[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Digital Fingerprinting
A couple of threads have recently touched on aspects
of "digital fingerprinting", a term that covers a variety
of methods for making changes to digital documents in
order to trace the origin of illicit copies. This subject
has been on my mind after several discussions on this topic
at Crypto, as well as the one formal presentation on the
subject.
Here are some of my thoughts on this subject:
o If the domain of changes is well understood, and can be
altered without significant loss of quality, then it is
trivially easy to remove the fingerprinting. In other words,
if you know the algorithm used to create the fundamental
codewords in the fingerprint, and you can overwrite
arbitrary codeword bits with other codeword bits, then the scheme
can be avoided without collaboration of any kind.
Example: A software company fingerprints its software by
mapping two equivalent machine instructions onto binary "0"
and "1", respectively. Someone who knows about this could
randomly replace one instruction with the equivalent one,
which would reduce the fingerprint to noise.
Example: A publishing company uses an even number of points
between paragraphs to indicate "0" and an odd number of
points to indicate "1". Someone who understands this can
overwrite the fingerprint as above.
o If a fingerprinting scheme depends on the secrecy of an algorithm,
then this is really "security by obscurity", which may
be effective for a period of time, but is likely to meet
the fate of most copy protection schemes that have rested
on raw obscurity.
o Certain domains of information lend themselves to the
secure formation of fingerprint "bits" that are very difficult
to scrub in this way. One such scheme was used as the basis
for the presentation at Crypto: imagine that a film was shot
with two (or N) cameras. For each frame of the film, the
distributor can chose to take a frame from a different
camera. Frames from camera 0 would be mapped onto binary "0",
frames from camera 1 would be mapped onto binary "1". Using
this approach it is possible to construct schemes that are
resistant to collaboration up to "N" people.
The security of such schemes rests on the assumption
that given one frame, it is very hard (and possibly intractable)
to fuzz up the frame such that the parallax information doesn't
give away which camera shot the frame. Rather than hiding the
fingerprint information in the "low bits", this technique hides
the information throughout the picture.
In one sense, a 2D picture of a 3D object is similar to a one-
way hash function. It is a form of lossy compression on the 3D
object that is impractical to work backwards.
o Note that overwriting a fingerprint with random noise (or
whatever) does not generate a valid replacement fingerprint.
Therefore it would still be possible to tell that a document
had been tampered with (and was not a valid copy), even if
its provenance could not be determined.
o A number of people are working on "black box" viewer technology,
which would allow people to purchase documents that could only
be read on devices with tamper-resistant hardware in them that
would be required to decrypt media. Certainly much piracy could
be done by capturing the output of such a box (unless it was
embedded in a tamper-resistant chasis); there are some proposed
schemes for reducing the payoff of output capture, but they
depend on a similar approach to the movie fingerprinting idea
above -- the base data format is somehow richer, possibly capable
of generating different output under different circumstances or
on different hardware platforms, while the output of the black
box represents only one view of the base data.
Example: a base format for a 3D object is encrypted with a
public key resident in the "black box". Said black box also
includes a hardware 3D rendering engine. The output of the
black box consists of a series of 2D frames, which may make
it impractial to reproduce the base 3D object.
It is my considered opinion that this sort of technology will
meet with tremendous customer resistance, and will not prove
practical or cost-effective; many analysts are predicting a
trend toward more general purpose computers for media viewing
rather than towards specialized hardware that is needed for
this kind of approach.
o There are also some profound practical and legal problems with
the use of digital fingerprinting. For one thing, it involves
generating a unique copy of every document for each consumer.
After the digitial fingerprinting session at Crypto, a guy from
Microsoft was pointing out the incredible difficulties posed
by trying to fingerprint, say, every copy of Windows 95.
On the legal front, it's not clear what you can do to someone
even if you _can_ prove that the 100,000 pirate copies of Windows
95 circulating in Amsterdam stemmed from his copy. Machines get
hacked, co-workers and family members often have free access to
machines running software -- it's not clear that media companies
_want_ to invoke the paranoia associated with potential responsibility
for millions of dollars in damages if someone makes an illegal copy
of one's software and the loaves and fishes ensue. [Imagine what
great revenge this would make for jealous co-workers, ex-wives, etc.]