The WWW increasingly allows people to create and update content for public access. Some of this information is collaboratively owned (created and maintained), while other information is privately owned and maintained (but still publicly accessible). Whereas it is unethical to modify the former for covert communication, it is quite legitimate to do so with the latter, and this paper gives a design for doing so while achieving both plausible deniability and automatic perishability of the covert message (the message disappears unless periodically refreshed by the encoder). Traditional information-hiding has looked at the problem of embedding a message in a static version of an online document, the problem of doing so for rapidly evolving document collections has not been considered in the past. This paper shows that it is possible to do so, and in a manner that actually makes use of the rapidly evolving nature of the documents to achieve the above-mentioned property of evanescence: That the message decays over time and eventually becomes completely erased unless it is refreshed. Therefore the mark needs to be continuously maintained as the document evolves, in a manner that prevents the adversary from knowing who is doing the refreshing yet that allows the intended reader of the mark to recover it without any form of explicit communication. One advantage of our scheme is that the mark's reach is now unbounded: It can be read by any authorized entity on the web (anyone with the secret key), and the reading of it is indistinguishable from normal web access patterns. Another advantage is the "hiding in the crowd" effect: Many people are updating the documents, thereby providing a cover for the one person surreptitiously injecting and refreshing the mark, or replacing it with another mark message. We have also demonstrated the feasibility of the proposed technique, and shown that remarkably little effort is required to implement our scheme over today's web. "Portions of this work were supported by Grants IIS0325345, IIS-0219560, IIS-0312357, and IIS-0242421 from the National Science Foundation, and by sponsors of the Center for Education and Research in Information Assurance and Security. t: ti . t t t i i it t tt , , , j , , t . .
[1]
Ian Goldberg,et al.
Privacy-Enhancing Technologies for the Internet, II: Five Years Later
,
2002,
Privacy Enhancing Technologies.
[2]
Bruce Schneier,et al.
Inside risks: risks of PKI: secure email
,
2000,
CACM.
[3]
Mikhail J. Atallah,et al.
The hiding virtues of ambiguity: quantifiably resilient watermarking of natural language text through synonym substitutions
,
2006,
MM&Sec '06.
[4]
Mikhail J. Atallah,et al.
Information hiding through errors: a confusing approach
,
2007,
Electronic Imaging.
[5]
Mikhail J. Atallah,et al.
Lost in just the translation
,
2006,
SAC.
[6]
Aviel D. Rubin,et al.
Publius: a robust, tamper-evident, censorship-resistant web publishing system
,
2000
.
[7]
Peter Wayner,et al.
Mimic Functions
,
1992,
Cryptologia.
[8]
Mark Chapman,et al.
Hiding the Hidden: A software system for concealing ciphertext as innocuous text
,
1997,
ICICS.
[9]
Patrick Traynor,et al.
Privacy Preserving Web-Based Email
,
2006,
ICISS.
[10]
Mikhail J. Atallah,et al.
Words are not enough: sentence level natural language watermarking
,
2006,
MCPS '06.