Digital fingerprinting for sharing of confidential data

Abstract

Currently, there are three approaches to limit disclosure of databases containing confidential data: (1) altering data before disclosure; (2) learning results without revealing data; and (3) watermarking to prove ownership over a database. This thesis describes a symmetric fingerprinting scheme that can be considered as a fourth approach or a complement to the three existing approaches. The proposed scheme uses fingerprinting to identity the entity who received confidential data and consists of a fingerprint (mark uniquely identifying each recipient), encoder (fingerprint insertion algorithm), decoder (fingerprint extraction algorithm) and a detection algorithm (algorithm to detect fingerprint in data). The scheme distinguishes between trusted and distrusted recipients of data. Trusted recipients have a decoder to fully or partially restore data whereas distrusted recipients don't have a decoder. Scheme requirements including algorithm performance, and attacks including collusion attacks, are analyzed. Proof of concept results are also provided.