DataHiding^TM for still image

In early 1996, IBM's Tokyo Research Laboratory (TRL) signed a contract with Japan's Ministry of International Trade and Industry (MITI) to develop an invisible watermarking application for still images as the core of rights management systems for digital content business on the Internet. The IBM DataHiding^TM team, which took part in the Advanced Software Enrichment Project, successfully completed the project in November 1997, delivering a number of documents and three applications to the Information-Technology Promotion Agency (IPA). The applications were

• Verification of ownership
• Embedding/detection of multiple-bit strings
• Embedding/detection of invisible logos

• Science and technology of DataHiding
• DataHiding application framework

Currently, IBM's Tokyo Research Laboratory offers three types of watermarking technologies for still images:

1. Tamper-resistant watermarking
2. Tamper-detection watermarking
3. Visible watermarking

We call highly robust and secure watermarking the tamper-resistant watermarking. Copy protection applications require tamper-resistant watermarking. Transparency (invisibility), data capacity (payload), detection reliability, robustness (survival ability), and security are the competing requirements in the trade-off. The tamper-resistant watermarking technology of IBM's Tokyo Research Laboratory (TRL) maximizes the robustness in maintaining the high transparency and required data capacity of watermarks. The robustness of TRL watermarking can be summarized as follows.

• Robustness to normal image processing
  • Filtering
  • Compression and decompression
  • Chopping and trimming
  • Geometrical transformation: any combination of rotation, zooming, and aspect-ratio change
  • Lettering
• Robustness to attack

In the embedding process, the message (multiple bits of information) is modulated with pseudo-random noise pattern and embedded in the target image. In the detection process, the input image is modulated with a pseudo-random noise mask and accumulated for statistical inference. High survival ability is achieved by this accumulation step. Any lossy compression algorithm includes a quantization step, and the resulting round-off errors can be treated as a kind of statistical phenomenon. This is why TRL's watermarking technology survives compression and decompression.

Tamper-detection watermarking was developed to check the authenticity of digital photographs. Watermarks of this type are sensitive to any change of the content data; thus, by checking the integrity of the watermark, the system can determine whether or not the content has ever been modified or replaced.

In the conventional approach, contents are authenticated by using the encrypted digest technology called "digital signature." The system can authenticate a digital photograph by calculating the encrypted digest from the current image data and comparing it with the original digest, previously encrypted and written in the header part of the image file.

Although this approach works well within a completely closed system, it cannot meet all the requirements of an open system. For example, a file format may be converted while the data is circulated in an open system, which makes any digital signature meaningless. In addition, a digital camera usually stores a captured photograph in a JPEG-compressed file format named "exif." The compressed file is convenient for storage and transmission, but it must be decompressed when it is used. Therefore, the digital signature of a compressed photograph must be able to survive compression and decompression.

To solve these problems, IBM's Tokyo Research Laboratory provides the Tamper-detection watermarking technology. It features embedding of picture identification and digital signature directly into a JPEG-compressed picture and verification of its integrity in both compressed and decompressed domains, and detection of altered locations in the image, as well as detection of the alterations themselves. See DataHiding for the insurance claim process, an application of the tamper-detection watermarking system.

Visible watermarking embeds the watermark to the original image visibly to human eyes. It can be used to insist that the image is a sample, or it has the effect of deterring from illegal copy or distribution by embedding logo mark or copyright mark to the images. Because the visible watermark cannot be removed without a secret removal key, it also prevents from illegal alteration of the images.

This watermark can be removed by using a secret removal key. One of the application by using this scheme is as follows: Mr. A, who may be a professional photographer or a cartoonist, posts sample images, which he may have taken or drawn, to a public domain, such as world wide web side, with visible watermark "SAMPLE". Those who want to purchase the "original" images purchase the toll removal key from him.

Following are sample pictures of an original image(left), an image to which "IBM" logo is embedded(right), and the image whose visible watermark is removed(left).