摘要
随着计算机网络、图像压缩等相关技术的发展,P2P (Peer to Peer)环境下的流媒体数字资源越来越流行。然而,流媒体自身副本与原件完全相同的数字媒体特点,加上P2P网络管理的无中心化特性,使P2P流媒体很容易被网络盗版和非法传播,这已成为其进一步大规模、规范化应用的绊脚石。因此,P2P网络中流媒体的数字版权管理DRM (Digital Rights Management)越来越受到业界的关注。基于C/S模式的流媒体DRM系统对流媒体内容的加密往往是静态的、一次性的,一旦许可证泄漏则版权管理也随之失效。集中式的DRM许可证服务器同样具有性能瓶颈,并且其上存储了加密密钥,一旦它被攻破密钥泄漏,将使整个DRM系统崩溃。
针对上述问题,本文首先对P2P流媒体和数字版权管理DRM技术进行了介绍,分析了基于P2P流媒体的数字版权管理所面临的困难和典型流媒体DRM系统的运行原理及不足之处;接着,通过对现有P2P流媒体DRM系统的分类研究,结合P2P网络可管理性差,流媒体应用实时性强等特点,提出了一个基于P2P流媒体应用的DRM系统框架;对该框架中提出的多重密钥时分变码加密方案,及其核心部件基于编码格式的SVEA(Selective Video Encryption Algorithm)加密方案和混沌种子密钥发生器进行了研究设计;同时,研究设计了TSS (Threshold Secret Sharing)分布式许可证授权系统,及其局部节点更新、VSS (Verified Secret Share)可验证秘密分享、子签名验证、PSS (Proactive Secret Share)主动秘密分享等相关保障措施;最后,运用Windows Media Rights Manager SDK实现了原型系统,并对该系统进行了总结,提出了有待进一步研究的工作。
本文设计的基于P2P流媒体的数字版权管理系统融合了选择加密、流式加密、混沌算法以及多重密钥时分变码等相关加密技术,使流媒体的加密过程更加安全快捷;利用门限算法的思想,实现了密钥的秘密共享和DRM服务器的分布式部署,有效地解决了典型流媒体DRM系统在P2P环境下的应用瓶颈。
With the development of technologies, such as computer network, image compression and the other relevant, the stream-media digital resource in P2P network becomes more and more popular. However, the stream-media’s copy and original are completely the same. Additionally, there is no central network management under P2P environment. All of these make the stream-media contents easily to be pirated and transmitted illegally. It is a stumbling block to the further large-scale and standardized application of the P2P stream-media. Therefore, the DRM (Digital Rights Management) for peer to peer stream-media has become a focus these days. The encryption of the stream-media DRM system based on C/S mode is static and one-off. Once the license is revealed, the digital rights management will break down. Centralized DRM license server has performance bottlenecks. At the same time, it holds all encryption keys. Once the DRM license server is broken in, or the keys on it are let out, the whole DRM system will collapse.
To deal with the problems mentioned above, in this dissertation, peer to peer stream-media and digital rights management technology are introduced. The difficulty in applying DRM to P2P stream-media is pointed out. The operation principle and shortage of typical stream-media DRM system are also analyzed. Through the classified studies on existing P2P stream-media DRM system, and considering the P2P network’s shortage of management and the strong real-time characteristic required by the stream-media implementation, a framework based on P2P stream-media application is put forward. Then, the multi-layer dynamic keys encryption scheme including it’s core components: the chaos seed keys generator and the SVEA(Selective Video Encryption Algorithm) encryption scheme based on coding format are designed. Meanwhile, the TSS (Threshold Secret Sharing) distributed license authorization system, involving the relevant guarantee measures, such as partial node update, VSS (Verified Secret Share), sub-signature validation, PSS (Proactive Secret Share), and so on, are devised. Finally, the prototype system is implemented in the environment of the Windows Media Rights Manager SDK. And the P2P stream-media DRM system projected in this dissertation is summed up. And the further studies are brought forward.
The peer to peer stream-media DRM system designed in this dissertation, merging selective encryption, stream cipher, chaos arithmetic and multi-layer dynamic keys encryption technology, makes the encryption process of stream-media safer and faster. The secret sharing of keys and the distributed deployment of DRM server are implemented based on the threshold arithmetic. And the bottlenecks of the typical stream-media DRM system applied in the P2P network are overcome effectively.
引文
[1] C.Brendan, S.Traw. Technical challenges of protecting digital entertainment content [J]. IEEE.2003.
[2] Qiong Liu, Reihaneh Safavi-Naini, Nicholas Paul Sheppar. Digital rights management for content distribution [R]. Australasian Information Security,Workshop 2003 (AISW2003).
[3] Reihaneh SafaviNaini, Nicholas Paul Sheppard, Takeyuki Uehara. Import/Export in digital rights management [J]. DRM'04.
[4]俞银燕,汤帜.数字版权保护技术研究综述[J].计算机学报,第28卷12期.
[5]焦婷.流媒体DRM的研究与应用[M]. 2007.3.
[6]俞峰琳.基于流媒体的数字版权管理技术的研究与应用[D]. 2006.1.
[7] Iwata.T, Abe.T, Ueda. K, Sunaga.H. A DRM system suitable for P2P content delivery and the study on its implementation [J]. Communications. 2003.
[8] Jae-Youn, Sung, Jeong-Yeon Jeong, Ki-Song Yoon. DRM Enabled P2P Architecture [J]. IEEE. Feb,2006.
[9] SangGyoo SIM, YunSang OH. New DRM Model in Distributed Environments [J]. IEEE. 2006.
[10] K.wok, S.M.Lui, S.H. A License Management Model to Support B2C and C2C Music Sharing [R]. In Proceedings International WWWConference(10),Hong-Kong.
[11] Apabi [OL]. http://www.apabi.com
[12] Interrust [OL]. http://www.intertrust.com/main/overview/drm.html.
[13] Microsoft, Architecture of Windows Media Right Manager [OL]. http://www.microsoft.com/windows/indowsmedia/howto/articles/drmarchitecture.aspx.
[14] RealNetworks:Helix DRM [OL]. http://www.realnetworks.com/products/drm/index.html.
[15] IBM:Electronic Media Management System [OL]. http://www-360.ibm.com/software/data/emms.
[16] Adobe Ebooks [OL]. http://www.adobe.com/epaper/ebooks.
[17]钟玉琢,冼伟栓,沈洪.多媒体技术基础及应用(第1版) [M].北京:清华大学出版社, 2000.
[18] Napster [OL]. http:/lwww.napster.com.
[19] Gnutella [OL]. http://gnutella.wego.com
[20] Freenet Home Page [OL]. http://www.freenet.sourceforge.com.
[21] lon Stoica, Robert Morris, David Karger, M.Frans Kaashoek, Hari Balakrishnan. Chord A Scalable Peer-to-peer Lookup Service for Internet Applications [R]. In Proceeding of ACM SIGCOMM 2001, San Diego,California,USA.
[22] Sylvia Ratnasamy, Paul Francis, Mark Handley, Richard Karp, Scot Shenker. A Scalable Content-Addressable Network [R]. In Proceedings of ACM SIGCOMM2001, San Diego, California,USA.
[23] A.Rowstron, P.Druschel. Pastry: Scalable Distributed Object Location and Routing for Large-Scale Peer-to-Peer Systems [R]. In Proceedings of IFIP/ACM Middleware 2001. Nov, 2001.
[24] K Hildrum, J.D.Kubiatowicz, S.Rao, B.Y.Zhao. Distributed object location in a dynamic network [R]. In Proc. 14th ACM Symposium on Parallel Algorithms and Architectures. 2002.
[25]数字内容保护技术[OL]. http://www.cert.org.tw/document/column/show.php?key=97.
[26]关于数字版权管理(DRM)技术与应用[OL]. http://www.liumriti.org/tech/drm/200507/12016.html
[27]张晓林.数字权益管理技术.《现代图书情报技术》[J]. 2001年05期.
[28] Open Mobile Alliance. OMA DRM Specification Draft Version 2.0 [OL]. March 2004. http://www.openmobilealliance.org.
[29]黄铁军,高文等.数字版权管理的基本理念与发展动向[J].现代电视技术. 2004年4月.
[30] Nützel J, Grimm R. Potato System and Signed Media Format-an Alternative Approach to Online Music Business [J]. Wedelmusic 2003 Conference, Leeds, United Kingdom, 14th17th September 2003.
[31] H.Abie, P.Spilling, Bent Foyn. A Distributed Digital Rights Management Model for Secure Information Distribution Systems [J]. International Journal of Information Security (IJIS), Springer-Verlag, 2004.
[32] T. Kalker, D.H.J. Epema, P.H.Hartel, R.L.Lagendijk, M.van Steen. Music2Share-Copyright -Compliant Music Sharing in P2P Systems [J]. Proc of IEEE. June 2004.
[33] Halldor Matthias Sigurdsson. P2P Aided Streaming IN A Future Multimedia Framework [J]. D.Tran, K.Hua, T.Do. Zigzag: An efficient peer-to-peer scheme for media streaming [J]. Proc of IEEE INFOCOM 2003, San Francisco, CA, April 2003.
[34] Digital Video Broadcasting (DVB), ETSI EN 300 408, DVB specification for Service Information (SI) in DVB systems [J], 2003.
[35]王国玉,肖顺平,汪连栋.电子系统建模仿真与评估[M].湖南:国防科技大学出版社, 2000:48-49.
[36] E.H.Sibley. Random Number Generators: Good Ones are hard to find [R]. Communications of the ACM,1998,31(10):1192-1201.
[37]章照止.现代密码学基础[R].北京:北京邮电大学出版社,2004.
[38]冯艳,杨镇海.一种产生随机数新方法的研究与实现[D].北京,北京工业大学,2002.
[39]黄润生.混沌及其应用[M].武汉:武汉大学出版社,2000.
[40]陈关荣,吕金虎. Lorenz系统族的动力学分析、控制与同步[M].北京:科学出版社,2003.
[41]吕金虎,陆君安,陈士华.混沌时间序列分析及其应用[M].武汉:武汉大学出版社,2002.
[42] Tang Lei. Methods for Encrypting and Decrypting MPEG Video Data Efficiently [J]. In Pro- ceedings of the ACM Multimedia96,Boston,1996.
[43]刘毓敏.数字视音频技术与应用[M].北京:北京:电子工业出版社,2003-01.
[44] Y.Desmedt, G.D.Crescenzo, M.Burmester. Multiplicative non-abelian sharing schemes and their application to threshold cryptography [R]. Oakland,1991:110~121.
[45] Shamir. How to share a secret. Comm [J]. of the ACM,Vol.22,1979:612~613.
[46] M.Ben-Or, S.Goldwasser, A.Widgerson. Completeness theorems for non-cryptographic fault-tolerant distributed computation [R]. In Proceedings of the 20th annual ACM Symposium on Theory of Computing, 1988:1~10.
[47] D.Chaum, C.Crepeau, I.Damgard. Multiparty unconditionally secure protocols [R]. In Proceedings of the 20th annual ACM Symposium on Theory of Computing, 1988:11~19.
[48] Torben, P.Pedersen. Non-Interactive and Information-Theoretic Secure Verifiable Secret Sharing [J]. Proceedings of the 11th Annual International Cryptology Conference on Advances in Cryptology. August 1991:129~140.
[49] P.Feldman. A practiceal scheme for non-interactive verifiable secret sharing [J]. In Proceedings of the 28th IEEE Symposium on the Foundations of Computer Science, 1987:427~437.
[50] P.Feldman, S.Micali. Optimal Algorithms for Byzantine Agreement [J]. Proceedings of the 20th annual ACM Symposium on Theory of Computing, 1988:148~161.
[51] A.Herzberg, S.Jarecki, H.Krawczyk, M.Yung. Proactive Secret Sharing, or: How to Cope with Perpetual Leakage [J]. Proc.CRYPTO’95,Springer Verlag, LNCS 963, 1995:339~352.
[52] C.Cachin, K.Kursawe, A.Lysyanskaya, R.Strobl. Asynchronous Verifiable Secret Sharing and Proactive Cryptosystems [J]. Proc. 9th ACM Computer & Comm. Security, Washington D. C., 2002.
[53] Frankel.Y, Gemmell.P, Yung.M. Witness Based Cryptographic Program Checking and Robust Function Sharing [J]. Proceedings of the 28th Annual Symposium on Theory of Computing, ACM, 1996:499-508.
[54] Frankel.Y, Gemmell.P, MacKenzie.P.D. Optimal-resilience Proactive Public-key Cryptosystems [J]. 38th Annual Symp. on Foundations of Computer Science, Proceedings of IEEE,1997:384-393.
[55]彭蓉,崔竞松.门限签名中的部分签名验证协议[J].计算机工程,Vol. 31, No.7,April 2005: 136~137.