security analysis of robust data-hiding with geometrically...
TRANSCRIPT
20-01-2005University of Geneva & Microsoft Research 1
http://sip.unige.ch
Security Analysis of Robust Data-Hiding
with
Geometrically Structured Codebooks
E. Topak(a), S. Voloshynovskiy(a), O. Koval(a), M. K. Mihcak(b) and T. Pun(a)
(a)Stochastic Image Processing (SIP) Group,
University of Geneva, Switzerland
&
(b)Microsoft Research, Redmond, USA
20-01-2005Security Analysis of Robust Data-Hiding with Geometrically Structured Codebooks 2
http://sip.unige.ch
Agenda
� Problem formulation;
� Channels with geometrical attacks;
� Information theoretic (IT) framework for geometrically robust
data-hiding;
� Structured codebooks;
� Analysis of security leaks and attacking strategies;
� Conclusions;
� Future research directions.
20-01-2005Security Analysis of Robust Data-Hiding with Geometrically Structured Codebooks 3
http://sip.unige.ch
Problem formulation
Objectives:
� To analyze the conditions of reliable communications in channels with geometrical transformations;
� To study capacity achieving geometrically-robust data-hiding codes;
� To investigate security leakages of structured codebooks and corresponding attacking strategies.
20-01-2005Security Analysis of Robust Data-Hiding with Geometrically Structured Codebooks 4
http://sip.unige.ch
Problem formulation
Data-hiding problem: Given users each with its own key ,
communicate reliably message , , embedded in the
host image through the channel .N
X∈X
M∈m { }NR2,,2,1 L=M
{ }KL,2,1∈kK
)|( yvp
EncoderW
DecoderM
X
Y V M
K K
)|( yvp
→= ),,( KM XWW
→= ),( KMWW
If the host state is taken into account or not in watermark generation:
Random binning approach
Random coding approach
+
20-01-2005Security Analysis of Robust Data-Hiding with Geometrically Structured Codebooks 5
http://sip.unige.ch
Problem formulation
[ ]∑∈
=≠=M
Mm
Ne mMmMP |ˆPr
1)(Performance criterion:
Random coding
Random binning ( ) ( )[ ]KIKIN
R XUVU ;;1 −≤
( )KIN
R VW ;1≤
Practical set-up
( )∞<N
Theoretical set-up
( )∞→N
0)( ≠NeP
0)( =NeP
Conditions for reliable communications:
20-01-2005Security Analysis of Robust Data-Hiding with Geometrically Structured Codebooks 6
http://sip.unige.ch
Problem formulation
Encoder W DecoderM
X
Y V M
K KA
),|( ayvp
Problem: To analyze conditions of reliable communications in the case ofgeometrical attacks avoiding security leakages
+
Data-hiding in channels with geometrical attacks
Trade-offs:
Geometrical channels →→→→ Synchronization framework
Syncronization framework →→→→ Security leakages
20-01-2005Security Analysis of Robust Data-Hiding with Geometrically Structured Codebooks 7
http://sip.unige.ch
( )J∈A
aA =
Channels with geometrical attacks
Average probability of error:
( ) ( )( )
∑∈∈
=J
Ne
NGe PpP
Aa
A aa )()(
( ),,,1 Jaa K=a ( )apa Ai ~
Assumption: Applied transformation belongs to the set of typical geometrical transformations:
Theoretical set-up
( )∞→N( ) 0)( =aN
eP
( ) 0)( ≠aNeP
Practical set-up
( )∞<N
0)( →NGeP
1)( →NGeP
Geometrical attacks completely destroy
reliable communications
No impact on communications performance in price of increase
in decoding complexity
A decoder without a synchronization framework has to perform an exhaustive decoding through all possible geometrical transformations!
20-01-2005Security Analysis of Robust Data-Hiding with Geometrically Structured Codebooks 8
http://sip.unige.ch
Channels with geometrical attacks
Data-hider strategy: add synchronization part into the codebook.
( )J∈≤ AA '
( ) ( )∑′∈
=Aa
A aa )()( ~ Ne
NGe PpPAverage probability of error:
Constrained search space:
rate loss due to synchronization
( )J∈A
aA =A ′
R~
Geometrical synchronization based on structured codebooks:
Compensation of the estimate:channel state compensation
(CSC)
Estimation of the applied geometrical transformation from the attacked data:channel state estimation
(CSE)
20-01-2005Security Analysis of Robust Data-Hiding with Geometrically Structured Codebooks 9
http://sip.unige.ch
Channels with geometrical attacks
Structured codebooks
Redundant-based structured codebooks(codewords have special statistics
to aid CSE and CSC)
Template-based structured codebooks(a specially designed template is used
to perform CSE and CSC)
Problem: How to combine these conflicting requirements?
Our objectives
capacity achieving data-hidinghost interference problem to be solved based on random binning
dependent on host data
robustness to geometrical attackscodewords with synchronization features to be generated according to statistics
that are independent from those of the host data
20-01-2005Security Analysis of Robust Data-Hiding with Geometrically Structured Codebooks 10
http://sip.unige.ch
IT framework for geometrically robust data-hiding
Encoder
),,( 111 KM XW
)|( vvp ′′′
Decoder
1M
X
1K V
2M
2K
2MEncoder
2K
),( 222 KMW
M
A
YCSC
2K
CSE
ADecoder
1M
MV ′
Practical implementation principles:
� CDMA/SDMA signalling
� Genie-aided decoding
(Multistage decoder)
1K
→1W
→2W
carries only information about .
has synchronization features using:
� redundant-based design,
� template-based design.
1M
( )⋅ATY V ′′
Equivalent Channel
Proposed set-up
Attacking Channel
+
20-01-2005Security Analysis of Robust Data-Hiding with Geometrically Structured Codebooks 11
http://sip.unige.ch
A code for MAC consists of:( )NNRNR ,2,2 21
{ } { };2,,2,1,2,,2,1 2121
NRNRLL == MM
Encoding functions: { } { }{ } { } ;,,2,12,,2,1:
;,,2,12,,2,1:
222
111
2
1
NNR
NNNR
f
f
WK
WXK
→×
→××
LL
LL
Decoding function: { } { } { } { }⋅×→×× 21 2,,2,12,,2,1,,2,1,,2,1: 21NRNRNg LLLL KKV
( ) ( ) ( ) ( )[ ]( )
⋅==≠= ∑×∈
+2121
21,
22112121)( ,|,,,Pr
2
1
MMmmRRN
Ne mMmMmmKKgP V
Average probability of error for code:( )NNRNR ,2,2 21
Index sets:
IT framework for geometrically robust data-hiding
20-01-2005Security Analysis of Robust Data-Hiding with Geometrically Structured Codebooks 12
http://sip.unige.ch
The achievable rates:
( ) ( )[ ]1121 |;,|;1
KIKIN
R XUWVU −≤
( )222 ,|;1
KIN
R UVW≤
( ) ( )[ ]121221 |;,|;,1
KIKKIN
RR XUVUW −≤+
1R
2R
( ) ( )[ ]11 |;|;1
KIKIN
XUVU −
( )22 ,|;1
KIN
UVW
( )22 |;1
KIN
VW
( ) ( )[ ]112 |;,|;1
KIKIN
XUWVU −
IT framework for geometrically robust data-hiding
The capacity region:
20-01-2005Security Analysis of Robust Data-Hiding with Geometrically Structured Codebooks 13
http://sip.unige.ch
Structured codebooks
Template-based structured codebooks
+2W 1 2 N
1 2 N1W
1 2 1N1W 2W1 2 2N
NNN =+ 21
CDMA signalling:
1m
12NR
1
1
1K 1KCodebook Codebook Codebook
1 2K 2KTemplate Template Template
SDMA signalling:
1m
112 RN
1
1 2K 2KTemplate Template Template
1 1K 1KCodebook Codebook Codebook
20-01-2005Security Analysis of Robust Data-Hiding with Geometrically Structured Codebooks 14
http://sip.unige.ch
Structured codebooks
Redundant-based structured codebooks
CDMA signalling:
1m
12NR
1
1
1K 1K
1 2 N+
1W
2W 1 2 N
Codebook Codebook Codebook
2m
22NR
1
1 2K 2KCodebook Codebook Codebook
SDMA signalling:
1m
112 RN
1
1
1K 1K
1 2 1N1W 2W1 2 2N
Codebook Codebook Codebook
2m
222 RN
1
1 2K 2KCodebook Codebook Codebook
NNN =+ 21
20-01-2005Security Analysis of Robust Data-Hiding with Geometrically Structured Codebooks 15
http://sip.unige.ch
Analysis of security leaks and attacking strategies
Attacker’s objective: To destroy reliable communications.
Assumptions based on Kerckhoff principle:
Attacker has access to:
� encoding and decoding algorithms,
� codebooks.
Attacker does not know:
� secret keys and ,
� indexes and ,
� the original host image .
1K 2K
1M 2M
X
Attacker’s approach: To exploit all available prior information and all security leakages.
20-01-2005Security Analysis of Robust Data-Hiding with Geometrically Structured Codebooks 16
http://sip.unige.ch
Analysis of security leaks and attacking strategies
Codebook
construction,
host and
watermark
statistics
Exhaustive search in
codebooks for the
communicated watermark
in order to subtract it from
the stego data
To destroy reliable
communications
completely
Key space
search attacks
-Signal desynchronization
To increase
the decoding
complexity on the
data-hider side
Geometrical
attacks
Host and
watermark
statistics
Subtracting an estimate of the
watermark sequence from the
stego data and adding noise
to avoid the attack inversion
To decrease the
rate of reliable
communications
Statistical signal
processing
attacks
Required PriorsAttacking StrategyGoalAttack Type
20-01-2005Security Analysis of Robust Data-Hiding with Geometrically Structured Codebooks 17
http://sip.unige.ch
Analysis of security leaks and attacking strategies
Key space search attacks
Attacks against
template-based
structured codebooks
Attacks against
redundant-based
structured codebooks
Security consideration:
Template is only key-dependent
and unique for a particular key
.
2W
kK =2
Security consideration:
By observing stego data, the attacker could estimate
the statistics of even when is not available.
2W
2K
20-01-2005Security Analysis of Robust Data-Hiding with Geometrically Structured Codebooks 18
http://sip.unige.ch
Analysis of security leaks and attacking strategies
, but is fixed and is the
same for all users
, and there is no relationship between the
codebooks of and
, and there is a one-to-one correspondence between
the codebooks of and for a given
Attack complexityParticular scenario
KKK == 21
2W1WK
[ ]RRN ′++ 122K
2W1W
21 KK ≠[ ]RRN ′++ 1212 KK
21 KK ≠ 2K [ ]RRN ′++ 121 1K
Attacks against template-based structured codebooks
20-01-2005Security Analysis of Robust Data-Hiding with Geometrically Structured Codebooks 19
http://sip.unige.ch
Analysis of security leaks and attacking strategies
Attacks against redundant-based structured codebooks
The statistics of are different for all user codebooks and there is a one-to-one relationship between
the codebooks of and
The statistics of are the same
for all codebooks
Attack complexityParticular scenario
2W
2W1W
2W [ ]RRNNR ′++ 12 22 12 KK
[ ]RRNNR ′++ 12 222K
20-01-2005Security Analysis of Robust Data-Hiding with Geometrically Structured Codebooks 20
http://sip.unige.ch
Analysis of security leaks and attacking strategies
Random binning
Random coding ( ) ( ) ( )YWWYW ;| 22 IHH −=
( ) ( ) ( ) ( )[ ]XUYUUYU ;;| 22 IIHH −−≤
Assumption: Generate codebooks in the way that each one contains unique codewords and every possible codeword is included in a unique codebook.
Random binning
Random coding( ) NRH 22 K=W
( ) [ ]RRNH ′+= 22 KU
Trial efforts without security leakage analysis:
Trial efforts with security leakage analysis:
20-01-2005Security Analysis of Robust Data-Hiding with Geometrically Structured Codebooks 21
http://sip.unige.ch
Conclusions
� The conditions of reliable communications based on structured
codebooks in channels with geometrical transformations are analyzed
from an information-theoretic point of view;
� The MAC framework is developed to design capacity achieving
geometrically robust data-hiding;
� The analysis of security leakages for each codebook structure is
performed.
20-01-2005Security Analysis of Robust Data-Hiding with Geometrically Structured Codebooks 22
http://sip.unige.ch
Future directions
� Consideration of collusion attacks;
� Emphasizing the impact of host data statistics on the security;
� Extension of the proposed set-up to practical scenarios, with ;
� Particular low-complexity search algorithms reducing the complexity of
the attacker search based on the security leakages.
∞<N