CSCI E-170

October 31, 2005L06:

WatermarkingCopy Protection & DRMTrusted ComputingDMCA

Administrivia

HW3 - Should be returned by now (or shortly)Midterm ProjectsQuiz

Midterm Projects are due on November 21st!

Please email a one-paragraph synopsis of yourproject to csci_e-170-staff@ex.com

– Subject line: “group <GROUP> midterm synopsis”– CC: all of the members in your group– One email per group!

Caveats:– Don’t use deception in your projects.– If there is no literature in X, discuss why there isn’t

any literature.Additional information on the website.

Quiz will be released on Friday November 4thand due on Tuesday November 8th.

This is a timed quiz.– Download the Quiz.– Write your answers in a word processor.– Paste answers into the browser and upload.– DO NOT WRITE IN THE BROWSER. (It might crash!)

Do not take more than 4 hours.Format:

– Q&A on 4 papers (2 old, 2 new)

L06: The User as the Adversary

The problem: computers aretoo powerful!

– Copy anything that’s digital– Software can be hacked.

This is a problem for:– Distributing software and

media– Financial applications– Multiplayer games

(“god mode”)

There are two solutions:Persuasion and coercion

Persuasion: Make the user want to comply withyour desires.

– Financial incentives.– Reputation incentives.– Legal incentives.Watermarking and DRM Systems

Coercion: Make it hard (impossible) for the user todisobey.

Trusted hardware

Watermarking and Steganography placeadditional information in the media.

Watermark — usually visible.Steganography — always invisible.

Uses:– Detect counterfeits (Watermark is absent or wrong.)– Deter copying (Watermark has an identifier.)– Defeat copying (Player won’t work w/o watermark.)

Watermarks

First introduced in Bologna, Italy in 1282Dandy Roll presses pattern into drying paper

– Changes thickness of paper fibersUses:

– By paper makers to identify their product– Security for stamps, official documents.– Stock certificates, money, etc.– Chic

Other “watermarks”– Printing on plastic with a window.

(Australian $10 note)

Dandy Roll

Pressed into paper duringpaper-making process

J. Plank Features•In-house watermark design•Computerized design process•Quick-change sleeves andsections

•Dandy roll•7.25" diameter

•Watermarking possible

http://www.uwsp.edu/papersci/PM/Machine/Dandy.htm

Dandy Roll

Wet pulp sprayed ontomoving beltDandy Roll pressedinto pulpDandy Roll looks likeoversized printer’s rollcovered with pattern

• High grade stainless steel construction• Incorporates internal oscillating shower,internal pan, internal steam shower andexternal saveall pan

• Extended Header Brush for easy cleaningof shower pipe

Laser Printed “Watermarks”

Used on bondpaper, but whouses bondpaper?

– Doesn’t workwell in inkjetsor laserjets

“Watermarks”with most printdrivers…

Printed Watermarks

Looks greatYou can even put it in yourPDF file…which is theproblem!No security

Printed Document Authentication Techniques

Microprinting – Print that is too small to produce or copy withconventional equipment

Intaglio –engraved pattern used to press ink with great force; raisedletters

Letterpress – Ink rolled raised type, leaving depression. Used forprinting numbers.

Simultan press – precise registration of front and back. (see-throughregister). Changing ink colors (rainbowing).

Optically variable inks - change color depending on angleMetal foils & threads - embedded in paperSecurity holograms - can’t be photocopied

Most of these techniques aredesigned to preventphotocopying currency.

Lessons for paper authentication

Security features should convey a messagerelevant to the product.

– Use iridescent ink to print the banknote denominationShould obviously belong where they are

– They become “embedded in the user’s cognitivemodel.”

Should be obviousShould not have competitorsShould be standardized

Source: Security Engineering, Anderson

Photocopiers and color laser printers can addwatermarks of their own

In the US, some color devices print a small matrixof yellow dots with the printer’s serial number.

http://www.eff.org/Privacy/printers/docucolor/

Digital information hiding has many uses.

Copyright Marks and Enforcement:– Copyright policy– Violator tracking

Other applications:– Closed captioning (hidden in first 21 scan lines)

• http://www.robson.org/gary/writing/nv-line21.html

– Audio RDS (Radio Data Service)-like service• “What’s that song?”

Watermarks for Copyright Policy

“never copy”“copy only once”“copy only at low quality”

Example: The DVD Content Scrambling System (CSS)

Content Control:– Movies are Encrypted– Decryption keys embedded in player

Implements:– Region Coding

• code specifies where the content can beplayed.

• Players won’t play if the region doesn’tmatch.

– Control of “features”– Protection against DVD-ROM

Cracked in 1999– 1 key stolen from PC player– DeCSS distributed over Internet– Later algorithm cracked; other keys revealed– Numerous court cases

The Broadcast Flag

“Advanced Television Systems Committee Flag”Enable/Disable:

– high-quality digital output– Re-transmitting on an “unprotected” channel

In the future:– Time-shifting?– Disallow fast-forward through commercials

Required on all digital TV cards sold after July 2005Only broadcast, not satellite or cable-transmitted.

“Losing Control of Your TV,” Technology Review, March 3, 2004http://www.technologyreview.com/articles/04/03/wo_garfinkel030304.asp?p=1

May 6, 2005: DC Circuit Court of Appeals throws out FCC rule.http://www.eff.org/broadcastflag/

… They’ll be back.

Steganography: Like a watermark, but hidden.

A hidden message that:– can't be found by humans– can't be found by an algorithm.– can be found by an algorithm but not by a human.– can be found by some algorithms but not others.

Dissappearing Cryptography, Wayner 2004

Defining "Hidden" is not easy.

We run into the usual Gödel limits that prevents us frombeing logical about detection.

Humans are very different. Somemusicians have very, very good ears.

Some algorithms leave statistical anomalies. Themessage is often more random than the carriersignal. These statistics can give away the message.

Who wants steganography?

Evil doers. If evil messages can't be seen by good people, evil willtriumph. Osama bin Laden?

Good doers. If the good guys can communicate in secret, then goodwill triumph. U.S. forces

Content owners and copyright czars. Hidden messages can carryinformation about rights to view, copy, share, listen, understand, etc.

Software Developers. "Hidden" channels can be added to datastructures without crashing previous versions. Steganography can fightbit rot.

Models for Steganography

Replace random number generators with the message.– This works if the random numbers are used in a detectable way.– TCP/IP, for instance, uses a random number for connections. Some

grab this for their own purposes.

Replace noise with the message.– Just replace the least-significant bit.– Avoid the noise and tweak the salient features.

Anything not affected by compression.– If you have the freedom to change data without hurting the data, then

you have the freedom to include another message.

Models for Steganography

Structured Models– Run some compression algorithm in reverse

• If the compression models the data accurately, then running it inreverse should spit out something that models the data well.

• Huffman algorithms give common letters short bit strings and rareones long ones.

– Change the structure or the order.• GifEncoder, for instance, changes the order of the colors in the

palette.– Synthesize something new and use the data to guide the

synthesis.• Is the ghoul shooting at you in the game using a revolver or a

machine gun? That's one bit.

You can hide information in the “least significant bit” of animage or sound.

Encrypt the information and the signal appears as “noise.”

Tweaking the LSB is only a small (<1%) change.– 140=10001100– 141=10001101

LSB modified to hide info

LSB Modification is not as “invisible” as youmight think.

If the bits didn’t matter, they wouldn’t be there!

Changed bits will not have the same statisticalpattern as the least significant bits being replaced.

The more you add, the worse it gets.

4 LSB modified produces banding

More LSB Modification

6 bits

7 bits

8 out of 8 bits

All 8 bits

Bit 8 vs. Bit 1

Try Peter Wayner’s demos yourself!

Information hiding at the bit level:– http://www.wayner.org/books/discrypt2/bitlevel.php

Encoding information through list order:– http://www.wayner.org/books/discrypt2/sorted.php#note2

JPEG Watermarking: Instead of modifying thebits, you modify the JPEG coeficients.

Figure 2. Embedded information in aJPEG. (a) The unmodifiedoriginal picture; (b) the picture with the firstchapter of The Huntingof the Snark embedded in it.

“Hide and Seek: AnIntroduction to Steganography”IEEE Security & PrivacyMay/June 2003http://niels.xtdnet.nl/papers/practical.pdf

Mesh Watermarking for three-D images

Robust mesh watermarking, Emil Praun, HuguesHoppe, Adam Finkelstein,July 1999Proceedings of the 26th annual conference onComputer graphics and interactive techniques

Most people evaluate watermarks soley bytheir capacity. This is a mistake.

Instead, consider the watermark’s “Capability”– Payload carrying ability– Detectability– Robustness

Securing information: Capacity is the wrong paradigm,Ira S. Moskowitz, LiWu Chang, Richard E. Newman,Proceedings of the 2002 Workshop on New SecurityParadigms

DigiMarc is a popular watermark for digitalimages.

Plug-ins for Windows,PhotoShop(*), etc.

Limited information content:– Copyright ownership– Image ID– Image content – adult, etc.

(*) pre-installed!

The “Mosaïc attack” can defeat a watermark

Chopping up an image and serving it in pieces <nobr>

<img SRC="kings_chapel_wmk1.jpg’ BORDER="0’ ALT="1/6’ width="116’ height="140"><img SRC="kings_chapel_wmk2.jpg’ BORDER="0’ ALT="2/6’ width="116’ height="140"><img SRC="kings_chapel_wmk3.jpg’ BORDER="0’ ALT="3/6’ width="118’ height="140"></nobr><br><nobr><img SRC="kings_chapel_wmk4.jpg’ BORDER="0’ ALT="4/6’ width="116’ height="140"><img SRC="kings_chapel_wmk5.jpg’ BORDER="0’ ALT="5/6’ width="116’ height="140"><img SRC="kings_chapel_wmk6.jpg’ BORDER="0’ ALT="6/6’ width="118’ height="140"></nobr>

Mosaïc assembled

Other uses of mosaics:– Deter casual copying.– Make images load faster.

MP3Stego can hide information in MP3 files.

Takes advantage of the fact that MP3 provides high-qualitycompression of 11:1

– Plenty of room for information hiding!– Randomly chooses which parts of the Layer III inner loop to

modify; makes sure modifications don’t exceed threshold definedby the psycho acoustic model.

“Weak but better than the MPEG copyright flag defined inthe standard”

Remove the information by decompressing andrecompressing

MP3Stego in action

http://www.petitcolas.net/fabien/steganography/mp3stego/index.html

Reverse engineering watermarks can place you in legaljeopardy under the terms of the Digital MillenniumCopyright Act (DMCA) of 1998.

SDMI (200+ companies) published an “OpenLetter to the Digital Community” with an SDMIChallenge.

– Earn up to $10,000 for breaking their “watermarks”– Challenge from September 15, 2000 – October 7,

2000SDMI Systems:

– Designed to prevent “remixing” of privated CDs– Designed to survive MP3 compression

SDMI & The Academics

The Academics:– Scott Craver, Patrick McGregor, Min Wu, Bede Liu, (Dept. of

Electrical Engineering, Princeton University)– Adam Stubblefield, Ben Swartzlander, Dan S. Wallach (Dept. of

Computer Science, Rice University)– Edward W. Felten (Dept. of Computer Science, Princeton

University)What they did:

– Successfully removed the digital watermark from the challengeaudio samples.

How did they know they did it?– SDMI provided an “Oracle” that told them they did!

SDMI & Academics: Part 2

Academics couldn’t claim cash prize– Doing so would have required signing a “confidentiality agreement” and prohibit

the academics from sharing results with the public

DMCA didn’t apply…– … because SDMI specifically invited the work– Nevertheless, nasty letters were sent.

Felton &c decided to present their findings at the 4th International InformationHiding Workshop April 25-29, 2001April 9, 2001 RIAA Senior VP for Business and Legal Affairs sent Felton letterwith veiled DMCA threatsApril 26, 2001 Felton declines to present paperMay 3, 2001 – RIAA and SDMI say they never intended to sueJune 6, 2001 – Felton files suit against RIAA asking for a declaratoryjudgment that they would not be infringingNovember 28, 2001 – Case dismissed for mootness

Copy Protection, Trusted Hardware,and More

Copy Protection: turn a watermark from a method ofdetection into a mechanism for control.

You can circumvent a copyprotection scheme.

The DMCA has anti-circumvention provisions.

Copy Protection Strategies

Distribution media that can’t be copied.

Program that only installs once– Writable Media– Activation Codes

Programs that only work on certain hardware– Serial number (processor ID, Ethernet ID, hard drive ID, …)

Programs that report misuse---call home

There are many “features” that can becontrolled other than copying.

– Disable features:• no printing; no “high-quality” printing• no copy & paste• no modification

– Avoid disabling features:• Software that shows advertisements• DVD players not skipping through advertisements

– Prevent Running on unlicensed hardware

Hardware License Management: Licensing withsomething you have...

– Dongle– Ethernet address– Processor Serial Number– Hard drive ID– Hardware “fingerprint”

Or something you know:– License strings (AD3F-2243-JJ92-9987-DDDS)

(relies on the user not circumventing your system)

The license decision can be made on the basisof hardware or software

Tie the license string to a hardware fingerprint.Real-time verification to a website.Off-line verification and activation.

– Return something from email or web– Program dies if not “registered” in 30 days

Preventing reuse of license strings

if not licensed:print “You are not licensed!”sys.exit(-99)

Typical Content Control

if not licensed True:print “You are not licensed!”sys.exit(-99)

Circumvented content control

These attacks can work against many kinds ofsystems.

Consider smart cards:– Memory– Crypto

Applications:– Phone cards– Satellite Broadcasts– PKI

Attacks against smart cards

Destructive:– Probes with wires– Optical probes

Fault injectionDifferential poweranalysis

A typical subroutine found insecurity processors is a loop thatwrites the contents of a limitedmemory

range to the serial port:1 b = answer_address2 a = answer_length3 if (a == 0) goto 84 transmit(*b)5 b = b + 16 a = a - 17 goto 38 ...

(From “Tamper Resistance --- ACautionary Note” Ross Anderson)

def enforce():if not licensed:

print “You are not licensed!”sys.exit(-99)

...if mem[enforce] != “if not licensed”:

os.system( “format c:”)

“Anti-Circumvention” are tools and laws fordefeating circumvention.

“Self-help” provisions let you strike backagainst the circumventing user.

If you do, be sure that your software is neverwrong.

–Testing is hard.

–User may be legitimate.

–Microsoft had to make its Activation less stringent.

You may encounter liability problems:–The user may not have agreed to have their hard drivewiped if they are using the software withoutauthorization.

Should you really format the user’s hard drivefor running unlicensed software??

The program can behave unreliably:save()

{ if(unlicensed && rand() > 0.5) return;

save_real();}

There are many “safer” alternatives toformatting the user’s hard drive.

save(){ j = (int)cos(pi); write(fd,buf,sizeof(buf)/j);}

The program can occasionally crash…

Printers could print in low resolution…

Lexmark v. Static Control Components, 387 F.3d 522 (6th Cir. 2005) http://wendy.seltzer.org/brooklaw/week7.html

Put tests in multiple places.

Use self-modifying code.

Beware optimizers—they may optimize away yourtests!

Look at the assembler code that’s generated(your adversary will).

Typical techniques for strengthening your copyprotection and anti-circumvention

Program computes its own encrypiton key:k = md5.md5(open(sys.argv[0],”r”).read())

data = decrypt(msg,k)

Difficulties:– finding the executable (on some systems)– opening the executable (on Windows)– What happens if k is compromised?

This is the basic idea behind TCPA.

Self-certifying software:Instead of checking for correctness, a propertyof the software is used for computing the result

Trusted Systems clearly define what is beingtrusted to act properly.

Don’t depend on ad-hoc techniques to protect thesystem.

Trusted Software– Secure operating systems & applications– System protects itself from hostile code & users

Trusted Hardware:– We “trust” that the system will only work correctly– We “trust” that the system won’t reveal “secrets”

“Orange Book” Trusted Systems

DOD 5200.28-STD (December 1985)Division D: Minimal ProtectionDivision C: Discretionary Protection

– C1 – Discretionary Security Protection– C2 – Controlled Access Protection

Division B: Mandatory Protection– B1 – Labeled Security Protection– B2 – Structured Protection– B3 – Security Domains

Division A: Verified Protection– A1 – Verified Design

http://www.fas.org/irp/nsa/rainbow/std001.htm

Terminology still used; project has become“common criteria certification.”.

FIPS 140-1/140-2:Secure Requirements for Cryptographic Modules

FIPS 140-1: January 11, 1994FIPS 140-2: May 25, 2001 (Supersedes 140-1)Four Levels

– Level 1 – Least Secure– Level 4 – Most Secure

http://csrc.nist.gov/cryptval+

FIPS 140-2 Level 1

Basic security for encryption module.– Algorithm must be FIPS approved design– Examples: Integrated Circuits, Add-on security

products– Appropriate for PCs

FIPS 140-2 Level 2

Provides for physical security of the Level 1Module.

– Tamper evident coatings or seals– Pick-resistant locks– Appropriate for

Provides for role-based authenticationAllows module to be used in multi-user timesharingsystems.C2, B1 and B2 security ratings

FIPS 140-2 Level 3

Enhanced physical Security to prevent intruderfrom gaining access to critical security parametersheld within the module (keys)

Example: System automatically zeros keys if dooris opened

c.f. with B1 level of security

FIPS 140-2 Level 4

“Envelope of protection” aroundcritical module“attempts to cut through theenclosure” Zero parameters

Protects against fluctuations ofvoltage and temperature. Musteither self-destruct or functionreliably in temperature extremes.

B2 level of security

IBM 4758

Tamper-respondinghardware designHardware DES,RNG, modular math

Secure code loading

IBM CommonCryptographicArchitecture

Dallas Semiconductor Cryptographic iButton(DS1955B)

Java“1-wire” interface6 Kbytes NVRAM64 kbyte ROM firmwarejavacardx.cryptoMath accelerator performs RSAencryption in less than 1 second$34.22 (1)$31.78 (1000)(release 2.2 w/ 134KB RAM andusername/password software is$53.21)

Trusted PC Computing: Palladium/NGSCB; TCPA/TCG

Why?– Increase consumer and business confidence– Reduce business risks– Protect end-user data

TCG:– Founded in 1999 by Compaq, HP, IBM, Intel, and

Microsoft– >200 members now

TCPA Concepts

“A platform can be trusted if it behaves in theexpected manner for the intended purpose”TCPA Provides:

– Platform Authentication and Attestation– Platform Integrity Reporting– Protected Storage

“Root of Trust”

Platform provides a “root of trust”Platform’s root is certified by an outside partyRoot is able to keep secrets from untrusted storage

Implemented with a “Trusted Platform Module” (TPM)– Uniquely serialized– Isolated from the CPU– tamper-proof, like a smartcard inside the computer– Runs at boot before the rest of the system

What would the TPM be like?

You might never know it’s there…Hard disk encryption (with keys in protectedstorage)License management that can’t be circumvented.Anti-virus that can’t be circumvented (won’t bootan infected OS)

Key TCG concepts:

TPM - Trusted Platform ModulePCR - Platform Configuration Registers:

PCR = SHA1(PCR,more data)Provides:

– Attestation by the TPM– Attestation to the Platform– Attestation of the platform– Authentication of the platform

Keys can be migratable or non-migratable.

TPM Block Diagram

TPM’s Position in the Computer

Booting with a TPM

Microsoft’s Palladium (NGSCB) is the reverseapproach.

Goals:– Add security to existing Windows-based system– “protect software from software”

Would have provided:– Sealed storage– Attestation– Curtained memory– Secure input and output

Palladium Changes

CPU changesMMU changesMotherboard changes – new chipTrusted USB hubTrusted Graphics CardSecurity Service Component

– Another smart-card on the motherboard– Key storage, PCR registers, RNG

Computing in a “trusted environment” is verycomplicated.

Access to sealed storage– You can only have the decrypt key if you can prove that you are the

right program!– Prevents viruses from getting your credit card numbers

Software upgrade– Older version must explicitly trust the next version

Secure input/output– How do you really get this to work?

Other than secure boot, this project is largely on hold.