Copyright Protection Allowing for Fair Use Team 9 David Dobbs William Greenwell Jennifer Kahng Virginia Volk
Fair Use World Music Distributor Buyer Friend
The Copyright Act and Fair Use "the factors to be considered [in determining fair use] shall include - • The purpose and character of the use, including whether such use is of a commercial nature or is for nonprofit educational purposes; • The nature of the copyrighted work; • The amount and substantiality of the portion used in relation to the copyrighted work as a whole; and • The effect of the use upon the potential market for or value of the copyrighted work."
Court Precedents Currently there are no court cases dealing specifically with the issue of fair use and the distribution of digital music on the Internet. • Universal City Studios vs. Sony – Found that home recording of TV is legal because it can be done for noncommercial, private fair use. • Playboy vs. web publishers – Scanning and posting copyrighted images on the Internet is illegal because an individual has no right to "become an alternate publisher of the material.”(Samuelson 11)
Current Software • SDMI • Music Distributors can limit the number of copies of the music that can be made or even prohibit copying. • Liquid Audio • Liquid Passports allow users to play music on multiple machines but are not designed to let the user pass the music to another person.
Design Goals • Allow second-hand distribution by original buyer only. • Preclude distribution by clients other than the original buyer. • Allow revocation of distribution by specific clients. • Reduce load on MDC’s server • Preclude access to the content outside of the music distribution protocol.
Buyer’s Private Key Session Key Encrypt (using Buyer’s Public Key) Encrypt (using Session Key) Hash Hash Encrypt (using Player’s Secret Key) Sign (using MDC’s Private Key) Buying Music File Sent to Customer
Buyer’s client checks to ensure music is valid & can be shared. Server ensures recipient’s public key is valid and returns that key to the client. Client encrypts file to recipient’s public key and buyer’s private key, and sends file to recipient. Recipient client verifies signature and allows playback of the file. Server ensures that key is valid and returns that to recipient. Giving Music to a Friend Buyer’s client looks up recipient’s public key. Recipient looks up sender’s public key.
Trusted Playback: The Secret • Trusted playback can be achieved if a shared secret exists, known only to the producer and the player. • Authentication: The producer can ask the player to perform some transformation on a random value that can only be done with the key. • Uniqueness: If you need the secret to play content, no other player will be able to play back content.
First Security Check: Sender’s Client Buyer’s Private Key • Step 1: Verify Signature on header. • Step 2: Verify hash of music. • Step 3: Hash sender’s public key. If the hash value doesn’t match, then the client will terminate the process. Hash Hash Sign (using MDC’s Private Key)
Second Security Check: Key Lookup • If a request is made for a non-existent public key, the server will not return a value, and the client will terminate the sending or receiving procedure. • If a key pair is found to be compromised, it can be revoked. During this step, the server will return no value, and the client will terminate the procedure.
Session Key Session Key Encrypt (using Receiver’s Public Key) Encrypt (using Sender’s Public Key) Encrypt (using Player’s Secret Key) Encrypt (using Player’s Secret Key) Re-Encryption Old Session Key • Sender’s client decrypts the session key, and then re-encrypts it to use the receiver’s public key. • Entire file is then encrypted using the sender’s private key. New Session Key
Buyer’s Private Key Hash Hash Sign (using MDC’s Private Key) Third Security Check: Receiver’s Client • Authentication of Sender by key lookup • Decryption: if the encrypted file received doesn’t decrypt using the receiver’s private key, attempt to play fails. • Verify signature • Verify hash of music