Copyright Protection Allowing for Fair Use Team 9 David Dobbs

advertisement
Copyright Protection Allowing
for Fair Use
Team 9
David Dobbs
Jennifer Kahng
William Greenwell
Virginia Volk
Fair Use
Music
Distributor
World
Buyer
Friend
The Copyright Act and Fair Use
"the factors to be considered [in determining fair use] shall
include 1. The purpose and character of the use, including whether
such use is of a commercial nature or is for nonprofit
educational purposes;
2. The nature of the copyrighted work;
3. The amount and substantiality of the portion used in
relation to the copyrighted work as a whole; and
4. The effect of the use upon the potential market for or
value of the copyrighted work."
Court Precedents
Currently there are no court cases dealing specifically with
the issue of fair use and the distribution of digital music
on the Internet.
1.
2.
Universal City Studios vs. Sony – Found that home
recording of TV is legal because it can be done for
noncommercial, private fair use.
Playboy vs. web publishers – Scanning and posting
copyrighted images on the Internet is illegal because an
individual has no right to "become an alternate publisher
of the material.” (Samuelson 11)
Current Software

SDMI


Music Distributors can limit the number of
copies of the music that can be made or even
prohibit copying.
Liquid Audio

Liquid Passports allow users to play music on
multiple machines but are not designed to let
the user pass the music to another person.
Design Goals





Allow second-hand distribution by original buyer
only.
Preclude distribution by clients other than the
original buyer.
Allow revocation of distribution by specific
clients.
Reduce load on MDC’s server
Preclude access to the content outside of the
music distribution protocol.
Buying
Music
Buyer’s
Private Key
Hash
Hash
Sign
(using MDC’s
Private Key)
Session Key
Encrypt
Encrypt
(using Buyer’s
Public Key)
(using
Session Key)
Encrypt
(using Player’s
Secret Key)
File Sent to Customer
Giving Music to a Friend
Buyer’s client checks to ensure music
is valid & can be shared.
Buyer’s client looks up
recipient’s public key.
Server ensures recipient’s public key is valid
and returns that key to the client.
Client encrypts file to recipient’s public key
and buyer’s private key, and sends file to recipient.
Recipient looks up sender’s public key.
Server ensures that key is valid and
returns that to recipient.
Recipient client verifies signature
and allows playback of the file.
Trusted Playback: The Secret

Trusted playback can be achieved if a shared
secret exists, known only to the producer and the
player.


Authentication: The producer can ask the player to
perform some transformation on a random value that
can only be done with the key.
Uniqueness: If you need the secret to play content,
no other player will be able to play back content.
Any Questions?
First Security Check: Sender’s
ClientBuyer’s
Private Key

Hash

Hash

Sign
(using MDC’s
Private Key)
Step 1: Verify
Signature on header.
Step 2: Verify hash of
music.
Step 3: Hash sender’s
public key. If the
hash value doesn’t
match, then the client
will terminate the
process.
Second Security Check: Key
Lookup


If a request is made for a non-existent
public key, the server will not return a
value, and the client will terminate the
sending or receiving procedure.
If a key pair is found to be compromised, it
can be revoked. During this step, the
server will return no value, and the client
will terminate the procedure.
Re-Encryption
Session Key


Sender’s client
decrypts the session
key, and then reencrypts it to use the
receiver’s public key.
Entire file is then
encrypted using the
sender’s private key.
Old Session Key
Encrypt
(using Sender’s
Public Key)
Encrypt
(using Player’s
Secret Key)
Session Key
Encrypt
(using Receiver’s
Public Key)
Encrypt
New Session Key
(using Player’s
Secret Key)
Third Security Check: Receiver’s
Client




Authentication of Sender
by key lookup
Decryption: if the
encrypted file received
doesn’t decrypt using the
receiver’s private key,
attempt to play fails.
Verify signature
Verify hash of music
Buyer’s
Private Key
Hash
Hash
Sign
(using MDC’s
Private Key)
Download