Asymptotic fingerprinting capacity in the Combined Digit Model

Dion Boesten and Boris Škorić

Outline

• forensic watermarking• collusion attack models:

Restricted Digit Model and Combined Digit Model• bias-based codes

• fingerprinting capacity• large coalition asymptotics • Previous results: Restricted Digit Model• New contribution: Combined Digit Model

Forensic watermarking

Embedder Detector

originalcontent

unique watermark

watermarkedcontent unique

watermark

originalcontent

Attack

Collusion attacks

A B C B

A C B A

B B A C

B A B A

A B A C

C A A A

A B A B

n users

A B A C

C A A A

A B A B

• Simplifying assumption: segments into which q-ary symbols can be embedded

collusion attack: c attackers pool their resources

m content segments

Attack models: Restricted Digit Model (RDM)

• "Marking assumption": can't produce unseen symbol

• Restricted Digit Model:choose from available symbols

A B C B

A C B A

B B A C

B A B A

A B A C

C A A A

A B A B

A B A C

C A A A

A B A B

m content segments

allowedsymbols

AC

AB

A ABC

c attackers

Attack models: Combined Digit Model (CDM)

[BŠ et al. 2009]• More realistic • Allows for signal processing attacks

• mixing• noise

alphabetQ

receivedΩ Q⊆

mixed:Ψ Ω⊆

detected:W

attack

symbol detectionprobability:

r

1-r

1-t|ψ|

t |ψ|

Noise parameter r. Mixing parameters t1 ≥ t2 ≥ t3 ...

Bias-based codes [Tardos 2003]

A B C B

A C B A

B B A C

B A B A

A B A C

C A A A

A B A B

symbol biases

content segments

A B A C

C A A A

A B A B

Code generation• Biases drawn

from distribution F• Code entries generated

per segment j using the bias:

Pr[Xij = α] = pjα.

Attack• Coalition size c.• Same strategy in each segment• In Combined Digit Model:

strategy = choice of subset Ψ Ω,⊆possibly nondeterministic.

Accusation• algorithm for finding at least one attacker,

based on distributed and observed symbols.

Ω={A,B}Allowed Ψ: {A}, {B}, {A,B}

Collusion attack viewed as malicious noise

Noisy communication channel• From symbol embedding to detection

• Coalition attack causes "noise"

Channel capacity• Apply information theory

• Rate of a tracing code:

R = (logq n)/m

• Capacity C = max. achievable rate. Fundamental upper bound.

Results for Restricted Digit Model, and #attackers → ∞• Huang&Moulin 2010

Binary codes (q=2):

• Boesten&Škorić 2011Arbitrary alphabet size:

€

C2 =1

2c 2 ln2

€

Cq =q−1

2c 2 lnq

n = #usersm = #segmentsq = alphabet size

Capacity for the Combined Digit Model

The math• Look at one segment

• Define counters Σα= #attackers who receive α

• Parametrization of the attack strategy:

• Capacity:

p = bias vector

F = prob. density for p

W = set of detected symbols

H(Σ) H(W)I(W;Σ)

𝑰+-

Fθ

CDM capacity: further steps

Apply Sion's theorem • "Value" of max-min and min-max game is the same!

Limit c → ∞: • Σ very close to cp• Taylor expansion in Σ/c – p

Re-paramerization• γ: mapping from q-dim. hypersphere to (2q-1)-dim. hypersphere.• Jacobian J

• Pay-off function Tr(JTJ)€

γw2 = Pr[W = w | Σ =σ ]

€

uα2 = pα

CDM capacity: constraints

• Looks like beautiful math, but ... nasty constraint on the mapping γ

• We did not dare to try q>2

• Binary case: Constrained geodesics

CDM capacity: numerical results for q=2

• Part of the graphs we understand intuitively

• Stronger attack options => lower capacity

• Near (r=0, t1=1) RDM-like behaviour; weak dependence on t2

• Away from RDM we have little intuition

Summary

Asymptotic capacity for the Combined Digit Model

• Partly the same exercise as in Restricted Digit Model

• Find optimal hypersphere → hypersphere mapping

• But ...

• higer-dimensional space

• nasty constraint on the mapping

• Numerics for binary alphabet

• constrained geodesics in 2 dimensions

• graphs show how attack parameters (r, t1, t2) affect capacity

• useful for code design

• Future work (perhaps ...)

• change attack model to get analytic results

Questions?