OASIS PI Meeting Feb 13-16, 2001 Odyssey Research Associates SL 01-0002 1 Cornell Business &...
-
Upload
edward-lucas -
Category
Documents
-
view
213 -
download
0
Transcript of OASIS PI Meeting Feb 13-16, 2001 Odyssey Research Associates SL 01-0002 1 Cornell Business &...
OASIS PI MeetingFeb 13-16, 2001
1Odyssey Research Associates SL 01-0002
Cornell Business & Technology Park33 Thornwood Drive, Suite 500
Ithaca, NY 14850-1250(607) 257-1975
David RosenthalOdyssey Research Associates
February 13-16, 2001
Semantic Data Integrity
OASIS PI Meeting
OASIS PI MeetingFeb 13-16, 2001
2Odyssey Research Associates SL 01-0002
Team Members
• Odyssey Research Associates (a subsidiary of Architecture Technology Corporation)– David Rosenthal, Matt Stillerman, David
Guaspari, Francis Fung• WetStone Technologies, Inc.
– Chet Hosmer, Milica Barjaktarovic, Mike Duren, Chris Francis, Gary Gordon, Tony Delrocco
• SUNY Binghamton– Jiri Fridrich
OASIS PI MeetingFeb 13-16, 2001
3Odyssey Research Associates SL 01-0002
Scope of Talk
• Briefly describe the overall project• Concentrate on one aspect, hierarchical hashing
OASIS PI MeetingFeb 13-16, 2001
4Odyssey Research Associates SL 01-0002
Technical Objectives
• Develop improved data integrity methods to identify and recover attacked data– localize possible alterations– provide partial recovery and attack information,
where feasible• Emphasis of work has been on images
OASIS PI MeetingFeb 13-16, 2001
5Odyssey Research Associates SL 01-0002
Potential Attack
• An attacker may be able to maliciously alter an image in an attempt to cause a bad outcome
• If they have write access to the data, they could simply delete or totally corrupt the object. We consider the case in which they are trying to subvert some activity by partially altering the data
• To be successful the attacker will need to cover their tracks– Make it appear that there is no damage, or that it
is in a different location
OASIS PI MeetingFeb 13-16, 2001
6Odyssey Research Associates SL 01-0002
Technical Approach
• Developed techniques for protecting and verifying data subsets – Developed new watermarking/self-embedding
techniques– Developed and analyzed hierarchical hashing
methods• Implemented these techniques in a software tool
called Image Fault Isolation and Recovery Engine (I-FIRE)
• Additional protection information is saved separately in Digital Semantic Integrity (DSI) mark
OASIS PI MeetingFeb 13-16, 2001
7Odyssey Research Associates SL 01-0002
I-FIRE SoftwareProtection Phase
Image
Modifiedimage
Imagesegmentation
User parameters
DSI mark
Protection
Insecurechannel
Secure
channel
Image
protection
OASIS PI MeetingFeb 13-16, 2001
8Odyssey Research Associates SL 01-0002
I-FIRE SoftwareVerification Phase
Image DSI mark
Suspect
image
Image verification
Insecure channel
Verification
Secure channel
Verified/recovered image
Image recovery
OASIS PI MeetingFeb 13-16, 2001
9Odyssey Research Associates SL 01-0002
I-FIRE Segmentation
Original Image Segmented Image
OASIS PI MeetingFeb 13-16, 2001
10Odyssey Research Associates SL 01-0002
I-FIRE Segment Verification
Forged Image Segment LevelImage Verification
OASIS PI MeetingFeb 13-16, 2001
11Odyssey Research Associates SL 01-0002
Hierarchical Segmentation
• Segments are hierarchical (by containment)• Different hash methods can be applied to root,
leaves, and intermediate segments
OASIS PI MeetingFeb 13-16, 2001
12Odyssey Research Associates SL 01-0002
Intersecting Hash Methods
• Intersecting hashes– Permit the sets of covered cells for two different
hashes to intersect– Hierarchical hashing is a special case of this
• Intersecting hash techniques permit a tradeoff between – strength of protection,– diagnostic ability / damage isolation
OASIS PI MeetingFeb 13-16, 2001
13Odyssey Research Associates SL 01-0002
Attack Method
• If attacker does not know about the hashes or hashing scheme – then even relatively weak methods will be effective in localizing the damage
• What if attacker has access to the hashes and the hash method?
• We assume DSI mark is stored and transmitted in a protected fashion, so that an attacker cannot just change the hash values
• Attacker will need to adjust the picture to get the hashes to check
• How hard is this?
OASIS PI MeetingFeb 13-16, 2001
14Odyssey Research Associates SL 01-0002
Forgery Strategies and Strength of Protection
• Assume that Cell 2 is modified
• Compensating with Cell 2 costs |h1| * |h2 |
• Compensating with Cell 1 and then Cell 3 costs |h1| + |h2|
Hash 1 Hash 2Cell 1 Cell 2 Cell 3
Hash 1 Hash 2Cell 1 Cell 2 Cell 3
Hash 1 Hash 2Cell 1 Cell 2 Cell 3
OASIS PI MeetingFeb 13-16, 2001
15Odyssey Research Associates SL 01-0002
Example: Sequential Forgery Repair with Hierarchical Hashes
• Fix hashes in two stages– First Correction: Fix three hashes of left branch– Second Correction: Fix two hashes of right branch
To be forged
OASIS PI MeetingFeb 13-16, 2001
16Odyssey Research Associates SL 01-0002
Strength of Hierarchical Hashes
• Strength of protection can be defined in terms of the cost of the attacker’s best strategy.– This value is important because we want to identify
correct subsets with sufficient assurance– Want to find an efficient method to compute the
strength of protection• The analysis presented here assumes no secret
information• In our analysis we assume
– The cost of defeating a single hash depends only on its depth in the tree of hashes. (We can handle modest variants.)
OASIS PI MeetingFeb 13-16, 2001
17Odyssey Research Associates SL 01-0002
Strength of Hierarchical Hashes (cont.)
• To find best attacker strategy it suffices to consider only normal attacks:– Don’t fix the same hash twice– Every step fixes at least one broken hash
• With extra assumption on the cost function (essentially, that costs multiply):– Suffices to consider only attacks in which each
step manipulates a single cell.
OASIS PI MeetingFeb 13-16, 2001
18Odyssey Research Associates SL 01-0002
Finding a Minimal Attack: Definitions
• The depth of a node is the length of the path from the node to the root.
• The floor of node h, (h), is the minimum of the depths of all the leaves below h.
OASIS PI MeetingFeb 13-16, 2001
19Odyssey Research Associates SL 01-0002
Example of Depth and Floor
h
h 6
h1Cell 1 h8
h7
h4Cell 4
h5Cell 5
h2
Cell 2h3
Cell 3
Depth 1
Depth 2
Depth 3
Depth 4
( ) 3h
6( ) 3h
8( ) 4h
2( ) 4h
OASIS PI MeetingFeb 13-16, 2001
20Odyssey Research Associates SL 01-0002
Strategy for Hierarchical Hashes
• Attacker’s best algorithm: – In steps: reduce the size of the branch to be fixed
from the bottom up– For each step
• Find a cell of minimum depth under the unfixed part of the branch
• Fix all hashes above that cell whose floor is the depth of that cell
OASIS PI MeetingFeb 13-16, 2001
21Odyssey Research Associates SL 01-0002
Example of Algorithm
h
h 6
h1Cell 1 h8
h7
h4Cell 4
h5Cell 5
h2
Cell 2h3
Cell 3
( ) 3h
6( ) 3h
8( ) 4h
2( ) 4h
•Change {Cell 2}–Broken hashes are: {h2, h8, h6,h}
•Steps–Adjust Cell 2 to fix {h2, h8} - floor 4 –Adjust Cell 1 to fix {h1, h6, h} - floor 3
OASIS PI MeetingFeb 13-16, 2001
22Odyssey Research Associates SL 01-0002
Connections to Other OASIS Efforts
• DSI mark methods typically contain secret information. Hence there is a need to protect the DSI marks.
• Other project’s methods could be used to provide this
OASIS PI MeetingFeb 13-16, 2001
23Odyssey Research Associates SL 01-0002
Accomplishments
• Working software demonstrates protection and verification stages– Implements variety of detection and recovery
methods– Provides a way to try out various segmentation
and hashing combinations• Developed new watermarking and self-embedding
methods• Produced analysis of hashing methods
– Row-column vs. partition – Hierarchical hashing