The present invention relates generally to digital watermarking for digital multimedia. More particularly, the invention relates to a watermarking system useful for authentication, error concealment and other multimedia watermarking applications.
Because of the potential to make perfect digital copies from digitally distributed media, content providers have requested equipment manufactures to develop copy protection technologies that are robust and resistant to attack, without being unduly cumbersome for the legitimate end user. Many copy protection schemes in use today rely upon encryption and authentication. Under a typical scheme the data is encrypted and protected by an authentication mechanism that will allow the data to be decrypted for playback. The encrypted media (e.g., DVD disc) is provided with a digital key that is stored somewhere on the media, such as in the lead-in area preceding the digital content. The playback drive unit reads this key and generates the necessary decryption key to allow the content to be decrypted and played back.
To prevent or at least control the creation of perfect digital copies, component manufactures place a digital copy protection system in the devices at the time of manufacture. Thereafter, when two components are connected together, such as a DVD player and a digital TV or digital VCR, the copy protection systems exchange keys and authentication certificates to establish a secure channel. The DVD player encrypts the audio and video signal as it sends it to the receiving device, which must decrypt it. This keeps other connected but unauthenticated devices from stealing the signal. Similar techniques may be used in other digital medial applications, including cable delivery systems, satellite delivery systems, and alike.
In digital authentication systems, such as the ones discussed above, determining how to deploy the authentication certificate in the media can be quite challenging. The conventional approach is to treat each frame of digital content (e.g. each MPEG frame) as an independent image and add the authentication watermark in the spatial domain. This entails the writing of a digital watermark at a predetermined spatial location in each frame. An alternate approach is to add the authentication information in a separate header associated with the media content. Both of these conventional solutions have problems. First, placing the authentication information in a predetermined spatial location or in a predetermined header exposes the authentication information to possible discovery and misappropriation. Simply stated, if the authentication information can be extracted intact, it can be used again to spoof the system into allowing unauthorized copies to be made.
Second, the authentication information that is spatially disposed or placed in a header can become corrupted by compression-decompression operations that may be preformed on the data as part of the regular distribution process. For example, digital content may be converted to a lower bit rate, allowing it to pass through a lower band with channel, and this can have an adverse effect upon the integrity of the authentication information. If the authentication information is damaged during the normal process of distribution, even legitimate users will be prevented from accessing the digital content.
One of the interesting challenges with digital content authentication is that the authentication information should be fragile when under attack and yet robust under normal delivery conditions. Thus the well designed authentication system should behave in a fragile way under attack, so that the authentication information is destroyed thereby preventing the attacker from using it. Conversely, the authentication information should be robust enough not to loose its integrity when normal delivery processes are preformed upon it. Transcoding operations to effect bit rate reduction should not damage the robust authentication information. Achieving these seemingly opposite goals has heretofore proven elusive.
The present invention provides a semi-fragile watermarking system that may be used for authentication of digital content. Although the techniques of the invention can be applied in a variety of different digital media applications, the watermarking system finds particular utility in the MPEG video application and it will therefore be described in that context here. The semi-fragile watermarking system employs a dual component watermark, including a fragile watermark and a robust watermark. The two watermark components are extracted from features derived from the digital content, allowing the watermarks to be placed beyond the spatial domain where they are far more difficult to discover and tamper with. The fragile watermark is encrypted hash of quantized DCT coefficient. The fragile watermark is embedded by an odd-even approach. The robust watermark may also be derived from the hash value. In the presently preferred embodiment the robust watermark is embedded using a block-based spread spectrum approach. The robust watermark is embedded using a noise-like random signal that is modulated with the authentication data. Watermark strength is adjusted by monitoring the Just Noticeable Difference (JND) parameter of the MPEG format.
The result is a semi-fragile watermark that has both fragile and robust components. In the preferred architecture the fragile watermark is added on top of the robust watermark. Because the embedding capacity of the two watermarks is different, the fragile watermark will reveal alteration at the video block level, while the robust watermark maybe accessed at the higher group level.
The semi-fragile watermarking system of the invention improves the encoding and decoding speed when compared to conventional watermarking methods. Because no additional bits are needed to carry the authentication information, the effective bit rate using the invention is better than with conventional authentication techniques. If transcoders are used to reduce the bit rate, to accommodate a low bandwidth channel, the watermark remains robust. As will be more fully explained herein, the watermarking system can differentiate among various attacks, allowing those attacks to be combated using the most effective techniques appropriate for the type of attack. For a more complete understanding of the invention, its objects and advantages, refer to the remaining specification and to the accompanying drawings.