An unified approach of asymmetric watermarking schemes

International audienceAsymmetric schemes belong to second generation of watermarking. Whereas their need and advantage are well understood, many doubts have been raised about their robustness and security. Four different asymmetric schemes have been proposed up to now. Whereas they were seemingly relying on completely different concepts, they share the same performances. Exploring in detail these concepts, the authors propose a common formulation of the four different detector processes. This allows to stress common features about security of asymmetric schemes

A constructive and unifying framework for zero-bit watermarking

In the watermark detection scenario, also known as zero-bit watermarking, a watermark, carrying no hidden message, is inserted in content. The watermark detector checks for the presence of this particular weak signal in content. The article looks at this problem from a classical detection theory point of view, but with side information enabled at the embedding side. This means that the watermark signal is a function of the host content. Our study is twofold. The first step is to design the best embedding function for a given detection function, and the best detection function for a given embedding function. This yields two conditions, which are mixed into one `fundamental' partial differential equation. It appears that many famous watermarking schemes are indeed solution to this `fundamental' equation. This study thus gives birth to a constructive framework unifying solutions, so far perceived as very different.Comment: submitted to IEEE Trans. on Information Forensics and Securit

Publicly Detectable Watermarking for Language Models

We construct the first provable watermarking scheme for language models with public detectability or verifiability: we use a private key for watermarking and a public key for watermark detection. Our protocol is the first watermarking scheme that does not embed a statistical signal in generated text. Rather, we directly embed a publicly-verifiable cryptographic signature using a form of rejection sampling. We show that our construction meets strong formal security guarantees and preserves many desirable properties found in schemes in the private-key watermarking setting. In particular, our watermarking scheme retains distortion-freeness and model agnosticity. We implement our scheme and make empirical measurements over open models in the 7B parameter range. Our experiments suggest that our watermarking scheme meets our formal claims while preserving text quality

Identifying Appropriate Intellectual Property Protection Mechanisms for Machine Learning Models: A Systematization of Watermarking, Fingerprinting, Model Access, and Attacks

The commercial use of Machine Learning (ML) is spreading; at the same time, ML models are becoming more complex and more expensive to train, which makes Intellectual Property Protection (IPP) of trained models a pressing issue. Unlike other domains that can build on a solid understanding of the threats, attacks and defenses available to protect their IP, the ML-related research in this regard is still very fragmented. This is also due to a missing unified view as well as a common taxonomy of these aspects. In this paper, we systematize our findings on IPP in ML, while focusing on threats and attacks identified and defenses proposed at the time of writing. We develop a comprehensive threat model for IP in ML, categorizing attacks and defenses within a unified and consolidated taxonomy, thus bridging research from both the ML and security communities

A review on structured scheme representation on data security application

With the rapid development in the era of Internet and networking technology, there is always a requirement to improve the security systems, which secure the transmitted data over an unsecured channel. The needs to increase the level of security in transferring the data always become the critical issue. Therefore, data security is a significant area in covering the issue of security, which refers to protect the data from unwanted forces and prevent unauthorized access to a communication. This paper presents a review of structured-scheme representation for data security application. There are five structured-scheme types, which can be represented as dual-scheme, triple-scheme, quad-scheme, octal-scheme and hexa-scheme. These structured-scheme types are designed to improve and strengthen the security of data on the application