ON THE (IN)SECURITY OF TWO BUYER-SELLER WATERMARKING PROTOCOLS

Geong Sen Poh, Keith M. Martin

Abstract

A buyer-seller watermarking protocol deters dishonest buyers from illegally distributing bought content. This is achieved by giving the seller the capability to trace and identify these buyers, while also allowing the seller to prove illegal acts to a third party. At the same time, an honest buyer is prevented from being falsely accused of illegal content distribution by the seller. Many protocols have been proposed, with two recent proposals being the protocols proposed by Ibrahim et al. in IAS 2007 and SECRYPT 2007. We will show that these protocols are not secure, especially for the seller. We further put forward our thoughts on how it is possible to avoid the security weaknesses found in them.

References

  1. Bellare, M., Pointcheval, D., and Rogaway, P. (2000). Authenticated Key Exchange Secure against Dictionary Attacks. In Preneel, B., editor, Advances in Cryptology - EUROCRYPT 2000, volume 1807 of Lecture Notes in Computer Science, pages 139-155. SpringerVerlag.
  2. Blakley, G. R., Meadows, C., and Purdy, G. B. (1985). Fingerprinting Long Forgiving Messages. In Williams, H. C., editor, Advances in Cryptology - CRYPTO 1985, volume 218 of Lecture Notes in Computer Science, pages 180-189. Springer-Verlag.
  3. Boyd, C. and Mathuria, A. (2003). Protocols for Authentication and Key Establishment. Information Security and Cryptography Series, Springer-Verlag.
  4. Camenisch, J. (2000). Efficient Anonymous Fingerprinting with Group Signatures. In Okamoto, T., editor, Advances in Cryptology - ASIACRYPT 2000, volume 1976 of Lecture Notes in Computer Science, pages 415-428. Springer-Verlag.
  5. Choi, J.-G., Sakurai, K., and Park, J.-H. (2003). Does It Need Trusted Third Party? Design of Buyer-Seller Watermarking Protocol without Trusted Third Party. In Zhou, J., Yung, M., and Han, Y., editors, Applied Cryptography and Network Security - ACNS 2003, volume 2846 of Lecture Notes in Computer Science, pages 265-279. Springer-Verlag.
  6. Dent, A. and Mitchell, C. (2004). User's Guide to Cryptography and Standards. Artech House.
  7. Dierks, T. and Rescorla, E. (2006). The TLS Protocol Version 1.1. RFC 4346.
  8. Fiat, A. and Shamir, A. (1987). How to prove yourself: Practical solutions to identification and signature problems. In Odlyzko, A. M., editor, Advances in Cryptology - CRYPTO 1986, volume 263 of Lecture Notes in Computer Science, pages 186-194. SpringerVerlag.
  9. Goi, B.-M., Phan, R. C.-W., Yang, Y., Bao, F., Deng, R. H., and Siddiqi, M. U. (2004). Cryptanalysis of Two Anonymous Buyer-Seller Watermarking Protocols and an Improvement for True Anonymity. In Jakobsson, M., Yung, M., and Zhou, J., editors, Applied Cryptography and Network Security - ACNS 2004, volume 3089 of Lecture Notes in Computer Science, pages 369-382. Springer-Verlag.
  10. Ibrahim, I. M., El-Din, S. H. N., and Hegazy, A. F. A. (2007a). An Effective and Secure Buyer-Seller Watermarking Protocol. In Third International Symposium on Information Assurance and Security (IAS 07), IEEE Computer Society Press, pages 21-26.
  11. Ibrahim, I. M., El-Din, S. H. N., and Hegazy, A. F. A. (2007b). An Effective and Secure Watermarking Protocol for Digital Rights Protection Over the SecondHand Market. In SECRYPT 2007 - International Conference on Security and Cryptography, pages 263- 268.
  12. ISO (1998). Information Technology - Security Techniques - Entity Authentication Mechanisms - Part 3: Entity Authentication Using a Public Key Algorithm ISO/IEC 9798-3. ISO/IEC International Standard, 2nd Edition.
  13. Ju, H. S., Kim, H. J., Lee, D. H., and Lim, J. I. (2002). An Anonymous Buyer-Seller Watermarking Protocol with Anonymity Control. In Lee, P. J. and Lim, C. H., editors, Information Security and Cryptology - ICISC 2002, volume 2587 of Lecture Notes in Computer Science, pages 421-432. Springer-Verlag.
  14. Lei, C.-L., Yu, P.-L., Tsai, P.-L., and Chan, M.-H. (2004). An efficient and anonymous buyer-seller watermarking protocol. IEEE Trans. on Image Processing, 13(12):1618-1626.
  15. Memon, N. and Wong, P. W. (2001). A buyer-seller watermarking protocol. IEEE Trans. on Image Processing, 10(4):643-649.
  16. Paillier, P. (1999). Public-key Cryptosystems Based on Composite Degree Residuosity Classes. In Stern, J., editor, Advances in Cryptology - EUROCRYPT 1999, volume 1592 of Lecture Notes in Computer Science, pages 223-238. Springer-Verlag.
  17. Pfitzmann, B. and Schunter, M. (1996). Asymmetric Fingerprinting. In Maurer, U. M., editor, Advances in Cryptology - EUROCRYPT 1996, volume 1070 of Lecture Notes in Computer Science, pages 84-95. Springer-Verlag.
  18. Pfitzmann, B. and Waidner, M. (1997). Anonymous Fingerprinting. In Fumy, W., editor, Advances in Cryptology - EUROCRYPT 1997, volume 1233 of Lecture Notes in Computer Science, pages 88-102. Springer-Verlag.
  19. Rivest, R. L., Shamir, A., and Adleman, L. (1978). A Method for Obtaining Digital Signatures and PublicKey Cryptosystems. Commun. of the ACM, 2(2):120- 126.
  20. Wagner, N. R. (1983). Fingerprinting. In IEEE Symposium on Security and Privacy, pages 18-22.
Download


Paper Citation


in Harvard Style

Sen Poh G. and M. Martin K. (2008). ON THE (IN)SECURITY OF TWO BUYER-SELLER WATERMARKING PROTOCOLS . In Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2008) ISBN 978-989-8111-59-3, pages 253-260. DOI: 10.5220/0001919702530260


in Bibtex Style

@conference{secrypt08,
author={Geong Sen Poh and Keith M. Martin},
title={ON THE (IN)SECURITY OF TWO BUYER-SELLER WATERMARKING PROTOCOLS},
booktitle={Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2008)},
year={2008},
pages={253-260},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0001919702530260},
isbn={978-989-8111-59-3},
}


in EndNote Style

TY - CONF
JO - Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2008)
TI - ON THE (IN)SECURITY OF TWO BUYER-SELLER WATERMARKING PROTOCOLS
SN - 978-989-8111-59-3
AU - Sen Poh G.
AU - M. Martin K.
PY - 2008
SP - 253
EP - 260
DO - 10.5220/0001919702530260