The invention relates to the protection of digital information. More particularly, the invention relates to a method for combining transfer functions with predetermined key creation.
Increasingly, commercially valuable information is being created and stored in xe2x80x9cdigitalxe2x80x9d form. For example, music, photographs and video can all be stored and transmitted as a series of numbers, such as 1""s and 0""s. Digital techniques let the original information be recreated in a very accurate manner. Unfortunately, digital techniques also let the information be easily copied without the information owner""s permission.
Because unauthorized copying is clearly a disincentive to the digital distribution of valuable information, it is important to establish responsibility for copies and derivative copies of such works. For example, if each authorized digital copy of a popular song is identified with a unique number, any unauthorized copy of the song would also contain the number. This would allow the owner of the information, such as a song publisher, to investigate who made the unauthorized copy. Unfortunately, it is possible that the unique number could be erased or altered if it is simply tacked on at the beginning or end of the digital information.
As will be described, known digital xe2x80x9cwatermarkxe2x80x9d techniques give creators and publishers of digitized multimedia content localized, secured identification and authentication of that content. In considering the various forms of multimedia content, such as xe2x80x9cmaster,xe2x80x9d stereo, National Television Standards Committee (NTSC) video, audio tape or compact disc, tolerance of quality will vary with individuals and affect the underlying commercial and aesthetic value of the content. For example, if a digital version of a popular song sounds distorted, it will be less valuable to users. It is therefore desirable to embed copyright, ownership or purchaser information, or some combination of these and related data, into the content in a way that will damage the content if the watermark is removed without authorization.
To achieve these goals, digital watermark systems insert ownership information in a way that causes little or no noticeable effects, or xe2x80x9cartifacts,xe2x80x9d in the underlying content signal. For example, if a digital watermark is inserted into a digital version of a song, it is important that a listener not be bothered by the slight changes introduced by the watermark. It is also important for the watermark technique to maximize the encoding level and xe2x80x9clocation sensitivityxe2x80x9d in the signal to force damage to the content signal when removal is attempted. Digital watermarks address many of these concerns, and research in the field has provided extremely robust and secure implementations.
What has been overlooked in many applications described in the art, however, are systems which closely mimic distribution of content as it occurs in the real world. For instance, many watermarking systems require the original un-watermarked content signal to enable detection or decode operations. These include highly publicized efforts by NEC, Digimarc and others. Such techniques are problematic because, in the real world, original master copies reside in a rights holders vaults and are not readily available to the public.
With much activity overly focused on watermark survivability, the security of a digital watermark is suspect. Any simple linear operation for encoding information into a signal may be used to erase the embedded signal by inverting the process. This is not a difficult task, especially when detection software is a plug-in freely available to the public, such as with Digimarc. In general, these systems seek to embed cryptographic information, not cryptographically embed information into target media content.
Other methods embed ownership information that is plainly visible in the media signal, such as the method described in U.S. Pat. No. 5,530,739 to Braudaway et al. The system described in Braudaway protects a digitized image by encoding a visible watermark to deter piracy. Such an implementation creates an immediate weakness in securing the embedded information because the watermark is plainly visible. Thus, no search for the embedded signal is necessary and the watermark can be more easily removed or altered. For example, while certainly useful to some rights owners, simply placing the symbol xe2x80x9cĈxe2x80x9d in the digital information would only provide limited protection. Removal by adjusting the brightness of the pixels forming the xe2x80x9cĈxe2x80x9d would not be difficult with respect to the computational resources required.
Other relevant prior art includes U.S. Pat. Nos. 4,979,210 and 5,073,925 to Nagata et al., which encodes information by modulating an audio signal in the amplitude/time domain. The modulations introduced in the Nagata process carry a xe2x80x9ccopy/don""t copyxe2x80x9d message, which is easily found and circumvented by one skilled in the art. The granularity of encoding is fixed by the amplitude and frequency modulation limits required to maintain inaudibility. These limits are relatively low, making it impractical to encode more information using the Nagata process.
Although U.S. Pat. No. 5,664,018 to Leighton describes a means to prevent collusion attacks in digital watermarks, the disclosed method may not actually provide the security described. For example, in cases where the watermarking technique is linear, the xe2x80x9cinsertion envelopexe2x80x9d or xe2x80x9cwatermarking spacexe2x80x9d is well-defined and thus susceptible to attacks less sophisticated than collusion by unauthorized parties. Over-encoding at the watermarking encoding level is but one simple attack in such linear implementations. Another consideration not made by Leighton is that commercially-valuable content may already exist in a unwatermarked form somewhere, easily accessible to potential pirates, gutting the need for any type of collusive activity. Digitally signing the embedded signal with preprocessing of watermark data is more likely to prevent successful collusion. Furthermore, a xe2x80x9cbaselinexe2x80x9d watermark as disclosed is quite subjective. It is simply described elsewhere in the art as the xe2x80x9cperceptually significantxe2x80x9d regions of a signal. Making a watermarking function less linear or inverting the insertion of watermarks would seem to provide the same benefit without the additional work required to create a xe2x80x9cbaselinexe2x80x9d watermark. Indeed, watermarking algorithms should already be capable of defining a target insertion envelope or region without additional steps. What is evident is the Leighton patent does not allow for initial prevention of attacks on an embedded watermark as the content is visibly or audibly unchanged.
It is also important that any method for providing security also function with broadcasting media over networks such as the Internet, which is also referred to as xe2x80x9cstreaming.xe2x80x9d Commercial xe2x80x9cplug-inxe2x80x9d products such as RealAudio and RealVideo, as well as applications by vendors VDONet and Xtreme, are common in such network environments. Most digital watermark implementations focus on common file base signals and fail to anticipate the security of streamed signals. It is desirable that any protection scheme be able to function with a plug-in player without advanced knowledge of the encoded media stream.
Other technologies focus solely on file-based security. These technologies illustrate the varying applications for security that must be evaluated for different media and distribution environments. Use of cryptolopes or cryptographic containers, as proposed by IBM in its Cryptolope product, and InterTrust, as described in U.S. Pat. Nos. 4,827,508, 4,977,594, 5,050,213 and 5,410,598, may discourage certain forms of piracy. Cryptographic containers, however, require a user to subscribe to particular decryption software to decrypt data. IBM""s InfoMarket and InterTrust""s DigiBox, among other implementations, provide a generalized model and need proprietary architecture to function. Every user must have a subscription or registration with the party which encrypts the data. Again, as a form of general encryption, the data is scrambled or encrypted without regard to the media and its formatting. Finally, control over copyrights or other neighboring rights is left with the implementing party, in this case, IBM, InterTrust or a similar provider.
Methods similar to these xe2x80x9ctrusted systemsxe2x80x9d exist, and Cerberus Central Limited and Liquid Audio, among a number of companies, offer systems which may functionally be thought of as subsets of IBM and InterTrust""s more generalized security offerings. Both Cerberus and Liquid Audio propose proprietary player software which is registered to the user and xe2x80x9clockedxe2x80x9d in a manner parallel to the locking of content that is distributed via a cryptographic container. The economic trade-off in this model is that users are required to use each respective companies"" proprietary player to play or otherwise manipulate content that is downloaded. If, as is the case presently, most music or other media is not available via these proprietary players and more companies propose non-compatible player formats, the proliferation of players will continue. Cerberus and Liquid Audio also by way of extension of their architectures provide for xe2x80x9cnear-CD qualityxe2x80x9d but proprietary compression. This requirement stems from the necessity not to allow content that has near-identical data make-up to an existing consumer electronic standard, in Cerberus and Liquid Audio""s case the so-called Red Book audio CD standard of 16 bit 44.1 kHz, so that comparisons with the proprietary file may not yield how the player is secured. Knowledge of the player""s file format renders its security ineffective as a file may be replicated and played on any common player, not the intended proprietary player of the provider of previously secured and uniquely formatted content. This is the parallel weakness to public key crypto-systems which have gutted security if enough plain text and cipher text comparisons enable a pirate to determine the user""s private key.
Many approaches to digital watermarking leave detection and decoding control with the implementing party of the digital watermark, not the creator of the work to be protected. A set of secure digital watermark implementations address this fundamental control issue forming the basis of key-based approaches. These are covered by the following patents and pending applications, the entire disclosures of which are hereby incorporated by reference: U.S. Pat. No. 5,613,004 entitled xe2x80x9cSteganographic Method and Devicexe2x80x9d and its derivative U.S. patent application Ser. Nos. 08/775,216, 08/587,944 entitled xe2x80x9cHuman Assisted Random Key Generation and Application for Digital Watermark System,xe2x80x9d U.S. patent application Ser. No. 08/587,943 entitled xe2x80x9cMethod for Stega-Cipher Protection of Computer Code,xe2x80x9d U.S. patent application Ser. No. 08/677,435 entitled xe2x80x9cOptimization Methods for the Insertion, Protection, and Detection of Digital Watermarks in Digitized Data,xe2x80x9d and U.S. patent application Ser. No. 08/772,222 entitled xe2x80x9cZ-Transform Implementation of Digital Watermarks.xe2x80x9d Public key crypto-systems are described in U.S. Pat. Nos. 4,200,770, 4,218,582, 4,405,829 and 4,424,414, the entire disclosures of which are also hereby incorporated by reference.
In particular, an improved protection scheme is described in xe2x80x9cMethod for Stega-Cipher Protection of Computer Code,xe2x80x9d U.S. patent application Ser. No. 08/587,943. This technique uses the key-based insertion of binary executable computer code within a content signal that is subsequently, and necessarily, used to play or otherwise manipulate the signal in which it is encoded. With this system, however, certain computational requirements, such as one digital player per digital copy of content, may be necessitated. For instance, a consumer may download many copies of watermarked content. With this technique, the user would also be downloading as many copies of the digital player program. While this form of security may be desirable for some applications, it is not appropriate in many circumstances.
Finally, even when digital information is distributed in encoded form, it may be desirable to allow unauthorized users to play the information with a digital player, perhaps with a reduced level of quality. For example, a popular song may be encoded and freely distributed in encoded form to the public. The public, perhaps using commonly available plug-in digital players, could play the encoded content and hear the music in some degraded form. The music may sound choppy, or fuzzy or be degraded in some other way. This lets the public decide, based on the available lower quality version of the song, if they want to purchase a key from the publisher to decode, or xe2x80x9cclean-up,xe2x80x9d the content. Similar approaches could be used to distribute blurry pictures or low quality video. Or even xe2x80x9cdegradedxe2x80x9d text, in the sense that only authenticated portions of the text can be determined with the predetermined key or a validated digital signature for the intended message.
In view of the foregoing, it can be appreciated that a substantial need exists for a method allowing encoded content to be played, with degraded quality, by a plug-in digital player, and solving the other problems discussed above.
The disadvantages of the art are alleviated to a great extent by a method for combining transfer functions with predetermined key creation. In one embodiment, digital information, including a digital sample and format information, is protected by identifying and encoding a portion of the format information. Encoded digital information, including the digital sample and the encoded format information, is generated to protect the original digital information.
In another embodiment, a digital signal, including digital samples in a file format having an inherent granularity, is protected by creating a predetermined key. The predetermined key is comprised of a transfer function-based mask set to manipulate data at the inherent granularity of the file format of the underlying digitized samples.
With these and other advantages and features of the invention that will become hereinafter apparent, the nature of the invention may be more clearly understood by reference to the following detailed description of the invention, the appended claims and to the several drawings attached herein.