1. Field of the Invention
This application relates to the field of digital multimedia and more particularly to the field of watermarking digital video content.
2. Description of Related Art
The secure transmission of digital multimedia information is an important concern for multimedia content owners, particularly in distribution channels having public access, such as the Internet or wireless networks. Security has traditionally been provided through encryption, however, a widespread distribution of key-management for encryption is cumbersome. Furthermore, encryption provides incomplete security since, after decryption, the original digital content may be readily reproduced and distributed.
Another form of protection is provided by a message authentication code (xe2x80x9cMACxe2x80x9d) that is attached to digital content. For example, origination information can appear within a message field appended to digital content. However, this type of add-on authentication is easily identified and removed. A more resilient MAC system is provided by digital watermarking. Digital watermarking is a technique for hiding an identification of origin in a digital media stream. A watermark is actually embedded in the media stream, so that removal of the watermark may destroy or visibly alter the underlying content. The watermark may also be inserted into the original data in a manner that is imperceptible to the listener/viewer. When such watermarked digital content is distributed on-line, or recorded on a disk, the origination data travels with it, and allows the originator to demonstrate the source of the content. Digital watermarking also identifies tampering, since any manipulation of a sequence will result in an invalid watermark.
The difficulty in defining a watermark for tamper-proofing and authentication of video lies in adequately describing every frame of the video sequence within the capacity allocated for the watermark sequence, since the length of the watermark must be reconciled with the competing objective that the watermark be unobtrusive. One known approach to this difficulty uses edge mapping. In edge mapping, high-contrast areas in the luminance component are converted to a binary edge map for each Moving Picture Experts Group (xe2x80x9cMPEGxe2x80x9d) frame. In order to compress this representation into a form sufficiently compact for watermarking, another binary edge map is generated by a logical OR of individual edge maps from a group of consecutive pictures. This representation is then encrypted for security. As a significant disadvantage, this approach has not proven highly reliable, particularly in high-motion video sequences. Other approaches directed at a compact, unique watermark representations of the underlying content also exist. However, they tend to perform poorly under the lossy environment of video compression techniques such as MPEG.
There remains a need for a message authentication code that compactly describes digital video content in a manner that permits tamper-proofing and authentication of origin. There also remains a need for a message authentication code that permits identification of particular areas within an image that have been tampered with.
According to the principles of the invention, there is provided a system for generating a message authentication code for a conventional digital video stream. The system operates on the rows and columns of block data for a video stream, and more specifically on histograms of DC coefficients from each row and column, to produce a compact code that is nonetheless descriptive of the underlying images in the video stream. The message authentication code can be reproduced from the images of a received video stream, and if desired, compared with a digital watermark embedded in the video stream in order to confirm the accuracy of the video content or identify the source of the video stream.
In one aspect, a method of generating a message authentication code according to the principles of the invention includes receiving a plurality of blocks of image data, each block corresponding to a particular one of a plurality of rows and a particular one of a plurality of columns of an image; generating a row histogram for each particular one of the plurality of rows, the row histogram representing values in blocks corresponding to the particular one of the plurality of rows; generating a row representation from each row histogram, the row representation corresponding to the particular one of the rows from which the row histogram was formed; generating a column histogram for each particular one of the plurality of columns, the column histogram representing values in blocks corresponding to the particular one of the plurality of columns; generating a column representation from each column histogram, the column representation corresponding to the particular one of the columns from which the column histogram was formed; and generating a message authentication code comprising the plurality of row representations and the plurality of column representations.
In this aspect, the method may further include encrypting the message authentication code. The method may include an error correction code with the message authentication code. Each row histogram may represent a plurality of DC coefficient values in blocks corresponding to the particular one of the plurality of rows, and each column histogram may represent a plurality of DC coefficient values in blocks corresponding to the particular one of the plurality of columns. Each row histogram may represent a plurality of block average values in blocks corresponding to the particular one of the plurality of rows, and each column histogram may represent a plurality of block average values in blocks corresponding to the particular one of the plurality of columns. Each row histogram may include eight evenly spaced, contiguous bins, and each column histogram may include eight evenly spaced, contiguous bins.
Each row representation may be a row parity bit and each column representation may be a column parity bit. In this aspect, generating the row parity bit may further include forming a row digital sequence from the row histogram, the row digital sequence including a row bin bit for each bin of the row histogram, and generating the row parity bit by summing the row bin bits of the digital sequence; and generating the column parity bit may further include forming a column digital sequence from the column histogram, the column digital sequence including a column bin bit for each bin of the column histogram, and generating the column parity bit by summing the column bin bits of the column digital sequence. Generating the message authentication code may include concatenating each of the row parity bits and each of the column parity bits. The message authentication code may be a one-hundred fifty bit message authentication code. The plurality of blocks of image data may comprise a Moving Picture Experts Group video stream.
In a different aspect, a method of using a message authentication code according to the principles of the invention includes: receiving a plurality of blocks of image data, each block corresponding to a particular one of a plurality of rows and a particular one of a plurality of columns of an image; generating a row histogram for each particular one of the plurality of rows, the row histogram representing values in blocks corresponding to the particular one of the plurality of rows; generating a row representation from each row histogram, the row representation corresponding to the particular one of the rows from which the row histogram was formed; generating a column histogram for each particular one of the plurality of columns, the column histogram representing values in blocks corresponding to the particular one of the plurality of columns; generating a column representation from each column histogram, the column representation corresponding to the particular one of the columns from which the column histogram was formed; generating a message authentication code comprising the plurality of row representations and the plurality of column representations; reading a watermark from the plurality of blocks of image data; and comparing the watermark to the message authentication code.
In this aspect, the method may further include decrypting the watermark before comparing it to the message authentication code. Each row histogram may represent a plurality of DC coefficient values in blocks corresponding to the particular one of the plurality of rows, and each column histogram may represent a plurality of DC coefficient values in blocks corresponding to the particular one of the plurality of columns. Each row histogram may represents a plurality of block average values in blocks corresponding to the particular one of the plurality of rows, and each column histogram may represent a plurality of block average values in blocks corresponding to the particular one of the plurality of columns. Each row histogram may include eight evenly spaced, contiguous bins, and each column histogram may include eight evenly spaced, contiguous bins.
Further in this aspect, each row representation may be a row parity bit and each column representation may be a column parity bit. Generating the row parity bit may further include forming a row digital sequence from the row histogram, the row digital sequence including a row bin bit for each bin of the row histogram, and generating the row parity bit by summing the row bin bits of the digital sequence; and generating the column parity bit may further include forming a column digital sequence from the column histogram, the column digital sequence including a column bin bit for each bin of the column histogram, and generating the column parity bit by summing the column bin bits of the column digital sequence. Generating the message authentication code may include concatenating each of the row parity bits and each of the column, parity bits. The message authentication code may be a one-hundred fifty bit message authentication code. The plurality of blocks of image data may be a Moving Picture Experts Group video stream. Comparing the watermark to the message authentication code may further include localizing errors in the plurality of blocks of image data.
In a different aspect, a system for generating a message authentication code according to the principles of the invention includes: means for receiving a plurality of blocks of image data, each block corresponding to a particular one of a plurality of rows and a particular one of a plurality of columns of an image; means for generating a row histogram for each particular one of the plurality of rows, the row histogram representing values in blocks corresponding to the particular one of the plurality of rows; means for generating a row representation from each row histogram, the row representation corresponding to the particular one of the rows from which the row histogram was formed; means for generating a column histogram for each particular one of the plurality of columns, the column histogram representing values in blocks corresponding to the particular one of the plurality of columns; means for generating a column representation from each column histogram, the column representation corresponding to the particular one of the columns from which the column histogram was formed; and means for generating a message authentication code comprising the plurality of row representations and the plurality of column representations.
In this aspect, each row presentation may be a row parity bit and each column representation may be a column parity bit. The system may further include means for encrypting the message authentication code. The system may further include means for including error correction with the message authentication code. The system may further include a Moving Picture Experts Group encoder for providing the plurality of blocks of image data to the receiving means; and a watermark unit for embedding the message authentication code in the plurality of blocks of image data. The system may further include a Moving Picture Experts Group decoder for providing the plurality of blocks of image data to the receiving means; a watermark reader for reading a watermark embedded in the plurality of blocks of image data; and a watermark processor for comparing the watermark to the message authentication code.
In a different aspect, a digital video encoder according to the principles of the invention includes: a transform unit, the transform unit receiving a plurality of blocks of video data and performing a two-dimensional transform on each block to provide a transformed block, each transformed block including a plurality of coefficients; a quantizer, the quantizer receiving each transformed block and scaling each coefficient of each transformed block using a quantization index, thereby providing a plurality of quantized blocks; a message authentication code generator, the message authentication code generator receiving each of the plurality of quantized blocks and generating a message authentication code, the message authentication code including a plurality of row parity bits and a plurality of column parity bits, each one of the plurality of row parity bits determined according to a parity of a sum of corresponding row histogram bins containing DC coefficients, and each one of the column parity bits determined according to a parity of a sum of corresponding column histogram bins containing DC coefficients; and a watermark unit, the watermark unit receiving the message authentication code and the plurality of quantized blocks, and the watermark unit embedding the message authentication code into the plurality of quantized blocks.
In this aspect, the message authentication code generator may encrypt the message authentication code. Each row histogram may include eight evenly spaced, contiguous bins, and each column histogram may include eight evenly spaced, contiguous bins. The message authentication code may include a concatenation of each of the plurality of row parity bits and each of the plurality of column parity bits. The message authentication code may be a one-hundred fifty bit message authentication code. The plurality of blocks of video data may be a Moving Picture Experts Group video stream.
In a different aspect, a message authentication code embodied in a Moving Picture Experts Group video data carrier signal, according to the principles of the invention, includes: a plurality of row parity bits, one row parity bit for each row of transformed blocks of an image, each one of the row parity bits determined according to a parity of a sum of corresponding row histogram bins containing DC coefficients; and a plurality of column parity bits, one column parity bit for each column of transformed blocks of the image, each one of the column parity bits determined according to a parity of a sum of corresponding column histogram bins containing DC coefficients.
In this aspect, the plurality of row parity bits may include sixty row parity bits and the plurality of column parity bits may include ninety column parity bits. The plurality of column parity bits and the plurality of row parity bits may be encrypted.
In a different aspect, a computer program product for generating a message authentication code according to the principles of the invention includes machine executable code for performing the following steps: receiving a plurality of blocks of image data, each block corresponding to a particular one of a plurality of rows and a particular one of a plurality of columns of an image; generating a row histogram for each particular one of the plurality of rows, the row histogram representing values in blocks corresponding to the particular one of the plurality of rows; generating a row representation from each row histogram, the row representation corresponding to the particular one of the rows from which the row histogram was formed; generating a column histogram for each particular one of the plurality of columns, the column histogram representing values in blocks corresponding to the particular one of the plurality of columns; generating a column representation from each column histogram, the column representation corresponding to the particular one of the columns from which the column histogram was formed; and generating a message authentication code comprising the plurality of row representations and the plurality of column representations.
In this aspect, the computer program product may further include machine executable code for encrypting the message authentication code. Each row histogram may represent a plurality of DC coefficient values in blocks corresponding to the particular one of the plurality of rows, and each column histogram may represent a plurality of DC coefficient values in blocks corresponding to the particular one of the plurality of columns. Each row histogram may represent a plurality of block average values in blocks corresponding to the particular one of the plurality of rows, and each column histogram may represent a plurality of block average values in blocks corresponding to the particular one of the plurality of columns. Each row histogram may include eight evenly spaced, contiguous bins, and each column histogram may include eight evenly spaced, contiguous bins.
Generating the row representation may further include forming a row digital sequence from the row histogram, the row digital sequence including a row bin bit for each bin of the row histogram, and generating a row parity bit by summing the row bin bits of the digital sequence; and generating the column representation may further include forming a column digital sequence from the column histogram, the column digital sequence including a column bin bit for each bin of the column histogram, and generating a column parity bit by summing the column bin bits of the column digital sequence. Generating the message authentication code may include concatenating each of the row representations and each of the column representations. The message authentication code may be a one-hundred fifty bit message authentication code. The plurality of blocks of image data may be a Moving Picture Experts Group video stream.