包装防伪与数字水印

A Publicly Verifiable Copyright-Proving SchemeResistant to Malicious AttacksTzung-Her Chen,Gwoboa Horng,Member,IEEE,and Wei-Bin Lee,Member,IEEEAbstract—A wavelet-based copyright-proving scheme that does not require the original image for logo verification is proposed in this paper.The scheme is strong enough to resist malicious ma-nipulations of an image including blurring,JPEG compression, noising,sharpening,scaling,rotation,cropping,scaling-cropping, and print–photocopy–scan attacks.The proposed scheme is also re-sistant to StirMark and unZign attacks and it is not only a robust method but also a lossless one.Experiments are conducted to show the robustness of this method.Moreover,cryptographic tools,such as digital signature and timestamp,are introduced to make copy-right proving publicly verifiable.Index Terms—Copyright protection,digital signature,digital timestamp,digital watermarking,discrete wavelet transform.I.I NTRODUCTIONT HERE is no doubt that the progress of networking tech-nology has enabled much faster and easier distribution of digital documents.Moreover,duplicating digital documents has become as simple as clicking a button.Accordingly,the issue of copyright protection has become more imperative than ever. Furthermore,the current problems with copyright protection ob-struct the rapid evolution of computer and communication net-works[1].Hence,the enhancement and further development of digital copyright protection is central to the development of fu-ture communication networks.The current cryptographic techniques,such as encryption, digital signature,and digital timestamp,[2]while suitable for text documents,are not suitable for protecting multimedia data such as images,audio,and video directly.Firstly,thefile size is much greater than that of text.Hence,more time is needed to encrypt/sign them.Secondly,no distortion is allowed in en-crypted/signed text.However,this requirement is not always necessary for the multimedia data.Recently,digital watermarking techniques have received considerable attention,since they have high commercial poten-tial for copyright protection and authentication for multimedia data.A digital watermarking technique embeds a watermark, including a signature or a copyright message,such as a trade logo,a seal,or a sequence number,into an image.Subsequently, the watermark can be extracted/detected from the watermarked image and be adopted to verify the ownership.Manuscript received August22,2002;revised December26,2003.Abstract published on the Internet November10,2004.T.-H.Chen and G.Horng are with the Institute of Computer Science, National Chung Hsing University,Taichung402,Taiwan,R.O.C.(e-mail: phd9007@.tw;gbhorng@.tw).W.-B.Lee is with the Department of Information Engineering,Feng Chia University,Taichung407,Taiwan,R.O.C.(e-mail:lwb@.tw). Digital Object Identifier10.1109/TIE.2004.841083With copyright protection in mind,a watermarking scheme must satisfy six essential properties.First,a watermark must have transparency.That is to say,the embedded watermark must be perceptually invisible.In other words,the embedding process should not distort the image from the human visual aspect.The second is robustness.The embedded watermark must be strong enough to resist against attacks intending to remove the water-mark.These attacks include:image processing(blurring,JPEG compression,noising,and sharpening)and geometric distortions (scaling,rotation,cropping,and print–photocopy–scan).The third property is unambiguity.A watermarking technique must identify the owner of an image without ambiguity.The fourth property is security.According to Kerckhoff’s principle,the security of a cryptosystem should not depend on keeping the cryptographic algorithm secret[2].Security depends only on keeping the key secret.For the same reason,the security of the watermark should not depend upon the assumption that the pirate does not know the watermarking algorithm.The watermarking algorithm must be public while the embedded watermark is undeletable.Thefifth property is blindness.In the watermark verification phase,it is not necessary to use the original image in identifying the embedded watermark.That is,the copyright owners need no extra disk space to preserve the original image. The sixth andfinal essential property it must be able to have is multiple watermarking.In a multiple watermarking scheme, more recent watermarks(for legal distributors and users)must not interfere with the original watermarks.Copyright protection is limited today because almost all pro-posed watermarking technology cannot simultaneously meet all of these properties.One of the most cited watermarking schemes is proposed by Cox et al.in[3].The authors embed the water-mark sequence into the highest magnitude discrete cosine trans-form coefficients.Since the watermark is cast into the most per-ceptually significant regions of the original image,it is tough enough to resist common signal processing and geometric dis-tortions.In[4]and[5],the authors propose the discrete co-sine/wavelet transform schemes to embed watermarks by mod-ifying the middle-frequency coefficients.Unfortunately,their schemes are sensitive to simple geometric distortions.In[6], cocktail watermarking is proposed by Lu and Liao.They si-multaneously insert two complementary watermarks into the original image incorporating a modulation strategy.One em-bedded watermark is based on a positive modulation rule,used to increasingly modulate the selected wavelet coefficients of the original image and the other a negative modulation rule,used to decreasingly modulate the selected wavelet coefficients of the original image.Thus,no matter what kind of attack is encoun-tered,at least one watermark will survive.Although many at-0278-0046/$20.00©2005IEEEtacks,including StirMark[7],are conducted to prove robust-ness,several geometric distortions,such as small-angel rota-tion,cropping,and print–photocopy–scan,are not addressed. The common weakness in[3]–[6]is requiring the original image to detect/extract the watermark.This is another reason their schemes are not suitable for multiple watermarking.Tsai et al.proposes a blind wavelet-based watermarking scheme[8].After permuting the visually recognizable water-mark by torus automorphisms,the transformed watermark is then embedded into the coefficients selected within the wavelet-trans-formed components.Their scheme does not require the original image to extract the embedded watermark.However,this scheme is weak against geometric distortion attacks.Moreover,the scheme is not suitable for multiple watermarking.In[9],a blind watermarking scheme based on discrete wavelet transformation(DWT)and the human visual system model is proposed.The scheme embeds the watermark,a binary pseudo-random sequence,into the three highest frequency components.While this scheme is shown to be resistant against compression,cropping,and morphing in their experiments,it has a major weakness.An attacker can easily remove the embedded watermark by discarding the highest frequency components in the DWT domain without distorting the watermarked image seriously.In the current literature,the proposed watermarking tech-niques tend to focus on improving robustness.However, Katzenbeisser argues,“watermarking alone is not sufficient to resolve rightful ownership of digital data;a protocol relying on the existing public-key infrastructure,which is also used for digital signatures,is necessary.”[10].In the following,we discuss the challenges of copyright protection issues in depth.1)Benchmark attacks:It is well known that StirMark andunZ‘ign are two powerful benchmarks to evaluate the ro-bustness of watermarking schemes[7],[11].In general,a copyright-protection scheme is easy to break if it cannot resist StirMark and unZign attacks.2)Malicious attacks:For copyright protection purposes,ro-bustness is a necessary but not completely sufficient prop-erty to guarantee security[12].A watermarking scheme should also be able to resist counterfeit[13],[14],and copy attacks[14].a)Counterfeit attacks:An attacker can confuse the own-ership by simply embedding another watermark into an already watermarked image.Hence,there are two different watermarks in the watermarked image.This problem of multiple claims of ownership is also called the deadlock problem,invertibility attack,IBM attack,etc.[12].b)Copy attacks:The copy attack copies a watermarkfrom a watermarked image to another image without knowing the secret parameters[14].3)Blind pattern matching(BPM)attacks:The BPM attackis a new breed of attack against generic watermarking techniques[15].BPM attacks make watermark detec-tion/extraction nearly impossible.The attack consists of three stages:a)dividing the watermarked image into overlappinglow-granularity blocks;b)identifying and classifying subsets of perceptuallysimilar blocks;c)pseudo-randomly permuting their locations in theimage.Hence,the large percentage of the watermarked image will be disturbed or replaced such that the watermark de-tection/extraction will fail.Almost all of the proposed watermarking schemes do not ad-dress the malicious attacks mentioned above.BPM attacks are especially lethal for the current schemes.Recently,Chang et al.[13],[16]proposed a novel scheme to protect image copyright.The authors introduced a timestamp technique to rout counterfeit attacks.The main advantages of their methods are:1)the protected image is the same as the original,i.e.,the copyright-protection scheme is lossless;2)the original image is not required to extract the logo;3)a mul-tiple watermarking technique is possible;and4)counterfeit and copy attacks will not succeed.Unfortunately,simple geometric distortions,such as rotation and print–photocopy–scan,are still problematic.Lee and Chen also have proposed a publicly ver-ifiable copy protection scheme based on digital signature and timestamp[17].It is worthwhile to note that their scheme can meet all of the aforementioned properties for copyright protec-tion(with the exception of BPM attacks).Unfortunately,their scheme is only suitable for gray-level logos not binary ones. In this paper,we propose a novel wavelet-based copy-right-proving scheme(different from conventional water-marking techniques),which meets all of the above requirements of copyright protection and does not alter the original image. In contrast to current watermarking approaches,the proposed method is resistant to image processing and geometric distor-tion attacks simultaneously.To demonstrate the feasibility of the scheme,several attacks,including StirMark and unZign attacks,are conducted in our experiments.The only accepted way to protect intellectual property and offer indisputable proof of ownership is through product regis-tration to a trusted authority[18].This kind of watermark can be used for automatic monitoring and discovery of illegally dis-tributed objects through two cryptographic tools—digital sig-nature and timestamp.These tools are included in our scheme to avoid the counterfeit/copy attacks and to make public veri-fication possible.Even though the BPM attack is powerful and effective against all proposed watermarking schemes in the lit-erature,our copyright-protection scheme is still resistant against this kind of attack.This paper is organized as follows.In Section2,we briefly introduce DWT and the concept of digital signature and time-stamp.In Section3,we propose a highly robust method to pro-tect the copyright of digital images.Experimental results and discussions are given in Section4.Conclusions are provided in Section5.II.D ISCRETE W A VELET T RANSFORMATION,D IGITALS IGNATURE,AND T IMESTAMPWavelet is a mathematical tool for decomposing functions [19],[20].In the DWT,an image isfirst decomposed into foursubbands,,and(eachhas size of theCHEN et al.:PUBLICLY VERIFIABLE COPYRIGHT-PROVING SCHEME RESISTANT TO MALICIOUS ATTACKS329Fig.1.The original image is divided into seven subbands through two-scale level wavelet transformation.original image,see Fig.1).The subbands labeledas ,andcontain high frequency detail information.The sub-bandis the low-frequency component,which contains most of the energy in the image.The wavelet transformation can beapplied again by further decomposing thesubbandinto thesubbands,and .If the process is repeated times,called -level wavelet transformation,we can obtain thesubband.Generally speaking,a digital signature operation signs a message using a private key of a public key cryptosystem.Subsequently,anyone can verify the origin and integrity of the message using the corresponding public key.Nevertheless,how to ascertain who really owns the public key is very important issue.A well-accepted solution is to rely on a trusted party,called a certi fication authority,to issue a certi ficate to a user.The certi ficate binds a user ’s identify and his public key.Based on the certi ficate,anyone can ascertain that a public key belongs to a particular person.Alternatively,a digital timestamp operation is used to ascertain whenaparticulareventtookplace.Forexample,whendigitaldata wascreated,adigitalmessagewassentorreceived,adigitalsigna-ture was generated or a signature key was revoked.Since the date andtimeonacomputercanbeeasilymanipulated,atimestamping authority(TSA)hasbeenstandardizedbytheInternetEngineering Task Force.“A typical approach to secure digital signatures as ev-idence relies on the existence of an on-line trusted time stamping authority,”writes Zhou and Lam.“Each newly generated digital signature has to be time-stamped by a TSA so that the trusted time of signature generation can be identi fied.”[21].Digital signature and timestamp may be very useful for as-certaining certain information but alone they are limited in their ability to protect digital copyright.Digital images can be easily duplicated with little perceivable loss.An attacker could utilize these characteristics to modify original images and claim own-ership of the images.These reasonable distortions,while unper-ceivable to the human eye,would still fail to pass the security veri fication mechanisms:digital signature and timestamp.They are sensitive to the bit stream rather than the content.III.P ROPOSED S CHEMEThe human eye is more sensitive to low-frequency compo-nents than the high-frequency components.However,it is gen-erally the low-frequency components that survive with little lossunder signi ficant attack.Also,thesubbandof the original image is very similar to the new subband of the altered image.Based on these observations,our proposed scheme is lossless yet robust in its copyright-proving ability.A.Certificate Generation AlgorithmAssume that the original image is a gray-level image with 8b/pixel,and the digital logo is a binary image.The originalimage and the logoimageare de fined asfollows.(1)whereandis the width and heightof,respectively.(2)whereand are the width and heightof ,respectively.Step 1)Wavelet transforming of the original image :Theoriginal image is decomposed by performing -levelwavelet transform to obtain thesubband.The size ofsubbandisby .If the sizeof is smallerthan ,anew must be constructed by tilingthe repeatedly until the new size ofthe is the sameas .For simplicity,assumethat is the same size as thelogo .Without losing the generality,letand be power of 2.Thus,wehave(3)(4)Here,is de finedas(5)Step 2)Permuting the logo :To guard against geometricdistortions,thelogois permutated based on a two-dimension pseudorandom permutation [4],[5]generated byseed .The permutedlogo is de-fined asfollows:(6)wheredenotes the permutation function usingseed .Step 3)Constructing the polarity table :The averagevalueof all pixelsin is calculated.Then polaritytable is constructed asfollows:(7)330IEEE TRANSACTIONS ON INDUSTRIAL ELECTRONICS,VOL.52,NO.1,FEBRUARY2005whereStep4)Generating the verification key:After obtainingthe polaritytable,the verificationkey,usedto retrieve the logo,can be computed as the bitwiseexclusive–ORofand(8)Note that the security of our scheme is based on theparametersand.Step5)Signing and timestamping the parameters:Inthis step,the security parameters are signed by theowner based on the digital signaturetechnique.(9)where is a digital signature functionusing the owner’s private key OSK.Subsequently,the owner sends the signature DS tothe trusted party TSA.TSA creates a timestamp TSby appending the date and the time receivedas(10)where is a timestamp function usingTSA’s private key TPSK.After receiving TS,TS andDS are incorporated with the originalimage.If adispute arises,the TS and DS can be used to verifythe copyright logo corresponding to the test image.B.Logo Verification AlgorithmLogo verification does not require presence of the originalimage.In order to verify the exact copyright of an image,anyonecan use the TSA public key to verify the timestamp TS and usethe owner’s public key to verify the signature DS and to checkthe validation of the securityparameters:,and.If successful,the verification will be‘verified’,otherwise the al-gorithm returns‘fail’and stops.The verification steps are similarto the certificate generation steps and are described as follows.Step1)Wavelet transforming of the test image:The testimage is processed by a-level wavelet transforma-tion to obtain thesubband.Step2)Constructing the new polarity table:Using thesame method in step3of the certificate generation,the new polaritytable is calculatedfrom.Step3)Extracting the logo with verification key:The ex-tractedlogo is obtainedby(11)Step4)Inversely permuting the logo:Finally,the retrievedlogo isobtainedbyinversingthepermutationin(6)according to theparameter asfollows:(12)where denotes the inversing permuta-tion function using theseed.IV.E XPERIMENTAL R ESULTS AND D ISCUSSIONSA.Experimental ResultsTo demonstrate the feasibility of our robust copy-right-proving scheme,some experiments are conducted.Fig.2shows a“classical”image Lena as the originalimageand a binary image as thelogo.The original image is a256gray-level image of size512512pixels and the logo isa visual recognizable binary image of size6464pixels.TheLena image is three-level wavelet transformed and thesubbandof size6464is obtained.We use the peak signal-to-noise ratio(PSNR)to evaluate thequality between the attacked image and the original image.ThePSNR formula is defined asfollows:whereand are the height and width of theimage.isthe original value of thecoordinateand is the alteredvalue of thecoordinate.is the largest energy of theimage pixels(e.g.,for8b/pixel).The logo retrievalrate is defined to be the percentage ofthe accurate pixels recovered,whichisThe experimental results show that the retrieved logos are stillrecognizable despite the image being seriously distorted.Table Ishows the experimental results under various attacks.The at-tacks are described as follows.Exp.1Image blurring:We blur Lena such that the PSNRvalue is reduced to29dB.Exp.2Image JPEG compression:The JPEG compres-sion version of Lena is obtained with parameters of10%quality and0%smoothing.Exp.3Image noising:Gaussian noise is added to Lenasuch that the PSNR value is reduced to30dB.Exp.4Image sharpening:We sharpen Lena until thePSNR value is reduced to28dB.Exp.5Image sealing:We reduce Lena from512512to128128pixels and then rescale back to512512pixels.Exp.6Image rotation:Lena is rotated2and then resizedto512512pixels.Exp.7Image print–photocopy–scan:We print Lenausing a1200dpi laser printer.The image is thenphotocopied and further scanned at a300dpi and256gray-level scanner.Finally,the image is resizedto512512pixels.Exp.8Image cropping:The left-top corner of Lena is dis-carded.The PSNR value is reduced to11dB.Exp.9Image scaling-cropping:We apply cropping andscaling attacks together.First,Lena is scaling from512512to560560pixels.Second,we cut theCHEN et al.:PUBLICLY VERIFIABLE COPYRIGHT-PROVING SCHEME RESISTANT TO MALICIOUS ATTACKS331Fig.2.(a)The original image:Lena ,(b)the logo,and (c)peppers.edge area of the resized Lena to form the size of512512pixels.The PSNR value is thus reduced to 16dB.Exp.10StirMark attack:We apply the StirMark attackto Lena one time with the default parameters.The PSNR value is thus reduced to 18dB;however,Lena is not severely distorted.Exp.11unZign attack:We apply the unZign attack to Lenaone time with the default parameters.The PSNR value is thus reduced to 25dB;however,Lena is not severely distorted.Exp.12StirMark and unZign attacks:We apply the Stir-Mark and unZign attacks one time,respectively.The PSNR value is thus reduced to 20dB;however,Lena is not severely distorted.Exp.13BPM attack:In this experiment,we perform thefollowing operations:(a)divide Lena into the blocks of44pixels;(b)retrieve 256codewords from Peppers [as shown in Fig.2(c)]by LBG algorithm [22];and (c)repeatedly replace each block of Lena with the closest codeword to form a perceptually similar Lena.The PSNR value is reduced to 30dB.B.DiscussionsIn our scheme,exact ownership is ascertained if the retrieved logo image is meaningful to the veri fier.Our experiments show that our copyright-protection scheme possesses the six essential properties of transparency,robustness,security,unambiguous,blindness ,and it handles multiple logos .Our scheme has trans-parency because it is lossless.For medical images,for example,lossless is a very important property.It is also robust.In the worst case situation there still was a high retrieved ratio (up to 80.3%).This is especially important as many watermarking schemes in the current literature are vulnerable to rotation and print –photocopy –scan attacks.It is secure.The security of this copyright-protection technique is based on the same as the digital signature and timestamp techniques.It is unambiguous.Based on the experiment results,the retrieval ratios were very high.Obviously,all logos are recognizable and thus do con-vince a veri fier of the existence of logos without ambiguity.Our scheme has blindness.The certi ficate-veri fication phase does not require the original image.In practice,this is an essential property of the copyright-protection stly,our scheme can handle multiple logos.Because the original image is not modi fied,this scheme allows the existence of multiple logo embedding.The owner can just cast another logo by generating the corresponding veri fication key,and save all of the veri fication keys to verify the ownership of his digital image in the future.Our scheme is resistant to copy attacks because it does not modify the original image.The integrity of the veri ficationkeysand is guaranteed by the digital signature and timestamp mechanisms.Hence,our scheme is resistant to counterfeit at-tacks.Exp.13demonstrates that our scheme is resistant to BPM attacks.Our scheme is also resistant to StirMark and unZign at-tacks.In addition,owners do not have to keep the veri fication keys.To verify the ownership of the test image,one only needs the public keys of the owner and TSA.The advantages are:1)to reduce the overhead of veri fication by the owner,and the storage space and managements of the veri fication keys for each image;332IEEE TRANSACTIONS ON INDUSTRIAL ELECTRONICS,VOL.52,NO.1,FEBRUARY 2005TABLE IT HE A TTACKED I MAGES ,THE C ORRESPONDING PSNR V ALUES ,THE R ETRIEVED L OGOS,AND THE C ORRESPONDING R ATIO V ALUES(%)2)to avoid revealing the secret keys when verifying in a private watermarking system.Not only can a binary logo but a gray-level logo can also be treated as a logo in our scheme.A gray-level logo must be di-vided into several binary images.For instance,a 256-gray logo can be decomposed into eight bitplanes.Each bitplane is re-garded as a binary logo.To see is to believe.People are pleased to use a meaningful and visually recognizable pattern as their copyright logo.It seems to us that an extractable scheme is better than a detectable one.This is because the latter cannot completely satisfactory.In detectable schemes,a detector is used to detect whether the copyright watermark has been embedded into the image and then yields a “yes ”or “no ”.If the similarity is greater than a predetermined threshold value,we say that the watermark is indeed embedded into the image,and vice versa.However,how to decide a proper threshold value is very dif ficult.A small threshold will presume the existence of a watermark if not so.Oppositely,a larger threshold will reject the existence of a watermark although it is indeed embedded.Alternatively,the extraction of the embedded visually recognizable logo convinces us of its existence.Because the veri fication key depends on the protected image and has robustness features against several malicious distortions,“who ”and “when ”become two important key points to provide copyright protection.In the proposed scheme,the veri fication key binds with DS and TS tightly,where DS is used to verify who generated the veri fication key and TS is used to ascertain when the veri fication key and DS were generated.Hence,even if an adversary creates a “veri fication ”key,the dispute can be resolved according to the evidences of “who ”and “when ”.In fact,the intellectual property rights box,de fined to provide security services,in an JPEG 2000file format has shown a trend that an image format should provide a field for security services.It is reasonable to assume that DS and TS is included in the image format;otherwise,a doubtful image without DS and TS is possible to set the proposed scheme into some unpredictable problems.To demonstrate the effectiveness of our scheme,a comparison of our scheme with several conventional watermarking schemes is shown in Table II.Further,the comparison of our scheme with two copyright-protection schemes,which are also lossless,is summarized in Table III.CHEN et al.:PUBLICLY VERIFIABLE COPYRIGHT-PROVING SCHEME RESISTANT TO MALICIOUS ATTACKS 333TABLE IIC OMPARISONS OF THE P ROPOSED S CHEME AND S EVERAL C ONVENTIONAL W ATERMARKING SCHEMESTABLE IIIC OMPARISONS OF THE P ROPOSED S CHEME AND S EVERAL C OPYRIGHT -P ROTECTION SCHEMESV .C ONCLUSIONAlthough cryptographic techniques alone are not suitable to protect the copyright of digital images,we have shown that the security and reliability of copyright protection can bene fit from a combination of cryptography and watermarking.We have in-tegrated wavelet transform,digital signature,and digital time-stamp into a copyright-protection scheme.Without modifying the lowest frequency components of DWT,our scheme is loss-less.Experimental results demonstrate that our scheme is robust against common image processing attacks and simple geometric distortions.Furthermore,our scheme is also resistant to the fol-334IEEE TRANSACTIONS ON INDUSTRIAL ELECTRONICS,VOL.52,NO.1,FEBRUARY2005lowing attacks:1)StirMark,unZign,and StirMark–unZign;2) multiple logos;and3)counterfeit,copy,and BPM,while almost all robust copyright-protection schemes are vulnerable to these attacks.Finally,the application of digital signature and time-stamp make public verification possible.R EFERENCES[1]G.V oyatzis and I.Pitas,“Protecting digital-image copyrights:A frame-work,”IEEE Comput.Graph.Appl.,vol.19,no.1,pp.18–24,Jan./Feb.1999.[2] B.Schneier,Applied Cryptography,2nd ed.New York:Wiley,1996.[3]I.J.Cox,J.Kilian,F.T.Leighton,and T.Shamoon,“Secure spreadspectrum watermarking for multimedia,”IEEE Trans.Image Process., vol.6,no.12,pp.1673–1687,Dec.1997.[4] C.T.Hsu and J.L.Wu,“Multiresolution watermarking for digital im-ages,”IEEE Trans.Circuits Syst.II,Analog Digit.Signal Process.,vol.45,no.8,pp.1097–1101,Aug.1998.[5],“Hidden digital watermarks in images,”IEEE Trans.ImageProcess.,vol.8,no.1,pp.58–68,Jan.1999.[6] C.S.Lu and H.Y.M.Liao,“Cocktail watermarking for digital imageprotection,”IEEE Trans.Multimedia,vol.2,no.4,pp.209–224,Dec.2000.[7] F.A.Petitcolas,R.J.Anderson,and M.G.Kuhn,“Information hiding–Asurvey,”Proc.IEEE,vol.87,no.7,pp.1062–1078,Jul.1999.[8]M.J.Tsai,K.Y.Yu,and Y.Z.Chen,“Joint wavelet and spatial transfor-mation for digital watermarking,”IEEE Trans.Consum.Electron.,vol.46,no.1,pp.241–245,Feb.2000.[9]M.Barni,F.Bartolini,and A.Piva,“Improved wavelet-based water-marking through pixel-wise masking,”IEEE Trans.Image Process.,vol.10,no.5,pp.783–791,May2001.[10]S.Katzenbeisser,“On the design of copyright protection protocols formultimedia distribution using symmetric and public-key watermarking,”in Proc.12th Int.Workshop Database and Expert Systems Applications, 5th Int.Query Processing and Multimedia Issues Distributed Systems Workshop,2001,pp.815–819.[11]unZign Watermark Removal Software(1997).[Online].Available:/watermark[12]S.Craver,B.L.Yeo,and M.Yeung,“Technical trials and legal tribula-tions,”Commun.ACM,vol.41,no.7,pp.45–54,Jul.1998.[13] C.C.Chang,K.F.Hwang,and M.S.Hwang,“Robust authentica-tion scheme for protecting copyrights of images and graphics,”IEE Proc.—Vis.Image Signal Proc.,vol.149,no.1,pp.43–50,2002. [14]M.Kutter,S.V oloshynovskiy,and A.Herrigel,“The watermark copyattack,”in Proc.SPIE,Security and Watermarking Multimedia Contents II,vol.3971,San Jose,CA,2000,pp.371–380.[15] F.A.Petitcolas and D.Kirovski,“The blind pattern matching attack onwatermark systems,”in Proc.IEEE Int.Conf.Acoustics,Speech,and Signal Processing,vol.4,2002,pp.3740–3743.[16] C.C.Chang and J.C.Chuang,“An image intellectual property protec-tion scheme for gray-level images using visual secret sharing strategy,”Pattern Recognit.Lett.,vol.23,pp.931–941,2002.[17]W.B.Lee and T.H.Chen,“A public verifiable copy protection techniquefor still images,”J.Syst.Softw.,vol.62,pp.195–204,Jun.2002. [18] C.Fornaro and A.Sanna,“Public key watermarking for authenticationof CSG models,”Comput.Aided Des.,vol.32,pp.727–735,Oct.2000.[19]J.M.Shapiro,“Embedded image coding using zerotrees of wavelet co-efficients,”IEEE Trans.Signal Process.,vol.41,no.12,pp.3445–3462, Dec.1993.[20] E.J.Stollnitz,T.D.DeRose,and D.H.Salesin,“Wavelets for computergraphics:A primer.1,”IEEE Comput.Graph.Appl.,vol.15,no.3,pp.76–84,May1995.[21]J.Zhou and m,“Securing digital signatures for nonrepudiation,”mun.,vol.22,pp.710–716,May1999.[22]Y.Linde,A.Buzo,and R.M.Gray,“An algorithm for vector quantizerdesign,”IEEE mun.,-28,no.1,pp.84–95,Jan.1980.Tzung-Her Chen received the B.S.degree fromthe Department of Information and Computer Edu-cation,National Taiwan Normal University,Taipei,Taiwan,R.O.C.,in1991,and the M.S.degree fromthe Department of Information Engineering,FengChia University,Taichung,Taiwan,R.O.C.,in2001.He is currently working toward the Ph.D.degree atthe Institute of Computer Science,National ChungHsing University,Taichung,Taiwan,R.O.C.His research interests include cryptography,infor-mation hiding,and digitalwatermarking.Gwoboa Horng(M’96)received the B.S.degree inelectrical engineering from National Taiwan Univer-sity,Taipei,Taiwan,R.O.C.,in1981,and the M.S.and Ph.D.degrees in computer science from the Uni-versity of Southern California,Los Angeles,in1987and1992,respectively.Since1992,he has been a faculty member at theInstitute of Computer Science,National Chung HsingUniversity,Taichung,Taiwan,R.O.C.His current re-search interests include artificial intelligence,cryp-tography,and informationsecurity.Wei-Bin Lee(M’03)received the B.S.degree fromthe Department of Information and Computer Engi-neering,Chung Yuan Christian University,Chungli,Taiwan,R.O.C.,in1991,and the M.S.degree incomputer science and information engineeringand the Ph.D.degree from National Chung ChengUniversity,Chiayi,Taiwan,R.O.C.,in1993and1997,respectively.Since1999,he has been with the Departmentof Information Engineering,Feng Chia University,Taichung,Taiwan,R.O.C.,where he is currently an Associate Professor.His research interests currently include cryptography, information security management,steganography,and network security.Dr.Lee is an Honorary Member of the Phi Tau Phi.。