放送型暗号の組合せ的構造及びマルチメディア指紋符号に関する進展

筑波大学 (University of Tsukuba)201

Towards Traitor Tracing in Black-and-White-Box DNN Watermarking with Tardos-based Codes

The growing popularity of Deep Neural Networks, which often require computationally expensive training and access to a vast amount of data, calls for accurate authorship verification methods to deter unlawful dissemination of the models and identify the source of the leak. In DNN watermarking the owner may have access to the full network (white-box) or only be able to extract information from its output to queries (black-box), but a watermarked model may include both approaches in order to gather sufficient evidence to then gain access to the network. Although there has been limited research in white-box watermarking that considers traitor tracing, this problem is yet to be explored in the black-box scenario. In this paper, we propose a black-and-white-box watermarking method that opens the door to collusion-resistant traitor tracing in black-box, exploiting the properties of Tardos codes, and making it possible to identify the source of the leak before access to the model is granted. While experimental results show that the method can successfully identify traitors, even when further attacks have been performed, we also discuss its limitations and open problems for traitor tracing in black-box.Comment: This work has been submitted to the IEEE International Workshop on Information Forensics and Security (WIFS) 2023 for possible publication. Copyright may be transferred without notice, after which this version may no longer be accessibl

A survey on Traitor Tracing Schemes

When intellectual properties are distributed over a broadcast network, the content is usually encrypted in a way such that only authorized users who have a certain set of keys, can decrypt the content. Some authorized users may be willing to disclose their keys in constructing a pirate decoder which allows illegitimate users to access the content. It is desirable to determine the source of the keys in a pirate decoder, once one is captured. Traitor tracing schemes were introduced to help solve this problem. A traitor tracing scheme usually consists of: a scheme to generate and distribute each user's personal key, a cryptosystem used to protect session keys that are used to encrypt/decrypt the actual content, and a tracing algorithm to determine one source of the keys in a pirate decoder. In this thesis, we survey the traitor tracing schemes that have been suggested. We group the schemes into two groups: symmetric in which the session key is encrypted and decrypted using the same key and asymmetric schemes in which the session key is encrypted and decrypted using different keys. We also explore the possibility of a truly public scheme in which the data supplier knows the encryption keys only. A uniform analysisis presented on the efficiency of these schemes using a set of performance parameters

ELLIPTIC CURVES PUBLIC KEY TRAITOR TRACING SCHEME

In this paper we use the elliptic curves system in the Public Key Traitor Tracing Scheme. The Elliptic Curve points form Abelian group that used in the Public Key Traitor Tracing Scheme. The main advantage of elliptic curves systems is thus their high cryptographic strength relative to the size of the key. We design and implement an elliptic curves public key encryption scheme, in which there is one public encryption key, but many private decryption keys which are distribute through a broadcast channel, the security of the elliptic curves public key encryption scheme based on the Elliptic Curves Decisional Diffie Hellman(ECDDH) problem that is analogous to Decisional Diffie Hellman(DDH) problem, but it is more intractable than DDH problem

Trust and Privacy in Development of Publish/Subscribe Systems

Publish/subscribe (pub/sub) is a widely deployed paradigm for information dissemination in a variety of distributed applications such as financial platforms, e-health frameworks and the Internet-of-Things. In essence, the pub/sub model considers one or more publishers generating feeds of information and a set of subscribers, the clients of the system. A pub/sub service is in charge of delivering the published information to interested clients. With the advent of cloud computing, we observe a growing tendency to externalize applications using pub/sub services to public clouds. This trend, despite its advantages, opens up multiple important data privacy and trust issues. Although multiple solutions for data protection have been proposed by the academic community, there is no unified view or framework describing how to deploy secure pub/sub systems on public clouds. To remediate this, we advocate towards a trust model which we believe can serve as basis for such deployments

Dynamic Frameproof Codes

There are many schemes in the literature for protecting digital data from piracy by the use of digital fingerprinting, such as frameproof codes, which prevent traitorous users from colluding to frame an innocent user, and traitor-tracing schemes, which enable the identification of users involved in piracy. The concept of traitor tracing has been applied to a digital broadcast setting in the form of dynamic traitor-tracing schemes and sequential traitor-tracing schemes, which could be used to combat piracy of pay-TV broadcasts, for example. In this thesis we explore the possibility of extending the properties of frameproof codes to this dynamic model. We investigate the construction of l-sequential c-frameproof codes, which prevent framing without requiring information obtained from a pirate broadcast. We show that they are closely related to the ordinary frameproof codes, which enables us to construct examples of these schemes and to establish bounds on the number of users they support. We then define l-dynamic c-frameproof codes that can prevent framing more efficiently than the sequential codes through the use of the pirate broadcast information. We give constructions for schemes supporting an optimal number of users in the cases where the number c of users colluding in piracy satisfies c greater than or equal to 2 or c=1. Finally we consider sliding-window l-dynamic frameproof codes that provide ongoing protection against framing by making use of the pirate broadcast. We provide constructions of such schemes and establish bounds on the number of users they support. In the case of a binary alphabet we use geometric structures to describe constructions, and provide new bounds. We then go on to provide two families of constructions based on particular parameters, and we show that some of these constructions are optimal for the given parameters

Construction of Almost Disjunct Matrices for Group Testing

In a \emph{group testing} scheme, a set of tests is designed to identify a small number $t$ of defective items among a large set (of size $N$) of items. In the non-adaptive scenario the set of tests has to be designed in one-shot. In this setting, designing a testing scheme is equivalent to the construction of a \emph{disjunct matrix}, an $M \times N$ matrix where the union of supports of any $t$ columns does not contain the support of any other column. In principle, one wants to have such a matrix with minimum possible number $M$ of rows (tests). One of the main ways of constructing disjunct matrices relies on \emph{constant weight error-correcting codes} and their \emph{minimum distance}. In this paper, we consider a relaxed definition of a disjunct matrix known as \emph{almost disjunct matrix}. This concept is also studied under the name of \emph{weakly separated design} in the literature. The relaxed definition allows one to come up with group testing schemes where a close-to-one fraction of all possible sets of defective items are identifiable. Our main contribution is twofold. First, we go beyond the minimum distance analysis and connect the \emph{average distance} of a constant weight code to the parameters of an almost disjunct matrix constructed from it. Our second contribution is to explicitly construct almost disjunct matrices based on our average distance analysis, that have much smaller number of rows than any previous explicit construction of disjunct matrices. The parameters of our construction can be varied to cover a large range of relations for $t$ and $N$.Comment: 15 Page