Securing Digital Video: the text is final and frozen

About one year ago, I informed you that the final draft of my book was sent to Springer, my editor.  Today, a new step:  after several copy edit rounds, the text is final.   We enter now the final stage:  layout and printing.  In other words, the book should be now soon available in the stores (before end of this quarter).

The book will have inserts entitled “Devil’s in the Details”.  These short sections will deeply dive in some naughty details highlighting the difference between theoretical schemes and actual robust security.  For instance, you will learn some details on the Black Sunday, or on how AACS was hacked.

I will keep you informed about the next steps.

Online video security 101

Brightcove proposes an interesting whitepaper describing the spectrum of solutions available to secure video. The section describing the security spectrum is a good high-level introduction to the existing problems. It tackles:

  • Unlimited access
  • Watermarking (both visible burn-in and invisible forensics watermark)
  • Geo-restriction; you limit the geographical zone where your content may be viewed. This is why non-US residents cannot access the free episodes on sites such as ABC
  • Domain restriction
  • IP restriction
  • RTMPE for protecting video during transfer
  • Protected page; the usual restriction by an access control to the web page
  • SWF restriction; this is a characteristics of Flash Access, Adobe’s DRM, where you can define the list of AIR players allowed to access a content
  • Anonymous DRM; using a dedicated mode of Flash Access
  • Advanced DRM; using more complex features of Flash Access
  • Secure HLS; the format defined by Apple to securely stream content to an iOS device.
  • User authentication

The beginning of the list is well done. They are generic enough to be able to extrapolate to other solutions than the ones proposed by Brightcove. The last ones (in italic in this post) are very specific either to a solution, or to the offer of Brightcove. They are mostly based on the use of Adobe Flash Access for non-Apple devices, and HLS for Apple devices.

The last section, Security across channels, is not focusing on security challenges in the different environments and may be confusing for the non-specialists.

The document is available here and requires registration.


The GIPSA lab of INPG Grenoble organizes BOSS (Break Our Stegano System) challenge. Attackers will have access to a database of 1,000 pictures. Half of them are steganoed using a system called HUGO. The payload will be the same for every steganoed picture. Attackers have the source code of HUGO. The objective is to discriminate through steganalysis the stega pictures from the cover pictures.

The challenge is interesting. Regularly, the newspapers disclose story of unlawful people using steganography to hide message on the web. In these stories, the attackers/governmental agencies have not the advantages of knowing the used algorithms.

BOSS should remind you BOWS2. The GIPSA lab organized the same type of challenge but for watermark.


Do you want to add a digital watermark to your personal pictures or audio records? The MyDRMspace site offers such a free service free (although in the terms of use, there is a possibility to charge).

Polish developers and entrepreneurs opened this site in 2009. Once registered, you can upload a photo or a piece of audio to the server. Then, you enter information related to the file and mydrmspace will add a watermark to it (signature in their vocabulary). Of course, you can upload a file to check if any watermark is present. If the watermark is present, then mydrmspace will point to the corresponding information.

The developers had the bright idea to offer the infrastructure as a platform for watermark designers. Any watermark designer can upload his/her embedders and detectors (so called coder and decoder on the site :Sad: ) Then the public may use this technology. In other words, when uploading to mark, you can choose the embedder (coder). I have no clue on which criteria, normal users would use one technology rather than another one. The most probable would be that normal user would choose either the first one presented or the most popular one. When checking a file, you have to select the right detector (decoder).

Unfortunately, they seem not to have tremendeous success. There is only one audio watermark technology available and two image watermark technologies (from the same author). The place holder for video watermark is empty.

I have not tested if the watermarks are robust.

Do you know any similar site that offers free watermarking service?

Thank you to TF for the pointer :Happy:

Are watermarked screeners too expensive?

Screeners are copies of a movie that are sent to reviewers or members of an award jury. The favored format is DVD. Unfortunately, DVD are not protected against piracy. Thus, typical procedure is to watermark each screener with an individual invisible mark. Thus, if ever there is leakage, it should be possible to trace back to the originator.

According to /Film, Sony pictures considered this operation too expensive and thus decided not to support its movie “Moon” for the Oscars. Funnily, the movie is already available as DVD and BluRay.

Is the story finished?

Thanks to Olivier for the pointer.

An original way to mark text

Amazon has filed an interesting patent titled System and method for marking content. The idea is rather simple. Create a dictionary of synonyms. To uniquely mark a piece of textual content, permute a set of defined words by selected synonyms. Of course, the patent explores all the alternatives, but in a nutshell this is the main idea.

For the fun, here is the first claim

1. A system, comprising: a processor; and a memory comprising program instructions, wherein the program instructions are executable by the processor to: receive a request for particular content; extract a copy of the requested particular content from a content collection, wherein the particular content includes textual data; substitute a synonym for each of one or more selected words in the textual data of the copy, wherein to substitute a synonym for each of one or more selected words, the program instructions are further executable by the processor to: access a synonym database comprising a plurality of key words, wherein each key word is associated with one or more synonyms in the synonym database; and select a particular synonym to substitute for a particular selected word in the textual data of the copy from one or more synonyms associated with a key word in the database that matches the particular selected word in the textual data of the copy; and return the copy with the substituted synonyms in response to the request.

Does it work? For watermark, there are typically three parameters to examine:

  • • Transparency: There are some issues. First of all, it probably is not applicable to literature. Synonyms are rarely perfect and authors may not accept modifications of their text. Nevertheless, for many texts, and for non-purists, it may be rather transparent. Although I’m not sure that there may not be some readable artifacts.
  • • Robustness: It is obvious that it is easy to detect some substitutions. If the content is not protected in integrity, it is rather easy to wash or forge a new marked content. If the purpose is to fight piracy (such as illegal redistribution), it will not work. The hacker will remove the integrity protection and substitute.
  • • Payload: This depends of the text’s length and the variety of the used vocabulary.

It is an interesting approach although not robust. In some specific contexts, it may have some interest.

Thanks to JJQ for pointing to this patent. :Happy:

Consumer Strategies for Deterring Illegal File-Sharing Using Digital Serial Numbers

The Digital Watermark Alliance (DWA) released last month the results of a survey it commissioned. The purpose was to evaluate what the impact of using Digital Serial Number (DSN) would have on piracy. Digital Serial Number embeds through watermark a unique identifier of the device that rendered the content. This allows to trace back the origin of an eventual leakage.

The answer is obviously that it would have an effect. About half of the responders admitted that they would stop file sharing. This is probably not a surprise for anybody.

A more interesting output is the reasons why about half responders would not stop file sharing.

– I don’t download enough to be caught.
– The online community will remove DSNs.
– DSNs will not be enforced strongly enough to make a difference.
– My downloading would remain the same as a statement of principle.
– The BitTorrent community can avoid sharing files with DSNs.
– The risk is worth it.

The document also highlights that DSN is deterrent only if users are aware of it.

The document is available here.

PS: THOMSON is member of DWA.