Geong Sen Poh (2009) Design and Analysis of Fair Content Tracing Protocols.
Full text access: Open
The work in this thesis examines protocols designed to address the issues of tracing illegal distribution of digital content in a fair manner. In digital content distribution, a client requests content from a distributor, and the distributor sends content to the client. The main concern is misuse of content by the client, such as illegal distribution. As a result, digital watermarking schemes that enable the distributor to trace copies of content and identify the perpetrator were proposed. However, such schemes do not provide a mechanism for the distributor to prove to a third party that a client illegally distributed copies of content. Furthermore, it is possible that the distributor falsely accuses a client as he has total control of the tracing mechanisms. Fair content tracing (FaCT) protocols were thus proposed to allow tracing of content that does not discriminate either the distributor or the client. Many FaCT protocols have been proposed, mostly without an appropriate design framework, and so there is no obvious and systematic way to evaluate them. Therefore, we propose a framework that provides a definition of security and which enables classification of FaCT protocols so that they can be analysed in a systematic manner. We define, based on our framework, four main categories of FaCT protocols and propose new approaches to designing them. The first category is protocols without trusted third parties. As the name suggests, these protocols do not rely on a central trusted party for fair tracing of content. It is difficult to design such a protocol without drawing on extra measures that increase communication and computation costs. We show this is the case by demonstrating flaws in two recent proposals. We also illustrate a possible repair based on relaxing the assumption of trust on the distributor. The second category is protocols with online trusted third parties, where a central online trusted party is deployed. This means a trusted party must always be available during content distribution between the distributor and the client. While the availability of a trusted third party may simplify the design of such protocols, efficiency may suffer due to the need to communicate with this third party. The third category is protocols with offline trusted third parties, where a central offline trusted party is deployed. The difference between the offline and the online trusted party is that the offline trusted party need not be available during content distribution. It only needs to be available during the initial setup and when there is a dispute between the distributor and the client. This reduces the communication requirements compared to using an online trusted party. Using a symmetric-based cryptographic primitive known as Chameleon encryption, we proposed a new approach to designing such protocols. The fourth category is protocols with trusted hardware. Previous protocols proposed in this category have abstracted away from a practical choice of the underlying trusted hardware. We propose new protocols based on a Trusted Platform Module (TPM). Finally, we examine the inclusion of payment in a FaCT protocol, and how adding payment motivates the requirement for fair exchange of buying and selling digital content.
This is a Published version This version's date is: 14/05/2009 This item is peer reviewed
https://repository.royalholloway.ac.uk/items/79a9f487-420c-c4aa-a3c1-400a64067e94/1/
Deposited by () on 24-Jun-2010 in Royal Holloway Research Online.Last modified on 15-Dec-2010
[1] A. Adelsbach, U. Huber, and A.-R. Sadeghi. Fingercasting-Joint Fingerprintingand Decryption of Broadcast Messages. In L. M. Batten and R. Safavi-Naini, editors, Information Security and Privacy, 11th Australasian Confer-ence - ACISP 2006, volume 4058 of Lecture Notes in Computer Science, pages136–147. Springer-Verlag, 2006. Also, Technical Report detailing the ACISP2006 paper (Private communication with U. Huber).
[2] A. Adelsbach, S. Katzenbeisser, and A.-R. Sadeghi. A Computational Modelfor Watermark Robustness. In Jan Camenisch, Christian S. Collberg, Neil F.Johnson, and Phil Sallee, editors, 8th International Workshop on InformationHiding - IH 2006, volume 4437 of Lecture Notes in Computer Science, pages145–160. Springer-Verlag, 2006.
[3] F. Ahmed, F. Sattar, M. Y. Siyal, and D. Yu. A Secure Watermarking Schemefor Buyer-Seller Identification and Copyright Protection. EURASIP Journalon Applied Signal Processing, 2006:56904, 15 pages, 2006. doi:10.1155/ASP/2006/56904.
[4] R. Anderson, C. Manifavas, and C. Sutherland. Netcard - a practical electroniccash system. In T. Mark A. Lomas, editor, Security Protocols Workshop 1996,volume 1189 of Lecture Notes in Computer Science, pages 49–57. Springer-Verlag, 1997.
[5] N. Asokan, M. Schunter, and M. Waidner. Optimistic Protocols for Fair Exchange.In Proceedings of 4th ACM Conference on Computer and Communi-cations Security, pages 7–17, 1997.
[6] Boris Balacheff, Liqun Chen, Siani Pearson, David Plaquin, and GraemeProudler. Trusted Computing Platforms: TCPA Technology in Context. PrenticeHall PTR, Upper Saddle River, New Jersey, 2003.
[7] British Broadcasting Corporation (BBC). BBC iPlayer - An Internet TV andRadio Broadcasting Services, accessed February 2009. Available at: www.bbc.co.uk/iplayer.
[8] M. Bellare, D. Pointcheval, and P. Rogaway. Authenticated Key ExchangeSecure against Dictionary Attacks. In B. Preneel, editor, Advances in Cryptol-ogy - EUROCRYPT 2000, volume 1807 of Lecture Notes in Computer Science,pages 139–155. Springer-Verlag, 2000.
[9] M. Bellare and P. Rogaway. Entity Authentication and Key Distribution. InD. R. Stinson, editor, Advances in Cryptology - CRYPTO 1993, volume 773of Lecture Notes in Computer Science, pages 232–249. Springer-Verlag, 1994.
[10] M. Bellare and P. Rogaway. Optimal Asymmetric Encryption. In Alfredo DeSantis, editor, Advances in Cryptology - EUROCRYPT 1994, volume 950 ofLecture Notes in Computer Science, pages 92–111. Springer-Verlag, 1994.
[11] P. Biddle, P. England, M. Peinado, and B. Willman. The Darknet and theFuture of Content Protection. In Joan Feigenbaum, editor, Proceedings of the2002 ACM Workshop on Digital Rights Management, volume 2696 of LectureNotes in Computer Science, pages 155–176. Springer-Verlag, 2003.[12] I. Biehl and B. Meyer. Protocols for Collusion-Secure Asymmetric Fingerprinting.In 14th Symposium on Theoretical Aspects of Computer Science (STACS),1997.
[13] Simon Blake-Wilson and Alfred Menezes. Entity Authentication and AuthenticatedKey Transport Protocols Employing Asymmetric Techniques. InB. Christianson, B. Crispo, T. Mark A. Lomas, and M. Roe, editors, SecurityProtocols, volume 1361 of Lecture Notes in Computer Science, pages 137–158.Springer-Verlag, 1997.
[14] G. R. Blakley, C. Meadows, and G. B. Purdy. Fingerprinting Long ForgivingMessages. In H. C. Williams, editor, Advances in Cryptology - CRYPTO 1985,volume 218 of Lecture Notes in Computer Science, pages 180–189. Springer-Verlag, 1985.
[15] D. Boneh and J. Shaw. Collusion-Secure Fingerprinting for Digital Data. InD. Coppersmith, editor, Advances in Cryptology - CRYPTO 1995, volume 963of Lecture Notes in Computer Science, pages 452–465. Springer-Verlag, 1995.
[16] C. Boyd and A. Mathuria. Protocols for Authentication and Key Establish-ment. Information Security and Cryptography Series, Springer-Verlag, 2003.
[17] G. Brassard, David Chaum, and C. Crepeau. Minimum Disclosure Proofsof Knowledge. Journal of Computer and System Sciences, 37(1988):156–189,1988.
[18] E. Brickell, J. Camenisch, and L. Chen. Direct Anonymous Attestation. InProceedings of 11th ACM Conference on Computer and Communications Se-curity, pages 132–145. ACM Press, 2004.
[19] J. Camenisch. Efficient Anonymous Fingerprinting with Group Signatures.In T. Okamoto, editor, Advances in Cryptology - ASIACRYPT 2000, volume1976 of Lecture Notes in Computer Science, pages 415–428. Springer-Verlag,2000.
[20] D. Chaum, A. Fiat, and M. Naor. Untraceable Electronic Cash. In S. Goldwasser,editor, Advances in Cryptology - CRYPTO 1988, volume 403 of LectureNotes in Computer Science, pages 319–327. Springer-Verlag, 1990.
[21] B. Chen and G. W. Wornell. Quantization index modulation: A class ofprovably good methods for digital watermarking and information embedding.IEEE Transaction on Information Theory, 47(4):1423–1443, 2001.
[22] L. Chen, C. Kudla, and K. G. Paterson. Concurrent Signatures. In C. Cachinand J. Camenisch, editors, Advances in Cryptology - EUROCRYPT 2004,volume 3027 of Lecture Notes in Computer Science, pages 287–305. Springer-Verlag, 2004.
[23] J.-G. Choi, G. Hanaoka, K. H. Rhee, and H. Imai. How to break COT-BasedFingerprinting Schemes and Design New One. IEICE Trans. on Fundamentals,Special Section on Information Theory and Its Applications, E88-A(10):2800–2807, 2005.
[24] J.-G. Choi and J.-H. Park. A Generalization of an Anonymous Buyer-SellerWatermarking Protocol and Its Application to Mobile Communications. InI. J. Cox, T. Kalker, and H.-K. Lee, editors, Digital Watermarking, Third In-ternational Workshop - IWDW 2004, volume 3304 of Lecture Notes in Com-puter Science, page p. 232. Springer-Verlag, 2004.
[25] J.-G. Choi, K. Sakurai, and J.-H. Park. Does It Need Trusted Third Party?Design of Buyer-Seller Watermarking Protocol without Trusted Third Party.In J. Zhou, M. Yung, and Y. Han, editors, Applied Cryptography and NetworkSecurity - ACNS 2003, volume 2846 of Lecture Notes in Computer Science,pages 265–279. Springer-Verlag, 2003.
[26] Jae-Gwi Choi, Ji-Hwan Park, and Ki-Ryong Kwon. Analysis of COT-basedFingerprinting Schemes: New Approach to Design Practical and Secure FingerprintingScheme. In Jessica J. Fridrich, editor, 6th International Workshopon Information Hiding - IH 2004, volume 3200 of Lecture Notes in ComputerScience, pages 253–265. Springer-Verlag, 2004.
[27] Microsoft Corporation. Windows Media Digital Rights Management, accessedMarch 2009. Available at: http://www.microsoft.com/windows/windowsmedia/forpros/drm/default.mspx.
[28] I. J. Cox, J. Kilian, T. Leighton, and T. Shamoon. Secure Spread SpectrumWatermarking for Multimedia. IEEE Trans. on Image Processing, 6(12):1673–1687, 1997.
[29] I. J. Cox, M. L. Miller, J. A. Bloom, J. Fridrich, and T. Kalker. Digital Wa-termarking and Steganography. 2nd Edition, Morgan Kaufmann Publishers,2008.
[30] C. Culnane, H. Treharne, and Anthony T. S. Ho. A New Multi-set ModulationTechnique for Increasing Hiding Capacity of Binary Watermark for Printand Scan Processes. In Yun-Qing Shi and Byeungwoo Jeon, editors, DigitalWatermarking, Fifth International Workshop, IWDW 2006, volume 4283 ofLecture Notes in Computer Science, pages 96–110. Springer-Verlag, 2006.
[31] W. Dai. Crypto++ Library 5.5 Benchmark, accessed February 2009. Availableat: http://www.cryptopp.com/benchmarks.html.
[32] M. Deng and B. Preneel. Attacks On Two Buyer-Seller Watermarking ProtocolsAnd An Improvement For Revocable Anonymity. In IEEE InternationalSymposium on Electronic Commerce and Security - ISECS 2008, 2008.
[33] M. Deng and B. Preneel. On Secure and Anonymous Buyer-Seller WatermarkingProtocol. In Third International Conference on Internet and WebApplications and Services, ICIW 2008, pages 524–529. IEEE Computer Society,2008.
[34] M. Deng, L. Weng, and B. Preneel. Anonymous Buyer-Seller WatermarkingProtocol with Additive Homomorphism. In SIGMAP 2008 - InternationalConference on Signal Processing and Multimedia Applications, pages 300–307,2008.
[35] A. Dent and C. Mitchell. User’s Guide to Cryptography and Standards. ArtechHouse, 2004.
[36] T. Dierks and E. Rescorla. The TLS Protocol Version 1.1. RFC 4346, 2006.
[37] H. Dobbertin, A. Bosselaers, and B. Preneel. RIPEMD-160: A StrengthenedVersion of Ripemd. In D. Gollmann, editor, Fast Software Encryption -FSE 1996, volume 1039 of Lecture Notes in Computer Science, pages 71–82.Springer-Verlag, 1996.
[38] D. Dolev and A. C. Yao. On the security of public key protocols. In IEEE22nd Annual Symposium on Foundations of Computer Science, pages 350 –357. IEEE Computer Society Press, 1981.
[39] J. Domingo-Ferrer. Anonymous Fingerprinting of Electronic Informationwith Automatic Identification of Redistributors. IEEE Electronics Letters,43(13):1303–1304, 1998.
[40] J. Domingo-Ferrer. Anonymous Fingerprinting Based on Committed ObliviousTransfer. In H. Imai and Y. Zheng, editors, Second International Workshopon Practice and Theory in Public-Key Cryptography - PKC 1999, volume 1560of Lecture Notes in Computer Science, pages 43–52. Springer-Verlag, 1999.
[41] S. Katzenbeisser (editor). List of potential applications interested by s.p.e.d.D3.1, Philips Research (Philips), for Signal Processing in the Encrypted Do-main (SPEED) Project, IST-2006-034238, Information Society Technologies,2007. Available at: www.speedproject.eu.
[42] P. Ekdahl and T. Johansson. A New Version of the Stream Cipher SNOW.In K. Nyberg and H. M. Heys, editors, Selected Areas in Cryptography, 9th Annual International Workshop, SAC 2002, volume 2595 of Lecture Notes inComputer Science, pages 47–61. Springer-Verlag, 2003.
[43] T. Elgamal. A public key cryptosystem and a signature scheme based ondiscrete logarithms. IEEE Transactions on Information Theory, 31(4):469 –472, 1985.
[44] Z. Erkin, A. Piva, S. Katzenbeisser, R. L. Lagendijk, J. Shokrollahi, G. Neven,and M. Barni. Protection and Retrieval of Encrypted Multimedia Content:When Cryptography Meets Signal Processing. EURASIP Journal on Infor-mation Security, 2007:78943, 20 pages, 2007. doi:10.1155/2007/78943.
[45] S. Even and Y. Yacobi. Relations among public key signature systems. Tech-nical Report 175, Technion, Haifa, Israel, March 1980.
[46] C.-I Fan, M.-T. Chen, and W.-Z. Sun. Buyer-Seller Watermarking Protocolswith Off-line Trusted Parties. In Proceedings of the International Conferenceon Multimedia and Ubiquitous Engineering (MUE’07), pages 1035–1040. IEEECompute Society Press., 2007.
[47] A. Fiat and A. Shamir. How to prove yourself: Practical solutions to identificationand signature problems. In A. M. Odlyzko, editor, Advances in Cryp-tology - CRYPTO 1986, volume 263 of Lecture Notes in Computer Science,pages 186–194. Springer-Verlag, 1987.
[48] C. Fontaine and F. Galand. A Survey of Homomorphic Encryption for Nonspecialists.EURASIP Journal on Information Security, 2007:13801, 10 pages,2007. doi:10.1155/2007/13801.
[49] M. Franklin and M. K. Reiter. Fair Exchange with a Semi-trusted Third Party.In Proceedings of 4th ACM Conference on Computer and CommunicationsSecurity, pages 1–5, 1997.
[50] F. Frattolillo and S. D’Onofrio. A Web Oriented and Interactive Buyer-SellerWatermarking Protocol. In Security, Steganography, and Watermarking ofMultimedia Content VIII, Proc. of SPIE, volume 6072, pages 718–716, 2006.
[51] C. Gehrmann and M. Naslund (ERICS) (editors). ECRYPT Yearly Report onAlgorithms and Keysizes (2006). D.SPA.21, Katholieke Universiteit Leuven (KUL), for ECRYPT Project, IST-2002-507932, Information Society Tech-nologies, 2006. Available at: www.ecrypt.eu.org/documents/D.SPA.21-1.1.pdf.
[52] Gnutella.com. Gnutella website, accessed February 2009. Available at: www.gnutella.com.
[53] B.-M. Goi, Raphael C.-W. Phan, and M. U. Siddiqi. Cryptanalysis of a GeneralizedAnonymous Buyer-seller Watermarking Protocol of IWDW 2004. InT. Enokido, L. Yan, B. Xiao, D. Kim, Y.-S. Dai, and L. T. Yang, editors, Em-bedded and Ubiquitous Computing - EUC 2005, volume 3823 of Lecture Notesin Computer Science, pages 936–944. Springer-Verlag, 2005.
[54] B.-M. Goi, Raphael C.-W. Phan, Y. Yang, F. Bao, Robert H. Deng, and M. U.Siddiqi. Cryptanalysis of Two Anonymous Buyer-Seller Watermarking Protocolsand an Improvement for True Anonymity. In M. Jakobsson, M. Yung, andJ. Zhou, editors, Applied Cryptography and Network Security - ACNS 2004,volume 3089 of Lecture Notes in Computer Science, pages 369–382. Springer-Verlag, 2004.
[55] O. Goldreich. Zero-Knowledge twenty years after its invention. Department ofComputer Science and Applied Mathematics, Weizmann Institute of Science,Rehovot, Israel, 2002.
[56] S. Goldwasser and S. Micali. Probabilistic Encryption. Journal of Computerand System Sciences, 28:270–299, 1984.
[57] S. Goldwasser, S. Micali, and C. Rackoff. The knowledge complexity of interactiveproof-systems. In Proceedings of the seventeenth annual ACM symposiumon Theory of computing, pages 291–304, 1985.
[58] S. Goldwasser, S. Micali, and R. L. Rivest. A Digital Signature Scheme SecureAgainst Adaptive Chosen-Message Attacks. SIAM Journal of Computing,17(2):281–308, 1988.
[59] Joint Photographic Experts Group. JPEG website, accessed February 2009.Available at: www.jpeg.org/jpeg/index.html.
[60] Moving Picture Experts Group. MPEG website, accessed February 2009.Available at: www.chiariglione.org/mpeg.
[61] M. Hirt and K. Sako. Efficient Receipt-Free Voting Based on HomomorphicEncryption. In B. Preneel, editor, Advances in Cryptology - EUROCRYPT2000, volume 1807 of Lecture Notes in Computer Science, pages 539–556.Springer-Verlag, 2000.
[62] Anthony T. S. Ho and F. Shu. A Robust Spread-Spectrum WatermarkingMethod Using Two-Level Quantization. In Proceedings of the 2004 Interna-tional Conference on Image Processing (ICIP 2004), volume 2, pages 725–728.IEEE, 2004.
[63] C. A. R. Hoare. Communicating Sequential Processes. Prentice-Hall International,1985.
[64] Nicholas Hopper, David Molnar, and David Wagner. From Weak to StrongWatermarking. In S. P. Vadhan, editor, Theory of Cryptography - TCC 2007,volume 4392 of Lecture Notes in Computer Science, pages 362–382. Springer-Verlag, 2007.
[65] I. M. Ibrahim, S. H. Nour El-Din, and A. F. A. Hegazy. An Effective and SecureBuyer-Seller Watermarking Protocol. In Third International Symposium onInformation Assurance and Security (IAS 07), IEEE Computer Society Press,pages 21–26, 2007.
[66] I. M. Ibrahim, S. H. Nour El-Din, and A. F. A. Hegazy. An Effective andSecure Watermarking Protocol for Digital Rights Protection Over the Second-Hand Market. In SECRYPT 2007 - International Conference on Security andCryptography, pages 263–268, 2007.
[67] Amazon.com Inc. Amazon Unbox, accessed February 2009. Available at:www.amazon.com.
[68] Apple Inc. iTune Store, accessed February 2009. Available at: www.apple.com/itunes/store.
[69] CinemaNow Inc. CinemaNow, accessed February 2009. Available at: www.cinemanow.com.
[70] Federal information processing standards (fips 180-2). Secure Hash Standard,2001. Available at: csrc.nist.gov/publications/fips/fips180-2/fips180-2.pdf.
[71] Federal information processing standards (fips 186-2). Digital SignatureStandard (DSS), 2001. Available at: csrc.nist.gov/publications/fips/fips186-2/fips186-2-change1.pdf.
[72] Federal information processing standards (fips 197). Advanced EncryptionStandard (AES), 2001. Available at: csrc.nist.gov/publications/fips/fips197/fips-197.pdf.
[73] ISO. Information Technology - Security Techniques - Entity AuthenticationMechanisms - Part 3: Entity Authentication Using a Public Key AlgorithmISO/IEC 9798-3. ISO/IEC International Standard, 2nd Edition, 1998.
[74] H. S. Ju, H. J. Kim, D. H. Lee, and J. I. Lim. An Anonymous Buyer-SellerWatermarking Protocol with Anonymity Control. In P. J. Lee and C. H. Lim,editors, Information Security and Cryptology - ICISC 2002, volume 2587 ofLecture Notes in Computer Science, pages 421–432. Springer-Verlag, 2002.
[75] S. Katzenbeisser and F. A. P. Petitcolas, editors. Information Hiding: Tech-niques for Steganography and Digital Watermarking. Computer Security Series.Artech House, 2000.
[76] S. Katzenbeisser, B. Skori´c, M. U. Celik, and A.-R. Sadeghi. Combining TardosFingerprinting Codes and Fingercasting. In 9th International Workshopon Information Hiding - IH 2007, volume 4567 of Lecture Notes in ComputerScience, pages 294–310. Springer-Verlag, 2007.
[77] J. Kilian, F. T. Leighton, L. R. Matheson, T. G. Shamoon, R. E. Tarjan, andF. Zane. Resistance of Digital Watermarks to Collusive Attacks. TechnicalReport TR-585-98, Princeton University, Department of Computer Science,1988. Available at: ftp://ftp.cs.princeton.edu/techreports/1998/585.ps.gz.
[78] M. Kim, J. Kim, and K. Kim. Anonymous fingerprinting as secure as the bilineardiffie-hellman assumption. In R. H. Deng, S. Qing, F. Bao, and J. Zhou,editors, Information and Communications Security - ICICS 2002, volume 2513of Lecture Notes in Computer Science, pages 97–108. Springer-Verlag, 2002.
[79] N. Koblitz. A Course in Number Theory and Cryptography. Graduate Textsin Mathematics Series, Vol. 114, 2nd Ed., Springer-Verlag, 1994.
[80] M. Kuribayashi and H. Tanaka. A New Anonymous Fingerprinting Schemewith High Enciphering Rate. In C. Pandu Rangan and Cunsheng Ding, editors,Progress in Cryptology - INDOCRYPT 2001, volume 2247 of Lecture Notes inComputer Science, pages 30–39. Springer-Verlag, 2001.
[81] M. Kuribayashi and H. Tanaka. Fingerprinting Protocol for Online-Line TradeUsing Information Gap between Buyer and Merchant. IEICE Trans. on Fun-damentals, E89-A(4):1108–1115, 2006.
[82] RSA Labs. RSA Encryption Scheme - Optimal Asymmetric EncryptionPadding, 2000. Available at: ftp://ftp.rsasecurity.com/pub/rsalabs/rsa_algorithm/rsa-oaep_spec.pdf.
[83] RSA Labs. RSA Signature Scheme with Appendix - Probabilistic SignatureScheme, 2000. Available at: ftp://ftp.rsasecurity.com/pub/rsalabs/rsa_algorithm/nessie_pss.zip.
[84] RSA Labs. How Fast Is The RSA Algorithm?, accessed February 2009. Availableat: www.rsa.com/rsalabs/node.asp?id=2215.
[85] C.-L. Lei, P.-L. Yu, P.-L. Tsai, and M.-H. Chan. An Efficient and AnonymousBuyer-SellerWatermarking Protocol. IEEE Trans. on Image Processing,13(12):1618–1626, 2004.
[86] A. Leung and G. S. Poh. An Anonymous Watermarking Scheme for ContentDistribution Protection using Trusted Computing. In SECRYPT 2007 - Inter-national Conference on Security and Cryptography, pages 319–326. INSTICCPress., 2007.
[87] K. J. Ray Liu, W. Trappe, Z. J. Wang, M. Wu, and H. Zhao. MultimediaFingerprinting Forensics for Traitor Tracing. EURASIP Book Series on SignalProcessing and Communication, Volume 4, Hindawi Publishing Corporation,2005.
[88] YouTube LLC. YouTube - broadcast yourself, accessed February 2009. Availableat: www.youtube.com.
[89] S. H. Low, N. F. Maxemchuk, and S. Paul. Anonymous Credit Cards andTheir Collusion Analysis. IEEE/ACM Trans. on Networking, 4(6):809–816,1996.
[90] M. T. Malkin. Cryptographic Methods In Multimedia Identification And Au-thentication. PhD thesis, Department of Computer Science, Stanford University,2006.
[91] K. Markantonakis, K. Mayes, and F. Piper. Smart Cards for Security andAssurance. In H. R. Rao and S. J. Upadhyaya M. Gupta, editors, ManagingInformation Assurance in Financial Services, pages 166–189. IGI PublishingHershey - New York, 2007.
[92] O. Markowitch, D. Gollmann, and S. Kremer. On Fairness in Exchange Protocols.In P. J. Lee and C. H. Lim, editors, 5th International Conference onInformation Security and Cryptology - ICISC 2002, volume 2587 of LectureNotes in Computer Science, pages 451–464. Springer-Verlag, 2002.
[93] Mastercard. Mastercard payment solutions, accessed February 2009. Availableat: http://www.mastercard.com.
[94] N. Memon and P. W. Wong. A Buyer-Seller Watermarking Protocol. IEEETrans. on Image Processing, 10(4):643–649, 2001.
[95] Chris J Mitchell, editor. Trusted Computing. IEE Press, 2005.
[96] P. Moulin and R. Koetter. Data hiding codes. Invited Paper, Proceedings ofThe IEEE, 93(10), 2005.
[97] T. Okamoto and S. Uchiyama. A New Public-Key Cryptosystem as Secure asFactoring. In K. Nyberg, editor, Advances in Cryptology - EUROCRYPT 1998,volume 1403 of Lecture Notes in Computer Science, pages 308–318. Springer-Verlag, 1998.
[98] H. Pagnia, H. Vogt, and F. C. Gartner. Fair Exchange. The Computer Journal,British Computer Society, 46(1):55–75, 2003.
[99] P. Paillier. Public-key Cryptosystems Based on Composite Degree ResiduosityClasses. In J. Stern, editor, Advances in Cryptology - EUROCRYPT 1999,volume 1592 of Lecture Notes in Computer Science, pages 223–238. Springer-Verlag, 1999.
[100] K. G. Paterson. Id-based signatures from pairings on elliptic curves. IEEEElectronics Letters, 38(18):1025–1026, 2002. Also available at IACR ePrint:eprint.iacr.org/2002/004.
[101] PayPal and Inc. PayPal - a safer, simpler way to send and receive moneyonline, accessed February 2009. Available at: http://www.paypal.com.
[102] B. Pfitzmann and A.-R. Sadeghi. Coin-Based Anonymous Fingerprinting. InJ. Stern, editor, Advances in Cryptology - EUROCRYPT 1999, volume 1592of Lecture Notes in Computer Science, pages 150–164. Springer-Verlag, 1999.
[103] B. Pfitzmann and A.-R. Sadeghi. Anonymous Fingerprinting with Direct Non-Repudiation. In T. Okamoto, editor, Advances in Cryptology - ASIACRYPT2000, volume 1976 of Lecture Notes in Computer Science, pages 401–414.Springer-Verlag, 2000.
[104] B. Pfitzmann and M. Schunter. Asymmetric Fingerprinting. In U. M. Maurer,editor, Advances in Cryptology - EUROCRYPT 1996, volume 1070 of LectureNotes in Computer Science, pages 84–95. Springer-Verlag, 1996.
[105] B. Pfitzmann and M. Waidner. Anonymous Fingerprinting. In W. Fumy,editor, Advances in Cryptology - EUROCRYPT 1997, volume 1233 of LectureNotes in Computer Science, pages 88–102. Springer-Verlag, 1997.
[106] B. Pfitzmann and M. Waidner. Asymmetric Fingerprinting for Larger Collusions.In 4th ACM Conference on Computer and Communication Security,pages 151–160, 1997.
[107] Raphael C.-W. Phan and B.-M. Goi. (In)security of an Efficient FingerprintingScheme with Symmetric and Commutative Encryption of IWDW 2005. InDigital Watermarking, 6th International Workshop - IWDW 2007, LectureNotes in Computer Science. Springer-Verlag, 2007.
[108] A. Piva and A. D. Rosa (editors). State of the art report and accompanyingpublic presentation(s). D2.1, Universit‘a degli Studi di Firenze(UNIFI), for Signal Processing in the Encrypted Domain (SPEED) Project,IST-2006-034238, Information Society Technologies, 2007. Available at:www.speedproject.eu.
[109] G. S. Poh and K. M. Martin. A Framework for Design and Analysis of AsymmetricFingerprinting Protocols. In 2007 International Workshop on DataHiding for Information and Multimedia Security attached to IAS 07, IEEEComputer Society Press, pages 457–461, 2007.
[110] G. S. Poh and K. M. Martin. An Efficient Buyer-Seller Watermarking SchemeBased on Chameleon Encryption. In H. J. Kim, S. Katzenbeisser, and AnthonyT. S. Ho, editors, To appear in Digital Watermarking, Seventh InternationalWorkshop, IWDW 2008, Lecture Notes in Computer Science. Springer-Verlag,2008.
[111] G. S. Poh and K. M. Martin. On the (In)security of Two Buyer-Seller WatermarkingProtocols. In SECRYPT 2008 - International Conference on Securityand Cryptography, pages 253–260, 2008.
[112] G. S. Poh and K. M. Martin. Design Flaws of A Secure Watermarking Schemefor Buyer-Seller Identification and Copyright Protection. International Journalof Cryptology Research, 1(1):55–64, 2009.
[113] G. S. Poh and K. M. Martin. On the Design of Buyer-Seller WatermarkingProtocols Without A Watermark Authority. In E-Business and Telecommuni-cation Networks (To appear), Communications in Computer and InformationScience. Springer-Verlag, 2009.
[114] Niladri B. Puhan and Anthony T. S. Ho. Secure AuthenticationWatermarkingfor Localization Against the Holliman-Memon Attack. Multimedia Systems,12(6):521–532, 2007.
[115] L. Qiao and K. Nahrstedt. Watermarking schemes and protocols for protectingrightful ownerships and customer’s rights. Journal of Visual Communicationand Image Representation, 9(3):194–210, 1998.
[116] I. Ray, I. Ray, and N. Natarajan. An Anonymous and Failure Resilient Fair-Exchange E-Commerce Protocol. Decision Support Systems, 39:267–292, 2005.
[117] R. L. Rivest, A. Shamir, and L. Adleman. A Method for Obtaining DigitalSignatures and Public-Key Cryptosystems. Commun. of the ACM, 2(2):120–126, 1978.
[118] A.-R. Sadeghi. How to Break A Semi-Anonymous Fingerprinting Scheme. InI. S. Moskowitz, editor, 4th International Workshop on Information Hiding -IH 2001, volume 2137 of Lecture Notes in Computer Science, pages 384–394.Springer-Verlag, 2001.
[119] A.-R. Sadeghi and M. Schneider. Electronic Payment Systems. In E. Becker,W. Buhse, D. G¨unnewig, and N. Rump, editors, Digital Rights Management -Technological, Economic, Legal and Political Aspects, volume 2770 of LectureNotes in Computer Science, page 113137. Springer-Verlag, 2003.
[120] A.-R. Sadeghi, J. Shokrollahi, and C. Wachsmann (editors). Identification ofRequirements and Constraints. D3.2, Horst Gortz Institute for IT-Security,Ruhr-University, Bochum, for Signal Processing in the Encrypted Domain(SPEED) Project, IST-2006-034238, Information Society Technologies, 2007.Available at: www.speedproject.eu.
[121] M. Schmucker and P. Ebinger. Promotional and Commercial Content Distributionbased on a Legal and Trusted P2P Framework. In Proceedings ofthe Seventh IEEE International Conference on E-Commerce Technology (CEC’05), pages 439–442. IEEE Computer Society Press, 2008.
[122] C. Schnorr. Efficient Identification and Signatures for Smart Cards. In G. Brassard,editor, Advances in Cryptology - CRYPTO 1989, volume 435 of LectureNotes in Computer Science, pages 239–252. Springer-Verlag, 1990.
[123] M-H Shao. A Privacy-Preserving Buyer-Seller Watermarking Protocol withSemi-trust Third Party. In C. Lambrinoudakis, G. Pernul, and A M. Tjoa,editors, 4th International Conference on Trust, Privacy & Security in DigitalBusiness (TrustBus 2007), volume 4657 of Lecture Notes in Computer Science,pages 44–53. Springer-Verlag, 2007.
[124] D. R. Stinson. Cryptography Theory and Practice. Third Edition, Series onDiscrete Mathematics and Its Applications, Chapman & Hall/CRC, 2006.
[125] J. K. Su, F. hartung, and B. Girod. Digital watermarking of text, image, andvideo documents. Computers & Graphics, Elsevier, 22(6):687–695, 1998.
[126] Trusted Computing Group (TCG). Trusted computing group website, accessedFebruary 2009. Available at: www.trustedcomputinggroup.org.
[127] A. Tomlinson. Application and Business Security: Payment and e–commerceapplications. Lecture Notes IY5601, MSc. of Information Security, Informa-tion Security Group, Royal Holloway, University of London, 2008.
[128] A. Tomlinson. Security For Video Broadcasting. Springer, 2008.
[129] P. Tomsich and S. Katzenbeisser. Towards a robust and de-centralized digitalwatermarking infrastructure for the protection of intellectual property. InK. Bauknecht, S. Kumar Madria, and G. Pernul, editors, Electronic Com-merce and Web Technologies - EC-WEB 2000, volume 1875 of Lecture Notesin Computer Science, pages 38–47. Springer-Verlag, 2000.
[130] Trusted Computing Group (TCG). TCG Specification Architecture Overview.Version 1.2, The Trusted Computing Group, 2004.
[131] Visa and Inc. Visa payment solutions, accessed February 2009. Available at:http://www.visa.com.
[132] Neal R.Wagner. Fingerprinting. In IEEE Symposium on Security and Privacy,pages 18–22, 1983.
[133] T. Wiegand, G. J. Sullivan, G. Bjntegaard, and A. Luthra. Overview of theH.264/AVC Video Coding Standard. IEEE Transactions On Circuits andSystems for Video Technology, 13(7):560 – 576, 2003.
[134] D. M. Williams, H. Treharne, and Anthony T. S. Ho. Using a Formal AnalysisTechnique to Identify an Unbinding Attack on a Buyer-Seller WatermarkingProtocol. In Proceedings of the 10th ACM Workshop on Multimedia and Se-curity (MM & Sec 2008). ACM, 2008.
[135] D. M. Williams, H. Treharne, Anthony T. S. Ho, and A. Walker. Formal Analysisof Two Buyer-Seller Watermarking Protocols. In H. J. Kim, S. Katzenbeisser,and Anthony T. S. Ho, editors, To appear in Digital Watermarking,Seventh International Workshop, IWDW 2008, Lecture Notes in ComputerScience. Springer-Verlag, 2008.
[136] Y. Wu. Security Flaws in Kuribayashi-Tanaka Fingerprinting Protocol. InIEEE International Conference on Communications - ICC 2007, pages 1317– 1322, 2007.
[137] Y. Wu and H. Pang. A Lightweight Buyer-Seller Watermarking Protocol.Advances in Multimedia, 2008:905065, 7 pages, 2008. doi:10.1155/2008/905065.
[138] S. Yong and S.-H. Lee. An Efficient Fingerprinting Scheme with Symmetricand Commutative Encryption. In M.Barni, I. J. Cox, T. Kalker, and H. J. Kim, editors, Digital Watermarking, 4th International Workshop - IWDW2005, volume 3710 of Lecture Notes in Computer Science, page p. 54. Springer-Verlag, 2005.
[139] J. Zhang, W. Kou, and K. Fan. Secure Buyer-Seller Watermarking Protocol.IEE Proceedings - Information Security, 153(1):15–18, 2006.
[140] Q. Zhang, K. Markantonakis, and K. Mayes. A Practical Fair-exchange epaymentProtocol for Anonymous Purchase and Physical Delivery. In Pro-ceeding of the 4th ACS/IEEE International Conference on Computer Systemsand Applications (AICCSA-06), 2006.