Cornell Business

1

Semantic Data Integrity
OASIS PI Meeting
David Rosenthal Odyssey Research
Associates February 13-16, 2001
Cornell Business Technology Park 33 Thornwood
Drive, Suite 500 Ithaca, NY 14850-1250 (607)
257-1975
2
Team Members

• Odyssey Research Associates (a subsidiary of
  Architecture Technology Corporation)
• David Rosenthal, Matt Stillerman, David Guaspari,
  Francis Fung
• WetStone Technologies, Inc.
• Chet Hosmer, Milica Barjaktarovic, Mike Duren,
  Chris Francis, Gary Gordon, Tony Delrocco
• SUNY Binghamton
• Jiri Fridrich

3
Scope of Talk

• Briefly describe the overall project
• Concentrate on one aspect, hierarchical hashing

4
Technical Objectives

• Develop improved data integrity methods to
  identify and recover attacked data
• localize possible alterations
• provide partial recovery and attack information,
  where feasible
• Emphasis of work has been on images

5
Potential Attack

• An attacker may be able to maliciously alter an
  image in an attempt to cause a bad outcome
• If they have write access to the data, they could
  simply delete or totally corrupt the object. We
  consider the case in which they are trying to
  subvert some activity by partially altering the
  data
• To be successful the attacker will need to cover
  their tracks
• Make it appear that there is no damage, or that
  it is in a different location

6
Technical Approach

• Developed techniques for protecting and verifying
  data subsets
• Developed new watermarking/self-embedding
  techniques
• Developed and analyzed hierarchical hashing
  methods
• Implemented these techniques in a software tool
  called Image Fault Isolation and Recovery Engine
  (I-FIRE)
• Additional protection information is saved
  separately in Digital Semantic Integrity (DSI)
  mark

7
I-FIRE SoftwareProtection Phase
8
I-FIRE SoftwareVerification Phase
9
I-FIRE Segmentation
10
I-FIRE Segment Verification
Forged Image
Segment Level Image Verification
11
Hierarchical Segmentation

• Segments are hierarchical (by containment)
• Different hash methods can be applied to root,
  leaves, and intermediate segments

12
Intersecting Hash Methods

• Intersecting hashes
• Permit the sets of covered cells for two
  different hashes to intersect
• Hierarchical hashing is a special case of this
• Intersecting hash techniques permit a tradeoff
  between
• strength of protection,
• diagnostic ability / damage isolation

13
Attack Method

• If attacker does not know about the hashes or
  hashing scheme then even relatively weak
  methods will be effective in localizing the
  damage
• What if attacker has access to the hashes and the
  hash method?
• We assume DSI mark is stored and transmitted in a
  protected fashion, so that an attacker cannot
  just change the hash values
• Attacker will need to adjust the picture to get
  the hashes to check
• How hard is this?

14
Forgery Strategies and Strength of Protection

• Assume that Cell 2 is modified

• Compensating with Cell 2 costs h1 h2

• Compensating with Cell 1 and then Cell 3 costs
  h1 h2

15
Example Sequential Forgery Repair with
Hierarchical Hashes

• Fix hashes in two stages
• First Correction Fix three hashes of left branch
• Second Correction Fix two hashes of right branch

16
Strength of Hierarchical Hashes

• Strength of protection can be defined in terms of
  the cost of the attackers best strategy.
• This value is important because we want to
  identify correct subsets with sufficient
  assurance
• Want to find an efficient method to compute the
  strength of protection
• The analysis presented here assumes no secret
  information
• In our analysis we assume
• The cost of defeating a single hash depends only
  on its depth in the tree of hashes. (We can
  handle modest variants.)

17
Strength of Hierarchical Hashes (cont.)

• To find best attacker strategy it suffices to
  consider only normal attacks
• Dont fix the same hash twice
• Every step fixes at least one broken hash
• With extra assumption on the cost function
  (essentially, that costs multiply)
• Suffices to consider only attacks in which each
  step manipulates a single cell.

18
Finding a Minimal Attack Definitions

• The depth of a node is the length of the path
  from the node to the root.
• The floor of node h, ?(h), is the minimum of the
  depths of all the leaves below h.

19
Example of Depth and Floor
Depth 1
h
Depth 2
h
h
6
7
h
h
h
Depth 3
1
h
4
5
Cell 1
Cell 4
Cell 5
8
h
h
Depth 4
2
3
Cell 2
Cell 3
20
Strategy for Hierarchical Hashes

• Attackers best algorithm
• In steps reduce the size of the branch to be
  fixed from the bottom up
• For each step
• Find a cell of minimum depth under the unfixed
  part of the branch
• Fix all hashes above that cell whose floor is the
  depth of that cell

21
Example of Algorithm
h

• Change Cell 2
• Broken hashes are h2, h8, h6,h
• Steps
• Adjust Cell 2 to fix h2, h8 - floor 4
• Adjust Cell 1 to fix h1, h6, h - floor 3

h
h
6
7
h
h
h
1
h
4
5
Cell 1
Cell 4
Cell 5
8
h
h
2
3
Cell 2
Cell 3
22
Connections to Other OASIS Efforts

• DSI mark methods typically contain secret
  information. Hence there is a need to protect
  the DSI marks.
• Other projects methods could be used to provide
  this

23
Accomplishments

• Working software demonstrates protection and
  verification stages
• Implements variety of detection and recovery
  methods
• Provides a way to try out various segmentation
  and hashing combinations
• Developed new watermarking and self-embedding
  methods
• Produced analysis of hashing methods
• Row-column vs. partition
• Hierarchical hashing