JP2005033640A - Content distribution method or content tampering detection method - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide a tampering prevention method for preventing tampering of contents and metadata and unauthorized distribution of the contents and suitable, especially for moving image contents. <P>SOLUTION: An output value by a one-way function calculated regarding the metadata in which the output value by the one-way function of the contents is written is embedded so that it is visually changeless to the contents. <P>COPYRIGHT: (C)2005,JPO&NCIPI

Description

  The present invention relates to the distribution of content, and more particularly to the prevention of content tampering.

  In recent years, with the progress and popularization of information processing apparatuses such as personal computers and network technologies such as the Internet, various businesses using the Internet have been actively conducted. For example, it is a business such as publishing a product catalog on the Internet, receiving orders from all over the world, and delivering products for the order, and it can be used by many customers and it does not cost sales It is attracting attention as a leading sales channel in many industries.

  In the paid image content business, as with other businesses, it is important to build a paid image content sales system in order to increase the number of customers and reduce costs by using the Internet.

  When conducting a paid image content business using the Internet, image samples to be searched by the user and image data for sale of each image are stored on a server on the Internet, and the server receives an order from the user. Then, there is a method in which a user downloads a sales image corresponding to the order. By using this method, image providers can sell paid images simply by storing image samples to be sold and images for sale on a server on the Internet. Advantages of business using the Internet It became possible to enjoy.

  However, digitization of data has improved reusability and convenience, but it has become easier to process and copy content such as image data and audio data, preventing unauthorized copying of content, Major problems have emerged in terms of copyright protection, such as tampering.

  Against this background, digital watermarking technology for image data and audio data has been proposed for the purpose of preventing unauthorized copying. Digital watermark technology embeds watermark information in digital data to the extent that humans cannot perceive it, and metadata such as IDs uniquely assigned to content, purchaser IDs, and names of copyright holders are embedded. It is. Unauthorized use due to processing or duplication can be traced by these watermark information (see, for example, Patent Document 1).

In addition, for the purpose of preventing falsification of content, a proposal has been made to calculate a hash value that is an output value by a one-way function of content and record it in metadata. The metadata is created as a separate file in which the content and metadata are associated with each other from the file name, etc. separately from the content when written in an area that does not affect the playback of the content, such as the user area in the header part of the content. There is a case. In any case, when the content is falsified, it is possible to detect falsification by comparing the hash value of the falsified content with the hash value written in the metadata.
JP 2002-108851 A

  However, after the content is altered, the hash value of the content in the metadata is rewritten according to the content, that is, the metadata is also altered so that the content is not altered and distributed. It was not proposed to prevent fraud.

  The present invention has been made in view of the above-described background, and an object thereof is to prevent falsification of content and metadata and prevent illegal distribution of content.

  Another object of the present invention is to propose a tampering prevention method particularly suitable for moving image content.

  In order to achieve the above object, according to a first aspect of the present invention, an output value based on a one-way function calculated with respect to metadata in which an output value based on a one-way function of content is written is visually applied to the content. It is characterized by embedding so that there is no change.

According to a second aspect of the present invention, in the content distribution relating to a file represented as an aggregate of content A (n) (n = 1 to M) and metadata associated with the file,
Output by the unidirectional function for the embedded A (M) so that the output value by the unidirectional function for A (n) (n = 1 to M−1) is not visually changed with respect to the content A (n + 1). Write a value to the metadata,
Embedding the output value of the one-way function calculated for the metadata in which the output value of the one-way function for A (M) is written so that there is no visual change in the content A (1). It is characterized by.

According to a third aspect of the present invention, in the content distribution relating to metadata associated with a plurality of contents A (n),
Embed the output value of the one-way function for the content A (1) so as not to visually change the content A (2),
The output value by the one-way function for the content A (n) in which the output value by the one-way function for A (n−1) (n = 2 to M−1) is embedded is visually recognized for the content A (n + 1). Embedded so that there is no change,
Write an output value by a one-way function for A (M) to the metadata,
Embedding the output value of the one-way function calculated for the metadata in which the output value of the one-way function for A (M) is written so that there is no visual change in the content A (1). It is characterized by.

According to a fourth aspect of the present invention, there is provided an output value based on the one-way function of the metadata read from the digital watermark of the content, and a one-way function calculated from the metadata by an output value calculating means based on the one-way function. After comparing the output values according to and confirming the match, the output value of the content written in the metadata is compared with the output value calculated by the output value calculation means by the one-way function from the content from which the output value is removed It is characterized by doing.

According to a fifth aspect of the present invention, there is provided a file represented as an aggregate of contents A (n) (n = 1 to M, M is an integer of 2 or more), and the contents relating to metadata associated with the file A content alteration detection method in distribution,
A first comparison unit that compares an output value obtained by the one-way function of the metadata read from the content A (1) and an output value calculated by the output value calculation unit by the one-way function from the metadata;
When n = M, the output value of the content A (M) written in the metadata by the one-way function and the output value calculated by the output value calculation means by the one-way function from the content A (M) A second comparison means for comparing
When M is 3 or more, from n = 2 to M−1, the output value by the one-way function of the content A (n) written in the content A (n + 1) and the content A (n) Third comparison means for comparing the output value calculated by the output value calculation means by the one-way function;
When n = 1, the output value by the one-way function of the metadata written in the content A (n + 1) and the output value by the one-way function of the metadata written in the content A (n) are A fourth comparison means for comparing the output value calculated by the output value calculation means by the one-way function from the removed content A (n),
The content alteration detection is performed by at least one of the four comparison means.

  In more detail, the present invention can solve the above problems by the following configuration.

  (1) In the content distribution related to the content and the metadata associated with the content, the output value based on the one-way function calculated for the metadata in which the output value based on the one-way function of the content is written to the content. A content distribution method characterized by embedding such that there is no visual change.

  (2) A (n) (n = 1 to M−) in the content distribution related to a file represented as an aggregate of contents A (n) (n = 1 to M) and metadata associated with the file. The output value based on the one-way function for 1) is embedded in the content A (n + 1) so as not to change visually, the output value based on the one-way function for A (M) is written in the metadata, and A ( The output value based on the one-way function calculated for the metadata in which the output value based on the one-way function for M) is written is embedded in the content A (1) so that there is no visual change. Content distribution method.

  (3) A one-way function for the content A (1) in the content distribution relating to a file represented as an aggregate of the content A (n) (n = 1 to M) and metadata associated with the file The content in which the output value is embedded in the content A (2) so that there is no visual change and the output value by the one-way function for A (n−1) (n = 2 to M−1) is embedded. An output value based on the one-way function for A (n) is embedded so that there is no visual change with respect to the content A (n + 1), and an output value based on the one-way function for A (M) is written to the metadata. The output value by the one-way function calculated for the metadata in which the output value by the one-way function for A (M) is written is viewed with respect to the content A (1). Content distribution method characterized by embedding so as not to change.

  (4) In content distribution relating to content and metadata associated with the content, the output value based on the one-way function of the metadata in which the output value based on the one-way function of the content is written is visually displayed on the content A method of detecting falsification of the content embedded so that there is no change in an output value by a one-way function of the metadata read from the content, and an output value calculation means by a one-way function from the metadata After confirming the match by comparing the calculated output values, the output value based on the one-way function of the content written in the metadata and the output value based on the one-way function of the metadata are removed from the content. Content characterized by comparing output values calculated by means of output value calculation using a directionality function Residue detection method.

  (5) A content alteration detection method in the content distribution related to a file represented as an aggregate of content A (n) (n = 1 to M, M is an integer of 2 or more) and metadata associated with the file. A first comparison for comparing the output value obtained by the one-way function of the metadata read from the content A (1) with the output value calculated by the output value calculation unit using the one-way function from the metadata. And when n = M, the output value by the one-way function of the content A (M) written in the metadata and the output value calculation unit by the one-way function from the content A (M) are calculated. The second comparison means for comparing the output values, and when M is 3 or more, when n = 2 to M−1, the content written in the content A (n + 1) Third comparison means for comparing the output value by the unidirectional function of the content A (n) and the output value calculated by the output value calculation means by the unidirectional function from the content A (n); Is a content A obtained by removing the output value by the one-way function of the metadata written in the content A (n + 1) and the output value by the one-way function of the metadata written in the content A (n). And a fourth comparison means for comparing the output values calculated by the output value calculation means based on the one-way function from (n), and content alteration detection by at least one of the four comparison means. A content alteration detection method characterized by:

  As described above, according to the present invention, whether or not the content metadata itself is falsified first, and whether or not the content is falsified by comparing the content hash value written in the metadata with the hash value calculated from the content Therefore, the presence / absence of falsification of both the metadata and the content can be detected, and the content hash value in the metadata has been falsified, which is effective in preventing fraud that makes it appear as though the content has not been falsified.

  In addition, when tampering with metadata and content data is detected for the first time, the process proceeds to tampering and the detection flow is terminated, so that the time required for the detection flow can be shortened.

  Even in the case of a moving image file as an aggregate of frame data, it is possible to detect whether the metadata of the moving image file and each frame data are falsified. Further, there is an effect that the processing at the time of alteration such as stop or continuation of reproduction can be performed for each frame while verifying the presence or absence of alteration in each frame data.

  Preferred embodiments of the present invention will be described below with reference to the accompanying drawings.

  FIG. 1 is an example of a data format used in the content distribution method of the present invention. In FIG. 1, 11 is content such as images and music, and 12 is metadata (attribute data) representing the recording method, production date, copyright information, etc. of the content 11. The metadata 12 may be recorded together with the content 11 in the same file, or may be recorded as a separate file. In the former case, a portion corresponding to the metadata is extracted from the content 11 as indicated by a dotted line in the figure and is set as the metadata 12. In the latter case, the metadata 12 has a file name other than the file extension matched, or is archived by archive software or the like, and each file is associated with a browsing application. Reference numeral 13 denotes hash value calculation means for calculating the hash value of the content 11 or the metadata 12. This is included in a personal computer, a photographing device, a recording device, or the like, and calculates a hash value for the photographed or recorded content. A is a hash value of the content 11 calculated by the hash value calculation means 13, B is data in which the hash value A is recorded in the metadata 12, and C is a hash of the data B calculated by the hash value calculation means 13 It is a value and is embedded as a digital watermark into the content 11 by the hash value embedding unit 14.

  Here, the hash value is described. The hash value is an output value of the hash function h that is a one-way function, and the hash function is a compression function that hardly causes a collision. Here, the collision means that h (x1) = h (x2) for different input values x1 and x2. The compression function is a function for converting a bit string having an arbitrary bit length into a bit string having a fixed length.

  Therefore, the hash function is a function for converting a bit string having an arbitrary bit length into a bit string having a certain length, and x1 and x2 satisfying h (x1) = h (x2) cannot be easily found. Typical examples of the hash function include MD5 (Message Digest 5), SHA (Secure Hash Algorithm M), and the like. Since all of them are one-way functions, it is impossible to estimate the original text from the generated data. Therefore, if the hash value is the same for the two data, it can be seen that the data is the same. In other words, if the hash value calculated in advance for the content is known, after the content is made public and distributed, the hash value is calculated again, and the content is tampered with by comparing with the pre-calculated value. It can be detected whether or not

  A flowchart of a procedure for embedding a hash value in content in FIG. 2 will be described. In F21, the hash value of the content is calculated by the hash value calculation means. In F22, the calculated hash value 14 is recorded in the metadata 12 associated with the content 11. A hash value of the metadata 12 is calculated in F23, and the hash value is embedded in the content in F24.

  As for the embedding method, some technologies such as digital watermarking that embeds information in content add unrecoverable changes to the content, resulting in distortion and information loss. Therefore, it is necessary to select a recoverable method here. is there. For example, a new technique called “reversible data hiding” can be used in which information is concealed in contents developed by the University of Rochester and Xerox, and then extracted again. According to this method, original data is not distorted or information is not lost. In a reversible data hiding algorithm, an authorized recipient can retrieve data and recover the image exactly as it was before embedding the data.

  A flowchart for inspecting whether contents have been tampered with in FIG. 3 will be described.

  In F301, the hash value HM1 of metadata embedded in the content is read. In F302, the hash value HM2 is calculated by the hash value calculation means 13 for the metadata 12 related to the content 11. Next, in F303, the hash value HM1 read in F301 is compared with the hash value HM2 calculated in F302. The processing at the time of metadata alteration such as prohibition is performed, and this flow is finished. Even in the case where the hash value HM1 of the metadata cannot be read in F301, it is determined that the content has been tampered with, and this flow is terminated through the processing in F305.

  Next, if it matches in F306, it is determined that the metadata has not been tampered with. Next, the hash value HC1 of the content written in the metadata is read in F307. In F308, the hash value HM1 of the metadata embedded in the content is removed, and in H309, the hash value HC2 is calculated from the original content. In F310, the hash value HC1 read in F307 is compared with the hash value HC2 calculated in F309. If they do not match at F311, it is assumed that the content has been tampered with, and processing at the time of content tampering, such as prohibiting the reproduction or browsing of the content at F312 is performed, and this flow is terminated. If they match in F313, it is determined that the content has not been tampered with, and this flow is terminated.

[Other Embodiments of the Invention]
Next, a file in which a plurality of still image data are associated with one metadata file will be described as another embodiment of the invention. For example, it is a moving image file as an aggregate of frame data of several to several tens of frames (sheets) per second, or a file in which a plurality of still images are archived. Here is a definition of words to avoid confusion. For example, a moving image file is a collection of a plurality of frame data represented by extensions such as Mpeg and avi, and each piece of frame data can be handled as a still image content. Here, each still image content constituting the moving image file is represented by a matrix such as content A (n). Similarly, in a file in which a plurality of still images are archived, each still image content constituting the archive file can be represented by a matrix such as content A (n).

  Hereinafter, a process of embedding a hash value in each still image content constituting a moving image file according to the present invention will be described.

  FIG. 4 shows a hash value embedding block including data forming a moving image file and hash value calculation means for calculating a hash value with respect to the data. In the case of a video that is played back at a frame rate of 30 frames per second, for example, with M content data 41 and metadata 42 from A (1) to A (M), the video content has a playback time of M / 30 seconds. become. The metadata 42 records attribute information such as the title, date of creation, and copyright information of the moving image. 43 is a hash value calculation means. In the figure, a thin arrow represents a flow of data for reading the content data to the hash value calculation means, and a thick arrow represents a flow of embedding the hash value calculated by the hash value calculation means in the content data as a digital watermark. An arrow represents a flow of writing a hash value into metadata in a format such as text data.

  A flow for embedding a hash value in the content will be described with reference to FIG. First, this flow is started with n = 2. The hash value HC1 (n-1) of the content A (n-1) is calculated in F51, and the hash value HC1 (n-1) is embedded in the content A (n) as a digital watermark in F52. As the digital watermarking method, it is necessary to select a recoverable method such as “reversible data hiding” as described above. Next, if n and M are different in F53 by comparison, that is, if hash values are not embedded in all M contents, n is incremented by 1 in F54 and the process returns to F51 to return to content A (n) The hash value HC1 (n-1) of the previous content A (n-1) is embedded. Therefore, when n is 3 to M, the hash value HC1 (n-1) embedded in the content A (n) is different from the content A (n-1) in which the hash value HC1 (n-2) is embedded. Will be calculated.

  Next, the hash value HC1 (M) of the content A (M) is calculated in F55 and written in a predetermined location in the metadata in F56. In F57, a metadata hash value HL1 is calculated, and in F58, the metadata hash value HL1 is embedded in the content A (1).

  A flowchart for inspecting whether the content has been tampered with in FIGS. 6 and 7 will be described.

  In F601, the hash value HL1 of the metadata embedded in the content A (1) is read. In F602, the hash value HL2 is calculated by the hash value calculation means 43 for the metadata 42 associated with the content 41. Next, in F603, the hash value HL1 and the hash value HL2 are compared, and if they do not match in F604, it is determined that the metadata has been tampered with, and in F605, for example, metadata such as prohibiting playback and browsing of content is prohibited. Processing at the time of tampering is performed, and this flow is terminated. Even in the case where the hash value HL1 of the metadata cannot be read in F601, it is determined that the content has been tampered with, and this flow is terminated via F605.

  If the hash value HL1 matches the hash value HL2 in F606, it is determined that the metadata has not been tampered with. Next, in F607, the hash value HC1 (M) of the content A (M) written in the metadata is read. In F608, the hash value HC2 (M) is calculated by the hash value calculation means 43 for the content A (M). Next, in F609, the hash value HC1 (M) is compared with the hash value HC2 (M). If the content data does not match in F610, it is determined that the content data has been altered. The process at the time of content tampering such as performing is performed, and this flow is finished. In F607, when the hash value HC1 (M) of the metadata cannot be read, this flow is terminated because the content is falsified. Next, in F612, if the hash value HC1 (M) and the hash value HC2 (M) match, it is determined that the metadata has not been tampered with, and the process proceeds to the beginning (*) of FIG.

  If M is 3 or more in F701, the process proceeds to F702, and if it is less than 3, the process proceeds to F710. In F702, the hash value HC1 (M-1) of the content A (M-1) embedded in the content A (M) is read. In F703, the hash value HC2 (M-1) is calculated by the hash value calculation means 43 for the content A (M-1). Next, in F704, the hash value HC1 (M-1) and the hash value HC2 (M-1) are compared, and if they do not match in F705, the content A (M-1) has been falsified. The content A (M-1) tampering process such as prohibiting file reproduction in F706 is performed as a matter of reliability, and this flow ends. In F702, if the hash value HC1 (M-1) of the metadata cannot be read, the process proceeds to F706 because the content has been tampered with. Next, in F707, if the hash value HC1 (M-1) matches the hash value HC2 (M-1), it is determined that the content A (M-1) has not been tampered with.

  Next, in F708, 1 is subtracted from M. If M is 2 in F709, the process proceeds to F710, and otherwise returns to F702. In F710, the hash value HC1 (1) of the content A (1) embedded in the content A (2) is read. In F711, after removing the hash value HL1 of the metadata from the content A (1), the hash value HC2 (1) of the content A (1) is calculated in F712. In F712, the hash value HC1 (1) and the hash value HC2 (1) are compared, and if they do not match in F713, the content A (1) is falsified. That is, the content alteration processing such as prohibiting file reproduction in F706 is performed in order to apply the reliability of the content itself, and this flow is finished. In F710, if the hash value HC1 (1) of the content A (1) cannot be read, it is determined that the content has been tampered with and the process proceeds to F706. Next, in F716, if the hash value HC1 (1) and the hash value HC2 (1) match, it is determined that the metadata has not been tampered with, and this flow ends.

The figure which shows the Example of the data calculation method used with the content distribution method of this invention Flow chart of the procedure for embedding hash values in content Flow chart for checking whether content has been tampered with The figure which shows the other Example of the data calculation method used with the content distribution method of this invention. Flowchart of the procedure for embedding hash values in video content etc. Flow chart for checking whether the video content has been tampered with Flow chart for checking whether the video content has been tampered with

Explanation of symbols

11 Content 12 Metadata 13 Hash Value Calculation Means

Claims (5)

  In the content distribution related to the content and the metadata associated with the content, the output value based on the one-way function calculated for the metadata in which the output value based on the one-way function of the content is written is visually displayed on the content. Content distribution method characterized by embedding so that there is no change. In the content distribution relating to a file represented as an aggregate of content A (n) (n = 1 to M) and metadata associated with the file,
An output value by a one-way function for A (n) (n = 1 to M−1) is embedded so that there is no visual change with respect to the content A (n + 1),
Write an output value by a one-way function for A (M) to the metadata,
Embedding the output value of the one-way function calculated for the metadata in which the output value of the one-way function for A (M) is written so that there is no visual change in the content A (1). Content distribution method characterized by In the content distribution relating to a file represented as an aggregate of content A (n) (n = 1 to M) and metadata associated with the file,
Embed the output value of the one-way function for the content A (1) so as not to visually change the content A (2),
The output value by the one-way function for the content A (n) in which the output value by the one-way function for A (n−1) (n = 2 to M−1) is embedded is visually recognized for the content A (n + 1). Embedded so that there is no change,
Write an output value by a one-way function for A (M) to the metadata,
Embedding the output value of the one-way function calculated for the metadata in which the output value of the one-way function for A (M) is written so that there is no visual change in the content A (1). Content distribution method characterized by   In content distribution related to content and metadata associated with the content, the output value according to the one-way function of the metadata in which the output value according to the one-way function of the content is written is visually changed with respect to the content. A tamper detection method for the content embedded so as not to be output, the output value calculated by the one-way function of the metadata read from the content, and the output calculated by the output value calculation unit based on the one-way function from the metadata After confirming the match by comparing the values, the output value by the one-way function of the content written in the metadata and the one-way function from the content by removing the output value by the one-way function of the metadata Content alteration characterized by comparing output values calculated by output value calculation means Way out. A content alteration detection method in the content distribution related to a file represented as an aggregate of content A (n) (n = 1 to M, M is an integer of 2 or more) and metadata associated with the file,
A first comparison unit that compares an output value obtained by the one-way function of the metadata read from the content A (1) and an output value calculated by the output value calculation unit by the one-way function from the metadata;
When n = M, the output value of the content A (M) written in the metadata by the one-way function and the output value calculated by the output value calculation means by the one-way function from the content A (M) A second comparison means for comparing
When M is 3 or more, from n = 2 to M−1, the output value by the one-way function of the content A (n) written in the content A (n + 1) and the content A (n) Third comparison means for comparing the output value calculated by the output value calculation means by the one-way function;
When n = 1, the output value by the one-way function of the metadata written in the content A (n + 1) and the output value by the one-way function of the metadata written in the content A (n) are A fourth comparison means for comparing the output value calculated by the output value calculation means by the one-way function from the removed content A (n),
A content alteration detection method, wherein content alteration detection is performed by at least one of the four comparison units.

Images