Music2Share – Copyright-Compliant Music Sharing in P2P SystemsT. Kalker, D.H.J. Epema, P.H. Hartel, R.L.Lagendijk and M.V. Steen, Proceedings of IEEE, vol. 92, no. 6, Jun. 2004 Presented by Peter

Introduction

An architecture called Music2Share (M2S) is proposed in which secure content sharing and P2P networking coexist

Explanations for the success of (illegal) music sharing over the Internet

1. Free access (underlying reason is the price of legal music is too high)

2. The choice of music on the major P2P networks is almost unlimited

3. Consumers are no longer interested in complete CD albums, but only in particular tracks

4. Fast connections to the Internet, which makes downloading (and uploading) music more convenient

Introduction Evidence for copy-right-compliant online music selling:

iTunes – US$0.99 per track, the popularity of iTunes shows that users are willing to pay for content if the online music services is sufficiently compelling

Central-server based systems have the distinct disadvantage of a bandwidth bottleneck at central server(s)

Online music service is better put in practice by Altnet (www.altnet.com), which operates as a sub-P2P network under KaZaa (www.kazaa.com)

The authors believe that it is worthwhile and challenging from both a technical and an economical perspective to develop technologies that enable and legal music sharing over the Internet

Points of Departure - fingerprinting Used for audio identification In the case of Napster, text-based methods was used – easily be

modified by ordinary users, not very successful in establishing secure identification

Often based on psychoperceptual properties by representing the perceptually most relevant aspects of music

In M2S, fingerprinting is used to identify and subsequently replace low-quality files with high-quality ones.

Audio fingerprinting technologies are currently being offered by several companies such as Audible Magic, Relatable, Shazam and Philips

Points of Departure - decentralization The authors seek fully decentralized solutions –

both for storing and accessing fingerprints The nodes in P2P network maintain their

independence while providing the facilities for efficiently routing search requests to the appropriate nodes

The P2P approach has already been successfully applied to building large-scale distributed storage systems such as CFS [10], Past [11], and OceanStore [12]

Points of Departure - problems 2 major problems

1. Current P2P systems do not support efficient content-based searching

Gnutella [13] do offer facilities for unstructured content-based searching but at the price of a (much) lower performance

2. Current P2P systems lack security Do not offer payment, protection against unauthorized

access, guaranteed quality, etc Only recently research has started on building secure P2P

networks Initial attempts at commercial deployment of secure

anonymous P2P systems such as Earth Station Five (www.es5.com)

Overview of M2S architecture

M2S Architecture – Content Management Three types of content:

Public content encrypted audio files Distributed and replicated across the machines of the M2S

P2P network Private content

Unencrypted audio files Cannot be shared with other users

Nonauthorized content Files that cannot be reliably authenticated M2S strives to identify and authenticate these files by

External labeling (certificates) Internal labeling (watermarking) Recognition (fingerprinting)

M2S Architecture – Royalty Payment Altnet (www.altnet.com)

Encourage users to download copyrighted files More efficient content distribution Audio files need to be encrypted Difficult for a user to use the content on any other device

M2S The users are able to use the audio content for private use Reduce the chance of unauthorized spreading of the

content by identifying, tracking, and filtering as it flows over the M2S network

M2S Architecture – Content Authentication M2S network consists of a classical P2P network

enhanced with a central trusted party (TP) Public database:

containing encrypted audio files Assists the TP with establishing the identity and the quality

of audio files in the private databases TP

Authenticates audio files base upon their identification Attaches digital certificate for payment of royalties

The M2S needs to establish the identity of audio files, and link this identity to a license system with an appropriate payment infrastructure

M2S Architecture – Content Authentication Three methods for the identification of audio

files By authorized upload By watermark By fingerprint

M2S Architecture – Audio File Upgrading M2S will automatically transfer the quality-

assured file from the public database to the user’s private database, when A user is in legal possession of the music file This file is not of the best quality An equivalent quality-assured version exists at an

authorized server How to prevent a user (illegally) obtaining a

bad-quality version of a song and using the upgrade mechanism of M2S?

M2S Architecture – Audio File Upgrading The authors claim that illegal trading on the

M2S network itself is extremely difficult on a large scale

Small scale trading (e.g. email) cannot be prevented

Large-scale illegal trading on other type of network (KaZaa, Gnutella) cannot be prevented unless by legal action

Discussion and Analysis – P2P analysis KaZaa claims their software has been downloaded upwards of

230 million times The fraction of traffic on U.S. Internet backbone due to Gnutella

in 2001 was about 1.2% M2S aims to give its users guarantees that if a music file exists it

is found M2S will need to consider the second-generation deterministic,

structured overlay networks that are based on distributed hash table (DHTs)

Compare with existing P2P music-sharing protocol, M2S deviates in two ways: An additional step for security (retrieving a decryption key) A distributed implementation of a fuzzy fingerprint search engine

Discussion and Analysis – Coding analysis Watermark design emphasis on inaudibility and

security Due to the use of quality-checking tools in M2S,

content-dependent watermarks are used Challenge for M2S is reliable, lightweight, and

automated quality control of audio files Degradation of the embedded watermark may be taken as

a rough quality tool Error rate in fingerprint matching may serve as an indicator

of quality Still an active topic of research for M2S

Discussion and Analysis – Protocol analysis M2S assumes:

The music producers and the server(s) form a secure domain

The client is a secure application Payment devices on the users’ machines are

secure Communication between the clients and the

server(s) is secure No security assumptions about the peers or the

users

M2S protocol overview

Scenario 1: Upload

1. A music producer chooses some music, negotiates a watermark ID with the server, and upload it onto the server

2. The server calculates a certificate that will identify this authorized music uniquely

3. An audio fingerprint is calculated4. The server chooses an encryption key and encrypts the music5. Appropriate peers store the encrypted music and certificates

for future reference6. Other peers store (parts of) the fingerprints and pointers to the

associated certificate on the central server

Scenario 2a: Explicit Download1. A user requests some music from a client by

metadata, by a watermark ID, or by a fingerprint

2. Assume the client receives a valid token from a smart card or some other secure payment device

3. Client receives key from server and decrypts the files

4. If forensic tracking is enable, the music is watermarked with the identity of the client and the embedding information is sent back to the user

Scenario 2b: Watermark Request Download1. The user places some music without a certificate

on his disk that is derived from private content

2. Watermark is retrieved and send to the server

3. Retrieval of quality-checking data by the watermark ID

4. Payment token is exchanged with the server

5. The file is replaced by a certified music file from M2S network

Scenario 2c: Fingerprint Request Download1. The user places some music without a certificate

on his disk that is derived from private content

2. Fail to retrieve watermark ID

3. The client computes the fingerprints

4. Send a request for identification to the network

5. Retrieval of quality-checking data by the fingerprint

6. Rest of this scenario proceeds as Scenario 2b

Conclusion

A novel approach to music sharing on P2P network has been sketched

From the viewpoint of the user: M2S will offer a music-sharing network with no technical

restriction on content that has been bought M2S will assist the user in managing and upgrading of his own

private content From the point of viewpoint of the content owner:

M2S offers an efficient music-distribution mechanism All music sharing on the network is controlled and payment are

guaranteed for all music trading The basic technologies for the proposed architecture are

currently available However, the application of these technologies in the proposed

music-sharing architecture still has to be worked out and refined