WO2011013196A1 - Dispositif de traitement d'informations - Google Patents

Dispositif de traitement d'informations Download PDF

Info

Publication number
WO2011013196A1
WO2011013196A1 PCT/JP2009/063404 JP2009063404W WO2011013196A1 WO 2011013196 A1 WO2011013196 A1 WO 2011013196A1 JP 2009063404 W JP2009063404 W JP 2009063404W WO 2011013196 A1 WO2011013196 A1 WO 2011013196A1
Authority
WO
WIPO (PCT)
Prior art keywords
content
piece
embedding
information
watermark
Prior art date
Application number
PCT/JP2009/063404
Other languages
English (en)
Japanese (ja)
Inventor
達之 松下
晋爾 山中
健太郎 梅澤
加藤 拓
外山 春彦
上林 達
伊藤 聡
Original Assignee
株式会社東芝
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 株式会社東芝 filed Critical 株式会社東芝
Priority to PCT/JP2009/063404 priority Critical patent/WO2011013196A1/fr
Publication of WO2011013196A1 publication Critical patent/WO2011013196A1/fr

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N1/00Scanning, transmission or reproduction of documents or the like, e.g. facsimile transmission; Details thereof
    • H04N1/32Circuits or arrangements for control or supervision between transmitter and receiver or between image input and image output device, e.g. between a still-image camera and its memory or between a still-image camera and a printer device
    • H04N1/32101Display, printing, storage or transmission of additional information, e.g. ID code, date and time or title
    • H04N1/32144Display, printing, storage or transmission of additional information, e.g. ID code, date and time or title embedded in the image data, i.e. enclosed or integrated in the image, e.g. watermark, super-imposed logo or stamp
    • H04N1/32149Methods relating to embedding, encoding, decoding, detection or retrieval operations
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06TIMAGE DATA PROCESSING OR GENERATION, IN GENERAL
    • G06T1/00General purpose image data processing
    • G06T1/0021Image watermarking
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/20Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
    • H04N21/23Processing of content or additional data; Elementary server operations; Server middleware
    • H04N21/238Interfacing the downstream path of the transmission network, e.g. adapting the transmission rate of a video stream to network bandwidth; Processing of multiplex streams
    • H04N21/2389Multiplex stream processing, e.g. multiplex stream encrypting
    • H04N21/23892Multiplex stream processing, e.g. multiplex stream encrypting involving embedding information at multiplex stream level, e.g. embedding a watermark at packet level
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/80Generation or processing of content or additional data by content creator independently of the distribution process; Content per se
    • H04N21/83Generation or processing of protective or descriptive data associated with content; Content structuring
    • H04N21/835Generation of protective data, e.g. certificates
    • H04N21/8358Generation of protective data, e.g. certificates involving watermark

Definitions

  • the present invention relates to an information processing apparatus.
  • Content distribution may be performed online via a communication network composed of the Internet, terrestrial broadcast, satellite broadcast, cable TV line, optical line, telephone line, or a combination of these, or the content may be CD-
  • the recording may be performed offline by recording on a recording medium such as a ROM, a flexible disk (FD), a CD-R, or a DVD (Digital Versatile Disk).
  • Some service providers encrypt and distribute content in order to allow only authorized users to access the content.
  • the digital watermark technique is a technique for embedding information (digital watermark) in content so as not to be perceived by humans.
  • the digital watermark technique is disclosed in, for example, Patent Documents 1 to 3.
  • Patent Document 1 discloses a terminal device in which user identification information is embedded in content as a digital watermark. If the user identification information is embedded in the content as a digital watermark, if the content is leaked, the user who is leaked may be identified by extracting the user identification information embedded in the leaked content it can. Therefore, by using the digital watermark technology, it is possible to suppress redistribution of content by unauthorized users.
  • the terminal device disclosed in Patent Document 1 belongs to the user who uses the content, and embeds all the information to be embedded as a digital watermark on the user side.
  • the process of embedding a digital watermark is a heavy process.
  • the terminal device is a consumer device such as a television set
  • the digital watermark embedding process cannot be completed within the time limit required for the product because the calculation capability is low.
  • the digital watermark embedding process can be completed, a lot of calculation resources are taken up by the digital watermark embedding process, and there is a problem that resources to be allocated to other processes are insufficient.
  • the present invention has been made in view of the above, and an object of the present invention is to provide an information processing apparatus capable of reducing the processing load for embedding a digital watermark on the user side who uses content.
  • an embodiment of the present invention is an information processing apparatus, in which a digital watermark is embedded in advance from a first position to an n-th position (n is an integer of 2 or more).
  • a first acquisition unit that acquires the acquired content
  • a second acquisition unit that acquires a value of the digital watermark assigned to the information processing apparatus and a position where the value is embedded, and the first position to the nth position
  • An embedding unit that newly embeds the different value at a position where a value different from the value of the already embedded digital watermark is embedded, and an output unit that outputs the content in which the different value is newly embedded.
  • the figure which illustrates the functional structure of the client The figure which illustrates the data structure of a watermark system parameter.
  • the flowchart which shows the procedure of the watermark embedding and content delivery process which the content provision server 60 performs.
  • the flowchart which shows the procedure of the content reception and watermark embedding processing which a client performs.
  • the figure which illustrates each received piece.
  • the figure which illustrates the result of having decrypted each encrypted piece.
  • the figure which illustrates the result of embedding a digital watermark.
  • the figure which illustrates the correspondence of client identification information and a re-embedding vector generation algorithm.
  • the figure which illustrates the content by which the electronic watermark concerning one modification was embedded and was encrypted.
  • the figure which illustrates the data structure of a watermark system parameter.
  • the figure which illustrates the data structure of a watermark system parameter The figure which illustrates the data structure of a watermark system parameter.
  • the figure which shows each encryption piece typically.
  • the figure which illustrates each encryption piece which seeder 52A has memorized.
  • the figure which illustrates the data structure of piece information The figure which illustrates the functional structure of the leecher 50.
  • the figure which illustrates Torrent File The figure which illustrates the functional structure of the key server 53.
  • the figure which illustrates the data structure of node information The flowchart which shows the procedure of a content delivery process.
  • the figure which illustrates the functional structure of the seeder 52A The figure which shows typically the state by which the digital watermark was embedded in each piece Ci illustrated by FIG.
  • the figure which shows typically the state by which each piece Ci with which the electronic watermark was embedded was encrypted.
  • the figure which shows typically the state by which each piece Ci with which the electronic watermark was embedded was encrypted.
  • the figure which illustrates the functional structure of the leecher 50 The figure which illustrates a watermark system parameter.
  • FIG. 1 is a diagram illustrating a configuration of a content distribution system according to the present embodiment.
  • the content distribution system is a server-client type system that includes a content providing server 60 and a client 70 that is a user terminal, and these are connected via a communication network NT1.
  • the communication network NT1 is, for example, a local area network (LAN), an intranet, Ethernet (registered trademark), or the Internet.
  • the content providing server 60 and the client 70 are connected one-to-one.
  • a plurality of the content providing servers 60 may be connected to the communication network NT1, or the client 70 may be connected to the communication network NT1. Multiple connections may be made.
  • Each device has a control unit such as a CPU (Central Processing Unit) that controls the entire device, a main storage unit such as a ROM (Read Only Memory) and a RAM (Random Access Memory) that stores various data and various programs, It is equipped with an auxiliary storage unit such as an HDD (Hard Disk Drive) or CD (Compact Disk) drive device that stores various data and various programs, and a bus that connects them, and a hardware configuration that uses a normal computer It has become.
  • Each device includes a display device that displays information, an input device such as a keyboard and a mouse that accepts user instruction input, and a communication I / F (interface) that controls communication with an external device. Connected by a CPU (Central Processing Unit) that controls the entire device, a main storage unit such as a ROM (Read Only Memory) and a RAM (Random Access Memory) that stores various data and various programs, It is equipped with an auxiliary storage unit such as an HDD (Hard Disk Drive) or CD (Compact
  • FIG. 2 is a diagram illustrating a functional configuration of the content providing server 60.
  • the content providing server 60 includes a content storage unit 600, a division unit 601, a watermark embedding unit 602, an encryption unit 603, a transmission unit 604, a decoding unit 605, and an encoding unit 606.
  • the content storage unit 600 stores content to be provided to the client 70.
  • Content refers to various digital data, for example, data representing moving images such as MPEG2 and MPEG4, data representing sound, data representing text, data representing still images, etc. These digital data are encrypted. What is done is also called content.
  • content obtained by encrypting HD DVD Prepared Video Content according to the AACS (Advanced Access Content System) specification is also content.
  • the entire content is represented as C.
  • C may be plain text or encrypted.
  • content identification information is given to each content.
  • the content identification information is information assigned to each content, and may be any information as long as each content can be identified. For example, the content ID, the hash value of the content, the title name of the content, the content data File name.
  • the content identification information may be added to the content as metadata.
  • Such content is acquired from, for example, a device external to the content providing server 60 and stored in the content storage unit 600.
  • a predetermined compression method for example, MPEG-2 or H.264.
  • the compression method one common compression method may be used in the content distribution system, or the compression method may be changed depending on the content.
  • the device that acquired the encoded content refers to this description to perform compression (encoding). It is possible to correctly select a method for decompressing (decoding) the obtained content, decode the content, and obtain the content before encoding.
  • the dividing unit 601 divides the encoded content into a plurality of pieces.
  • FIG. 3 is a diagram schematically showing a state in which the content is divided into a plurality of pieces.
  • the content C is divided by the dividing unit 601 into N (N> 1) pieces C1 to CN.
  • the data lengths of the pieces C1, C2,... CN may all be the same or not.
  • the decoding unit 605 decodes each piece divided by the dividing unit 601.
  • the watermark embedding unit 602 embeds a digital watermark in each piece decoded by the decoding unit 605.
  • a method for embedding a digital watermark for example, a method disclosed in Patent Document 2 may be used.
  • an initial value vector (WM10, WM20,..., WMN0) is determined in advance.
  • Each component WMi0 (1 ⁇ i ⁇ N) of the initial value vector may be one bit expressing “0” or “1”, or may be a bit string composed of a plurality of bits, or three or more values. May be a single symbol or a symbol string composed of a plurality of symbols.
  • the watermark embedding unit 602 embeds each component WMi0 of such an initial value vector as an electronic watermark in each piece Ci.
  • Ci a piece in which a digital watermark is embedded
  • FIG. 4 is a diagram schematically illustrating a state in which a digital watermark is embedded in each piece Ci illustrated in FIG.
  • the encoding unit 606 encodes each piece Ci by compressing each piece Ci embedded with the digital watermark by the watermark embedding unit 602 in a predetermined compression format.
  • the encryption unit 603 encrypts each piece Ci (WMi0) encoded by the encoding unit 605 using an encryption function using the encryption key Ki.
  • the encrypted piece is represented as E (Ki) [Ci (WMi0)].
  • E represents an encryption function
  • E (Key) [C] represents that C is encrypted with Key.
  • E is a common key cryptographic function.
  • the encryption key Ki and the encryption key Kj (i ⁇ j) (1 ⁇ j ⁇ N) may be the same or different.
  • FIG. 5 is a diagram schematically illustrating a state in which each piece Ci embedded with a digital watermark, illustrated in FIG. 4, is encrypted.
  • the transmission unit 604 transmits each piece encrypted by the encryption unit 603 to the client 70 via the communication network NT1.
  • FIG. 6 is a diagram illustrating a functional configuration of the client 70.
  • the client 70 includes a receiving unit 700, a decoding unit 701, a decoding unit 702, a watermark re-embedding unit 703, a watermark method parameter storage unit 704, and an output unit 705.
  • the receiving unit 700 receives, from the content providing server 60, the piece E (Ki) [Ci (WMi0)] transmitted after being embedded with an electronic watermark and encrypted.
  • the decryption unit 701 decrypts E (Ki) [Ci (WMi0)] using a decryption key Ki using a decryption function.
  • D represents a decryption function
  • D (Key) [X] represents that X is decrypted with Key
  • the result of decryption is D (Ki) [E (Ki) [Ci (WMi0 )]].
  • Ci Ci (WMi0)
  • a piece in which a digital watermark is embedded is obtained.
  • the decryption key Ki may be stored in advance in an auxiliary storage unit such as an HDD, or may be acquired by the client 70 from a key server (not shown) that stores the decryption key Ki.
  • the content providing server 60 may also serve as the key server.
  • the decoding unit 702 decodes each piece Ci (WMi0) obtained by decoding by the decoding unit 701 to obtain content composed of the decoded pieces, that is, obtains content before compression.
  • the watermark method parameter storage unit 704 stores the watermark method parameter for each content identification information.
  • the watermark method parameter specifies how to embed a digital watermark.
  • the embedding strength of the digital watermark, the position at the time of embedding the digital watermark (re-embedding position), the above-described initial value vector, and the digital assigned to the client 70 Contains a vector (re-embedded vector) representing the watermark.
  • FIG. 7 is a diagram illustrating an example of the data structure of the watermark method parameters.
  • the embedding strength of the digital watermark is too strong, the digital watermark can be perceived by humans. Will degrade the quality of the content after embedding a digital watermark. For example, when the content represents a video such as a moving image or a still image, the image quality may deteriorate to such an extent that the user cannot withstand viewing. Therefore, the embedding strength of the watermark is determined in consideration of both the detection accuracy and the possibility of perception of the digital watermark. In addition, for example, a moving image with a large amount of motion may be relatively difficult to perceive even if the watermark is strongly embedded, but if the watermark is embedded in a still image with the same strength, the user may easily perceive it. Therefore, the watermark embedding strength may be changed even for one content.
  • the re-embedding position of the digital watermark is information for specifying where the digital watermark is embedded in the content data.
  • the re-embedding position includes information for specifying a position on the screen representing the video to be embedded.
  • the information which specifies the corresponding time within a moving image is mentioned. For example, it is information for specifying a time of 30 seconds from the time of reproduction for 10 seconds from the beginning of the content.
  • the re-embedding vector includes each component corresponding to the above-described re-embedding position, and is a vector composed of a set of digital watermark values (re-embedding values) embedded at each re-embedding position.
  • Such a re-embedding vector is predetermined so as to be different from the initial value vector and different for each client 70.
  • the correspondence between the client identification information for identifying the client 70 and the re-embedding vector is stored for each content identification information in a client identification specifying device (not shown) described later.
  • the client identification information may be any information as long as each client 70 can be identified.
  • the client ID for example, the MAC (Media Access Control) address, IP address, mail address of the device
  • the client 70 Public key assigned to the user public key certificate, subscriber ID in the paid distribution service, and the like.
  • the re-embedding value (WMi1) included in the re-embedding vector may be a value different from each component WMi0 of the initial value vector for at least one value i in 1 ⁇ i ⁇ N. For example, if each component WMi0 of the initial value vector is a 1-bit value representing “0”, WMi1 may be a 1-bit value representing “1”.
  • the re-embedding position of the digital watermark is designated by the number of frames.
  • the re-embedding position in the range from the 6001th frame to the 8000th frame is embedded at an SN ratio of 40 dB, and from the 8001th frame to the 12000th frame. It can be determined that it is sufficient to embed the watermark WM21 at the re-embedding position in the range with the embedding strength of the SN ratio 45 dB. Note that the re-embedding position may not correspond to the piece.
  • Reference 1 G. Tardos, “Optimal Probabilistic Fingerprint Codes,” Proceedings of the 35th Annual ACM Symposium on Theory of Computing, pp. 116-125, 2003.
  • One of the codewords of the code disclosed in Reference 1 is CWk, and this codeword is assigned to a client 70_k (1 ⁇ k ⁇ the number of clients 70 connected to the communication network NT1) as a re-embedding vector. .
  • the client 70_k re-embeds the digital watermark only for components different from the corresponding components of the re-embedding vector CWk among the components of the initial value vector based on the watermark method parameters. That is, the client 70_k re-embeds the digital watermark so that the vector embedded in the content becomes CWk.
  • a code word of an error correction code may be used as the re-embedding vector.
  • the watermark re-embedding unit 703 newly embeds a digital watermark in the content obtained by decoding each piece by the decoding unit 702, using the watermark method parameter stored in the watermark method parameter storage unit 704.
  • the digital watermark is re-embedded.
  • a method disclosed in Patent Document 3 may be used as a method of re-embedding a digital watermark for content in which the digital watermark has already been embedded.
  • the output unit 705 outputs the content embedded with the digital watermark by the watermark re-embedding unit 703.
  • the content providing server 60 acquires content from an external device and stores it in the content storage unit 600 (step S101). Next, the content providing server 60 divides the content into N pieces Ci (1 ⁇ i ⁇ N) (step S102). Next, the content providing server 60 decodes each piece Ci (step S103). Then, the content providing server 60 embeds a digital watermark (WMi0) in each piece Ci (step S104). Thereafter, the content providing server 60 encodes each piece (Ci (WMi0)) in which the digital watermark is embedded (step S105).
  • the content providing server 60 encrypts each encoded piece (Ci (WMi0)) using the encryption key Ki (step S106). Then, the content providing server 60 transmits each encrypted piece (E (Ki) [Ci (WMi0)]) to the client 70 (step S107).
  • E (Ki) [Ci (WMi0)] each encrypted piece [Ci (WMi0)]
  • the client 70 receives each piece (E (Ki) [Ci (WMi0)]), which is transmitted with the digital watermark embedded and encrypted, from the content providing server 60 (step S120).
  • the client 70 receives each piece E (Ki) [Ci (WMi0)] for all values of i satisfying “1 ⁇ i ⁇ N”, that is, E (K1) [C1 (WM10 )],..., E (KN) [CN (WMN0)] may be received before proceeding to the next step S121, or only some of these pieces may be received and proceed to the next step S121. At any point in the subsequent steps, the process may return to step S120 again to receive another piece.
  • step S120 to step S125 is performed for piece E (K1) [C1 (WM10)], E (K2) [C2 (WM20)], and step S120 is subsequently performed for E (K3) [C3 (WM30)].
  • the processing may be repeated sequentially such as performing the processing from step S125 to step S125.
  • the process of step S124 described later need not be repeated.
  • step S120 for example, as shown in FIG. 11, pieces E (K1) [C1 (WM10)], E (K2) [C2 (WM20)], E (K3) [C3 (WM30 )] Is received.
  • step S121 the client 70 decrypts the piece E (Ki) [Ci (WMi0)] using the decryption key Ki.
  • Ci (WMi0) in which the digital watermark is embedded is obtained.
  • pieces C1 (WM10), C2 (WM20), and C3 (WM30) are obtained.
  • the client 70 decodes the piece Ci (WMi0), and obtains a content composed of the decoded pieces (step S122).
  • step S122 acquires a watermark method parameter stored in the watermark method parameter storage unit 704 corresponding to the content identification information of the content (step S123), and embeds a digital watermark using the watermark method parameter.
  • the digital watermark is re-embedded (step S124).
  • the initial value vector is (WM10, WM20, WM30)
  • the re-embedding vector is (WM10, WM21, WM30).
  • the client 70 compares these and determines a different part and its re-embedding position, the second component of the initial value vector is different and the re-embedding position can be determined to be the second piece. Therefore, the client 70 newly embeds the digital watermark WM21 in the second piece C2 (WM20) to be embedded as a digital watermark, and obtains C2 (WM21).
  • FIG. 13 is a diagram illustrating the result of this embedding.
  • the client 70 outputs the content composed of each piece after the digital watermark is newly embedded in at least one piece (step S125).
  • the client 70 outputs the content to the display device, thereby reproducing the content.
  • the client 70 performs step S123, step S123, step S121 in FIG. S124 is performed, then step S122 is performed, and finally the content is output (step S125).
  • the client 70 applies only the different value at the position where a value different from the value of the digital watermark is assigned to the client 70 among the positions where the digital watermark is already embedded in the content.
  • the digital watermark is re-embedded.
  • the client 70 newly embeds only a portion in which the re-embedding vector and the initial vector are different as a digital watermark, thereby re-embedding only a portion different from the digital watermark embedded in the content in advance as a digital watermark. For this reason, the client 70 does not need to embed all of the information to be embedded as a digital watermark, and the processing load for embedding the digital watermark can be reduced.
  • the terminal device on the user side includes all user identification information embedded as a digital watermark (for example, WM10
  • WM30
  • the client 70 decodes and analyzes the content, or performs processing with a fixed parameter determined in advance regardless of the content. Become.
  • an analysis processing load may occur immediately before the reproduction of the content, which may hinder smooth execution of the reproduction.
  • the analysis is performed in advance before the content is reproduced, for example, it becomes necessary to re-encode the content once decoded.
  • processing is performed with a predetermined fixed parameter, if the content represents video, at least one of degradation in image quality or degradation in detection accuracy may occur.
  • the processing for calculating the watermark method parameters can be omitted, and the above-described fear can be avoided.
  • a device that performs this processing is called a client identification information specifying device.
  • the client identification information specifying device may or may not be connected to the communication network NT1 illustrated in FIG.
  • the client identification information specifying device stores the correspondence between the client identification information and the re-embedding vector (see FIG. 8) for each content identification information.
  • the client identification information specifying device may store an algorithm for generating a re-embedding vector for each client identification information for each content identification information.
  • the algorithm A shown in the figure may be any algorithm as long as the re-embedding vector is output when executed with the content identification information and the client identification information as inputs.
  • the client identification information specifying device stores the embedding strength of the digital watermark, the re-embedding position of the digital watermark, and the initial value vector corresponding to the content identification information.
  • the client identification information specifying device acquires content identification information from the content for which the client identification information is specified. Acquisition of the content identification information may be performed by receiving the content identification information from the external device that has read the content, or may be performed by the client identification information specifying device itself reading the content identification information from the content. Then, the client identification information specifying device extracts the re-embedding vector embedded in the target content using the digital watermark embedding strength, the digital watermark re-embedding position, and the initial value vector corresponding to the content identification information. .
  • a method for extracting a digital watermark for example, a method disclosed in Patent Document 2 may be used.
  • the extracted re-embedding vector is (WM10, WM21, WM30).
  • the target content is embedded with a digital watermark by the client 70 whose client identification information is “4321”. Therefore, when this content leaks, the client identification information of the client 70 that leaked this content can be specified.
  • the client identification information specifying device may use the content before the digital watermark is embedded in the process of specifying the client identification information.
  • the original content is an original image.
  • an entity other than the client identification information specifying device extracts the re-embedding vector embedded in the content, and notifies the client identification information specifying device of the re-embedding vector from which the entity is extracted.
  • the client identification information specifying device may only specify the client identification information.
  • the initial value vector embedded as the digital watermark by the content providing server 60 as a result of embedding the digital watermark into the content by each client 70 using the re-embedding vector is the re-embedded vector embedded by each client 70. Respectively changed. Since this re-embedding vector differs for each client 70, the client identification information specifying device can specify which client 70 is the outflow source from the re-embedding vector embedded in the leaked content.
  • the content providing server 60 and the client 70 are configured to be connected online via the communication network NT1 to distribute content.
  • the present invention is not limited to this, and content distribution is performed offline. You may make it do.
  • offline content distribution is performed via a storage medium such as a CD-ROM in which the content is stored.
  • FIG. 15 is a diagram exemplifying content encrypted with a digital watermark embedded in the present modification.
  • a digital watermark is not embedded in the second piece.
  • the second piece is excluded from a target in which the client 70 embeds a digital watermark.
  • the watermark method parameters are not limited to those illustrated in FIG. 7, and the watermark method parameters include all of the embedding strength of the digital watermark, the re-embedding position of the digital watermark, the initial value vector, and the re-embedding vector. Need not be included.
  • the initial value vector when a common initial value vector is used in the content distribution system, the watermark value is not included in the watermark method parameter and the function of the watermark re-embedding unit 703 is realized as illustrated in FIG. You can write directly to this program or LSI (Large Scale Integration). The same applies to the embedding strength of the digital watermark and the re-embedding position of the digital watermark.
  • the range in which the digital watermark is re-embedded is expressed in units of time with respect to the re-embedding position of the digital watermark.
  • the re-embedding position of the digital watermark is expressed in units of divided screens representing the video (for example, the screen is divided into four upper left, upper right, lower left, and lower right, and the upper left divided screen)
  • the first component of the re-embedding vector may be embedded), or a combination of these may be expressed.
  • the watermark method parameter may include an algorithm for generating the re-embedding vector as illustrated in FIG.
  • the algorithm Alg shown in the figure may be any algorithm as long as the re-embedding vector is output when executed with the content identification information and the client identification information as inputs. Further, as illustrated in FIG. 18, the re-embedding position of the digital watermark may be designated so that the re-embedding vector is repeatedly embedded in the content.
  • FIG. 19 is a diagram illustrating a configuration of a content distribution system according to this modification.
  • a re-embedding information server 80 is connected to the communication network NT1.
  • a plurality of re-embedding information servers 80 may be connected to the communication network NT1.
  • the hardware configuration of the re-embedding information server 80 is substantially the same as that of the content providing server 60 and the client 70, for example.
  • the re-embedding information server 80 includes a watermark method parameter storage unit 800 and a transmission unit 801.
  • the watermark method parameter storage unit 800 stores the above-described watermark method parameters for each content identification information and each client identification information.
  • the transmission unit 801 transmits a watermark method parameter corresponding to the client identification information to the client 70. This transmission may be unicast, multicast, or broadcast. This transmission may be performed periodically.
  • the watermark method parameters transmitted from the re-embedding information server 80 to the client 70 are exemplified in FIGS. 7 and 16 to 18, for example.
  • the client 70 stores the watermark method parameter received from the re-embedding information server 80 in the watermark method parameter storage unit 704.
  • the watermark method parameters may include information on the version number of the watermark method parameter and the expiration date.
  • the client 70 receives a watermark method parameter different from the watermark method parameter already stored in the watermark method parameter storage unit 704 for a certain content from the re-embedding information server 80
  • the client 70 receives the version of the received watermark method parameter.
  • the watermark method parameters already stored in the watermark method parameter storage unit 704 are updated to the received watermark method parameters. According to such a configuration, since the watermark method parameters can be updated as appropriate, it is possible to flexibly cope with the intention of the content provider (for example, to change the embedding strength depending on the distribution time even for the same content).
  • the re-embedding information server 80 may give a decryption key to the client 70 in advance, and the communication between the re-embedding information server 80 and the client 70 may be encrypted.
  • mutual authentication and key sharing may be performed between the re-embedding information server 80 and the client 70 to encrypt subsequent communication. These are the same when communication is performed between the content providing server 60 and the client 70.
  • FIG. 21 is a diagram illustrating a functional configuration of the re-embedding information server 80 according to the present modification.
  • the re-embedding information server 80 includes a reception unit 802 and a search unit 803 in addition to the watermark method parameter storage unit 800 and the transmission unit 801.
  • the receiving unit 802 receives from the client 70 a request message that includes the client identification information of the client 70 and the content identification information of the desired content and requests a watermark method parameter.
  • the search unit 803 searches for the watermark method parameters stored in the watermark method parameter storage unit 800 corresponding to the client identification information and the content identification information included in the request message received by the receiving unit 802.
  • the transmission unit 801 transmits the watermark method parameter obtained as a result of the search by the search unit 803 to the client 70.
  • FIG. 22 is a diagram illustrating a functional configuration of the client 70 according to the present modification.
  • the client 70 includes a receiving unit 700, a decoding unit 701, a decoding unit 702, a watermark re-embedding unit 703, and an output unit 705, and a re-embedding information request unit 706 and a re-embedding information acquisition unit 707. .
  • the re-embedding information request unit 706 transmits a request message for requesting a watermark method parameter for the desired content to the re-embedding information server 80.
  • the request message may be transmitted before the client 70 receives the content from the content providing server 60, during reception, or after reception.
  • the receiving unit 700 receives the watermark method parameter transmitted from the re-embedding information server 80.
  • the re-embedding information acquisition unit 707 acquires the watermark method parameter received by the reception unit 700.
  • the watermark re-embedding unit 703 newly embeds a digital watermark in the content obtained by decoding each piece by the decoding unit 702 using the watermark method parameter acquired by the re-embedding information acquisition unit 707.
  • the watermark method parameters transmitted from the re-embedding information server 80 to the client 70 are exemplified in FIGS. Note that a concatenation of the trigger symbol sequence and the re-embedding vector illustrated in FIG. 7 may be used as a new re-embedding vector.
  • the trigger symbol sequence is a symbol sequence that is not used in the re-embedding vector, such as “11,..., 1”, for example.
  • the client identification information specifying device detects the trigger symbol sequence when extracting the re-embedding vector embedded in the leaked content, thereby determining the re-embedding position of the digital watermark.
  • the client 70 does not need to store the re-embedding position of the digital watermark in advance.
  • the client 70 transmits the content identification information and the client identification information to the re-embedding information server 80 and the client 70 stores the re-embedding position of the digital watermark, the client 70 does not use the trigger symbol string.
  • the digital watermark may be embedded in the decoded content based on the re-embedding position of the digital watermark.
  • the client 70 transmits content identification information, client identification information, and information on which part of the content the client 70 starts playback to the re-embedding information server 80.
  • the re-embedding information server 80 adjusts the re-embedding vector based on the information on which part of the content the client 70 starts to play, and sets the watermark method parameter including the adjusted vector as the re-embedding vector. You may make it transmit to.
  • the watermark method parameters before adjustment are exemplified in FIG.
  • the re-embedding vector before adjustment is (WM10, WM21, WM30).
  • the re-embedding information server 80 adjusts the re-embedding vector as illustrated in FIG.
  • a watermark method parameter including the adjusted vector as a re-embedding vector is transmitted to the client 70. In this way, the client 70 only needs to re-embed in order starting from the first component of the re-embedding vector included in the received watermark method parameter.
  • the trouble of the client 70 analyzing the re-embedding position of the digital watermark can be saved.
  • the client 70 does not need to store the watermark method parameter in advance, and the client 70 holds it for embedding the digital watermark.
  • the amount of data that should be kept can be reduced.
  • the client 70 starts playing from the middle and does not receive all the data of the content.
  • the client 70 can obtain information necessary for embedding the digital watermark, it is possible to flexibly cope with such a case.
  • the re-embedding vector of each client 70 may be determined in advance, or may be determined when a request message requesting the re-embedding vector is transmitted from the client 70 to the re-embedding information server 80.
  • the re-embedding vector assigned to the same client 70 may be changed for each content, or even the same content may be changed with time.
  • the re-embedding information server 80 and the client 70 do not necessarily have to be connected online via the communication network NT1, and the watermark method parameters may be distributed offline.
  • the distribution of the watermark method parameters offline is performed via a storage medium such as a USB memory or an SD card in which the watermark method parameters are stored.
  • the content providing server 60 may also serve as the re-embedding information server 80.
  • the content providing server 60 may perform the processing in step S103 before the processing in step S101 or step S102 in the watermark embedding and content distribution processing described with reference to FIG. . That is, the content providing server 60 may store the content acquired from the external device in the content storage unit 600 after the decoding unit 605 decodes the content, or after the decoding unit 605 decodes the content, The unit 601 may divide the content into a plurality of pieces. Further, the content providing server 60 does not have the encoding unit 606, and therefore, the process of step S105 may not be performed. In this case, the client 70 does not have the decoding unit 702, and in the content reception and watermark embedding process described with reference to FIG.
  • the content when the client 70 records the content in a recording device such as an HDD instead of outputting the content, the content may be encoded again and recorded in the recording device instead of step S125 of FIG.
  • the compression method used when the content is encoded again may be the same as the original compression method (the compression method used by the content providing server 60 to encode the content) or may be different.
  • the compression method used in step S105 in FIG. 9 may be the same as or different from the compression method used in step S100.
  • step S100 the content providing server 60 acquires content from an external device, encodes the content, and then stores the encoded content in the content storage unit 600 (step S101).
  • Steps S102 to S107 are the same as those in the first embodiment. Note that the process of step S100 may be performed before the process of step S102 or step S103. Also in this modification, the process of step S105 may not be performed, and further, the processes of step S100 and step S103 may not be performed.
  • the content distribution system is configured to distribute content from the content providing server 60 to the client 70.
  • the client in a content distribution system to which a plurality of clients are connected, the client can be connected to and communicate with not only the content providing server but also other clients.
  • a content distribution system in which a client communicates not only with a server but also with other clients, there is a content distribution system disclosed in Reference Document 2, for example. (Reference 2) Japanese Patent Application No. 2008-181884
  • the content distribution system disclosed in Reference 2 is a content distribution system using a P2P network.
  • a content distribution system disclosed in Reference Document 2 will be described first, and then a configuration for re-embedding a digital watermark in the content distribution system disclosed in Reference Document 2 will be described.
  • BitTorrent As a content distribution system using a P2P network, there is a content distribution system called BitTorrent (for example, see Reference 3). (Reference 3) Bittorrent Protocol Specification v1.0
  • the seeder is a node that distributes pieces constituting the content for the purpose of distributing (uploading) the content.
  • the leecher is a node that receives each piece constituting the content and distributes the pieces constituting the content for the purpose of receiving (downloading) the content. In other words, the leecher may become a seeder when pieces of content are obtained to some extent.
  • the seeder is provided with a leecher that has received all or some of the pieces constituting the content changed to the seeder, and a system side (in advance or in the middle of distribution) (from the beginning the seeder).
  • the initial seeder holds all pieces or some pieces that can constitute a certain content.
  • a seeder means a seeder or an initial seeder
  • a node means a leecher, seeder, or initial seeder.
  • the tracker holds node information regarding each node, and provides node information to the leecher when accessed from the leecher.
  • the initial seeder corresponds to the content providing server 60 in the first embodiment, and the leecher corresponds to the client 70 in the first embodiment.
  • Torrent File when a leecher receives content distribution, first, information called Torrent File is acquired.
  • the Torrent File is given from, for example, a server operating a service for selling content to a content provider or user (referred to as a sales server) to another node or sales server, and further given from another node or sales server to a leecher.
  • Torrent File recorded on a recording medium such as a CD-ROM may be distributed to the leecher offline.
  • Torrent File stores tracker information about content and file information of the content.
  • the tracker information includes the connection destination of the tracker.
  • the file information includes, for example, hash information of each piece constituting the content.
  • the hash information is used to confirm the integrity of the piece. That is, the hash information is used to calculate a hash of a piece downloaded by the leecher and check the received piece against the hash value of the piece to confirm that the received piece has not been tampered with.
  • the leecher When the leecher acquires such a Torrent File, it connects to the tracker based on the tracker information.
  • the tracker transmits the above node information to the leecher.
  • the node information includes a list of connection destinations of one or more nodes.
  • the leecher connects to a plurality of nodes based on the node information.
  • the pieces delivered by each node often differ from node to node. Since the leecher can receive different pieces from a plurality of nodes, the leecher can receive the content at high speed.
  • FIG. 25 is a diagram showing a configuration of a content distribution system according to the present embodiment.
  • the leechers 50A to 50B, the tracker 51, the seeders 52A to 52C, and the sales server 54 are connected to each other via the P2P network NT.
  • the leechers 50A to 50B and the key server 53 are connected to each other via a network such as the Internet (not shown).
  • the nodes are leechers 50A to 50B and seeders 52A to 52C.
  • the seeders 52A to 52C hold encrypted pieces obtained by encrypting each piece with a different encryption key for content divided into a plurality of pieces.
  • content composed of such encrypted pieces is referred to as encrypted content.
  • the seeder 52A functions as the initial seeder described above.
  • the seeder 52A holds all of the encrypted pieces generated by encrypting each piece constituting one content by using a plurality of encryption keys for the same piece.
  • the tracker 51 holds node information for accessing each node. Note that node identification information is assigned to each node.
  • the node identification information is identification information that can uniquely identify each node, for example, the IP address of each node.
  • the key server 53 holds a decryption key for decrypting each encrypted piece.
  • the sales server 54 holds a Torrent File.
  • the leecher 50A receives the torrent file from the sales server 54, accesses the tracker 51 based on the torrent file, acquires node information, and based on the node information, at least one of the seeders 52A to 52C and the leecher 50B. To receive each encrypted piece, obtain all the encrypted pieces corresponding to each piece, and obtain a key ring including each decryption key for decrypting each encrypted piece from the key server 53 Receive. The same applies to the leecher 50B.
  • the leecher 50 when it is not necessary to distinguish each of the leechers 50A to 50B, they are simply referred to as the leecher 50.
  • seeders 52A to 52C When it is not necessary to distinguish the seeders 52A to 52C, they are simply referred to as seeders 52.
  • the pieces C1 to CN obtained by dividing the content illustrated in FIG. 3 into N pieces are encrypted with different encryption keys.
  • a pieces out of N pieces are encrypted with m different encryption keys (first encryption key and second encryption key) with respect to the same piece.
  • the remaining (N ⁇ a) pieces are encrypted with one encryption key (first encryption key) for the same piece. That is, for each of a pieces, the same piece is encrypted with m different encryption keys, and m different pieces (encrypted pieces) are generated.
  • Each (N ⁇ a) pieces are encrypted with one encryption key, and one encrypted piece is generated for one piece.
  • FIG. 26 is a diagram schematically showing each encrypted piece. An encryption composed of N encrypted pieces by changing the combination of encrypted pieces selected from each of m encrypted pieces corresponding to each of the a pieces. The entire content can be individualized.
  • Each device has a control unit such as a CPU (Central Processing Unit) that controls the entire device, a main storage unit such as a ROM (Read Only Memory) and a RAM (Random Access Memory) that stores various data and various programs, It is equipped with an auxiliary storage unit such as an HDD (Hard Disk Drive) or CD (Compact Disk) drive device that stores various data and various programs, and a bus that connects them, and a hardware configuration that uses a normal computer It has become.
  • Each device includes a display device that displays information, an input device such as a keyboard and a mouse that accepts user instruction input, and a communication I / F (interface) that controls communication with an external device. Connected by.
  • the seeder 52 associates each encrypted piece obtained by encrypting a plurality of pieces C1 to CN constituting the content C with an index (subscript) of each decryption key for decrypting each piece C1 to CN.
  • Each decryption key may be the same as each encryption key, or may be different from each encryption key.
  • each piece C1 to CN is encrypted with an encryption key
  • each decryption key for decrypting each encrypted piece is encrypted using an index of each decryption key.
  • Pieces can be identified. Each such encrypted piece is stored in, for example, an auxiliary storage unit.
  • each encrypted piece is represented as follows, for example.
  • the encrypted content composed of such encrypted pieces is represented as follows, for example. ⁇ E (K (i1,1)) [C1], E (K (i2,2)) [C2], ..., E (K (iN, N)) [CN] ⁇ (However, 1 ⁇ i1,..., iN ⁇ m)
  • each encrypted piece in such encrypted content is represented by a combination of indexes of each encrypted piece, and is represented as follows, for example.
  • indexes corresponding to the pieces C1 to CN are arranged and represented in order from the left. ⁇ (i1,1), (i2,2),..., (iN, N) ⁇ (However, 1 ⁇ i1,..., iN ⁇ m)
  • FIG. 27 is a diagram illustrating each encrypted piece stored in the seeder 52A.
  • a piece (N ⁇ 1 ⁇ a ⁇ N) of N pieces is encrypted with a plurality of different encryption keys for the same piece.
  • the number of encryption keys used for encrypting the same piece varies from piece to piece.
  • the number of encryption keys for piece C1 is m
  • the number of encryption keys for piece C3 is two.
  • the number of encryption keys used for encryption of the same piece may be the same for each piece. In this way, in the piece processing apparatus, a piece of N pieces (1 ⁇ a ⁇ N) of N pieces is encrypted with a plurality of different encryption keys for the same piece. It is possible to increase the number of encryption keys as the value increases.
  • the seeder 52 transmits piece information indicating a sequence of encrypted pieces stored in the seeder 52 to the leecher 50 by access from the leecher 50.
  • FIG. 30 is a diagram illustrating a data configuration of piece information. In the figure, it is shown that the encrypted piece corresponding to piece C1 is decrypted by the decryption key K (1,1), and the encrypted piece corresponding to piece C2 is decrypted by the decryption key K (3, It is shown by 2) that it is decrypted. That is, the piece information indicates the correspondence between each encrypted piece and the decryption key for decrypting each encrypted piece.
  • the seeder 52 determines whether or not the requested encrypted piece is held, and the determination result is affirmative. In this case, the encrypted piece is transmitted to the leecher 50.
  • FIG. 31 is a diagram illustrating a functional configuration of the leecher 50.
  • the leecher 50 includes a content acquisition unit 500, a key ring request unit 501, a key ring acquisition unit 502, and a content decryption unit 503.
  • the entities of these units are generated on a main storage unit such as a RAM when the CPU program is executed.
  • the content acquisition unit 500 receives each encrypted piece constituting the encrypted content from at least one of the seeders 52 via the P2P network NT. Specifically, the content acquisition unit 500 first receives a Torrent File from the sales server 54.
  • the Torrent File includes tracker information including tracker connection destination information for connecting to the tracker 51, and file information indicating what kind of encrypted pieces are included in the encrypted content.
  • FIG. 32 is a diagram illustrating a Torrent File. In the figure, as file information, an index corresponding to each encrypted piece is shown as information for specifying each encrypted piece.
  • the tracker connection destination information is, for example, the IP address or URL of the tracker 51.
  • the content acquisition unit 500 accesses the tracker 51 via the P2P network NT, and node information for accessing the nodes (seeder 52, other leecher 50) connected to the P2P network NT. Is received from the tracker 51. Details of the node information will be described later. Then, the content acquisition unit 500 accesses at least one of the nodes based on the node information, and acquires piece information indicating a sequence of encrypted pieces held by the node and stored in the content acquisition unit 500. Then, the content acquisition unit 500 transmits a piece request for requesting each encrypted piece constituting the encrypted content to at least one of the nodes based on the piece information, and is transmitted in response to the piece request. By receiving the pieces, all the encrypted pieces (piece sequences) constituting the encrypted content are acquired. For example, among the encrypted pieces shown in FIG. 26, the content acquisition unit 500 acquires all of the shaded encrypted pieces as a piece sequence.
  • the key ring request unit 501 transmits to the key server 53 a request message requesting a key ring for decrypting the piece sequence.
  • the key ring includes each decryption key for decrypting each encrypted piece of the piece sequence according to the sequence of each encrypted piece. Details of the key ring and the decryption key will be described later.
  • the request message includes index information indicating a combination (sequence) of indexes of the encrypted pieces in the piece sequence as information specifying the sequence of each decryption key included in the key ring.
  • Such a sequence is represented as follows, for example. ⁇ (i1,1), (i2,2),..., (iN, N) ⁇ (However, 1 ⁇ i1,..., iN ⁇ m)
  • the key ring acquisition unit 502 receives the key ring transmitted from the key server 53 in response to the request message.
  • the content decryption unit 503 decrypts each encrypted piece acquired by the content acquisition unit 500 using a decryption key included in the key bundle acquired by the key bundle acquisition unit 502 and corresponding to each encrypted piece. Then, the content composed of the decrypted pieces is acquired.
  • the leecher 50 may function as a seeder as described above, but the functional configuration thereof has been described in the configuration of the seeder 52, and thus the description thereof is omitted here.
  • FIG. 33 is a diagram illustrating a functional configuration of the key server 53.
  • the key server 53 includes a control unit 530, a packet processing unit 531, a network interface unit 532, an authentication / key exchange processing unit 533, a key storage unit 534, a sequence information storage unit 536, and a sequence information matching unit 535. And a key supply unit 537.
  • the control unit 530, the sequence information collation unit 535, the network interface unit 532, the packet processing unit 531, the authentication / key exchange processing unit 533, and the key supply unit 537 have an entity such as a RAM when the CPU program is executed. It is generated on the main storage unit.
  • the key storage unit 534 is stored in the auxiliary storage unit.
  • the control unit 530 controls the entire key server 53 and mediates an instruction from the sequence information matching unit 535 to the key supply unit 537.
  • the packet processing unit 531 packetizes various data to be transmitted to an external device such as the leecher 50 and transfers it to the network interface unit 532 or acquires data based on the packet transferred from the network interface unit 532.
  • the network interface unit 532 controls communication with the external device, transmits packetized data transferred from the packet processing unit 531, and transfers packets received from the external device to the packet processing unit 531.
  • the authentication / key exchange processing unit 533 receives the request message from the leecher 50 via the network interface unit 532, performs mutual authentication with the leecher 50, and sends an acceptance message to the leecher 50 to accept the request after authentication. Send.
  • the key storage unit 534 is configured, for example, in an auxiliary storage unit such as an HDD, and stores each decryption key for decrypting each encrypted piece.
  • Each decryption key is represented, for example, as K (i, j) as described above.
  • the sequence information storage unit 536 is configured in an auxiliary storage unit such as an HDD, for example, and stores sequence information indicating sequences corresponding to all key bundles transmitted to the leecher 50 in the past.
  • the sequence corresponding to each key ring is expressed as follows, for example, similarly to the sequence shown in the index information described above. ⁇ (i1,1), (i2,2),..., (iN, N) ⁇ (However, 1 ⁇ i1,..., iN ⁇ m)
  • sequence information collation unit 535 collates the sequence information stored in the sequence information storage unit 536 with the index information received from the leecher 50, thereby transmitting a key bundle corresponding to the sequence indicated by the index information.
  • sequence information matching unit 535 when the sequence information indicating the same sequence as the sequence indicated by the index information is not stored in the sequence information storage unit 536, the key bundle corresponding to the sequence indicated by the index information Decide to send.
  • the key ring is expressed as follows, for example.
  • the decryption keys respectively corresponding to the pieces C1 to CN are shown arranged in order from the left. ⁇ K (i1,1), K (i2,2), ..., K (iN, N) ⁇ (However, 1 ⁇ i1,..., iN ⁇ m)
  • sequence information matching unit 535 determines to transmit the key ring
  • the sequence information matching unit 535 instructs the key supply unit 537 to transmit the key ring to the leecher 50 via the control unit 530.
  • the sequence information collation unit 535 determines not to transmit the key bundle
  • the sequence information collation unit 535 instructs the key supply unit 537 to prohibit transmission of the key bundle to the leecher 50 via the control unit 530.
  • the key supply unit 537 When the key supply unit 537 is instructed to transmit the key bundle from the sequence information collating unit 535 via the control unit 530, the key supply unit 537 reads the decryption key corresponding to the sequence of the key bundle from the key storage unit 534. A key ring including the decryption key is transmitted to the leecher 50 via the network interface unit 532.
  • the tracker 51 When accessed from the leecher 50, the tracker 51 transmits node information for accessing a node connected to the P2P network NT to the leecher 50.
  • the node information includes a set of an IP address and a port number of each node.
  • FIG. 34 is a diagram illustrating a data configuration of node information.
  • the nodes A to B are any one of the leechers 50A to 50B and the seeders 52A to 52C, and a set of the IP address and port number of each node is shown.
  • the tracker 51 generates node information using the received piece information, IP address, and port number.
  • the leecher 50 can receive the encrypted piece from other leechers 50, but here, for convenience of explanation, it is assumed that the encrypted piece is received from at least one of the seeders 52A to 52C.
  • the leecher 50 first accesses the sales server 54 and acquires a torrent file (step S1).
  • the tracker 51 transmits node information to the leecher 50 (step S3). ).
  • the leecher 50 receives the node information (step S4), the leecher 50 accesses, for example, at least one of the seeders 52A to 52C using the node information (step S5).
  • the seeder 52 transmits piece information indicating the sequence of encrypted pieces held by the seeder 52 to the leecher 50 (step S6).
  • the leecher 50 When the leecher 50 receives piece information (step S7), it accesses at least one seeder 52 using the piece information (step S8). The leecher 50 transmits to the seeder 52 a piece request for requesting at least one of a plurality of encrypted pieces corresponding to each of the pieces C1 to CN, and receives each encrypted piece. . In response to the piece request from the leecher 50, the seeder 52 transmits the encrypted piece held by the seeder 52 to the leecher 50 (step S9). Specifically, the leecher 50 uses, for example, piece information received by accessing the seeder 52B to encrypt an encrypted piece E (K (i1,1)) [C1] (i1 is an encrypted piece C1).
  • the leecher 50 includes each decryption key for decrypting each encrypted piece when acquiring all the encrypted pieces constituting the encrypted content, each corresponding to each piece constituting the content.
  • a request message for requesting a key ring is transmitted to the key server 53 (step S10).
  • This request message includes index information ⁇ (i1,1),..., (IN, N) ⁇ indicating a sequence corresponding to each decryption key.
  • the authentication / key exchange processing unit 533 of the key server 53 receives the request message via the network interface unit 532 (step S11), the authentication / key exchange processing unit 533 performs mutual authentication with the leecher 50, and accepts the request when the authentication is successful. An acceptance message to that effect is transmitted to the leecher 50 (step S12). When the leecher 50 receives an acceptance message from the key server 53 (step S13), the leecher 50 waits for transmission of a key bundle from the key server 53.
  • FIG. 36 is a flowchart showing the procedure of the collation process.
  • the sequence information collation unit 535 collates the index information included in the request message received in step S11 with the sequence information stored in the sequence information storage unit 536 (step S140), and uses the index information. It is determined whether or not sequence information indicating the same sequence as the sequence shown is stored in the sequence information storage unit 536 (step S141). That is, it is determined whether the key ring requested from the leecher 50 has been transmitted to any of the leechers 50 in the past.
  • step S141 the sequence information matching unit 535 generates a key bundle ⁇ K (i1,1), K (i2,2),... Corresponding to the sequence indicated by the index information. , K (iN, N) ⁇ is determined to be transmitted. Then, the sequence information matching unit 535 instructs the key supply unit 537 to transmit the key bundle to the leecher 50 via the control unit 530. In addition, the sequence information matching unit 535 stores the sequence information indicating the sequence in the sequence information storage unit 536 (step S142).
  • the key supply unit 537 reads the key bundle instructed to be transmitted from the sequence information matching unit 535 via the control unit 530 from the key storage unit 534, and transmits this to the leecher 50 via the network interface unit 532 (step S143). ). If the determination result in step S141 is affirmative, the sequence information matching unit 535 determines not to transmit the key bundle, and prohibits transmission of the key bundle to the leecher 50 via the control unit 530. Is supplied to the key supply unit 537 (step S144).
  • the leecher 50 receives the key ring K (i1,1), K (i2,2),..., K (iN, N) from the key server 53 (step S15: YES).
  • E (K (i1,2)) [C2], ..., E (K (iN, N) [CN] is decrypted, and the decrypted pieces C1 to CN are obtained to obtain the content C composed of these pieces (step S16), that is, the leecher 50 uses the decryption key K (i1,1).
  • E (K (i1,1)) [C1] is decrypted to obtain piece C1
  • E (K (i2,2)) [C2] is decrypted using the decryption key K (i2,2).
  • Piece C2 is obtained, E (K (iN, N)) [CN] is decrypted using the decryption key K (iN, N) to obtain piece CN, and the other pieces are obtained in the same manner. As a result, the content C composed of the pieces C1 to CN is obtained.
  • the leecher 50 If the leecher 50 receives the error message transmitted from the key server 53 in step S143 in FIG. 36 without receiving the key ring in step S15, the leecher 50 can decrypt each piece acquired in step S10. Therefore, the content cannot be used. In this case, returning to step S5, the leecher 50 acquires each encrypted piece in a sequence different from the sequence acquired in step S10, and then performs the processing from step S10 onward.
  • the key server 53 determines whether or not the key ring can be transmitted using the sequence of encrypted pieces.
  • the content can be individualized for each leecher 50 by the key server 53 avoiding the reuse of the already used sequence. Therefore, for example, even if one key ring is leaked, only the encrypted content corresponding to this key ring can be decrypted, so that unauthorized use of the content can be suppressed.
  • a sequence determined by an encrypted piece arbitrarily acquired by the leecher 50 instead of a predetermined sequence, flexible content distribution according to the environment of the P2P network can be realized.
  • the seeder 52A includes a dividing unit 520A, a watermark embedding unit 521A, a content encryption unit 522A, a content storage unit 523A, a request reception unit 524A, and a transmission unit 525A.
  • Dividing unit 520A divides content C into a plurality of pieces C1, C2,.
  • the watermark embedding unit 521A embeds a digital watermark in each piece divided by the dividing unit 520A.
  • the method of embedding a digital watermark is substantially the same as in the first embodiment described above, but here, the watermark embedding unit 521A assigns the digital watermarks WMi0 and WMi1 to each piece Ci (1 ⁇ i ⁇ N), respectively.
  • (WM10, WM20,..., WMN0, WM11, WM21,..., WMN1) is an initial value vector, and each component WMi0 and WMi1 of the initial value vector is different. As a result, for example, each piece illustrated in FIG. 38 is obtained.
  • the content encryption unit 522A encrypts each piece embedded with the digital watermark by the watermark embedding unit 521A using an encryption key to obtain an encrypted piece.
  • the content encryption unit 522A obtains all of the encrypted pieces that can exist for the same piece by encrypting each piece using all of the encryption keys that exist for each piece. .
  • each encrypted piece illustrated in FIG. 39 is obtained.
  • the content storage unit 523A stores the encrypted piece encrypted by the content encryption unit 522A. That is, in the content storage unit 523A, for each encrypted piece corresponding to each piece constituting the content, the same piece is generated by being encrypted with a plurality of encryption keys, and a digital watermark is embedded. All of the encrypted pieces are stored.
  • Ci (WMi0) (or Ci (WMi1)) may be encrypted with a plurality of different encryption keys, as in piece C1 illustrated in FIG. 40, or embedded as in piece C2.
  • Both the watermark and the encryption key may be one, as in piece C3, the embedded digital watermark may be one and there may be a plurality of encryption keys, or one piece as in piece CN.
  • Three or more digital watermarks may be embedded for the piece.
  • the request receiving unit 524A receives a piece request for requesting an encrypted piece from the leecher 50.
  • the transmission unit 525A reads the encrypted piece requested by the piece request received by the request reception unit 524A from the content storage unit 523A and transmits it to the leecher 50.
  • the leecher 50 includes a content re-embedding unit 504, a watermark method parameter storage unit 505, and an output unit 506 in addition to the content acquisition unit 500, the key bundle request unit 501, the key bundle acquisition unit 502, and the content decryption unit 503. And have.
  • the configurations of the content acquisition unit 500, the key ring request unit 501, the key ring acquisition unit 502, and the content decryption unit 503 are substantially the same as described above.
  • the watermark method parameter storage unit 505 stores the watermark method parameter for each content identification information.
  • FIG. 42 is a diagram illustrating watermark method parameters according to the present embodiment.
  • the watermark method parameter includes the initial value vector described in the first embodiment in addition to the embedding strength of the digital watermark, the re-embedding position of the digital watermark, and the re-embedding vector.
  • the watermark matrix is a two-dimensional representation of all the values of the digital watermark embedded corresponding to the index of each encrypted piece. By comparing the watermark matrix and the re-embedding vector, the leecher 50 can determine the value of the digital watermark to be newly embedded.
  • the encrypted pieces received by the leecher 50 are E (K1,1) [C1 (WM10)], E (K1,2) [C2 (WM20)], E (K2,3) [C3 (WM31)].
  • the index of each encrypted piece is (1,1), (1,2), (2,3).
  • each component corresponding to each index (1,1), (1,2), (2,3) is WM10, WM20, WM31. Therefore, it is already embedded in each encrypted piece E (K1,1) [C1 (WM10)], E (K1,2) [C2 (WM20)], E (K2,3) [C3 (WM31)] It can be determined that each value of the digital watermark is WM10, WM20, WM31 in order.
  • the re-embedding vector shown in the figure is (WM10, WM21, WM31). Comparing these, it can be determined that the value of the digital watermark to be newly embedded by the client 70 is WM21.
  • the range from the re-embedding position of the digital watermark to the target of embedding the digital watermark is the range from the 6001st frame to the 12000th frame of the content. Note that the re-embedding position of the digital watermark may or may not correspond to each piece as in the first embodiment.
  • the embedding strength of the digital watermark is the same as that in the first embodiment.
  • the watermark WM21 is in the range from the 6001th frame to the 12000th frame of the content, and the 8001 frame is embedded in the range from the 3001th frame to the 8000th frame with an SN ratio of 40 dB.
  • embedding is specified with an embedding strength of an SN ratio of 45 dB.
  • the watermark re-embedding unit 504 renews the digital watermark using the watermark method parameters stored in the watermark method parameter storage unit 505 for the content obtained by the content decrypting unit 503 decrypting each encrypted piece.
  • the digital watermark is re-embedded by embedding in.
  • the method for re-embedding the digital watermark is substantially the same as in the first embodiment described above.
  • the output unit 506 outputs the content embedded with the digital watermark by the watermark re-embedding unit 504.
  • step S121 the leecher 50 decrypts each piece using the key ring received in step S15 of FIG.
  • each leecher 50 further embeds a different re-embedding vector in the content as a digital watermark, so that the leakage of the decryption key and the content Measures can be taken against both threats with their own leaks.
  • the pieces in the second embodiment are each encrypted once.
  • the present invention is not limited to this, and for example, the pieces may be multiply encrypted as disclosed in Reference 4.
  • the encryption method used for multiple encryption may be a common key method or a public key method. (Reference 4) Kambayashi et al., “JetJigsaw: New Proposal of Copyright Protection Method Using P2P”, Symposium on Cryptography and Information Security, 1B2-2, 2009
  • the leecher 50 receives the encrypted piece from the seeder 52.
  • the present invention is not limited to this, and the leecher 50 may acquire the encrypted piece from another leecher 50. .
  • the leecher 50 may acquire a plurality of different encrypted pieces corresponding to the same piece for the encrypted pieces corresponding to the pieces C1 to CN, respectively.
  • encrypted pieces E (K (i1,1)) [C1] and E (K (i1 ′, 1)) [C1] (where i1 ⁇ i1 ′, 1 ⁇ i1 ⁇ m , 1 ⁇ i1 ′ ⁇ m) may be acquired by the leecher 50.
  • E (K (i1,1)) [C1] and E (K (i1 ′, 1)) [C1] (where i1 ⁇ i1 ′, 1 ⁇ i1 ⁇ m , 1 ⁇ i1 ′ ⁇ m) may be acquired by the leecher 50.
  • the leecher 50 requests a key ring from the key server 53, if a sequence including the index (i1,1) is already used, the key ring corresponding to the sequence is acquired.
  • the key ring corresponding to the sequence can be acquired from the key server 53 without accessing the seeder 52 again.
  • a plurality of sequence candidates can be prepared in advance, so that the trouble of the leecher 50 accessing the seeder 52 again can be avoided.
  • multiple encrypted pieces with the same piece but different digital watermarks embedded eg, E (K1,1) [C1 (WM10)], E (K2,1) [C1 (WM11)]
  • the leecher 50 acquires the watermark method parameter from the re-embedding information server instead of storing it in advance.
  • the re-embedding information server is also connected via the P2P network NT illustrated in FIG.
  • the re-embedding information server may be a server different from the key server 53, or the key server 53 may also serve as the re-embedding information server.
  • the key server 53 also serves as a re-embedding information server, a process of transmitting a watermark method parameter to the leecher 50 may be performed in combination with the sequence information matching process in the key server 53 described above.
  • the watermark method parameters transmitted from the re-embedding information server to the leecher 50 will be described.
  • the leecher 50 acquires the watermark method parameter
  • the re-embedding information server sets the watermark method parameter illustrated in FIG. Transmit to the leecher 50.
  • the watermark method parameter shown in the figure includes the initial vector described in the first embodiment or the watermark described in the second embodiment in addition to the embedding strength of the digital watermark, the digital watermark re-embedding position, and the re-embedding vector. Instead of a matrix, it contains a vector before re-embedding.
  • the pre-embedding vector is a vector composed of a set of digital watermark values embedded in the encrypted piece specified by the index indicated by the index information.
  • the vector before re-embedding is (WM10, WM20, WM31).
  • the re-embedding vector is (WM10, WM21, WM31).
  • the leecher 50 acquires the watermark method parameter
  • the re-embedding information server displays the watermark method illustrated in FIG.
  • the parameter is transmitted to the leecher 50.
  • the leecher 50 that has acquired the watermark method parameters shown in the figure embeds a digital watermark in the target piece in the same manner as in the second embodiment described above.
  • the re-embedding information server is a position where the digital watermark of the encrypted piece acquired for the piece with the leecher 50 is embedded in order to reduce the number of times the leecher 50 embeds the digital watermark (the number of re-embedding processes).
  • the leecher 50 is prompted to obtain an encrypted piece in which the value of the digital watermark assigned to the leecher 50 is embedded.
  • the leecher 50 transmits the reacquisition determination information to the re-embedding information server when communicating with the re-embedding information server.
  • the re-acquisition determination information is information for the re-embedding information server to determine whether to prompt acquisition of an encrypted piece in which the digital watermark value assigned to the leecher 50 is already embedded.
  • the reacquisition determination information includes the calculation capability of the leecher 50, the communication band that can be used by the leecher 50, or when the content represents a moving image until the start of reproduction of the piece in the leecher 50. Information about remaining time. For example, when the content is played back in a streaming format, it is required that the time required for the leecher 50 to receive the encrypted piece and play the piece is shortened.
  • the re-embedding information server holds a Torrent File.
  • the torrent file according to this modification also includes information about whether or not there are a certain number of other nodes around the leecher 50.
  • the re-embedding information server determines whether the leecher 50 has time to acquire another encrypted piece based on the reacquisition determination information transmitted from the leecher 50 and the information included in the Torrent File. to decide. When it is determined that the leecher 50 has time to acquire another encrypted piece, the re-embedding information server assigns a certain piece to the leecher 50 so that the number of re-embedding processes is reduced.
  • An acquisition promotion message for designating and acquiring an encrypted piece in which a digital watermark value is already embedded is transmitted to the leecher 50.
  • the acquisition promotion message includes the index of the specified encrypted piece.
  • the acquisition promotion message may include node information of a node that holds the specified encrypted piece, or may include hash information of the specified encrypted piece.
  • the acquisition promotion message may include the decryption key of the other encrypted piece.
  • the leecher 50 acquires the specified encrypted piece from another node such as the other leecher 50 or the seeder 52 in accordance with the acquisition promotion message transmitted from the re-embedding information server. As a result, the leecher 50 does not need to perform the process of embedding a digital watermark for a certain piece, so the processing load on the leecher 50 can be reduced.
  • the Torrent File includes information about the digital watermark embedded in the encrypted piece, that is, information indicating which digital watermark is embedded in which encrypted piece. You may comprise.
  • the leecher 50 after acquiring the encrypted piece and acquiring the watermark method parameter from the re-embedding information server, the leecher 50 includes the acquired watermark method parameter instead of embedding the digital watermark in the acquired encrypted piece.
  • the node holding the encrypted piece in which each component of the re-embedding vector is embedded as a digital watermark may be specified with reference to the Torrent File, and the encrypted piece may be acquired from the node. Thereby, it is not necessary for the leecher 50 to embed a digital watermark, and the processing load on the leecher 50 can be reduced.
  • a sequence determined by an encrypted piece arbitrarily acquired by the leecher 50 is used instead of a predetermined sequence.
  • the present invention is not limited to this, and a sequence may be assigned to the leecher 50 in advance, and index information indicating the sequence may be given to the leecher 50 in advance.
  • the leecher 50 obtains piece information from the seeder 52, and based on the piece information, transmits to the seeder 52 a piece request for requesting each encrypted piece corresponding to a sequence indicated by index information given in advance. .
  • the leecher 50 receives each encrypted piece transmitted in response to the piece request, thereby acquiring each encrypted piece corresponding to the sequence assigned in advance. If there is no other node that holds the encrypted piece corresponding to the pre-assigned sequence and can communicate with the leecher 50, the leecher 50 will encrypt the same piece with the other encryption key. What is necessary is just to acquire another encryption piece.
  • various programs executed by the content providing server 60 are stored on a computer connected to a network such as the Internet, and are provided by being downloaded via the network. Also good.
  • the various programs are recorded in a computer-readable recording medium such as a CD-ROM, a flexible disk (FD), a CD-R, a DVD (Digital Versatile Disk), etc. in a file that can be installed or executed.
  • the computer program product may be provided.
  • the content is divided into a plurality of pieces and a digital watermark is embedded in at least one piece that is a part of the content.
  • the present invention is not limited to this, and the content is not divided.
  • At least one digital watermark may be embedded in any part of the content. Which part of the content should be embedded with the digital watermark may be designated by the re-embedding position of the watermark method parameter as described in the above embodiments.
  • the re-embedding vector is different for each client 70.
  • the present invention is not limited to this, and for each of some clients 70 among a plurality of clients 70 connected to the communication network NT1, The re-embedding vector may be different.
  • the re-embedding vector is not different for each leecher 50, but the re-embedding vector is different for each of the leechers 50 connected to the P2P network NT. Also good.
  • the content providing server 60 encrypts each piece in which the digital watermark is embedded.
  • the present invention is not limited to this, and the content providing server 60 does not encrypt each piece in which the digital watermark is embedded. 70 may be transmitted.
  • each piece may not be encrypted.
  • the key server 53 may not be provided, and when the leecher 50 acquires each piece in which the digital watermark is embedded, the leecher 50 does not acquire the key bundle and decrypt each piece. , Get content composed of each piece. Further, for each such piece, the leecher 50 re-embeds the digital watermark.

Landscapes

  • Engineering & Computer Science (AREA)
  • Multimedia (AREA)
  • Signal Processing (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Editing Of Facsimile Originals (AREA)
  • Two-Way Televisions, Distribution Of Moving Picture Or The Like (AREA)
  • Compression Or Coding Systems Of Tv Signals (AREA)

Abstract

L'invention porte sur un dispositif de traitement d'informations du côté d'un utilisateur utilisant un contenu. Le dispositif de traitement d'informations est doté d'une technique de traitement d'informations capable de réduire une charge de traitement pour incorporer un filigrane numérique. Une section de réception (700) reçoit des morceaux à filigrane numérique incorporé, chiffrés et transmis provenant d'un serveur de fourniture de contenu. Une section de décodage (702) décode des morceaux respectifs déchiffrés par une section de déchiffrement (701), obtenant un contenu composé des morceaux décodés. Une section de réincorporation de filigrane (703) soumet le contenu obtenu par décodage des morceaux par la section de décodage (702) à une incorporation de filigrane numérique au moyen d'un paramètre de système de tatouage stocké dans une section de stockage de paramètres de système de tatouage (704), pour ainsi réincorporer le filigrane numérique.
PCT/JP2009/063404 2009-07-28 2009-07-28 Dispositif de traitement d'informations WO2011013196A1 (fr)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/JP2009/063404 WO2011013196A1 (fr) 2009-07-28 2009-07-28 Dispositif de traitement d'informations

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/JP2009/063404 WO2011013196A1 (fr) 2009-07-28 2009-07-28 Dispositif de traitement d'informations

Publications (1)

Publication Number Publication Date
WO2011013196A1 true WO2011013196A1 (fr) 2011-02-03

Family

ID=43528873

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2009/063404 WO2011013196A1 (fr) 2009-07-28 2009-07-28 Dispositif de traitement d'informations

Country Status (1)

Country Link
WO (1) WO2011013196A1 (fr)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2017500773A (ja) * 2013-11-04 2017-01-05 ナグラビジョン エス アー デジタルオーディオ或いはオーディオ並びに/又はビデオコンテンツにマークを付ける装置及び方法

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2004187044A (ja) * 2002-12-04 2004-07-02 Sony Corp データ処理装置、その方法およびそのプログラム
JP2005051735A (ja) * 2003-07-17 2005-02-24 Hitachi Ltd 著作権保護システム
JP2008011219A (ja) * 2006-06-29 2008-01-17 Toshiba Corp 電子透かし埋込システム、装置及びプログラム

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2004187044A (ja) * 2002-12-04 2004-07-02 Sony Corp データ処理装置、その方法およびそのプログラム
JP2005051735A (ja) * 2003-07-17 2005-02-24 Hitachi Ltd 著作権保護システム
JP2008011219A (ja) * 2006-06-29 2008-01-17 Toshiba Corp 電子透かし埋込システム、装置及びプログラム

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2017500773A (ja) * 2013-11-04 2017-01-05 ナグラビジョン エス アー デジタルオーディオ或いはオーディオ並びに/又はビデオコンテンツにマークを付ける装置及び方法

Similar Documents

Publication Publication Date Title
US10045093B2 (en) Systems and methods for securing content delivered using a playlist
KR101617340B1 (ko) 어댑티브 스트리밍을 위한 세그먼트 암호화 및 키 유도를 시그널링하기 위한 시스템 및 방법
CA2683661C (fr) Procede et appareil pour fournir du contenu code
EP1472815B1 (fr) Generation d'un filigrane associe de maniere unique a un recepteur d'une transmission a multi-diffusion de multimedia
US10623409B2 (en) Controlling access to IP streaming content
WO2005071873A1 (fr) Procede et systeme permettant le filigranage, en fonction de la session, d'un contenu crypte
JP2007526507A (ja) スケーラブルメディアを記述するデータを生成するための方法
JP2007534230A (ja) プログレッシブ暗号化されたスケーラブルデータ列をスケーリングするための方法
US20240137624A1 (en) Watermarking multimedia fragments into two or more variants
JP2009272927A (ja) 通信装置、サーバ、及びプログラム
EP1499061A1 (fr) Système et méthode de criptage video individuel
WO2011013196A1 (fr) Dispositif de traitement d'informations
KR100635128B1 (ko) 아이에스오 베이스 미디어 파일 형식의 암호화된 동영상파일 생성 장치 및 암호화된 동영상 복원 장치와, 그 복원방법
EP3692706A1 (fr) Procédé de distribution de contenu numérique à au moins un dispositif client
JP2014175757A (ja) 分割要素の結合による電子透かしを生成する電子透かし処理システム、サーバ、プログラム及び方法
KR100728242B1 (ko) 스트리밍 서비스되는 동영상 파일의 보호 시스템 및 그의보호 동영상 생성/재생 장치 및 그 방법
JP2007520098A (ja) 破損型デジタルコンテンツ生成及び修復装置及び方法
TWI268080B (en) Method and system for session based watermarking of encrypted content
JP2008048163A (ja) コンテンツ受信方法

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 09847788

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 09847788

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: JP