WO1997048084A1 - Security tagging of digital media - Google Patents

Security tagging of digital media Download PDF

Info

Publication number
WO1997048084A1
WO1997048084A1 PCT/IL1997/000191 IL9700191W WO9748084A1 WO 1997048084 A1 WO1997048084 A1 WO 1997048084A1 IL 9700191 W IL9700191 W IL 9700191W WO 9748084 A1 WO9748084 A1 WO 9748084A1
Authority
WO
WIPO (PCT)
Prior art keywords
scar
image
encrypted
recipient
gixels
Prior art date
Application number
PCT/IL1997/000191
Other languages
French (fr)
Inventor
Itzhak Pomerantz
Meir Zorea
Ram Cohen
Tomer Yahav
Original Assignee
Aliroo Ltd.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Aliroo Ltd. filed Critical Aliroo Ltd.
Priority to GB9827621A priority Critical patent/GB2329547B/en
Priority to AU30459/97A priority patent/AU3045997A/en
Publication of WO1997048084A1 publication Critical patent/WO1997048084A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N1/00Scanning, transmission or reproduction of documents or the like, e.g. facsimile transmission; Details thereof
    • H04N1/00838Preventing unauthorised reproduction
    • H04N1/00856Preventive measures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N1/00Scanning, transmission or reproduction of documents or the like, e.g. facsimile transmission; Details thereof
    • H04N1/00838Preventing unauthorised reproduction
    • H04N1/00856Preventive measures
    • H04N1/00864Modifying the reproduction, e.g. outputting a modified copy of a scanned original
    • H04N1/00867Modifying the reproduction, e.g. outputting a modified copy of a scanned original with additional data, e.g. by adding a warning message
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N1/00Scanning, transmission or reproduction of documents or the like, e.g. facsimile transmission; Details thereof
    • H04N1/00838Preventing unauthorised reproduction
    • H04N1/00856Preventive measures
    • H04N1/00864Modifying the reproduction, e.g. outputting a modified copy of a scanned original
    • H04N1/00867Modifying the reproduction, e.g. outputting a modified copy of a scanned original with additional data, e.g. by adding a warning message
    • H04N1/0087Modifying the reproduction, e.g. outputting a modified copy of a scanned original with additional data, e.g. by adding a warning message with hidden additional data, e.g. data invisible to the human eye

Definitions

  • the present invention relates to digital image processing generally and more particularly to security tagging of digital media.
  • an unscrupulous potential licensee may make unlicensed use of the image, or even worse, pass it on to others, without authorization of the rights owner.
  • the essential difficulty lies in the fact that provision of the image to a potential licensee in effect constitutes full delivery of that image, such that the image ceases to be under the control of the rights owner.
  • preventative measures which render the image unusable by the prospective licensee prior to payment of licensing fees.
  • Two common methods of this type are to encrypt the data file and to deny access to the file location until licensing fees are paid.
  • fingerprinting methods whereby the image is invisibly marked to indicate the ownership of the rights. The fingerprint can be relied upon in legal proceedings to prove the ownership rights in the image.
  • the present invention seeks to overcome the limitations of the prior art methods and apparatus and to provide apparatus and a method of allowing a potential licensee to evaluate and experiment with an image prior to licensing it, but without allowing him to make commercial use of it or transfer it to another for production work.
  • apparatus for protecting digital images provided to a recipient against unauthorized use and transfer including scarring apparatus for operating on the digital image to cause at least one encrypted scar to appear on the image, which other than bearing the scar may be used and manipulated by a recipient, and descarring apparatus operated by encryption key for removing the at least one encrypted scar from the image.
  • the descarring apparatus is also operative to implant an invisible transaction record in the image which identifies the recipient and preferably also the licensing transaction.
  • the encrypted scar comprises a plurality of gixels each including a plurality of pixels and wherein the pixels are scrambled within their respective gixel.
  • the encrypted scar includes a plurality of pixels, each pixel including color information, and wherein at least some of the plurality of pixels have scrambled color information.
  • the encrypted scar includes a plurality of scar gixels which are scrambled.
  • the encrypted scar contains substantially all of the image information needed to reconstruct the area of the digital image underlying the scar, other than the decryption key.
  • apparatus for protecting digital images provided to a recipient against unauthorized use and transfer comprising: a scarrer for operating on the digital image to cause at least one encrypted scar to appear on the image, which other than bearing the scar may be used and manipulated by a recipient.
  • descarring apparatus operable to manipulate digital images bearing at least one encrypted scar, which other than bearing the scar may be used and manipulated by a recipient, the apparatus including a descarrer operated by an decryption key for removing the at least one encrypted scar from the image.
  • the descarrer is inoperative for removing the at least one encrypted scar from the image without also embedding an invisible marker in the image, the marker preferably being a transaction record which may identify the recipient and/or also the licensing transaction.
  • the term "recipient” includes the person who descarrs the image, and this may be the same person as the one who scarred the image in the first place. It also includes any person who receives the image and does not descarr it for any reason.
  • a method for protecting digital images provided to a recipient against unauthorized use and transfer comprising: operating on the digital image to cause at least one encrypted scar to appear on the image, which other than bearing the scar may be used and manipulated by a recipient; and using a decryption key, removing the at least one encrypted scar from the image.
  • the encrypted scar comprises a plurality of gixels each including a plurality of pixels and wherein the pixels are scrambled within their respective gixel. Still further in accordance with a preferred embodiment of the present invention the encrypted scar includes a plurality of pixels, each pixel including color information, and wherein at least some of the plurality of pixels have scrambled color information.
  • the method also preferably includes the step of at the time of removing the scar also implanting an invisible marker in the image, the marker perhaps being a transaction record which identifies the recipient and/or the licensing transaction.
  • the step of removing the encrypted scar from the image cannot be carried out without also embedding an invisible marker in the image, which record may identify the recipient and preferably also the licensing transaction.
  • a method for protecting digital images provided to a recipient against unauthorized use and transfer including operating on the digital image to cause at least one encrypted scar to appear on the image, which other than bearing the scar may be used and manipulated by a recipient.
  • a method of operating on digital images bearing at least one encrypted scar which other than bearing the scar may be used and manipulated by a recipient, the method comprising using an decryption key to remove the at least one encrypted scar from the image.
  • an invisible transaction record must be implanted in the descarred image, which record may identify the recipient and/or the licensing transaction.
  • the encrypted scar includes a plurality of gixels each comprising a plurality of pixels, comprising the step of scrambling said pixels within their respective gixel.
  • the encrypted scar includes a plurality of pixels, each pixel comprising color information, said method further comprising the step of scrambling the color information of at least some of said plurality of pixels. It is noted that the present invention finds application inter alia in remote transmission of images for the purpose of licensing as well as in providing security in local archives.
  • Fig. 1 is a generalized functional block diagram of a system for protecting digital images provided to a recipient against unauthorized use and transfer, constructed and operative in accordance with a preferred embodiment of the present invention
  • FIGs. 2 A and 2B are simplified block diagram illustrations of scarring and descarring functionalities respectively carried out in accordance with a preferred embodiment of the present invention
  • Figures 3 A to 3E are illustrations of a typical image operated on by the system of Fig. 1 in unscarred and scarred states;
  • Appendix A is a listing of the source code of a scarring program.
  • Appendix B is a listing of the source code of a password-splitting program.
  • FIG. 1 is a generalized functional block diagram of a system, comprising units 6 and 8, constructed and operative in accordance with a preferred embodiment of the present invention, for protecting digital images provided to a recipient against unauthorized use and transfer.
  • a source image 10 such as, for example, the image appearing in Fig. 3 A is supplied to an image scarrer 12, which employs an encryption key, here termed a scarring key 14 to encrypt one or more user definable, relatively small, but important portions of the source image to produce a scarred image 16 as seen in Fig. 3B.
  • the scarred image of Fig. 3B has one or more scars 15, which are preferably scrambled portions of the image which contain all of the image information required to construct the complete source image, which information is disordered in accordance with the scarring key 14.
  • the scar may bear some alphanumeric information by reversing the color of some gixels in the encrypted image. This information can typically serve as a key clue. Upon decryption, the color-reversed pixels or gixels can easily be restored through color correlation with their local environment. This is particularly helpful in archive security applications where various keys may be employed and may be forgotten by the user.
  • the source image is typically provided to the scarrer 12 in a conventional bit map format such as, for example, BMP, GIF or JPEG.
  • the image scarrer may operate according to any suitable encryption program, such as, for example, the program whose listing is appended hereto as Appendix A.
  • the resulting scarred image as exemplified by Fig. 2B may be transmitted to a recipient, such as a potential licensee, at a remote location by using conventional communications and handled by the recipient like any other digital image for purposes of experimentation and evaluation.
  • the rights owner may generate a transaction password 19 upon receipt of payment or of an acceptable order.
  • the transaction password 19 includes not only the scarring key 14 but also a transaction identifier which can be used to identify the specific transaction and the recipient.
  • the transaction password 19 is transferred to the recipient using conventional communications.
  • the recipient may employ a program, the listing of the source code of which appears in Appendix B, to receive the transaction password 19 and extract the scarring key 14 and the transaction identifier.
  • the document marker 22 thus operates on the received scarred image 20 to produce an unscarred image 24, which bears an invisible transaction record identifying at least the recipient and the rights owner.
  • This transaction record is retained in the image even if it is transferred onward to further recipients in an unauthorized manner and cannot normally be erased by an unscrupulous recipient. This enables all future uses of the image to be traced back to the recipient.
  • the image cannot be unscarred without the invisible transaction record being embodied in the image.
  • FIGs. 2A and 2B are simplified block diagram illustrations of scarring and descarring functionalities respectively carried out in accordance with a preferred embodiment of the present invention.
  • the scarring process includes the steps of opening a source image in a scarring tool, such as the software set forth in Appendix A, and selecting an encryption key for use as the scarring key 14 (Fig. 1) for use in scarring.
  • a scarring tool such as the software set forth in Appendix A
  • the scarring process is carried out by the user, who would typically be the one responsible for protecting the rights of the rights owner in the image, and, having selected an encryption key he would then proceed to select one or more encryption modes.
  • Three encryption modes are typically provided and these include:
  • the next step in the process comprises defining a scar area within the image.
  • This step may be carried out automatically by a program that places random scars in the image. Alternatively it may be carried out manually by a person having an understanding of the commercial usefulness of the image so as to select a scar area which does not prevent full evaluation of the image by a potential licensee, but nevertheless prevents unauthorized use of the image until the scar is removed.
  • a size of scar gixel is preferably selected.
  • the scar tile may correspond to a gixel, where a gixel is a contiguous rectangle of pixels that can be moved around the image preserving its internal structure, as described in applicant/assignee's U.S. Patent 5,491,563, the disclosure of which is hereby incorporated by reference.
  • a gixel may be as small as a single pixel.
  • Israel Patent Application 120231 which is not prior art to the present application, describes how the present invention may be applied to a sound file.
  • Israel Patent Application 109591 discloses inter alia a scrambling transformation that can be applied to gixels. In this transformation the relative position of the gixels is changed but within each gixel the pixels are unchanged. This document also discloses considerations involved in choosing the most appropriate size of gixel. Details of the descrambling process are also discussed and the reader is referred to pages 34-68 of this document.
  • JPEG has a natural gixel size of 8 x 8 pixels.
  • the scarring tool may be adjusted to this preferred gixel size.
  • whole gixels may be shuffled about without changing the gixel itself.
  • An advantage in gixel shuffling is that it is faster than pixel shuffling, and gixel shuffling also provides a better concealment of the image.
  • the color values within the pixel are randomized.
  • the color information within a pixel is generally represented by three numerical values representing respective strengths of red, green and blue (R, G, B). In other systems four values (C, M, Y, K) can be used. In some images a single value may be used, simply to represent gray levels and it is also known to have a single binary value to represent black and white (B & W).
  • the advantage of randomizing the color values is that it produces an easy calculation, the disadvantage is that it produces an ugly scar.
  • Additional scars may be added as determined by the user and the scarred image is then delivered to the potential licensee.
  • Fig. 2B it is seen that the potential licensee opens the scarred image in a conventional graphics editor, such as PHOTOSHOP R or CORELDRAW R and, having experimented with and evaluated the scarred image to his satisfaction, initiates a licensing transaction. Having paid the licensing fee or otherwise made the necessary financial arrangements with the owner of the rights, he receives a licensing password, which corresponds to the transaction password 19 (Fig. 1), from the rights owner.
  • a licensing password which corresponds to the transaction password 19 (Fig. 1), from the rights owner.
  • the licensee employs the descarring tool, preferably provided to the licensee for free by the owner of the rights, uses it to extract both the descarring key and transaction identifier from the licensing password, and applies them to the scarred image. Preferably this is done using software which prevents him from employing the descarring key without applying the transaction identifier as an embedded invisible label in the resulting descarred image. To this end, the extraction of the descarring key is carried out internally in a manner which does not allow the recipient to tamper with the results.
  • the descarred, transaction identified image may then be stored for authorized use. Should the image be subsequently transferred for unauthorized use, digital examination of the unauthorized image will disclose the transaction identification embedded therein, including identification of the recipient who transferred the image without authority or made an unauthorized use thereof.
  • Figure 3 A shows a computerized image to which the system of figure 1 may be applied.
  • Figure 3B shows the image with a scar that has been created by gixel shuffling. It will be apparent that the shape of the image is effectively disguised.
  • Figure 3C shows the image with a scar formed by shuffling pixels within a gixel. It will be seen that the general shape of the image is preserved although the quality is reduced sufficiently to prevent commercial use of the image.
  • Figure 3D shows a scar formed by shuffling both pixels and gixels
  • figure 3E shows a scar formed by randomizing the colors of a pixel.
  • H GLOBAL hpermute GlobalAlloc(GPTR,tot_t ⁇ les * sizeof(DWORD));
  • DWORD ImgAddLine ((DWORD)width * bpp) » bpp2;
  • HGLOBAL hper2 GlobalAlloc(GPTR,num * sizeof(DWORD));
  • dwPassword « 1 ; if (dwNum & 1) dwPassword

Abstract

A system for protecting digital images provided to a recipient against unauthorized use and transfer including a scarrer (2) for operating on the digital image (10) to cause at least one encrypted scar to appear on the image (16), which other than bearing the scar may be used and manipulated by a recipient and a descarrer (22) operated by a decryption key for removing the at least one encrypted scar from the image.

Description

SECURITY TAGGING OF DIGITAL MEDIA
The present invention relates to digital image processing generally and more particularly to security tagging of digital media.
Commercial licensing of images such as photographs is well known. Generally, the owner of rights in an image provides the image to a potential licensee for evaluation. If the potential licensee wishes to use the image, he enters into a license agreement with the rights owner.
Unfortunately, an unscrupulous potential licensee may make unlicensed use of the image, or even worse, pass it on to others, without authorization of the rights owner. The essential difficulty lies in the fact that provision of the image to a potential licensee in effect constitutes full delivery of that image, such that the image ceases to be under the control of the rights owner.
Various proposals have been made to overcome this difficulty. Some of these proposals are reviewed in an article entitled "Handcuff Digital Thieves" by Philip Chudy, In Byte Magazine, International Edition, April, 1996, page 40.
The prior art proposals may be divided into two categories: preventative measures which render the image unusable by the prospective licensee prior to payment of licensing fees. Two common methods of this type are to encrypt the data file and to deny access to the file location until licensing fees are paid. fingerprinting methods whereby the image is invisibly marked to indicate the ownership of the rights. The fingerprint can be relied upon in legal proceedings to prove the ownership rights in the image.
Commercial products for implementing both types of proposals are available from HighWater FBI Ltd. 2-6 St. George's Business Park, Alstone Lane, Cheltenham, Gloucestershire, GL51 8HF, United Kingdom; Fraunhofer Institute for Computer Graphics, Wilhelminestr. 7, 64283 Darmstadt, Germany and Digimarc Corporation 1850 NW 113th Avenue, Portland, Oregon 97229, USA.
Unfortunately both types of proposals have serious limitations. The preventative methods do not allow the prospective licensee to evaluate and experiment with the actual image prior to licensing it. The fingerprinting methods do not identify the unscrupulous potential licensee who has illegally used or transferred the image.
The present invention seeks to overcome the limitations of the prior art methods and apparatus and to provide apparatus and a method of allowing a potential licensee to evaluate and experiment with an image prior to licensing it, but without allowing him to make commercial use of it or transfer it to another for production work.
In this specification and claims the terms "scrambling" and "encrypting", and the terms "descrambling" and "decrypting" are respectively synonymous.
There is thus provided in accordance with a preferred embodiment of the present invention apparatus for protecting digital images provided to a recipient against unauthorized use and transfer including scarring apparatus for operating on the digital image to cause at least one encrypted scar to appear on the image, which other than bearing the scar may be used and manipulated by a recipient, and descarring apparatus operated by encryption key for removing the at least one encrypted scar from the image.
In accordance with a preferred embodiment of the present invention, the descarring apparatus is also operative to implant an invisible transaction record in the image which identifies the recipient and preferably also the licensing transaction.
Further in accordance with a preferred embodiment of the present embodiment the encrypted scar comprises a plurality of gixels each including a plurality of pixels and wherein the pixels are scrambled within their respective gixel.
Still further in accordance with a preferred embodiment of the present invention the encrypted scar includes a plurality of pixels, each pixel including color information, and wherein at least some of the plurality of pixels have scrambled color information.
In accordance with a preferred embodiment of the present invention, the encrypted scar includes a plurality of scar gixels which are scrambled.
Preferably, the encrypted scar contains substantially all of the image information needed to reconstruct the area of the digital image underlying the scar, other than the decryption key. There is also provided in accordance with a preferred embodiment of the present invention apparatus for protecting digital images provided to a recipient against unauthorized use and transfer comprising: a scarrer for operating on the digital image to cause at least one encrypted scar to appear on the image, which other than bearing the scar may be used and manipulated by a recipient.
There is additionally provided in accordance with a preferred embodiment of the present invention descarring apparatus operable to manipulate digital images bearing at least one encrypted scar, which other than bearing the scar may be used and manipulated by a recipient, the apparatus including a descarrer operated by an decryption key for removing the at least one encrypted scar from the image.
In accordance with a preferred embodiment of the present invention, the descarrer is inoperative for removing the at least one encrypted scar from the image without also embedding an invisible marker in the image, the marker preferably being a transaction record which may identify the recipient and/or also the licensing transaction.
In this specification the term "recipient" includes the person who descarrs the image, and this may be the same person as the one who scarred the image in the first place. It also includes any person who receives the image and does not descarr it for any reason.
There is additionally provided in accordance with a preferred embodiment of the present invention a method for protecting digital images provided to a recipient against unauthorized use and transfer comprising: operating on the digital image to cause at least one encrypted scar to appear on the image, which other than bearing the scar may be used and manipulated by a recipient; and using a decryption key, removing the at least one encrypted scar from the image.
Further in accordance with a preferred embodiment of the present invention the encrypted scar comprises a plurality of gixels each including a plurality of pixels and wherein the pixels are scrambled within their respective gixel. Still further in accordance with a preferred embodiment of the present invention the encrypted scar includes a plurality of pixels, each pixel including color information, and wherein at least some of the plurality of pixels have scrambled color information.
The method also preferably includes the step of at the time of removing the scar also implanting an invisible marker in the image, the marker perhaps being a transaction record which identifies the recipient and/or the licensing transaction.
Preferably, the step of removing the encrypted scar from the image cannot be carried out without also embedding an invisible marker in the image, which record may identify the recipient and preferably also the licensing transaction.
There is additionally provided in accordance with a preferred embodiment of the present invention a method for protecting digital images provided to a recipient against unauthorized use and transfer including operating on the digital image to cause at least one encrypted scar to appear on the image, which other than bearing the scar may be used and manipulated by a recipient.
There is further provided in accordance with a preferred embodiment of the present invention a method of operating on digital images bearing at least one encrypted scar, which other than bearing the scar may be used and manipulated by a recipient, the method comprising using an decryption key to remove the at least one encrypted scar from the image.
Preferably, at the time of removing the scar, an invisible transaction record must be implanted in the descarred image, which record may identify the recipient and/or the licensing transaction.
Preferably, the encrypted scar includes a plurality of gixels each comprising a plurality of pixels, comprising the step of scrambling said pixels within their respective gixel.
Preferably the encrypted scar includes a plurality of pixels, each pixel comprising color information, said method further comprising the step of scrambling the color information of at least some of said plurality of pixels. It is noted that the present invention finds application inter alia in remote transmission of images for the purpose of licensing as well as in providing security in local archives.
The present invention will be understood and appreciated more fully from the following detailed description, given purely by way of example, taken in conjunction with the drawings in which:
Fig. 1 is a generalized functional block diagram of a system for protecting digital images provided to a recipient against unauthorized use and transfer, constructed and operative in accordance with a preferred embodiment of the present invention;
Figs. 2 A and 2B are simplified block diagram illustrations of scarring and descarring functionalities respectively carried out in accordance with a preferred embodiment of the present invention;
Figures 3 A to 3E are illustrations of a typical image operated on by the system of Fig. 1 in unscarred and scarred states;
Appendix A is a listing of the source code of a scarring program; and
Appendix B is a listing of the source code of a password-splitting program.
Reference is now made to Fig. 1 , which is a generalized functional block diagram of a system, comprising units 6 and 8, constructed and operative in accordance with a preferred embodiment of the present invention, for protecting digital images provided to a recipient against unauthorized use and transfer. A source image 10, such as, for example, the image appearing in Fig. 3 A is supplied to an image scarrer 12, which employs an encryption key, here termed a scarring key 14 to encrypt one or more user definable, relatively small, but important portions of the source image to produce a scarred image 16 as seen in Fig. 3B. The scarred image of Fig. 3B has one or more scars 15, which are preferably scrambled portions of the image which contain all of the image information required to construct the complete source image, which information is disordered in accordance with the scarring key 14.
The scar may bear some alphanumeric information by reversing the color of some gixels in the encrypted image. This information can typically serve as a key clue. Upon decryption, the color-reversed pixels or gixels can easily be restored through color correlation with their local environment. This is particularly helpful in archive security applications where various keys may be employed and may be forgotten by the user.
The source image is typically provided to the scarrer 12 in a conventional bit map format such as, for example, BMP, GIF or JPEG. The image scarrer may operate according to any suitable encryption program, such as, for example, the program whose listing is appended hereto as Appendix A.
The resulting scarred image, as exemplified by Fig. 2B may be transmitted to a recipient, such as a potential licensee, at a remote location by using conventional communications and handled by the recipient like any other digital image for purposes of experimentation and evaluation.
Should the recipient decide to obtain rights to use the image 18, the rights owner may generate a transaction password 19 upon receipt of payment or of an acceptable order. In accordance with a preferred embodiment of the present invention, the transaction password 19 includes not only the scarring key 14 but also a transaction identifier which can be used to identify the specific transaction and the recipient. Upon completion of the rights transaction, the transaction password 19 is transferred to the recipient using conventional communications.
The recipient may employ a program, the listing of the source code of which appears in Appendix B, to receive the transaction password 19 and extract the scarring key 14 and the transaction identifier. A document marker 22, which may employ the fingerprinting software available from Digimarc Corporation, Portland Oregon, preferably carries out the following two functions and is prevented from carrying out the first without carrying out the second:
1. Descrambling of the scars using the scarring key 14 to produce an unscarred image.
2. Embedding an invisible to the eye but electronically detectable transaction identifier which identifies the recipient and preferably also the licensing transaction and preferably also identifies the rights owner and contains a transaction number.
In summary it is appreciated that the document marker 22 thus operates on the received scarred image 20 to produce an unscarred image 24, which bears an invisible transaction record identifying at least the recipient and the rights owner. This transaction record is retained in the image even if it is transferred onward to further recipients in an unauthorized manner and cannot normally be erased by an unscrupulous recipient. This enables all future uses of the image to be traced back to the recipient.
It is particularly preferred that the image cannot be unscarred without the invisible transaction record being embodied in the image.
Reference is now made to Figs. 2A and 2B, which are simplified block diagram illustrations of scarring and descarring functionalities respectively carried out in accordance with a preferred embodiment of the present invention.
As illustrated in Fig. 2A, the scarring process includes the steps of opening a source image in a scarring tool, such as the software set forth in Appendix A, and selecting an encryption key for use as the scarring key 14 (Fig. 1) for use in scarring.
The scarring process is carried out by the user, who would typically be the one responsible for protecting the rights of the rights owner in the image, and, having selected an encryption key he would then proceed to select one or more encryption modes. Three encryption modes are typically provided and these include:
1. shuffling gixels, that is rectangles of one or more pixels - see below- within the scar area,
2. shuffling pixels within a gixel, and
3. modifying the color values within a pixel.
The next step in the process comprises defining a scar area within the image. This step may be carried out automatically by a program that places random scars in the image. Alternatively it may be carried out manually by a person having an understanding of the commercial usefulness of the image so as to select a scar area which does not prevent full evaluation of the image by a potential licensee, but nevertheless prevents unauthorized use of the image until the scar is removed.
A size of scar gixel is preferably selected. The scar tile may correspond to a gixel, where a gixel is a contiguous rectangle of pixels that can be moved around the image preserving its internal structure, as described in applicant/assignee's U.S. Patent 5,491,563, the disclosure of which is hereby incorporated by reference. A gixel may be as small as a single pixel. Reference is also made in this connection to the following patent applications of applicant/assignee, the disclosures of which are also incorporated herein by reference:
Israel Patent Applications 106567, 120231 & 109591, U.S. Patent Application Serial No. 08/131,326.
Israel Patent Application 120231, which is not prior art to the present application, describes how the present invention may be applied to a sound file.
Israel Patent Application 109591 discloses inter alia a scrambling transformation that can be applied to gixels. In this transformation the relative position of the gixels is changed but within each gixel the pixels are unchanged. This document also discloses considerations involved in choosing the most appropriate size of gixel. Details of the descrambling process are also discussed and the reader is referred to pages 34-68 of this document.
It is noted that some graphic formats have a natural gixel size that is handled by the format as a single entity. For example JPEG has a natural gixel size of 8 x 8 pixels. In such cases the scarring tool may be adjusted to this preferred gixel size.
If mode 1. above has been selected then the scar is scrambled by shuffling gixels around the scar according to the selected scarring key 14. An advantage of gixel shuffling is that the image is better disguised than in the other methods, and another advantage is that it is fast relative to pixel shuffling.
If mode 2. is selected then pixels are shuffled around the gixel. An advantage of moving pixels rather than gixels is that the general shape of the image is preserved within the scar. However the quality is not good enough for commercial use of the image.
Additionally or alternatively whole gixels may be shuffled about without changing the gixel itself. An advantage in gixel shuffling is that it is faster than pixel shuffling, and gixel shuffling also provides a better concealment of the image.
If mode 3. is selected then the color values within the pixel are randomized. The color information within a pixel is generally represented by three numerical values representing respective strengths of red, green and blue (R, G, B). In other systems four values (C, M, Y, K) can be used. In some images a single value may be used, simply to represent gray levels and it is also known to have a single binary value to represent black and white (B & W). The advantage of randomizing the color values is that it produces an easy calculation, the disadvantage is that it produces an ugly scar.
It is particularly advantageous to randomize the color values in combination with one or both of the shuffling methods as the combination increases the cryptographic strength of the scar.
Additional scars may be added as determined by the user and the scarred image is then delivered to the potential licensee.
Referring now to Fig. 2B, it is seen that the potential licensee opens the scarred image in a conventional graphics editor, such as PHOTOSHOP R or CORELDRAW R and, having experimented with and evaluated the scarred image to his satisfaction, initiates a licensing transaction. Having paid the licensing fee or otherwise made the necessary financial arrangements with the owner of the rights, he receives a licensing password, which corresponds to the transaction password 19 (Fig. 1), from the rights owner.
The licensee employs the descarring tool, preferably provided to the licensee for free by the owner of the rights, uses it to extract both the descarring key and transaction identifier from the licensing password, and applies them to the scarred image. Preferably this is done using software which prevents him from employing the descarring key without applying the transaction identifier as an embedded invisible label in the resulting descarred image. To this end, the extraction of the descarring key is carried out internally in a manner which does not allow the recipient to tamper with the results.
The descarred, transaction identified image may then be stored for authorized use. Should the image be subsequently transferred for unauthorized use, digital examination of the unauthorized image will disclose the transaction identification embedded therein, including identification of the recipient who transferred the image without authority or made an unauthorized use thereof.
Figure 3 A shows a computerized image to which the system of figure 1 may be applied. Figure 3B shows the image with a scar that has been created by gixel shuffling. It will be apparent that the shape of the image is effectively disguised. Figure 3C shows the image with a scar formed by shuffling pixels within a gixel. It will be seen that the general shape of the image is preserved although the quality is reduced sufficiently to prevent commercial use of the image. Figure 3D shows a scar formed by shuffling both pixels and gixels, and figure 3E shows a scar formed by randomizing the colors of a pixel.
It will be appreciated by persons skilled in the art that the present invention is not limited by what has been particularly shown and described hereinabove. Rather the scope of the present invention is defined only by the claims which follow the attached appendices:
Appendix A
Source code of a scarring program
Variables:
WORD m_BitCount - No. of bits per pixel in image
WORD m_Width - Width of DIB image in pixels
WORD m_Heιght - Height of DIB image in pixels
BYTE HUGE *mJpDιbBιts - Memory location of DIB image (points to the beginning of the LAST line of the image) char Q m_Password - Holds the password with which to scramble/descramble BOOL bDescramble- Scrambling or Descrambling flag RECT rect - The rectangle area to be scrambled\descrambled
WORD TILE_X - Width of a single tile in pixels (in multiples of 8) WORD TILE_Y - Height of a single tile in pixels
BOOL Scramble(BOOL bDescramble.RECT &rect)
{
// calculate how many tiles in rect
UINT width = rect. right - rect. left,
UINT height = rect.bottom - rect.top;
UINT tiies_x = width / TILE_X,
UINT tιles_y = height / TILE_Y,
DWORD totjiles = (DWORD)tiles_x * tiles_y;
//-allocate memory to hold permutation
H GLOBAL hpermute = GlobalAlloc(GPTR,tot_tιles * sizeof(DWORD));
DWORD huge *permute = (DWORD huge
*)GlobalLock(hpermute),
DWORD k.
WORD i,j,dest_tιle_x,dest_tιle_y;
WORD n,
WORD bpp,bpp2,
// create permutation MakePermutatιon(permute,tot_tιles, bDescramble),
// Now, scramble the bitmap
// allocate memory for temporary rectangle image bpp = m_BιtCount / 8, if (bpp < 1) bpρ = 1 , bpp2 = 0, if (m_BιtCount == 4) bpp2 = 1 , else if (m_BιtCount == 2) bpp2 = 2, else if (m_BιtCount == 1 ) bpp2 = 3, DWORD dwSize = ((DWORD)height * width * bpp) » bpp2; HGLOBAL hMem = GlobalAlloc(GPTR,dwSize); BYTE huge *lpMem = (BYTE huge *)GlobalLock(hMem); DWORD DibAddLine = ((((D WORD)m_Width * m_BitCount + 31 ) / 32) * 32) / 8;
DWORD ImgAddLine = ((DWORD)width * bpp) » bpp2;
BYTE huge *toPtr; BYTE huge *fromPtr;
// copy with permutation from DIB to temporary rectangle memory for(i=0;i<tiles_y;i++) { for(j=0;j<tiles_x;j++) { k = permute[(DWORD)i * tiles_x + j]; dest_tile_y = (WORD)(k / tileslx); dest_tile_x = (WORD)(k % tiles_x);
toPtr = IpMem + (height - 1 - i * TILE Y) * ImgAddLine + ((j * bpp * TILE_X) » bpp2); fromPtr = mJpDibBits + (m_Height - 1 - (rect.top + dest_tile_y * TILE_Y)) * DibAddLine + (((rect. left + dest_tile_x * TILE_X) * bpp) » bpp2);
// Copy the tile for(ii=0;ii<TILE_Y;ii++) {
WORD jj; for(jj=0;jj<((bpp*TILE_X) » bpp2);jj++) *(toPtr++) = *(fromPtr++);
toPtr -= (ImgAddLine + ((bpp*TILE_X) » bpp2)); fromPtr -= (DibAddLine + ((bpp*TILE_X) » bpp2));
} }
}
// now, copy entire rectangle back to the DIB
for(i=0;i<height:i++) { fromPtr = IpMem + i * ImgAddLine; toPtr = mJpDibBits + (m_Height - rect.bottom + i) * DibAddLine
((rect.leff bpp) » bpp2); _fmemcpy(toPtr,fromPtr,(width * bpp) » bpp2);
}
// free allocated memory
GlobalUnlock(hMem);
GlobalFree(hMem); GlobalUnlock(hpermute); GlobalFree(hpermute);
return TRUE; } void MakePermutation(DWORD huge *permute, DWORD num. BOOL bRev)
{
DWORD i,k,j;
WORD seed;
seed = 1 ; for(i=0;i<strleπ(m_Password);i++) seed *= m_Password[iJ; srand(&seed);
for(i=0;i<num;i++) permute[i] = i;
for(i=0;i<num-1 ;i++) { j = (((WORD)rand() « 8) | rand()) & 0x7FFF; j = i + j % (num - i - 1); k = permute[i]; permute[i] = permute[j]; permute[j] = k;
}
// when descrambling need to create an inverse of the permutation if (bRev) {
HGLOBAL hper2 = GlobalAlloc(GPTR,num * sizeof(DWORD));
DWORD huge *per2 = (DWORD huge *)GlobalLock(hper2); for(i=0;i<num;i++) per2[permute[i]] = i; for(i=0;i<num;i++) permute[i] = per2[i];
GlobalUnlock(hρer2);
GlobalFree(hper2);
} } Appendix B
Source code of a password-splitting program void Split(DWORD dwNum)
{
DWORD dwPassword;
DWORD dwSerial; int i; dwPassword = dwSerial = 0;
for(i=0;i<16;i++) { dwPassword «= 1 ; if (dwNum & 1) dwPassword |= 1; dwNum »=1 ; dwSerial «=1; if (dwNum & 1) dwSerial |= 1 ; dwNum »= 1;
} printf("The password is: %lu\n", dwPassword); printffThe serial no. is: %lu\n", dwSerial);
}

Claims

C L A I M S
1. A system for protecting digital images provided to a recipient against unauthorized use and transfer comprising: a scarrer for operating on the digital image to cause at least one encrypted scar to appear on the image, which other than bearing the scar may be used and manipulated by a recipient; and a descarrer operated by a decryption key for removing the at least one encrypted scar from the image.
2. A system according to claim 1 and wherein the descarrer is also operative to implant an invisible marker in the image.
3. A system according to claim 1 and wherein said at least one encrypted scar comprises a plurality of scar gixels which are scrambled.
4. A system according to claim 1 and wherein said encrypted scar contains substantially all of the image information needed to reconstruct the area of the digital image underlying the scar, other than the decryption key.
5. A system according to claim 2 and wherein said at least one encrypted scar comprises a plurality of scar gixels which are scrambled.
6. A system according to claim 2 and wherein said encrypted scar contains substantially all of the image information needed to reconstruct the area of the digital image underlying the scar, other than the decryption key.
7. A system according to claim 2 and wherein said descarrer is inoperative for removing the at least one encrypted scar from the image without also embedding an invisible marker in the image.
8. Apparatus for protecting digital images provided to a recipient against unauthorized use and transfer comprising: a scarrer for operating on the digital image to cause at least one encrypted scar to appear on the image, which other than bearing the scar may be used and manipulated by a recipient.
9. Apparatus according to claim 8 and wherein said at least one encrypted scar comprises a plurality of scar gixels which are scrambled.
10. A system according to claim 8 and wherein said encrypted scar contains substantially all of the image information needed to reconstruct the area of the digital image underlying the scar, other than the decryption key.
11. Descarring apparatus for use with digital images bearing at least one encrypted scar, which other than bearing the scar may be used and manipulated by a recipient, and including: a descarrer operated by an encryption key for removing the at least one encrypted scar from the image.
12. Descarring apparatus according to claim 11 and wherein said descarrer is operative to implant an invisible marker in the descarred image.
13. Descarring apparatus according to claim 11 and wherein said at least one encrypted scar comprises a plurality of scar gixels which are scrambled.
14. Descarring apparatus according to claim 1 1 and wherein said encrypted scar contains substantially all of the image information needed to reconstruct the area of the digital image underlying the scar, other than the decryption key.
15. Descarring apparatus according to claim 11 and wherein said descarrer is inoperative for removing the at least one encrypted scar from the image without also embedding an invisible marker in the image.
16. A method for protecting digital images provided to a recipient against unauthorized use and transfer comprising: operating on the digital image to cause at least one encrypted scar to appear on the image, which other than bearing the scar may be used and manipulated by a recipient; and using a decryption key, removing the at least one encrypted scar from the image.
17. A method according to claim 16 and also comprising the step of implanting an invisible transaction record in the image at the time of removing the scar, which record identifies the recipient.
18. A method according to claim 16 and wherein said at least one encrypted scar comprises a plurality of scar gixels which are scrambled.
19. A method according to claim 16 and wherein said encrypted scar contains substantially all of the image information needed to reconstruct the area of the digital image underlying the scar, other than the decryption key.
20. A method according to claim 17 and wherein said at least one encrypted scar comprises a plurality of scar gixels which are scrambled.
21. A method according to claim 17 and wherein said encrypted scar contains substantially all of the image information needed to reconstruct the area of the digital image underlying the scar, other than the decryption key.
22. A method according to claim 17 and wherein said step of removing said encrypted scar from the image cannot be carried out without also embedding an invisible marker in the image.
23. A method for protecting digital images provided to a recipient against unauthorized use and transfer comprising: operating on the digital image to cause at least one encrypted scar to appear on the image, which other than bearing the scar may be used and manipulated by a recipient.
24. A method according to claim 23 and wherein said at least one encrypted scar comprises a plurality of scar gixels which are scrambled.
25. A method according to claim 23 and wherein said encrypted scar contains substantially all of the image information needed to reconstruct the area of the digital image underlying the scar, other than the decryption key.
26. A method for use with digital images bearing at least one encrypted scar, which other than bearing the scar may be used and manipulated by a recipient, and including: using a decryption key, removing the at least one encrypted scar from the image.
27. A method according to claim 26 and wherein at the time of removing the scar, an invisible marker is implanted in the descarred image.
28. A method according to claim 26 and wherein said at least one encrypted scar comprises a plurality of scar gixels which are scrambled.
29. A method according to claim 26 and wherein said encrypted scar contains substantially all of the image information needed to reconstruct the area of the digital image underlying the scar, other than the decryption key.
30. A method according to claim 27 and wherein said step of removing the at least one encrypted scar from the image is prevented from being carried out without also embedding an invisible marker in the image.
31. A system according to claim 2 wherein said encrypted scar comprises a plurality of gixels each comprising a plurality of pixels and wherein said pixels are scrambled within their respective gixel.
32. A system according to claim 2 wherein said encrypted scar includes a plurality of pixels, each pixel comprising color information, and wherein at least some of said plurality of pixels have scrambled color information.
33. A method according to claim 16, wherein said encrypted scar comprises a plurality of gixels each comprising a plurality of pixels, comprising the step of scrambling said pixels within their respective gixel.
34. A method according to claim 16 wherein said encrypted scar comprises a plurality of pixels, each pixel comprising color information, said method further comprising the step of scrambling the color information of at least some of said plurality of pixels.
PCT/IL1997/000191 1996-06-12 1997-06-12 Security tagging of digital media WO1997048084A1 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
GB9827621A GB2329547B (en) 1996-06-12 1997-06-12 Security tagging of digital media
AU30459/97A AU3045997A (en) 1996-06-12 1997-06-12 Security tagging of digital media

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
IL118643 1996-06-12
IL11864396A IL118643A (en) 1996-06-12 1996-06-12 System for protecting digital images provided to a recipient

Publications (1)

Publication Number Publication Date
WO1997048084A1 true WO1997048084A1 (en) 1997-12-18

Family

ID=11068963

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/IL1997/000191 WO1997048084A1 (en) 1996-06-12 1997-06-12 Security tagging of digital media

Country Status (4)

Country Link
AU (1) AU3045997A (en)
GB (1) GB2329547B (en)
IL (1) IL118643A (en)
WO (1) WO1997048084A1 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7110566B2 (en) 2000-12-07 2006-09-19 Sony United Kingdom Limited Modifying material
US7443982B2 (en) 2000-12-07 2008-10-28 Sony United Kingdom Limited Watermarking and transferring material

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1215880A3 (en) 2000-12-07 2003-08-13 Sony United Kingdom Limited Embedding data in material
GB2379295A (en) 2001-08-31 2003-03-05 Sony Uk Ltd A system for distributing audio/video material to a potential buyer

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US3914877A (en) * 1974-04-08 1975-10-28 Marion E Hines Image scrambling technique
US4245213A (en) * 1979-08-20 1981-01-13 Igor Kriger Security system
US4972476A (en) * 1989-05-11 1990-11-20 Nathans Robert L Counterfeit proof ID card having a scrambled facial image
EP0493091A1 (en) * 1990-12-27 1992-07-01 Xerox Corporation Method and system for embedding machine readable digital data in grayscale images
US5315098A (en) * 1990-12-27 1994-05-24 Xerox Corporation Methods and means for embedding machine readable digital data in halftone images
US5488664A (en) * 1994-04-22 1996-01-30 Yeda Research And Development Co., Ltd. Method and apparatus for protecting visual information with printed cryptographic watermarks

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US3914877A (en) * 1974-04-08 1975-10-28 Marion E Hines Image scrambling technique
US4245213A (en) * 1979-08-20 1981-01-13 Igor Kriger Security system
US4972476A (en) * 1989-05-11 1990-11-20 Nathans Robert L Counterfeit proof ID card having a scrambled facial image
EP0493091A1 (en) * 1990-12-27 1992-07-01 Xerox Corporation Method and system for embedding machine readable digital data in grayscale images
US5315098A (en) * 1990-12-27 1994-05-24 Xerox Corporation Methods and means for embedding machine readable digital data in halftone images
US5488664A (en) * 1994-04-22 1996-01-30 Yeda Research And Development Co., Ltd. Method and apparatus for protecting visual information with printed cryptographic watermarks

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
1979, CONF. ON CRIME COUNTERMEASURES, LEXINGTON, KENTUCKY, 16-18 May 1979, SZEPANSKI W., "A Signal Theoretic Method for Creating Forgery-Proof Documents for Automatic Verification", pp. 101-109. *

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7110566B2 (en) 2000-12-07 2006-09-19 Sony United Kingdom Limited Modifying material
US7443982B2 (en) 2000-12-07 2008-10-28 Sony United Kingdom Limited Watermarking and transferring material
US7962964B2 (en) 2000-12-07 2011-06-14 Sony United Kingdom Limited Watermarking and transferring material

Also Published As

Publication number Publication date
IL118643A0 (en) 1996-10-31
GB2329547A (en) 1999-03-24
IL118643A (en) 1999-12-22
GB2329547B (en) 1999-12-22
AU3045997A (en) 1998-01-07
GB9827621D0 (en) 1999-02-10

Similar Documents

Publication Publication Date Title
US6490681B1 (en) Electronic watermarking system
EP1725015B1 (en) System and method for controlling reproduction of documents containing sensitive information
Tsai et al. Multi-morphological image data hiding based on the application of Rubik's cubic algorithm
US7171021B2 (en) Data processing apparatus and method, and storage medium therefor
Zhao Applying digital watermarking techniques to online multimedia commerce
US20050169498A1 (en) Apparatus and method for watermarking digital image
WO1995020291A1 (en) Method of and apparatus for manipulating digital data works
EP0867843A3 (en) System and method for authentication, and device and method for autentication
EP0821326A3 (en) Method and system for the secure transmission and storage of protectable information
US6742712B1 (en) Information card and information card system
EP1223742A1 (en) Image distributing method and system, image data, and recorded medium
Muyco et al. Least significant bit hash algorithm for digital image watermarking authentication
Kekre et al. Performance evaluation of pixel value differencing and Kekre's modified algorithm for information hiding in images
WO1997048084A1 (en) Security tagging of digital media
CN106600516B (en) Image embedding method based on digital fingerprint
JP2000350007A (en) Electronic watermarking method, electronic watermark device and recording medium
IL120231A (en) System for protecting digital media provided to a recipient
Bansal Data security by steganography: A review
EP1116176B1 (en) Information card
Abdelrahman Mohamed Mostafa Overview and Classification of Digital Watermarking Algorithms
Sahu et al. A survey on robust image watermarking techniques and different applications
JPH10191025A (en) Information embedding device for digital image
Shah et al. Robust Reversible Watermarking Using Binary Xored
JPH09275523A (en) Material division and delivery method and system therefor
DECODE ‘DIGITAL ‘ID Portion of Format

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): AL AM AT AT AU AZ BA BB BG BR BY CA CH CN CU CZ CZ DE DE DK DK EE EE ES FI FI GB GE GH HU IL IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MD MG MK MN MW MX NO NZ PL PT RO RU SD SE SG SI SK SK TJ TM TR TT UA UG US UZ VN YU ZW AM AZ BY KG KZ MD RU TJ TM

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): GH KE LS MW SD SZ UG ZW AT BE CH DE DK ES FI FR GB

DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
121 Ep: the epo has been informed by wipo that ep was designated in this application
ENP Entry into the national phase

Ref country code: GB

Ref document number: 9827621

Kind code of ref document: A

Format of ref document f/p: F

NENP Non-entry into the national phase

Ref country code: CA

NENP Non-entry into the national phase

Ref country code: JP

Ref document number: 98501411

Format of ref document f/p: F

REG Reference to national code

Ref country code: DE

Ref legal event code: 8642

122 Ep: pct application non-entry in european phase