security analysis of robust data-hiding with geometrically...

20-01-2005University of Geneva & Microsoft Research 1

http://sip.unige.ch

Security Analysis of Robust Data-Hiding

with

Geometrically Structured Codebooks

E. Topak(a), S. Voloshynovskiy(a), O. Koval(a), M. K. Mihcak(b) and T. Pun(a)

(a)Stochastic Image Processing (SIP) Group,

University of Geneva, Switzerland

&

(b)Microsoft Research, Redmond, USA

20-01-2005Security Analysis of Robust Data-Hiding with Geometrically Structured Codebooks 2

http://sip.unige.ch

Agenda

� Problem formulation;

� Channels with geometrical attacks;

� Information theoretic (IT) framework for geometrically robust

data-hiding;

� Structured codebooks;

� Analysis of security leaks and attacking strategies;

� Conclusions;

� Future research directions.


http://sip.unige.ch

Problem formulation

Objectives:

� To analyze the conditions of reliable communications in channels with geometrical transformations;

� To study capacity achieving geometrically-robust data-hiding codes;

� To investigate security leakages of structured codebooks and corresponding attacking strategies.


http://sip.unige.ch

Problem formulation

Data-hiding problem: Given users each with its own key ,

communicate reliably message , , embedded in the

host image through the channel .N

X∈X

M∈m { }NR2,,2,1 L=M

{ }KL,2,1∈kK

)|( yvp

EncoderW

DecoderM

X

Y V M

K K

)|( yvp

→= ),,( KM XWW

→= ),( KMWW

If the host state is taken into account or not in watermark generation:

Random binning approach

Random coding approach

+


http://sip.unige.ch

Problem formulation

[ ]∑∈

=≠=M

Mm

Ne mMmMP |ˆPr

1)(Performance criterion:

Random coding

Random binning ( ) ( )[ ]KIKIN

R XUVU ;;1 −≤

( )KIN

R VW ;1≤

Practical set-up

( )∞<N

Theoretical set-up

( )∞→N

0)( ≠NeP

0)( =NeP

Conditions for reliable communications:


http://sip.unige.ch

Problem formulation

Encoder W DecoderM

X

Y V M

K KA

),|( ayvp

Problem: To analyze conditions of reliable communications in the case ofgeometrical attacks avoiding security leakages

+

Data-hiding in channels with geometrical attacks

Trade-offs:

Geometrical channels →→→→ Synchronization framework

Syncronization framework →→→→ Security leakages


http://sip.unige.ch

( )J∈A

aA =

Channels with geometrical attacks

Average probability of error:

( ) ( )( )

∑∈∈

=J

Ne

NGe PpP

Aa

A aa )()(

( ),,,1 Jaa K=a ( )apa Ai ~

Assumption: Applied transformation belongs to the set of typical geometrical transformations:

Theoretical set-up

( )∞→N( ) 0)( =aN

eP

( ) 0)( ≠aNeP

Practical set-up

( )∞<N

0)( →NGeP

1)( →NGeP

Geometrical attacks completely destroy

reliable communications

No impact on communications performance in price of increase

in decoding complexity

A decoder without a synchronization framework has to perform an exhaustive decoding through all possible geometrical transformations!


http://sip.unige.ch


Data-hider strategy: add synchronization part into the codebook.

( )J∈≤ AA '

( ) ( )∑′∈

=Aa

A aa )()( ~ Ne

NGe PpPAverage probability of error:

Constrained search space:

rate loss due to synchronization

( )J∈A

aA =A ′

R~

Geometrical synchronization based on structured codebooks:

Compensation of the estimate:channel state compensation

(CSC)

Estimation of the applied geometrical transformation from the attacked data:channel state estimation

(CSE)


http://sip.unige.ch


Structured codebooks

Redundant-based structured codebooks(codewords have special statistics

to aid CSE and CSC)

Template-based structured codebooks(a specially designed template is used

to perform CSE and CSC)

Problem: How to combine these conflicting requirements?

Our objectives

capacity achieving data-hidinghost interference problem to be solved based on random binning

dependent on host data

robustness to geometrical attackscodewords with synchronization features to be generated according to statistics

that are independent from those of the host data


http://sip.unige.ch

IT framework for geometrically robust data-hiding

Encoder

),,( 111 KM XW

)|( vvp ′′′

Decoder

1M

X

1K V

2M

2K

2MEncoder

2K

),( 222 KMW

M

A

YCSC

2K

CSE

ADecoder

1M

MV ′

Practical implementation principles:

� CDMA/SDMA signalling

� Genie-aided decoding

(Multistage decoder)

1K

→1W

→2W

carries only information about .

has synchronization features using:

� redundant-based design,

� template-based design.

1M

( )⋅ATY V ′′

Equivalent Channel

Proposed set-up

Attacking Channel

+


http://sip.unige.ch

A code for MAC consists of:( )NNRNR ,2,2 21

{ } { };2,,2,1,2,,2,1 2121

NRNRLL == MM

Encoding functions: { } { }{ } { } ;,,2,12,,2,1:

;,,2,12,,2,1:

222

111

2

1

NNR

NNNR

f

f

WK

WXK

→×

→××

LL

LL

Decoding function: { } { } { } { }⋅×→×× 21 2,,2,12,,2,1,,2,1,,2,1: 21NRNRNg LLLL KKV

( ) ( ) ( ) ( )[ ]( )

⋅==≠= ∑×∈

+2121

21,

22112121)( ,|,,,Pr

2

1

MMmmRRN

Ne mMmMmmKKgP V

Average probability of error for code:( )NNRNR ,2,2 21

Index sets:



http://sip.unige.ch


Template-based structured codebooks

+2W 1 2 N

1 2 N1W

1 2 1N1W 2W1 2 2N

NNN =+ 21

CDMA signalling:

1m

12NR

1

1

1K 1KCodebook Codebook Codebook

1 2K 2KTemplate Template Template

SDMA signalling:

1m

112 RN

1

1 2K 2KTemplate Template Template

1 1K 1KCodebook Codebook Codebook


http://sip.unige.ch


Redundant-based structured codebooks

CDMA signalling:

1m

12NR

1

1

1K 1K

1 2 N+

1W

2W 1 2 N

Codebook Codebook Codebook

2m

22NR

1


SDMA signalling:

1m

112 RN

1

1

1K 1K

1 2 1N1W 2W1 2 2N

Codebook Codebook Codebook

2m

222 RN

1


NNN =+ 21


http://sip.unige.ch

Analysis of security leaks and attacking strategies

Attacker’s objective: To destroy reliable communications.

Assumptions based on Kerckhoff principle:

Attacker has access to:

� encoding and decoding algorithms,

� codebooks.

Attacker does not know:

� secret keys and ,

� indexes and ,

� the original host image .

1K 2K

1M 2M

X

Attacker’s approach: To exploit all available prior information and all security leakages.


http://sip.unige.ch


Codebook

construction,

host and

watermark

statistics

Exhaustive search in

codebooks for the

communicated watermark

in order to subtract it from

the stego data

To destroy reliable

communications

completely

Key space

search attacks

-Signal desynchronization

To increase

the decoding

complexity on the

data-hider side

Geometrical

attacks

Host and

watermark

statistics

Subtracting an estimate of the

watermark sequence from the

stego data and adding noise

to avoid the attack inversion

To decrease the

rate of reliable

communications

Statistical signal

processing

attacks

Required PriorsAttacking StrategyGoalAttack Type


http://sip.unige.ch


Key space search attacks

Attacks against

template-based

structured codebooks

Attacks against

redundant-based

structured codebooks

Security consideration:

Template is only key-dependent

and unique for a particular key

.

2W

kK =2

Security consideration:

By observing stego data, the attacker could estimate

the statistics of even when is not available.

2W

2K


http://sip.unige.ch


, but is fixed and is the

same for all users

, and there is no relationship between the

codebooks of and

, and there is a one-to-one correspondence between

the codebooks of and for a given

Attack complexityParticular scenario

KKK == 21

2W1WK

[ ]RRN ′++ 122K

2W1W

21 KK ≠[ ]RRN ′++ 1212 KK

21 KK ≠ 2K [ ]RRN ′++ 121 1K

Attacks against template-based structured codebooks


http://sip.unige.ch


Attacks against redundant-based structured codebooks

The statistics of are different for all user codebooks and there is a one-to-one relationship between

the codebooks of and

The statistics of are the same

for all codebooks

Attack complexityParticular scenario

2W

2W1W

2W [ ]RRNNR ′++ 12 22 12 KK

[ ]RRNNR ′++ 12 222K


http://sip.unige.ch


Random binning

Random coding ( ) ( ) ( )YWWYW ;| 22 IHH −=

( ) ( ) ( ) ( )[ ]XUYUUYU ;;| 22 IIHH −−≤

Assumption: Generate codebooks in the way that each one contains unique codewords and every possible codeword is included in a unique codebook.

Random binning

Random coding( ) NRH 22 K=W

( ) [ ]RRNH ′+= 22 KU

Trial efforts without security leakage analysis:

Trial efforts with security leakage analysis:


http://sip.unige.ch

Conclusions

� The conditions of reliable communications based on structured

codebooks in channels with geometrical transformations are analyzed

from an information-theoretic point of view;

� The MAC framework is developed to design capacity achieving

geometrically robust data-hiding;

� The analysis of security leakages for each codebook structure is

performed.


http://sip.unige.ch

Future directions

� Consideration of collusion attacks;

� Emphasizing the impact of host data statistics on the security;

� Extension of the proposed set-up to practical scenarios, with ;

� Particular low-complexity search algorithms reducing the complexity of

the attacker search based on the security leakages.

∞<N

security analysis of robust data-hiding with geometrically...

Documents