Digital Rights Management Next Tuesday Basic Problem Outline Content Hashing Copyright Crawler
Total Page:16
File Type:pdf, Size:1020Kb
CS 155 Spring 2006 Next Tuesday Digital Rights Management Paul Kocher John Mitchell President and Chief Scientist Cryptography Research, Inc. 2 Basic Problem Outline Joey writes and records a song Examine or modify content Song distributed on some sort of media Content hashing and copyright crawling Watermarking Joey (and music company) want to sell recordings Fingerprinting But digital info is easy to copy, on most media Regulate use through special content players What can Joey (and Music Inc.) try to do? Apply complex policies, need tamper-proof platform Look for copies? Some examples Mark recording to make it easier to find copies? MediaMax CD3: restrict access on software players Restrict media so only certain devices can play it? DVDs: CSS encryption and hardware/software players Windows Media Rights Management Office Information Rights Management All of these approaches have problems; no perfect solution (yet?) 3 4 Content hashing Copyright Crawler Suppose we had a “content-aware” hash function: Web crawler looks for copyright violations H: {music} → {short strings} Use list of hashes of all copyrighted content satisfying: Scans all web sites, Kazaa network, Napster, etc. 1. If M1 and M2 are two music clips (e.g. MP3 files) that For every music file found, compute hash and compare play the “same” song then H(M1) = H(M2) If match is found, call the lawyers 2. Given a clip M a pirate cannot create an “acceptable” clip M’ such that H(M) ≠ H(M’) Problems: Hash functions unlikely to exist for music Is this realistic? Does not protect against anonymous postings: publius Hash function must resist all signal processing tricks Very high workload Do not know such hash functions exist some claim to have them 5 6 1 Examples Improvement: watermarking DigiMarc MarcSpider Embed hidden watermark at the recording studio Crawls web looking for pirated images Embed( M, I ): outputs a watermarked version of music M with May use watermarking? (next topic) the information I embedded in it MOSS (Measure Of Software Similarity) Retrieve( M’ ): takes a watermarked music file M’ and outputs the embedded watermark I Detect plagiarism in programming assignments, web pages http://www.cs.berkeley.edu/~aiken/moss.html Watermark requirements (not necessarily achievable): SCAM: N. Shivakumar, Stanford. Watermark must be inaudible Crawls web looking for academic plagiarism Watermark should be robust: Given M1 = Embed(M,I), Several success stories: pirate cannot create an “acceptable” M with Retrieve(M ) ≠ I http://www-db.stanford.edu/~shiva/SCAM/scamInfo.html 2 2 To do this, watermark must resist all signal processing tricks - resampling, cropping, low-pass filtering, … 7 8 Example Watermarked File Watermark-based enforcement Copyright crawler uses “Retrieve” algorithm Benefits: Copyright crawler does not need list of all copyrighted material No need for content aware hash Watermarking music “seems” to be an “easier” problem. But, some of the same problems as before Second image has watermark inserted by DOS software Does not defend against anonymous postings “White Noise Storm” High workload 9 10 Robust watermarks?? Fingerprinting Embed & Retrieve algs are usually kept secret Basic idea: “Security by obscurity” – not a successful Embed a unique user ID into each sold copy approach If user posts copy to web or Napster, Do robust watermarking systems exist? embedded user ID identifies user Problem: We don’t know the answer Need ability to create distinct and indistinguishable StirMark versions of object Generic tool for removing image watermarks Collusion: two users can compare their objects to Oblivious to watermarking scheme find parts of the fingerprint SDMI challenge: Obj1 Obj1 Broken: Felten, et al. mark Obj2 ?? mark 11 12 2 Watermarking Images (>200 papers) Watermarking Music (>200 papers) DigiMarc: embeds creator’s serial number. Aris Tech (MusicCode): Merged to form Add or subtract small random quantities from each Rate: 100 bits/sec of music Verance pixel. Embedded signal kept secret. Solana (E-DNA) Used by SDMI Signafy (NEC). Used by LiquidAudio. Add small modifications to random frequencies of entire Fourier Spectrum. Argent: Embedded signal kept secret. Embed full text information. Caronni: Embed geometric shapes in FrameBased: info. inserted at random areas of signal background. Secret key determines random areas. SigNum Tech. (SureSign). 13 14 Some other issues “My Story” by Ed Felten Digital Millennium Copyright Act (DMCA) Industry consortium (SDMI) considering four Forbids circumvention of copy protection mechanisms, and circumvention tools and technologies technologies for deployment in next-gen Some exceptions for security testing, law enforcement, music and players. research that aims to improve security We (Princeton, Rice, Xerox researchers) study Fair Use technologies, find that they don’t work very Copyright law allows regulated use of copyrighted material well. in certain circumstances Example: quote copyrighted material in a critical review We write a paper detailing our findings. Paper accepted for publication at conference. 3 Slides from: http://csrc.ncsl.nist.gov/ispab/2002-06/Felten-06-2002.pdf 15 Disclaimer: I am not a lawyer. No statements in CS155 are legal advice. 16 “Our Paper” “My Story (cont.)” Music industry claims that our paper is a Music industry (RIAA, SDMI, Verance) “technology” whose primary purpose is threatens lawsuit if we publish. copyright circumvention Conference organizers also threatened. We withdraw paper because of threats. Similar claim for oral presentation We file lawsuit seeking right to publish Threatens to sue authors of paper, After legal wrangling, paper is published conference organizers, and employers We managed to publish, but: Seeks control over contents of paper Months of effort by researchers lost Hundreds of lawyer-hours spent ($$$) Member of our team loses his job Eight-month delay in release of our results 17 18 3 Outline Passive vs Active Protection Examine or modify content Content hashing and copyright crawling Watermarking Fingerprinting Regulate use through special content players Apply complex policies, need tamper-proof platform Some examples MediaMax CD3: restrict access for software players DVDs: CSS encryption and hardware/software players Windows Media Rights Management Office Information Rights Management 19 20 MediaMax CD3 (SunnComm) Sony XCP Goal Restrict use of music CD on computer Method CD contains autorun file that causes Windows to launch LaunchCD.exe, installs “SbcpHid” driver Driver prevents copying of restricted CDs Failures LaunchCD.exe will not run on Linux On Windows: hold shift key while loading CD CD contains copy protection software Digital Millennium Copyright Act (DMCA) Forbids circumvention of copy protection mechanisms, and Copy protection software protected by rootkit circumvention tools and technologies Rootkit detected by RootkitRevealer http://www.cs.princeton.edu/~jhalderm/cd3/ http://www.sysinternals.com/blog/2005/10/sony-rootkits-and-digital-rights.html 21 22 Content protection via encryption Example: CSS Basic idea: CSS: Content Scrambling System Content distributor encrypts content before releasing it. Used to protect DVD movies. Release: C = EK[content] Decryption key embedded in all players. Each DVD player manufacturer i has key Ki, e.g. Ksony Player will only decrypt if policy is satisfied. Embed same key Ksony in all players from Sony. Note: cannot prevent copying after decryption. Every DVD movie M is encrypted as follows: 1. enc-content = E [M] ; K – a random key. User can probe bus to sound card. K 2. E [k] , E [K] , … Unlike watermarking: watermark is embedded in content. Ksony Kphilips Propagates in cleartext copies of content. About 400 manufacturer keys Problem: what if one pirate uses reverse engineering to expose global key k ?? 23 24 4 Problems with CSS Better revocation technique DeCSS: Embed a distinct key in every player Extracted key from Xing software player Could decrypt any DVD playable on the Xing player MPAA revoked Xing key: disabled all Xing players! Bigger problem: Players: i Encryption algorithm in CSS is based on LFSR’s Very fast: video rate decryption on weak DVD player Very weak: given one manuf. Key, can get all keys Every node v has an associated key Kv. Every player corresponds to leaf node. Key for player i: all keys on path from root to leaf i. 25 26 Revocation How to tell which player to revoke? Initially When pirate publishes single key on Internet, Encrypt all content with key at root MPAA knows which keys to revoke. Any player can decrypt content. When player i is revoked Encrypt content-key so only players other than i can decrypt. What if pirate sells pirated players? How can MPAA tell which keys embedded in player? Solution: Tracing systems can interact with player and determine how to revoke that player. How? Take crypto class… 27 28 Movies Books Digital Distribution Dream ( Music ) Digital rights management Artist Distributor Consumer Distribute information in specific format Player that knows this format controls action Package Control reading, playing, or copying content Content Player Guarantee payment in proportion to use Content Package Count number of times content is used Content Transfer payment to distributor Problem: Computer files are easy to duplicate Can software player on general-purpose computer achieve goals? No end run Must be impossible to use content without player