Download Copyright-Compliant Music Sharing in P2P Systems T. Kalker, DHJ

Music2Share – CopyrightCompliant Music Sharing in P2P
Systems
T. Kalker, D.H.J. Epema, P.H. Hartel, R.L.Lagendijk and M.V.
Steen, Proceedings of IEEE, vol. 92, no. 6, Jun. 2004
Presented by Peter
Introduction
An architecture called Music2Share (M2S) is proposed
in which secure content sharing and P2P networking
coexist
Explanations for the success of (illegal) music sharing
over the Internet


1.
2.
3.
4.
Free access (underlying reason is the price of legal music is too
high)
The choice of music on the major P2P networks is almost
unlimited
Consumers are no longer interested in complete CD albums,
but only in particular tracks
Fast connections to the Internet, which makes downloading
(and uploading) music more convenient
Introduction




Evidence for copy-right-compliant online music selling:
 iTunes – US$0.99 per track, the popularity of iTunes
shows that users are willing to pay for content if the
online music services is sufficiently compelling
Central-server based systems have the distinct
disadvantage of a bandwidth bottleneck at central
server(s)
Online music service is better put in practice by Altnet
(www.altnet.com), which operates as a sub-P2P
network under KaZaa (www.kazaa.com)
The authors believe that it is worthwhile and
challenging from both a technical and an economical
perspective to develop technologies that enable and
legal music sharing over the Internet
Points of Departure - fingerprinting





Used for audio identification
In the case of Napster, text-based methods was used – easily be
modified by ordinary users, not very successful in establishing
secure identification
Often based on psychoperceptual properties by representing the
perceptually most relevant aspects of music
In M2S, fingerprinting is used to identify and subsequently
replace low-quality files with high-quality ones.
Audio fingerprinting technologies are currently being offered by
several companies such as Audible Magic, Relatable, Shazam
and Philips
Points of Departure - decentralization



The authors seek fully decentralized solutions –
both for storing and accessing fingerprints
The nodes in P2P network maintain their
independence while providing the facilities for
efficiently routing search requests to the
appropriate nodes
The P2P approach has already been successfully
applied to building large-scale distributed storage
systems such as CFS [10], Past [11], and
OceanStore [12]
Points of Departure - problems
2 major problems

Current P2P systems do not support efficient contentbased searching
1.

Gnutella [13] do offer facilities for unstructured content-based
searching but at the price of a (much) lower performance
Current P2P systems lack security
2.



Do not offer payment, protection against unauthorized
access, guaranteed quality, etc
Only recently research has started on building secure P2P
networks
Initial attempts at commercial deployment of secure
anonymous P2P systems such as Earth Station Five
(www.es5.com)
Overview of M2S architecture
M2S Architecture – Content Management

Three types of content:

Public content



Private content



encrypted audio files
Distributed and replicated across the machines of the M2S
P2P network
Unencrypted audio files
Cannot be shared with other users
Nonauthorized content


Files that cannot be reliably authenticated
M2S strives to identify and authenticate these files by



External labeling (certificates)
Internal labeling (watermarking)
Recognition (fingerprinting)
M2S Architecture – Royalty Payment

Altnet (www.altnet.com)





Encourage users to download copyrighted files
More efficient content distribution
Audio files need to be encrypted
Difficult for a user to use the content on any other device
M2S


The users are able to use the audio content for private use
Reduce the chance of unauthorized spreading of the
content by identifying, tracking, and filtering as it flows over
the M2S network
M2S Architecture – Content
Authentication


M2S network consists of a classical P2P network
enhanced with a central trusted party (TP)
Public database:



TP



containing encrypted audio files
Assists the TP with establishing the identity and the quality
of audio files in the private databases
Authenticates audio files base upon their identification
Attaches digital certificate for payment of royalties
The M2S needs to establish the identity of audio
files, and link this identity to a license system with an
appropriate payment infrastructure
M2S Architecture – Content
Authentication

Three methods for the identification of audio
files



By authorized upload
By watermark
By fingerprint
M2S Architecture – Audio File Upgrading

M2S will automatically transfer the qualityassured file from the public database to the
user’s private database, when




A user is in legal possession of the music file
This file is not of the best quality
An equivalent quality-assured version exists at an
authorized server
How to prevent a user (illegally) obtaining a
bad-quality version of a song and using the
upgrade mechanism of M2S?
M2S Architecture – Audio File Upgrading



The authors claim that illegal trading on the
M2S network itself is extremely difficult on a
large scale
Small scale trading (e.g. email) cannot be
prevented
Large-scale illegal trading on other type of
network (KaZaa, Gnutella) cannot be
prevented unless by legal action
Discussion and Analysis – P2P analysis





KaZaa claims their software has been downloaded upwards of
230 million times
The fraction of traffic on U.S. Internet backbone due to Gnutella
in 2001 was about 1.2%
M2S aims to give its users guarantees that if a music file exists it
is found
M2S will need to consider the second-generation deterministic,
structured overlay networks that are based on distributed hash
table (DHTs)
Compare with existing P2P music-sharing protocol, M2S
deviates in two ways:
 An additional step for security (retrieving a decryption key)
 A distributed implementation of a fuzzy fingerprint search engine
Discussion and Analysis – Coding analysis



Watermark design emphasis on inaudibility and
security
Due to the use of quality-checking tools in M2S,
content-dependent watermarks are used
Challenge for M2S is reliable, lightweight, and
automated quality control of audio files



Degradation of the embedded watermark may be taken as
a rough quality tool
Error rate in fingerprint matching may serve as an indicator
of quality
Still an active topic of research for M2S
Discussion and Analysis – Protocol
analysis

M2S assumes:





The music producers and the server(s) form a
secure domain
The client is a secure application
Payment devices on the users’ machines are
secure
Communication between the clients and the
server(s) is secure
No security assumptions about the peers or the
users
M2S protocol overview
Scenario 1: Upload
1.
2.
3.
4.
5.
6.
A music producer chooses some music, negotiates a
watermark ID with the server, and upload it onto the server
The server calculates a certificate that will identify this
authorized music uniquely
An audio fingerprint is calculated
The server chooses an encryption key and encrypts the music
Appropriate peers store the encrypted music and certificates
for future reference
Other peers store (parts of) the fingerprints and pointers to the
associated certificate on the central server
Scenario 2a: Explicit Download
1.
2.
3.
4.
A user requests some music from a client by
metadata, by a watermark ID, or by a fingerprint
Assume the client receives a valid token from a
smart card or some other secure payment device
Client receives key from server and decrypts the
files
If forensic tracking is enable, the music is
watermarked with the identity of the client and the
embedding information is sent back to the user
Scenario 2b: Watermark Request
Download
1.
2.
3.
4.
5.
The user places some music without a certificate
on his disk that is derived from private content
Watermark is retrieved and send to the server
Retrieval of quality-checking data by the
watermark ID
Payment token is exchanged with the server
The file is replaced by a certified music file from
M2S network
Scenario 2c: Fingerprint Request
Download
1.
2.
3.
4.
5.
6.
The user places some music without a certificate
on his disk that is derived from private content
Fail to retrieve watermark ID
The client computes the fingerprints
Send a request for identification to the network
Retrieval of quality-checking data by the fingerprint
Rest of this scenario proceeds as Scenario 2b
Conclusion





A novel approach to music sharing on P2P network has been
sketched
From the viewpoint of the user:
 M2S will offer a music-sharing network with no technical
restriction on content that has been bought
 M2S will assist the user in managing and upgrading of his own
private content
From the point of viewpoint of the content owner:
 M2S offers an efficient music-distribution mechanism
 All music sharing on the network is controlled and payment are
guaranteed for all music trading
The basic technologies for the proposed architecture are
currently available
However, the application of these technologies in the proposed
music-sharing architecture still has to be worked out and refined