Anti-Collusion Fingerprinting for Multimedia Content Protection · 2014-09-12 · This thesis targets to realize a secure internet-based distributing system, in which a single content

Anti-Collusion Fingerprinting for Multimedia ContentProtection

Shuhui Hou

ABSTRACT

The Internet provides us a means to exchange or share multimedia contents (such as image,video and 3D model). Such multimedia contents are easily manipulated by copy and distributionwithout any quality degradation. Techniques are needed to ensure that multimedia content is usedfor its intended purpose by legitimate users. To protect the digital right of the multimedia contentshared among a group of users, digital fingerprinting is developed for tracking and identifyingillegal users involved in unauthorized redistribution.

Digital fingerprinting is a technology to embed unique user information (e.g., ID or finger-prints) into each user’s copy as a watermark and if an illegal copy appears, user information canbe extracted to help trace or identify illegal users. It consists of fingerprint encoding and fin-gerprint embedding/detection. In detail, fingerprint encoding means to design a fingerprint code,which uniquely represents each user and provides an efficient algorithm to trace illegal users (col-luders) based on their colluded code. Fingerprint embedding means to insert fingerprints into anobject in a way tailoring to the object characteristics for robustness and imperceptibility, which isalso called fingerprinting an object. Fingerprint detection means to extract the embedded finger-prints from the object. Whether a fingerprint code can identify each individual user and survivecollusion attacks (colluders compare and combine their different copies of the same content, thentry to remove the embedded fingerprints or frame an innocent user through generating the user’sfingerprints) is closely dependent on the process of fingerprint embedding/detection.

Assume that people exchange and share multimedia content via the Internet. This thesistargets to realize a secure internet-based distributing system, in which a single content providertransmits multimedia content to a large number of users via IP network and users who illegallyredistribute their contents or colluded contents can be traced and identified. When the multimediacontent is image/video, the target system is expected to support104 ∼ 105 users and trace10 ∼102 illegal users based on their colluded copy. When the multimedia content is 3D model, thesystem is expected to support hundreds of users and trace a few illegal users based on theircolluded copy. To realize such a target system, we are in an attempt to propose anti-collusionfingerprinting for protecting multimedia contents (restricted to image, video and 3D model) fromunauthorized distribution, so that they can be safely used as a means to exchange information.

i

Unlike fingerprinting generic data where long fingerprints can be attached to them as exter-nal markers, it is desirable and feasible to embed fingerprints within multimedia content itselfsince the multimedia content is insensitive to minor disturbances in the data values. Regardingmultimedia content characteristics and large number of users (104 ∼ 105) need to be managed,a fingerprint code which is short enough to be embeddable in multimedia content is suitableto our system. Due to the global nature of the Internet as well as multimedia processing tech-niques, users easily work together to pirate multimedia content. High collusion resistance is alsorequired. Some existing fingerprint codes are too long to be embeddable in the multimedia con-tent. Others have low collusion resistance. For example, a(243, 6561, 3)-code derived from theGD-PBIBD can support6561 users but only resist against2 colluders, which is not practical. Inaddition, there exists very limited research on how to embed the fingerprint code into multime-dia content so as to put it into effect. To solve these problems, with respect to the characteristicof multimedia content, we first examine how to generate and construct a fingerprint code whichsupports large number of users with short code length and has high collusion resistance. Then,explore robust embedding approach to give full play to the speciality of fingerprint code.

With the rapid growth of the Internet as well as multimedia processing technology, image,video and 3D model have been widely used in entertainment industry and technical or scien-tific world. To protect these multimedia contents from unauthorized redistribution, this thesis isfocused on the following research.

Designing Desirable Fingerprint Code for Multimedia Contents. To evaluate what finger-print code is suitable to our target system, we introduce two metrics:efficiencyandef-fectivity. The efficiencyis defined as a ratio between the number of users and the codelength. Theeffectivityis referred to as a ratio between the maximum tolerated collusionsize and the number of users. Given the same number of users, a fingerprint code withhigherefficiencyhas shorter code length than one with lowerefficiencyand a fingerprintcode with highereffectivityhas higher collusion resistance than one with lowereffectivity.Thus, a fingerprint code which supports large number of users with short code length andhigh collusion resistance can be described as an efficient and effective fingerprint code. Interms ofefficiencyandeffectivity, we have shown that the anti-collusion code has advan-tages over other existing fingerprint codes. The anti-collusion code is constructed basedon balanced incomplete block designs,(v, k, λ)-BIBDs. However, most conditions on pa-rametersv, k andλ are necessary condition but not sufficient condition for the existenceof a BIBD. That is, how to generate and how to construct anti-collusion code still remainproblems. The existing anti-collusion code cannot reach such large user size (104 ∼ 105)and high collusion resistance (10 ∼ 102) requirements simultaneously. We present how toachieve efficient and effective anti-collusion codes based on unital and affine plane, whichare two known examples of BIBD. We conduct performance evaluations of anti-collusion

ii

codes generated from unital and affine plane, and give out their practical explicit construc-tions based on finite geometry. The achieved fingerprint codes meet the requirements of ourtarget system. With our generation/construction methods, we can achieve more than ourtarget. For example, we can obtain fingerprint codes which are able to support more thantens of thousands of users and resist against collusion attacks from more than hundreds ofillegal users.

Fingerprinting Image/Video through Integrating Fingerprint with Cryptosystem. To test thevalidity of the above-proposed anti-collusion codes, we apply them to image/video. Wepresent an embedding approach based on public-key based joint fingerprinting and decryp-tion, which is able to protect image/video not only from unauthorized viewing but alsofrom illegal redistributions. In detail, the image or I-frame of video is divided into blocks(sources) and each block is encrypted separately with different public keys. Through theencryption procedure, unauthorized users are prevented from viewing the image/video dis-tributed via the Internet due to its encrypted form. Each authorized user partially decryptsthe ciphertext with prearranged decryption keys and the un-decrypted parts are taken astheir fingerprints. Through integrating the decryption procedure and the embedding of fin-gerprint code, the raw image/video without fingerprints cannot be achieved by authorizedusers and the illegal redistribution will be discouraged. Moreover, we present a concretescheme: integrating anti-collusion code and Home Page cryptosystem. Experimental re-sults show the embedded anti-collusion code can fulfill its function of tracing illegal users.We have shown the concrete scheme is feasible for implementing with respect to compu-tation/transmission cost, which implies that our target system can be realized based on theconcrete scheme. It should be point out the embedding approach is based on public-keycryptosystem and able to serve for content providers who are non-specialists since keymanagement and content distribution can be operated separately.

Fingerprinting 3D Model Based on Mesh Complexity. We employ the above-proposed anti-collusion codes to 3D model to examine their validity. The fingerprint codes are usuallyembedded into media through robust watermarking. Unlike images/videos, watermarkingof 3D models has received less attention from researchers and the watermarking scheme forimage/video cannot be directly applied to 3D model due to non-regular structure of vertexpositions in the space. We provide a robust fingerprinting approach for difficult removalof the embedded fingerprint code, so as to ensure it can play a full role in tracing illegalusers. The 3D shape with specific feature is worthy of being protected. To characterize thespecific feature, it is inevitable to adopt elaborate representation of 3D shape, which oftenleads to complexity on mesh structure. Using affine invariant based on local shape featurecharacterized by the mesh complexity, the provided fingerprinting approach automatically

iii

embeds the fingerprints into the complex shape as redundantly as possible. Experimentalresults show the embedded anti-collusion code can fulfill its function of tracing illegal usersand the fingerprinting approach is robust against a wider range of common attacks mountedby a single attacker in comparison with the related work. Accordingly, it is implied thatour target system can be realized based on these work.

Briefly, for the purpose of protecting multimedia contents (such as image/video and 3Dmodel) from unauthorized distribution, we examine how to design desirable fingerprint codesand how to embed/detect them. Whether the desirable fingerprint codes can fulfill their functionof tracing illegal users tightly depends on the process of embedding/detection.

iv

ACKNOWLEDGEMENT

I would like to express my sincere appreciation to Professor Michihiko Minoh for supervisingthis dissertation. He showed me an exciting world of information and multimedia technology soI began with the new research direction that is interesting and promising. With his research visionand concern for research validity, he gives me the continuous support and timely advice. I greatlyappreciate his instructions about how to write a good scientific paper and his encouragementhelped explore and develop my current work.

I wish to thank my thesis committee, Professor Yasuo Okabe and Professor Yuichi Nakamurafor thesis reviewing as well as fruitful discussion. Their invaluable advices, such as how to extendmy work, contributed to improve the quality of this thesis.

I would like to thank Associate Professor Tetsutaro Uehara, who has been patient to listento some of my strange ideas, weak research motivation and even bad representation. His knowl-edgeable remarks and incisive comments at the meeting helped improve my work. I am alsoindebted to Associate Professor Takashi Satoh for his valuable advices and informative opinion.Thanks both of them for their support and involvement in Chapter 2-3.

I am indebted to Associate Professor Koh Kakusho, Dr. Masaaki Iiyama, Dr. Takuya Fu-natomi, Dr. Masahiro Toyoura and other members of the model group for their discussions andcomments about the research in Chapter 4.

I want to thank Morimura-san for helpful discussions and suggestions and other members ofMinoh Laboratory, who helped me to lead a colorful and instructive research life. Although Icannot list all of their names, I would like to express my thanks to all of them.

Last but not least, I would like to express my deepest gratitude to my family: my husbandand my favorite daughter. I thank my husband, Jianfeng, for giving me generous support andunderstanding in every part of my life, which always encourages me to pass all difficulties anddo everything successfully.

v

To my family

vi

CONTENTS

1 Introduction 11.1 Multimedia Content . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11.2 Digital Fingerprinting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3

1.2.1 Fingerprint Encoding (or fingerprint code designing) . . . . . . . . . . . 31.2.2 Fingerprint Embedding/Detection . . . . . . . . . . . . . . . . . . . . . 5

1.3 Overview of Thesis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7

2 Designing Desirable Fingerprint Codes for Multimedia Contents 132.1 What Fingerprint Code is Desirable for Multimedia Content . . . . . . . . . . . 132.2 Evaluation metrics:EfficiencyandEffectivity . . . . . . . . . . . . . . . . . . . 152.3 Anti-collusion Code Superior to Other Fingerprint Codes . . . . . . . . . . . . . 16

2.3.1 Attacking Assumptions: Marking Assuption andEnvelope . . . . . . . 162.3.2 Major Existing Fingerprint Codes . . . . . . . . . . . . . . . . . . . . . 182.3.3 Analyses of Fingerprint Codes . . . . . . . . . . . . . . . . . . . . . . . 19

2.4 How to Generate Efficient and Effective Anti-Collusion Code . . . . . . . . . . . 212.4.1 Status quo of ACC . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 212.4.2 Existing BIBD Examples . . . . . . . . . . . . . . . . . . . . . . . . . . 222.4.3 Unital and Affine Plane . . . . . . . . . . . . . . . . . . . . . . . . . . . 22

2.5 Constructions of Unital Code and Affine Plane Code . . . . . . . . . . . . . . . 232.5.1 Constructing Unital Code . . . . . . . . . . . . . . . . . . . . . . . . . 232.5.2 Constructing Affine Plane Code . . . . . . . . . . . . . . . . . . . . . . 25

2.6 Comparison between Our Proposed Anti-Collusion Codes and Recent RelatedWork . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 272.6.1 Comparing unital and affine plane codes with GD-PBIBD codes . . . . . 272.6.2 Comparing unital and affine plane codes with Tardos codes . . . . . . . . 272.6.3 Comparing Unital and Affine Plane Codes with Enhanced ACCs . . . . . 28

2.7 Chapter Summary and Future work . . . . . . . . . . . . . . . . . . . . . . . . . 30

vii

3 Fingerprinting Image/Video through Integrating Fingerprint with Cryptosystem 333.1 Related Research on Fingerprinting Image/Video . . . . . . . . . . . . . . . . . 33

3.1.1 Spread-Spectrum Fingerprinting . . . . . . . . . . . . . . . . . . . . . . 333.1.2 Security Architectures Relevant to Fingerprinting . . . . . . . . . . . . . 34

3.2 How to Integrate Fingerprint with Cryptosystem . . . . . . . . . . . . . . . . . . 373.3 Required Cryptosystem . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 393.4 How to Integrate Anti-Collusion Code with Home Page cryptosystem . . . . . . 42

3.4.1 Key Generation and Transmission Phase . . . . . . . . . . . . . . . . . . 423.4.2 Content Encryption and Distribution Phase . . . . . . . . . . . . . . . . 443.4.3 Content Decryption and Fingerprinting Phase . . . . . . . . . . . . . . . 453.4.4 Fingerprint Detection . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45

3.5 Mechanism Evaluation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 463.5.1 Simulation Results . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 473.5.2 Computation Cost . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 503.5.3 Transmission Cost . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 503.5.4 Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51

3.6 Chapter Summary and Future work . . . . . . . . . . . . . . . . . . . . . . . . . 52

4 Fingerprinting 3D Model Based on Mesh Complexity 554.1 Introduction of Fingerprinting 3D model . . . . . . . . . . . . . . . . . . . . . . 55

4.1.1 Challenge to Fingerprinting 3D Model . . . . . . . . . . . . . . . . . . . 574.1.2 Related Work on Watermarking 3D Model . . . . . . . . . . . . . . . . 58

4.2 Mesh Complexity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 604.3 Fingerprint Embedding . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61

4.3.1 Constructing Embedding Primitive . . . . . . . . . . . . . . . . . . . . . 614.3.2 Constructing Embedding Field . . . . . . . . . . . . . . . . . . . . . . . 644.3.3 Employing Affine Invariant to Embed . . . . . . . . . . . . . . . . . . . 644.3.4 Embedding Fingerprint Bit “0” or “1” . . . . . . . . . . . . . . . . . . . 65

4.4 Fingerprint Detection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 664.5 Experiments and Results . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 68

4.5.1 Overall Performance . . . . . . . . . . . . . . . . . . . . . . . . . . . . 684.5.2 Capacity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 694.5.3 Imperceptiblity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 694.5.4 Robustness Against Attacks . . . . . . . . . . . . . . . . . . . . . . . . 70

4.6 Chapter Summary and Future Work . . . . . . . . . . . . . . . . . . . . . . . . 75

5 Conclusions and Future Work 775.1 Conclusions and Contributions . . . . . . . . . . . . . . . . . . . . . . . . . . . 77

viii

5.2 Future Work . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 79

Bibliography 81

Publications 87

ix

L IST OF FIGURES

1.1 Protecting multimedia content distributed over network . . . . . . . . . . . . . . 91.2 Using embedded fingerprinting for tracing users [34] . . . . . . . . . . . . . . . 101.3 Watermarking vs. Fingerprinting . . . . . . . . . . . . . . . . . . . . . . . . . . 101.4 Framework of this thesis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11

2.1 Performance comparisons of unital and affine plane under the same number ofusers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23

2.2 Performance comparisons of unital and affine plane under the same maximumtolerated collusion size . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24

2.3 Performance comparisons of unital and affine plane under the same code length . 252.4 Performance comparisons of unital, affine plane and GD-PBIBD under the same

maximum tolerated collusion size . . . . . . . . . . . . . . . . . . . . . . . . . 282.5 Comparison of code length between our proposed codes and Tardos codes . . . . 29

3.1 Transmitter-side fingerprint embedding [30] . . . . . . . . . . . . . . . . . . . . 353.2 Decryption and fingerprinting sealed in set-top box[30] . . . . . . . . . . . . . . 363.3 JFD without specialized hardware[30],Kg: secret group key . . . . . . . . . . . 363.4 Our mechanism without specialized hardware,Kg: public group key . . . . . . . 373.5 Our Proposed Architecture of Integrating Fingerprint and Cryptosystem . . . . . 383.6 Home Page Cryptosystem . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 393.7 One Group of Public Keys . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 413.8 Encryption and Decryption Procedures . . . . . . . . . . . . . . . . . . . . . . . 423.9 Modified Framework of the Internet-Based Distributing System . . . . . . . . . . 433.10 Key Structure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 443.11 Fingerprint Detection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 453.12 Original, Encrypted and Fingerprinted Images (the code(0 0 0 0 1 1 1 1 1 1

1 1 1 1 1 1 ) is embedded) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 483.13 Colluded Images of Users 1 and 2, Users 1-3 and Users 4-6 . . . . . . . . . . . . 49

xi

4.1 An Example forRk, k = 1, 2. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 624.2 Fingerprint Embedding . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 634.3 (a) Original Model, (b) Embedding Primitive and (c) Fingerprinted model . . . . 694.4 Capacity with Parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 704.5 Experimental Results under Affine Transformation Attacks . . . . . . . . . . . . 714.6 Experimental Results under Noise Attack . . . . . . . . . . . . . . . . . . . . . 714.7 Experimental Results under Cropping Attacks . . . . . . . . . . . . . . . . . . . 724.8 Colluded Models of Users 1 and 2, Users 5 and 6 and Users 1-3 . . . . . . . . . 74

xii

L IST OF TABLES

2.1 Taxonomy-1: Research on designing fingerprint codes . . . . . . . . . . . . . . 312.2 Taxonomy-2: Research on joint coding-embedding fingerprinting . . . . . . . . . 312.3 Existing examples of BIBD . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 322.4 Evaluations of unital and affine plane . . . . . . . . . . . . . . . . . . . . . . . . 322.5 Performance evaluations of unital code and affine plane code . . . . . . . . . . . 32

4.1 Results of Noise Attacks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 724.2 Results of Cropping Attacks . . . . . . . . . . . . . . . . . . . . . . . . . . . . 724.3 Results of Mesh Simplification Attacks . . . . . . . . . . . . . . . . . . . . . . 734.4 Results of Cropping Attacks and Noise Attacks . . . . . . . . . . . . . . . . . . 734.5 Results of Mesh Simplification Attacks and Noise Attacks . . . . . . . . . . . . 73

xiii

CHAPTER 1

INTRODUCTION

This thesis studies digital fingerprinting techniques for digital right protection of multimedia con-tents, which are confined to image/video and 3D model. Since the Internet has become the majormeans for distributing multimedia contents, these contents are easily accessed and pirated (unau-thorized copy or distribution) without quality degradation. How to protect their digital rightsbecomes a very important issue. This thesis focuses specifically on how multimedia content,unlike generic data such as text over natural languages or program languages, can be protectedfrom unauthorized redistribution with an emerging technology-digital fingerprinting.

1.1 Multimedia ContentMultimedia contents are overtaking the traditional media in our daily life ranging from com-merce, security, education and leisure. The decreasing cost of storage devices, improved com-pression techniques and growing bandwidth communication technologies have encouraged peo-ple to create, manipulate and combine multimedia contents.

With the development of broadband networks as well as high performance of PCs, it is conve-nient for people to exchange or share valuable information (one digital form is multimedia con-tent) over networks. For instance, the advent of media-sharing sites such as Flickr and YouTubehas brought huge amounts of multimedia resources to the web that can be accessed by anyone.Thanks to them, we can share digital photos with childhood friends whom we have not seenin years and can share home videos of children with our family. Similarly, corporate and gov-ernmental sectors can also improve their productivity by sharing recorded presentations throughvideo conferences. The information and art contained inside multimedia content have economicvalue, personal value and often broader impacts on the general welfare of our society. Conse-quently, multimedia content is a form of digital information that should be protected.

1

1. Introduction

Exchanging or sharing multimedia content over networks brings many benefits but alsothreats. Let us examine an internet-based distributing system as an example, where the multi-media content is transmitted from a single content provider to a group of users. As shown inFigure1.1, before a multimedia content has been received and made available to users, it is indanger of being eavesdropped (unauthorized viewing) since transmitting on open networks is in-secure. In addition, not all the users are trustful. After the multimedia content has been receivedand made available to them, it is easy for an illegal user to copy or redistribute it without anyvisual degradation. Briefly, the copyright violation would occur when users use content with-out permission of the content owner or provider. The technologies that allow people to createcontents also allow people to duplicate or forge contents. The media that allow people to sharetheir created contents also facilitates the sharing of illicit or fraudulent contents. In other words,piracies of multimedia contents like unauthorized reproduction and distribution over networksare increasing with the pervasive usage of networks.

Piracy crimes (unauthorized reproduction and distribution of multimedia content) posed aserious threat to commerce, economy and so on. For example, US music sales by unit werereported to have dropped31% from mid 2000 to 2003. The affected sectors include not only theretail stores, but also CD/DVD plant employees and workers from every aspect of the complexbusiness of making and distributing multimedia content. The negative impact on the economy isreflected by the significant reduction in the tax base of local and federal governments. All theseare largely attributed to piracy.

For the purpose that multimedia content can safely be used as a means to exchange infor-mation, mechanisms must be in place to ensure that the content is used for its intended purposeby legitimate users who have appropriate usage rights. The need for techniques that protect thedigital rights of multimedia content has become a critical issue.

To address the problem of piracy, one fundamental protection technology is cryptographictechnique (see Figure1.1). The cryptographic technique encrypts or scrambles multimedia con-tent into an enciphered, unintelligible form for secure transmission to users. Its primary goal isconfidentiality, that is, to provide access control so that only authorized users with the correctdecryption keys can decrypt the content. Cryptography is an active way to protect content fromunauthorized viewing, but it is not enough since the content provider will lose control over thetransmitted content once it is decrypted. The content provider would like to enforce stringentusage rules that are generally considered as unacceptable by the end-user.

As the second line of defense against piracy, digital fingerprinting provides a compromisebetween the interests of provider and users. Different from cryptographic technique, the goal ofdigital fingerprinting is to deter or discourage people from illegally redistributing the digital datathat they have legally purchased.

Cryptographic technique and digital fingerprinting complement each other and have been re-

2

1. Introduction

searched independently since they have different goals and distinct fundamental roles. The focusof this thesis is digital fingerprinting, where the cryptographic technique serves to embed finger-prints into image or video. With the help of cryptographic technique, the proposed fingerprintingapproach would be able to protect image or video not only from unauthorized redistribution butalso unauthorized viewing.

1.2 Digital FingerprintingDigital fingerprinting is a passive way to protect multimedia content from unauthorized redis-tribution. It embeds unique user information, known as fingerprints, into different copies of thesame content. The resulting copies (or content) are referred to as fingerprinted copies (or content)and each fingerprinted copy is assigned to a user. The collusion attack from a group of illegalusers (colluders), combining several copies with the same content but different fingerprints to tryto remove the embedded fingerprints or frame innocent users, is the major challenge to digitalfingerprinting. If an illegal copy appears, the user information can be extracted to help trace oridentify illegal users. After identifying the responsible user or group, punishment or retributionwould be sought so as to fight against unauthorized redistribution. Figure 1.2 illustrates a sce-nario about how to utilize digital fingerprinting, which can be taken as the extension of Figure1.1. One strong advantage of fingerprinting is that it is completely transparent to the honest userand offers great advantages in terms of user freedom.

1.2.1 Fingerprint Encoding (or fingerprint code designing)

The collusion attack is a cost-effective attack, where the good quality of content is also colluders(illegal users) needed. Without rendering multimedia content useless, the purpose of colluders isto generate a new version of the content which contains no fingeprints or belongs to an innocentuser. Due to the global nature of the Internet, it is easy for a group of users with differentlyfingerprinted copy of the same content to work together and collectively remove or destroy fin-gerprints embedded within the content. These collusion attacks pose a real threat to protectingmultimedia content. One countermeasure against them is fingerprint encoding, which means todesign a fingerprint code. The fingerprint code is a compact way to uniquely represent each userand provide an efficient algorithm to trace colluders. With fingerprint encoding, each user can beuniquely represented and the colluders can be traced theoretically.

An early work on designing collusion-resistant binary fingerprint codes was presented byBoneh and Shaw [3], which primarily considered the problem of fingerprinting generic data thatsatisfy an underlying principle known as the marking assumption. In [3], a mark is a position inthe object which can be in one ofq different states and a fingerprint is a sequence of marks. Eachuser is assigned a unique fingerprint and receives a copy of an object with the marks embeddedaccording to his assigned fingerprint (e.g., the fingerprinting shown in Figure 1.3. As a matterof fact, the marks like circle, square, triangle and so on, are invisible for users). The marking

3

1. Introduction

assumption states that: by colluding, users can detect a specific mark if it differs between theircopies; otherwise, a mark cannot be detected. The main property the marks should satisfy is thatusers cannot change the state of an undetected mark without rendering the object useless. Most offingerprint codes designed for generic data are built on the marking assumption or weak/relaxedmarking assumption. Engle [10] pointed out it is possible to design a perfect fingerprint codeby using the marking assumption as a foundation. Whether the marking assumption holds or notdepends on the fingerprinting approach, i.e., the approach about how to embed fingerprints.

Without loss of generality, we assume that people exchange and share multimedia contentthrough an internet-based distributing system which comprises a single content provider, IP net-work and a group of content users. This thesis is aiming to realize a secure internet-based dis-tributing system:

• Audiovisual multimedia content such as image/video could be transmitted from one contentprovider to104 ∼ 105 users and10 ∼ 102 illegal users can be traced based on their colludedcopy;

• Multimedia content such as 3D model could be transmitted from one content provider tohundreds of users and a few illegal users can be traced based on their colluded copy;

In the case of image/video distribution, we adopt multicast transmission due to huge data volumeand large number of users. We limit the range of users to104 ∼ 105 mainly because of thefollowing aspects. Regarding the capacity of current IP networks,

• Users less than104 can be served in unicast transmission;

• Users exceeding105 are generally served in television broadcasting;

• We aim to serve104 ∼ 105 users in multicast transmission because it greatly saves networkbandwidth and reduces network latency.

Due to the ubiquity of the Internet communication technologies, high resistance against col-lusion attacks is required for discouraging users from illegal copy and illegal redistribution. Thecollusion resistance is generally measured by collusion size (strictly, the maximum tolerated col-lusion size) for a given number of users. The increasing of collusion size has a strong impacton fingerprint code designing and a concrete upper bound is necessary from the point of viewof system design. In many video applications ([3], [36], [46], [48], [18], etc.), the number ofpotential illegal users is assumed to be less than102 . We also assume it is sufficient to trace10 ∼ 102 illegal users in our target system.

In the case of 3D model distribution, unicasting each fingerprinted model is feasible due tolow volume of data. Moreover, different from video applications, there only exist hundreds ofusers and a few potential colluders in current 3D model applications.

4

1. Introduction

To realize our target system, we need anti-collusion fingerprinting for protecting multimediacontents (restricted to image, video and 3D model) from unauthorized distribution.

One key difference between fingerprinting generic data and multimedia content consists in:the fingerprint codes designed for generic data may allow long fingerprints to be linked to asmall area in the data (e.g., fingerprint is attached in header). While for multimedia content, it isdesirable and feasible to embed fingerprints within the media itself rather than as external markersince they are tightly related to visual quality and insensitive to minor changes in the data value.To adapt to the multimedia content characteristics, it is desirable to shorten the code length (tosqueeze more users into fewer bits) for easily embedding. Regarding the large number of users,the code whose length increases linearly with the number of users is not suitable with respect toscalability. Briefly, a fingerprint code which is able to support104 ∼ 105 users with code lengthshort enough to be embeddable in multimedia content and resist against collusion from10 ∼ 102

users, is suitable to our target system. However, most existing fingerprint codes cannot reachsuch large user size and high collusion resistance requirements.

1.2.2 Fingerprint Embedding/Detection

It is essential that the embedded fingerprints are difficult to remove and should not interfere withthe intended use of multimedia content. Fingerprints are usually embedded into multimedia con-tent through robust watermarking approach. Digital watermarking is a technology designed toembed specific information in host data for copyright protection (robust watermarking) or authen-tication of host data (fragile watermarking), where the specific information is called a watermark.The requirements of fragile watermarking are to detect the slightest unauthorized modificationsand locate the changed regions. In contrast, the design goal of robust watermarking is to makethe embedded watermark remain detectable after being attacked. According to detection strat-egy, watermarking approaches can also be classified into blind and non-blind approaches. A blindone extracts the embedded watermark in the absence of the original model while a non-blind oneneeds the original model. Non-blind watermarking approaches are much more robust becausethey can synchronize the watermarked (watermark is already embedded) and original versions ofthe same content so as to know exactly where the watermark should be hidden. We adopt thenon-blind approach for robustness and do not give the details of detection strategy here, whichchanges with embedding approach and attack type.

Digital watermarking has been applied for a number of applications related to multimediacontent protection and security. These include ownership protection, authentication or tamperingdetection, digital fingerprinting, copy control and access control and so on. Digital fingerprintingis one application of digital watermarking. Fingerprint embedding/detection serves to uniquelymark each legal copy with the embedded fingerprints and trace the origin of an illegally usedcopy with the detected fingerprints. Digital watermarking and digital fingerprinting have theirown design requirements in terms of the imperceptibility, the robustness, and the embedding

5

1. Introduction

capacity measured by how many bits are embedded. The difference between the two techniquesillustrated in Figure 1.3 can be briefly described as follows.

• Digital watermarking

– Embed content owner ’s information

– Protect content owner ’s copyright

– Only one watermarked content

• Digital fingerprinting

– Embed content user ’s information

– Trace content user re-distributes content illegally

– Many different fingerprinted contents

In addition, digital fingerprinting techniques should also be robust against collusion whenusers having access to the same host content embedded with different fingerprints get togetherand try to remove the fingerprints through such operations as averaging. The existing robustwatermarking techniques are merely a necessary first step that protects content against attacksmounted by a single attacker and not enough to provide the ability to trace illegal users involvedin the unauthorized distribution. Further, to assure the reliable tracing of true traitors and avoidframing innocents, the fingerprinting approach should overcome the limitation of the underlyingrules such as the marking assumption, which is used in fingerprint code designing.

Under the marking assumption, collusion attacks such as combination of colluders’ finger-prints often occur to the fingerprinted generic data. However, we have observed that a few funda-mental aspects of the marking assumption may not always hold when fingerprinting multimediadata. In particular, fingerprints may be encoded and embedded in multimedia content in a strate-gic way so as to significantly limit the capability of colluders to even conduct the type of attackssuggested by the marking assumption. For example, different “marks” or fingerprint bits canbe embedded in overlapped regions of an image through spread-spectrum techniques, and such“spreading” can make it possible for colluders to change fingerprint bits even if they are the same.In the meantime, such “spreading” will make it challenging for colluders to manipulate each in-dividual mark at will. This confines the effect of a colluders’ action to a milder form of collusionfrom the designer’s point of view. Selectively manipulating bits (combination of bits) in a fin-gerprint code is not directly possible, and instead other forms of attacks, such as an averagingcollusion attack, may be used by colluders to attempt to destroy the fingerprints. This suggeststhat by jointly considering fingerprint encoding and fingerprint embedding/detection processes,we have the potential to substantially enhance the performance of multimedia fingerprinting.

6

1. Introduction

There exists very limited research on how to embed the fingerprint code into multimediacontent so as to put it into effect. With regards to the following key issues, our research devotesto proposing suitable fingerprint code and robust fingerprinting approach for our target system,so that multimedia content (such as image/video and 3D model) can be safely used as a means toexchange information.

• How to design fingerprint code.In this stage, how to encode users’ unique information so as to identify individual user andresist against multi-user collusion should be considered.

• How to embed/detect fingerprint code.In this stage, the embedding approach should tailor to the contents characteristics for ro-bustness and imperceptibly.

• Interaction between choices of fingerprint code designing and embedding/detection.A collusion-resistant code would not work if it cannot be securely embedded into the con-tent. Similarly, only robust embedding approach is not enough to resist collusion attackswithout the help of fingerprint code.

1.3 Overview of ThesisRecent speeding up of Internet communications and the spread of high-capacity recording mediasuch as HDs, DVDs and blue-ray discs encourage the widespread use of images and videos. 3Dmodels, as a relatively new kind of multimedia content, have also been widely used in virtualreality, medical imaging, video games and computer aided design. This thesis is focused onexploring the task of designing and embedding fingerprint codes into image/video and 3D model,which is expected to resist against collusion attacks as well as efficiently trace and identify thoseillegal users.

In order to protect multimedia contents from unauthorized distribution, how to encode fin-gerprints, i.e., how to design a fingerprint code to identify individual user and resist multi-usercollusion is crucial. In Chapter 2, we have shown that the anti-collusion code has advantagesover other existing fingerprint codes for multimedia content in terms ofefficiencyandeffectiv-ity. Then, we present how to generate and construct efficient and effective anti-collusion codes,respectively.

To examine the validity of the proposed anti-collusion codes, we apply them to image/video inChapter 3. Image or video is encrypted into an unviewable form before putting on the network.Then, each user partially decrypts the encrypted content and the un-decrypted parts which areunique and different from each other stand for their fingerprints. Through such integration offingerprint and cryptosystem, image or video is able to be protected not only from unauthorizedredistribution but also unauthorized viewing.

7

1. Introduction

In Chapter 4, we apply the proposed anti-collusion codes to 3D model. Unlike image whichis generally represented by a 2D array of pixels, no unique representation exists for a 3D modeland no implicit order of model data exists. We provide a robust fingerprinting approach to embedthe proposed anti-collusion codes into 3D model. Using affine invariant based on local shapefeature characterized by the mesh complexity, the provided fingerprinting approach automaticallyembeds the fingerprints into the complex shape as redundantly as possible.

The overall research is illustrated in Figure1.4.

8

1. Introduction

Figure 1.1: Protecting multimedia content distributed over network

9

1. Introduction

Figure 1.2: Using embedded fingerprinting for tracing users [34]

Figure 1.3: Watermarking vs. Fingerprinting

10

1. Introduction

Figure 1.4: Framework of this thesis

11

CHAPTER 2

DESIGNING DESIRABLE FINGERPRINT

CODES FORMULTIMEDIA CONTENTS

This chapter discusses what fingerprint code is suitable to our target system and how to generateand construct such fingerprint code.

2.1 What Fingerprint Code is Desirable for Multimedia Con-tent

In recent years, the Internet is evolving to be an integrated service platform for exchanging andsharing information. The Internet has brought unlimited possibilities of the space developmentto business, education, medicine and other applications. For example, by connecting to a medicalimaging database system, the experts, even the ones from remote areas, can instantaneouslyreceive and review relevant medical images. However, open networks, as public channels, arehighly insecure. The multimedia content such as digital image has commercial and personalvalue and is vulnerable to unauthorized viewing and distribution while in storage and duringtransmission over a network. Techniques are required to protect the digital right of multimediacontent before it is put onto the network for exchanging and sharing.

Under the assumption that people exchange and share multimedia content via open IP-network, we target to realize a secure internet-based distributing system where one contentprovider transmits image/video to104 ∼ 105 content users via IP-multicast. The word “se-cure” refers to that the multimedia content should be used for its intended purpose by users whohave appropriate usage right and the illegal users can be found out when they are involved inunauthorized distribution.

Broadcast encryption and digital fingerprinting are two complementary techniques which are

13

2. Designing Desirable Fingerprint Codes for Multimedia Contents

able to provide functionalities such as ensuring that the multimedia content is used for its intendedpurpose by legitimate users. Broadcast encryption schemes are techniques that allow a center tobroadcast encrypted content to an arbitrary subset of privileged receivers out of a large set ofreceivers so that collusions of receivers not in the privileged set cannot decrypt the encryptedcontent. The protection provided by such encryption schemes terminates after decryption. With-out quality distortion, the decrypted multimedia content is easy to be manipulated by copyingand redistributing. Complementing to the encryption schemes, digital fingerprinting plays animportant role in protecting multimedia content from unauthorized redistribution.

As we have explained in the introductory chapter, digital fingerprinting invisibly embedsunique user information (as a watermark which serves as a fingerprint to help trace the originatorof the colluded copy) into each user’s copy. The robustness against removal and the ability toconvey a nontrivial number of bits are necessary requirements. In addition, digital fingerprint-ing should also be robust against collusion, where users having different fingerprinted copiesof the same content get together and try to remove the fingerprints through such operations asaveraging. To assure the reliable tracing of true traitors and avoid framing innocents, we mustcarefully consider how to encode, embed and detect fingerprints. This suggests that there aremore considerations than those existing robust watermarking literature.

The research on digital fingerprinting can be broadly divided into two main directions:designing fingerprint codes and jointly considering the fingerprint encoding and embed-ding/detection. The former direction mainly focuses on the coding theories, in which differentemphasis is placed on criteria such as attack assumptions, collusion size, code size, code length,ability to trace one or all colluders, etc ([42],[3],[43],[45],[1],[36],[12],[44],[13],[20]). In con-trast, the latter direction mainly focuses on fingerprint embedding as well as advanced detection([17],[46],[26],[25],[40],[41],[50]). In addition, there also exists non-coded fingerprinting ([48]),where mutually orthogonal spreading sequences are assigned to users as their fingerprints. Whilethe non-coded fingerprinting is easy to implement, the required number of spreading sequencesand the computational complexity of detection would increase linearly with the number of usersdue to no step of coding. Hence code designing is a crucial step to a successful fingerprintingscheme. This chapter mainly focuses on designing fingerprint codes suitable to our target system,so that the multimedia content can be safely used as a means to exchange information.

Designing a suitable fingerprint code is a crucial step to realize our target system. Suitablefingerprint code refers to one which is able to support104 ∼ 105 users with code length shortenough to be embeddable in multimedia content. Unlike fingerprinting generic data, fingerprintsneed to be embedded within multimedia content itself. Thus, it is desirable to shorten the codelength (to squeeze more users into fewer bits) for imperceptibility. For better scalability, the codewhose length increases linearly with the number of users is not suitable. In addition, to discouragepeople from unauthorized distribution, high resistance against collusion attacks is required due to

14


the global nature of the Internet. Here, we aim to trace10 ∼ 102 colluders among104 ∼ 105 usersbased on their colluded copy. As three important factors of a fingerprint code, the number of users(equal to code size), collusion resistance and code length should be considered synthetically. Sofar, there have been almost no evaluations for what fingerprint codes adapt to the internet-baseddistributing system.

2.2 Evaluation metrics: Efficiency and EffectivityFingerprint codes generated with different methods are different in the code structure and theprinciple how to trace colluders. In order to evaluate what fingerprint codes are appropriate forthe above-mentioned distributing system, we need some evaluation metrics which can provide asimple way for comparing the different types of fingerprint codes.

For a given fingerprint code, let its length bel, its collusion size bec and its size (i.e., thenumber of users that it can support) ben. In [46] and [25], codeefficiency, as a metric, is definedas follows.Definition 1: The efficiencyon a fingerprint code for a given collusion size is referred to asβ = n/l, which describes the number of users that can be supported by the code length.

Given the same number of users, a fingerprint code with higherβ has shorter code lengththan one with lowerβ. In addition, we need another metric to compare the collusion resistanceof fingerprint codes, so we give the following definition.Definition 2: The effectivityon a fingerprint code is defined byγ = c/n, which describes theresistance against collusion attacks.

Among the codes with the same code length, a fingerprint code with higherγ is resistant to alarger size collusion. That is, a fingerprint code with higherγ is secure against collusion attackthan one with lowerγ under the same number of users.

A fingerprint code exists only when its three factors, code size (number of users), collusionsize and code length, meet the existence condition. One or two factors are fixed, then the othertwo or one are fixed correspondingly. That is, the three factors of a fingerprint code are notindependent. We have to consider the three factors synthetically when designing a fingerprintcode. Accordingly, the two metricsefficiencyandeffectivityare qualitative measurement insteadof quantitative measurement.

Obviously, a kind of high efficient and high effective fingerprint code is preferable for fulfill-ment of tracing colluders. Corresponding to our targeted system, an efficient and effective finger-print code which is able to support104 ∼ 105 users and resist against collusion from10 ∼ 102

illegal users, is desirable to achieve our goal.Until now, lots of fingerprint codes are presented and studied, but not all of them are proposed

with tracing capability and collusion resistance. We examine them in terms ofefficiencyandeffectivityin next section.

15


2.3 Anti-collusion Code Superior to Other FingerprintCodes

2.3.1 Attacking Assumptions: Marking Assuption and Envelope

Under an unrestricted, arbitrary collusion attack, it is difficult to analyze the code and the tracingcapability, so restrictive assumptions need to be made concerning what collusion can be allowedand what collusion cannot be allowed, given a set of codewords. The most widely used assump-tion is called marking assumption([3]).

1. Marking AssumptionA fingerprint, as a codeword, is regarded as a sequence of marks.q marks such as0, 1, · · · , q − 1 are used to indicateq different states of a position in an object. Users donot know the positions of marks in the object and also do not know which mark representswhich state. Marking assumption states that:

• In a collusion attack, the positions of the marks in an object can be either undetectableor detectable. An undetectable position is a position where the mark is the same forall the colluders so the position of the mark is unknown. The detectable position isknown to colluders since their marks differ in this position.

• Colluding users cannot change the marks in the undetectable positions without ren-dering the fingerprinted object useless, but it is considered possible for colluding usersto change the marks in the detectable positions into any state.

A mark without being included in0, 1, · · · , q − 1 is referred to as an unreadable mark.According to whether a mark in the detectable position can be allowed to change into anunreadable state or not, and the range within which colluded codes can fall, there are fourcases described byenvelope([1]).

2. Envelope under Marking Assumption“Under Marking Assumption ” means that colluders can only alter those marks in the de-tectable positions.

Let an alphabetQ = 0, 1, · · · , q − 1, then|Q| = q whereq is the number of elements.Let Ql be the set of alll-tuples of elements ofQ. Considering a codeC overQ, C ⊆ Ql

and is called an(l, n, q)-code when|C| = n. l is called the length andn is called the sizeof q-ary codeC, respectively. The elements ofC are called codewords and each codewordxj has the form(xj

1, xj2, · · · , xj

l ), wherexji ∈ Q, 1 ≤ i ≤ l, j = 1, · · · , n. Codeword

xj(j = 1, · · · , n) is assigned uniquely toj-th user, so code sizen is the maximum number

16


of users that can be supported by this code. Shortly speaking, code sizen is also the numberof users.

LetU = u1, u2, · · · , ut be a collusion oft users that work together to generate a colludedcodey = (y1, y2, · · · , yl). Without loss of generality, assume thatX = x1, x2, · · · , xtare the fingerprints (or codewords) assigned to the members ofU . Let Z(X) denote theset of undetectable positions forX and symbol∗ denotes the unreadable state. The rangewithin which the colluded code out ofX can fall is defined asenvelope as follows:

• narrow-sense envelopee(X) is the set

e(X) = y ∈ Ql|yi ∈ x1i , · · · , xt

i, 1 ≤ i ≤ l

Under the narrow-sense case, the generation of a colluded code is restricted to allow-ing, in any given (detectable) positioni, only the marks appearing in positioni of anycodeword inX to be chosen.

• expanded narrow-sense envelopee∗(X) is the set

e∗(X) = y ∈ Q ∪ ∗l|yi ∈ x1i , · · · , xt

i, ∗, 1 ≤ i ≤ l

Under the expanded narrow-sense case, the restriction is relaxed. The marks in thedetectable positions are allowed to change into an unreadable state.

• wide-sense envelopeE(X) is the set

E(X) = y ∈ Ql|y|Z(X) = x1|Z(X) = · · · = xt|Z(X)

We refer to y|Z(X) as the restriction ofy to the positions inZ(X), wherex1|Z(X), x

2|Z(X), · · · , xt|Z(X) are with the same meaning. The wide-sense case gives alarger range for colluders to generate a colluded code. Where, marks in the detectablepositions can be chosen from alphabetQ.

• expanded wide-sense envelopeE∗(X) is the set

E∗(X) = y ∈ Q ∪ ∗l|y|Z(X) = x1|Z(X) = · · · = xt|Z(X)

Based onE(X), the expanded wide-sense case allows the marks in the detectablepositions to be changed into an unreadable state.

It is clear thate(X) ⊆ E(X) ⊆ E∗(X) ande(X) ⊆ e∗(X) ⊆ E∗(X). In addition, fewfingerprint codes are defined on the expanded narrow-sense envelopee∗(X).

17


2.3.2 Major Existing Fingerprint Codes

Based on the above-mentioned attack assumptions, major existing fingerprint codes are intro-duced without giving their strict definition here. Please refer to the corresponding reference fordetails.

Let us consider(l, n, q)-codeC. As described above, a colluded code is anl-tuple that isproduced by the colluders whose fingerprints are codewords fromC. The major existing codesare introduced below.

1. c-frameproof code ([42], [3], [43])In c-frameproof code, no collusion of at mostc users can frame a user who is not a memberof the collusion.

2. c-secure frameproof code ([42],[43])A c-secure frameproof code is a stronger form ofc-frameproof code. A code isc-secureframeproof code if it is impossible for a collusionC1 of size maximumc to frame a dis-joint collusionC2 of size maximumc by generating a colluded code that could have beengenerated byC2.

c-frameproof code andc-secure frameproof code do not have traceability, namely, the iden-tification of guilty users cannot be guaranteed.

3. c-identifiable parent property code ([42],[17])In c-identifiable parent property code, no collusion of size maximumc can generate anl-tuple that cannot be traced back to at least one member of the collusion.

4. c-traceability code ([42],[45],[17])A c-traceability code is also ac-identifiable parent property code, but ac-traceability codehas an advantage that it allows an efficient (i.e., linear-time) algorithm to determine onemember of the collusion.

5. separating code ([1])Separating code is equivalent to secure frameproof code, which is described by a separatingsystem.

6. c-secure code withε-error ([3], [36], [12], [44], [13], [20])In a c-secure code withε-error, a member of collusion of maximum sizec can be tracedback with probability at least1− ε.

7. k-anti-collusion code (ACC) ([46], [26])k-anti-collusion code (ACC) has the property that the composition of any subset ofk or

18


fewer codewords is unique and therefore can identify groups ofk or fewer colluders.

Remark: The variations of above codes are also proposed in the related work, some ofwhich performed better due to the modifications of their parameters. For example, thereexist several generalized versions ofc-secure code in [12], [44], [13], [20] such as Tardoscode, where the marking assumption is relaxed.

2.3.3 Analyses of Fingerprint Codes

For the brevity of description, the abbreviations used in this chapter are listed below.FP frameproof codeSFP secure frameproof codeIPP identifiable parent property codeTA traceability codeSPC separating codeSEC secure code withε-errorACC anti-collusion code

Several surveys on existing fingerprint codes are conducted. Table 2.1 and Table 2.2 classifythem according to the attack assumptions mentioned previously. Where, “TA⇒ IPP⇒ SFP⇒FP”means that ac-TA code is ac-IPP code, ac-IPP code is ac-SFP code and ac-SFP code is ac-FP code. Note that generally the converse is not true.

In the case of weak/relaxed/no marking assumption, the probability of accusing an innocentuser or the probability of identifying a colluder incorrectly is not zero (see Table 2.1). This willweaken the force for confirming the illegal user, so those cases under weak/relaxed/no markingassumption are not considered. SEC is also not considered for the same reason. According to[10], it is possible to design a perfect fingerprint code if using the marking assumption as a foun-dation. In the meantime, whether marking assumption holds or not depends on the embeddingapproach of a fingerprint code, we focus on how to design codes and do not discuss how to meetthe marking assumption in this chapter.

We assume that marking assumption holds and only take account of the fingerprint codes (ex-cept SEC) under marking assumption, which include FP, SFP, IPP, TA and ACC codes. TA codeis stronger than FP, SFP, and IPP codes in terms of tracing ability, i.e., TA code is more effective(more secure against collusion attacks) than FP, SFP, and IPP codes. To apply to multimediacontent which is supposed to be transmitted over a network, ACC is more appropriate than TAcode in terms ofefficiencyandeffectivity. The main reason lies in three aspects:

1. ACC is adaptable for multimedia content while TA is adaptable for generic data.

• ACC traces or identifies colluders by utilizing the fact that the common marks in

19


the undetectable positions among any group of colluders are unique. The marks inthe detectable positions can be allowed to change into any state including unreadablestate, which provides the resistance against linear attacks and nonlinear attacks tomultimedia content.

For multimedia content, components of the fingerprint sequence are spread over thewhole object rather than linked to a small area in the object. Different bits of fin-gerprint code that are embedded in multimedia content may not be easily identifiableand arbitrarily manipulated. Thus, from colluders’ perspective, collusion attacks likeaveraging, interleaving, “cut and paste” and so on, are easy to operate rather than tocombine their fingerprinting bits.

• TA is defined under narrow-sense case and the marks in the detectable positions canonly be changed by combinatorial methods, where, the colluded code stems fromcombination of colluders’ fingerprinting bits. TA traces or identifies one colluderbased on the fact that the hamming distance between the colluded code and the col-luders’ codewords is smaller than others not in collusion. Therefore, TA only adaptsto combinatorial attacks, which is far from the requirement for protecting multimediacontent.

2. ACC has higherefficiency(shorter code length) than TAOne sufficient condition for the existence of the TA codes is given in [42]: there existan (l, n, q) c-TA code, whereq = 2c2 and l = 4c2 log n. The code length is4c2 log n

with the maximum tolerated collusion sizec for n users. If an ACC code derived from(l, c, λ)-BIBD (seeDefinition 4) exists,n = λ(l2 − l)/(c2 − c) users are supported, withthe maximum tolerated collusion sizec − 1. The code length isl, which is approximatelyO(c

√n). It is clear that the length of TA is longer than ACC with the samen and c.

According to theDefinition 1, ACC has higherefficiencythan TA. Note that there existq-ary and binary TA codes while there only exist binary ACC codes.

3. ACC has highereffectivity(larger collusion size) than TAWithin the maximum tolerated collusion size, ACC identifies all colluders while TA onlytraces one colluder .

ACC is adaptable for multimedia content and more efficient and effective than TA, while TA ismore effective than FP, SFP and IPP codes. So we regard ACC as the most desirable fingerprintcode for the internet-based distributing system. However, the practical construction of ACC hasbeen still a big problem. Consequently, we devote to answering how to generate and constructefficient and effective ACC.

20


2.4 How to Generate Efficient and Effective Anti-CollusionCode

2.4.1 Status quo of ACC

In [46], an anti-collusion code (ACC) is defined as follows:Definition 3: Let G = 0, 1. A codeC= c1, · · · , cn of vectors belonging toGv is called aK-resilient AND anti-collusion code (AND-ACC) when any subset ofK or fewer codevectorscombined element-wise under AND is distinct from the element-wise AND of any other subsetof K or fewer codevectors.

v denotes the dimension of vector spaceG, i.e., the length of codevectorsc1, . . . , cn arev. Ageneration method of ACC is using BIBD.Definition 4: A (v, k, λ) balanced incomplete block design (BIBD) is a pair(X ,A), whereA isa collection ofk-element subsets (blocks) of av-element setX , such that each pair of elementsof X occur together in exactlyλ blocks.

A (v, k, λ)-BIBD has a total ofn = λ(v2 − v)/(k2 − k) blocks. Corresponding to it, there isthev × n incidence matrixM = (mij) defined by

mij =

1, if the ith element belongs to the j th block,0, otherwise.

If the code matrixC is defined as the bit complement ofM and the codevectorscj are assignedas the columns ofC, then a(k − 1)-resilient AND-ACC is obtained, with code lengthv for n

users.

Theorem 1 Let (X ,A) be a(v, k, 1)-BIBD andM the corresponding incidence matrix. If thecodevectors are assigned as the bit complement of the columns ofM , then the resulting schemeis a (k − 1)-resilient AND-ACC.

According to [7], a(v, k, 1)-BIBD is unavailable when the number of users is more than1641.Hence, how to generate and how to construct ACC still remain problems due to most conditionson parametersv, k andλ are necessary condition but not sufficient condition for the existence ofa BIBD. PBIBD (partially balanced incomplete block designs) as a natural extension of BIBD isdeveloped to deal with this drawback in combinatorial design theory.

In [26], InKoo Kang et al aimed to support several thousands or more users and overcomethe limitation of BIBD existence. They presented a recursive construction algorithm for ACCusing GD (group-divisible) PBIBD and the derived ACC can support several thousand or moreusers than those derived from the table of BIBDs([7]). Different from BIBD theory in whichthere is only one group and any two elements occur together onlyλ times, GD-PBIBD canflexibly control elements replication numbers in block such that the resulting fingerprint code has

21


higherefficiencythan BIBD. However, ACCs derived from GD-PBIBD show a worse collusionresistance. For example, A(243, 6561, 3)-code from the GD-PBIBD can support6561 users butonly resist against2 colluders, which is not practical. Efficient and effective ACCs which cannot only support104 ∼ 105 users but also resist against10 ∼ 102 colluders are required for ourtarget system. [46] pointed out that another approach to construct BIBDs is to used-dimensionalprojective and affine geometry, which include some known examples of BIBD. Attributing totheir definite existences, we attempt to explore the known examples of BIBD for generatingdesirable ACCs.

2.4.2 Existing BIBD Examples

Low-density parity-check codes(LDPC, [21]) are constructed based on unital design, which alsomotivates us to generate ACC from known examples of BIBD, which is listed in Table 2.3.Hadamard design is not considered because ACC can be achieved only whenλ = 1 (Theorem1). Neither Fano plane nor Steiner triple system is under consideration since their parametersare either constant or small. Projective plane is excluded due to its symmetry (v = n), whateverthe parameterm is, theefficiencyβ = 1 since the code length is equal to code size. Unital andaffine plane show betterefficiencyandeffectivitythan the above-mentioned, their performanceson internet-based distributing system are investigated below.

2.4.3 Unital and Affine Plane

Given a(k − 1)-resilient ACC (derived from(v, k, 1)-BIBD), let the number of users that can besupported ben. Then, theefficiencyon such an ACC isβ = n/v and theeffectivityon such anACC isγ = (k − 1)/n.

Unital and affine plane are investigated in terms ofefficiencyandeffectivityand their detailsare listed in Table 2.4. To make more clearly, we compared theirefficiencyandeffectivityunderthe same condition. Assume that unital and affine plane could support the same number of usersin Figure 2.1, it is obvious that unital has higherefficiencybut lowereffectivity, and affine planehas highereffectivitybut lowerefficiency. In other words, unital supports more users but exhibitsweaker resistance, while affine plane exhibits stronger resistance but supports fewer users. As-sume that they could resist against colluders with the same maximum tolerated collusion size inFigure 2.2 or be at the same code length in Figure 2.3, similar conclusions will be drawn. It shouldbe pointed out that Figure 2.1, Figure 2.2 and Figure 2.3 are merely schematic illustrations, whichassist us with examining the performances of unital and affine plane.

Performances of unital and affine plane are further evaluated through the following concreteexamples.

Assume that unital code (ACC derived from unital) and affine plane code (ACC derived fromaffine plane) support the same amount of users, for example,104 users, their code length, collu-sion size are shown in Table 2.5 (a). Affine plane code exhibits very high resistance where its

22


Figure 2.1: Performance comparisons of unital and affine plane under the same number of users

maximum tolerated collusion size is about100. It may be considered difficult to bring together100 illegal users in a short time.

Assuming the collusion sizes of unital code and affine plane code as101 (Table 2.5 (b)), unitalcode can support about108 users. Our goal is to support users less than105, so these codes aresupposed to serve well our distributing system.

Similarly, assume that unital code and affine plane code have the same code length, for ex-ample,104 fingerprinting bits (Table 2.5 (c)). Affine plane code performs better with respect tocollusion resistance and unital code performs better with respect to the amount of users.

For the distributing system which serves to share and exchange information, unital code ispreferable when higherefficiencyis required and affine plane is preferable when highereffectivityis required.

2.5 Constructions of Unital Code and Affine Plane CodeWe construct unital and affine plane code based on finite geometry and implement them onMagma http://magma.maths.usyd.edu.au/magma/.

2.5.1 Constructing Unital Code

The results about the existence of unital are: Unital is constructed from finite projective plane((m2 + m + 1,m + 1, 1)-BIBD) and the only known projective planes have orders that are primepowers (orderm = pd).

We adapt hermitian unital to construct ACC because it has deterministic construction.Definition 5: A hermitian unital in a projective plane of orderp2 is the set ofp3 + 1 points thatmeets every linep + 1 points.

The constructing procedure is as follows:

23


Figure 2.2: Performance comparisons of unital and affine plane under the same maximum toler-ated collusion size

1. Constructing finite projective planePG(2, p2)

(a) Define the points as follows:

• Consider triplesX = (x, y, z) of elements from the finite fieldGF (p2), where(x, y, z) are not all zero. There exist(p2)3 − 1 triples.

• Identify triplesX andY if Y = ηX for some non-zeroη ∈ GF (p2), and saythatX andY are equivalent. Denote the equivalence class ofX by [X]. Eachequivalence class hasp2− 1 members, corresponding to thep2− 1 possible non-zero values ofη, and so there are[(p2)3 − 1]/(p2 − 1) = (p2)2 + p2 + 1 differentclasses[X], which is taken as the point ofPG(2, p2).

(b) Define the lines (or blocks) as follows:If A = (a0, a1, a2) is a triple of elements ofGF (p2), not all zero, define the line[α]

to be the set of all points[X] such thata0x + a1y + a2z = 0. There are(p2)2 + p2 + 1

lines by an argument similar to the case for points in(a). On each line, there arep2 + 1 points.

2. Constructing hermitian unitalThe hermitian unital is the set of points(x, y, z) ∈ PG(2, p2) satisfyingxp+1 + yp+1 +

zp+1 = 0.

There arep3 + 1 points in hermitian unital, which meets every line(described in(b)) inp + 1 points. Hermitian unital can be denoted by pair(H,B), whereH is the set ofp3 + 1

24


Figure 2.3: Performance comparisons of unital and affine plane under the same code length

points andB is the collection of subsets consisting ofp + 1 intersection points (referring toDefinition 4).

3. Constructing unital codeThe hermitian unital(H,B) is a(p3 + 1, p + 1, 1)-BIBD. Compute its corresponding inci-dence matrixM , take the bit complement of the columns ofM as codewords and assignthem to users. Thus, ap-resilient AND-ACC is achieved according toTheorem 1.

The above constructing procedure of hermitian unital is implemented in Magma. Magma is acomputer algebra system and designed to provide a software environment for computing with thestructures which arise in areas such as algebra, number theory, algebraic geometry and (algebraic)combinatorics. Its online calculator exists on

http://magma.maths.usyd.edu.au/calc/.Using the Magma codes in [29], we can generate an incidence matrixM of (p3 +1, p+1, 1)-

BIBD in practical computation time, wherep < 13. For example, whenp = 11, the executiontime is 3.629 seconds and memory usage is44.53MB (Pentium M 1.20GHz, 504MB RAM).Taking the bit complement of the columns ofM as codewords, a unital code with code length1332 , code size13431 (i.e., the number of users is13431), and the maximum tolerated collusionsize11 can be easily achieved in short time.

2.5.2 Constructing Affine Plane Code

There exists an affine plane (m2,m, 1)-BIBD of orderm if and only if there exists a projectiveplane (m2 +m+1,m+1, 1)-BIBD of orderm. A finite projective plane (m2 +m+1,m+1, 1)-BIBD exists when the orderm is a prime power (i.e.,m = pd). Affine plane code is constructedas below:

25


1. Construct a finite projective planePG(2, p2) with Magma([29]).

2. Construct a finite affine planeAG(2, p2) by deleting a single line[ι] of PG(2, p2) and allof the points of it, and altering the other lines to delete the point which is intersection ofthis line and line[ι].

3. Compute the corresponding incidence matrixM of AG(2, p2), then the bit complement ofthe columns ofM are corresponding to users’ codewords.

Affine plane codes can be obtained whenp < 13. Especially, whenp = 11, an affine plane codewith code length14641 , code size14762 (i.e., be able to support14762 users), and the maximumtolerated collusion size120 can be achieved.

With Magma calculator, affine planeAG(2, p2) and its incidence matrix can be directlyachieved whenp ≤ 7. For example, whenp = 7, the source code is:

p:=7;

m:=pˆ2;

FAP:=FiniteAffinePlane(m);

IM:=IncidenceMatrix(FAP);

As a result, the execution time is 0.660 seconds and the memory usage is 30.89MB.Remark: In the case of constructing unital code and affine plane code, the restrictions on

parameterp (for instance,p < 13 or p ≤ 7) are derived from using Magma. The problem such as“Computation used more memory than allowed” will occur on Magma whenp ≥ 13 or p > 7.

On the other hand, the main issue of ACC is a practical construction problem. In thetables([7]), a(1641, 41, 1)-BIBD which can support1641 users exists, but there is not definiteresults if a(v, k, λ)-BIBD exists when the number of users exceeds1641. Thus, an ACC formore than1641 users can not be achieved from general BIBDs. Here, our constructed unital code(applicable to13, 431 users with code length1332 and collusion size11) and affine plane code(applicable to14, 762 users with code length14, 641 and collusion size120) are not subject to thissituation. Our construction methods provide potential use for collusion size more than120 userssince the restrictionp < 13 comes from Magma software rather than from the finite geometrytheory. Through our method, the fingerprint code corresponding with the concrete requirementscan be constructed flexibly by compromising its three factors, number of users, collusion size andcode length. This is desirable from content providers’ point of view. In addition, the practicalcomputation time indicates that our construction methods for unital and affine plane codes arefeasible to support large number of users.

26


2.6 Comparison between Our Proposed Anti-CollusionCodes and Recent Related Work

2.6.1 Comparing unital and affine plane codes with GD-PBIBD codes

According to [26], the bit complement of a(v, b, r, k, λ1, λ2)-GD-PBIBD withλ1 = 0 andλ2 = 1

is an AND-ACC forb = n users with code lengthv and collusion sizek − 1. [26] proposeda fingerprint code set forn = p2s−2 users,p − 1 colluders and a code length ofps using a(ps, p2s−2, ps−1, p, 0, 1)-GD-PBIBD for p, a prime number, ands, a positive integer (s ≥ 2). p

ands are user-defined numbers. A(243, 6561, 3)-code (forn = 32∗5−2 = 6561 users with codelengthl = 35 = 243 and collusion sizek = 3 − 1 = 2) from the GD-PBIBD is obtained whenp = 3 ands = 5. The code lengthps will become remarkably long when increasing the collusionsizep− 1. For instance, the code length is1010 when the collusion size is101 like Table 2.5 (b),while our unital code length is106 and affine plane code length is104.

The efficiencyon the ACC derived from the above-described GD-PBIBD isβ = n/v =

p2s−2/ps = ps−2 and effectivity is γ = (k − 1)/n = (p − 1)/p2s−2. In terms ofefficiencyandeffectivity, we compared GD-PBIBD code with unital and affine plane code under the samemaximum tolerated collusion size (see schematic illustration Figure 2.4). The following relationholds when there are more than 2 colluders.

min(βGD−PBIBD) > βunital > βaffine plane

max(γGD−PBIBD) < γunital < γaffine plane

βGD−PBIBD andγGD−PBIBD denote theefficiencyandeffectivityon GD-PBIBD codes, respec-tively. In GD-PBIBD,s is a user-defined parameter. We assumes ≥ 3, thenmin(βGD−PBIBD)

andmax(γGD−PBIBD) are theefficiencyandeffectivityat s = 3.Although theefficiencyon unital and affine plane codes is not as high as GD-PBIBD, they can

also support more users than those general BIBDs in [7], which is comparable to GD-PBIBD.Besides, our proposed fingerprint codes provide more practical collusion resistance than GD-PBIBD.

2.6.2 Comparing unital and affine plane codes with Tardos codes

It is needless to say that code length is a key factor in fingerprint embedding. Becausec-securecodes are too long to use in practical, Tardos codes have been paid more attentions in recentrelated work [44], [13], [20]. One reason is that Tardos code has length of theoretically minimalorder among all possiblec-secure codes with respect to the maximum tolerated collusion sizec.Another reason is that when the probability of accusing an innocent user and the probability ofnot accusing any guilty one are very small (e.g.,10−6), Tardos code can be considered secureagainst collusion.

27


Figure 2.4: Performance comparisons of unital, affine plane and GD-PBIBD under the samemaximum tolerated collusion size

We stress that ACCs are more secure in respect of collusion resistance than Tardos codes.Detailly, within the maximum tolerated collusion size,

• ACCs identify all the colluders, so the error of accusing an innocent user and the error ofnot accusing any guilty one are zeros;

• Tardos codes attempt to restrict the error probability of accusing an innocent user and theerror probability of not accusing any guilty one to a reasonable value.

It should be pointed out that ACCs are intrinsically different from Tardos codes. More elab-orately, the three factors of ACC, number of users, collusion size and code length, are not inde-pendent. Whichever is fixed, and then the other two are fixed correspondingly. In contrast, thecode length of Tardos code mainly depends on its collusion size. We give a schematic illustration(Figure 2.5) to show the difference between our proposed codes and Tardos codes with respect tocode length under the same collusion size. The related data about Tardos code come from [20],where, the number of users is109 and the error probabilityε is 10−6.

As shown in Figure 2.5, our proposed unital and affine plane codes have shorter code lengththan Tardos codes with respect to the same collusion size. So, unital and affine plane codes aremore feasible to embed.

2.6.3 Comparing Unital and Affine Plane Codes with Enhanced ACCs

In the last few years, several fingerprinting schemes (e.g., [40], [41] and [50]) have been proposedto enhance(v, k, 1)-BIBD based ACC. As mentioned previously, one drawback of(v, k, 1)-BIBDbased ACC is the inability to support large number of users. To support more users, [40] at-tempted to make large number of fingerprints from small(v, k, 1)-BIBD. In [40], there arev

28


Figure 2.5: Comparison of code length between our proposed codes and Tardos codes

orthogonal basis signalssi and the binary codevectorcj for the j-th user is encoded into a fin-gerprint signalwj = (s1, s2, . . . , sv) · cj, where· indicates the scalar product of vectors. Then,the fingerprint signalwj is extended by adding a Gaussian distributed random variableµ with arepetition constantN . For example, ifN = 4, all the fingerprint signals are arranged as follows.

w1 µ µ µw2 µ µ µ...

...wn µ µ µµ w1 µ µ

......

µ wn µ µ...

µ µ µ w1...

...µ µ µ wn

Therefore, the extended fingerprint signals can support up toN ×n users, wheren is the numberof users which is supported by ACC before extension. It is obvious that supporting more userswill result in longer fingerprint signal. We can not directly calculate the efficiency of the enhancedACC since there is no clear code structure. However, we can estimate that the effectivity isdecreased to1/N of the value before extension since collusion size remains unchangeable whilethe number of users is increased fromn to N × n. Further, the extension will lead to moreoverhead with the number of users increasing in contrast to our proposed unital and affine planecodes which merely adjust their parameters (p andm) to support large number of users.

29


Another drawback of the(v, k, 1)-BIBD based ACC is the failure of detection when the num-ber of colluders exceeds(k − 1). To cope with this, [41] modified the incidence matrix of BIBDto form fingerprinting codes that are collusion resistant even if all the users collude. However, thecollusion resistance against all users results in a dramatic increase of code length. The efficiencyis decreased to(k− 1)/(k2− k + 1) from 1, wherev is considered to be proportional tok2 whenn = v and the number of usersn is large. Regardless of code length, our proposed unital andaffine plane codes can also be resistant to collusion from all users if setting the collusion size asthe number of users.

In addition to the above drawbacks, error extraction of every single bit of ACC may lead tothe misjudgment of a user. In order to enhance the resistance of ACC and improve the reliabilityof ACC when transmitting, [50] took advantage of the good error correcting capability of Turbocode and combined Turbo code with ACC. Similarly, our proposed unital and affine plane codescan be improved through combining with the error correcting code.

2.7 Chapter Summary and Future workWe aim to achieve fingerprint codes suitable to our targeted internet-based distributing system, inwhich104∼105 users need to be supported and10∼102 colluders need to be traced based on theircolluded copy. To evaluate what fingerprint code is suitable to our target system, we introducedtwo metricsefficiencyandeffectivity. In terms ofefficiencyandeffectivity, we showed that ACCis the most appropriate to our system. Then, we presented how to generate efficient and effectiveACC based on unital and affine plane design and how to construct them based on finite geometry.The proposed unital and affine plane codes exhibit higher collusion resistance than GD-PBIBDcodes and have shorter code length than Tardos codes. These codes meet the requirements of ourtarget system. Moreover, our generation/construction methods provide more potential use (e.g.,collusion size larger than hundreds of users) than our target system.

In this chapter, we just discussed the theory about how to generate and construct ACC codesuitable to the targeted internet-based distributing system. Whether the proposed ACC code canidentify each individual user and survive collusion attacks closely depends on the process offingerprint embedding/detection, and the performance of the proposed ACC code may vary withthe implementation environment. In addition, the proposed ACC codes are based on the markingassumption which may not hold for fingerprinting multimedia content. We discuss these issuesnext. In the following chapter, we devote to providing a way how to implement the proposedACC codes on image/video and examine their validity further.

30


Table 2.1: Taxonomy-1: Research on designing fingerprint codes1.code designing narrow-sense wide-sense expanded wide-senseunder marking as-sumption

In [42], q-ary FP, SFP, IPPand TA code are defined, andtheir relationship is investi-gated, where TA⇒ IPP ⇒SFP⇒ FP; q-ary SPC is alsostudied in [1], which is equiva-lent to SFP.

In [43], binaryFP and SFP codeare defined, andtheir relationshipis SFP⇒ FP.

In [3], binary FPand SEC are inves-tigated. A securecode withε-error re-stricted in narrow-sense is an IPP codeif ε = 0.

under weak mark-ing assumption

In [36], weak marking assumption allows the mark in the unde-tectable position to be erasable but assumes that the colluders canonly erase a percentage of the marks, whereq-ary c-secure codewith ε-error,c-traceablity code toleratinge-erasures are defined.

under relaxed mark-ing assumption

The relaxed version of the marking assumption in [12] is: At anyposition where the codeword of all pirates agree, the pirates stillhave aδ probability of being able to output a different symbol. Thebinary SEC([3]) is generalized in [12].

no marking as-sumption

Tardos([44]) shows that his improvements on the scheme([3]) pre-vent framing innocent users even when the marking assumptiondoes not hold; [13] proposes a variant of Tardos code which ispractical for various applications against a small number of pirates.

Table 2.2: Taxonomy-2: Research on joint coding-embedding fingerprinting2. joint coding-embedding

under marking assump-tion

In [17], q-ary TA and IPP are defined under narrow-sense case and thatTA codes generally offer better collusion resistance than IPP codes isdemonstrated.In [46], binary ACC is defined, but no explicit construction of efficientand effective ACC.In [26], a new constructive algorithm for binary ACC is presented basedon GD-PBIBD (group-divisible partially balanced incomplete block de-sign) theory, which is more efficient in designing fingerprinting code.Further, [25] also describes a method to embed and detect fingerprint-ing code derived from GD-PBIBDs.Several fingerprinting schemes (e.g., [40], [41] and [50]) have been pro-posed to improve the BIBD based ACC.

Remark: [48] presents non-coded fingerprinting system, which is easy to implement but therequired number of spreading sequences and the computational complexity of detection wouldincrease linearly with the number of users.

31


Table 2.3: Existing examples of BIBDBlock Design (v, k, λ)affine plane (m2,m, 1) v = m2, k = m,λ = 1Fano plane (7, 3, 1) v = 7, k = 3, λ = 1Hadamard design (4m + 3, 2m + 1, m) v = 4m + 3, k = 2m + 1, λ = mprojective plane (m2 + m + 1,m + 1, 1) v = m2 + m + 1, k = m + 1, λ = 1Steiner triple system (v, 3, 1) v ≡ 1 or 3(mod 6), k = 3, λ = 1unital (p3 + 1, p + 1, 1) v = p3 + 1, k = p + 1, λ = 1

Table 2.4: Evaluations of unital and affine planeBlock Design(v, k, 1) Efficiency Effectivityn = v(v − 1)/k(k − 1) β = n/v γ = (k − 1)/naffine plane(m2,m, 1) 1 + 1/m (m− 1)/m(m + 1)unital (p3 + 1, p + 1, 1) p− 1 + 1/(p + 1) 1/p(p2 − p + 1)

Table 2.5: Performance evaluations of unital code and affine plane codeCase Block Design Number of Usersn Code Lengthl Collusion Sizek−1

affine plane n = m(m + 1) l = m2 k = m(a) under the samenumber of users

(m2,m, 1) n : 104 l : ∼ 104 k : ∼ 100

unital n = p2(p2− p+1) l = p3 + 1 k = p + 1(p3+1, p+1, 1) n : 104 l : ∼ 103 k : ∼ 10affine plane n = m(m + 1) l = m2 k = m

(b) under the samecollusion size

(m2,m, 1) n : ∼ 104 l : ∼ 104 k : 101

unital n = p2(p2− p+1) l = p3 + 1 k = p + 1(p3+1, p+1, 1) n : ∼ 108 l : ∼ 106 k : 101affine plane n = m(m + 1) l = m2 k = m

(c) under the samecode length

(m2,m, 1) n : ∼ 104 l : 104 k : ∼ 100

unital n = p2(p2− p+1) l = p3 + 1 k = p + 1(p3+1, p+1, 1) n : ∼ 2× 105 l : 104 k : ∼ 20

32

CHAPTER 3

FINGERPRINTING IMAGE/V IDEO THROUGH

INTEGRATING FINGERPRINT WITH

CRYPTOSYSTEM

To realize our target system, this chapter examines how to implement the proposed anti-collusioncodes on image/video and tests their validity further. Here, we focus on integrating digital fin-gerprinting and cryptographic techniques rather than providing a robust watermarking approachto embed fingerprint codes.

3.1 Related Research on Fingerprinting Image/Video

3.1.1 Spread-Spectrum Fingerprinting

A conventional way of embedding fingerprints into multimedia content is through robust wa-termarking approach. Usually small in amplitude and imperceptible to humans, fingerprints areembedded into the content itself and can survive a variety of attacks (like compression and digital-to-analog) mounted by an individual user. Digital watermarking techniques do not shield wellagainst collusion attacks mounted by a group of users who have different fingerprinted copiesof the same content. The global nature of the Internet has not only brought media closer to theuser, but it has also brought adversaries closer to the media. It is now easy for a group of userswith differently fingerprinted versions of the same content to come together and work together tomount collusion attacks.

Though most watermarking methods are easy to be defeated by collusion attacks, the spread-spectrum watermarking method presented in [6], where a watermark was constructed as an in-dependent and identical distributed Gaussian noise and was imperceptibly inserted in a spread-

33

3. Fingerprinting Image/Video through Integrating Fingerprint with Cryptosystem

spectrum-like fashion into the perceptually most significant spectral components of the data,was argued to be highly resistant to collusion attacks. The randomness inherent in such water-marks makes the probability of accusing an innocent user very unlikely and is needed to obtaincollusion-resistance.

There are two main approaches to using spread spectrum for fingerprint embedding: orthog-onal modulation [48] and code modulation [46]. The first approach is a straightforward wayof applying spread-spectrum watermarking to fingerprinting, where mutually orthogonal water-marks are used as fingerprints to identify each user. The orthogonality allows for distinguishingthe fingerprints to the maximum extent. The simplicity of encoding and embedding orthogo-nal fingerprints makes them attractive to identification applications that involve a small group ofusers. One drawback of orthogonal fingerprints is that the amount of fingerprints is limited by theamount of orthogonal signals that can be created. Another drawback is that the averaging collu-sion attack is proved effective on orthogonal fingerprinting system due to its effect on the energyreduction of the original fingerprints and the effect it has upon the detection performance. Bygathering a few dozen colluders, it is possible to sufficiently attenuate each colluder’s fingerprintand produce a new version of the content with no detectable fingerprints.

The second approach allows for constructing the fingerprint for each user as a linear com-bination of orthogonal noise-like basis signals. Along the code-modulation line, a key is tostrategically introduce correlations into different fingerprints to allow accurate identification ofthe contributing fingerprints involved in collusion. The correlation concern not only helps toprovide a compact way to represent fingerprints but also helps to decrease the energy reductionratio observed in the case of orthogonal modulation. The resulting fingerprints can be based uponbinary or real-valued code modulation.

As described previously, we assume that people exchange and share multimedia contentthrough an internet-based distributing system, in which a single content provider (or contenttransmitter) transmits image/video ton (104 ∼ 105) users (or receivers) via IP-multicast. In suchcase, fingerprint embedding as described above can occur either at the transmitter or receiver, andseparate from or integrated with the cryptographic process (Fingerprint detection is assumed tooccur offline at a later time outside the scope of the multicast communication setup). Accordingto this, we give a classification of security architectures related to fingerprinting.

3.1.2 Security Architectures Relevant to Fingerprinting

1. Transmitter-side fingerprint embeddingIn [15], the architecture where fingerprint is embedded at transmitter-side is introduced. Asshown in Figure 3.1, an optional copy control or ownership watermarkWs is first embeddedinto the host media. Then a distinct fingerprintFi is embedded in each copy of the mediato be delivered to each of then users. Every watermarked and fingerprinted copyXfi fori = 1, 2, . . . , n is then encrypted separately using the same group keyKg (that is known at

34


Figure 3.1: Transmitter-side fingerprint embedding [30]

the transmitter side and by all the users) to produceYi, i = 1, 2, . . . , n.

Many current methods for fingerprinting implicitly make use of this architecture ([3][46]).One drawback of this architecture is that there aren different copies of the media and thenumber of copies of the media that must be encrypted and fingerprinted increases linearlywith n. Thus, the overall architecture suffers from poor scalability and cannot exploitthe multicast infrastructure. Another drawback is that the transmitter (may be contentowner/provider) cannot convince any third party of the traitor ’s piracy, even if he has foundout the identity of a traitor in an illegal copy because he also can generate the fingerprintedcopy.

2. Receiver-side fingerprint embeddingReceiver-side fingerprint embedding is initially introduced in [35] with respect to digitalTV. As shown in Figure 3.2, the optional copyright watermarkWs is embedded and thesubsequent media is encrypted with the group keyKg to produce the encrypted contentY . There is one encrypted (and no fingerprinting) media at the transmitter-side. At thereceiver-side, the encrypted signalY is decrypted by each user usingKg and is immedi-ately fingerprinted with a markFi that is distinct for each useri to produce the fingerprintedmediaXi. For security, both decryption and fingerprinting are implemented on a special-ized hardware called set-top box, so that the decrypted content is not easily accessiblebefore fingerprinting.

One advantage of this architecture is that only one encryption (and no fingerprinting) isnecessary at the transmitter-side, which may reduce latency and complexity from the pre-vious architecture. Another advantage is that multicast communications can be exploitedbecause only one encrypted signal needs to be transmitted to multiple users. In addition,if the transmitter finds the fingerprinted copy which is illegally used, he can identify the

35


Figure 3.2: Decryption and fingerprinting sealed in set-top box[30]

Figure 3.3: JFD without specialized hardware[30],Kg: secret group key

traitor and prove it to the third party because only the user can obtain the media with a fin-gerprint. However, the set-top boxes raise the burden of expense and users are not willingto pay excessively for security features that do not directly benefit them. Therefore, eitherlow-complexity algorithms or non tamperproof hardware implementations of fingerprintembedding are necessary.

3. Joint fingerprinting and decryptionIn order to overcome the problem of fingerprinting at receiver-side, [30] proposes the notionof Joint Fingerprinting and Decryption (JFD, see Figure.3.3) which does away with theneed for tamperproof hardware. The idea of JFD is that each receiver partially decrypts thecontent and the un-decrypted parts which are unique and different for each receiver standfor their fingerprints.

JFD is conceptually promising to achieve decryption and fingerprint embedding at the sametime, where the sign bits of DCT coefficients are encrypted at sender side and only partsof the sign bits are decrypted at receiver side. The position of the un-decrypted sign bitsdetermines fingerprints. In the last few years, several JFD-based schemes have been pre-sented, e.g., Lian et al’s scheme [32], Lemma et al’s scheme [31] and Lian et al’s scheme[33]. In the scheme [32], the video content is encrypted at sender side by scrambling the

36


Figure 3.4: Our mechanism without specialized hardware,Kg: public group key

variable-length code’s index, and the encrypted video is decrypted at receiver side by re-covering code’s index with decryption and fingerprinting. The scheme [31] encrypts audiocontent by multiplying an encryption sequence and decrypts the encrypted audio contentby multiplying the combination of encryption sequence and fingerprint sequence. In thescheme [33], the video content is scrambled at sender side by motion vector encryption,and the encrypted video is decrypted and fingerprinted simultaneously under the control ofboth the key and the fingerprint at receiver side.

JFD and the JFD-based schemes are built on secret-key cryptosystem, where the decryptionkey is composed of encryption keys or a subset of encryption keys and the fingerprint-related information. The use of secret-key cryptosystem is not desirable for separatingkey management from content distribution (provider) side, which makes it difficult fora content transmitter to convince any third party of a traitor’s piracy. More clearly, theunique decryption keyKi for each receiver is a subset of the group keyKg in JFD andthe JFD-based schemes, so the transmitter knows all the decryption keys. The possibilitythat the transmitter may generate a fingerprinted copy and frame a legal receiver can not beexcluded. Therefore, the transmitter cannot convince any third party of the traitor’s piracy,even if he has found out the identity of a traitor in an illegal copy.

To solve the above problems, we provide public-key cryptosystem based JFD (see Figure 3.4).The secret keys are different from the public keys, so the possibility that the sender may generatea fingerprinted copy and frame a legal user can be excluded. With public-key cryptosystem, it iseasy to separate key management from content distribution (provider) side and then transmitterswho have no knowledge of how to generate encryption keys and decryption keys can use thismechanism to exchange and share information with others.

3.2 How to Integrate Fingerprint with CryptosystemThe provided architecture for integrating fingerprint with cryptosystem is illustrated in Figure3.5, where the content is divided into blocks (sources) and each block is encrypted separately

37


Figure 3.5: Our Proposed Architecture of Integrating Fingerprint and Cryptosystem

with different public keys (encryption keypki). Users are provided with prearranged decryptionkeys when they register to the internet-based distributing system. Each user partially decrypts theciphertext and the un-decrypted parts where dummy keys are allocated are taken as his fingerprint.The dummy key means the value which cannot decrypt the ciphertext correctly. There existstrade-off between quality of content and redundancy of fingerprint. Allocating more dummy keyswould degrade the quality of content, while more fingerprints can be embedded. To balance suchtrade-off and get better scalability, we assign decryption keys and dummy keys to authorized usersaccording to their fingerprint code. In addition, with public-key cryptosystem, the possibility thatthe sender may generate a fingerprinted copy and frame a legal user can be excluded.

Multimedia contents like image and video are tightly related to visual quality. We protectthem from unauthorized viewing by encrypting (obscuring) them. The contents are considered tohave a high level of encryption security if their encrypted forms are unviewable to the unautho-rized users. To protect the contents from illegal redistribution after they are legally purchased, weembed unique user information (e.g., fingerprints) into each user’s copy for tracing illegal users.The embedded fingerprints should be imperceptible to the users.

Taking un-decrypted parts as fingerprints will result in conflicting requirements between im-age and video encryption and fingerprinting imperceptibility. To limit the unauthorized viewingof images and videos, the more degraded their visual quality is, the higher the level of security is.Whereas for the partly decrypted (fingerprinted) image and video, the better the visual quality is,the more imperceptible the fingerprint is. With regards to matching fingerprint codes with suchun-decrypted parts, the mechanism integrating fingerprint with cryptosystem is expected to copewith such conflicting requirements.

38


Figure 3.6: Home Page Cryptosystem

3.3 Required CryptosystemTo establish the above-described public-key cryptosystem based JFD, the well-known RSA, El-Gamal and Elliptic Curve public-key cryptosystem (PKC) seem not desirable to meet the real-time constraint because their encryption and decryption procedure are very slow for computa-tional complexity (e.g.,RSA needs the calculations of modular exponentiations of large integers).

As a high-speed public-key cryptosystem (PKC), Kasahara et al.[27] presented Home Pagecryptosystem (HP cryptosystem). It is a product-sum type PKC which is regarded as the gen-eralized scheme of the knapsack PKC. Figure 3.6 which comes from [27] illustrates how HPcryptosystem works. HP cryptosystem enables multiple users, referred to as Bob, Charles andDavid, to communicate with Alice over an insecure channel without any prior key exchange.Compared to the usual public-key cryptosystem, there aremultipleencryption rules for each de-cryption rule in HP cryptosystem. Alice generates several classes of public keys, and publishesall the public keys via her homepage. When Bob wants to send a message to Alice, Bob randomlychooses one key from each class to generate his own encryption key, and encrypt the messagewith the resulting encryption key.

A distinguishing feature of HP cryptosystem is that an encryption key is a combination ofkeys, so a large amount of different encryption keys can be derived from a small group of keys.So far, several methods for realizing the HP cryptosystem have been proposed. For example,Hattori et al. [16] reported that the SHP-II cryptosystem, which is one of the simplest schemesimplementing HP cryptosystem, is fast and comparable to DES. In the meantime, the decryptionof HP cryptosystem based on Chinese remainder theorem can be processed in parallel [28]. Suchparallel process is helpful to realize real-time operation, so we attempt to utilize HP cryptosystembased on Chinese remainder theorem. The details [28] are described as follows:

1. Key Generation

39


Let di be mutually coprime integers such that

di = 2e + δi (3.1)

for i = 1, 2, . . . , I, whereδi are appropriate positive integers such that1 ≤ δi ≤ 2e tosatisfy

2Ie < d1d2 · · · dI < 2Ie+1 (3.2)

The recommended bit-size ofδi are(e/2)-bit. LetDi = d1d2 · · · dI/di. Let vi be randomlychosen integers such thatgcd(di, vi) = 1, where0 < vi < di. Let αji be randomly chosent-bit positive integers, then

vji = αjidi + vi (3.3)

for i = 1, 2, . . . , I andj = 1, 0. Here let

Vi = Divi, (3.4)

V ji = Divji (3.5)

for all i andj.

Let s = (s1, s2, . . . , sI) be anI-dimensional binary vector. Let the intermediate messageM be defined by

M = m1V s11 + m2V s22 + · · ·+ mIV sII (3.6)

for a message vectorm = (m1,m2, . . . , mI) by usings. Now let P be a large primenumber such thatM < P for anym and anys.

Let ω be a randomly chosen element inZ∗P . Z∗

P = 1, 2, . . . , P − 1 denotes the multi-plicative group of integers moduloP . The components of the public key vectorpks forj = 0, 1 are given by

kji = ωV ji (mod P ) (3.7)

for i = 1, 2, . . . , I.

The generated keys are the followings:secret key:di, Vi, P , ω,public key:pks = (ks11, ks22, . . . , ksII)

for i = 1, 2, . . . , I ands = (s1, s2, . . . , sI) be anI-dimensional binary vector. An exampleof one group of public keys is shown in Figure 3.7.

40


Figure 3.7: One Group of Public Keys

2. Encryption and DecryptionAssume that the plaintextm is divided into several sectionsm = (m1,m2, · · · ,mI), wheremi is regarded as ane-bit positive integer.

• Encryption: Generate anI-dimensional binary vectors = (s1, s2, . . . , sI) at randomand determine the encryption key vector, i.e., public keypks as follows:

pks = (ks11, ks22, . . . , ksII) (3.8)

The ciphertextc is computed as follows:

c = ks11m1 + ks22m2 + · · ·+ ksIImI (3.9)

• Decryption: The intermediate messageM is given by

M = ω−1c (mod P ) (3.10)

Here there holds

V ji = Vi (mod di) (3.11)

for eachi and anyj. Consequently, each component of the plaintexm is obtained by

mi = MV −1i (mod di) (3.12)

Encryption and decryption procedure are shown in the Figure 3.8.

We employ the anti-collusion codes described in Chapter 2 to our mechanism. Anti-collusioncode is designed under Marking Assumption, which assumed that colluders could only identifyand change a specific mark if it differs between their copies. Taking advantage of anti-collusioncode, it should be considered how to meet Marking Assumption.

41


Figure 3.8: Encryption and Decryption Procedures

3.4 How to Integrate Anti-Collusion Code with Home Pagecryptosystem

To reduce the burden of the content provider who may not a cryptanalyst, we add a key server intothe internet-based distributing system (Figure 3.9). The key server is in charge of generation andtransmission of encryption keys and decryption keys. These keys are transmitted in an encryptedform. The content provider encrypts the multimedia content with the encryption keys receivedfrom the key server, and broadcasts the encrypted content to a number of authorized users. Atthe user end, users employ decryption keys received from the key server to decrypt the encryptedcontent and at the same time their fingerprints are embedded (see Figure 3.5). Our system isa transmitter-side encryption and receiver-side fingerprint embedding system. Further, the keymanagement is separated from content provider side, which leads to only authorized users havefingerprinted contents. Thus, illegal users cannot deny their piracy when an illegal copy appears.

Without loss of generality, we assume the multimedia content is MPEG-1 video. Integratinganti-collusion code and HP cryptosystem is conducted below.

3.4.1 Key Generation and Transmission Phase

The key server is set up to take charge of key generation and transmission. Based on the informa-tion such as the maximum number of users, the video length and so on, the key server determineshow many keys and what anti-collusion code are adaptable. For simplicity of description, we

42


Figure 3.9: Modified Framework of the Internet-Based Distributing System

give several definitions here.

• A key cluster is referred to as a group of element keys which are divided into severalclasses. For example, Figure 3.7 shows a key cluster, wherekji(i = 1, 2, · · · , I; j = 0 or1) is an element key.

• An encryption key is a vector derived from a combination of element keys such as(ks11, ks22, · · · , ksII), s1, s2, . . . , sI is 0 or 1. Corresponding to2I encryption keys, the sin-gle decryption key is represented byP, ω, 〈dl, Vl〉Il=1, i.e.,P, ω, 〈d1, V1〉, . . . , 〈dI , VI〉.TheP , ω, dl andVl are similarly defined as the above-mentioned.

• A complete key is defined as a decryption key. An incomplete key is indicated byP, ω, 〈⊗,⊕〉, 〈d2, V2〉, . . . , 〈dI , VI〉 or P, ω, 〈⊗,⊕〉, 〈⊗,⊕〉, 〈d3, V3〉, . . . , 〈dI , VI〉 andso on, which only decrypts the ciphertext partially.⊗ and⊕ denote dummy value that donot decrypt the ciphertext correctly. Let⊗ = gcd(vs11, vs22, . . . , vsII), which means thegreatest common divisor ofvsii, i = 1, 2, . . . , I ands1, s2, . . . , sI is 0 or 1. In order tomake modular operations of equation (3.12) computable, we should choose thevi andαji

of equation (3.3) to meetgcd(vs11, vs22, . . . , vsII) > 1. Let⊕ = D = d1d2 · · · dI . Replac-ing di with ⊗ andVi with ⊕, then0 = MV −1

i (mod di) for anyM . In other words, thecomponents of ciphertext will be changed into0 if ⊗ and⊕ are included in the decryp-tion key. The number and positions of pair〈⊗,⊕〉 are determined by how many and whatcoefficients will not be decrypted.

Encryption keys, decryption keys, complete keys and incomplete keys can be generated fromseveral given key clusters in the way shown in Figure 3.10.

The key server yieldsN key clusters and a selector of encryption keys, and then transmitsthem to the content provider. The selector is a vector whose elements come from1, 2, . . . , N.For example, a selector(2, 1, 3, 5, . . . , N) means selecting first encryption key from the second

43


Figure 3.10: Key Structure

key cluster, the second encryption key from the first key cluster and so on. The content providerderives an encryption keypkm

s from them-th key cluster randomly, and arranges the derivedpkms s

according to the selector and encrypt the video with them. When a user requests for viewing theencrypted video, the key server assigns him a sequence of complete keys and incomplete keysaccording to his fingerprint code. Given an encrypted block, a complete key is assigned to theuser if his fingerprint bit is “1” and an incomplete key is assigned to him if his fingerprint bit is“0”. Replacingpki, ski and dummy key of Figure 3.5 with an encryption keypkm

s , a complete keyckm and an incomplete keyikm of Figure 3.10 respectively, our proposed architecture illustratedin Figure 3.5 can be established.

3.4.2 Content Encryption and Distribution Phase

The content provider encrypts the video by encrypting DCT coefficients of I-frame, where theI-frame is divided into blocks of the same size8 × 8 pixels, DCT encoded and quantized. Asthe frequency components are real numbers, there is a difficulty in applying HP cryptosystemsdirectly because they are based on the algebraic property of an integer. To solve such a problem,we replace the negative quantized AC coefficients with their absolute values and then performthe encryption procedure in a block-wise manner.

For a blocki where the negative AC coefficients are converted into positive integers, chooseI non-zero AC coefficients in the low and mid-frequency region and form a vectorTi. Followingthe procedure in Figure 3.8, the content provider encryptsTi with one encryption key and thendistributes the encrypted video to a group ofn users via IP multicasting.

44


Figure 3.11: Fingerprint Detection

3.4.3 Content Decryption and Fingerprinting Phase

At the user end, users decrypt the encrypted video with the assigned sequence and the decryptedand fingerprinted videos are different from each other since the sequences of incomplete keysand complete keys are different. The fingerprint bit (“1” or “0”) is denoted by the state of a DCTBlock. For the convenience of description, the state of coefficient, block and frame are depictedas follows.

• State of frame: partially/totally decrypted. Partially decrypted frame is corresponding tofingerprinted frame;

• State of block: incompletely/completely decrypted. Incompletely decrypted block is cor-responding to fingerprint bit “0” and completely decrypted block is corresponding to fin-gerprint bit “1”;

• State of coefficient: un-decrypted/decrypted. The position and amount of un-decryptedcoefficients affects the visual quality of fingerprinted content.

3.4.4 Fingerprint Detection

For simplicity, we take image as an example to explain how to detect fingerprint, which is easilygeneralized to video. The fingerprinted images derived from partial decryption are unique anddifferent at the user end. Fingerprint detection is carried out block by block by calculating thecorrelation between the fingerprinted image and the original image as shown in Figure 3.11.

The correlation between blocks are calculated using the following equation:

γ =

8∑i=1

8∑j=1

(xij − x)(yij − y)

√√√√8∑

i=1

8∑j=1

(xij − x)2

8∑i=1

8∑j=1

(yij − y)2

(3.13)

45


Here,xij denotes a quantized coefficient of one block in the original image andyij denotesa quantized coefficient of the corresponding block in the fingerprinted image, both of whichare nonnegative integers. Similarly,x andy denote the average ofxijs andyijs within a blockrespectively.

The block where fingerprint bit “1” is embedded is completely decrypted so the correlationvalue will be very high. In contrast, the block where fingerprint bit “0” is embedded is partiallydecrypted so the correlation value will be very low. During the detection process, the thresholdof γ is set for detection if fingerprints are present and determined experimentally.

When a pirated image appears, the procedure of fingerprint detection is performed by thecontent distribution (provider) side which owns the original image. The detected “1”s and “0”sconstitute a bit sequence according to block positions, which is arranged in an order from leftto right, and top to bottom. The content provider uses the detected bit sequence to inquire ofthe key server about the source of pirated image. The key server compares the bit sequencewith fingerprint codes in the database according to fingerprinting locations, and replies to thecontent provider after identifying illegal users or colluders. Note that users do not know wherethe fingerprint bits are embedded in the image, i.e., location information of the fingerprint bits issecret for users.

3.5 Mechanism Evaluation

From the above-described, it is easy to see our public-key cryptosystem based JFD can serve toembed any fingerprint code. We apply it to embed the unital and affine plane codes proposed inChapter 2. Assume that the multimedia content is MPEG-1 video (320 × 240 pixels, 15 framesper GOP, 30 frames per second), and the number of users be104. The code length is about103-bitand104-bit when using unital code and affine plane code, respectively. We embed fingerprint bitsinto I-frame which has 1200 blocks in a block-wise manner. Since not all the blocks can be usedfor embedding under the consideration of both robustness and perceptual quality of fingerprints,we assume that10% blocks, i.e., 120 blocks were adaptable for embedding. Then we can embedthe affine plane code (104-bit or so) into about104/240 ≈ 1-minute video since240-bit can beembedded into 2 I-frames per second. Obviously, it is less than1-minute video in the case ofembedding unital code.

For unital and affine plane codes, their three factors, number of users, collusion size and codelength, are not independent. Whichever is fixed, and then the other two are fixed correspondingly.For example, whatever the parameterm is, a(m2,m, 1)-affine plane code tracesm− 1 colludersamongn = m(m + 1) users with code lengthm2. Whether such tracing ability can be put intoeffect relies on how to embed/detect it, which is irrelevant to the values of parametersm. Thisis similar to unital code. For simplicity, we test our embedding/detection approach through anaffine plane code with small parameter values.

46


3.5.1 Simulation Results

We tested our encryption and fingerprint detection approach on a256 × 256 gray scale Lenaimage.

• EncryptionDivide the Lena image into blocks of the same size8× 8 pixels, perform DCT and quanti-zation for each block and then convert the negative AC coefficients into positive integers.

In HP cryptosystem, a plaintext consisting ofI e-bit componentsmi are changed into alarge integerc. Lettingcmax be the maximum value of the ciphertextc, the bit-size ofcmax

is (log2P + e + log2I)-bit (referring to equation (3.7) and (3.9)). Data overflow will occurif directly apply HP cryptosystem to video, where the encrypted DCT coefficients are over8-bit or 24-bit since the bit-size ofP need to be large. We employ the following method:for a block which hasI (I > 1) non-zero AC coefficients, use all theI coefficients toform a vectorTi and encrypt it. Then save the ciphertextc into a text file and change allnon-zero AC coefficients into zeros. That is, the encrypted content includes the encryptedimage where all non-zero AC coefficients are changed into zeros and the text file whereciphertexts of each block are saved. Both of them are transmitted to users.

• Decryption and fingerprintingWe partially decrypt the encrypted image according to fingerprint bits. The fingerprint bitscome from one(16, 4, 1)-affine plane code, whose code-matrix is shown below:

Ω =

0 0 0 0 0 1 1 1 1 1 1 1 1 1 1 1 1 1 1 10 1 1 1 1 0 0 0 0 1 1 1 1 1 1 1 1 1 1 10 1 1 1 1 1 1 1 1 0 0 0 0 1 1 1 1 1 1 10 1 1 1 1 1 1 1 1 1 1 1 1 0 0 0 0 1 1 11 0 1 1 1 0 1 1 1 0 1 1 1 0 1 1 1 0 1 11 0 1 1 1 1 0 1 1 1 0 1 1 1 0 1 1 1 0 11 0 1 1 1 1 1 0 1 1 1 0 1 1 1 0 1 1 1 01 1 0 1 1 0 1 1 1 1 0 1 1 1 1 1 0 1 1 01 1 0 1 1 1 1 0 1 1 1 1 0 1 0 1 1 0 1 11 1 0 1 1 1 1 1 0 1 1 0 1 0 1 1 1 1 0 11 1 1 0 1 0 1 1 1 1 1 1 0 1 1 0 1 1 0 11 1 1 0 1 1 0 1 1 1 1 0 1 1 1 1 0 0 1 11 1 1 0 1 1 1 1 0 0 1 1 1 1 0 1 1 1 1 01 1 1 1 0 1 0 1 1 1 1 1 0 0 1 1 1 1 1 01 1 1 1 0 1 1 0 1 0 1 1 1 1 1 1 0 1 0 11 1 1 1 0 1 1 1 0 1 0 1 1 1 1 0 1 0 1 1

(3.14)

47


Figure 3.12: Original, Encrypted and Fingerprinted Images (the code(0 0 0 0 1 1 1 1 1 1 11 1 1 1 1 ) is embedded)

The column vectors ofΩ are assigned to users as their fingerprint bits, in other words, thei-th column vector ofΩ is useri’s code. This code can support20 users and uniquely identifyup to 3 colluders since the composition (under logical AND) of any two column vectorsor three column vectors is unique. The length of code is16-bit and one bit is embeddedinto one block, so the fingerprints can be repeatedly embedded if there are more than16

blocks in an image. We conduct the following decryption procedure: decrypt an encryptedblock completely as a fingerprint bit is “1” and do not decrypt several coefficients locatedin low-middle frequency region for both robustness and perceptual quality as a fingerprintbit is “0”. In our experiment, AC coefficients are arranged in zigzag scan order byAC(p),in which p is 1 to 63.10 AC coefficients from 6 to 15 were not decrypted and their valuesremained to be zeros.

The original, encrypted and fingerprinted images are shown in Figure 3.12, where the firstcolumn ofΩ is used to generate the fingerprinted image.

The encrypted image is not viewable and its PSNR value is21.3dB. The fingerprintedimages have no visible degradation and an average PSNR value of fingerprinted imagesis 30.7dB, where the fingerprinted images of user 10, user 15, user 18 and user 20 areaveraged.

• Resistance against attacksThe coefficients located in low-middle frequency region are not decrypted when fingerprintbit is “0”. In other words, the fingerprint bits are embedded into the low-middle frequencyregion of a DCT block. Embedding fingerprints (i.e., watermarks) into the low-middlefrequency region proved to be robust against many attacks where signal processing methodsare applied. As an example, we tested if our embedded fingerprints can resist to JPEGcompression. The experimental result is that fingerprint bits are correctly detected for

48


Figure 3.13: Colluded Images of Users 1 and 2, Users 1-3 and Users 4-6

JPEG compressions where quality factorQ ≥ 75. With the same degree of robustness asthe existing work, it is sufficient for our target system because our focus is to fight againstcollusion attack from a group of users. Thus, we do not test resistance against other attacksmounted by a single user.

The resistance against average collusion attacks is also tested. We averaged the Lennaimages fingerpinted with codes of users 1 and 2, users 1-3 and users 4-6. The colludedimages and the detected codes are shown in Figure 3.13.

Since one fingerprint bit is embedded into one DCT block, Marking Assumption holdsunder averaging attacks. In other words, colluders cannot change the bit values in thepositions where the bit is the same for all the colluders by averaging their fingerprintedimages. For example, let

u1 = (0 0 0 0 1 1 1 1 1 1 1 1 1 1 1 1 ) (3.15)

u2 = (0 1 1 1 0 0 0 1 1 1 1 1 1 1 1 1 ) (3.16)

be the codes for the user 1 and user 2. Then,

u1 + u2

2= (0

1

2

1

2

1

2

1

2

1

2

1

21 1 1 1 1 1 1 1 1 ) (3.17)

The fact that a “1” occurs from the8-th to the16-th location uniquely identifies users 1and 2 as the colluders. The experimental results show that the colluders can be correctlyidentified based on the fact that the number and locations of “1” in any colluded code areunique. It should be pointed out that the attack where the difference blocks are replaced bythe average value of images produces partly additional occurrences of “1” instead of “0” in

49


the fingerprint detection. Thus, how to set an appropriate threshold plays an important rolein determining if a fingerprint bit is “1” or “0”.

With respect to computation/transmission cost, we discuss if such an internet-based distribut-ing system is feasible.

3.5.2 Computation Cost

The encryption can be processed very fast due to only including addition and multiplicationoperation. The decryption procedure based on modulo operation can also be processed fast dueto the modulusdi is at most(e+1)-bit, which is9-bit for 8-bit gray images,25-bit for 24-bit truecolor images.

Generating encryption keys and decryption keys may produce high computation cost since themodular inverse of large integers should be calculated. However, this will not bring an adverseimpact for the distributing system since the key server is supposed to generate encryption keysand decryption keys in an off-line manner. The generated keys can be transmitted in an on-linemanner if only their sizes are not so large.

3.5.3 Transmission Cost

The transmission cost or data traffic consists of the following aspects.

1. Key size (or key length)Both the encryption keys and decryption keys are transmitted to the content provider andusers in an encrypted form and the size of their encrypted form depends on how to encryptthem, so we just discuss their size before encryption.

Letting all vji beu-bit integers (see equation (3.3)), the bit-size ofP can be estimated bylog2P = Ie + u + log2I + 1 and the bit-size of public keypks can be estimated byIlog2P

(referring to equation (3.8)). In [28] where the plaintext is assumed to be text data,u ≥ 64

is recommended because the secret modulusP may be disclosed when the random integersvji are small, andI = 64 is recommended since it is unable to specify the encryption keywith the exhaustive search. The feature of image and video data is that the data rate is highwhile the information value is usually lower than ordinary text data. This feature justifiesthe employment of lightweight HP cryptosystem to reduce the computational overheadwhile still maintaining reasonable level of security. We apply HP cryptosystem to videounder the assumption thatu = 64, I = 16 ande = 8. In this case, the bit-size of themodulusP can be estimated by197-bit and the bits-size of the public keypks can beestimated by3152-bit. Based on these, the sizes of encryption keys and decryption keys inour system are discussed below.

Given a key cluster, the content provider can freely select an encryption key among2I

possible combinations of the element keys. It is clear that the number of the encryption

50


keys increases exponentially. It is also hard for the attackers to guess the encryption keyactually used. Let the number of key clustersN = 8. The key server merely transmitsabout3152 × 2 × 8 ≈ 6KB key clusters to the content provider and the content providercan derive at most216 × 8 = 219 encryption keys.

The transmission cost from the key server to a user depends on the maximum number ofusers and what fingerprint code will be used to support these users. When a user registers tothe system, the key server assigns him a sequence of complete keys (P, ω, 〈dl, Vl〉Il=1) andincomplete keys (P, ω, 〈⊗,⊕〉, 〈d2, V2〉, . . . , 〈dI , VI〉) according to his fingerprint code.The maximum bit-size of complete keys or incomplete keys is[2log2P + I(Ie + e + 2)]-bit sincedi is at most(e + 1)-bit and Vi is at most(Ie + 1)-bit. Assume there exist104 users supported by an affine place code. The code length is about104-bit. Usingthe above-mentioned parameters, the key server needs to transmit the sequence of about[2 × 197 + 16(16 × 8 + 8 + 2)] × 104 ≈ 3.1MB to each user. If using a unital code tosupport104 users, the key server only transmits the sequence of about0.3MB to each user.

2. Overhead of Ciphertext Compared with PlaintextAssume the multimedia content be MPEG-1 video (320× 240 pixels, 15 frames per GOP,30 frames per second). The video is encrypted through encrypting the non-zero AC co-efficients of I-frame. The raw size of I-frame is320 × 240 × 3 = 225KB. Letting thecompression ratio be10 : 1, the file size of frame would be reduced into about 23KB.With HP cryptosystem, a plaintextm = (m1,m2, . . . , mI), for eachmi is e-bit, will bechanged into a large integerc. The bit-size ofcmax, which is the maximum value of thec, is (log2P + e + log2I)-bit. Assume that there exist 16 (I = 16) non-zero AC coef-ficients in each compressed block and each AC coefficient is 8-bit (e = 8), one blockwould be changed into about 209-bit integer by HP cryptosystem withP of 197-bit. Thereexist 1200 blocks in a frame of320 × 240 pixels, so the size of encrypted I-frame will be1200×209/8 = 31350bytes≈ 31KB. Then the overhead cost is about(31−23)×2 = 16KBbecause there are two I-frames per second, which means that it needs additional 128kbpsas the overhead.

3.5.4 Security

The security of our proposed architecture relies on cryptographic security and collusion resistanceof fingerprint code. The security of HP cryptosystem is discussed in [28] and collusion resistanceof anti-collusion code is shown in [19].

Anti-collusion codes are designed under Marking Assumption which may not always holdwhen fingerprinting digital contents. The main reason is that different fingerprint bits can be em-bedded in overlapped regions of an image through spread-spectrum techniques, and such “spread-ing” can make it possible for colluders to change fingerprint bits even if they are the same. As

51


a countermeasure, we embed one fingerprint bit into one (or more) block, which lead to differ-ent fingerprint bits are corresponding to different blocks. In this case, Marking Assumption holdswhen colluders conduct averaging attacks, which are easy to manipulate from the point of view ofcolluders. Under Marking Assumption, our proposed scheme is robust against collusion attacksattributing to anti-collusion code.

Anti-collusion codes trace or identify colluders based on the fact that the number and loca-tions of fingerprint bit “1” in any colluded code are unique. Here, a fingerprint bit “1” is denotedby a completely decrypted block (including no un-decrypted coefficients) and a fingerprint bit“0” is denoted by an incompletely decrypted block (including one or more un-decrypted coeffi-cients). Thus, colluders have to sacrifice the visual quality of their fingerprinted contents if theyattempt to remove or change fingerprint bit “1”.

Besides the collusion of fingerprinted contents as above mentioned, there exists collusion ofdecryption keys. To resist against such collusion, each decryption key (secret key) is stored in atamper-proof device (e.g., IC cards).

There exist attacks to video such as frame dropping, frame swapping and so on, which arenot considered here. From the above analyses, we consider our scheme is feasible and realisticfor implementing.

3.6 Chapter Summary and Future work

In this chapter, we presented a public-key cryptosystem based JFD to embed the anti-collusioncodes, which is able to protect image/video from unauthorized viewing and unauthorized redistri-bution. We also provided a concrete scheme, integrating anti-collusion code with HP cryptosys-tem, which can provide higher security and better trade-off between image/video encryption andfingerprinting imperceptibility than existing work, JFD. How to match code designing with codeembedding is considered, which helps enhance the resistance against collusion of fingerprintedimage/video. Experimental results showed that the embedded ACC codes can play a full rolein tracing illegal users. Further, we showed the concrete scheme is feasible and realistic to im-plement with respect to computation/transmission costs, which implies our target system can berealized based on it.

Our mechanism is built on public-key cryptosystem. In comparison with the well-knownPKC: RSA, ElGamal and Elliptic Curve, HP cryptosystem is a high-speed PKC. One of its sim-plest schemes implementing HP cryptosystem is reported to be fast and comparable to secret-keycryptosystem DES [16]. Further, a large amount of different encryption keys can be easily derivedfrom a small group of keys with HP cryptosystem. However, there lacks variation in decryptionkeys, which make our scheme fragile against the key collusion attack. As a future work, how totransmit decryption keys and how to prevent colluders from generating pirate keys should be con-sidered. In addition to the average collusion attacks, there exist some other collusion attacks like

52


combinatorial collusion attacks, in which a number of colluders can collect their completely de-crypted blocks and combine them to compose a clean copy without fingerprints. How to improveresistance against such collusion attacks and the related security analyses should be discussed infuture.

53

CHAPTER 4

FINGERPRINTING3D MODEL BASED ON

MESH COMPLEXITY

As a relatively new kind of multimedia, the production or acquisition of 3D models usuallyinvolves a huge amount of manpower and expertise. It is necessary to protect them from unau-thorized distribution. Since 3D model has different nature of data from image/video, the water-marking/fingerprinting approaches for image/video can not be directly applied to 3D model. Inthis chapter, we propose a novel robust watermarking approach and apply it to fingerprinting 3Dmodel with the proposed anti-collusion codes. Without special claim, fingerprinting 3D modelis equivalent to watermarking 3D model when unique user information (e.g., fingerprints), as awatermark, is embedded into 3D model.

4.1 Introduction of Fingerprinting 3D modelThree-dimensional (3D) model has recently met an increasing success since its applications havebeen broadcast worldwide over the Internet. Such applications are varied and range from theentertainment industry (animation movies, video games, cultural heritage exposition in mixedor virtual reality) to the technical or scientific world (medical imaging, Computer Aided Design(CAD), physical simulations). Indeed, 3D model is digital representation of a shape in the 3Dspace and is particularly well suited for the visualization of complex scientific data, e.g. productdesign, virtual synthetic simulation, planning determination etc.

The production or acquisition of 3D model usually involves a huge amount of investment interms of cost, time and human efforts, so that content owners (providers) would like to compen-sate through licensed distribution. Digital Rights Management (DRM) now is able to providedifferent kinds of licenses, e.g. from the full licensed distribution with all functionalities to the

55

4. Fingerprinting 3D Model Based on Mesh Complexity

free largely distributed version but with limited functionalities. However, similar to digital image,audio or video files, DRM systems still fail to protect copyrighted 3D model against piracy (i.e.,unauthorized copy and unauthorized distribution). This fact is mostly due to the evolution fromthe analog to the digital world and the subsequent ease of copying, distributing and consumingmultimedia content.

With the rapid growth of the Internet, people can exchange and share 3D data which containa lot of valuable information about creative idea without the limitation of space. For example,through Second Life (http://secondlife.com/whatis/) which is a 3D virtual world, you can createanything you can imagine with powerful, highly flexible building tools, using geometric primi-tives and a simple, intuitive interface. Once you’ve built something, you can sell it to or trade itwith other users from around the globe. The Second Life provides a new business opportunityfor 3D data, but also brings the danger of unauthorized redistribution of 3D data even if theyhave been purchased legally. Let ’s give another example. In the design reviewing process ofmanufacturing industry, it is convenient for designer to transmit a 3D model over the network toclients who are in remote environment to view the design of the 3D model such as car model.It is not necessary to co-locate reviewers (designer and the clients). However, not all clients aretrustful and a client may leak the 3D model to a competitor. Simply speaking, the media thatallow people to share their created contents also facilitates the sharing of fraudulent contents.Protecting 3D model from unauthorized copy and unauthorized distribution is crucial issue.

Digital fingerprinting provides a solution to the above problems, where the unique user (orclient) information such as fingerprints is embedded into each user ’s copy of 3D model and whena suspect model appears, user information is extracted to help trace or indentify illegal users. Theembedded fingerprints are transparent for honest users and will not interfere with the intendeduse of 3D model.

In current 3D model applications including the above-mentioned, there only exist hundredsof users and a few potential colluders. This is different from many video applications wherethe number of users is in the order of thousands or tens of thousands, and therefore, the numberof potential colluders is in the order of dozens or hundreds. Consequently, we target to realizea secure internet-based distributing system where 3D model can be transmitted from a singlecontent provider to hundreds of users and a few users who illegally redistribute their modelsor colluded models can be traced. Due to low data volume, unicasting each fingerprinted copyis feasible in 3D model applications. Most of the existing work ([37],[4],[5], etc.) focuses onwatermarking 3D model rather than fingerprinting 3D model. So we devote to proposing robustfingerprinting approach for 3D model, which serves to realize our target system.

Digital fingerprinting is one application of digital watermarking. Digital watermarking is atechnology designed to embed specific information in host data for copyright protection (robustwatermarking) or authentication of host data (fragile watermarking), where the specific informa-

56


tion is called a watermark. The requirements of fragile watermarking are to detect the slightestunauthorized modifications and locate the changed regions. In contrast, the design goal of robustwatermarking is to make the embedded watermark remain detectable after being attacked. Toidentify each user and trace colluders (illegal users who are involved in the unauthorized distri-bution of 3D model), unique user information (e.g., ID or fingerprints) is taken as a watermarkand embedded into 3D model in a robust watermarking way. In such case, digital watermarkingis called digital fingerprinting. Digital fingerprinting (or watermarking) has to treat a triangletrade-off among robustness, imperceptibility and capacity. Robustness means the embedded fin-gerprint is undeletable unless the host data is rendered unusable and can survive any attacks.Imperceptibility means the embedding must not interfere with the intended use of 3D model likeviewing. Capacity means an embedding approach should be able to embed sufficient amount ofinformation into 3D model. Such a triangle trade-off must be carefully chosen depending on theapplication. For instance, if one needs more robust embedding, the amount of data that can beembedded is reduced.

According to the detection strategies, fingerprinting (or watermarking) schemes can be clas-sified into blind and non-blind schemes. A blind one extracts the embedded fingerprint in theabsence of the original model while a non-blind one needs the original model. Blind fingerprint-ing schemes are more desirable for practical usage and convenience than non-blind ones due totheir lower computational costs and being able to work without the original model. However,they are more difficult and currently less robust and reliable than non-blind ones. Non-blindfingerprinting schemes are much more robust because they can synchronize the fingerprinted(fingerprint is already embedded) and original versions of the same model so as to know exactlywhere the fingerprint should be hidden. We use fingerprints to identify and trace colluders andhigh level of robustness is more crucial than real-time processing. That is, the high computationalcost is tolerable for traitor tracing applications especially when the embedding and detection offingerprints can be performed off-line. Hence, we adopt a non-blind fingerprinting scheme de-spite that the comparison between the fingerprinted model and original model may lead to highcomputational cost.

4.1.1 Challenge to Fingerprinting 3D Model

3D model approximate continuous surface and is commonly represented by 3D mesh. A 3Dmesh is composed of two parts: the geometry and the topology (or connectivity). The geometrydescribes how the samples of the surface, i.e., the points (vertices) of the surface, are distributedin space. The topology describes the relationship among the vertices as they are connected toform the surface, which represents a piecewise linear approximation of the continuous surface.

Compared to other audiovisual multimedia such as image and video, 3D fingerprinting (orwatermarking) is relatively new and is not yet a mature technology. The design of fingerprinting(or watermarking) techniques for 3D polygonal or mesh model is particularly challenging. Unlike

57


image which is generally represented by a 2D array of pixels, no unique representation exists fora 3D model and no implicit ordering of model data exists. In addition, a 3D mesh model typicallyconsists of a few thousand vertices compared with an image which typically consists of over tensof thousands of pixels. In other words, for a 3D polygonal model, only a low volume of data isavailable for embedding the fingerprint (watermark). For these problems, the fingerprinting (orwatermarking) approaches for image/video can not be directly applied to 3D model.

To address the above-mentioned problems, this chapter devotes to providing a novel finger-printing approach to embed the anti-collusion codes proposed in Chapter 2 in 3D model. Theembedded anti-collusion code is supposed to play a full role in tracing illegal users and the fin-gerprinting approach is supposed to resist against not only collusion attacks but also maliciousattacks from an individual user.

4.1.2 Related Work on Watermarking 3D Model

Most of the existing research on 3D model is to provide watermarking approach, which mainlyfocuses on fighting against four kinds of common attacks from an individual user (an attacker).

• Geometric TransformationsGeometric transformations such as parallel translation, rotation, scaling are used in com-puter graphics to position a 3D model inside a scene. Intentional attacks like, attackerssometimes apply affine transformation to destroy the embedded watermark.

• Additive Random NoiseVertex coordinates are unavoidably perturbed due to the error derived from floating point’sexpression or decimal fraction’s omitting when data format conversion is employed fre-quently. Besides, attackers may intentionally add random noise to vertex coordinates forerasing the embedded watermark.

• CroppingSituation where the attacker only takes a part of the model rather than the whole one iscalled cropping attack here.

• Mesh SimplificationMesh simplification means that the number of triangles is decreased while the shape is keptunchangeable. In order to erase the embedded watermark or achieve adequate renderingspeed, attackers maybe apply mesh simplifications.

In addition, a composite of these attacks is also applied to destroy the embedded watermark.The related work is examined from the viewpoint of their robustness against these attacks.

The previous work on watermarking 3D model can be classified into two groups accord-ing to their operating fields. One group includes approaches which embed watermark directly

58


in the spatial (non-transformed) domain ([37][38][2][14][4][5]), and the other group includesapproaches which operate in the transformed (e.g., frequency, wavelet, basis function, etc.) do-main ([9][24][39][11][49][47]). Despite the previous 3D transformed domain watermarking ap-proaches already exhibit better robustness, they are often either limited to specific mesh (e.g.,the input mesh is restricted to have prerequisite semi-regular subdivision connectivity) or notdesirable for large mesh due to the involved complicated numerical computations.

The pioneer work of watermarking 3D model (Ohbuchi et al [37]) appeared in 1997, whichembedded watermark into model by modifying vertex coordinates, vertex topologies, or both.It is robust against a class of geometric transformation (e.g., affine transformation) by adoptinggeometric transformation invariants. But it can not withstand coordinate noise and mesh altering.

Benedens [2] also proposed a spatial domain approach to watermark 3D model by modify-ing normal distribution of the whole model. It is robust against mesh altering (especially meshsimplification) because normal distribution of the whole model is independent of any particularmesh representation. However, it is not robust against cropping since the entire model is used forgenerating normal distribution.

Adrian [4] (extension of Harte [14]) embedded watermarks repeatedly into 3D mesh graphicalobjects by using local structure such as parallel planes and bounding ellipsoids, which is robustagainst cropping because of the localized and repetitive embedding. However, it is not robustagainst the mesh topology altering because the selection and ordering of vertices which are usedfor embedding rely on the mesh connectivity.

Cho [5] proposed two blind watermarking methods for 3D polygonal mesh model. Onemethod is to shift the mean value of the distribution of vertex norms and another is to changethe variance of the distribution of vertex norms according to the watermark bit to be embedded.The vertex norm represents the distance between each vertex and the center of gravity of themodel. Both proposed methods are perfectly robust against distortionless attacks such as vertexreordering and similarity transforms since the distribution of vertex norms is invariant to them.Moreover, they are fairly robust against various kinds of distortion attacks, in particular, sim-plification and subdivision operations since the distribution of vertex norms is less sensitive tovarious distortion ones with local geometric alterations. However, they are very vulnerable toboth cropping attacks that cause severe alteration to the center of gravity of the model and affineattacks that lead to severe change to the distribution of vertex norms.

Until now, there has been almost no spatial domain approach which is robust against all fourtypes of the attacks above. For example, some methods resist against geometrical attacks but notagainst noise and mesh altering attacks. Others are robust to noise and mesh altering attacks butnot to cropping. As forensic evidence, the embedded fingerprint should be able to survive any ofthese attacks and their combinations when they do not significantly degrade visual quality of a3D model. In addition, almost no research discusses resistance against collusion attacks, which is

59


possible to occur for 3D model. In this chapter, we propose a novel spatial domain watermarkingapproach and apply it to fingerprinting 3D model robust to all four types of attacks as well ascollusion attacks.

4.2 Mesh ComplexityWe concentrate on fingerprinting 3D triangular mesh models since they are easily derived fromother surface representation and are widely supported by today’s graphics hardware. The pro-posed fingerprinting approach is also applicable to a wide range of model representation. 3Dmodel is digital representation of a shape, which consists of vertices and triangles. A vertex isdenoted with Cartesian coordinate(x, y, z) and a triangle, which is also called a patch here, con-sists of three vertices. The only restriction on 3D triangular mesh is that model is well-formed,i.e., there is no overlap of patch, disconnected vertex, patch inside a model, etc. Two conceptsabout shape are defined below:

• Complex shape: the shape where the mesh structure is complex, in detail, there are lots ofsmall patches and their normal vectors change frequently (or irregularly);

• Featured shape: the shape with specific feature or unique identifiable feature which iscontinuous in space and can be used to distinguish it from others. For example, a triceratopscan be easily identified by its head, but can not be identified by its leg. So we think thattriceratops head is featured shape and its leg is not.

Given a 3D mesh model, we focus on protecting its featured shape (or part). The meshstructure of featured shape is either complex (elaborate) or simple. For the relatively simpleone, it is considered that attackers tend to create it by themselves rather than risk pirating. Incontrast, the complex one is considered to be easily pirated due to the difficulty in creating. Thus,the complex featured shape is the shape that we intend to protect. We devise a fingerprintingapproach which embeds fingerprint bits into the complex shape as redundantly as possible.

We roughly estimate shape complexity as follows. Assume that a well-formed shapeS con-sists ofh verticesv1(x1, y1, z1), v2(x2, y2, z2), . . ., vh(xh, yh, zh) andg patches (triangles)∆1,∆2, . . ., ∆g. Let A1, A2,. . ., Ag be area of these patches (i.e., area of triangles) and−→r 1,

−→r 2, . . .,−→r g be normal vector of these patches respectively.αij (0 ≤ αij < π; i = 1, 2, . . . , g − 1; j =

i+1, i+2, . . . , g) indicates the angle between−→r i and−→r j. Then shape complexity ofS is definedasΩ.

Ω =α∑g

i=1 Ai

(4.1)

Where,α is average ofαij (i = 1, 2, . . . , g − 1; j = i + 1, i + 2, . . . , g). Intuitively, “shapecomplexity” implies how complex the shape is. It is easy to see that the shape with largerΩ

seems more complex than one with smallerΩ.

60


“Shape complexity” characterizes the local geometric feature of a 3D model. In general, a 3Dmodel can be represented by an infinite number of triangular mesh representations without signif-icantly altering its perceived quality. To be independent of mesh connectivity, we consider usingvertex rather than patch for embedding. One vertex is sensitive to local geometric alterations,so we embed one fingerprint bit into a group of vertices, derived from an embedding primitivewhich is formed by grouping patches.

The shape is related to the geometrical appearance of the model. We consider the geometricattribute, aspect ratio, to be the most important contributor to visual quality. To enhance theresistance to geometric transformation like affine transformation, it is preferable to apply affineinvariant to embedding. With regards to the aspect ratio, we build an affine invariant basedon the ratio between the length of vector that extends from the model center to an embeddingprimitive center and the model size. The model center/embedding primitive center is defined asthe point whose coordinate is a mean value of coordinates of vertices included in the model/theembedding primitive. Such an affine invariant helps to realize that the embedded fingerprintcannot be destroyed without loss of visual quality.

The idea behind using robust fingerprinting for traitor tracing consists in that a 3D modelowner (or provider) can identify and trace an illegal user by extracting his fingerprint from thepirated model and then sue the illegal user for copyright infringement. Different from cryptogra-phy techniques which transform the multimedia content into an enciphered, unintelligible formfor secure transmission, watermarking (fingerprinting) techniques embed a watermark (finger-print) into the multimedia content without noticeable distortion of the quality of the multimediacontent. A watermarking technique is regarded as “secure” if knowing the exact algorithms forembedding and extracting the watermark does not help an unauthorized user to detect the pres-ence of the watermark or remove it. In particular, watermarking security is not concerned withthe semantics of the watermark bits, but solely with the physical presence of the watermark bits(referring to [22] for more details). Here, we mainly concentrate on how to embed/detect thefingerprint code proposed in Chapter 2 in/from 3D model.

4.3 Fingerprint EmbeddingWe devise a fingerprinting approach by which fingerprint bits are automatically embedded intothe complex shape as redundantly as possible.

4.3.1 Constructing Embedding Primitive

For a 3D triangular mesh model, we say patch (or triangle)ti is an adjacent patch oftj or tj is anadjacent patch ofti if ti andtj share a common edge.

For brevity, we first give several definitions which are related to a collection of adjacentpatches.

Definition and Constructing Procedure ofRk: Given a patcht (initial patch).

61


Figure 4.1: An Example forRk, k = 1, 2.

• R0 = t;

• Rk = patches : not included in Rj (j < k) and adjacent to at least one of Rk−1,which is generated by breadth-first search algorithm that begins at theR0 and searches allthe next adjacent patches (see Figure 4.1);

• Patches inRk are ordered in ascending order according to angles between them and thegiven patcht, which are calculated through normal vectors. Without loss of generality,let Rk = tk1, tk2, . . . , tkl. Then, for∀s, Angle(tks, t) < Angle(tks+1, t). Angle(tks, t)

denotes the angle between patchtks and the given patcht.

Definition and Constructing Procedure of ordered patchti(i = 1, 2, . . .): Assume thesequenceR0, R1, . . . as follows (eachRk is ordered set).

t1︸︷︷︸R0

t2 t3 t4︸︷︷︸R1

t5 t6 t7 t8 t9︸︷︷︸R2

t10 t11 t12 t13 t14 t15 t16 t17 t18︸︷︷︸R3

. . . . . .

Definition and Constructing Procedure ofCm:

Cm = t1, t2, . . . , tmDefinition of embedding primitive P (n, θ): Given thresholdn andθ. Let P (n, θ) = Cm,

whereCm is one which contains the minimum number of patches and satisfies the followingequation (4.2).

m ≥ n

Angle(tm+1, t) > θ(4.2)

62


(a)Embedding Primitive (b)Affine Invariant

Figure 4.2: Fingerprint Embedding

Procedure of constructingP (n, θ):

Step1: Determine the initial patcht. Here, the initial patch is specified as a patch with themaximum distance from its center to the model center;

Step2: ConstructP (n, θ);

Step3: From the patch which has not been included in the above constructed embedding primi-tives, Continue Step1 until the number of unincluded patches is smaller thann.

The constructed embedding primitiveP (n, θ) is illustrated in Figure 4.2(a). That is, an em-bedding primitive is a collection of adjacent patches, which is constructed by limiting the numberof patches and the angle among normal vectors of adjacent patches.

To be independent from one particular mesh representation (or mesh connectivity), we con-sider using the vertices included in an embedding primitive to embed one fingerprint bit, regard-less of how they are connected. Such a group of vertices is referred to as a vertex cluster andthe cluster center is defined as the point whose coordinate is the mean value of coordinates ofvertices included in the vertex cluster. As the number of vertices included in a cluster decreases,the cluster center deviates easily under noise attacks or mesh simplification attacks. The devia-tion of the cluster center may result in incorrect detection. In other words, with the decrease ofthe number of vertices included in an embedding primitive, the resistance against noise and meshsimplification attacks becomes lower. Accordingly, an embedding primitive with fewer verticesis considered to be unsuitable, and it is better not use it for embedding.

Given a certainn, more embedding primitives can be generated on the relatively complexshape where the shape complexityΩ is larger. Suppose there exist two shapes with the samenumber of patches but different shape complexityΩ. For the shape with the largerΩ, fewerpatches are included into one embedding primitive due to the restriction ofP (n, θ) = Cm (re-ferring to the equation (4.2)). Equivalently, more embedding primitives can be generated on theshape with the largerΩ than the one with smallerΩ. This leads to that more fingerprint bits canbe embedded into the complex shape in comparison with relatively simple one.

63


One embedding primitive is used to embed one fingerprint bit. If every embedding primitive isprocessed for fingerprint embedding, the capacity isL bits, whereL is the number of embeddingprimitives. On a 3D model with a fixed number of patches, fewer patches are included intoone embedding primitive for the smallern andθ. Correspondingly, the number of embeddingprimitives will increase. Thus, the smaller the value ofn andθ is, the larger the capacity is.

4.3.2 Constructing Embedding Field

In the case of cropping, one or several complex featured parts of the model are easy to be pirateddue to the difficulty in creating them. To resist against the cropping, one solution is to embed thecodeword (or fingerprint which is a sequence of fingerprint bits) into such a part at least once.Thus, the illegal users can be traced back even if only one part of the model is pirated. Sincea well-formed 3D model is continuous in space, it is desirable to gather embedding primitives,which are close to each other in space, to embed the codeword. Here, the continuous region ofthe 3D model, which includes embedding primitives and the codeword is embedded in only once,is called an embedding field.

We construct an embedding field as follows. The initial embedding field is specified as theembedding primitive which has the largest complexityΩ, so the embedding field center is the em-bedding primitive center. One embedding primitive is grouped into the embedding field with theminimum Euclidean distance between the embedding field center and the embedding primitivecenter. Update the embedding field center which is mean value of vertices included in the embed-ding field. And then, the grouping and updating process is iterated untill embedding primitiveswould be grouped into one embedding field, assuming the codeword isl-bit. In the same way,other embedding fields could be constructed from the embedding primitive which has not beenincluded in the above constructed embedding field. Given a complex featured part, the codewordcan be repeatedly embeddedf times if f embedding fields can be generated. Only if one em-bedding field is included in such a complex featured part, its copyright can be asserted when it ispirated.

4.3.3 Employing Affine Invariant to Embed

Ratio of the lengths of two segments of a straight line is invariant to affine transformation andparallel lines are still parallel lines under affine transformation. It is proved that ratio of thelengths of two segments on parallel lines is also invariant to affine transformation.

As shown on Figure 4.2(b), where,

o = (x0, y0, z0): center of model,

op = (xp, yp, zp): center of embedding primitivePi,

(bx, by, bz): size of bounding box of model,

64


−→oop = (xp − x0, yp − y0, zp − z0) = (dx, dy, dz): vector fromo to op.

Obviously,dx/bx, dy/by anddz/bz are ratios of the lengths of two segments on parallel lines,which are invariant to affine transformation. We refer todx/bx, dy/by anddz/bz as componentsratio and employ them to embed.

4.3.4 Embedding Fingerprint Bit “0” or “1”

Assume that

v1, v2, . . . , vp: vertices of embedding primitivePi,

op = (xp, yp, zp) = (1/p)∑p

i=1 vi: center of embedding primitivePi,

v′1, v

′2, . . . , v

′p: vertices ofP

′i which is achieved by modifying vertices ofPi,

o′p = (x

′p, y

′p, z

′p) = (1/p)

∑pi=1 v

′i: center of embedding primitiveP

′i .

We embed bit “1” by increasing components ratio and embed bit “0” by decreasing compo-nents ratio without considering sign of plus or minus. This procedure is formulated as follows.

dx/bx → r ∗ dx/bx

dy/by → r ∗ dy/by

dz/bz → r ∗ dz/bz

(4.3)

where,

r > 1 if wi = 1

0 < r < 1 if wi = 0(4.4)

wi is a fingerprint bit “0” or “1”. To increase or decrease components ratio, the vertices includedin the embedding primitive are modified while the model center remain unchanged. Based onthe model center, the fingerprinted model (maybe degraded) can be brought back to the samelocation as the original model in the procedure of fingerprint detection.

From the equation (4.3) and−→oop = (xp − x0, yp − y0, zp − z0) = (dx, dy, dz), the center offingerprinted primitiveP

′i is easily located byo

′p = r ∗ (op − o) + o . Then the shift of the

embedding primitive center is∆o = o

′p − op = (1− r) ∗ (o− op).

By o′p = (1/p) ∗ ∑p

i=1 v′i andop = (1/p) ∗ ∑p

i=1 vi, the vertexvi will be modified to bev′i

according to

v′i = vi + ∆o = vi + (1− r) ∗ (o− op) (4.5)

65


The equation (4.5) shows that the displacement of a vertex increases with|1 − r| growing.In the meantime, the visual quality of fingerprinted model is inclined to be degraded with larger|1− r|.

One fingerprint bit is embedded by modifying vertices included in an embedding primitive.However, one vertex may be grouped into different embedding primitives due to that one vertexmay belong to two different patches. For a vertexv which is included inPi andPj, we don’tmodify v of Pj if it has been modified inPi.

In the fingerprint embedding procedure, the causality problem arises because variables usedin precedent steps, such as the angles among normal vectors are probably changed after finger-print embedding. So some errors will possibly occur when reconstructing embedding primitivesat the fingerprint detection. For a precise detection, we have to keep a record of the original infor-mation, what and how many vertices are involved in each embedding primitive. More detailedly,assigning a unique ID to each vertex of the original model, an embedding primitivePi is recordedasi1, i2, . . . , in wherei1, i2, . . . , in are the IDs of vertices involved into thePi.

Several reasons for why this approach is robust against random noise and mesh simplificationattacks are given below.

• Random NoiseThe additive random noise of vertex coordinates is averaged when the embedding primitivecenter is calculated, which counteracts the influence of noise to some extent. The resistanceagainst noise becomes more robust when the number of vertices which are used to embedone fingerprint bit is increasing.

Theoretically, the embedded fingerprint bits can be extracted correctly only if the displace-ment of vertices caused by fingerprinting is greater than the displacement caused by randomnoise, which provides the permitted range of random noise.

• Mesh SimplificationThe components ratio is built on the embedding primitive center, the average value of vertexcoordinates instead of the number and connectivity of vertices. Despite that some verticesare removed by simplification, the embedding primitive center might remain relatively un-changed if the mesh simplification attacks preserve the shape reasonably well. Note thatpreserving the shape after attacking is also a requirement for attackers who intend to usethe model. So our embedding approach exhibits robustness against the mesh alteration.

4.4 Fingerprint DetectionWhen a suspect model appears, we can determine whether it is a real pirated version by detectingthe embedded fingerprint is present or absent. The location, orientation and size of the suspectmodel might be changed by an intentional or unintentional attack, so it should be brought back

66


to the same location and size as the original model prior to fingerprint detection. This procedureis also called registration of the suspect model with the original model.

The aim of an attacker is to eliminate, remove or lower the effectiveness of the fingerprintwithout loss of visual quality. On the premise that attacks preserve the shape reasonably well,the statistical properties of the suspect model, such as principal axes of inertia, should remainrelatively unchanged to the original model. We attempt to register the suspect model as follows.First, rotate and orientate the suspect model so that its principal axes of inertia and orientationcoincide with the ones of the original model. Then, scale the suspect model to make its boundingbox have the same size as the original model. Last, translate the suspect model in order to matchits center with the one of the original model. Such registration is an iterative process minimizingthe distance from vertices of the suspect model to patches of the original model by using theleast square method. The registration process does not require vertex-to-vertex correspondence.In the case of cropping, manual interaction is needed because the variables used in registrationprocess, such as principal axes of inertia, bounding box size and model center might be changeddifferently.

Assume that the original model isM and the suspect model isM∗. For the suspect modelM∗ which has already been registered, we implement the following procedures.

1. Determine the ID of vertexv∗ of M∗.Find out the vertexv onM which satisfying

d(v∗, v) = minvj∈M

d(v∗, vj) (4.6)

and assign the ID ofv to vertexv∗. Where,d(v∗, vj) means the Euclidean distance fromv∗

to vj.

2. Group the vertices ofM∗ into the embedding primitivesP ∗i (i = 1, 2, . . .).

For each embedding primitivePi of M , without loss of generality, letPi = i1, . . . , in. Pi

is easily obtained from the recorded original information mentioned previously.i1, . . . , in

denote the IDs of vertices included intoPi.

Group the vertices ofM∗ into P ∗i (P ∗

i corresponds toPi) if their IDs (determined by equa-tion (4.6)) are in the seti1, . . . , in. SupposeP ∗

i includes verticesv∗ij1, . . . , v∗ijm of M∗.Noticem < n after mesh simplification attacks.

3. Use the the center of original model as the center of the suspect model, calculate the dis-tance fromo∗p to the center of original modelo and denote it as||oo∗p||. Where,o is thecenter of original model ando∗p is the center of the embedding primitiveP ∗

i .

4. Compare||oo∗p|| with corresponding distance||oop|| and extract the fingerprint bit. The

67


extracted “1”s and “0”s constitute a bit sequence according to embedding positions.

wi = 1 if ||oo∗p|| > ||oop||wi = 0 if ||oo∗p|| < ||oop|| (4.7)

5. Compute the correlation between the extracted bit sequence and the original fingerprint bitsequence (codeword) by using the following equation.

Corr(w∗, w) =

l∑i=1

(w∗i − w∗)(wi − w)

√√√√l∑

i=1

(w∗i − w∗)2

l∑i=1

(wi − w)2

(4.8)

w∗ = (w∗1, w

∗2, . . . , w

∗l ) is the extracted bit sequence,w = (w1, w2, . . . , wl) is the original

fingerprint bit sequence,l is the length of the fingerprint bit sequence,w∗ is the mean valueof w∗ andw is the mean value ofw. If the correlation valueCorr(w∗, w) exceeds a giventhreshold, we conclude that the original fingerprint is presented in the suspect model.

Our approach is a kind of non-blind fingerprinting, that is, the detection procedure requires theoriginal model as well as the fingerprint.

4.5 Experiments and Results

4.5.1 Overall Performance

We evaluate the performance of the fingerprinting approach, which include capacity, impercep-tibility and robustness against the four types of common attacks as well as collusion attacks. Inour implementation, a triceratops model showed on Figure 4.3(a) was used as an example oforiginal model which consists of 2833 vertices and 5661 patches. Since the low volume of datais available for embedding fingerprint bits, we only can embed a(232, 23, 1)-affine code whichsupports23 × 24 = 552 users with232 = 529-bit, or a (83 + 1, 8 + 1, 1)-unital code whichsupports82(82 − 8 + 1) = 3648 users with83 + 1 = 513-bit. In 3D model applications asabove-mentioned, it would be sufficient to trace a few colluders among hundreds of users. Thus,our proposed unital and affine plane codes are feasible here. In addition, we can employ methodlike subdivision or remeshing to increase vertices and patches, so as to embed more fingerprintbits.

For simplicity, we test our fingerprint approach through an affine plane code with small pa-rameter values. We used the same affine plane code as Chapter 3 whose code-matrix is shown inequation 3.14. Similarly, the column vectors ofΩ are assigned to users as their fingerprint bits,i.e., thei-th column vector ofΩ is useri’s code. Then, it can support 20 users with code length

68


Figure 4.3: (a) Original Model, (b) Embedding Primitive and (c) Fingerprinted model

of 16 fingerprint bits and uniquely identify up to 3 colluders. The appearance of fingerprintedtriceratops can hardly be distinguished from the original triceratops while|1 − r| ∈ (0, 1/100).An example of results for the triceratops model is shown on Figure 4.3(c), user 1 ’s codeword orfingerprint(0 0 0 0 1 1 1 1 1 1 1 1 1 1 1 1 ) is embedded repeatedly with parametern = 6,θ = 30 and|1− r| = 1/1000.

4.5.2 Capacity

Our experimental data have shown that fewer patches were used for embedding one fingerprintbit on relatively complex region (e.g., head) than simple region (e.g., back), which is illustratedon Figure 4.3(b), where one color represents one embedding primitive. So more fingerprint bitsare embedded into relatively complex region due to the fact that fewer patches are used to embedone fingerprint bit.

Using Ω to estimate the shape complexity of embedding primitives, the tendency that rela-tively complex embedding primitives have largerΩ than simple ones is reflected. For the originalmodel shown on Figure 4.3(a), we consider relatively complex embedding primitives as embed-ding primitives which contain patches less than 10 and the average angle of normal vectors isgreater than45. TheΩ of such complex embedding primitives is varying betweenO(104) andO(105). For relatively simple embedding primitives which contain about 30 patches and the aver-age angle of normal vectors is less than30, theΩ is varying betweenO(102) andO(103). DespitethatΩ is only a rough estimation, it provides a way to examine the shape from an objective view.

We also tested that the smaller the value ofn or θ is, the larger the capacity is (Figure 4.4(a)and (b)). Theoretically speaking, the larger the value ofn or θ is, the more robust the resistanceto random noise and mesh simplification are.

4.5.3 Imperceptiblity

It is hard to evaluate the perceptible distortion introduced by fingerprinting. So we operate asfollows: compare the fingerprinted model (to which certain|1 − r| is applied) with the originalmodel and detect if distortions occur or not. Decrease|1 − r| until distortions are not perceivedand increase|1 − r| until distortions are perceived. By repetitively performing an interactive

69


(a) Capacity andn (θ = 0) (b) Capacity andθ (n = 1)

Figure 4.4: Capacity with Parameters

visual comparison between the fingerprinted and the original model, the discrimination thresholdof |1 − r| can be obtained. When|1 − r| exceeds the discrimination threshold, the distortionis just noticeable. Such threshold is the maximum of|1 − r| which does not result in visualdistortion. On the premise that no visual distortions occur, the highest robustness against noisecan be achieved when applying such threshold to embed the fingerprint.

4.5.4 Robustness Against Attacks

Without special claim, we tested the robustness against attacks on the user 1 ’s fingerprintedmodel shown on Figure 4.3(c) under the parametern = 6, θ = 30 and|1−r| = 1/1000. It shouldbe pointed out that the robustness changes with these parameters. For instance, the resistance tomesh simplification can be improved by employing largern andθ while the robustness againstcropping attacks might be weakened.

• Affine TransformationWe combine rotation and expansion to simulate affine transformation. The rotation is de-scribed by rotation angleγ around axis (x, y or z axis), and the expansion is described byscale vectors = (sx, sy, sz), which represents scaling in thex, y andz axis direction.

We transformed the fingerprinted model by employingγ1 = 120 aroundx axis ands1 =

(1, 2, 3), γ2 = 30 aroundx axis ands2 = (0.1, 2, 0.5), γ3 = 90 aroundy axis ands3 = (3, 2, 1), and so on, no extraction error occurred even if visual distortions showremarkable sometimes (e.g., two transformed models are shown on Figure 4.5).

• Additive Random Noise of VertexWe embedded user 1 ’s fingerprint(0 0 0 0 1 1 1 1 1 1 1 1 1 1 1 1 ) into the modeltriceratops with|1 − r| = 0.01 (Figure 4.6 (a) and (b)). Then added Gaussian noises of

70


(a) Affine Transformation withγ1 = 120 (b) Affine Transformation withγ1 = 90

aroundx axis ands1 = (1, 2, 3) aroundy axis ands2 = (3, 2, 1)

Figure 4.5: Experimental Results under Affine Transformation Attacks

(a) Original Model (b) Fingerprinted Model (c) Additive Gaussian Noise

with |1− r| = 0.01 Noise Amplitude is0.008

Figure 4.6: Experimental Results under Noise Attack

amplitude0.0125, 0.01 and0.008 to test the resistance. For each case, we tested twice byapplying different noises with the same amplitude and the experimental results are shownin Table 4.1. The bit error rate is the ratio of the number of bits incorrectly extracted tothe total number of embedded bits. It is obvious that the bit error rates become smallerand correlation values become larger while noise amplitude is decreasing. In fact, thereare remarkable distortions when the amplitude of noise is larger than0.004. Figure 4.6 (c)shows an example under noises.

In addition, we improve the robustness against random noise by adopting larger value of|1−r| where the shape is complex and smaller value of|1−r| where the shape is relativelysimple. In detail, we fingerprinted triceratops with|1−r| = 0.02 on complex region (whereless than 5 vertices are used for one fingerprint bit) and|1 − r| = 0.01 on simple region

71


Table 4.1: Results of Noise Attacksamplitude of noise 0.0125 0.0125 0.01 0.01 0.008 0.008bit error rate 49/553 6/553 26/553 6/553 1/553 0correlation value 0.8160 0.9771 0.9009 0.9772 0.9962 1

(a) Cropped Head (b) Cropped Horn (c)Cropped leg

1175 vertices/2272 patches 106 vertices/178 patches 172 vertices/320 patches

Figure 4.7: Experimental Results under Cropping Attacks

(where 5 or more vertices are used for one fingerprint bit). Three different Gaussian noisesof amplitude 0.01 are added. The bit error rates are 0, 2/553 and 1/553, and the correlationvalues are 1, 0.9924, 0.9962 respectively.

• Cropping AttackA cropping attack might change the model center and its principal axes of inertia severely,so we cannot use the above-mentioned method to register the cropped model with theoriginal model. Here, we use the method described in [8] to register the cropped modelsince the registration method is based on local significant geometric features such as ridgesand umbilic points, which is independent of the model center and the principal axes ofinertia. To get a preciser registration, we have to adjust the cropped model manually. Wesimulate an attacker to crop the parts of fingerprinted triceratops, such as head, horn andleg (see Figure 4.7). The experimental results are listed in Table 4.2.

Table 4.2: Results of Cropping Attacksvertices left head: 1175 horn: 106 leg: 172cropping ratio 59% 96% 94%bit error rate 22/223 3/23 2/40correlation value 0.7928 0.7073 0.9027

Here, features included in the shape like horn or leg is not enough to identify with tricer-atops, so whether their digital rights can be protected or not is not under our consideration.

72


In contrast, the digital right of shape like head should be protected since it can be identi-fied. It is clear that the shape of head shows more complex than horn or leg, such kind ofcomplexity guarantees that the fingerprint can be embedded redundantly. For the user 1 ’s16-bit fingerprint, there are 8 embedding fields involved in the head region. The experi-mental data show that all the fingerprint bits in a field were correctly extracted if the fieldkept not being cropped. The bit error rates merely occur in the primitives where verticesare removed by cropping attacks.

• Mesh Simplification AttackWe simplified the fingerprinted model triceratops using MeshToSS (Kanai [23]) and re-duced 10%, 29% and 47% of the vertices of the fingerprinted model. The experimentalresults are listed in Table 4.3.

Table 4.3: Results of Mesh Simplification Attacksvertices left 2552 2000 1500removing ratio (simplification) 10% 29% 47%correlation value 0.7580 0.5042 0.2979

Generally, smooth shape displays better resistance to simplification than complex shape. Itshould be noted that our approach extracts the fingerprint directly from simplified modelwithout resampling process. From such a point of view, our approach shows advantagesover other related work (e.g., [9] and [39]).

• Composite AttackA composite attack refers to the attack that is a combination of two or more types of at-tacks. To test robustness against composite attacks, we combined cropping attacks andnoise attacks, mesh simplification attacks and noise attacks on the fingerprinted model.The experimental results are listed in Table 4.4 and Table 4.5.

Table 4.4: Results of Cropping Attacks and Noise Attacksvertices left (cropping) head: 1175 horn: 106 leg: 172amplitude of noise 0.0125 0.008 0.01correlation value 0.3753 0.5801 0.8407

Table 4.5: Results of Mesh Simplification Attacks and Noise Attacksvertices left (simplification) 2552 2000 1500amplitude of noise 0.008 0.008 0.008correlation value 0.4182 0.2712 0.2402

73


Figure 4.8: Colluded Models of Users 1 and 2, Users 5 and 6 and Users 1-3

• Collusion AttackThe original and fingerprinted triceratops models are stored as VRML 2.0 files. We gen-erate colluded models by averaging vertex coordinates of fingerprinted models. In suchcases, the marking assumption holds. That is, the vertex coordinates which are same inseveral user ’s fingerprinted models will keep unchangeable and the ones which are differ-ent in several user ’s fingerprinted models will be changed under averaging operation. Thishelps us to make full use of the advantages of anti-collusion code.

We tested collusion resistance against average attacks, where the triceratops models finger-printed with the codewords of users 1 and 2, users 5 and 6, and users 1-3, are averaged.The colluded models and the detected fingerprints are shown in Figure 4.8.

The symbol∅means the fingerprint bit is neither “1 ” nor “0 ”, in other words, no fingerprintis detected. From equation 4.5 and equation 4.4, it is easy to see that the vertex displace-ment will be counteracted (so fingerprint bit will be removed) by average attacks from twocolluders who have different fingerprint bits in the same one embedding primitive. Thiswill not affect the fact that the number and location of “1 ”of colluded code are unique foreach colluder set. For example, a “1 ” occurs from the 8-th to the 16-th location uniquelyidentifies users 1 and 2 as the colluders. The experimental results show that the colluderscan be correctly identified when they are less than 3 users. In the case of 3 colluders, errorhappened due to the detection way of fingerprint bit (see equation 4.7). Let ’s consider theaverage attack from users 1-3 shown in Figure 4.8. At each location between the 2-th and10-th, there exist two “1 ” and one “0 ”. The vertex displacement can not be counteractedand still satisfies||oo∗p|| > ||oop||, then fingerprint bit “1 ” is detected, and we call it falsefingerprint bit. We modify the detection equation into||oo∗p||−||oop|| > PN , wherePN ispositive and is the threshold set up for excluding the false bit “1 ”. The experimental resultsshow that the false bits can be excluded by such modification. As mentioned in Chapter 3,how to set an appropriate threshold plays an important role in determining if a fingerprintbit is “1 ”or not.

74


A good robust fingerprinting approach should resist against as many attacks as possible. Ourapproach is robust against four types of common attacks (affine transformation, additive randomnoise of vertex, cropping and mesh simplification) as well as collusion attacks by using the sameembedding approach. Besides the above attacks, there still exist many other forms of more com-plex attacks such as the combination of three or more than three types of common attacks, andthe combination of collusion attacks with one or more than one type of common attacks and soon. These attacks usually degrade the visual quality and usability of the model so heavily thatwe can consider the resulting model is substantially different from the original model. Thus ourfingerprinting approach is not designed to guard against such attacks.

In the fingerprint detection procedure, both the original model and the fingerprint are re-quired. When the embedding approach becomes known, attackers probably could construct thesame embedding primitives. However, they do not know how to modify vertices involved in theembedding primitives without knowledge of the fingerprint. Their random modifications can betaken as an attack of additive random noise of vertex, which our approach is shown to be robustagainst. So our approach is secure in terms of watermarking security.

4.6 Chapter Summary and Future WorkWe provided a robust fingerprinting approach for 3D model. The provided approach is robustagainst affine transformation by using affine invariant, robust against cropping due to localizedand redundantly embedding and is robust against random noise and mesh simplification for em-bedding one fingerprint bit into a vertex cluster (a group of vertices) instead of a single vertexdirectly. Experimental results showed that the embedded anti-collusion codes can play a full rolein tracing illegal users and resist against attacks mounted by a single user. These results implyour target system can be realized based on the above work. In comparison with the related work,our approach showed robustness against a wider range of attacks and could automatically embedthe fingerprint into the complex shape as redundantly as possible. Compared to the relativelysimple shape, such complex shape not only has better redundancy and less viewing distortionwhen being fingerprinted but also exhibits more robust against random noise attack.

As a future work, we plan to focus on the registration process to offer better resistance sincemanual interaction is needed in the case of cropping attack.

75

CHAPTER 5

CONCLUSIONS ANDFUTURE WORK

5.1 Conclusions and ContributionsWith the development of broadband networks as well as the high performance of PCs, multime-dia contents such as image, video and 3D model, are widely used in entertainment, corporatepresentations, education, simulations, digital publications, museum exhibits and so much more.Different from generic data, such multimedia contents are easy to duplicate and distribute overthe Internet without visual quality degradation. They contain commercial and personal valueand should be used for their intended purpose, so this thesis provides some digital fingerprintingtechniques to protect them from unauthorized copy and redistribution.

Digital fingerprinting is one application of digital watermarking, which embeds unique userinformation (i.e., fingerprints) into different copies of the same multimedia content, and if a sus-pect copy appeared, the embedded unique user information is extracted and helps to identify ortrace the originator of the suspect copy. It is a passive way to deter or discourage people fromillegally copying and redistributing the content. There exist three key issues related to fingerprint-ing techniques: fingerprints encoding, fingerprints embedding/detection and interaction betweenchoices of fingerprint encoding and embedding/detection.

In many video applications, the number of users who share or consume the same content is inthe order of thousands or tens of thousands, and the number of potential colluders is in the orderof dozens or hundreds. In contrast, in current 3D model applications like trading 3D data via IPnetwork, there exist only hundreds of users and a few potential colluders. Therefore, we target torealize a secure internet-based distributing system:

• A single content provider transmits image/video to104 ∼ 105 users via IP-multicast and10 ∼ 102 colluders can be traced based on the colluded copy.

77

5. Conclusions and Future Work

• A single content provider transmits 3D model to hundreds of users via IP network and afew colluders can be traced based on the colluded copy.

To realize such a target system, it is crucial to encode and embed the unique user information,so that each user is uniquely represented and colluders involved in the unauthorized distribu-tion are correctly traced and identified. In Chapter 2, we provided how to generate and howto construct efficient and effective anti-collusion codes based on unital and affine plane. Theseproposed fingerprint codes meets the requirements of our target system. We point out that thegeneration/construction methods can achieve more than our target system, e.g., potential use forsupporting more than tens of thousands of users and tracing more than hundreds of colluderssince the restriction comes from Magma software rather than from the finite geometry theory.Based on our generation/construction methods as well as the concrete application requirements,a desirable fingerprint code can be achieved flexibly by compromising its three factors, numberof users, collusion size and code length. This is convenient from content providers’ point of view.

The work in Chapter 2 is a theoretical foundation of how to generate and construct suitablefingerprint codes for our target system. Whether the proposed anti-collusion codes can fulfilltheir function of tracing illegal users relies on how to embed/detect them. Chapter 3 devotes toimplementing them on image/video and testing their validity. In detail, we provided a new archi-tecture, integrating fingerprint with public-key cryptosystem, which is able to protect image/videofrom both unauthorized viewing during data transmission and unauthorized redistribution afterit is legally purchased. We also presented a concrete scheme, integrating anti-collusion codeand Home Page public-key cryptosystem. Experimental results showed that the embedded anti-collusion codes can fulfill their function of tracing illegal users. Further, we showed the concretescheme is feasible for implementing in terms of computation/transmission cost, which impliesthat our target system can be realized based on the concrete scheme. We point out that the workin Chapter 3 can be used to embed any fingerprint code instead of merely our proposed finger-print codes. In addition, the use of public-key cryptosystem not only excludes the possibilitythat the content provider creates a fingerprinted copy to frame an innocent user, but also makesit possible to separate key management related to cryptosystem from the content provider. Theproposed architecture provided a friendly interface for those content providers who may not bespecialists in cryptosystem field.

In Chapter 4, we provided a robust fingerprinting approach to embed the proposed anti-collusion codes in 3D model, and then tested their validity. Unlike image/video, 3D model isa relatively new multimedia content and 3D fingerprinting is not yet a mature technology. Tomy knowledge, little prior work considered collusion resistance against fingerprinting 3D model,where resistance against collusion attacks by a few colluders may be sufficient for 3D model ap-plications. Experimental results showed the embedded anti-collusion codes can play a full role intracing illegal users, which implies that our target system can be realized based on the fingerprint-

78


ing scheme. In comparison with the related work, our fingerprinting approach showed robustnessagainst a wider range of attacks mounted by a single attacker and could automatically embedthe fingerprint into the complex shape as redundantly as possible. The provided fingerprintingapproach is robust and also can be used to embed copyright information.

In brief, this thesis provided anti-collusion fingerprinting techniques for multimedia contentssuch as image/video and 3D model, so as to protect them from unauthorized redistribution whenpeople exchange and share them over open networks. The proposed techniques can be utilized notonly separately but also synthetically. Based on our work, people can safely distribute multimediacontent to a large number of users.

Our work may find applications like internet-based live pay-TV system. In the last few years,businesses offering digital contents (such as music and video) via the Internet have come to beestablished with the development of broadband networks. But it is not realized to serve livepay-television broadcasts via the Internet to a number of people simultaneously at the moment.Our work is helpful to develop a system to realize such internet-based pay-TV system under theassumption that the same datagram could be transmitted to a number of receivers simultaneouslyvia IP-multicasting. Besides, our work can also serve a user for selling or trading multimediacontents (e.g., movies and 3D models) with other users from around the globe.

5.2 Future WorkIn the future, this research can be extended in several directions below.

Designing fingerprint code without the marking assumption. Anti-collusion code is de-signed under the marking assumption which may not hold when fingerprinting multimediacontent. The marking assumption basically serves to limit actions of colluding users whocould not change a specific mark if the mark agrees between their copies. This is not rea-sonable for colluders who will attempt to remove or destroy the embedded fingerprints.In fact, there exist several work ([36],[12] and [44]) on traitor tracing to try to overcomethe limitation of the marking assumption. For example, Tardos ([44]) showed that his im-provements on the scheme ([3]) prevent framing innocent users even when the markingassumption does not hold. Fingerprint code designed under no marking assumption is ex-pected to have a wide range of applications.

Examining resistance against other collusion attacks.Due to the global nature of the Internet,it is now easy for a group of users with differently fingerprinted versions of the same contentto conduct cost-effective collusion for removing an identifying fingerprint. Such collusionattack is the major challenge to fingerprinting techniques and poses a significant threat tomultimedia fingerprinting. There are several types of collusion attacks that may be usedagainst multimedia fingerprints. One method is simply to synchronize the media signals

79


and average them, which is an example of the linear collusion attack. This thesis onlyconsidered such average attack. Another collusion attack, referred to as the copy-and-pasteattack, involves users cutting out portions of each of their media signals and pasting themtogether to form a new signal. Other attacks may employ nonlinear operations, such astaking the maximum or median of the values of corresponding components of individualcopies. To uncover the underlying complexities governing the effect of the above collusionattacks, both analytical and experimental studies on their behavior should be conductedfurther.

Joint fingerprinting and decryption for 3D model. Similar to image/video, 3D model is alsoin the danger of unauthorized viewing (or theft) when it is transmitted from model providerto model user over the open networks. Due to different data structure and data character-istics, the cryptographic and fingerprinting techniques for image/video cannot be directlyapplied to 3D model. 3D models are being readily used in the entertainment and medicalindustry. Loss due to piracy or tampering will lead to loss of information important tomedical science or patients being cured. Developing joint fingerprinting and decryption for3D model is more challenging and promising.

Designing protocols for multimedia distribution over networks. The advent of electroniccommerce and the creation of electronic distribution channels for multimedia content havebrought new challenges regarding the protection of intellectual property. That is, to pro-tect the welfare and interests of the content owner or provider, it is critical to ensure theproper distribution and authorized usage of multimedia content. The fingerprinting tech-nique alone is not sufficient and should be used together with other information protectiontechnologies. In addition to the secure and efficient transmission of multimedia content andtraitor tracing requirement, user authentication and personal information protection shouldalso be considered in the distribution protocols.

80

BIBLIOGRAPHY

[1] A. Barg, G. R. Blakley, and G. A. Kabatiansky. Digital Fingerprinting Codes: ProblemStatements, Constructions, Identification of Traitors.IEEE Transactions on InformationTheory, 49(4):852–865, 2003.

[2] O. Benedens. Geometry-Based Watermarking of 3D Models. InIEEE CG and A, pages46–55, 1999.

[3] D. Boneh and J. Shaw. Collusion-Secure Fingerprinting for Digital Data.IEEE Transactionson Information Theory, 44(5):1897–1905, 1998.

[4] A. G. Bros. Watermarking Mesh-Based Representations of 3-D Objects Using Local Mo-ments.IEEE Transaction on Image Processing, 15(3), 2006.

[5] J. W. Cho, R. Prost, and H. Y. Jung. An Oblivious Watermarking for 3-D Polygonal MeshesUsing Distribution of Vertex Norms.IEEE Transactions on Signal Processing, 55(1), 2007.

[6] I. J. Coxy, J. Kiliany, T. Leightonz, and T. Shamoony. Secure Spread Spectrum Watermark-ing for Multimedia. IEEE Transactions on Image Processing, 6(12):1673–1687, 1997.

[7] J. H. Dinitz and D. R. Stinson.Contemporary Design Theory: A Collection of Surveys.John Wiley and Sons, 1992.

[8] I. Douros and B. F. Buxton. Three-Dimensional Surface Curvature Estimation UsingQuadric Surface Patches. InProceedings of 7th Numerisation 3D/Scanning, 2002.

[9] P. Emil, H. Hugues, and F. Adam. Robust Mesh Watermarking. InProc.SIGGRAPH’99,pages 49–56, 1999.

[10] S. Engle. Fingerprinting and the Marking Assumption. InEcs228 Cryptography for E-commerce, 2005.

81

Bibliography

[11] D. Florence, L. Guillaume, D. Florent, and B. Atilla. Digital Watermarking of Compressed3D Meshes. InInternational Conference on Machine Intelligence(ACIDCA-ICMI), 2005.

[12] H. J. Guth and B. Pfitzmann. Error- and Collusion-Secure Fingerprinting for Digital Data.In LNCS, volume 1768, pages 134–145, 2000.

[13] M. Hagiwara, G. Hanaoka, and H. Imai. A Short Random Fingerprinting Code Against aSmall Number of Pirates. InLNCS, volume 3857, pages 193–202, 2006.

[14] T. Harte and A. Bros. Watermarking 3D Models. InInternational conference on ImageProcessing, pages 661–664, 2002.

[15] F. Hartung and B. Girod. Digital Watermarking of MPEG-2 Coded Video in the BitstreamDomain. InProc. Int. Conf. Acoustics, Speech and Signal Processing, volume 4, pages2621–2624, 1997.

[16] T. Hattori, Y. Murakami, and M. Kasahara. Notes on Software Implementation of SHP-IICryptosystem. InTechnical Report of IEICE (in Japanese), volume ISEC2000-15, 2000.

[17] S. He and M. Wu. Performance Study on Multimedia Fingerprinting Employing Traceabil-ity Codes. InLNCS, volume 3710, pages 84–96, 2005.

[18] S. He and M. Wu. Joint Coding and Embedding Techniques for Multimedia Fingerprinting.IEEE Tran. Inf. Forensics Security, 1(2):231–247, 2006.

[19] S. Hou, T. Uehara, Y. Morimura, and M. Minoh. Fingerprinting Codes for Live Pay-Television Broadcast via Internet. InLecture Notes in Computer Science, volume 4577,pages 252–261, 2007.

[20] T. Isogai and H. Muratani. Reevaluation of Tardos’s code. InIEICE Technical Report (inJapanese) ISEC2006-96, pages 7–12, 2006.

[21] S. J. Johnson and S. R. Weller. High-Rate LDPC Codes from Unital Design. InIEEEGlobal Telecommunications Conference, pages 2036–2040, 2003.

[22] T. Kalker. Considerations on Watermarking Security. InProc. IEEE Workshop MultimediaSignal Process, pages 201–206, 2001.

[23] K. Kanai. MeshToSS. InVersion 1.0.1, 2002.

[24] S. Kanai, H. Date, and T. Kishinami. Digital Watermarking for 3D Polygons Using Mul-tiresolution Wavelet Decomposition. InProc. of Sixth IFIP WG 5.2 CEO-6, pages 296–307,1998.

82

Bibliography

[25] I. Kang, C. H. Lee, H. Y. Lee, J. T. Kim, and H. kyu Lee. Averaging Attack Resilient VideoFingerprinting. InIEEE International Symposium on Circuits and Systems, volume 6, pages5529–5532, 2005.

[26] I. Kang, K. Sinha, and H. K. Lee. New Digital Fingerprint Code Construction SchemeUsing Group-Divisible Design.IEICE Trans. Fundamentals, E89-A(12):3732–3735, 2006.

[27] M. Kasahara and Y. Murakami. New Public-Key Cryptosystems. InTechnical Report ofIEICE (in Japanese), volume ISEC99-16, 1999.

[28] K. Katayanagi, Y. Murakami, and M. Kasahara. New Product-Sum Type Public-Key Cryp-tosystems with Selectable Encryption Key Based on Chinese Remainder Theorem.IEICETrans. Fundamentals, E85-A(2):472–480, 2002.

[29] J. D. Key. Some Applications of Magma in Designs and Codes: Oval Designs, Hermi-tian Unitals and Generalized Reed-Muller Codes.J.Symbolic Computation, 31(1/2):37–53,2001.

[30] D. Kundur and K. Karthik. Video Fingerprinting and Encryption Principles for DigitalRights Management.Proceedings of the IEEE, 92(6):918–932, 2004.

[31] A. Lemma, S. Katzenbeisser, M. Celik, and M. van der Veen. Secure Watermark EmbeddingThrough Partial Encryption. InLecture Notes in Computer Science, volume 4283, pages433–445, 2006.

[32] S. Lian, Z. Liu, Z. Ren, and H. Wang. Secure Distribution Scheme for Compressed DataStreams. InIEEE International Conference on Image Processing (ICIP 2006), pages 1953–1956, 2006.

[33] S. Lian, Z. Liu, Z. Ren, and H. Wang. Joint Fingerprint Embedding and Decryptions forVideo Distribution. InIEEE International Conference on Multimedia and Expo (ICME2007), pages 1523–1526, 2007.

[34] K. J. R. Liu, W. Trappe, Z. J. Wang, M. Wu, and H. Zhao.Multimedia FingerprintingForensics for Traitor Tracing. Hindawi Pub Corp, 2005.

[35] B. M. Macq and J. J. Quisquater. Cryptology for Digital TV Broadcasting. InProc. IEEE,volume 83, pages 944–957, 1995.

[36] R. S. Naini and Y. Wang. Collusion Secure q-ary Fingerprinting for Perceptual Content. InLNCS, volume 2320, pages 57–75, 2002.

83

Bibliography

[37] R. Ohbuchi, H. Masuda, and M. Aono. Watermarking Three-Dimensional Polygonal Mod-els. InProc.ACM Multimedia’97, pages 261–272, 1997.

[38] R. Ohbuchi, H. Masuda, and M. Aono. Watermarking Three-Dimensional Polygonal Mod-els Through Geometric and Topological Modifications. InIEEE JSAC, pages 551–560,1998.

[39] R. Ohbuchi, A. Mukaiyama, and S. Takahashi. A Frequency-Domain Approach to Water-marking 3D Shapes.Computer Graphics Forum, 21(3):373–382, 2002.

[40] J. M. Seol and S. W. Kim. Scalable Fingerprinting Scheme Using Statistically SecureAnti-collusion Code for Large Scale Contents Distribution. InLNCS, volume 4096, pages560–569, 2006.

[41] D. Shashanka and P. K. Bora. Collusion Secure Scalable Video Fingerprinting Scheme. In15th International Conference on Advanced Computing and Communications, pages 641–647, 2007.

[42] J. Staddon, D. R. Stinson, and R. Wei. Combinatorial Properties of Frameproof and Trace-ability Codes.IEEE Transactions on Information Theory, 47(3):1042–1049, 2001.

[43] D. R. Stinson, T. van Trung, and R. Wei. Secure Frameproof Codes, Key DistributionPatterns, Group Testing Algorithms and Related Structures.Journal of Statistical Planningand Inference, 86:595–617, 2000.

[44] G. Tardos. Optimal Probabilistic Fingerprint Codes. InProceedings of the 35th AnnualACM Symposium on Theory of Computing, pages 116–125, 2003.

[45] L. Tina, L. Jacob, and S. Mattias. A Class of Traceability Codes.IEEE Transactions onInformation Theory, 48(7):2094–2096, 2002.

[46] W. Trappe, M. Wu, Z. J. Wang, and K. J. R. Liu. Anti-collusion Fingerprinting for Multi-media.IEEE Transactions on Signal Processing, 51(4):1069–1087, 2003.

[47] F. Uccheddu, M. Corsini, and M. Barni. Wavelet-Based Blind Watermarking of 3D Models.In Proc. Multimedia and Security workshop on Multimedia and Security, pages 143–154,2004.

[48] Z. J. Wang, M. Wu, H. Zhao, W. Trappe, and K. J. R. Liu. Anti-collusion forensics of multi-media fingerprinting using orthogonal modulation.IEEE Tran. Image Process., 14(6):804–821, 2005.

84

Bibliography

[49] J. Wu and L. Kobbelt. Efficient Spectral Watermarking of Large Meshes with OrthogonalBasis Functions. InThe Visual ComputerPacific Graphics 2005 Proceedings, volume 21,pages 848–857, 2005.

[50] J. Yang and X. Xu. A Robust Anti-collusion Coding in Digital Fingerprinting System.In IEEE Asia Pacific Conference on Circuits and Systems(APCCAS2006), pages 996–999,2006.

85

PUBLICATIONS

Journal Articles1. Shuhui Hou, Tetsutaro Uehara, Takashi Satoh, Yoshitaka Morimura, Michihiko Minoh,

“Integrating Fingerprint with Cryptosystem for Internet-Based Live Pay-TV System”, Se-curity and Communication Networks(Wiley International Journal), Vol.1, Issue 6, pp.461-472, 2008.

2. Shuhui Hou, Tetsutaro Uehara, Takashi Satoh, Yoshitaka Morimura, Michihiko Minoh,“Fingerprinting Codes for Internet-Based Live Pay-TV System Using Balanced IncompleteBlock Designs”, IEICE Transactions on Information and Communication System Security,Vol.E92-D, No.5, pp.-, May, 2009.

3. Shuhui Hou, Masaaki Iiyama, Koh Kakusho, Michihiko Minoh, “Watermarking 3D MeshModels Using Affine Invariant Based on Local Shape Feature”, Submitted to IPSJ Trans-actions.

4. Yoshitaka Morimura, Tetsutaro Uehara, Shuhui Hou, Michihiko Minoh, “Construction andEvaluation of Live Video Streaming System with Authentication by Broadcast Encryptionover IP Multicast”, Accepted to IPSJ Transactions, March, 2009.(in Japanese)

International Refereed Conference and Workshop Papers1. Shuhui Hou, Tetsutaro Uehara, Takashi Satoh, Yoshitaka Morimura, Michihiko Minoh,

“Integrating Fingerprint with Cryptosystem for Internet-Based Live Pay-TV System”, 2008International Workshop on Multimedia Security in Communication (MUSIC’08), August,2008.

2. Shuhui Hou, Tetsutaro Uehara, Yoshitaka Morimura, Michihiko Minoh, “FingerprintingCodes for Live Pay-Television Broadcast via Internet”, Lecture Notes in Computer Science,vol. 4577, pp.252-261. (International Workshop MCAM 2007, June/July 2007)

87

Publications

Conference Presentations1. Shuhui Hou, Tetsutaro Uehara, Takashi Satoh, Yoshitaka Morimura, Michihiko Minoh,

“Integrating Fingerprinting and Cryptosystem for Internet-Based Live Pay-TV System”,IEICE Information Security (ISEC), 2008.

2. Shuhui Hou, Tetsutaro Uehara, Yoshitaka Morimura, Michihiko Minoh, “FingerprintingCodes for Live Pay-Television Broadcast via Internet”, IPSJ Multimedia, Distributed, Co-operative, and Mobile Symposium(DICOMO2007), July 2007.

3. Shuhui Hou, Masaaki Iiyama, Koh Kakusho, Michihiko Minoh, “Watermarking 3D MeshModels Using Affine Invariant Based on Local Shape Feature”, IPSJ SIG Technical Report,2006-CG-125, Vol.2006, No.119, P.7-12, 2006-11.

4. Shuhui Hou, Masaaki Iiyama, Koh Kakusho, Michihiko Minoh, “Robust Watermarking for3D Model against Cropping”, 2005 IEICE General Conference, 2005.(in Japanese)

5. Tetsutaro Uehara, Shuhui Hou, Yoshitaka Morimura, “An Internet Video-broadcasting Sys-tem Discouraging Unauthorized Redistribution by Digital Fingerprints”, The 6th Sympo-sium of the Academic Center for Computing and Media Studies, in Cooperation with In-ternational Multimedia Modeling Conference (MMM), January, 2008.

6. Yoshitaka Morimura, Tetsutaro Uehara, Shuhui Hou, Michihiko Minoh, “Construction andEvaluation of Live Video Streaming System with Broadcast encryption over IP Multicast”,Information and Communication Management (ICM/IOT), 2008.(in Japanese)

88

Documents

Anti-Collusion Fingerprinting for Multimedia Content Protection · 2014-09-12 · This thesis targets to realize a secure internet-based distributing system, in which a single content