|
The IBM DataHidingTM technology allows the user to optimize the
overall trade-off among the competing requirements
of data capacity (payload), transparency,
reliability, survivability, and security.
DataHidingTM base algorithm
The pseudo-random noise pattern and the pseudo-random
noise mask do not need to be identical.
Return to top of page
High Transparency
High transparency is achieved by the elaborated
perceptual model which IBM Research Tokyo
Research Laboratory has developed for each
media type of image, video and audio. Embedding
process is essentially to change slightly
value of each digital sampling point of target
content. The perceptual model computes threshold
of changes for transparency. It should be
noted that the threshold cannot be expressed
in point-wise way . This is clear when we
consider the perceptual model of audio, psycho-acoustic
model. IBM also found that this is true for
image and video.
Return to top of page
High reliability
In detecting a watermark, three types of error may occur,
since the embedded message is extracted from the distributed content
without any reference to the original content.
The second and third types of errors depend on
what kind of signal processing is applied to the embedded content.
Therefore, the ratio for which the right embedded message is retrieved
after signal processing is called the survivability ratio, and
is discussed in the section on Survivability.
False positive errors are contrary to the interests of consumers
when the detectors are located inside consumers devices
for controlling record and playback.
Therefore, consumer electronic manufacturers require
that the false positive error ratio should be extremely low.
In the case of DVD-video, the required ratio is less than one error
in 1013 seconds = about three hundred thousands years.
In case of DVD-audio, requested is less than one error
in 1.5*1013 seconds = about five hundred thousands years.
The problem is how to confirm this kind of extremely low false
positive error ratio.
IBM Research Tokyo Research Laboratory (TRL)
developed a probability theory for computing the false positive error ratio.
In this theory, the false positive error ratio is computed by the ratio
of the number of failed detection procedures
to the total number of possible detection procedures
for a given content.
The theory was successfully tested by applying it with a real-time detector
to video signals of NHK satellite broadcast during two weeks.
Return to top of page
High survivability
Digital content undergoes many processing steps such as noise reduction
and compression before its physical and electronic distribution.
After distribution, it may undergo various editing processes
within or outside the contract on its usage.
A popular existing way of illegally copying copy-protected content is
to use analog output from speakers and monitors.
Therefore, the embedded watermark is required to survive
various types of signal processing and analog transmission.
The IBM watermark remains after signal processing unless the later heavily
damages the visual or audio quality,
since the algorithm accumulates the stream of content modulated
with a pseudo-random noise mask and extracts the embedded message
by statistical inference from the accumulated values.
Therefore, the IBM effort is mostly concerned with how to accelerate
the detection process without decreasing reliability.
Further, for video DataHiding, the IBM technology uses an
adaptive frame accumulation method
for reliable extraction from weakly embedded data
The robustness of each media type is described in the following pages:
Return to top of page
High security
Security is necessary to protect a watermarking application
from various types of threats.
IBM has outstanding experience and discipline in security matters.
The main potential risks are as follows.
- R1. External attacks on watermarks
An external attacker tries to remove or modify an embedded watermark
with or without knowledge of the watermarking method.
He may use a commercially available editing and signal-processing
tool or develop his own tool on the basis of his analysis of the embedded
digital content.
- R2. External attacks on watermarking tool
An external attacker may apply reverse engineering or modify
the watermark detector or embedder
if application frameworks require them to be distributed.
In the control/audit framework, he may circumvent the watermark
detector if it is not tightly coupled with the digital content
application system (see DataHiding Application Framework).
- R3. Internal attacks by an employee of the content owner or distributor
An employee of the content owner or distributor may modify
an embedded watermark by making unauthorized use of a company-owned embedding
system.
He may access an original content and its embedded content to
compute their difference and use it to remove watermarks from
of other contents.
- R4. Internal attacks by employee of watermarking system provider
An employee of a watermarking system provider may use secret information
to which he had accesse during the development of the system.
IBM DataHidingTM has defensive measures against
possible risks.
- D1. Tamper-resistance of watermark
The IBM watermark survives various signal processing,
including random attacking such as addition of noise
(See Survivability and
Tamper-Resistant Watermarking.)
- D2. Separation of key from algorithm
Pseudo-random noise masks and patterns function as keys.
(See DataHiding Base Algorithm.)
The IBM technology supports a huge number of pseudo-random noise masks
and patterns, which make dictionary attack impossible.
The different masks and patterns do not interfere with each other.
- D3. Resistance to software tampering and reverse engineering
Technology developed by IBM's Almaden Research Center is used for this purpose.
- D4. Secure embedding system
The IBM professional embedding system requires authentication
for its use. The system does not allow updating of watermarks
since we can assume that the real content owner has the original content.
Operators are only allowed to add watermarks.
- D5. Control of implementation information
through fragmentation
Separation of the key from the algorithm is the simplest example of this control.
The exposure by a malicious employee of a watermarking system provider
can be prevented by limiting individuals' knowledge through
fragmentation.
- D6. Other Traps
For example, the IBM system makes it ineffective
to apply the difference between the original and embedded
content in order to remove watermarks from other contents.
Return to top of page
DataHiding Home Page
| 
