MULTIMEDIA AND SECURITY ECRYPT: EUROPEAN NETWORK OF EXCELLENCE IN CRYPTOLOGY

Die Abkürzung ECRYPT /1/ steht für „European Network of Excellence in Cryptology”. Das Netzwerk ist ein Zusammenschluss von ca. 180 europäischen Forschern und Entwicklern, an dem auch Informatiker der Otto-von-Guericke-Universität Magdeburg beteiligt sind. Das Projekt, in dessen Mittelpunkt die Forschungen zur Sicherung von Multimediadaten (Digital Rights Management) stehen, wird von der Europäischen Union über einen Zeitraum von vier Jahren gefördert. Die Forscher wollen Methoden entwickeln, um Musik, Bilder oder Videos mit zusätzlichen Schutzmechanismen zu versehen, mit dem Ziel Manipulationen zu erkennen oder bspw. Raubkopien zu verhindern oder aufzuspüren. Das Advanced Multimedia and Security Lab (AMSL) der Arbeitsgruppe Multimedia and Security an der Otto-von-Guericke-Universität leitet zusammen mit Stefan Katzenbeisser (TU München) seit Anfang 2004 das „Watermarking Virtual Lab“ (WAVILA), einen Teilbereich des Netzwerkes ECRYPT. In diesem Verbund arbeiten verschiedene Arbeitsgruppen, zum Beispiel aus Italien, Spanien, Frankreich, Deutschland, Belgien, der Schweiz und den Niederlanden, zusammen. Der Fokus der gemeinsamen Arbeit liegt dabei im Bereich der digitalen Wasserzeichen. Ihre Eigenschaften und Einsatzgebiete werden analysiert und es werden theoretische Grundlagen für Sicherheitsmodelle und für die Definitionen digitaler Wasserzeichen erarbeitet. In diesem Beitrag sollen die Motivation und die neuen Herausforderungen von ECRYPT, sowie die Ziele des Netzwerkes vorgestellt werden. Des Weiteren werden Arbeiten aus dem Bereich Wasserzeichen Benchmarking sowie Algorithmenentwurf präsentiert, um einen Einblick in das Umfeld zu ermöglichen

Digital Watermarking for Verification of Perception-based Integrity of Audio Data

In certain application fields digital audio recordings contain sensitive content. Examples are historical archival material in public archives that preserve our cultural heritage, or digital evidence in the context of law enforcement and civil proceedings. Because of the powerful capabilities of modern editing tools for multimedia such material is vulnerable to doctoring of the content and forgery of its origin with malicious intent. Also inadvertent data modification and mistaken origin can be caused by human error. Hence, the credibility and provenience in terms of an unadulterated and genuine state of such audio content and the confidence about its origin are critical factors. To address this issue, this PhD thesis proposes a mechanism for verifying the integrity and authenticity of digital sound recordings. It is designed and implemented to be insensitive to common post-processing operations of the audio data that influence the subjective acoustic perception only marginally (if at all). Examples of such operations include lossy compression that maintains a high sound quality of the audio media, or lossless format conversions. It is the objective to avoid de facto false alarms that would be expectedly observable in standard crypto-based authentication protocols in the presence of these legitimate post-processing. For achieving this, a feasible combination of the techniques of digital watermarking and audio-specific hashing is investigated. At first, a suitable secret-key dependent audio hashing algorithm is developed. It incorporates and enhances so-called audio fingerprinting technology from the state of the art in contentbased audio identification. The presented algorithm (denoted as ”rMAC” message authentication code) allows ”perception-based” verification of integrity. This means classifying integrity breaches as such not before they become audible. As another objective, this rMAC is embedded and stored silently inside the audio media by means of audio watermarking technology. This approach allows maintaining the authentication code across the above-mentioned admissible post-processing operations and making it available for integrity verification at a later date. For this, an existent secret-key ependent audio watermarking algorithm is used and enhanced in this thesis work. To some extent, the dependency of the rMAC and of the watermarking processing from a secret key also allows authenticating the origin of a protected audio. To elaborate on this security aspect, this work also estimates the brute-force efforts of an adversary attacking this combined rMAC-watermarking approach. The experimental results show that the proposed method provides a good distinction and classification performance of authentic versus doctored audio content. It also allows the temporal localization of audible data modification within a protected audio file. The experimental evaluation finally provides recommendations about technical configuration settings of the combined watermarking-hashing approach. Beyond the main topic of perception-based data integrity and data authenticity for audio, this PhD work provides new general findings in the fields of audio fingerprinting and digital watermarking. The main contributions of this PhD were published and presented mainly at conferences about multimedia security. These publications were cited by a number of other authors and hence had some impact on their works