Catálogo de publicaciones - libros

Semi-fragile image authentication based on watermarking has drawn extensive attention. However, conventional watermarking techniques introduce irreversible distortions to the host signals and thus may not be allowable in some applications such as medical and military imaging. Though some reversible fragile authentication algorithms had been developed, reversible semi-fragile authentication presents a challenge. To the best of our knowledge, so far there are only two reversible semi-fragile authentication algorithms based on watermarking reported in the literature. The existing reversible semi-fragile authentication schemes have two shortcomings: i) Watermark security has not received attention; ii) They have weak capability to resist JPEG compression. In this paper, we propose a novel reversible semi-fragile image authentication scheme. The algorithm can distinguish malicious modification from incidental modification according to semi-fragile characteristics of Zernike moments magnitudes (ZMMs) of the low frequency subband in integer wavelet transform (IWT) domain of an image. Combining semi-fragile characteristics of ZMMs, the watermark can discern forgery attack, thus, improving watermark security. The algorithm can locate the tampered area of an image accurately while tolerating JPEG lossy compression at a low quality factor. Experimental results demonstrate the merits of the proposed algorithm.

This paper describes a two instruction-stream (two-process) model for tamper resistance. One process (Monitor process, M-Process) is designed explicitly to monitor the control flow of the main program process (P-Process). The compilation phase compiles the software into two co-processes: P-process and M-process. The monitor process contains the control flow consistency conditions for the P-process. The P-process sends information on its instantiated control flow at a compiler specified fixed period to the M-process. If there is a violation of the control flow conditions captured within the M-process, the M-process takes an anti-tamper action such as termination of the P-process. By its very design, the monitor process is expected to be compact. Hence, we can afford to protect the M-process with a more expensive technique, a variant of Aucsmith’s scheme. This scheme has been implemented with the Gnu C compiler . There are several other monitoring, obfuscation, and dynamic decryption techniques that are embedded in this system. We quantify the performance overhead of the scheme for a variety of programs. The performance of such an anti-tamper schema can be significantly improved by leveraging a decoupled processor architecture to support the decoupled M- and P- processes. We describe one instance of such a two-stream decoupled architecture that can make the scheme more robust and efficient.

In this paper we propose a new scheme for software obfuscation and license protection that is based on an original transformation of the program’s call tree. The idea is based on the observation of similarities between a program’s call tree and Context Free Grammars. First, this paper proposes a practical technique for applying well studied LALR methodologies to transfor-ming a program’s call tree. Second, we suggest methods of effective binding of the transformed program to the program’s installation site. Finally, we note that the given scheme provides us with a series of difficult to remove unique identifications integrally embedded into the transformed programs that could be used for software watermarking purposes.

Software security is a significant issue in the Internet age. In order to prevent software from piracy and unauthorized modification, many techniques have been developed. Software watermarking is such a technique that can be used to protect software by embedding some secret information into the software to identify its copyright owner. In this paper, we discuss algorithms of software watermarking through register allocation.

The QP Algorithm [1,2] was proposed by Qu and Potkonjak to watermark a solution to a graph coloring(GC) problem to protect its intellectual property. In a recent paper by Myles and Collberg [3], the QP algorithm was corrected, and was, for the first time, implemented to watermark software through register allocation. It is called the QPS algorithm.

Our paper discusses some difficulties with the published descriptions of the QP and QPS algorithms, points out the problem in the extractability of the watermarks inserted by the QP algorithm through examples, proves the correctness of a clarified version of the QPS algorithm, and proposes an improvement for the QP algorithm. Finally, we give some potential topics for further research.

The illegal copying and redistribution of digital data is a crucial problem to distributors who electronically sell digital data. Fingerprinting scheme is a technique which allows the copyright protection to track redistributors of digital data using cryptographic techniques. Anonymous fingerprinting scheme prevents the merchant from framing a buyer by making the fingerprinted version known to the buyer only. In addition, such a scheme makes it possible for the buyer to purchase goods without revealing his identity to the merchant.

In this paper, an efficient anonymous fingerprinting scheme based on secret sharing is introduced. A secret sharing scheme preserves the buyer’s anonymity and traceability of traitor. When the buyer purchases a digital data, the buyer’s identity is divided into two shares and two shares are embedded into the digital data. When the merchant finds a sold version that has been illegally distributed, he is able to retrieve the fingerprint and find the original buyer’s identity by reconstructing it from two shares. When the merchant embeds the fingerprint in the digital data, the protocol uses the homomorphic encryption scheme for practicability. Plus, the digital signature prevents the buyer from denying allegations.

This paper investigates collusion-secure fingerprinting codes for digital data. Most previous works assume the threshold number of collusive users. Whereas, in order to treat a more general non-threshold collusion, we first introduce a notion of a potentially collusive family. Furthermore, we develop a novel way to measure collusion-secure codes according to combinatorial properties in a natural way. Our measurement immediately implies the definition of optimal codes. We then actually illustrate an optimal code. Finally, we give a necessary and sufficient condition for a code to be optimal by using a new notion of family-intersecting codes.

As user authentication by using biometric information such as fingerprint has been widely accepted, there has been a growing interest in protecting the biometric information itself against external attackers. In this paper, we propose a dual watermarking technique to protect fingerprint images in transmission/storage. As the proposed dual watermarking technique provides both robustness and fragileness with the embedded watermarks, it can guarantee the integrity of the fingerprint image transmitted and/or stored. In particular, when the embedding locations for fragile watermarks are selected, we consider the ridge information of the fingerprint images to avoid possible interference between the robust watermark detection and fingerprint verification systems. Based on experimental results, we confirm that our dual watermarking technique can detect the robust watermark accurately and avoid any significant degradation in the accuracy of fingerprint verification.

This paper points out to a generic vulnerability of certain broadcast encryption schemes. This vulnerability can be effectively explored assuming chosen plaintext attacks, and in some cases even under ciphertext only attack. The developed methods for cryptanalysis are based on an attacking approach not taken into account in the security evaluations of the reported broadcast encryption schemes. The proposed attacks are based on employment of a dedicated time-data-memory trade-off approach for cryptanalysis. Two algorithms for cryptanalysis are proposed (both in the basic and the generalized versions) and their main characteristics regarding the complexity and required sample are pointed out. The algorithms are applied for cryptanalysis of particular recently reported broadcast encryption schemes implying that their security is far below the claimed ones.

We propose two schemes for efficient broadcast key establishment that enables a sender to communicate to any subset of the user-base by allowing a small ratio of . The schemes do not require stateful receivers and one scheme is unconditionally secure. The free-riders are unable to learn from the past whether they might become free-riders for a certain transmission again.

We present a new trade-off facet for broadcast encryption, namely the number (or ratio) of free-riders vs. the number of messages to be sent or the number of keys stored by each user.

This paper proposes a novel broadcast encryption (BE) approach which combines the traditional one and time-bound cryptographic keys. The developed BE provides heavy reduced cumulative communication overhead and yields increased security. The reduction of the communication overhead is achieved via employment of time-bound session encrypting keys (TB-SEKs). The increased security against ciphertext only attack appears as a consequence of the reduced communication overhead and the increased security against the chosen-plaintext attack is obtained via employment of the time-bound key-encrypting keys (TB-KEKs). Appropriate methods for management of TB-SEKs and TB-KEKs are given. The proposed scheme is compared with traditional BE schemes and the advantages as well as the related trade-offs are pointed out.