Secure Scheme of Digital Fingerprint Based Piracy Tracking

Abstract

163.com Abstract—The piracy tracking is a important task in copyright protection system for the digital work. The traditional copyright protection system could not prevent the badness customer copying and reselling the digital work and could not prevent the badness author replacing the customer's fingerprint. In this paper, a novel secure scheme is proposed for the piracy tracking. In this scheme, a secure copyright protection authority and the fingerprints of the author and the customer are used. After described the architecture of the copyright protection authority, the secure author fingerprint protocol and the secure customer fingerprint protocol are discussed. Based on the copyright protection authority and the fingerprint protocols, the pirate root identification protocols for the abstract and the finished product of the digital work are proposed. After tested in the IPTV system and analyzed in the aspect of security, the proposed scheme and protocols are high performance and secure. Protecting the copyright of the digital work is a common sense which already demonstrated in the World Intellectual Property Organization Copyright Treaty(1), in the Copyright Law(2), and in the Regulations on the Protection of Computer Software(3), etc. The piracy tracking is a important task in copyright protection system for digital works. It used to confirm the root of the pirate digital works and helpful to prevent the piracy. The traditional cipher and signature based copyright protection system could not prevent the badness user(4) copying and reselling the digital work. The digital work can be divided into two types. One is called the abstract which means the abstract of the digital work. The other is called the product or the finished product which means the product purchased by the customer. The same goes for the pirate digial work. One is the pirate abstract; the other is the pirate product. For the pirate abstract, we must identify whether the piracy came from the copyright protection authority (CPA) or from the author himself. For the pirate product, we need judge the author's or customer's piracy. The digital fingerprint based on the digital watermark can be used to implement the piracy tracking. The author's copyright watermark can be treated as the author's fingerprint. Before the abstract or the product is shown or distributed, the customer's fingerprint can be embedded into them using the watermarking technique. When some pirate products are found, the authors or the law enforcement agencies can submit the seized pirate products to the CPA. The CPA will identify the fingerprint to confirm which customer or author himself is the root of piracy. For the piracy tracking, the watermark algorithms(5)(6) are widely researched, but the application schemes and the relative protocols are rarely discussed. The general solution is easy to protection copyright of the author, but less concerns the interests of customers. In general, the seller is supposed to be honest and the fingerprint of the customer is embedded into products by the seller. If the seller is not honest, he can replace the fingerprint into other products to declare that the customer is responsible for the transaction or the piracy. Even more, if there is no secure identifier information in the transaction, the middle man attack could be executed. In paper (7) and (8), the seller cannot counterfeit the customer's fingerprint, but the seller cannot confirm the identifier of the customer. In paper (9),(10) and (11), the fingerprint is generated by CA and embedded by the seller, but the seller can reuse the fingerprint for other products, and accuse the customer violates the seller's or author's copyright. In this paper a novel piracy tracking based on the digital fingerprint is proposed. In section 2, the architecture of the copyright protection authority is designed. In section 3 and 4, the author fingerprint protocol and the customer fingerprint protocol are proposed. In section 5, a secure pirate root identification protocol is discussed. At last section, the security of the proposed scheme and protocols are analyzed and then implemented into the STB for the video service.