(In)Security of an Efficient Fingerprinting Scheme with Symmetric and Commutative Encryption of IWDW 2005

  • Raphael C. -W. Phan
  • Bok-Min Goi
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5041)


We analyze the security of a fingerprinting scheme proposed at IWDW 2005. We show two results, namely that this scheme (1) does not provide seller security: a dishonest buyer can repudiate the fact that he redistributed a content, and (2) does not provide buyer security: a buyer can be framed by a malicious seller.


Watermarking fingerprinting security issues combination of data hiding and cryptography buyer-seller repudiation framing 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Bao, F., Deng, R.H., Feng, P.: An Efficient and Practical Scheme for Privacy Protection in the E-commerce of Digital Goods. In: ICICS 2003. LNCS, vol. 2836, pp. 162–170. Springer, Heidelberg (2001)Google Scholar
  2. 2.
    Blakley, G., Meadows, C., Purdy, G.B.: Fingerprinting Long Forgiving Messages. In: Williams, H.C. (ed.) CRYPTO 1985. LNCS, vol. 218, pp. 180–189. Springer, Heidelberg (1986)Google Scholar
  3. 3.
    Boneh, D., Shaw, J.: Collusion-secure Fingerprinting for Digital Data. In: Coppersmith, D. (ed.) CRYPTO 1995. LNCS, vol. 963, pp. 452–465. Springer, Heidelberg (1995)Google Scholar
  4. 4.
    Anderson, R.: Security Engineering: A Guide to Building Dependable Distributed Systems. Wiley Publishing, U.S (2001)Google Scholar
  5. 5.
    Brickell, E.F., Yacobi, Y.: On Privacy Homormorphisms. In: Price, W.L., Chaum, D. (eds.) EUROCRYPT 1987. LNCS, vol. 304, pp. 117–125. Springer, Heidelberg (1988)CrossRefGoogle Scholar
  6. 6.
    Byun, J.W., Lee, D.H., Lim, J.: Efficient and Provably Secure Client-to-Client Password-based Key Exchange Protocol. In: Zhou, X., Li, J., Shen, H.T., Kitsuregawa, M., Zhang, Y. (eds.) APWeb 2006. LNCS, vol. 3841, pp. 830–836. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  7. 7.
    Chaum, D.: An Improved Protocol for Demonstrating Possession of Discrete Logarithms and some Generalizations. In: Price, W.L., Chaum, D. (eds.) EUROCRYPT 1987. LNCS, vol. 304, pp. 127–141. Springer, Heidelberg (1988)CrossRefGoogle Scholar
  8. 8.
    Chang, C.C., Chung, C.Y.: An Enhanced Buyer-Seller Watermarking Protocol. In: Proceedings of ICCT 2003, pp. 1779–1783 (2003)Google Scholar
  9. 9.
    Cheung, S.C., Leung, H.F., Wang, C.: A Commutative Encrypted Protocol for the Privacy Protection of Watermarks in Digital Contents. In: Proceedings of HICSS-37 (January 2004)Google Scholar
  10. 10.
    Choi, J.-G., Sakurai, K., Park, J.H.: Does It Need Trusted Third Party? Design of Buyer-Seller Watermarking Protocol without Trusted Third Party. In: Zhou, J., Yung, M., Han, Y. (eds.) ACNS 2003. LNCS, vol. 2846, pp. 265–279. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  11. 11.
    Choi, J.-G., Park, J.H.: A Generalization of an Anonymous Buyer-Seller Watermarking Protocol and Its Application to Mobile Communications. In: Cox, I., Kalker, T., Lee, H.-K. (eds.) IWDW 2004. LNCS, vol. 3304, pp. 232–243. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  12. 12.
    Choi, J.-G., Park, J.H., Kwon, K.R.: Analysis of COT-based Fingerprinting Schemes: New Approaches to Design Practical and Secure Fingerprinting Scheme. In: Fridrich, J. (ed.) IH 2004. LNCS, vol. 3200, pp. 253–265. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  13. 13.
    Cox, I.J., Doerr, G.J., Furon, T.: Watermarking is Not Cryptography. In: Shi, Y.Q., Jeon, B. (eds.) IWDW 2006. LNCS, vol. 4283, pp. 1–15. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  14. 14.
    Cox, I.J., Kilian, J., Leighton, T., Shamoon, T.: Secure Spread Spectrum Watermarking for Images, Audio and Video. IEEE Trans. on Image Processing 6(12), 1673–1678 (1997)CrossRefGoogle Scholar
  15. 15.
    Domingo-Ferrer, J.: Anonymous Fingerprinting based on Committed Oblivious Transfer. In: Imai, H., Zheng, Y. (eds.) PKC 1999. LNCS, vol. 1560, pp. 43–52. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  16. 16.
    Domingo-Ferrer, J.: Anonymous Fingerprinting of Electronic Information with Automatic Identification Redistributors. IEE Electronics Letters 43(13), 1303–1304 (1998)CrossRefGoogle Scholar
  17. 17.
    Goi, B.-M., Phan, R.C.-W., Chuah, H.-T.: Cryptanalysis of Two Non-Anonymous Buyer-Seller Watermarking Protocols for Content Protection. In: Gervasi, O., Gavrilova, M.L. (eds.) ICCSA 2007, Part I. LNCS, vol. 4705, pp. 951–960. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  18. 18.
    Goi, B.-M., Phan, R.C.-W., Siddiqi, M.U.: Cryptanalysis of a Generalized Anonymous Buyer-Seller Watermarking Protocol of IWDW 2004. In: Enokido, T., Yan, L., Xiao, B., Kim, D.Y., Dai, Y.-S., Yang, L.T. (eds.) EUC-WS 2005. LNCS, vol. 3823, pp. 936–944. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  19. 19.
    Goi, B.-M., Phan, R.C.-W., Yang, Y., Bao, F., Deng, R.H., Siddiqi, M.U.: Cryptanalysis of Two Anonymous Buyer-Seller Watermarking Protocols and An Improvement for True Anonymity. In: Jakobsson, M., Yung, M., Zhou, J. (eds.) ACNS 2004. LNCS, vol. 3089, pp. 369–382. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  20. 20.
    Ju, H.S., Kim, H.J., Lee, D.H., Lim, J.I.: An Anonymous Buyer-Seller Watermarking Protocol with Anonymity Control. In: Lee, P.J., Lim, C.H. (eds.) ICISC 2002. LNCS, vol. 2587, pp. 421–432. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  21. 21.
    Katzenbeisser, S.: On the Integration of Watermarks and Cryptography. In: Kalker, T., Cox, I., Ro, Y.M. (eds.) IWDW 2003. LNCS, vol. 2939, pp. 50–60. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  22. 22.
    Kim, J., Kim, S., Kwak, J., Won, D.: Cryptanalysis and Improvement of Password-Authenticated Key Exchange Scheme between Clients with Different Passwords. In: Laganá, A., Gavrilova, M.L., Kumar, V., Mun, Y., Tan, C.J.K., Gervasi, O. (eds.) ICCSA 2004. LNCS, vol. 3043, pp. 895–902. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  23. 23.
    Kuribayashi, M., Tanaka, H.: A New Anonymous Fingerprinting Scheme with High Enciphering Rate. In: Pandu Rangan, C., Ding, C. (eds.) INDOCRYPT 2001. LNCS, vol. 2247, pp. 30–39. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  24. 24.
    Lei, C.-L., Yu, P.-L., Tsai, P.-L., Chan, M.-H.: An Efficient and Anonymous Buyer-Seller Watermarking Protocol. IEEE Trans. on Image Processing 13(12) (December 2004)Google Scholar
  25. 25.
    Memon, N., Wong, P.W.: A Buyer-Seller Watermarking Protocol. IEEE Trans. on Image Processing 10(4) (April 2001)Google Scholar
  26. 26.
    Menezes, A.J., van Oorschot, P.C., Vanstone, S.A.: Handbook of Applied Cryptography. CRC Press, U.S (1997)zbMATHGoogle Scholar
  27. 27.
    Pfitzmann, B., Sadeghi, A.R.: Coin-Based Anonymous Fingerprinting. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 150–164. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  28. 28.
    Pfitzmann, B., Schunter, M.: Asymmetric Fingerprinting. In: Maurer, U.M. (ed.) EUROCRYPT 1996. LNCS, vol. 1070, pp. 84–95. Springer, Heidelberg (1996)CrossRefGoogle Scholar
  29. 29.
    Pfitzmann, B., Waidner, M.: Anonymous Fingerprinting. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 88–102. Springer, Heidelberg (1997)CrossRefGoogle Scholar
  30. 30.
    Phan, R.C.-W., Goi, B.-M.: Cryptanalysis of an Improved Client-to-Client Password-Authenticated Key Exchange (C2C-PAKE) Scheme. In: Ioannidis, J., Keromytis, A., Yung, M. (eds.) ACNS 2005. LNCS, vol. 3531, pp. 33–39. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  31. 31.
    Phan, R.C.-W., Goi, B.-M.: Cryptanalysis of the N-Party Encrypted Diffie-Hellman Key Exchange using Different Passwords. In: Zhou, J., Yung, M., Bao, F. (eds.) ACNS 2006. LNCS, vol. 3989, pp. 226–238. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  32. 32.
    Phan, R.C.-W., Goi, B.-M.: Cryptanalysis of Two Provably Secure Cross-Realm C2C-PAKE Protocols. In: Barua, R., Lange, T. (eds.) INDOCRYPT 2006. LNCS, vol. 4329, pp. 104–117. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  33. 33.
    Phan, R.C.-W., Ling, H.-C.: Flaws in Generic Watermarking Protocols based on Zero-Knowledge Proofs. In: Cox, I., Kalker, T., Lee, H.-K. (eds.) IWDW 2004. LNCS, vol. 3304, pp. 184–191. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  34. 34.
    Qiao, L., Nahrstedt, K.: Watermarking Schemes and Protocols for Protecting Rightful Ownership and Customer’s Rights. Journal of Visual Communication and Image Representation 9(3), 194–210 (1998)CrossRefGoogle Scholar
  35. 35.
    Trappe, W., Wu, M., Liu, K.: Collusion-resistant Fingerprinting for Multimedia. In: Proceedings of IEEE ICASSP 2002, pp. 3309–3312 (2002)Google Scholar
  36. 36.
    Yin, Y., Bao, L.: Secure Cross-Realm C2C-PAKE Protocol. In: Batten, L.M., Safavi-Naini, R. (eds.) ACISP 2006. LNCS, vol. 4058, pp. 395–406. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  37. 37.
    Yong, S., Lee, S.-H.: An Efficient Fingerprinting Scheme with Symmetric and Commutative Encryption. In: Barni, M., Cox, I., Kalker, T., Kim, H.-J. (eds.) IWDW 2005. LNCS, vol. 3710, pp. 54–66. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  38. 38.
    Zhang, J., Kou, W., Fan, K.: Secure Buyer-Seller Watermarking Protocol. IEE Proceedings - Information Security 153(1), 15–18 (2006)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2008

Authors and Affiliations

  • Raphael C. -W. Phan
    • 1
  • Bok-Min Goi
    • 2
  1. 1.Laboratoire de sécurité et de cryptographie (LASEC)Ecole Polytechnique Fédérale de Lausanne (EPFL)LausanneSwitzerland
  2. 2.Centre for Cryptography and Information Security (CCIS), Faculty of EngineeringMultimedia UniversityCyberjayaMalaysia

Personalised recommendations