Catálogo de publicaciones - libros

Most people consider frequent software updates a nuisance. However, we show how this common phenomenon can be turned into a feature that protects against software piracy. We define a protocol for “drop-in” upgrades of software that renders a large class of software piracy more traceable. A novel feature of our approach is a technique by which we force the updates to occur, or else the software becomes decreasingly useful over time.

We propose a novel and robust hashing paradigm that uses iterative geometric techniques and relies on observations that main geometric features within an image would approximately stay invariant under small perturbations. A key goal of this algorithm is to produce sufficiently randomized outputs which are unpredictable, thereby yielding properties akin to cryptographic MACs. This is a key component for robust multimedia identification and watermarking (for synchronization as well as content dependent key generation). Our algorithm withstands standard benchmark (e.g Stirmark) attacks provided they do not cause severe perceptually significant distortions. As verified by our detailed experiments, the approach is relatively media independent and works for audio as well.

Piracy in digital content distribution systems is usually identified as the illegal reception of the material by an unauthorized (pirate) device. A well known method for discouraging piracy in this setting is the usage of a traitor tracing scheme that enables the recovery of the identities of the subscribers who collaborated in the construction of the pirate decoder (the traitors). An important type of tracing which we deal with here is “black-box traitor tracing” which reveals the traitors’ identity using only black-box access to the pirate decoder. The only existing general scheme which is successful in general black-box traitor tracing was introduced by Chor Fiat and Naor. Still, this scheme employs a pirate decoder model that despite its generality it is not intended to apply to all settings. In particular it is assumed that (1) the pirate decoder is “resettable”, i.e. the tracer is allowed to reset the pirate decoder to its initial state after each trial (but in many settings this is not possible: the pirate decoder is “history-recording”), and that (2) the pirate decoder is “available”, i.e. it does not employ an internal reactive mechanism that, say, disables the tracing process (such as shutting down) — we will call such reactive decoders “abrupt”.

In this work we discuss pirate-decoders of various types which we categorize according to their capabilities: resettable vs. history recording, and available vs. abrupt. These (crafty) pirate decoders of “enhanced capabilities” (compared to the model of Chor et al.) appear in many plausible piracy scenarios. We then present new (foxy) black-box traitor tracing schemes which cope with such pirate decoders. We present a generic black box traitor tracing technique against any abrupt/resettable decoder. This generic tracing method can be implemented readily in a linear ciphertext size traitor tracing scheme. By employing a new relaxation technique, which we call list-tracing, we describe a traitor tracing scheme with sublinear ciphertext size that is successful against abrupt/resettable pirate decoders. Finally, we present the first black-box traitor-tracing scheme and techniques that are successful against abrupt/history-recording pirate decoders (in the multimedia transmission setting).

Encryption is widely used to enforce usage rules for digital content. In many scenarios content is encrypted using a group key which is known to a group of users that are allowed to use the content. When users leave or join the group the group key must be changed. The LKH (Logical Key Hierarchy) algorithm is a very common method of managing these key changes. In this algorithm every user keeps a personal key composed of log keys (for a group of users). A key update message consists of (log) keys.

A major drawback of the LKH algorithm is that users must update their state whenever users join or leave the group. When such an event happens a key update message is sent to all users. A user who is offline during key updates, and which needs to learn the keys sent in these updates as well as update its personal key, should receive and process the key update messages, of total length (log) keys. In this paper we show how to reduce this overhead to a message of (log) keys. We also note that one of the methods that are used in this work to reduce the size of the update message can be used is other scenarios as well. It enables to generate pseudo-random keys of length bits each, such that any set of keys can be represented by a string log() · bits, without disclosing any information about the other keys.

We propose a -ary fingerprinting system for stored digital objects such as images, videos and audio clips. A fingerprint is a -ary sequence. The object is divided into blocks and each symbol of the fingerprint is embedded into one block. Colluders construct a pirate object by assembling parts from their copies. They can also erase some of the marks or cut out part of the object resulting in a shortened fingerprint with some unreadable marks. We give constructions of codes that can identify one of the colluders once a pirate object is found.

Internet-based distribution of mass-market content provides great opportunities for producers, distributors, and consumers, but it may seriously threaten users’ privacy. Some of the paths to loss of privacy are quite familiar (, mining of credit-card data), but some are new or much more serious than they were in earlier distribution regimes. We examine the contributions that digital-rights-management (DRM) technology can make to both compromising and protecting users’ privacy. We argue that the privacy-enhancing technology (, encryption, anonymity, and pseudonymity) that absorbs most of the attention of the security R&D community cannot by itself solve the privacy problems raised by DRM, although it can play a role in various solutions. Finally, we provide a list of “privacy engineering” principles for DRM systems, some of which are easy to implement and potentially quite effective.

This paper describes and analyzes a system architecture that enables consumers to access services and content from multiple providers without jeopardizing the privacy interests of consumers or the intellectual property rights of providers. In order to satisfy these highly desirable objectives, we argue for the necessity of a Trust Server that mediates the conferral and revocation of trust relationships between consumers and providers. The system also calls for the deployment of programmable security coprocessors at vulnerable sites requiring protection, namely at the Trust Server and at each consumer. We define the specific requirements of consumer-side Coprocessors, and their server-side counterparts denoted as Hardware Security Modules (HSMs). A single Coprocessor serves multiple providers by allocating to each of them a virtualized trusted computing environment for software execution and data manipulation. Bearing in mind that the tamper-resistance offered by Coprocessors is subject to more stringent economic pressures than that offered by HSMs, we include in our architecture containment capabilities that prevent compromised Coprocessors from causing damage disproportionate to their numbers. We explain the specific challenges faced with providing containment capabilities while protecting consumer privacy, given that a single Coprocessor must serve the needs of multiple providers. The simultaneous attainment of these goals is one of the highlights of our architecture.

MPEG has further progressed its specification for interoperable Intellectual Property Management and Protection (IPMP) to Committee Draft. This paper describes the MPEG IPMP Extensions as a mapping into an MPEG-4 player. In the future there will also be mappings to both MPEG-7 and MPEG-2. The concepts explained in this paper are to be the basis for content protection throughout the whole of the MPEG family of standards. Detailed within are the reasons for their implementation by MPEG, how these extensions integrate into the current MPEG-4 IM-1 IPMP ‘hooks’ and the functionality they add to the current standard.

We describe a software self-checking mechanism designed to improve the tamper resistance of large programs. The mechanism consists of a number of that redundantly test for changes in the executable code as it is running and report modifications. The mechanism is built to be compatible with copy-specific static watermarking and other tamper-resistance techniques. The mechanism includes several innovations to make it stealthy and more robust.

Protection of software code against illegitimate modifications by its users is a pressing issue to many software developers. Many software-based mechanisms for protecting program code are too weak (e.g., they have single points of failure) or too expensive to apply (e.g., they incur heavy runtime performance penalty to the protected programs). In this paper, we present and explore a methodology that we believe can protect program integrity in a more tamper-resilient and flexible manner. Our approach is based on a distributed scheme, in which protection and tamper-resistance of program code is achieved, not by a single security module, but by a network of (smaller) security units that work together in the program. These security units, or , can be programmed to do certain tasks (checksumming the program code is one example) and a network of them can reinforce the protection of each other by creating mutual-protection. We have implemented a system for automating the process of installing guards into Win32 executables. It is because our system operates on binaries that we are able to apply our protection mechanism to EXEs and DLLs. Experimental results show that memory space and runtime performance impacts incurred by guards can be kept very low (as explained later in the paper).