320 likes | 483 Views
Information Hiding & Digital Watermarking. Tri Van Le. Outlines. Some history State of the art Research goals Possible approaches Research plan. Cryptography in the 80s. Beginning time of open research A lot of schemes proposed Most of them soon broken. Broken Cryptosystems (I).
E N D
Information Hiding&Digital Watermarking Tri Van Le
Outlines • Some history • State of the art • Research goals • Possible approaches • Research plan
Cryptography in the 80s • Beginning time of open research • A lot of schemes proposed • Most of them soon broken
Broken Cryptosystems (I) Merkle Hellman 1978-1984 Iterated Knapsack 1978-1984 Lu-Lee 1979-1980 Adiga Shankar 1985-1988 Nieder-reiter 1986-1988 Merlke Hellman Merlke Hellman Lu-Lee Adigar Shankar Neiderreiter Okamoto 1987-1988 Okamoto 1986-1987 Pieprzyk 1985-1988 ChorRivest 1988-1998 GoodmanMcAuly 1984-1988 Chor Rivest Okamoto Okamoto Pieprzyk Goodman McAuly
Broken Cryptosystems (II) Matsumoto Imai 1983-1984 Cade 1985-1986 Yagisawa 1985-1986 TMKIF 1986-1985 Luccio Mazzone 1980-1981 Matsumoto Imai Cade Yasigawa Tsujii, Itoh Matsumoto Kurosama Fujioka Luccio Mazzone Rivest Adleman Dertouzos 1978-1987 HighDegree CG 1988 Rao Nam 1986-1988 Low Degree CG 1982 Kravitz Reed 1982-1982 Krawczyk Boyar Rivest Adleman Dertouzos Rao Nam Kravitz Reed
Broken Cryptosystems (III) Ong Schnorr Shamir 1984-1985 Okamoto Shiraishi 1985-1985 Ong Schnorr 1983-1984 Ong Schorr Shamir Okamoto Shiraishi Ong Schorr
Proven Secure Cryptosystems (I) • Shannon’s work (1949) • Mathematical proof of security • Information theoretic secrecy • Enemy with unlimited power • Can compute any desired function
Proven Secure Cryptosystems (II) • Rabin (81), Goldwasser & Micali (82) • Mathematical proof of security • Computational secrecy • Enemy with limited time and space • Can run in polynomial time • Can use polynomial space
Information Hiding(state of the art) • Similar to that of cryptography in 80s • Many schemes were proposed • Most of them were broken • Use heuristic security • Subjective measurements • Assume very specific enemy
Research Goals • Fundamental way • Systematic research • Same as Shannon and Goldwasser’s work • What have been done • Covert channels • Anonymous communications • What are the properties
Fundamental Models • Unconditional hiding • Unlimited enemy • Statistical hiding • Polynomial samples • Computational hiding • Polynomial time
What have been done • Covert channels • Anonymous communications • Information hiding • Steganography • Digital watermarking
Covert Channels • Leakage information (e.g. viruses) • Disk space • CPU load • Subliminal channels • Digital signatures • Encryption schemes • Cryptographic malwares
Covert Computations • Computation inside computations • Secret design calculations inside a factoring computation • Secret physics simulations inside a cryptographic software or devices
Anonymous Communications • MIX Networks • Electronic voting • Anonymous communication • Onion Routings • Limited anonymous communication • Blind signatures • Digital cash
Information Hiding • Steganography • Invisible inks • Small dots • Letters • Digital watermarking • Common lossy compressions • Common signal processing operations
Information Hiding • Hiding property • Output must look like the cover • Secrecy • No partial information on input message • Authenticity • Hard to compute valid output
Our Approaches • Arbitrary key • Steganography, watermarking • Restricted key • Protection of key materials • Key = Ciphertext • Secret sharing
Research Plan • To understand information hiding • Perfect hiding (done) • Necessary and sufficient conditions • Computational complexity results • Constructions of prefect secure schemes • Constructions of schemes with non-reliability • Computational hiding (under research) • Conventional constructions • Public key schemes
Research Plan • Other aspects • Replacing privacy by authenticity • Extra problem • Robustness against modifications
Thank you • Questions? • More details?
Approaches • Arbitrary key distribution • E: KM C • K: key space • M: message space • C: cover space • Requires • E(k,m) is distributed accordingly to Pcover
Approaches • Restricted key distribution • c = E(k,m) • k is distributed accordingly to PK • c is distributed accordingly to PCover
Approaches • Key = Ciphertext • S: MCC • (k1,k2) = S(m) • Requires • k1 and k2 distributed accordingly to PCover
Models • Perfect hiding • Pc = Pcover • Ciphertext distributes exactly as Pcover • Statistical Hiding • |Pc - Pcover| is a negligible function • Negligible function • f(n)<n-d for all d>0 and n>Nd.
Models • Computational Hiding • Pc and Pcover are P-time indistinguishable • For all P-time P.T.M. M: • Prob(M(Pc)=1) - Prob(M(Pcover)=1)is negligible.
Examples • Quadratic residues • n = pq • S1 = {x2 |x in Zn*} • S2 = {x|x in Zn* and J(x)=1} • Decision Diffie-Hellman • U1 = (g, ga, gb, gab) mod p • U2 = (g, ga, gb, gr) mod p