (I').

W' = D (I', K) ………….…… Equation (4)

5.1 Watermark-Generating Function The watermark generating function is usually a hash function which is a function that accepts a variable size variable and produces a fixed size value. A hash function, such as MD5 [10], produces: a one-way message digest; a fingerprint of a file, message, or any other block of data. The hash based Message Authentication Code 2 (MAC2) [7] encrypts the hash value of the message with a secret key which is shared by the sender and the receiver. In the literature, there is a variety of generating functions that are used in content authentication. Yueng in [18] embeds a binary logo of the same size as the host image - by means of a key dependent Look-Up Table (LUT) - that maps every possible pixel luminance value to either 0 or 1. The watermark is inserted by adjusting the Least Significant Bit (LSB) value of each image pixel in the spatial domain in order to match its corresponding LUT value. At the receiving side, the LUT can be reconstructed due to the knowledge of the secret key. The integrity verification can be performed either by a simple visual inspection of the extracted mark, or by an automated comparison with the original one. The watermarking is very sensitive to any distortion on the image - but it is very vulnerable to block analysis attacks. Fridrich and Baldoza in [5] improved the algorithm in Yueng by using a 64 x 64 block cipher instead of LUT. - The watermark is embedded in a 32 x 32 block. Other algorithms can be found in [19 and 20]. The Content Authentication System which is implemented for this paper uses a version of hashing function introduced by Barreto and Kim [2] - that is called HBC2: a deep discussion of its robustness to attacks - that are intended for the watermark itself - is done in [2]. Equation 6 shows the HBC2 hash value.

Ht = H (M, N, Zt*, Z(t-1) mod n, t, St-1) … Equation (5)

Such that Ht: refers to the signature of a current block (which is to be extracted). M and N are the dimensions of the image. Zt, Z(t-1) mod n are values that represent the current (t) block pixels' values - and the previous block pixels' values, respectively. Zt that is used in the implementation represents the summation of pixels in block t. n is the number of blocks in the image. t is the block number. St–1 is the nondeterministic signature of block Zt–1 which is a non-deterministic parameter. An image Identification number (ID) was used in the implementation of the proposed Content Authentication System. A hashing key is added to the hash value in order to increase the security and robustness to some attacks.


The steps of watermark (signature) generation is implemented by finding both the sum of the parameters and then finding the modulation of the resulting sum to 256 - in order to have a fixed length value with 8-bits. Then, the Embedding of those 8-bits which corresponds to each block is done by using the proposed embedding technique. This implementation is chosen only for simplicity.

5.2 Embedder and Authenticator The second and third parts of the proposed Content Authentication System are related - since they are the two main parts of the watermarking algorithm that is proposed in section 3. A mathematical example that illustrates the process of embedding and extraction was introduced in section 4. The only difference that should be noticed is that the extractor is renamed as authenticator, (i.e., a slight difference is applied on the purpose of using it,) - thus the output from it. Simply, the authenticator should input the received watermarked image that is to be verified. The output is the same image - but with regions marked as inauthentic. Figures 1 and 2 show the work flow of the embedder and the authenticator used in the system.

6 Experimental Study This section introduces experimental results for the proposed algorithm to be used as a fragile watermarking algorithm. A benchmark Image is being watermarked using the proposed algorithm (as shown in figures 3 and 4). Figure 3 shows the fruit image (128 x 128) - with 10,000 characters embedded as a hidden message. The experimental study embeds the message in the lowest two bit planes. With a 4 x 4 block size; 8 bits per 16 pixels can be hidden. Which is a reasonable high payload compared to existing known algorithms. Figure 4 shows the same image (256 x 256) with 20,000 characters that are embedded. Tables 11 and 12 show the results of experiments applied to both images with different message size. The results are in terms of three similarity measures: Mean Square Error (MSE), Peak to Signal Ratio (PSNR), and Correlation. Those are given by the equations 6, 7, and 8 respectively.


….. Equation (6)

Where X, Y are the dimensions of the image. I and I’ are the original and the watermarked image respectively.

…………………… Equation (7)

Where MSE is the Mean Square Error.

……... Equation (8)

Where X, Y are the dimensions of the image. I and I’ are the original and the watermarked image respectively.

It is worth mentioning here that this watermarking scheme is much better in terms of similarity (Human Visual System) - than many existing techniques. This is a clear result - because the embedding technique

makes very slight modifications on the pixels. For example, to embed 4 bits in a 4 x 4 block it is required to modify at most 2 bits from the LSB. On the other hand, time efficiency is the risk. The embedding process which uses the proposed scheme in this paper consumes much time - but it is still reasonable. Time complexity is not a critical issue in this algorithm. Instead security is more of a concern. This is also clear result - since there is a risk of time being added for the bit-plane extraction process and the bit-plane replacing process.

7 Analysis of the Content Authentication System

This section will discuss the proposed Content Authentication System in terms of the Content Authentication System's properties, as well as, attacks that are known against the Content Authentication System.

Detect Tampering A fragile marking system should detect (with high probability) any tampering in a marked image. In many applications it is also desirable to provide an indication of how much alteration or damage has occurred - and where it is located. In the fragile embedding algorithm - used in proposed Content Authentication System – detecting tampering property is of a very high level. If any changes occur in the image after marking it - even a one bit change - it will surely change the value of the signature (if the change occurs in the 7 most significant bits) - or the embedded signature (if the change occurs in the first bit plane). If either value is changed then the system will mark that block and the dependent block - as inauthentic. Figures 5, 6, 7, and 8 show a scenario of adding the value 256 to two randomly selected pixels. Note that the Hash key was the reason why such an attack is detected. Note also that the blocks, as well as, dependent blocks are marked as inauthentic with the shape (X).

2

11)),('),((

*1 yxIyxI

YXMSE

Y

y

X

x−

= ∑∑==

MSEPSNR

2

10255log10=

∑∑

∑∑

= =

= =

×= X

x

Y

y

X

x

Y

y

yxI

yxIyxInCorrelatio

1 1

2

1 1

),('

),(),('


Perceptual Transparency This property refers to that an embedded watermark should not be visible - under normal observation - or interfere with the functionality of the image. The embedding algorithm that is used in the content authentication system is of a very high quality in terms of transparency when it is compared to existing watermarking techniques. Tables 11 and 12 show how transparent the embedding algorithm is.

Detection Should Not Require The Original Image

This property means that the detection (authentication) should be blind. The proposed system is blind, (i.e., does not need the original image to verify the authenticity of the watermarked image).

Detector Should Be Able To Locate And Characterize Alterations Made To A Marked Image

This property refers to the ability to locate spatial regions within an altered image which are either authentic or corrupted. The detector (authenticator) used in the proposed system locates the place of any forgery (attack) that may corrupt the image. The block size is the tampering unit. That is, if a pixel is corrupted by any attack, then two blocks would be marked as inauthentic, the one that includes the pixel itself (Zt) and the one that is a dependent of this block (Z(t-1 mod n)).

Note that by increasing the block size, the resolution of authentication would be less, - and vice versa, (i.e., by decreasing the block size, the resolution would be higher). The argument that what it is preferable is a trade off. Despite decreasing the block size would increase authenticity resolution, the hash value would be smaller, and this is not a desirable property since the number of collisions would increase.

The Marking Key Spaces Should Be Large This property aims at: accommodating many users, and hindering the exhaustive search for a particular marking key - even if hostile parties are somehow able to obtain both an unmarked and marked versions of a particular image. The proposed system has four key-like data structures for the embedding process, as well as, for the authentication process. Two are related to the signature extraction from the block pixels themselves (Key and Weight) - and the other two are related to the embedding/extraction process of the signature in the LSB (HKey and ID). The proposed system has the Key with a 16 x 16 binary values The number of different keys that may be chosen from is 2256, (i.e., a bout. 1077). Note that it is a very huge number of selections. In order to examine an exhaustive search for a key in this space, the probability of finding the key is about 8 * 10-78. Further, the weight matrix is 16 x 16 decimal values. Because those decimal values are constrained by two conditions, the number of selections available will be carefully calculated as follows: the weight matrix can take the values from 0 to 216-1 = 255. And at the same time, all the values in the range should exist in the matrix. The matrix is 16 x 16 - thus there are 256 places. Filling those places in a probability, point of view, can be achieved by filling: the first place with 256 selection [0, 255]; the second place with probability 255 selection (with the number chosen in the first place removed); the third place with probability 254 selection (with the number chosen in the first and second place removed); - and so on. Note that the last place has a number of selection = 256, since at that time all the values in the range (0 – 255) should exist in the matrix. Thus the number of selections to construct the weight matrix is 256 x 255 x 254 x .. x 1 x 256 - which is equal to factorial(256) x 256. It is a very huge number. In order to imagine this number, the MATLAB 6.5 can give an answer to factorial (170) - which is (7 * 10306) - After this value, it gives infinity indicator. From the above analysis of the keys space (key, weight) the reader should conclude: how impossible


it is to search the key alone and the weight matrix alone. Searching the key and the weight space at the same time would be an exponential problem. On the other hand, the two key like data structures that are related to hashing value extraction are the key and the Image ID. The key is an 8-bits value - thus its space is 28 = 256. It is not a huge space. The Image ID is the value that should compensate the constrained space of the key. The Image ID should be large enough to accommodate the purpose of its existence. Each image that is proposed to the system should have a uniquely identifying value - thus choosing the length of the Image ID is application dependent. It should be large enough to accommodate the number of images that may be subjected to the system. Without mathematical calculations the searching space is very huge.

The Marking Key Should Be Difficult To Deduce From The Detection Side Information

This property is particularly important in systems that have distinct marking and detection keys. The proposed Content Authentication System uses only private keys, so this property is not of concern for the proposed system.

8 Attacks Analysis This section will study the effect of the known attacks that may be subjected to the watermarking technique. Attacks that may subject the hashing value generator such as the counterfeiting attacks, birthday attack, and transplantation attacks are discussed in [2].

Blind Modification Arbitrarily change the marked image by assuming that no mark exists. Those include: cropping, and localized replacement (such as substituting one person’s face with another.) The latter type of modification is a significant reason why an

application may want to be able to indicate the damaged regions within an altered image. The

localized replacement attack is simple and easy to be detected since the proposed system is localized. Figure 9 reveals a scenario of changing critical information of an image. Note that the images used in this scenario are color images.

Modify The Marked Image Itself Without Affecting The Embedded Mark Or Creating A New Mark That The Detector Accepts As Authentic

Embedding a new mark is possible, if there is the key, weight, hash key, and image ID. Deducing all those key-like structures is impossible. Thus, the attacker can not: modify the marked image as he wants or create a new mark as he wants until he knows all the four keys. Some weak fragile marks easily detect random changes to an image but may fail to detect a carefully constructed modification. An example is a fragile mark embedded in the least-significant bit plane of an image. An attempt to modify the image without realizing that a mark is expressed in the Least Significant Bits is very likely to disturb the mark and be detected. However, an attacker that may attempt to modify the image without disturbing any Least Significant Bits or substitute a new set of Least Significant Bits on a modified image that the detector classifies as authentic. Note that this attack is not applicable for the proposed system. Since changing the embedded mark should be done on both the 7 most significant bits of pixels and on the LSB at the same time.

Completely Removing The Mark It is clear that if an attacker tries to remove the mark, (for example, by addition of noise to each block, or making the mark undetectable somehow), that would be a very silly attack since the authenticator will simply be saying "Inauthentic Image." It will be a useless image.

Deduction Of Marking Key

An attacker may also attempt the deduction of the marking key which is used to generate the mark. The


marking key is intimately associated with an embedded mark. So if it is possible to isolate the mark, the attacker can study it in order to deduce the key (or reduce the search space for the marking key). Once the key is deduced, the attacker can then forge the mark into any arbitrary image. The last sentence is true. If an attacker knew the marking keys, it would be very easy to forge an authenticated image - provided he knew the hashing value extraction technique and the embedding technique. But still, how will the attacker know the keys. Section 7 shows how possible to know the keys which are necessary for marking. I think that the only way to know the keys is to contact either the embedder party or the authenticator, and beg him for the keys!

9 Conclusion and Future Work Experimental results showed an excellent watermarking algorithm in terms of fragile watermarking properties. This algorithm enables a high data payload and high transparency at the same time when compared to existing fragile systems. Attack analysis is also provided to study the robustness of the system against known attacks that may subject fragile watermarking systems. This paper proposes a fragile watermarking technique and studies this technique for Content Authentication as one of the most important watermarking applications. The proposed Content Authentication System uses a watermarking algorithm that has a high level of fragility. This property gives the system a very high ability to discover any alteration has occurred to the Work since the watermark embedding. From the study of the proposed watermarking algorithm and the Content Authentication System, some conclusions can be drawn as follows: Exact Content Authentication needs fragile

watermarking algorithms, the more fragility of the algorithm, the more ability to detect tampering in the watermarked Work.

The proposed watermarking algorithm shows a very high data payload to fidelity trade-off when compared to existing watermarking algorithms. It is a logical consequence since at most two bits are flipped when embedding number of bits equal to log (blocksize), e.g., to embed 4 bits in 4 x 4 pixels block, at most, two bits are flipped.

The proposed Content Authentication System is sensitive to any tampering that may occur to the watermarked image. The ability of this system for tamper detection comes from two sides; the hashing function that is used and the watermarking algorithm that it uses.

The Proposed Content Authentication has a very high level of security; this is accomplished due the existence of the weight and key matrices used in the embedding algorithm, as well as, the hash key and the image identification used in the hashing function.

The proposed system is recommended to applications that need an exact authentication of images with a very high level of security. Law, commerce, defense, and journalism are recommended applications.

Recommended future work that may be done to the first proposed algorithm can be summarized as follows: For applications that need the original image to

be authenticated rather than the watermarked image, more investigation should be done on the first bit plane. Authenticating of the original first bit plane may need recovering the original bits of the first bit plane. More investigation on the erasable (invertible) watermarks would be helpful in accomplishing this task.

More investigation on the hashing value extractor is recommended; which variables to include in the calculation of the hash value, and what operations should be applied to those variables to produce the hash value.

Dedication of the proposed system to some application needs more study for the environment of that application, e.g., using the proposed system in journalism needs to investigate what are the major issues to concentrate on, when using the proposed system.

10 References [1] Alomari, Raja', and Al-Jaber, Ahmed. "A

Robust Watermarking Algorithm for Copyright Protection." The 3rd ACS/IEEE Conference on Computer Systems and Applications, Cairo, Eqypt, Jan 2005.

[2] Barreto, P., and Kim H., "Pitfalls In Public Key

Watermarking," Proceedings of Sibgrapi-Brazilian Symposium on Computer Graphics and Image Processing, pp. 241-242, 1999.

[3] Cox J., Miller L., Bloom A., Digital

Watermarking, Morgan Kaufmann Publishers, USA, 2002.

[4] Cox J., Miller L., "The First 50 Years of

Electronic Watermarking", EURASIP J. of Applied Signal Processing, vol. 2, pp. 126-132, 2002.


[5] Fridrich M., and Baldoza A., "New Fragile Authentication Watermark For Images." ICIP'2000, Vancouver, Canada (2000).

[6] Kawaguchi E., and Eason R., “Principle And Applications Of BPCS-Steganography,” Proceedings of SPIE (3528), Multimedia satellite networks: issues and challenges, pp. 464-473, 1999.

[7] Krawczyk M., and Canetti R., "HMAC: Keyed Hashing For Message Authentication," Internet Request for Comments, RFC 2104, 1997.

[8] Kundur D., and Hatzinakos D., “Towards A

Telltale Watermarking Technique For Tamper-Proofing,” Proceedings of the IEEE International Conference on Image Processing, vol. 2, pp. 409-413, 1998.

[9] Lin E., and Delp E., “A Review Of Fragile

Image Watermarks.” Proc. of the Multimedia and Security Workshop (ACM Multimedia '99), pp. 25-29, 1999.

[10] Rivest R., "The MD4 Message-Digest

Algorithm." Corporation for National Research Initiatives, Internet Engineering Task Force, Network Working Group, Reston, Virginia, USA, 1992.

[11] Schyndel R., Tirkel A., and Osborne, C., “A

Digital Watermark,” Proceedings of the IEEE International Conference on Image Processing, vol. 2, pp. 86-90, 1994.

[12] Tseng Y., Chen Y., and Pan H., "A Secure

Data Hiding Scheme for Binary Images," IEEE Transactions On Communications, vol. 50, no. 8, pp. 1227-1231, 2002.

[13] Tseng Y., and Pan H., "Secure And Invisible

Data Hiding In 2-Color Images," in Proceedings of IEEE INFOCOM 2001, pp. 887-896, 2001.

[14] Walton S., “Information Authentication For A

Slippery New Age,” Dr. Dobbs Journal, vol. 20, no.4, pp. 18-26, 1995.

[15] Wong P., “A Watermark For Image Integrity

And Ownership Verification,” Final Program and Proceedings of the IS&T PICS 99, pp. 374-379, 1999.

[16] Wu M., and Liu B., “Watermarking For Image

Authentication,” Proceedings of the IEEE International Conference on Image Processing, vol. 2, pp. 437-441, 1998.

[17] Xie L., and Arce G., “Joint Wavelet

Compression And Authentication Watermarking,” Proceedings of the IEEE International Conference on Image Processing, vol. 2, pp. 427-431, 1998.

[18] Yeung C., "An Invisible Watermarking

Technique For Image Verification," Proc. of ICIP, pp. 680-683, 1997.

[19] Yeung M., and Mintzer F., “Invisible

Watermarking For Image Verification,” Journal of Electronic Imaging, vol. 7, no. 3, pp. 578-591, 1998.

[20] Zaho Y., “Dual Domain Semi-Fragile

Watermarking For Image Authentication,” Master Thesis, University of Toronto, 2003.

Raja' S. Alomari a PhD candidate at computer science dept - Wayne Sate University. He was a teaching assistant at computer information systems department, King Abdullah II School for Information Technology,

University of Jordan. Research Interests are in the fields of Watermarking, Image Processing, Machine Learning, and Evolutionary Computation.

Ahmed Al-Jaber Professor in the Computer Science Department, King Abdullah II School for Information Technology, University of Jordan. Research Interests are in the fields of Steganography, Watermarking, and Algorithms.

a fragile watermarking algorithm for content · pdf filea fragile watermarking algorithm for...

Documents