You are on page 1of 27

DIGITAL IMAGE WATERMARKING SYSTEM

DESIGN & ANALYSIS FOR FPGA AND


STANDARD CELL IMPLEMENTATION

1. INTRODUCTION

2. IMAGE WATERMARKING: THEORY OF IMPLEMENTED


APPROACH

3. THE SYSTEM

4. HARDWARE IMPLEMENTATION

5. FPGA/STANDARD CELL/VPR ANALYSIS

6. WATTCH ANALYSIS

7. PROBLEMS FACED

8. CONCLUSION

9. REFERENCES

Introduction

Motivation

The recent growth of networked multimedia systems has increased the


need for the protection of digital media. This is particularly important
for the protection and enforcement of intellectual property rights.
Copyright protection involves the authentication of image ownership,
and the identification of illegal copies of a (possibly forged) image.
Techniques are needed to prevent the copying, forgery and
unauthorized distribution of images and video. Without such methods,
placing images or video sequences on a public network puts them at
risk of theft and alteration.
The basic scenario is as follows: A user has created an electronic
image at some effort and expense, and wants to make it available on a
communications network. When unauthorized copies or forgeries of the
image appear elsewhere on the network, the user needs to prove that
the image belongs to them. One also needs to determine if and by how
much the image has been changed from the original.

With the increase in the availability of digital data such as multimedia


services on the Internet, there is a pressing need to manage and
protect the illegal duplication of data. In the past few years many new
techniques and concepts based on data hiding or steganography
have been introduced as a means for tamper detection in digital
images and for image authentication. One approach involves adding
an invisible structure to a host image to ‘mark’ ownership of it. To be
effective, a watermark must be imperceptible within its host, discrete
to prevent unauthorized removal, easily extracted by the owner and
robust to incidental and accidental distortions.

What is a “Digital Image Watermark”

A digital watermark is a digital signal or pattern inserted into a


digital image. Since this signal or pattern is present in each unaltered
copy of the original image, the digital watermark may also serve as a
digital signature for the copies. A given watermark may be unique to
each copy (e.g. to identify the intended recipient), or be common to
multiple copies (e.g. to identify the document source). In either case,
the watermarking of the document involves the transformation of the
original into another form. This distinguishes digital watermarking from
digital fingerprinting, where the original file remains intact and a new
created file 'describes' the original file's content.

Digital watermarking is also to be contrasted with public-key


encryption, which also transform original files into another form. It is a
common practice nowadays to encrypt digital documents so that they
become un-viewable without the decryption key. Unlike encryption,
however, digital watermarking leaves the original image (or file)
basically intact and recognizable. In addition, digital watermarks, as
signatures, may not be validated without special software. Further,
decrypted documents are free of any residual effects of encryption,
whereas digital watermarks are designed to be persistent in viewing,
printing, or subsequent re-transmission or dissemination.
The types of digital watermarks

Two types of digital watermarks may be distinguished, depending upon


whether the watermark appears visible or invisible to the casual
viewer.
"Visible watermarks" are used in much the same way as their bond
paper ancestors, where the opacity of paper is altered by physically
stamping it with an identifying pattern. This is done to mark the paper
manufacturer or paper type. One might view digitally watermarked
documents and images as digitally 'stamped'.

Invisible watermarks, on the other hand, are potentially useful as a


means of identifying the source, author, creator, owner, and distributor
or authorized consumer of a document or image. For this purpose, the
objective is to permanently and unalterably mark the image so that the
credit or assignment is beyond dispute. In the event of illicit usage, the
watermark would facilitate the claim of ownership, the receipt of
copyright revenues, or the success of prosecution.

Watermarking has also been proposed to trace images in the event of


their illicit redistribution. Whereas past infringement with copyrighted
documents was often limited by the unfeasibility of large-scale
photocopying and distribution, modern digital networks make large-
scale dissemination simple and inexpensive. Digital watermarking
makes it possible to uniquely mark each image for every buyer. If that
buyer then makes an illicit copy, the illicit duplication may be
convincingly demonstrated.

Visible Vs Invisible watermarks

"Visible watermarks" are especially useful for conveying an


immediate claim of ownership. The main advantage is that they
virtually eliminate the commercial value of the document to a would-
be thief without lessening the document's utility for legitimate,
authorized purposes. A familiar example is in the video domain where
a logo is placed in a corner of the screen image. Invisible
watermarks, on the other hand, are more of an aid in catching the
thief than discouraging the theft in the first place. In general, "visible
watermarks" diminish the commercial value of a document or image,
whereas invisible watermarks increase the likelihood of successful
prosecution. The invisible watermark may also act as a deterrent if
perpetrator is aware of their possible use.

Requirements of Watermarks
To be effective in the protection of the ownership of intellectual
property, the invisibly watermarked image should satisfy several
criteria:

1. The watermark must be difficult or impossible to remove, at


least without visibly degrading the original image,
2. The watermark must survive image modifications that are
common to typical image-processing applications (e.g. scaling,
dithering, cropping, compression),
3. An invisible watermark should be imperceptible so as not to
affect the experience of viewing the image, and
4. For some invisible watermarking applications, watermarks
should be readily detectable by the proper authorities, even if
imperceptible to the average observer. Such decidability without
requiring the original, un-watermarked image would be
necessary for efficient recovery of property and subsequent
prosecution.

Techniques of watermarking

Several different methods enable watermarking in the spatial domain.


The simplest is just to flip the lowest-order bit of chosen pixels. This
works well only if the image is not subject to any modification. A more
robust watermark can be embedded by superimposing a symbol over
an area of the picture. The resulting mark may be visible or not,
depending upon the intensity value. Picture cropping, e.g., (a common
operation of image editors), can be used to eliminate the watermark.
Spatial watermarking can also be applied using color separation. In
this way, the watermark appears in only one of the color bands. This
renders the watermark visibly subtle such that it is difficult to detect
under regular viewing. However, the mark appears immediately when
the colors are separated for printing.

Watermarking can be applied in the frequency domain (and other


transform domains) by first applying a transform like the Fast Fourier
Transform (FFT). In a similar manner to spatial domain watermarking,
the values of chosen frequencies can be altered from the original. The
original image is first transformed to the selected domain, and then a
randomly generated (by some preferred distribution) watermark signal
is superimposed upon a selected set of transform coefficients by
adaptively modifying them. The watermarked image is obtained as an
inverse transformation of the modified coefficients. The Discrete
Cosine Transform (DCT) and the Discrete Wavelet Transform (DWT) are
the two most commonly used image transforms. For some algorithms,
in order for the embedded watermark to withstand various forms of
image processing and attack, the transform coefficients having the
strongest magnitudes are chosen for embedding the watermark signal.
Since high frequencies will be lost by compression or scaling, the
watermark signal is applied to lower frequencies, or better yet, applied
adaptively to frequencies that contain important information of the
original picture. Since watermarks applied to the frequency domain will
be dispersed over the entirety of the spatial image upon inverse
transformation, this method is not as susceptible to defeat by cropping
as the spatial technique. However, there is more a tradeoff here
between invisibility and decodability, since the watermark is in effect
applied indiscriminately across the spatial image.

There is a current trend towards approaches that make use of


information about the human visual system (HVS) to produce a
more robust watermark. Such techniques use explicit information
about the HVS to exploit the limited dynamic range of the human eye.
The perceptually invisible data hiding needs insertion of watermark in
higher spatial frequency of the cover image since human eye is less
sensitive to this frequency component. But in most of the natural
images majority of the visual information are concentrated on the
lower end of the frequency band. So the information hidden in the
higher frequency components might be lost after quantization
operation of lossy compression.

Spatial Vs Frequency domain

Spatial watermarking is easy to implement from computational point of


view but too fragile to withstand large varieties of external attacks.
Frequency or transformed domain approach offers robust
watermarking but in most cases implementation needs higher
computational complexity. Moreover the transform domain technique
is global in nature (global within the block in block-based approach)
and cannot restrict visual degradation of the cover image. But in
spatial domain technique, degradation in image quality due to water
marking could be controlled locally leaving the region of interest
unaffected.

IMAGE WATERMARKING: THEORY OF IMPLEMENTED APPROACH

Fragile Image Watermarking

A fragile watermark is a mark that is readily altered or destroyed when


the host image is modified through a linear or nonlinear
transformation. The sensitivity of fragile marks to modification leads to
their use in image authentication.
Fragile watermarks are designed to detect every possible change in
pixel values. In many schemes it can be shown that without the secret
key, the probability of a modification that will not be detected can be
related to a cryptographic element present in the scheme such as a
hash function.

Desirable features of fragile marking system

1. Detect tampering: A fragile marking system should detect (with


high probability) any tampering in a marked image.
2. Perceptual transparency: An embedded watermark should not be
visible under normal observation or interfere with the
functionality of the image.
3. Detector should be able to locate and characterize alterations
made to a marked image: This includes the ability to locate
spatial regions within an altered image which are authentic or
corrupt.
4. The watermark should remain detectable after image cropping.
5. The marking key should be difficult to deduce from the detection
side information.
6. The insertion of a mark by unauthorized parties should be
difficult.

The Image Authentication Framework

An owner embeds the mark into an original image. The marking key is
used to generate the watermark and is typically an identifier assigned
to the owner or image. The marked image is perceptually identical to
the original image under normal observation.

Fig.1 Watermark Embedding


When a user receives an image, he uses the detector to evaluate the
authenticity of the received image. The detection process may require
knowledge of the marking key, the watermark and the original image.
The detector is usually based on statistical detection theory whereby a
test statistic is generated and from that test statistic the image is
determined to be authentic. If it is not authentic then it would be
desirable for the detector to determine where the image has been
modified.

Fig.2 Watermark Detection

Algorithm
implemented for
Image watermarking
and detection:
Secure, Fragile
Authentication Watermark with Localization – J. Fridrich et al

Background

Wong’s scheme (P.Wong, N.Memon- Secret and Public Key


authentication Watermarking Schemes that resist Vector Quantization
Attack: Proc. SPIE ,Security and Watermarking of multimedia
contents ,San Jose, Jan 2000) is one of the first public key spatial
fragile watermarking algorithms. It works by partitioning the image
into a number of blocks and inserting a digital signature for
authentication on a block-wise basis. In the embedding process, for
each block, a digital signature is computed after truncation of the
LSBs. The signature for each block is then embedded in the LSBs in
conjunction with a logo image. At the receiving end, the digital
signature of each block is recomputed after truncation of LSBs and the
block is then authenticated by validating each block using the
embedded information in the LSBs of the block. Unauthenticated
blocks are assumed to have been manipulated, which provides the
mechanism for localization of image manipulations.

Algorithm Description

The algorithm implemented (Fragile Authentication Watermarking with


localization – J.Fridrich et al) differs from Wong’s approach in the
construction of the logo (watermark). The binary logo in this case is
used to carry information about the block position and image index
and possibly other information relevant to the image such as its
original dimensions, author ID etc. Furthermore, the block content will
be authenticated by creating a simply recognizable structure in each
binary logo. (For eg. a 128 bit binary logo could comprise of 2
repetitions of a 64-bit stream)

Watermark Embedding

1. Divide the 8-bit grayscale image into 8x16 blocks (each block
comprising of 128 8-bit pixels).
2. For each block, calculate the hash H of the MSBs of all 128
pixels.
3. Xor the Hash with the Watermark bitstream (binary logo).
4. Encrypt the xor’ed output.
5. Inserted the encrypted bitsream into the corresponding LSB
positions of the image block being watermarked.

Watermark Detection/Verification

1. Divide the 8-bit grayscale image into 8x16 blocks (each block
comprising of 128 8-bit pixels).
2. For each block , calculate the hash H of the MSBs of all 128
pixels.
3. Decrypt the bitstream corresponding to the LSB positions of the
image block under consideration.
4. Xor the decrypted bitstream with the Hash Function output.
5. Compare the output of the above step with the Watermark
(Binary logo) bitstream.
6. If the 1st 64 bits of the generated watermark coincide with the
next 64 bits, it indicates that the block content is authentic.
Swapping blocks and cropping can thus be readily detected.

Algorithms used for individual operations

Hashing: MD5 algorithm

In cryptography, MD5(Message-Digest algorithm 5) is a widely-


used cryptographic hash function with a 128-bit hash value. As an
Internet standard (RFC 1321), MD5 has been employed in a wide
variety of security applications, and is also commonly used to check
the integrity of files. The MD5 algorithm was designed by Prof. Ronald
Rivest at MIT in 1991 to replace the previous MD4 algorithm.

MD5 processes a variable length message into a fixed-length output of


128 bits. The input message is broken up into chunks of 512-bit blocks;
the message is padded so that its length is divisible by 512. The
padding works as follows: first a single but, 1, is appended to the end
of the message. This is followed by as many zeros as are required to
bring the length of the message up to 64 bit less than a multiple of
512. The remaining bits are filled up with a 64-bit integer representing
the length of the original message.

The main MD5 algorithm operates on a 128-bit state, divided into four
32-bit words, denoted A, B, C, and D. These are initialized to certain
fixed constants. The main algorithm then operates on each 512-bit
message block in turn, each block modifying the state. The processing
of a message block consists of four similar stages, termed rounds;
each round is composed of 16 similar operations based on a non-linear
function F, modular addition, and left rotation. Figure 1 illustrates one
operation within a round. There are four possible functions F, a
different one is used in each round.

Denote the XOR, AND, OR and NOT operations respectively.


s denotes a left bit rotation by s places; s varies for each operation,
denotes addition module 232.

Fig.3 One MD5 operation --- MD5 consists of 64 of these operations,


grouped in four rounds of 16 operations. F is a non linear function; one
function is used in each round. Mi denotes a 32-bit block of the
message input, and Ki denotes a 32-bit constant, different for each
operation.
Pseudo code for the MD5 algorithm

//Define r as the following

var int[64] r,k;


r[0:15] := {7,12,17,22,7,12,17,12,17,22,7,12,17,22}
r[16:31] := {5,9,14,20,5,9,14,20,5,9,14,20,5,9,14,20}
r[32:47] := {4,11,16,23,4,11,16,23,4,11,16,23,4,11,16,23}
r[48:63] := {6,10,15,21,6,10,15,21,6,10,15,21,6,10,15,21}

//Use binary integer part of the sines of integers as constants:

for i from 0 to 63

k[i] := floor(abs(sin(i+1))x2^32)

//Intitialize variable:

var inth0 := 0x67452301

var int h1 := 0xEFCDAB89

var int h2 := 0x98BADCFE

var int h3 := 0x10325476

// Pre-processing
append "1" bit to message
append "0" bits until message length in bits = 448(mod 512)
append bit length of message as 64-bit little-endian integer to
message

//Process the message in succesive 512-bit chunks:

foreach 512-bit chunck of message


breakchunk into sixteen-bit-little-endianwords w(i), 0<i<15

//Initialize hash value for this chunk

var int a := h0
var int b := h1
var int c := h2
var int d := h3

// Main loop
for 1 from 0 to 63

if 0<=1<=15 then
f:=(b and c)or((not b) and d)
g := ;
elese if 16<i<31
f:=(b and d)or ((not b and c)
g:- (5xi+1)mod 16
elseif32<=i<=47
f:=b xor c xor d
g:=(3xi+5)mod 16

elseif 48<=i<=63

f:= c xor (b or (not d))


g:=(7xi)mod 16

temp := d
d:=c
c:=b
b:=((a+f+k(i)+w(g) leftrotate(i))+b
a:=temp

//Add this chunk' hash to result so far:

h0:=h0+a
h1:=h1+b
h2:=h2+c
h3:=h3+d

var int digest:=h0 append h1 append h2 append h3 //(expressed as


little-endian)

Public Key Cryptosystem: Encryptor and Decryptor algorithm


(RSA)

Public key cryptography is a form of cryptography which generally


allows users to communicate securely without having prior access to a
shared secret key. This is done by using a pair of cryptographic keys,
designed as public key and private key, which are related
mathematically.

In cryptography, RSA is an algorithm for public key encryption. It was


described in 1977 by Ron Rivest, Adi Shamir and Len Adleman at MIT.
RSA invloves 2 keys: public key and private key (a key is a constant
number later used in the encryption formula) .The public key is known
to everyone and is used to encrypt messages. These messages can
only be decrypted by use of the private key. In other words, anyone
can encrypt a message, but only the holder of a private keycan
actually decrypt the message and read it.

The following steps are used to generate a public key and a private
key:

1. Choose two large prime numbers p and q such that p is not equal
to q , randomly and independently of each other.
2. Compute n = pq
3. Compute the quotient Ф(n) = (p-1)(q-1)
4. Choose an integer e such that 1<e< Ф(n) which is co prime to
Ф(n).
5. Compute d such that de=1 (mod Ф(n)).

The public key consists of


• n, the modulus and
• e, the public exponent (also called encryption constant)

The private key consists of


• n, the modulus which appears in the public key and
• d, the private exponent (also called decryption constant which must
be kept secret)

Encrypting messages : The cipher text corresponding to message


‘m’ is given as c = me mod n

Decrypting messages : Message ‘m’ is recovered from c as m= cd


mod n

A working example: Let

p = 61 — first prime number


q = 53 — second prime number
n = pq = — modulus (to be made public)
3233
e = 17 — public exponent (to be made public)
d = — private exponent (to be kept secret)
2753

The public key is (e,n) and the private key is d.Reg_enable


The encryption
Clock function

is:
Encrypt(m) = me mod n = m17 mod 3233 where m is the message.
Data[7:0]
The decryption function is: 128
Decrypt(c) = cd mod n = c2753 mod 3233 where c is the cipher text.
pixels Reg_lsb[127:0]
128x8 bit Register Bank
8-BIT GRAYSCALE IMAGE
To encrypt the plain text 123 we calculate
Encrypt(123) = 12317 mod 3233 = 855

To decrypt the cipher text 855, we calculate


Decrypt(855) = 8552753 mod 3233 = 123 Reg_msb[127:0] msb_enable

THE SYSTEM
clock

Fig.4 Encoder Block Diagram


reset
Hashing_function
Msg_out_valid

ready

Watermark_Key XOR

lsb_enable
clock

E[4:0] Encryptor

Dataready_in

Dataready_out
Encoder (Watermark Embedder) operation

1. The entire 8-bit grayscale image is divided into blocks of 16x8


(=128) pixels. For each of these image blocks the watermark
insertion is carried out sequentially.
2. The 128 pixel block is loaded onto a register file 1 pixel at a time
with a “reg_enable” flag used to indicate every time 8-bits of a
pixel are successfully loaded. The register file comprises of a
bank of 128 8-bit registers to store the corresponding pixels. It
also comprises of 2 128-bit registers namely “reg_lsb” and
“reg_msb”.
“reg_msb” is used to hold the 128 MSB’s of the pixels that are
going to be embedded with the watermark. “reg_lsb” is used to
hold the watermark encoded bit stream that is ultimately loaded
onto the 128 LSBs of the corresponding pixels.
3. Every time the register “reg_msb” gets loaded with data, the
flag “msb_enable” goes high. This flag correspond to the signal
“msg_in_valid” of the Hasher. The Hasher is reset before every
hashing operation. The “msg_in_width” is set to 128-bits for the
entire length of operation. When “msg_in_valid” goes high, the
hasher takes in the 128 bit stream stored in “reg_msb” through
the “msg_in[127:0]” port and generates a 128 bit hashed
stream using the MD5 algorithm which is output to the port
“msg_output[127:0]”. As soon as the hashed output is
obtained at the above mentioned port, the “msg_out_valid”
signal goes high indicating completion of the hash operation.
Simultaneously, the “ready” signal also goes high indicating that
the hasher is ready to receive the next stream of 128-bit data.
4. When the “msg_out_valid” signal goes high, the hasher output
is taken and XORed with the Watermark bitstream. As soon as
the computation is performed , the “dataready_in” signal of the
Decryptor is made high.
5. When the “dataready_in” signal of the Decryptor goes high it
loads the XOR output stream through the port “datain[127:0]”.
The encryption exponent (E) is input. (The same key is used for
the entire image). The Encryptor encrypts 16-bits of data at a
time using the RSA algorithm for encryption. When the Encryptor
completes its operation it makes “dataready_out” signal high
and outputs the data to the port “dataout[127:0]”.
6. The “dataready_out” signal corresponds to the “lsb_enable”
signal of the register file. When “lsb_enable” goes high the
register file takes the data from the port “dataout[127:0] and
loads it into the register “reglsb”. Reg_enableTheClock bitstream present in
“reglsb” is then used to replace the LSBs of pixels of the image
Data[7:0]
block under consideration. (replacing bits in the 128 LSB
positions) 128
pixels Reg_lsb[127:0]
7. The watermark embedded image128x8 block is then
bit Register Bank
stored back at the
8-BIT GRAYSCALE IMAGE
same location and the whole process begins again.

Fig.5 Decoder Block Diagram


Reg_msb[127:0] msb_enable

clock

reset
Hashing_function
Msg_out_valid

ready

Watermark_Key

XOR XOR
0

Detection_result (all 0's indicate


MATCH)
lsb_enable
clock

D[7:0] Decryptor

Dataready_in

Dataready_out
Decoder (Watermark Extractor) operation

1. The entire 8-bit grayscale image is divided into blocks of 16x8


(=128) pixels. For each of these image blocks the watermark
extraction and detection is carried out sequentially.
2. The 128 pixel block is loaded onto a register file 1 pixel at a time
with a “reg_enable” flag used to indicate every time 8-bits of a
pixel are successfully loaded. The register file comprises of a
bank of 128 8-bit registers to store the corresponding pixels. It
also comprises of 2 128-bit registers namely “reg_lsb” and
“reg_msb” that are used to store the LSB’s and MSB’s of the
pixels.
3. Every time the registers “reg_lsb” and “reg_msb” get loaded
with their corresponding data, their respective flags
“lsb_enable” and “msb_enable” go high. These flags
correspond to the signals “msg_in_valid” and “dataready_in”
of the Hasher and Decryptor functions respectively (within the
decoder).
4. The Hasher is reset before every hashing operation. The
“msg_in_width” is set to 128-bits for the entire length of
operation. When “msg_in_valid” goes high, the hasher takes in
the 128 bit stream stored in “reg_msb” through the
“msg_in[127:0]” port and generates a 128 bit hashed stream
using the MD5 algorithm which is then output to the port
“msg_output[127:0]”. As soon as the hashed output is
obtained at the above mentioned port, the “msg_out_valid”
signal goes high indicating completion of the hash operation.
Simultaneously, the “ready” signal also goes high indicating that
the hasher is ready to receive the next stream of 128-bit data.
5. When the “dataready_in” signal of the Decryptor goes high it
loads the contents of “reglsb” register through the port
“datain[127:0]”. The decryption exponent is input. (The same
key is used for the entire image). The decryptor decrypts 16-bits
of data at a time using the RSA algorithm.When the Decryptor
completes its operation it makes “dataready_out” signal high
and outputs the data to the port “dataout[127:0]”.
6. When both “msg_out_valid” and “dataready_out” are high,
the outputs of the Hasher and the Decryptor i.e. “msg_output”
and “dataout” are XORed . The resultant bitstream represents
the extracted watermark of the particular image block. If it
comprises of identical bitvalues in its LSB and MSB halves, that
indicates an uncorrupted watermark.
7. The extracted watermark is then compared with the watermark
bitstream originally embedded by XORing the 2 bitstreams. The
resultant bitstream represents the comparison result. A stream
of all zeroes indicates a perfect match and correct detection.
8. Once the detection is done the signal “decout_ready” goes high
indicating the decoder is ready to decode the next block of
image data.
9. The whole process begins again with the loading of the next
block of image data onto the register file.

HDL IMPLEMENTATION

The modules for the Encoder and the Decoder were written in Verilog
and their functional verification was done using MODELSIM 6.0a.

Fig.6 A Functional verification of the Encryptor

Fig.6 B Functional verification of the Decryptor

Fig.6 C Functional verification of the Hasher

Fig.6 D Functional verification of the Register File (decoder)

Fig.6 E Functional verification of the Encoder

Fig.6 F Functional verification of the Decoder


FPGA/STANDARD CELL ANALYSIS

FPGA

The HDL designs for both the Watermarking Encoder and Decoder
were Placed and Routed using the QuartusII software suite for the
Altera DE2 board. The following results were obtained after running the
placement, power and timing analyzer.

Area
Modules\Analysi Logic Interconnec
I/O pins
s elements DSP t Usage (%) T_setu T_c
(Max:426
(Max:10345 blocks p (ns)
)
)
Encoder 6356 48 399 45 2.17
Decoder 6343 48 372 51 2.789
Hasher 3121 0 269 33 11.219
Encryptor 3209 48 264 35 48.204
Decryptor 3210 48 267 33 46.852
Register File
0 0 256 17 1.03
Encoder
Register File
0 0 256 14 1.1
Decoder

Analysis Summary

For all the modules, even though the device I/O utilization was very
high, the logic utilization was relatively low. Also, we see that the
hasher module consumes the maximum amount of power as it
repeatedly operates on 128 bit data. The encryptor and the decryptor
modules were found to be the most sensitive to setup time violations.

STANDARD CELL BASED

The modules of the encoder and decoder were in Behavioral Verilog


format. These files were converted into Structural Verilog format using
a perl script. The Verilog netlist was then verified using Synopsys
Design Compiler. The verified design was then technology mapped to
a set of gates with a maximum fan-in of three. The Verilog netlist was
converted into standard cells using Synopsys Design Analyzer.
Analysis was done on the area, power and timing of these standard
cells.

Area Power
Modules\Analysi Cell Net To
s # #Net #Cell Total Cell
Internal Switchin Dyn
Ports s s Area (um2)
Power g Power Po
Encoder 527 10661 14562 1820151.87 38.9 W 14.3 W 63.
Decoder 526 10403 13932 1760883.4 34.8 W 12.5 W 57.
Hasher 269 9790 9491 857681.93 17.5 W 8.7 W 27.
Encryptor 264 1265 381 989069.875 14.6 W 5.32 W 19.
Decryptor 267 1269 369 929877.43 11.2 W 4.88 W 16.1
Register File
260 261 131 34418.132 6.4 W 3.10 W 9.5
Encoder
Register File
261 273 127 38808.273 6.9 W 4.85 W 10.3
Decoder

Standard Cell Layout Diagrams

Fig7a. Register File (Encoder)

Fig7b. Hasher

Fig7c. Encoder

Fig7d. Encryptor

Fig7.d Decryptor

Fig7.e Decoder

Fig7.f Register File (Decoder)

All the images above are the GDSII layouts of the individual modules
and the encoder/decoder as a whole. The above layouts were imported
into CoolViewPlus v7.0 for better clarity while displayed here.

Analysis Summary

As compared to the FPGA based approach, there was a marked


increase in power consumption in the Standard Cell based approach
(orders of magnitude). Since the Design Compiler tool works on 250nm
based library, the leakage power is always a negligible fraction of the
total power consumption.

VPR ANALYSIS

The Verilog netlist obtained from above was converted into a gate level
netlist. The gate level netlist was a BLIF netlist. The conversion was
done using ABC (A System for Sequential Synthesis and Verification,
developed by Berkeley Logic Synthesis and Verification Group), a logic
minimization tool. These blif files were then used for VPR based
Placement and Routing analysis.

Circuit Optimum # of Total


Array Size
:#BLE/cluster Channel transistors # of logic
( # of
:# width Per logic transistors
CLBs)
Inputs/cluster (W-detailed) cluster
Encoder:4:10 32 x 32 34 1432 1466368
Encoder:1:4 63 x 63 13 205 813645
Decoder:4:10 31 x 31 27 1398 1343478
Decoder:1:4 60 x 60 11 198 712800

Routing area in terms of no. of min. width transistors as


reported by VPR
Encoder: 4:10
Routing area (in minimum width transistor areas):
Assuming no buffer sharing (pessimistic). Total: 3.34263e+06, Per CLB:
6318.78
Assuming buffer sharing (slightly optimistic). Total: 2.26332e+06, Per
CLB: 4278.48

Encoder:1:4
Routing area (in minimum width transistor areas):
Assuming no buffer sharing (pessimistic). Total: 6.36335e+06, Per CLB:
3286.85
Assuming buffer sharing (slightly optimistic). Total: 4.31675e+06, Per
CLB: 2229.73

Decoder: 4: 10
Routing area (in minimum width transistor areas):
Assuming no buffer sharing (pessimistic). Total: 2.71946e+06, Per CLB:
3730.40
Assuming buffer sharing (slightly optimistic). Total: 2.06824e+06, Per
CLB: 2837.09
Decoder: 1: 4
Routing area (in minimum width transistor areas):
Assuming no buffer sharing (pessimistic). Total: 7.88719e+06, Per CLB:
2704.80
Assuming buffer sharing (slightly optimistic). Total: 5.37527e+06, Per
CLB: 1843.37

For both encoder and decoder circuits the cluster size of 4 with 10
distinct inputs was found to be more area efficient as compared to the
cluster size of 1 with 4 distinct inputs. This is because in a clustered
FPGA many nets are completely absorbed within the clusters and their
routing is taken care of by the intra-cluster multiplexers.

“WATTCH” ANALYSIS

Background

“WATTCH” is an architectural simulator that estimates CPU power


consumption. The power estimates are based on a suite of
parametrizable power models for different hardware structures and on
per-cycle resource usage counts generated through cycle level
simulation. The power models have been integrated into the “Simple
Scalar” architectural simulator.

A modified version of SimpleScalar’s sim-outorder is used to collect


results by WATTCH. SimpleScalar provides a simulation environment
for modern out-of-order processors with 5-stage pipelines: fetch,
decode, issue, writeback and commit. Speculative execution is also
supported. Separate banks of 32 integer and floating point registers
make up the architected register file and are only written on commit.
The power oriented modifications provided by WATTCH (whose
modules are integrated within SimpleScalar) track which units are
accessed on each cycle and how and compute the power values
associated with those units accordingly.
These power modules have been verified against industrial circuits and
have been found to be within 10% for low level capacitance estimates.

Experimental Setup

To evaluate the power-performance of the Watermarking algorithm


(used for FPGA and Standard Cell based implementation in this project)
in a general purpose processor environment WATTCH was used to
simulate the algorithm. Similar simulations were performed using
binaries of three other watermarking algorithms namely Hartley
Transform based, Fast Cosine Transform based and Sub-band Discrete
Cosine Transform based (All developed by Vassilis Fotopoulis: signal
processing ‘98, European Signal Processing Conference ’00). Despite
the availability of source codes of a lot many other watermarking
algorithms, the analysis was restricted to the above algorithms due to
the high level of complexity involved in generating PISA binaries
(requisite for SimpleScalar simulation) for them. The GNU tool chain
used for generating the PISA binaries for SimpleScalar is very selective
in the sort of commands it would allow for compilation and
unfortunately most of the algorithms could not be compiled using this
tool chain.

Simulation Results

Power dissipated per simulation cycle in milli-watts by


Encoders

Fast
Hartley Sub-
Cosine
Transfor band WM_Algo
Transfor
m DCT
m
Branch
Prediction 0.4988 0.5051 0.5671 0.301
Unit
ResultBus
0.4601 0.4666 0.6034 0.613
Unit
Instruction
0.6547 0.6674 0.7015 0.661
Cache Unit
ALU Unit 2.299 2.315 2.61 1.95
Pow er dissipated per simulation cycle in milli-w atts by Watermark Encoder (on
WATTC H )

2.5

1.5 B ranch Prediction Unit


ResultBus Unit
1 Instruction Cache Unit
A LU Unit

0.5 ALU Unit


Instruction Cache Unit
0 ResultBus Unit
Hartley Branch Prediction Unit
Fast
Transform Sub-band
Cosine W M_algo
DCT
Transform

Performance Penalty

Fast
Hartley Sub-
Cosine
Transfor band WM_Algo
Transfor
m DCT
m
#of
simulation 15158 17250 20898 15230
cycles
Total simulation time of the Encoders(# of SIMPLESCALAR simulation cycles)

25000

20000
# of simulation cycles

15000

# of simulation cycles

10000

5000

0
Hartley Transform Fast Cosine Sub-band DCT WM_algo
Transform
Algorithm

Power dissipated per simulation cycle in milli-watts by


Decoders

Fast
Hartley Sub-
Cosine
Transfor band WM_algo
Transfor
m DCT
m
Branch
Prediction 0.5034 0.6152 0.6672 0.415
Unit
ResultBus
0.4004 0.412 0.4887 0.412
Unit
Instruction
0.7124 0.7328 0.79 0.654
Cache Unit
ALU Unit 3.65 3.67 3.92 2.98
Power dissipated per simulation cycle in milli-watts by Watermark Decoder (on
WATTCH)

3.5

2.5

2 Branch Prediction Unit


ResultBus Unit
1.5 Instruction Cache Unit

1 ALU Unit

ALU Unit
0.5
Instruction Cache Unit
0 ResultBus Unit
Hartley Branch Prediction Unit
Fast
Transform Sub-band
Cosine WM_algo
DCT
Transform

Performance Penalty

Fast
Hartley Sub-
Cosine
Transfor band WM_algo
Transfor
m DCT
m
# of
simulation 16240 19310 21650 16348
cycles
Total simulation time of Decoders (# of simulation cycles on SIMPLESCALAR)

25000

20000

15000
Algorithm

# of simulation cycles

10000

5000

0
Hartley Transform Fast Cosine Sub-band DCT WM_algo
Transform
# of simulation cycles

Analysis Summary

Expectedly, the Watermarking algorithm implemented by us in this


project (as against the other algorithms) did much better in terms of
average power dissipation by the 4 most power hungry resource units
(top 4 max. total power dissipation units). The power benefits did not
incur a big increase in the simulation time. The appreciable difference
in the power values were anticipated since any spatial watermarking
algorithm is much less computationally intensive as compared to a
frequency domain watermarking algorithm and thus exercises the
resource units much lesser.

PROBLEMS FACED

The conversion of Behavioral to Structural Verilog was very tedious due


to the selectiveness of the Design Compiler library. Generating PISA
binaries for existent and our image watermarking source code was
extremely difficult.

CONCLUSION
A Fragile watermarking system in spatial domain was successfully
implemented on FPGA and Standard Cell. The analysis was done using
Altera Quartus 2.0 Pro and Synopsys Design Compiler. The
watermarking process did not introduce visual artifacts and retained
the quality of the images. The design was ported to a suitable format
for analysis using academic software tools - VPR and Wattch. On all
platforms the basic area, power and timing results were determined.

REFERENCES

1. Security of Fragile Authentication Watermarks with Localization –


J.Fridrich, SUNY Binghamton
2. MD5 Message Digest Algorithm – R.Rivest, MIT Lab for Computer
Science and RSA Data Security Inc. April 1992
3. A Review of Fragile Image Watermarks – Eugene Lin and Edward
Delp, Purdue University
4. A Hierarchical Image Authentication Watermark with Improved
Localization and Security – Mehmet Celik, Gaurav Sharma, Eli
Saber and Murat Tekalp, Oct 2000, IEEE Proceedings
5. An Invisible Watermarking Technique for Image Verification –
Minerva Yeung and Fred Mintzer, IBM T.J. Watson Research
Center, 1997
6. A Method for Obtaining Digital Signatures and Public Key
Cryptosystems – R.L. Rivest, A. Shamir and L. Adleman, MIT
7. Secret and Public Key Image Watermarking Schemes for Image
Authentication and Ownership Verification – Ping Wah Wong and
Nasir Memon, June 2001, IEEE Proceedings
8. Secret and Public Key Authentication Watermarking Schemes
that resist Vector Quantization attack – P Wong and N Memon,
SPIE Jan 2000
9. http://www.altera.com
10. http://www.wikipedia.com
11. http://www.watermark-world.com

You might also like