English: gold record (for future use in riaa g...

Image via Wikipedia

For a long time, sitting on the side watching the internet play out. The latest news so far is that SOPA and PIPA have been withdrawn, will probably be re-written in some form and come back in another democratic cycle or so.

If I was US based, then I would take more personal steps in the war-on-copyright/fight-against-piracy. Alas, I’m not so I’m going to put up banners, say the right things and hold double standards on all matters.

I think I should finally weigh in here.

I think I have thought up a method of enforcing copyright that would make the RIAA, MPAA and other such organisations happy.

It just takes a bit of technical knowledge and some thought.

For the article that finally changed my mind, see [1]

If a car is parked in a parking lot, it isn’t laws that stop me from driving off with it. What’s stopping me is the physical security that this collection of atoms has. Locked doors, metal cages, glass that hurts me if I break it. Further more, there are ignition sequences tied to owner identities (i.e. the key), and clearly visible tags that can be verified against a national database in the cloud.

Tenant 1/. Laws are in place for the sole purpose of altering the cost/benefit ratios of the actions we take on a daily basis.

I feel safe to own a car and indeed place it, without supervision, in a public area because I believe that there are sufficient physical security measures in place, so that when I next want to use my car, I can. My insurance company agrees with me. They are assured because I have raised sufficient physical security barriers to increase the cost of any attempt to use my car without being me. Hopefully, the cost of stealing my car is greater than the benefit of having my car. My service and MOT company agrees with me.

If somebody, wrongly or rightly, believes that my car holds untold benefits that outweigh the costs of owning hammers, chisels, car hacks and jail time, it is conceivable that they may attempt and succeed in the act of driving off with my car.

Tenant 2/. It is possible to sell the same thing, over and over again, and still make a profit.

In London, the mayor Boris Johnson has developed a scheme colloquially known as ‘Boris Bikes'[2]. This is case where the above problem has been turned on it’s head. By sacrificing personalisation, a scheme can be developed where it is possible to take a vehicle from a public place and pedalling off with it[3].

With a small access fee, and a time based usage fee, the system even makes business sense.

Tenant 3/. Personalisation is the means by which ownership is defined.

In the case of Boris Bikes, the personalisation is subtle, but very effective. There is a link to personal information that we must keep secret. Details of payment, such as credit card numbers and PIN codes, are mapped to access codes.

It isn’t hard to see that if we didn’t hold payment details a tight secret, then the ‘Boris Bike’ system would fall apart. I leave this as an exercise for the reader to figure out how much a bad idea this is.

So, how do we tie all of this into a scheme to protect time Music and Film industries in the modern digital era?

Tenant 4/. Copying broadcast material is easy[4].

If you can hear a music track, take waveform measurements. If you can watch a film, take light intensity measurements of the pixels.

If the media is encrypted, say a 40-bit DVD level encryption or a 4k-bit personalised RSA asymmetric key, it doesn’t matter. At some point, someone will want to enjoy the media in unencrypted form. Time to start breaking out your dusty cathode ray oscilloscopes eh?.

From a distributors point of view, protecting ciphertext is easy. From a consumer and pirate point of view, ciphertext is an encoded payload. A consumer has a device to decode and playback the media to plaintext. Pirates can copy or otherwise transcode the plaintext. I think that any cryptographic security placed on digital media is futile.

We can learn a few lessons here.

Tenant 1 tells us that we could add laws to rebalance the cost/benefit ratios of copying to dissuade all but a few percent of the population. This doesn’t really work because a broadcast is aimed to reach as many people as possible, and a few percent of a very large (positive) number is still a large number, or at least… a non-negative, non-zero finite.

Tenants 2 and 3 point us in an interesting direction. Add personalisation to broadcast material. However, tenant 4 tells us we can’t apply personalisation blindly.

It just takes a bit of technical knowledge and some thought.

Encode extremely sensitive and personal information into the plaintext.

An easy statement to make, but is it conceptually feasible to do this? I posit that it can be done if you want to follow me in a little thought experiment.

Let’s start with an example of music.

I must note now that adding personalisation to the plaintext is already being done. Apple place user ids and into AAC headers. Amazon place user ids into MP3 ID3 tags. This doesn’t stop people from copying the files, it just means that they are traceable. Of course, there’s always the transcoding and oscilloscope methods to get around this.

Audio is typically encoded as samples of a waveform. We can use techniques such as Fourier Analysis[5] to encode and compress this wave form in easier to manage/transmit data points.

A common compression technique is to filter out frequencies that are out of human hearing ranges, or are have lower amplitudes compared to the remaining frequencies in the waveform.

If you can take away data, and still leave the sound with enough integrity that a human doesn’t notice, then that’s fine. Conversely, you can add data at low amplitudes without a human noticing too.

Lets say, this data is of an extremely personal nature, perhaps it is that credit card transaction detail? or maybe just a facebook account login token maybe sufficient. Nobody would be willing to copy or transcode music if it means spreading a how-to guide to frape[6].

Unlike ID3 tags, it is feasibly possible to maintain these extra-personal watermarks across transcoding and other DSP transforms. [7] has a scheme to do this with images.

Care can be taken in the encoding process such that any attempt to remove the extra-personal identification data will cause the audible waveform to contort into an unplayable form. Extra points for an encoder that can cause generic media to degrade into a Rick Astley hit.

I will also posit that this mechanism has another effect. Music encoded under such a scheme will never be played aloud in public transport by some inconsiderate with their headphones on loud. You never know who walks around with omnidirectional microphones hidden in their backpack.




[4] Copying directed media, like emails and credit card transactions, can be made into a cryptographically hard problem. This has something to do with the uniqueness of the data involved.



[7] reveals


  1. marbo1

    A very interesting idea! I’m not sure adding above or below the hearing threshold would work, because that would be easy to remove by automated purpose. Hiding it within the audible range, though, would hold a lot of promise!

    Nice one!

    • bencord0

      If one is sloppy in the Fourier domain, adding or removing certain coefficients can disrupt the quality of a sound file dramatically. Think about listening to a 320k mp3 that has been down sampled to a 64k phoneline.

      This introduces the blocky nature of the “corruption”.

      An unsolved problem in Digital Signal Processing concerns how the original encoder can influence the corruption.

      This isn’t as far fetched an idea as it first seems. In the photography world, it is possible to influence JPEG compression such that the word “VOID” emerges if any transform is applied. For example, image resizing on aggregating/content snooping webservices, or incase someone took a picture of their screen/physical poster.

      The trick involves manipulating the coefficients of the DCT (Discrete Cosine Transform, an analogous process to a Fourier Transform) such that if the “invisible” parts are removed(such as on a resize op), a fresh water mark is exposed.

      I would really like to post a link to the paper, but I can’t find it. Sorry.

      So you see, encoding information in the inaudible range of human hearing is still a useful case, especially if removing that data will adversely effect the audible signal.

      I also have another example from the video world.

      The H.264 codec operates with 16×16 macroblocks. A common HD resolution is known as 1080p, which uses one thousand and eighty lines of pixels (counting vertically).

      The quick mathematicians amongst you will quickly realise that 1080/16 = 67.5. That is, to encode a frame of video, you need 68 macroblocks of height.

      This leaves you with 8 lines of pixels extra. A good decoder which realises that the desired resolution is 8 lines shorter than what it received will truncate after the 1080th line. A less good decoder will show those 8 lines and you might get some green, aka. YUV(000), at the bottom. Our Google+ Hangout had an example of this.

      A really good encoder will exploit these extra 8 lines of data (that shouldn’t be shown to the enduser), and will pick alternative values that help compression/reduce bandwidth.

      How cool is that?

  2. BuddhaKat

    sir… your scientific and critical thinking skills are highly developed and your ability to communicate same rocks… though I can barely grasp the tech-y options you proffer, I certainly applaud what I think a bullseye in targeting the appropriate offenders, whilst keeping every user accountable for their use/misuse/abuse of the copyrighted material. I’m honored to be pinged by such a quality post/poster. My suggestion, though less technical, is that every individual who treasures their freedom to use an unedited internet w/out the threat of dictatorial decisions to eliminate/shut down at will, must remain diligent, informed and active. The proponents of such control can be quite devious and persistent, and so must we be. Any assumptions that we have succeeded in protecting ourselves is foolish, unless paired with continued diligence and awareness that such threats are always alive and well. Many thanks for contributing to the dialogue (ie adding your $10 USD worth). :) janet

    • bencord0

      Thanks Janet.

      Don’t worry about not understanding the full implications of the technical bits. It’s like reading a maths book, just skip over the bits you don’t understand and hope that you can gather wtf is going on from surrounding context. Hopefully, you can come back to it later on, read the hard bit, and understand it even more.

      I agree with your suggestion. As it is clear from the effects of events on the internet on the 18th, many others on the internet agree too.

      Thankfully, it would seem, “proponents of control” aren’t technically minded either.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s