Dennis Shasha, 2005. Privacy-Preserving Anti-Piracy Dennis Shasha Joint work with Michael Rabin

Dennis Shasha, 2005.

Privacy-Preserving Anti-Piracy

Dennis Shasha

Joint work with Michael Rabin


The Problem• Digitized Intellectual Property:

– Computer Software– Games– Music– Movies– Books

• Losses from piracy:– $20 billion+ / year


Moral Assumptions

• Property deserves to be protected -- just because it is easy to steal doesn’t mean one should do it

• But don’t get crazy -- no police, jail, prosecution

• Think: speed bump -- you behave even when nobody is watching.


Current Solutions

• Encrypt content, encapsulate execution

• Watermark content, sue offenders

• Protected CDs, DVDs. Zone codes.

• Monitor internet, prosecute students and grandmothers

• Spy on and disrupt illegal internet distribution


Disadvantages and Attacks• Encapsulation pried open

• Broken once, run everywhere (BORE)

• Watermarks excised

• CD/DVD protection broken by felt-tipped markers (also BORE)

• Analog Hole

• Public backlash against spying and prosecution

• Privacy infringement


Time for a New Approach?

• Identify content at runtime

• Content protected?

– Look for tag specifying usage policy (UP)– No tag or infringement of UP, stop

use/execution on user device (UD)

Don’t tell anybody.


Overall System Architecture

ContentAuthor

ContentVendor

Superfingerprint Server (Copyrights)

GuardianCenter

User Device

Content

Tags Signed Tag

Signed Tags

Purchase Order

Content

SPFs

Call-ups (TTIDs)

Continuationmessages

Content identifying info


User DeviceOS & Supervising Program (SP)

Secure Clock

Superfingerprints

Tag Tables (TTs)

Content

TTID1TagTag…

. . . TTID2TagTag…

TTIDkTagTag…


Supervising Program• Identifies executed content, at runtime, in

memory, using Superfingerprints

• Looks for Tag for protected content

• Maintains Secure Clock

• Initiates Call-ups

• Manages Tag Tables


Privacy-Preserving Purchase

Tag Table TT; TagTable ID = TTID

Structure S = (Name( C), TTID, Hash(SW), UsagePolicy, NONCE)

Purchase order = (Hash(S), Name( C), Hash(SW), UsagePolicy)

So, TTID hidden by NONCE and HASH.


Privacy-Preserving Purchase II

Purchase order is sent to vendor/author. Vendor/author verifies purchase details (which could have been paid with by digital cash) and responds with

SignAut(PurchaseOrder)Side benefit: author need never worry

about vendor cheating.


Privacy-Preserving Purchase III

Supervising program verifies vendor/author’s signature and consistency with author and then installs author name, S, and signed purchase order into tag table.

That triple is the tag.


Purchase – information transferunder one-time payment

anonymizing network

• Vendor/author signs a purchase order, but without knowing for whom though does know for what.

• Tag table ID is hidden, so no way to associate TTID with software.

• Important because call-up protocol sends TTID from User Device.



ContentAuthor

ContentVendor


GuardianCenter

User Device

Content

Tags Signed Tag

Signed Tags

Purchase Order

Content

SPFs

Call-ups (TTIDs)




Preventing Promiscuous Copying of Tag Tables

• At prescribed intervals, say between 5 and 7 days, Supervising Program calls Guardian Center, over secure channel, sends list TTID1, TTID2, . . . (tag table identifiers)

• GC maintains list of TTIDs, appends latest call-up w.r.t. TTIDk, checks CallUp not too soon

• GC returns, over secure channel Continuation Message

SignGC(timestamp, TTID1, TTID3, . . .)


• On User device, Supervising Program disables Tag Tables without timely continued IDs

• Allowance policy to postpone call-ups when in Bora Bora.

• Transfer of content:– Supervising Program sends TT from UD to UD1– Disables TT on UD– Call-up policy limits dual presence of TTIDs


Call-Up Information Revealed

• User device reveals TTIDs but these are just numbers having no correspondence to any property of the software contained in corresponding tag tables.

• So even if XYZ’s software is the most popular, the tag table ids for the different owners of that software will be different.


Technical Point

• Call-up includes hash of a slowly changing description of the machine state in the User Device Descriptive Value.

• This value should not change too much between the call-up send and the call-up receive.

• This is one way to prevent a single call-up response being sent to many “shadow” user devices.



ContentAuthor

ContentVendor


GuardianCenter

User Device

Content

Tags Signed Tag

Signed Tags

Purchase Order

Content

SPFs

Call-ups (TTIDs)




Identification and Protection

• Suite of identification algorithms for software, music/sound, video, text

• Content scanned in memory (in the working-set) “fingerprinted”, fingerprints compared to Superfingerprint Lists in memory

• Identified look for Tag stop/continue


Updating Superfingerprint Lists• Lists are timestamped and digitally signed by

Superfingerprint Server. Lists on UD must be (loosely) up-to-date.

• Lists include author-software associations plus enhanced/new identification algorithms to counter new challenges

• Updating is incremental

• Information flow is only into the User Device, so no information revealed.


FAQs

• How can we claim that we preserve privacy when we have call-ups?

-- The call-ups send Tag Table IDS (TTIDs) information that neither identifies the user nor the software on the user device. Protocol can be verified by third parties.

-- Tags hide tag table IDs using a one-way hash and a NONCE.


FAQs II

• Transferring software is possible?

-- Sure. Simply transfer the tag tables and the software.

• But doesn’t that make stealing easy?

-- No. Call-ups ensure that same tag table IDs are not on two sites.


FAQs III

• Why don’t you suffer from BORE (break once run everywhere)?

-- Superfingerprints detect use of software rather than mere possession.

• Can’t I subvert your detection?

-- Maybe, but we think we do a good job detecting functional equivalents of software. Also superfingerprints can adapt with each download.


FAQs IV

• What happens when you catch someone stealing?

-- Supervising program stops the use of that software. No information leaves the user device. Functional equivalent of a speed bump: behave because you get car-sick if you don’t.No need for police.


FAQs V

• Could Bob’s freeware be blocked by an evil Alice who forms a superfingerprint on Bob’s creation?

• Well, technically speaking yes. We would offer free or nearly free (hashcash cost to avoid denial of service) to “copyright” i.e. form superfingerprints for content that Bob does not currently want to protect.

• This will establish Bob’s primacy


FAQs VI

• What about fair use?

• Lending software: Bob can temporarily disable a tag table and give the tag table to Alice.

• Excerpting: Superfingerprint identification can vary depending on the content. Could require that more than 10 seconds of a song must be present for pirating to be declared.


FAQs VII

• So, if this is so great, why ain’t you rich? -- For this architecture to take hold, the

hardware and operating system vendors must help us out. Their anti-piracy incentives aren’t so clear. Disfunctional economic equilibrium.

-- However, the explosion of demand for computing given the web shows that if content is better and less expensive, platforms, customers and content all benefit

-- Legislation to level playing field.


Advantages

• Privacy-Preserving: a) Purchases anonymousb) No identifying info leaves user device

• No police overhead/threat.

• Continuously updateable protection

• Content obtainable separately from Tag/right to use, so preloading possible.

• Technology friendly: embrace peer to peer, video on demand, free software.


Disadvantages

• Not deployed platform manufacturer vs. content author change to old business model:

Not CD ROM based. No license server No watermarks

• Technically Challenging Right amount of detection flexibility Superfingerprint management.


Extra: Censorship

• Such a powerful technology could support censorship, though an idea can be expressed in so many different ways.

• Prevention by technical/policy means: make the creation of the superfingerprint server public/private key pair an international effort and ensure that security chip is constructed using that key.

• Author invents before censor recognizes so give priority to first author of content.


Alternative to Call-Up

• Even though Call-Ups reveal nothing and our protocol can be published, some people may worry.

• Alternative is to tie (using nonces for privacy) the machine id into the tags or similar solution.

Documents

Dennis Shasha, 2005. Privacy-Preserving Anti-Piracy Dennis Shasha Joint work with Michael Rabin