Date post: | 29-Dec-2015 |
Category: |
Documents |
Upload: | christina-bond |
View: | 220 times |
Download: | 5 times |
G53SEC
1
Copyright and Privacy`
G53SEC
2
Today’s Lecture:
• Introduction
• Copyright
- Software, Books, Audio, Video
- DVD
- Information Hiding
• Privacy Mechanisms
- Content Hiding, Deniability
- Association Hiding, Deniability
- Other Issues
G53SEC
3
Introduction:
• At system level
- Copyright
- Censorship
- Privacy
Access Control Issues
G53SEC
4
Introduction:
• How is Copyright and Privacy linked?
• Unprotected resources:
- freely distributable
- no payment to creators
- any action to stop dissemination futile
• Protected resources:
- encrypted content
- decrypted using a key obtained from license server
- key bought using private information
G53SEC
5
Copyright:
• Obsession of the film, music and publishing industries
• It didn’t start with the internet
- Tax for blank tapes
- Royalties for books in libraries
- Introduction of photography
- fear of book publishers that their trade is doomed
G53SEC
6
Copyright:
• Past
- protected by cost of small scale duplication
- cheaper to buy than duplicate
- large scale duplication traceable
• Then
- cost barrier eroded by photocopiers, recorders
- basic economics not changed
G53SEC
7
Copyright:
• Now
- digital world is changing this
- copyright sometimes based on physical device
- most copyright control moving towards registration
- this however undermines privacy
G53SEC
8
Copyright - Software:
• Early software given away for free with hardware
• IBM setup sharing scheme (1960s)
• Software copyright not an issue
• Introduction of software packages
- Code either stolen or re-implemented
• Software birthmarks – features of how an implementation is done (e.g. Course-marker)
• Hardware identifiers – processor serial number
G53SEC
9
Copyright - Software:
• Time bomb
• Introduction of microcomputers – start of piracy
• Technological techniques
- dongle – physical device attached to pc
- copying resistant software – e.g. bad sector
- pc identification by hardware (Windows XP)
• Psychological techniques
- embedded company/user name
- stories of failures due to missing patches
- early Microsoft scare example
G53SEC
10
Copyright - Software:
• Industry moved to legal solutions
- to enforce
- to limit – time bombs illegal
• Industry now moving back to technical mechanisms
• e.g. License servers – like dongles
• Current model
- Combination of technical and legal measures
G53SEC
11
Copyright - Software:
• Latest development
Online registration:
- Keeps logs of everyone using the software
- Privacy implications
• Increasingly changes of business model apparent
• Free limited version (shareware, demos)
• Free version to universities (Unix)
• Free version to individuals
• Free software, paid service (Linux)
G53SEC
12
Copyright - Audio:
• Audio pirated much longer than software
• Cassettes
- tax, technical measures (spoiler tone)
- not a great problem due to loss of quality
• Digital Audio Tape
- Serial copy management system
- Recorders did not implement it
- Not widespread
G53SEC
13
Copyright - Audio:
• Recently a headline concern due to MP3
- previously digital audio too large
- MP3 compresses this into manageable size
- in 1998 40% of MIT traffic due to MP3 traffic
- no royalties paid to copyright owners
• Initially industry focused on technical fixes
- Alternative audio compression
- copyright protection mechanisms (DRM)
- but unsuccessfully
G53SEC
14
Copyright - Audio:
• Unsuccessful due to
- PC an open platform
- backward compatibility issues with hardware solutions
- Many CD’s already sold – effectively master disks
• Next step was to sue
- Web sites allowing MP3 sharing
- Sharing technologies attacked (Napster etc..)
G53SEC
15
Copyright - DVD:
• DVD must have a suitable copyright protection
• Regions introduced – broken first
• Content Scrambling System (CSS) introduced
• CSS known to be vulnerable at time of release
• Key too short (possibly due to U.S. export restrictions)
• CSS depended on algorithm kept secret
• Story - developers had 2 weeks for CSS
• CSS still in court
G53SEC
16
Copyright – Information Hiding:
• New DVD protection techniques developed
- copyright marking
• Based on information hiding
- a technique that enables data to be hidden in other data
• Copyright marks – marks hidden unobtrusively in digital video, audio and artwork
- Watermarks
- Steganography – message existence undetectable
G53SEC
17
Copyright – Information Hiding:
• Roots in Camouflage
• Greek Persian war - Tattoos on slave’s heads
• Francis Bacon (15th Century)
- binary message in books by alternating font
• Many consider information hiding more important than enciphering it – e.g. military, criminals
G53SEC
18
Copyright – Information Hiding:
• Embedding schemes
- Hiding message in the least significant bit
- Hide message at locations determined by key
- Modern version – hides message in .gif files
- Using characteristics of a media (e.g. echoes)
- Spread spectrum encoding
• Introduction of noise or distortion causes problems
- e.g. with lossy compression
G53SEC
19
Copyright – Information Hiding:
• Attacks on marking schemes:
- Many marks additive
- If all video frames carry same mark, averaging them yields the mark
- Steganalysis techniques exist
- Suitably chosen distortions
G53SEC
20
Privacy:
• Confidentiality
- Keeping information secret due to obligation to a third party
• Privacy
- Ability to control the dissemination of information about oneself
G53SEC
21
Privacy – Content Hiding:
• Hiding the content of messages
• example – Pretty Good Privacy (PGP)
• encryption only part of the solution
• Governments can request keys
• Encryption use may mark your message for traffic analysis
l
G53SEC
22
Privacy – Content Deniability:
• Destroying keys is not enough
• Existence of protected material sufficiently suspicious
• If message well hidden (steganography), no one knows of its existence
• Steganographic file systems exist
G53SEC
23
Privacy – Association Hiding:
• The fact that communication between two parties exists is enough to raise suspicion
• Criminals – emphasis on anonymous communication rather than encryption
• Legitimate uses - Anonymous helplines
- abuse victims
- whistleblowers
- police informants
G53SEC
24
Privacy – Association Hiding:
• Existing technologies
• Anonymous remailers
• Crowds – users group together and do web page forwarding for each other
• Anonymizing proxies – caches keep logs though
• Internet Café’s
• Web based e-mails
• Implementing high-quality anonymity is hard
• Also due to market demands for data
G53SEC
25
Summary:
• Copyright
• Privacy
• Anonymity