Protection of Intellectual Property Rights related to Images
by Daniel Augot
One of the chalenges of the Aquarelle project is to protect the intellectual property rights of the images collected as data. The adopted solution is the technique of watermarking. This technology embeds information into a given image, in such a way that relevant copyright information may be retrieved later. This mark must be invisible in order to preserve image quality and must be impossible to remove. Furthermore, the mark must be robust enough to image manipulations and image compression, such that an attacker is not able to destroy it.
The Aquarelle watermarking system was developed in cooperation between Université catholique de Louvain (UCL) and INRIA. UCL provided the watermarking and a verifying tool, while INRIA integrated the algorithms and designed the functional model. The functional model has a key-importance in the design of a watermarking system.
The model and its supporting software should enable to replace easily the watermarking algorithm by another one when more robust methodologies become available.
The algorithm that UCL provides to INRIA is mainly designed to ensure invisibility of the watermark, and thus can be used to watermark high quality images (not only vignettes or small images). It is also very resistant to JPEG compression, random noise, blurring. The algorithm is parameterized with a long key (80 bits), which is unique for each image to be watermarked. The counterpart is that this algorithm only writes a single bit of information.
This algorithm was initially exploited through a functional model designed for the EOLE project, a Belgium initiative to create a national distributed photo-archive of artworks. In this model, a trusted third party (TTP) is introduced, which performs watermarking of an image, and also the verification of the mark. A copyright owner conveys an image to the TTP, who marks it using a selector which is then stored in a local database, and sends it back to the owner. For verification, an image may be submitted to the TTP, who retrieves the relevant key, and checks the mark.
This model can be improved by separating the person who does the watermarking action and the person who does the verification. In the Aquarelle functional model, the owner of the image marks the image himself, and verification is performed by the TTP. This leads to a protocol suite involving the Diffie-Hellman protocol which enables two parties to share a secret over a communication which is subject to eavesdropping. This protocol was already presented in 1977 (before RSA) and is well known to cryptologists. At the practical level, it offers the same security as RSA. We name this combination of the Diffie-Hellmann exchange protocol and the watermarking action the DHWM protocol (Diffie-Hellmann Water-Marking protocol), and provide a light implementation of it, and of the TTP running the services.
A first advantages of the DHWM protocol is that two image transmissions are no longer needed, and are replaced by a protocol in which a few hundred bytes are exchanged between copyright-owners and the TTP. This clearly improves bandwidth usage. A second advantage is that there is no need for encrypting images, as would be the case in the EOLE model. This is very important because of various government regulations on encryption in Europe.
The TTP is implemented as an HTTP server, which provides two main actions. The first action is launched on request from a copyright-owner to receive a valid key. The second action is launched on request from any user to verify the mark on an image. On the copyright-owner side, a simple stand-alone program is provided, which opens a connection to the TTP, receives the corresponding key, and performs the watermarking. On the side of a user requesting a verification, a powerful enough browser is needed, since the user fills in an HTML form which launches the verifying operation on the TTP side. There is no need for a special program, applets or plug-ins from the user side. In this way, the verification service may be accessed by anyone, although in an industrial installation, this functionality could be restricted to some categories of users.
Daniel Augot - INRIA
Tel: +33 01 39 63 58 71