WO2009027902A2 - Apparatus and methods for transferring editable digital content - Google Patents

Apparatus and methods for transferring editable digital content Download PDF

Info

Publication number
WO2009027902A2
WO2009027902A2 PCT/IB2008/053351 IB2008053351W WO2009027902A2 WO 2009027902 A2 WO2009027902 A2 WO 2009027902A2 IB 2008053351 W IB2008053351 W IB 2008053351W WO 2009027902 A2 WO2009027902 A2 WO 2009027902A2
Authority
WO
WIPO (PCT)
Prior art keywords
entity
digital content
data
content
watermark
Prior art date
Application number
PCT/IB2008/053351
Other languages
French (fr)
Other versions
WO2009027902A3 (en
Inventor
Aweke N. Lemma
Minne Van Der Veen
Mehmet U Celik
Stefan Katzenbeisser
Original Assignee
Koninklijke Philips Electronics N.V.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Koninklijke Philips Electronics N.V. filed Critical Koninklijke Philips Electronics N.V.
Publication of WO2009027902A2 publication Critical patent/WO2009027902A2/en
Publication of WO2009027902A3 publication Critical patent/WO2009027902A3/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • G06F21/106Enforcing content protection by specific content processing
    • G06F21/1062Editing
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06TIMAGE DATA PROCESSING OR GENERATION, IN GENERAL
    • G06T1/00General purpose image data processing
    • G06T1/0021Image watermarking
    • G06T1/005Robust watermarking, e.g. average attack or collusion attack resistant
    • G06T1/0071Robust watermarking, e.g. average attack or collusion attack resistant using multiple or alternating watermarks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/20Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
    • H04N21/23Processing of content or additional data; Elementary server operations; Server middleware
    • H04N21/238Interfacing the downstream path of the transmission network, e.g. adapting the transmission rate of a video stream to network bandwidth; Processing of multiplex streams
    • H04N21/2389Multiplex stream processing, e.g. multiplex stream encrypting
    • H04N21/23892Multiplex stream processing, e.g. multiplex stream encrypting involving embedding information at multiplex stream level, e.g. embedding a watermark at packet level
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/45Management operations performed by the client for facilitating the reception of or the interaction with the content or administrating data related to the end-user or to the client device itself, e.g. learning user preferences for recommending movies, resolving scheduling conflicts
    • H04N21/462Content or additional data management, e.g. creating a master electronic program guide from data received from the Internet and a Head-end, controlling the complexity of a video stream by scaling the resolution or bit-rate based on the client capabilities
    • H04N21/4627Rights management associated to the content
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/60Network structure or processes for video distribution between server and client or between remote clients; Control signalling between clients, server and network components; Transmission of management data between server and client, e.g. sending from server to client commands for recording incoming content stream; Communication details between server and client 
    • H04N21/63Control signaling related to video distribution between client, server and network components; Network processes for video distribution between server and clients or between remote clients, e.g. transmitting basic layer and enhancement layers over different transmission paths, setting up a peer-to-peer communication via Internet between remote STB's; Communication protocols; Addressing
    • H04N21/633Control signals issued by server directed to the network components or client
    • H04N21/6332Control signals issued by server directed to the network components or client directed to client
    • H04N21/6334Control signals issued by server directed to the network components or client directed to client for authorisation, e.g. by transmitting a key
    • H04N21/63345Control signals issued by server directed to the network components or client directed to client for authorisation, e.g. by transmitting a key by transmitting keys
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/80Generation or processing of content or additional data by content creator independently of the distribution process; Content per se
    • H04N21/83Generation or processing of protective or descriptive data associated with content; Content structuring
    • H04N21/835Generation of protective data, e.g. certificates
    • H04N21/8358Generation of protective data, e.g. certificates involving watermark
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/80Generation or processing of content or additional data by content creator independently of the distribution process; Content per se
    • H04N21/85Assembly of content; Generation of multimedia applications
    • H04N21/854Content authoring
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N7/00Television systems
    • H04N7/16Analogue secrecy systems; Analogue subscription systems
    • H04N7/162Authorising the user terminal, e.g. by paying; Registering the use of a subscription channel, e.g. billing
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06TIMAGE DATA PROCESSING OR GENERATION, IN GENERAL
    • G06T2201/00General purpose image data processing
    • G06T2201/005Image watermarking
    • G06T2201/0064Image watermarking for copy protection or copy management, e.g. CGMS, copy only once, one-time copy

Definitions

  • the present invention relates to methods and apparatus suitable for transferring digital content between different entities.
  • Embodiments of the present invention are particularly suitable for, but not limited to, distributing digital content within a content creation process.
  • Digital content such as audio, video, text, data, multimedia files and the like, can be easily shared or distributed e.g. over a computer network. Digital content can be created in any one or more of a variety of content creation processes.
  • Digital content creation processes include pre-release professional content mastering, web-based content co-creation, and web-based artistic content exchange.
  • digital content is commonly passed through several rounds of censoring or editing stages, and may be accessed by multiple parties. It is desirable to deter (and preferably prevent) illegal leakage of digital content occurring during such content creation processes.
  • DRM Digital Rights Management
  • the first is “containment” where the content is encrypted, so that only an authorized user can access it.
  • the second is “marking” where a watermark is embedded within the content.
  • the watermark can be a forensic watermark e.g. a watermark related to the identity of a user.
  • the embedded watermark can be used to determine the identity of the particular user who has leaked or illegally distributed the content.
  • a forensic watermark could be embedded when it is sold (or otherwise transferred) to a consumer e.g.
  • Fig. 1 illustrates a schematic diagram of a watermarking application scheme for use in a content creation process.
  • the content creation process involves two stages (Stage 0 and Stage 1). Each stage represents a stage for editing, censoring or otherwise modifying the digital content. It is assumed that the content c initially received at Stage 0 is embedded with a watermark w 0 . The combined content plus watermark is indicated by c(w 0 ).
  • Stage 0 the content is processed (e.g. edited or censored).
  • an additional watermark Wi is added, such that when the content leaves Stage 0 (i.e. at point A), the content includes the watermark W 1 representative of that stage.
  • the content received (point B) at Stage 1 will contain both the initial watermark (w 0 ) and the watermark representative of Stage 0 (W 1 ).
  • a further watermark w 2 is added. Thus, when the content leaves Stage 1, then it will contains a watermark (w 2 ) representative of that stage, as well as with the initial watermark and the watermark representative of Stage 0.
  • each time the digital content is transferred to another stage e.g. user
  • an additional watermark is embedded within the content i.e. the watermarks are concatenated.
  • a disadvantage of this approach is that the addition of more than one watermark could lead to a degradation in the quality of the digital content e.g. a degradation in video image quality or audio quality.
  • there is an increasing likelihood of collision between the watermarks potentially rendering the watermarks undetectable or leading to ambiguous detection of the watermarks i.e. effectively rendering them useless.
  • US 6,741,991 describes a situation in which, when data content is copied and transferred to another user, the user data of that other user is entered as an electronic watermark.
  • US 6,741,991 describes a scheme in which the watermarks from each user are concatenated.
  • US 6,741,991 also describes an alternative scheme, in which the data content is only watermarked with the electronic watermark of the final user, which is used to overwrite the previous watermark. Whilst using a watermarking scheme in which watermarks can be easily overwritten does reduce the degradation in quality associated with concatenating watermarks, such fragile watermarks are generally not robust to most common processing attacks.
  • US 6,741,991 also describes how the data content can be encrypted in a separate step using a crypt key, for secure onward transmission to the other user. The other user must then obtain the relevant crypt key to decrypt the encrypted data content, following a validation step.
  • an alternative scheme for transferring data between users is to link a watermark of the content to a particular user by using a database stored on/by a Trusted Third Party (TTP). Each legal copy of the digital content would, in such a scenario, include a unique watermark.
  • TTP stores a database indicating the particular user associated with each watermark.
  • the first user could arrange to copy the digital content (or retain a copy of the digital content on his own device), as well as provide a copy of the digital content to the second user.
  • the database of the TTP would then be updated to reflect that the watermark embedded in the digital content now related to the second user, and so such an approach would not be able to detect if the first user illegally distributed the copy of the digital content.
  • the present invention provides a method of transferring digital content from a first entity to a second entity, comprising the steps of: the first entity storing content data comprising digital content embedded with a first watermark; the first entity transmitting structure data to a transfer control entity, the structure data being indicative of the structure of at least a portion of the content data; the transfer control entity selecting a transmission key in dependence upon the structure data; the transfer control entity transmitting the transmission key to the first entity; the first entity applying the transmission key to the content data to remove the first watermark from the digital content and encrypt the digital content; the first entity transmitting the encrypted digital content to a second entity; the transfer control entity transmitting a receive key to the second entity; and the second entity applying the receive key to the encrypted digital content to generate decrypted data comprising the decrypted digital content embedded with a second watermark.
  • Utilizing such a method allows the digital content to be securely distributed.
  • the entity possessing the digital content will either have the digital content in an encrypted form (i.e. it is not readily readable), or a form in which the digital content is decrypted but embedded with the relevant watermark.
  • a watermark can be a forensic watermark, indicative of the identity of the entity possessing the digital content.
  • the transmission key is selected in dependence upon the structure data, then even if the content has been modified by the first entity prior to transmission, the transmission key will remove the relevant first watermark remaining from the digital content and appropriately encrypt the digital content. If the transmission key was not selected based upon the structure data, then degradation of the digital content could occur e.g.
  • Said transmission key may be arranged to simultaneously remove the first watermark and encrypt the digital content, when applied to said content data.
  • Said receive key may be arranged to simultaneously decrypt the encrypted digital content and embed the second watermark in said digital content, when applied to the encrypted digital content.
  • the step of the transfer control entity selecting the transmission key may comprise the transfer control entity generating the transmission key using the structure data.
  • the step of the transfer control entity selecting the transmission key may comprise the transfer control entity modifying a predetermined source key to form the transmission key, the modifications being in dependence upon the structure data.
  • the method may further comprise the step of the transfer control entity selecting the receive key in dependence upon the structure data.
  • the selection of the receive key by the transfer control entity may comprise the transfer control entity generating the receive key using the structure data.
  • the step of the transfer control entity selecting the receive key may comprise the transfer control entity modifying a predetermined source receive key to generate the receive key, the modifications being in dependence upon the structure data.
  • the method may further comprise the steps of: the first entity storing initial content data comprising initial digital content embedded with an initial first watermark; and the first entity modifying the initial content data to form said content data.
  • Said structure data may comprise data indicative of the modifications performed to the initial content data by the first entity modifying said initial content data.
  • Said structure data may comprise data representative of the structure of at least a portion of the content data.
  • Said data may be representative of the location and number of sub-units forming said at least a portion of the content data.
  • the present invention provides a method of transmitting digital content, comprising the steps of: a first entity storing content data comprising digital content embedded with a first watermark; the first entity transmitting structure data to a transfer control entity, the structure data being indicative of the structure of at least a portion of the content data; the first entity receiving a transmission key related to the structure data from the transfer control entity; the first entity applying the transmission key to the content data to remove the first watermark from the digital content and encrypt the digital content; and the first entity transmitting the encrypted digital content to a second entity.
  • the present invention provides a method for controlling the transfer of digital content, comprising the steps of: a transfer control entity receiving structure data indicative of the structure of at least a portion of content data stored on a first entity; the transfer control entity selecting a transmission key in dependence upon the structure data; and the transfer control entity transmitting the transmission key to the first entity.
  • Said content data may comprise digital content embedded with a first watermark, and said transmission key may be arranged to simultaneously remove the first watermark and encrypt the digital content, when applied to said content data.
  • the method may further comprise the steps of: the transfer control entity selecting a receive key in dependence upon the structure data; and the transfer control entity transmitting the receive key to a second entity.
  • Said receive key may be arranged to simultaneously decrypt encrypted digital content and embed a second watermark in said digital content, when applied to said encrypted digital content.
  • the present invention provides a carrier medium carrying computer readable program code configured to cause a computer to carry out a method as described above.
  • the present invention provides an apparatus comprising means arranged to perform the method of the above.
  • the present invention provides a computer apparatus comprising: a program memory containing processor readable instructions; and a processor configured to read and execute instructions stored in said program memory, wherein said processor readable instructions comprise instructions configured to cause the computer to carry out a method as described above.
  • Fig. 1 is a schematic diagram of a content creation process including watermarking of the content
  • Fig. 2 is a schematic diagram of apparatus for transferring editable digital content between two entities, in accordance with an embodiment of the present invention
  • Fig. 3 is a schematic diagram indicating the processing steps associated with the embodiment illustrated in Fig. 2;
  • Fig. 4 is a schematic diagram indicating joint decryption and watermarking of editable content encrypted by a plurality of entities, in accordance with a further embodiment of the present invention.
  • Fig. 5 is a schematic diagram illustrating the joint encryption and watermark removal of editable content for transmission to a plurality of different entities, in accordance with another embodiment.
  • Embodiments of the present invention facilitate the transfer of editable digital content within content creation processes, whilst maintaining DRM, by ensuring that the digital content is always either in an encrypted form (e.g. it is masked, so it cannot be read), or is in a form in which the digital content is embedded with a forensic watermark.
  • the technique makes use of a TTP (Trusted Third Party) to provide an appropriate transmission key for encrypting the digital content for forensic watermark.
  • TTP Trusted Third Party
  • structure data indicative of the structure of at least a portion of the content data is transmitted to the TTP.
  • the TTP subsequently selects an appropriate transmission key in dependence upon the structure data.
  • the structure data can directly represent or describe the structure of the relevant portion of the content data.
  • the structure data could indicate the modifications that have been performed to said portion of the content data, assuming that the
  • TTP has a record of the structure of the initial or previous unedited relevant portion.
  • the structure data could include any one or more of the following, in relation to the relevant portion of the data content: total size of portion of data content, number of sub-units (e.g. segment, sub-segment or other unit) forming said portion, location of each sub-unit, duration of each sub-unit, size of each sub-unit, type of data or sub-unit (e.g. audio, picture or video), geometry of portion (e.g. relative arrangement of objects, parts or sub-units forming that portion).
  • number of sub-units e.g. segment, sub-segment or other unit
  • location of each sub-unit e.g. duration of each sub-unit
  • size of each sub-unit e.g. audio, picture or video
  • geometry of portion e.g. relative arrangement of objects, parts or sub-units forming that portion.
  • the TTP selects the transmission key in dependence upon the structure data, so as to ensure that the relevant portion of the content data (including the digital content embedded with a first watermark) is appropriately modified when the transmission key is applied.
  • the transmission key is selected such that it will remove the first watermark, and encrypt the digital content.
  • the transmission key could be generated by the TTP, based upon/using the structure data.
  • a source transmission key could be stored by the TTP suitable for modifying the initial (e.g. unedited) content data, and that source key modified by the
  • TTP based upon the structure data suitable for use with the (edited/modified) content data.
  • the TTP also supplies a second (receive) key for decrypting the digital content and embedding a second watermark.
  • the second watermark is indicative of the entity or censoring stage having received the encrypted digital content.
  • the receive key is also selected in dependence upon the structure data, so as to ensure that the data is appropriately decrypted and the second watermark added, without degrading the quality of the content data.
  • the receive key may be based upon a source receive key stored by the TTP, which is appropriately modified by the TTP based upon the structure data. Alternatively, the receive key could be generated by the TTP, using the structure data.
  • each key is arranged to perform its operation in a single process e.g. the transmission key is arranged to both encrypt the digital content and remove the first watermark from the digital content, in a single operation e.g. to perform both actions simultaneously.
  • TTP Trusted Third Party
  • first entity & second entity two entities
  • first entity & second entity two entities
  • Each computer/computational device would comprise a program memory storing processor readable instructions, and a processor configured to read and execute the stored instructions, so as to cause the computer to carry out the relevant method steps.
  • the digital content will take the form of audio, video, text, data or multimedia files or the like. In most instances (but not necessarily all), such data will be stored in a data file.
  • the device/computer (of at least each entity) would typically be arranged to display, play or edit the digital content, or store the digital content for download to a suitable display device or playing device, or editing device, or a combination of the aforesaid.
  • a computer could be arranged to both edit the audio file and play the audio file, as well as store the audio file for download to an MP3 player.
  • the TTP and first and second entities are each separate, discrete entities.
  • the transfer control entity (TTP) allows the secure transfer of digital content from the first entity to the second entity.
  • Each entity 50, 60, 70 can communicate with the other two entities.
  • the ability of each entity to communicate with the other two entities need not be continuous.
  • the transfer control entity (TTP 50) can be a server, connected to one or more communications networks.
  • Each network can comprise a computer network, such as the Internet or an Intranet.
  • the first and second entities (which could correspond to first and second users or groups of users) 60, 70 can be personal computers, or mobile devices such as mobile phones, media players, Personal Digital Assistants etc.
  • Each of the first and second entities is connectable to the same communications network (e.g. the Internet) as the transfer control entity.
  • both the first and second entities can only communicate with the transfer control entity over one or more communications networks.
  • the first entity can also communicate with the second entity (e.g. send digital content), over a communications link.
  • This could be a communications link over a communications network, or it could be a direct link between the two entities such as a wireless link (e.g. a Bluetooth link or an Infrared link) or a wired link (e.g. a cable connecting the two entities together).
  • the first entity 60 includes a memory 62
  • the second entity 70 includes a memory 72.
  • the memory 62, 72 are arranged to store the relevant digital content, as well as the relevant keys for encrypting/decrypting the digital content.
  • the first entity 60 is arranged to perform the first stage of an editing process (Stage 1)
  • the second entity 70 is arranged to perform the second stage (Stage 2) of an editing process.
  • Stage 1 the first stage of an editing process
  • Stage 2 the second stage of an editing process.
  • Each stage could correspond to the editing performed by a single user, or by a group of users.
  • the first entity receives encrypted digital content E(c 0 ).
  • the initial digital content Co could be encrypted by the use of an additive (including subtractive) function r 0 e.g.
  • the digital content received by the first entity 60 (which performs stage 1 of the editing process) is made of a concatenation of, for example, four sub-segments or sub-units, such that the encrypted content is given by:
  • Ci W u + W 1 U C Q v + W l v C OjW + W ljW C 0 x + W 1 x ] [4]
  • W 1 , n represents the sub-segments of the first watermark W 1 .
  • the initial content data C 1 may be edited to form the content data c'i.
  • the editing process may result in removal or amendment of different segments of the initial content data C 1 to form edited content data C 1 ' and remaining portion(s) (W 1 ') of the watermark W 1 .
  • the segments of the initial content data C 1 indicated in equation [4] may be modified, with the second segment being removed, and the fourth segment being replaced by another piece of content c' liX .
  • the resulting watermarked edited content data (C 1 ' + W 1 ') could be expressed as: [C 0111 -I- W 111 , c OiW + w Uw [5]
  • the structure data S(C 1 ') (e.g. geometric information such as the positions and durations of the omitted and/or inserted segments) of c'i is determined by the first entity 60, and sent from the first entity 60 to the TTP 50.
  • the TTP 50 selects a transmission key Ic 1 for use in removing the first watermark (or any portions of the first watermark remaining) from the digital content and simultaneously encrypting the digital content.
  • This transmission key ki could be generated by the TTP 50 based upon the structure data S(C 1 ').
  • a predetermined source key (e.g. corresponding to the transmission key anticipated as being necessarily based upon the initial content data Ci) could be stored or generated within the TTP 50.
  • the TTP 50 might then modify that source transmission key ki" to form the transmission key ki for use in applying to the (edited) content data, based upon the structure data S(C 1 ').
  • a suitable source transmission key ki"could be:
  • the TTP 50 would then transmit the transmission key ki to the first entity 60.
  • the TTP 50 would also select a suitable receive key k 2 for transmission to the second entity 70 e.g.
  • the received key k 2 could either be generated directly using the structure data S(C 1 ') or by modifying a corresponding source receive key based upon the structure data so as to form the receive key k 2 .
  • the TTP 50 would then transmit the receive key k 2 to the second entity 70.
  • the transmission key ki is applied to the (watermarked) content data (C 1 ' + W 1 '), resulting in the removal of the (remaining portions of the) watermark, and encryption of the digital content.
  • the encrypted digital content E(C 1 ') is generated by subtracting the transmission key from the watermarked content data e.g.
  • the encrypted digital content is subsequently transmitted from the first entity 60 to the second entity 70.
  • the second entity 70 will then apply the decryption key k 2 to the encrypted digital content, to generate/decrypt the encrypted content to form the data content C 2 comprising the decrypted digital content C 1 ' embedded with a second watermark w 2 i.e.
  • the second entity 70 has received an appropriately watermarked copy of the digital content i.e. with a second watermark embedded, corresponding to the identity of the second entity.
  • the first watermark W 1 will allow tracking of the leaked content back to that stage- entity.
  • the second watermark w 2 associated with that stage/entity would allow backtracking of the leak to that entity/stage.
  • the process can of course be repeated for each subsequent stage, with appropriate structure data being sent to a TTP 70 (or other control entity) for selection of the appropriate transmission and receive keys for transmission and receipt of the content between each stage or entity.
  • the letter r (e.g. r 0 , x ⁇ or r 2 ) has been used to represent the functions used to encrypt the digital content.
  • Each function r could represent any masking function (including a random noise signal or function), which when applied to the digital content, prevents the reading of the resulting marked digital content.
  • the digital content represents an audio stream or signal
  • the encryption r could represent any signal to mask the audio signal, and prevent a listener from hearing (or at least hearing clearly) the desired digital content when played.
  • the digital content is encrypted using random noise i.e. r is a random noise function, so as to inhibit the ability of an attack to remove the encryption/masking of the digital content.
  • the digital content is encrypted using a one time pad (OTP).
  • An OTP is an encryption algorithm where the plain text (e.g. the audio signal) is combined with a random key or "pad” that is as long as the plain text, and used only once. If the random key (r) is truly random, never re-used, and kept secret, the OTP is theoretically unbreakable.
  • Such a technique as described in that document can be utilized in embodiments of the present invention (e.g. to encrypt video or multi-media signals), but with the additional concept that the key used to encrypt/mask the digital content is also arranged to remove a watermark (which can be robust and/or invisible) embedded within the digital content. This removal of the embedded watermark is important, as it facilitates secure sharing of digital content.
  • the method has been described with respect to additive forensic watermarks. It should be appreciated that forensic watermarks need not be utilized. Equally, it should be appreciated that the watermarks need not be additive or subtractive watermarks - the invention could be implemented using any watermark scheme (e.g. multiplicative or other) that allows the watermark to be embedded, and subsequently removed. Further, the above method describes how digital content may be embedded with a watermark, the content subsequently encrypted (using the transmission key), and then decrypted (using the receive key), to generate decrypted data comprising the decrypted digital content embedded with the second watermark. It should be appreciated that such operations need not be applicable to all of the content.
  • the first entity may apply the transmission key to the content data so as to only encrypt a portion of the digital content.
  • the second entity may apply the receive key to the encrypted digital content to generate decrypted data, only a portion of which is embedded with a second watermark.
  • a watermark is embedded by modifying the envelope of the host signal.
  • the article describes how the general methodology of joint watermarking and decryption can be applied to MPEG-2 compressed streams. Embodiments of the present invention may utilize such a methodology applied to video streams, such as MPEG-2.
  • the invention may equally be implemented in situations in which there are multiple inputs to a Stage (or entity) of encrypted content (e.g. from a plurality of other stages or entities), and/or there are multiple outputs of encrypted content sent by a Stage (e.g. to a plurality of other stages or entities).
  • the function or value (r) used to encrypt each digital content is different from the other values/functions used to encrypt the other digital content.
  • each value or function e.g. r,
  • the relative transmit and receive keys will be selected by the transfer control entity using the relevant structure data.
  • Fig. 4 shows an arbitrary stage k receiving (M + 1) different inputs, each input from a different entity.
  • M + 1 different inputs
  • Each of the different inputs is assumed to come from a different entity within a preceding stage of the editing process e.g. from stage (k-1).
  • the encrypted digital content of each input can be generalized as:
  • j is an integer
  • j 0 to M
  • each j indicating a different entity from which data is received in stage k - 1
  • c k l j is the digital content from entity j
  • r is the function used to encrypt the digital content from entity j.
  • Each of the received encrypted digital content E(c k l j ) is then decrypted at stage k using a respective receive key k k j i.e.
  • W k is the digital watermark used to watermark each digital content within stage k.
  • each watermarked digital content is of the form:
  • the entity k can process any and all of these digital content (e.g. it may average out the different digital content c k j , or edit or merge any number of the different content) to form a single edited digital content c k with a corresponding watermark w'k.
  • An appropriate transmit key (rk + w'k) may then be applied to the edited watermarked content, so as to remove the watermark and simultaneously encrypt the content e.g. to form the encrypted digital content for transmission from stage k:
  • an entity at a certain stage (k) can send multiple encrypted contents to multiple other entities/stages in the pool.
  • each of the multiple encrypted contents is encrypted using a different value or function (r) e.g. each value of r or function of r is randomly chosen.
  • r a different value or function
  • the encrypted digital content from stage (k-1) is then decrypted using an appropriate key (r k l + Wk), to form the watermark digital content:
  • the watermarked digital content is then edited, to form the edited watermark digital content (c k + w'k), where w'k is the edited watermark portion. It is desirable to send the edited content to a plurality (M + 1) different entities or stages. It is further desirable to ensure that the digital content is encrypted as it is transmitted to each entity/stage, preferably with a different respective encryption function (r k ). Consequently, so as to simultaneously remove the watermark and encrypt the digital content for transmission to the (M + 1) different entities, (M + 1) different transmission keys k, are generated, where:
  • each j 0 to M, each j representing a different entity, and r, is the encryption function for the j th entity.
  • a first entity stores content data (C 1 ') comprising digital content embedded with a first watermark (W 1 ').
  • the first entity transmits structure data (S(C 1 ')) to a transfer control entity (50), the structure data being indicative of the structure of at least a portion of the content data.
  • the transfer control entity selects a transmission key (Ic 1 ) in dependence upon the structure data, and transmits the transmission key to the first entity.
  • the first entity applies the transmission key to the content data to remove the first watermark from the digital content and encrypt the digital content.
  • the first entity transmits the encrypted digital content (E(C 1 ')) to a second entity (70).
  • the transfer control entity transmits a receive key (k 2 ) to the second entity.
  • the second entity applies the receive key to the encrypted digital content to generate decrypted data (c 2 ) comprising the decrypted digital content embedded with a second watermark (w 2 ).

Abstract

The present invention relates to methods and apparatus for transfer of editable digital content. A first entity (60) stores content data (C1 ') comprising digital content embedded with a first watermark (W1 '). The first entity transmits structure data (S(c1 ')) to a transfer control entity (50), the structure data being indicative of the structure of at least a portion of the content data. The transfer control entity selects a transmission key (k1) in dependence upon the structure data, and transmits the transmission key to the first entity. The first entity applies the transmission key to the content data to remove the first watermark from the digital content and encrypt the digital content. The first entity transmits the encrypted digital content (E(c1 ')) to a second entity (70). The transfer control entity transmits a receive key (k2) to the second entity. The second entity applies the receive key to the encrypted digital content to generate decrypted data (c2) comprising the decrypted digital content embedded with a second watermark (w2).

Description

Apparatus and methods for transferring editable digital content
FIELD OF THE INVENTION
The present invention relates to methods and apparatus suitable for transferring digital content between different entities. Embodiments of the present invention are particularly suitable for, but not limited to, distributing digital content within a content creation process.
BACKGROUND OF THE INVENTION
Digital content, such as audio, video, text, data, multimedia files and the like, can be easily shared or distributed e.g. over a computer network. Digital content can be created in any one or more of a variety of content creation processes.
Digital content creation processes include pre-release professional content mastering, web-based content co-creation, and web-based artistic content exchange. In such content creation processes, digital content is commonly passed through several rounds of censoring or editing stages, and may be accessed by multiple parties. It is desirable to deter (and preferably prevent) illegal leakage of digital content occurring during such content creation processes.
DRM (Digital Rights Management) technology has been developed with a view to restricting the illicit sharing or distribution of digital content. DRM restrictions are typically implemented in two ways. The first is "containment" where the content is encrypted, so that only an authorized user can access it. The second is "marking" where a watermark is embedded within the content. The watermark can be a forensic watermark e.g. a watermark related to the identity of a user. Thus, if the content is illegally leaked, the embedded watermark can be used to determine the identity of the particular user who has leaked or illegally distributed the content. For example, a forensic watermark could be embedded when it is sold (or otherwise transferred) to a consumer e.g. by the server of the seller embedding the watermark prior to transferring the digital content to the client of the consumer. Thus, each consumer of the content embedded with a different respective watermark. Although the use of forensic watermarks in server-client architectures appears to be relatively straightforward, it is not trivial to translate these principles to content co- creation cases. One of the main reasons for this is that as content is transferred between the different parties, the forensic mark needs to be updated accordingly. Fig. 1 illustrates a schematic diagram of a watermarking application scheme for use in a content creation process.
The content creation process involves two stages (Stage 0 and Stage 1). Each stage represents a stage for editing, censoring or otherwise modifying the digital content. It is assumed that the content c initially received at Stage 0 is embedded with a watermark w0. The combined content plus watermark is indicated by c(w0). During Stage 0 the content is processed (e.g. edited or censored). Prior to onwards transmission, an additional watermark Wi is added, such that when the content leaves Stage 0 (i.e. at point A), the content includes the watermark W1 representative of that stage. Thus, the content received (point B) at Stage 1 will contain both the initial watermark (w0) and the watermark representative of Stage 0 (W1). Similarly, after processing in Stage 1, a further watermark w2 is added. Thus, when the content leaves Stage 1, then it will contains a watermark (w2) representative of that stage, as well as with the initial watermark and the watermark representative of Stage 0.
In such a system, each time the digital content is transferred to another stage (e.g. user), an additional watermark is embedded within the content i.e. the watermarks are concatenated. A disadvantage of this approach is that the addition of more than one watermark could lead to a degradation in the quality of the digital content e.g. a degradation in video image quality or audio quality. Additionally, as successive watermarks are added, there is an increasing likelihood of collision between the watermarks, potentially rendering the watermarks undetectable or leading to ambiguous detection of the watermarks i.e. effectively rendering them useless.
US 6,741,991 describes a situation in which, when data content is copied and transferred to another user, the user data of that other user is entered as an electronic watermark. US 6,741,991 describes a scheme in which the watermarks from each user are concatenated. However, US 6,741,991 also describes an alternative scheme, in which the data content is only watermarked with the electronic watermark of the final user, which is used to overwrite the previous watermark. Whilst using a watermarking scheme in which watermarks can be easily overwritten does reduce the degradation in quality associated with concatenating watermarks, such fragile watermarks are generally not robust to most common processing attacks. To prevent leakage of data content, US 6,741,991 also describes how the data content can be encrypted in a separate step using a crypt key, for secure onward transmission to the other user. The other user must then obtain the relevant crypt key to decrypt the encrypted data content, following a validation step. Instead of updating the watermark, an alternative scheme for transferring data between users is to link a watermark of the content to a particular user by using a database stored on/by a Trusted Third Party (TTP). Each legal copy of the digital content would, in such a scenario, include a unique watermark. The TTP stores a database indicating the particular user associated with each watermark. In such a scheme, when a copy of the digital content is moved from a first user to a second user, instead of updating the watermark, the database entry of the relevant watermark at the Trusted Third Party is updated to indicate that the relevant watermark now relates to content possessed by the second user, rather than the first user. Whilst this system does overcome the disadvantages of collision between different watermarks, and is unlikely to result in degradation of the quality of the digital content, it is open to abuse.
For example, the first user could arrange to copy the digital content (or retain a copy of the digital content on his own device), as well as provide a copy of the digital content to the second user. The database of the TTP would then be updated to reflect that the watermark embedded in the digital content now related to the second user, and so such an approach would not be able to detect if the first user illegally distributed the copy of the digital content.
SUMMARY OF THE INVENTION
It is an aim of embodiments of the present invention to address one or more problems of the prior art, whether identified herein or otherwise. It is an aim of particular embodiments of the present invention to provide an improved system for transferring editable digital content between different entities, such as may be used in content creation processes.
In a first aspect, the present invention provides a method of transferring digital content from a first entity to a second entity, comprising the steps of: the first entity storing content data comprising digital content embedded with a first watermark; the first entity transmitting structure data to a transfer control entity, the structure data being indicative of the structure of at least a portion of the content data; the transfer control entity selecting a transmission key in dependence upon the structure data; the transfer control entity transmitting the transmission key to the first entity; the first entity applying the transmission key to the content data to remove the first watermark from the digital content and encrypt the digital content; the first entity transmitting the encrypted digital content to a second entity; the transfer control entity transmitting a receive key to the second entity; and the second entity applying the receive key to the encrypted digital content to generate decrypted data comprising the decrypted digital content embedded with a second watermark.
Utilizing such a method allows the digital content to be securely distributed. The entity possessing the digital content will either have the digital content in an encrypted form (i.e. it is not readily readable), or a form in which the digital content is decrypted but embedded with the relevant watermark. Such a watermark can be a forensic watermark, indicative of the identity of the entity possessing the digital content. Further, as the transmission key is selected in dependence upon the structure data, then even if the content has been modified by the first entity prior to transmission, the transmission key will remove the relevant first watermark remaining from the digital content and appropriately encrypt the digital content. If the transmission key was not selected based upon the structure data, then degradation of the digital content could occur e.g. application of the transmission key might attempt to remove a portion of the watermark that had already been deleted by the first entity during an editoring or censoring process, and instead resulting in degradation of the remaining content. Thus, such a method facilitates the content creation process, whilst both allowing the secure updating of the relevant watermark, and minimizing the likelihood of signal degradation due to watermark collision or editing of the digital content.
Said transmission key may be arranged to simultaneously remove the first watermark and encrypt the digital content, when applied to said content data.
Said receive key may be arranged to simultaneously decrypt the encrypted digital content and embed the second watermark in said digital content, when applied to the encrypted digital content.
The step of the transfer control entity selecting the transmission key may comprise the transfer control entity generating the transmission key using the structure data.
The step of the transfer control entity selecting the transmission key may comprise the transfer control entity modifying a predetermined source key to form the transmission key, the modifications being in dependence upon the structure data.
The method may further comprise the step of the transfer control entity selecting the receive key in dependence upon the structure data.
The selection of the receive key by the transfer control entity may comprise the transfer control entity generating the receive key using the structure data. The step of the transfer control entity selecting the receive key may comprise the transfer control entity modifying a predetermined source receive key to generate the receive key, the modifications being in dependence upon the structure data.
The method may further comprise the steps of: the first entity storing initial content data comprising initial digital content embedded with an initial first watermark; and the first entity modifying the initial content data to form said content data.
Said structure data may comprise data indicative of the modifications performed to the initial content data by the first entity modifying said initial content data.
Said structure data may comprise data representative of the structure of at least a portion of the content data.
Said data may be representative of the location and number of sub-units forming said at least a portion of the content data.
In a second aspect, the present invention provides a method of transmitting digital content, comprising the steps of: a first entity storing content data comprising digital content embedded with a first watermark; the first entity transmitting structure data to a transfer control entity, the structure data being indicative of the structure of at least a portion of the content data; the first entity receiving a transmission key related to the structure data from the transfer control entity; the first entity applying the transmission key to the content data to remove the first watermark from the digital content and encrypt the digital content; and the first entity transmitting the encrypted digital content to a second entity.
In a third aspect the present invention provides a method for controlling the transfer of digital content, comprising the steps of: a transfer control entity receiving structure data indicative of the structure of at least a portion of content data stored on a first entity; the transfer control entity selecting a transmission key in dependence upon the structure data; and the transfer control entity transmitting the transmission key to the first entity.
Said content data may comprise digital content embedded with a first watermark, and said transmission key may be arranged to simultaneously remove the first watermark and encrypt the digital content, when applied to said content data.
The method may further comprise the steps of: the transfer control entity selecting a receive key in dependence upon the structure data; and the transfer control entity transmitting the receive key to a second entity.
Said receive key may be arranged to simultaneously decrypt encrypted digital content and embed a second watermark in said digital content, when applied to said encrypted digital content. In a fourth aspect, the present invention provides a carrier medium carrying computer readable program code configured to cause a computer to carry out a method as described above.
In a fifth aspect, the present invention provides an apparatus comprising means arranged to perform the method of the above.
In a sixth aspect, the present invention provides a computer apparatus comprising: a program memory containing processor readable instructions; and a processor configured to read and execute instructions stored in said program memory, wherein said processor readable instructions comprise instructions configured to cause the computer to carry out a method as described above.
BRIEF DESCRIPTION OF THE DRAWINGS
Embodiments of the present invention will now be described, by way of example only, with reference to the accompanying drawings, in which: Fig. 1 is a schematic diagram of a content creation process including watermarking of the content;
Fig. 2 is a schematic diagram of apparatus for transferring editable digital content between two entities, in accordance with an embodiment of the present invention;
Fig. 3 is a schematic diagram indicating the processing steps associated with the embodiment illustrated in Fig. 2;
Fig. 4 is a schematic diagram indicating joint decryption and watermarking of editable content encrypted by a plurality of entities, in accordance with a further embodiment of the present invention; and
Fig. 5 is a schematic diagram illustrating the joint encryption and watermark removal of editable content for transmission to a plurality of different entities, in accordance with another embodiment.
DETAILED DESCRIPTION OF THE EMBODIMENTS
Embodiments of the present invention facilitate the transfer of editable digital content within content creation processes, whilst maintaining DRM, by ensuring that the digital content is always either in an encrypted form (e.g. it is masked, so it cannot be read), or is in a form in which the digital content is embedded with a forensic watermark. The technique makes use of a TTP (Trusted Third Party) to provide an appropriate transmission key for encrypting the digital content for forensic watermark. The TTP thus acts as a transfer control entity.
As the digital content (and potentially the watermark) may be modified during an editing process (e.g. by a first user or group of users), structure data indicative of the structure of at least a portion of the content data (e.g. the portion which is watermarked and/or to be encrypted), is transmitted to the TTP. The TTP subsequently selects an appropriate transmission key in dependence upon the structure data.
The structure data can directly represent or describe the structure of the relevant portion of the content data. Alternatively, the structure data could indicate the modifications that have been performed to said portion of the content data, assuming that the
TTP has a record of the structure of the initial or previous unedited relevant portion.
The structure data could include any one or more of the following, in relation to the relevant portion of the data content: total size of portion of data content, number of sub-units (e.g. segment, sub-segment or other unit) forming said portion, location of each sub-unit, duration of each sub-unit, size of each sub-unit, type of data or sub-unit (e.g. audio, picture or video), geometry of portion (e.g. relative arrangement of objects, parts or sub-units forming that portion).
The TTP selects the transmission key in dependence upon the structure data, so as to ensure that the relevant portion of the content data (including the digital content embedded with a first watermark) is appropriately modified when the transmission key is applied. In particular, the transmission key is selected such that it will remove the first watermark, and encrypt the digital content.
The transmission key could be generated by the TTP, based upon/using the structure data. Alternatively, a source transmission key could be stored by the TTP suitable for modifying the initial (e.g. unedited) content data, and that source key modified by the
TTP based upon the structure data suitable for use with the (edited/modified) content data.
Further, the TTP also supplies a second (receive) key for decrypting the digital content and embedding a second watermark. Preferably the second watermark is indicative of the entity or censoring stage having received the encrypted digital content. Preferably, the receive key is also selected in dependence upon the structure data, so as to ensure that the data is appropriately decrypted and the second watermark added, without degrading the quality of the content data. As with the transmission key, the receive key may be based upon a source receive key stored by the TTP, which is appropriately modified by the TTP based upon the structure data. Alternatively, the receive key could be generated by the TTP, using the structure data.
To prevent hacking, each key is arranged to perform its operation in a single process e.g. the transmission key is arranged to both encrypt the digital content and remove the first watermark from the digital content, in a single operation e.g. to perform both actions simultaneously.
A preferred embodiment of the present invention will now be described with reference to Figs. 2 & 3.
The preferred embodiment will be described with reference to a Trusted Third Party 50 (i.e. a transfer control entity) and two entities (first entity & second entity) 60, 70. It should be realized that in most implementations the TTP and both the entities will each be implemented as computers, computational devices, or other automated communications and data storage devices. Each computer/computational device would comprise a program memory storing processor readable instructions, and a processor configured to read and execute the stored instructions, so as to cause the computer to carry out the relevant method steps.
Typically, the digital content will take the form of audio, video, text, data or multimedia files or the like. In most instances (but not necessarily all), such data will be stored in a data file. The device/computer (of at least each entity) would typically be arranged to display, play or edit the digital content, or store the digital content for download to a suitable display device or playing device, or editing device, or a combination of the aforesaid. For example, in the case of an audio file, a computer could be arranged to both edit the audio file and play the audio file, as well as store the audio file for download to an MP3 player.
The TTP and first and second entities are each separate, discrete entities. The transfer control entity (TTP) allows the secure transfer of digital content from the first entity to the second entity. Each entity 50, 60, 70 can communicate with the other two entities. The ability of each entity to communicate with the other two entities need not be continuous. For example, the transfer control entity (TTP 50) can be a server, connected to one or more communications networks. Each network can comprise a computer network, such as the Internet or an Intranet. The first and second entities (which could correspond to first and second users or groups of users) 60, 70 can be personal computers, or mobile devices such as mobile phones, media players, Personal Digital Assistants etc. Each of the first and second entities is connectable to the same communications network (e.g. the Internet) as the transfer control entity. Thus, both the first and second entities can only communicate with the transfer control entity over one or more communications networks. The first entity can also communicate with the second entity (e.g. send digital content), over a communications link. This could be a communications link over a communications network, or it could be a direct link between the two entities such as a wireless link (e.g. a Bluetooth link or an Infrared link) or a wired link (e.g. a cable connecting the two entities together).
As shown in Fig. 2, the first entity 60 includes a memory 62, and the second entity 70 includes a memory 72. The memory 62, 72 are arranged to store the relevant digital content, as well as the relevant keys for encrypting/decrypting the digital content.
In this example, it is assumed that the first entity 60 is arranged to perform the first stage of an editing process (Stage 1), and the second entity 70 is arranged to perform the second stage (Stage 2) of an editing process. Each stage could correspond to the editing performed by a single user, or by a group of users.
Initially, the first entity receives encrypted digital content E(c0). For example, the initial digital content Co could be encrypted by the use of an additive (including subtractive) function r0 e.g.
E(co)=co-ro [1]
For example, assuming that the digital content received by the first entity 60 (which performs stage 1 of the editing process) is made of a concatenation of, for example, four sub-segments or sub-units, such that the encrypted content is given by:
E(C0) = Wu -r o,u cOiV -Ab,v COJW - A-OJW C0 x -T0 x] [2] where: Co, n represents the sub-segments (sub-units) of the initial digital content, and
To, n is the corresponding function used to encrypt the digital content, where n=u, v, w or x i.e. n is the sub-segment identifier.
An initial receive key ko (where ko=ro+wi) is then applied to the encrypted digital content E(c0) to form initial content data C1 comprising initial digital content Co embedded with a first watermark W1.
For example, assume a similar four-segment initial received key ko is applied to decrypt the four-segment expression for the encrypted digital content illustrated in equation [2], e.g. K = V^u + W1 U rO v + wl v rO w + wl w Ab11 -Hw1J [3]
Applying k0 to E(c0) (e.g. each sub-segment of the receive key is added to each corresponding sub-segment of the encrypted initial digital content) will result in the decryption of the encrypted digital content to corresponding initial content data C1= Co+wi i.e.
Ci = Wu + W1 U CQ v + Wl v COjW + WljW C0 x + W1 x ] [4]
where W1, n represents the sub-segments of the first watermark W1. During the editing process in Stage 1, the initial content data C1 may be edited to form the content data c'i. The editing process may result in removal or amendment of different segments of the initial content data C1 to form edited content data C1' and remaining portion(s) (W1') of the watermark W1.
For example, during editing, the segments of the initial content data C1 indicated in equation [4] may be modified, with the second segment being removed, and the fourth segment being replaced by another piece of content c'liX. Using the specific four segment original example, the resulting watermarked edited content data (C1 ' + W1 ') could be expressed as:
Figure imgf000011_0002
[C0111 -I- W111, cOiW + wUw
Figure imgf000011_0001
[5]
In other words, in this particular example, not only has the second segment been removed, but the fourth segment (which has been replaced by the content c'liX) does not include any watermark sub-segment. The structure data S(C1 ') (e.g. geometric information such as the positions and durations of the omitted and/or inserted segments) of c'i is determined by the first entity 60, and sent from the first entity 60 to the TTP 50.
The TTP 50 then selects a transmission key Ic1 for use in removing the first watermark (or any portions of the first watermark remaining) from the digital content and simultaneously encrypting the digital content.
For example, a suitable transmission key for the content data illustrated in equation [5] would be: K = rx + w\ = [rl u + wl u rl w + W1 w rl x ] [6]
where x\ is the encryption function and w'i is the function needed to remove the remains of the first watermark. In this particular example, both ri and w'i depend upon structure data S(C1').
This transmission key ki could be generated by the TTP 50 based upon the structure data S(C1').
Alternatively, a predetermined source key (e.g. corresponding to the transmission key anticipated as being necessarily based upon the initial content data Ci) could be stored or generated within the TTP 50. The TTP 50 might then modify that source transmission key ki" to form the transmission key ki for use in applying to the (edited) content data, based upon the structure data S(C1'). For example, a suitable source transmission key ki"could be:
K " = r, + W1 = [rl u + W1 u rl v + W1 v rl w + W1 w rl x + W1 x ] [7]
which it will be appreciated could be readily modified to the key ki shown in equation [6] using the structure data S(ci ') e.g. using either information indicating the location and duration of each segment Of C1', or information indicating the changes made to Ci to form C1'. Once the transmission key has been selected, the TTP 50 would then transmit the transmission key ki to the first entity 60.
Similarly, the TTP 50 would also select a suitable receive key k2 for transmission to the second entity 70 e.g.
k2 = r, + W2 = [rl u + w2 u rl w + W2 w rl x + W2 x ] [8]
As per the transmission key Ic1 , the received key k2 could either be generated directly using the structure data S(C1') or by modifying a corresponding source receive key based upon the structure data so as to form the receive key k2. The TTP 50 would then transmit the receive key k2 to the second entity 70.
At the first entity 60, the transmission key ki is applied to the (watermarked) content data (C1' + W1'), resulting in the removal of the (remaining portions of the) watermark, and encryption of the digital content. In the particular example illustrated, the encrypted digital content E(C1 ') is generated by subtracting the transmission key from the watermarked content data e.g.
E^1 ') = c\ →i = [cO u - rl u cO w - rl w c\ x - rl x ] [9]
The encrypted digital content is subsequently transmitted from the first entity 60 to the second entity 70. The second entity 70 will then apply the decryption key k2 to the encrypted digital content, to generate/decrypt the encrypted content to form the data content C2 comprising the decrypted digital content C1' embedded with a second watermark w2 i.e.
C2 = C1 '+W2 = [cO u + W2 u C0 w + W2 w c\ x + W2 x ] [10]
Thus, the second entity 70 has received an appropriately watermarked copy of the digital content i.e. with a second watermark embedded, corresponding to the identity of the second entity. Thus, if the digital content is leaked from the first entity (i.e. during Stage 1), then the first watermark W1 will allow tracking of the leaked content back to that stage- entity. Similarly, if the content is leaked from the second stage-entity, then the second watermark w2 associated with that stage/entity would allow backtracking of the leak to that entity/stage. The process can of course be repeated for each subsequent stage, with appropriate structure data being sent to a TTP 70 (or other control entity) for selection of the appropriate transmission and receive keys for transmission and receipt of the content between each stage or entity.
It should be appreciated that the above embodiment is described by way of example only, and that various alternatives will be apparent to the skilled persons falling within the scope of the appended claims.
Within the above embodiment, the letter r (e.g. r0, x\ or r2) has been used to represent the functions used to encrypt the digital content.
Each function r (e.g. r0, x\ or r2) could represent any masking function (including a random noise signal or function), which when applied to the digital content, prevents the reading of the resulting marked digital content. For example, if the digital content represents an audio stream or signal, then the encryption r could represent any signal to mask the audio signal, and prevent a listener from hearing (or at least hearing clearly) the desired digital content when played. Preferably, the digital content is encrypted using random noise i.e. r is a random noise function, so as to inhibit the ability of an attack to remove the encryption/masking of the digital content. Most preferably, the digital content is encrypted using a one time pad (OTP). An OTP is an encryption algorithm where the plain text (e.g. the audio signal) is combined with a random key or "pad" that is as long as the plain text, and used only once. If the random key (r) is truly random, never re-used, and kept secret, the OTP is theoretically unbreakable.
An example of a suitable marking function (together with a description of how the function can be removed by a suitable key) is described within the article "Copyright Protection for MPEG-2 Compressed Broadcast Video" by S Emmanuel & M Kankanhalli, ICME 2001, IEEE International Conference on Multimedia and Expo, pp. 273-276. The article describes examples of how video files can be encrypted (i.e. masked) in either the spatial domain or the compressed domain. The content of that article is incorporated herein by reference. The article describes how an opaque mask frame can be added on to the original compressed video, frame by frame, by a broadcaster. A subscriber can remove the mask and also embed a robust, invisible watermark. Such a technique as described in that document can be utilized in embodiments of the present invention (e.g. to encrypt video or multi-media signals), but with the additional concept that the key used to encrypt/mask the digital content is also arranged to remove a watermark (which can be robust and/or invisible) embedded within the digital content. This removal of the embedded watermark is important, as it facilitates secure sharing of digital content.
Other encryption techniques such as partial encryption based techniques, or homomorphic ciphers can also be applied, as alternatives to OTPs.
In the above embodiment, the method has been described with respect to additive forensic watermarks. It should be appreciated that forensic watermarks need not be utilized. Equally, it should be appreciated that the watermarks need not be additive or subtractive watermarks - the invention could be implemented using any watermark scheme (e.g. multiplicative or other) that allows the watermark to be embedded, and subsequently removed. Further, the above method describes how digital content may be embedded with a watermark, the content subsequently encrypted (using the transmission key), and then decrypted (using the receive key), to generate decrypted data comprising the decrypted digital content embedded with the second watermark. It should be appreciated that such operations need not be applicable to all of the content. For example, within the content data stored by the first entity, only a portion of the relevant total digital content may be embedded with the first watermark. Equally, the first entity may apply the transmission key to the content data so as to only encrypt a portion of the digital content. Similarly, the second entity may apply the receive key to the encrypted digital content to generate decrypted data, only a portion of which is embedded with a second watermark.
For example, the article by A. Lemma, S. Katzenbeisser, M. Celik, M. van derVeen, "Secure Embedding Through Partial Encryption", International Workshop on Digital Watermarking, 2006, Springer Lecture Notes in Computer Science vol. 4238, pp. 433-445, describes examples of how perceptually significant features of data can be selected, and only those features encrypted. Similarly, embodiments of the present invention may be implemented by only encrypting portions of the digital content, such as the perceptually significant features. The content of that article is incorporated herein by reference. The article describes how the MASK watermarking scheme can be utilized in joint decryption and watermarking. In MASK, a watermark is embedded by modifying the envelope of the host signal. Also, the article describes how the general methodology of joint watermarking and decryption can be applied to MPEG-2 compressed streams. Embodiments of the present invention may utilize such a methodology applied to video streams, such as MPEG-2.
In the above embodiment, it has been assumed that there is a one-to-one link between successive stage/ entities. In other words, it is assumed that the entity at Stage k can process/apply the decryption key ^-1 [n] +wt[n], to the content encrypted by the entity at Stage k-1, to obtain watermarked, decrypted content.
However, it should be appreciated that the invention may equally be implemented in situations in which there are multiple inputs to a Stage (or entity) of encrypted content (e.g. from a plurality of other stages or entities), and/or there are multiple outputs of encrypted content sent by a Stage (e.g. to a plurality of other stages or entities). Preferably, the function or value (r) used to encrypt each digital content is different from the other values/functions used to encrypt the other digital content. For example, each value or function (e.g. r,) can be randomly selected for each different entity j. In all instances, the relative transmit and receive keys will be selected by the transfer control entity using the relevant structure data.
In particular, this concept can be extended to a multiple input case for a plurality of inputs as shown in Fig. 4. Fig. 4 shows an arbitrary stage k receiving (M + 1) different inputs, each input from a different entity. Each of the different inputs is assumed to come from a different entity within a preceding stage of the editing process e.g. from stage (k-1). Thus, the encrypted digital content of each input can be generalized as:
E(cJ k-l) = cJ k-l - rJ [11]
where j is an integer, j = 0 to M, each j indicating a different entity from which data is received in stage k - 1, ck l j is the digital content from entity j, and r, is the function used to encrypt the digital content from entity j.
Each of the received encrypted digital content E(ck l j) is then decrypted at stage k using a respective receive key kk j i.e.
kk = rJ + wk [12]
where Wk is the digital watermark used to watermark each digital content within stage k.
This will result in M + 1 different watermarked versions of the digital content being subsequently available for processing in stage k, where each watermarked digital content is of the form:
ck = ck-l + wk [13]
Subsequently, within stage k, the entity k can process any and all of these digital content (e.g. it may average out the different digital content ck j, or edit or merge any number of the different content) to form a single edited digital content ck with a corresponding watermark w'k.
An appropriate transmit key (rk + w'k) may then be applied to the edited watermarked content, so as to remove the watermark and simultaneously encrypt the content e.g. to form the encrypted digital content for transmission from stage k:
E(ck') = ck' - rk [14]
In another preferred embodiment shown in Fig. 5, an entity at a certain stage (k) can send multiple encrypted contents to multiple other entities/stages in the pool. Again, preferably each of the multiple encrypted contents is encrypted using a different value or function (r) e.g. each value of r or function of r is randomly chosen. In the example architecture indicated in Fig. 5, it is assumed that a single encrypted digital content E(ck l) is received from an earlier stage (k-1) at stage k (i.e. entity k), where:
E(ck-ι) = ck→ - rk-1 [15]
The encrypted digital content from stage (k-1) is then decrypted using an appropriate key (rk l + Wk), to form the watermark digital content:
ck = ck-l + wk [16]
The watermarked digital content is then edited, to form the edited watermark digital content (ck + w'k), where w'k is the edited watermark portion. It is desirable to send the edited content to a plurality (M + 1) different entities or stages. It is further desirable to ensure that the digital content is encrypted as it is transmitted to each entity/stage, preferably with a different respective encryption function (rk). Consequently, so as to simultaneously remove the watermark and encrypt the digital content for transmission to the (M + 1) different entities, (M + 1) different transmission keys k, are generated, where:
kJ = rJ + wk ' [17]
where as previously j = 0 to M, each j representing a different entity, and r, is the encryption function for the jth entity.
Thus, the invention can be implemented for multiple input and/or outputs. In summary, the invention relates to methods and apparatus for transfer of editable digital content. A first entity (60) stores content data (C1') comprising digital content embedded with a first watermark (W1 '). The first entity transmits structure data (S(C1 ')) to a transfer control entity (50), the structure data being indicative of the structure of at least a portion of the content data. The transfer control entity selects a transmission key (Ic1) in dependence upon the structure data, and transmits the transmission key to the first entity. The first entity applies the transmission key to the content data to remove the first watermark from the digital content and encrypt the digital content. The first entity transmits the encrypted digital content (E(C1')) to a second entity (70). The transfer control entity transmits a receive key (k2) to the second entity. The second entity applies the receive key to the encrypted digital content to generate decrypted data (c2) comprising the decrypted digital content embedded with a second watermark (w2).

Claims

CLAIMS:
1. A method of transferring digital content from a first entity (60) to a second entity (70), comprising the steps of: the first entity (60) storing content data (C1 ') comprising digital content embedded with a first watermark (W1 '); - the first entity (60) transmitting structure data (S(C1 ')) to a transfer control entity (50), the structure data being indicative of the structure of at least a portion of the content data; the transfer control entity (50) selecting a transmission key (ki) in dependence upon the structure data (S(C1')); - the transfer control entity (50) transmitting the transmission key to the first entity (60); the first entity (60) applying the transmission key (It1) to the content data to remove the first watermark (W1') from the digital content (C1') and encrypt the digital content; the first entity (60) transmitting the encrypted digital content (E(C1 ')) to a second entity (70); the transfer control entity (50) transmitting a receive key (k2) to the second entity (70); and the second entity (70) applying the receive key (k2) to the encrypted digital content (E(C1')) to generate decrypted data (c2) comprising the decrypted digital content embedded with a second watermark (w2).
2. A method as claimed in claim 1, wherein said transmission key (ki) is arranged to simultaneously remove the first watermark and encrypt the digital content, when applied to said content data (C1').
3. A method as claimed in claim 1 or claim 2, wherein said receive key (k2) is arranged to simultaneously decrypt the encrypted digital content (E(C1 ')) and embed the second watermark (w2) in said digital content, when applied to the encrypted digital content.
4. A method as claimed in any one of the above claims, wherein the step of the transfer control entity (50) selecting the transmission key (ki) comprises the transfer control entity generating the transmission key using the structure data (S(C1')).
5. A method as claimed in any one of claims 1 to 4, wherein the step of the transfer control entity (50) selecting the transmission key (ki) comprises the transfer control entity modifying a predetermined source key to form the transmission key, the modifications being in dependence upon the structure data (S(C1 ')).
6. A method as claimed in any one of the above claims, further comprising the step of the transfer control entity (50) selecting the receive key (k2) in dependence upon the structure data (S(C1')).
7. A method as claimed in claim 6, wherein the selection of the receive key by the transfer control entity (50) comprises the transfer control entity generating the receive key using the structure data (S(C1 ')).
8. A method as claimed in claim 6, wherein the step of the transfer control entity (50) selecting the receive key (k2) comprises the transfer control entity modifying a predetermined source receive key to generate the receive key, the modifications being in dependence upon the structure data (S(C1')).
9. A method as claimed in any one of the above claims, further comprising the steps of: - the first entity (60) storing initial content data (C1) comprising initial digital content embedded with an initial first watermark (W1); and the first entity modifying the initial content data (C1) to form said content data
(Cl ')-
10. A method as claimed in claim 9, wherein said structure data (S(C1')) comprises data indicative of the modifications performed to the initial content data by the first entity modifying said initial content data.
11. A method as claimed in any one of the above claims, wherein said structure data (S(C1')) comprises data representative of the structure of at least a portion of the content data.
12. A method as claimed in claim 11, wherein said data is representative of the location and number of sub-units forming said at least a portion of the content data.
13. A method of transmitting digital content, comprising the steps of: a first entity (60) storing content data comprising digital content embedded with a first watermark (W1 '); the first entity (60) transmitting structure data (S(C1 ')) to a transfer control entity (50), the structure data being indicative of the structure of at least a portion of the content data; the first entity (60) receiving a transmission key (Ic1) related to the structure data (S(C1 ')) from the transfer control entity (50); the first entity (60) applying the transmission key (Ic1) to the content data to remove the first watermark (W1 ') from the digital content and encrypt the digital content; and the first entity transmitting the encrypted digital content (E(C1 ')) to a second entity (70).
14. A method for controlling the transfer of digital content, comprising the steps of: a transfer control entity (50) receiving structure data (S(C1 ')) indicative of the structure of at least a portion of content data stored on a first entity (60); - the transfer control entity (50) selecting a transmission key (Ic1) in dependence upon the structure data; and the transfer control entity (50) transmitting the transmission key (Ic1) to the first entity (60).
15. A method as claimed in claim 14, wherein said content data (C1') comprises digital content embedded with a first watermark (W1'), and said transmission key (Ic1) is arranged to simultaneously remove the first watermark and encrypt the digital content, when applied to said content data.
16. A method as claimed in claim 14 or claim 15, further comprising the steps of: the transfer control entity (50) selecting a receive key (k2) in dependence upon the structure data (S(C1 ')); and the transfer control entity (50) transmitting the receive key (k2) to a second entity (70).
17. A method as claimed in claim 16, wherein said receive key (k2) is arranged to simultaneously decrypt encrypted digital content (E(C1 ')) and embed a second watermark (w2) in said digital content, when applied to said encrypted digital content.
18. A carrier medium carrying computer readable program code configured to cause a computer to carry out a method according to any one of the above claims.
19. An apparatus comprising means arranged to perform the method of any one of claims 1 to 17.
20. A computer apparatus comprising: a program memory containing processor readable instructions; and a processor configured to read and execute instructions stored in said program memory, wherein said processor readable instructions comprise instructions configured to cause the computer to carry out a method according to any one of claims 1 to 17.
PCT/IB2008/053351 2007-08-27 2008-08-21 Apparatus and methods for transferring editable digital content WO2009027902A2 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
EP07115038.7 2007-08-27
EP07115038 2007-08-27

Publications (2)

Publication Number Publication Date
WO2009027902A2 true WO2009027902A2 (en) 2009-03-05
WO2009027902A3 WO2009027902A3 (en) 2009-04-30

Family

ID=40342639

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/IB2008/053351 WO2009027902A2 (en) 2007-08-27 2008-08-21 Apparatus and methods for transferring editable digital content

Country Status (1)

Country Link
WO (1) WO2009027902A2 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
NL2006658C2 (en) * 2011-04-22 2012-10-23 Media Cowboyz B V Method and system for detecting violation of intellectual property rights of a digital file.
US9275199B2 (en) 2011-06-28 2016-03-01 Link-Busters IP B.V. Method and system for detecting violation of intellectual property rights of a digital file

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1148408A2 (en) * 2000-04-21 2001-10-24 Sony Corporation Information embedding apparatus and method
US20020059238A1 (en) * 1994-09-30 2002-05-16 Mitsubishi Corporation Data management system

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020059238A1 (en) * 1994-09-30 2002-05-16 Mitsubishi Corporation Data management system
EP1148408A2 (en) * 2000-04-21 2001-10-24 Sony Corporation Information embedding apparatus and method

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
LEMMA A ET AL: "Secure watermark embedding through partial encryption" DIGITAL WATERMARKING. 5TH INTERNATIONAL WORKSHOP, IWDW 2006. PROCEEDINGS (LECTURE NOTES IN COMPUTER SCIENCE VOL. 4283) SPRINGER-VERLAG BERLIN, GERMANY, 2006, pages 433-445, XP002515648 ISBN: 3-540-48825-1 *
M. VAN DROOGENBROECK: "Partial encryption of images for real-time applications" FOURTH IEEE SIGNAL PROCESSING SYMPOSIUM, [Online] April 2004 (2004-04), pages 11-15, XP002515649 Hilvarenbeek, The Netherlands Retrieved from the Internet: URL:http://www.ulg.ac.be/telecom/publi/publications/mvd/Vandroogenbroeck2004Partial.pdf> [retrieved on 2009-02-17] *

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
NL2006658C2 (en) * 2011-04-22 2012-10-23 Media Cowboyz B V Method and system for detecting violation of intellectual property rights of a digital file.
US9275199B2 (en) 2011-06-28 2016-03-01 Link-Busters IP B.V. Method and system for detecting violation of intellectual property rights of a digital file

Also Published As

Publication number Publication date
WO2009027902A3 (en) 2009-04-30

Similar Documents

Publication Publication Date Title
US20100082478A1 (en) Apparatus & methods for digital content distribution
US10461930B2 (en) Utilizing data reduction in steganographic and cryptographic systems
USRE47730E1 (en) System and method for controlled copying and moving of content between devices and domains based on conditional encryption of content key depending on usage state
JP5346024B2 (en) Content encryption
US6886098B1 (en) Systems and methods for compression of key sets having multiple keys
US7123718B1 (en) Utilizing data reduction in stegnographic and cryptographic systems
US7536016B2 (en) Encrypted content data structure package and generation thereof
WO2001013571A1 (en) Systems and methods for compression of key sets having multiple keys
JP2005124147A (en) Access control for digital video stream
KR101088080B1 (en) System, method and processor-readable recording medium for inserting watermarks to media
JP2005124150A (en) Access control for digital content
JP2002539487A (en) Signal processing method and apparatus
US8122501B2 (en) Traitor detection for multilevel assignment
WO2009027902A2 (en) Apparatus and methods for transferring editable digital content
Steinebach et al. Combined fingerprinting attacks against digital audio watermarking: methods, results and solutions
US20070143216A1 (en) Data Signal with a Database and a Compressed Key
US20090172196A1 (en) System and Method For Protecting Content Transferred Between Devices
Durand et al. Laundering and Repackaging of Multimedia Content in Content Distribution Systems
DECODE ‘DIGITAL ‘ID Portion of Format
KR20060053698A (en) Apparatus and method for drm of mobile contents in pda phone

Legal Events

Date Code Title Description
NENP Non-entry into the national phase

Ref country code: DE

121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 08807387

Country of ref document: EP

Kind code of ref document: A2

122 Ep: pct application non-entry in european phase

Ref document number: 08807387

Country of ref document: EP

Kind code of ref document: A2