Robust watermarking for diffusion models using error-correcting codes and post-quantum key encapsulation

Hu X. Zhang B. Al-Dossari M. El-Gawaad N.S.A. Rakhimzhanova M. Khan A.S.
2026 Frontiers Media SA

Frontiers in Physics
2026 #13

Critical infrastructures increasingly rely on AI-generated content (AIGC) for monitoring, decision support, and autonomous control. This dependence creates new attack surfaces: forged maintenance imagery, manipulated diagnostic scans, or spoofed sensor visualisations can trigger unsafe actions, regulatory violations, or systemic disruption. This paper proposes a post-quantum watermarking framework designed for critical infrastructure security. We embed robust provenance markers directly into the latent space of diffusion models, rather than at the pixel level, and reinforce them using error-correcting codes (ECC) to ensure watermark recoverability even after aggressive distortions such as compression, cropping, noise injection, and filtering. To secure watermark keys in transit and at rest, we integrate Kyber, a lattice-based key encapsulation mechanism standardised for post-quantum cryptography, to protect the watermark stream key against quantum-enabled interception. The resulting scheme (i) preserves visual fidelity, (ii) supports reliable forensic attribution and auditability under hostile conditions, and (iii) remains cryptographically secure in the post-quantum era. Experiments show that the proposed ECC-hardened latent watermarking achieves consistently high extraction accuracy across diverse attacks while maintaining image quality, outperforming state-of-the-art diffusion watermarking baselines. We position this watermarking–encryption pipeline as an enabling mechanism for privacy-aware traceability, zero-trust validation, and quantum-resilient content governance in next-generation critical infrastructure. Copyright

critical infrastructure security , diffusion model , diffusion models , error-correcting codes , infrastructure resilience , kyber , post-quantum cryptography , privacy and provenance

Text of the article Перейти на текст статьи

School of Computer Science, Guangdong Polytechnic Normal University, Guangzhou, China
Department of Physics, Faculty of Science, King Khalid University, Abha, Saudi Arabia
Health Specialties, Basic Sciences and Applications Unit, Applied College, King Khalid University, Muhayil Asir, Abha, Saudi Arabia
School of Artificial Intelligence and Data Science, Astana IT University, Astana, Kazakhstan
School of Science and Technology, Örebro University, Örebro, Sweden

School of Computer Science
Department of Physics
Health Specialties
School of Artificial Intelligence and Data Science
School of Science and Technology

10 лет помогаем публиковать статьи Международный издатель

Книга Публикация научной статьи Волощук 2026 Book Publication of a scientific article 2026