Skip to content
Tianyao Gu edited this page Feb 5, 2022 · 31 revisions

Getting Started

Third-Party Dependencies

Model and Engine

In this section, we overview the project's model & system architecture and introduce our solutions to several security concerns.

System Engine Diagram

The system contains an Android frontend application and a Python backend server, communicating via HTTPS.

To generate a new digital watermark, a user must register and log into an Author account. The app will then request a unique tag from the backend server and invoke the local steganography SDK to embed the tag in the image provided by the user. Meanwhile, the user may add custom messages to the watermark and encrypt them with a passcode. Before exporting the "stamped" image, the app will upload all the messages along with the image checksum, and pair them with the tag in the database. The author may edit the messages at any time.

Whoever receives the image, known as the Viewer, can retrieve the digital watermark without login. The app will extract the tag, query the server, and verify the image checksum. The viewer may see public messages from the author and input the passcode to access the encrypted messages.

Here we list the Q&A related to cybersecurity concerns. Note that some countermeasures are not guaranteed in the minimal viable product.

Can attackers invalidate the watermark by modifying some pixels / taking a screenshot / adding noise / reformating / compressing / cropping the image?

It depends on the steganography algorithm. We intend to use a robust model based on machine learning to resist most modifications. For example, StegaStamp can retrieve the embedded information from an image that is printed out and rescanned. To destroy the watermark, the attacker has to modify the image thoroughly, creating identifiable artifacts. More discussion about the steganography algorithms can be found here.

Can attackers forge another user's watermark or photoshop a stamped image without being noticed?

No, as long as the attacker does not know that user's account password. The checksum guarantees that the image cannot be modified without being noticed.

Will my private data be uploaded to the server?

We attach great importance to your privacy and hence our backend only asks for minimal information. Your account password will be salted and hashed before being transmitted to the server. Your IP address is not recorded. The base image for digital watermarking also stays locally - only a secure hash is uploaded. The message part is a bit tricky. Since the image can only store limited information, we have to store your watermark message on the Cloud. We intend to solve this privacy issue by encrypting all the information with a local random key, which is embedded in the image together with the tag. As the image is not uploaded, the server cannot decrypt the message.

Can I choose not to expose my username in the watermark?

Yes, you may choose to keep your username and the timestamp information private when generating the watermark. You can later publish them when there is a copyright conflict.

Can attackers guess the tag of other users without access to the picture?

Theoretically YES, but practically NO. Each tag is a 56-bit long random number. Even if the app has a million users, only 1/70000000000 of the tags are valid.

Can attackers determine the timestamp of the watermark by comparing tags?

No, because tags are not generated in increasing order.

APIs and Controller

View UI/UX

Team Roster

Alphabetized by last name. Each team member has made significant contribution to this project.

Tianyao Gu

Chenxi He

Xueshen Liu

Yu Pan

Puchen Xu

Yingzhuo Yu

Clone this wiki locally