On joint coding for watermarking and encryption

TL;DR

This paper develops a theoretical framework for joint coding that combines watermarking, compression, and encryption, providing optimal tradeoffs and revealing a separation principle in attack-free scenarios.

Contribution

It introduces a coding theorem characterizing the best tradeoffs among distortion, compression, and secrecy in joint watermarking and encryption, extending previous work to include security considerations.

Findings

Single-letter characterization of achievable tradeoffs

Separation principle in attack-free case with independent key

Role of key as side information in general case

Abstract

In continuation to earlier works where the problem of joint information embedding and lossless compression (of the composite signal) was studied in the absence \cite{MM03} and in the presence \cite{MM04} of attacks, here we consider the additional ingredient of protecting the secrecy of the watermark against an unauthorized party, which has no access to a secret key shared by the legitimate parties. In other words, we study the problem of joint coding for three objectives: information embedding, compression, and encryption.Our main result is a coding theorem that provides a single--letter characterization of the best achievable tradeoffs among the following parameters: the distortion between the composite signal and the covertext, the distortion in reconstructing the watermark by the legitimate receiver, the compressibility of the composite signal (with and without the key), and the equivocation of the watermark, as well as its reconstructed version, given the composite signal. In the attack--free case, if the key is independent of the covertext, this coding theorem gives rise to a {\it threefold} separation principle that tells that asymptotically, for long block codes, no optimality is lost by first applying a rate--distortion code to the watermark source, then encrypting the compressed codeword, and finally, embedding it into the covertext using the embedding scheme of \cite{MM03}. In the more general case, however, this separation principle is no longer valid, as the key plays an additional role of side information used by the embedding unit.