short 3-secure fingerprinting codes for copyright protection francesc sebé and josep domingo-ferrer...
TRANSCRIPT
Short 3-Secure Fingerprinting Codes for
Copyright Protection
Francesc Sebé and Josep Domingo-Ferrer
Dept. of Computer Engineering and Mathematics
Universitat Rovira i VirgiliTarragona, Spain
Fingerprinting Before selling a product
A mark identifying the buyer is embedded
Later mark recovery from illegal copies allows the dishonest buyer to be identified
As every copy is different, buyers can collude By comparing their copies We focus on collusions of size c=3
Co-orthogonal codes and Fingerprinting We realized that co-orthogonal codes had
not been designed to have a suitable structure to build codewords needed by collusion-secure fingerprinting. A high error-correcting capacity is needed and co-orthogonal codes are not meant for error correction.
As an alternative, we used dual binary Hamming codes and a new class of codes called scattering codes to obtain collusion-secure codes shorter than Boneh-Shaw’s for collusions of size 3.
The marking assumption Colluders can identify and change
marks in detectable positions
1 0 0 1 0
1 0 0 0 0
0 0 1 0 0
? 0 ? ? 0
Collusion strategy In a 3-collusion
p-majority strategy
1
1
0
p 1-p
Our proposal Each buyer is assigned a Binary
Dual Hamming, DH(n), Codeword
The accused buyer will be the one whose codeword is the nearest to the recovered one
Colluders aim By collusion, generate a codeword
that accuses another buyer
nearest
DH(n) properties for 3-collusions
Any set of three codewords can be divided into four zones
0000000 00000000 00000000 00000000
0000000 00000000 11111111 11111111
0000000 11111111 00000000 11111111
a1
a2
a3
invariant minor(a3) minor(a2) minor(a1)
DH(n) properties for 3-collusions With respect to the rest of
codewords*
(*) There is an exception. For simplicity, it is not mentioned.
0000000 00000000 00000000 00000000
0000000 00000000 11111111 11111111
0000000 11111111 00000000 11111111
a1
a2
a3
0001111 00001111 00001111 00001111ai
0000000 00000011 00000011 11111100
3-Collusions in DH(n) After a p-majority 3-collusion
0000000 00000000 00000000 00000000
0000000 00000000 11111111 11111111
0000000 11111111 00000000 11111111
a1
a2
a3
0 b(t,2n-2,1-p)b(t,2n-2,1-p) b(t,2n-2,p) d(a1,acoll)
acoll
t
nncoll ptkbptbKaadpkp )1;2;();2;()),(()( 121
11
3,2,12 ))),((min()( iicoll kaadpkp
3-Collusions in DH(n)0000000 00000000 00000000 00000000
0000000 00000000 11111111 11111111
0000000 11111111 00000000 11111111
a1
a2
a3
0001111 00001111 00001111 00001111a
acoll
d(acoll,a)
532),( Kaad ncoll
t
nn ptkbptbkKp );23;()1;23;()( 335
3,2,16 ))),((min()( iicoll kaadpkp
Distance distribution d2=minimum distance to colluding codewords d6=minimum distance to non-colluding codeword
Successful collusion Probability of a successful collusion
The nearest codeword is not a colluder’s
Colluders can choose p=0 !!!
p
0.0 0.6 0.7 0.8 0.9 1.0
DH(7) 1.0 0.5·10-3 0.1·10-3 0.1·10-6 0.7·10-
14
0.0
DH(8) 1.0 0.17·10-
7
0.1·10-7 0.1·10-13 0.7·10-
28
0.0
Scattering Codes Scattering codes are a new kind of
code Construction and decoding rules
described in the paper Used to control collusion strategy
Scattering Code Example of SC(4,3)
Decoding rules are detailed in the paper
Encodes
‘1’111111111111
1111 0000 0000
0000 1111 0000
0000 0000 1111
0000 0000 00000000 0000 00000000 0000 0000
‘0’000000000000
0000 0000 0000
0000 0000 0000
0000 0000 0000
1111 0000 00000000 1111 00000000 0000 1111
Collusions over SC(d,t) If 3 codewords, all of them encoding a value v
collude, the collusion-generated codeword will decode as v with probability 1.
If 3 codewords, two encoding value v and one value collude with p-majoritary strategy, the collusion-generated codeword will decode as v with high probability
v
Collusions over SC(d,t)
p-majoritary strategy
Probabilityof
majoritarydecoding
3-secure fingerprinting codes Each buyer is assigned a Binary
Dual Hamming, DH(n), Codeword We choose appropiate parameters
d, t and construct SC(d,t). We compose SC(d,t) with DH(n). We permute the bits of the resulting
sequence With a secret key
3-secure fingerprinting codes
Permutation
DH(n)
SC(d,t)p-majoritary
p-majoritary
p’-majoritary, p’ 1
Comparison vs Boneh-Shaw For not too large number of buyers, our proposal
(with SC(5,5)) generates shorter codes
nºbuyers Our length
BS length
5121,024
....32,76865,536
131,072
28,10556,265
....1,802,1853,604,4257,208,905
5,148,0005,269,992
....5,883,8886,006,7806,129,816
Conclusion A construction for 3-secure
fingerprinting codes has been presented
For not too large number of buyers, shorter codewords are obtained
Scientific dissemination Article in IEEE Transactions on Systems, Man and
Cybernetics, 2003 (to appear). Article in Electronics Letters, 2002. Article in Lecture Notes in Computer Science, vol. 2384
(ACISP’2002), 2002. Acceptance rate 36/94. Other papers (CARDIS’2002, Upgrade Journal, etc.). See
Final Report
Research Prize 20 February 2003. J.Domingo-Ferrer and
F.Sebé were awarded the “Salvà i Campillo” Prize for Outstanding Research, a European-wide prize sponsored by the Association of Telecom Engineers of Catalonia. The prize was delivered by the Spanish Minister for Science and Technology.
See http://www.acet.es/english/2003/index.htm for more information on that prize.
Future Research (1) New short codes secure against larger
collusions should be found (follow-up of project CO-ORTHOGONAL?)
Try to use recent results on q-ary traceability codes to build shorter collusion-secure binary fingerprinting codes for collusions of size c. M.Fernandez “A contribution to the design
and efficient decoding of traceability codes”, PhD. Thesis, UPC, Barcelona. Co-advised by J.Domingo-Ferrer. March 2003.
Future research (2) Design of collusion secure fingerprinting
codes is in line with 6th FP priority 2.3.2.7 “Cross-media content for leisure and entertainment”.
URV is involved in 6th FP NoE proposal “Digiright” and is preparing an IP proposal together with Spain’s SDAE, the digital arm of the world’s 3rd largest rights collecting society SGAE.