This page intentionally left blank
MULTIMEDIA SECURITY
TECHNOLOGIES FOR DIGITAL RIGHTS
MANAGEMENT
This page intentionally left blank
MULTIMEDIA SECURITY
TECHNOLOGIES FOR DIGITAL
RIGHTS MANAGEMENT
Edited by
Wenjun Zeng
University of Missouri - Columbia
Heather Yu
Panasonic Princeton Laboratory
Ching-Yung Lin
IBM Research, Qibin Sun
Institute for Infocomm Research
AMSTERDAM • BOSTON • HEIDELBERG • LONDON
NEW YORK • OXFORD • PARIS • SAN DIEGO
SAN FRANCISCO • SINGAPORE • SYDNEY • TOKYO
Academic Press is an imprint of Elsevier
Academic Press is an imprint of Elsevier
30 Corporate Drive, Suite 400, Burlington, MA 01803, USA
525 B Street, Suite 1900, San Diego, California 92101-4495, USA
84 Theobald’s Road, London WC1X 8RR, UK
This book is printed on acid-free paper.
Copyright © 2006, Elsevier Inc. All rights reserved.
No part of this publication may be reproduced or transmitted in any form or by any means,
electronic or mechanical, including photocopy, recording, or any information storage and
retrieval system, without permission in writing from the publisher.
Permissions may be sought directly from Elsevier’s Science & Technology Rights

Department in Oxford, UK: phone: (+44) 1865 843830, fax: (+44) 1865 853333,
E-mail: You may also complete your request on-line
via the Elsevier homepage (), by selecting “Support & Contact”
then “Copyright and Permission” and then “Obtaining Permissions.”
Library of Congress Cataloging-in-Publication Data
Multimedia security technologies for digital rights management/edited by Wenjun Zeng,
Heather Yu, and Ching-Yung Lin.
p. cm.
Includes bibliographical references and index.
ISBN-13: 978-0-12-369476-8 (casebound : alk. paper)
ISBN-10: 0-12-369476-0 (casebound : alk. paper) 1. Computer security. 2. Multimedia
systems–Security measures. 3. Intellectual property. I. Zeng, Wenjun, 1967- II. Yu, Hong
Heather, 1967- III. Lin, Ching-Yung.
QA76.9.A25M875 2006
005.8–dc22
2006003179
British Library Cataloguing-in-Publication Data
A catalogue record for this book is available from the British Library.
ISBN 13: 978-0-12-369476-8
ISBN 10: 0-12-369476-0
For information on all Academic Press publications
visit our Web site at www.books.elsevier.com
Printed in the United States of America
0607080910 987654321
Table of Contents
Preface xix
Part A Overview 1
Chapter 1 Introduction—Digital Rights Management 3
Scott Moskowitz
Chapter 2 Digital Rights Management Systems 23

Marina Bosi
Chapter 3 Putting Digital Rights Management in Context 51
Leonardo Chiariglione
Part B Fundamentals of Multimedia Security 73
Chapter 4 Multimedia Encryption 75
Bin B. Zhu
Chapter 5 Multimedia Authentication 111
Dajun He and Qibin Sun
Chapter 6 Key Management for Multimedia Access and
Distribution 139
Amhet M. Eskicioglu
Chapter 7 An Overview of Digital Watermarking 167
N. Liu, P. Amin, A. Ambalavanan and
K.P. Subbalakshmi
Chapter 8 Biometrics in Digital Rights Management 197
Anil Jain and Umut Uludag
Part C Advanced Topics 219
Chapter 9 Format-Compliant Content Protection 221
Wenjun Zeng
v
vi TABLE OF CONTENTS
Chapter 10 Secure Media Streaming and Secure
Transcoding
241
John G. Apostolopoulos and Susie Wee
Chapter 11 Scalable Encryption and Multi-Access
Control for Multimedia
275
Bin B. Zhu
Chapter 12 Broadcast Encryption 303

Jeffrey Lotspiech
Chapter 13 Practical “Traitor Tracing” 323
Hongxia Jin and Jeffrey Lotspiech
Chapter 14 Steganalysis 349
Jessica Fridrich
Chapter 15 Passive-blind Image Forensics 383
Tian-Tsong Ng, Shih-Fu Chang, Ching-Yung
Lin, and Qibin Sun
Chapter 16 Security in Digital Cinema 413
Jeffrey A. Bloom
Part D Standards and Legal Issues 433
Chapter 17 DRM Standard Activities 435
Xin Wang, Zhongyang Huang and
Shengmei Shen
Chapter 18 The Digital Millennium Copyright Act 457
Gregory Stobbs, Harness, Dickey and Pierce
Index 483
ABOUT THE EDITORS
Wenjun Zeng is an Associate Professor in the Computer Science Department of
University of Missouri, Columbia, MO. He received his B.E., M.S., and Ph.D.
degrees from Tsinghua University, China, the University of Notre Dame, and
Princeton University, respectively. His current research interests include content
and network security, and multimedia communications and networking.
Prior to joining Univ. of Missouri-Columbia in 2003, he had worked for
PacketVideo Corporation, San Diego, CA, Sharp Labs of America, Camas, WA,
Bell Laboratories, Murray Hill, NJ, and Matsushita Information Technology Lab,
Panasonic Technologies Inc., Princeton, NJ. From 1998 to 2002, He was an
active contributor to the MPEG4 Intellectual Property Management & Protection
(IPMP) standard and the JPEG 2000 image coding standard, where four of his
proposals were adopted. He has been awarded 11 patents. Dr. Zeng has served as

an Organizing Committee Member and Technical Program Committee Chair for a
number of IEEE international conferences. He is an Associate Editor of the IEEE
Transactions on Multimedia, and is on the Editorial Board of IEEE Multimedia
Magazine. He was the Lead Guest Editor of IEEE Transactions on Multimedia’s
Special Issue on Streaming Media published in April 2004.
Heather Yu is a Senior Scientist at Panasonic Princeton Laboratory. She received
her B.S. degree from Peking University, her M.A. and Ph.D. degrees from
Princeton University all in Electrical Engineering. In 1998, she joined Pana-
sonic where her major focus is multimedia communications and multimedia
information access R&D. Her current research interests include digital rights
management and multimedia content access and distribution in consumer net-
works. In the multimedia security area, she holds two US patents, has many
patents pending, published a variety of technical papers in prestigious conferences
and journals, and has given three tutorials at IEEE multimedia, communications,
and consumer electronics conferences.
vii
viii ABOUT THE EDITORS
Currently, Dr. Yu serves as Chair of IEEE Communications Society Multimedia
Communications Technical Committee, Editor for ACM Computers in Entertain-
ment, IEEE Multimedia Magazine, and Informing Science Journal, Conference
Steering Committee Member of IEEE ICME (IEEE International Conferences
on Multimedia and Expo) and IEEE CCNC (IEEE Consumer Communications
and Networking Conference), and Technical Program Co-chair of IEEE ICC2007
Multimedia Symposium. From 1998-2002, she served as Associate Editor for
IEEE Trans. on Multimedia and conference technical program chair, associate
chair, session chair, technical committee member, best paper award committee
member, keynote speaker, panelist, panel chair, and steering committee member
for many conferences.
Ching-Yung Lin received his Ph.D. degree from Columbia University in Elec-
trical Engineering. Since Oct 2000, he has been a Research Staff Member in IBM

T. J. Watson Research Center, where he is currently leading projects on the IBM
Large-Scale Video Semantic Filtering System. He is also an Adjunct Associate
Professor at the University of Washington and Columbia University. His research
interest is mainly focused on multimodality signal understanding, social comput-
ing, and multimedia security. Dr. Lin is the Editor of the Interactive Magazines
(EIM) of the IEEE Communications Society, an Associate Editor of the IEEE
Trans. on Multimedia and the Journal of Visual Communication and Image Repre-
sentation. He served as a Guest Editor of the Proceedings of IEEE – Special Issue
on Digital Rights Management, and EURASIP Journal on Applied Digital Signal
Processing – Special Issue on Visual Sensor Network. Dr. Lin is a recipient of
2003 IEEE Circuits and Systems Society Outstanding Young Author Award. He is
the (co-)author of more than 100 journal articles, conference papers, book, book
chapters and public release software. Dr. Lin is a Senior Member of IEEE, and a
member of ACM, INSNA and AAAS.
ABOUT THE CONTRIBUTORS
Scott Moskowitz. Founder of Blue Spike, Inc., rights management expert,
inventor and technology architect, author of So this is Convergence?. In 1992,
Mr. Moskowitz entered the entertainment industry doing agency work for a large
U.S. wholesaler of music-related products increasing high gross margins while
realizing whole revenues of $ 120 million. Mr. Moskowitz had previously founded
a Tokyo-based trading company involved in the consulting, representation and
export sales of American consumer products to Japan. He designed initial plans
for the High Definition Television’s market entry in the U.S. and worked on other
related strategy for Sony’s Monitor Group in Tokyo as Sony Japan’s first under-
graduate intern. Mr. Moskowitz earned two cum laude degrees at The Wharton
School and College of Arts and Sciences at the University of Pennsylvania. He
is a member of the Institute of Electrical and Electronics Engineers (“IEEE”),
Association for Computing Machinery (“ACM”) and The International Society
for Optical Engineering (“SPIE”) organizations. Mr. Moskowitz holds 15 U.S.
Patents with dozens of pending patent applications.

Marina Bosi is Chief Technology Officer at MPEG LA, LLC – a firm special-
izing in the licensing of multimedia technology. Prior to that, Dr. Bosi was
VP-Technology, Standards and Strategies with Digital Theater Systems (DTS)
and was at Dolby Laboratories where she worked on AC-2 and AC-3 technology
and coordinated the MPEG-2 AAC development.
Dr. Bosi has participated in numerous activities aimed at standardizing digital
secure content coding, including the DVD Forum, the SDMI, and is currently
involved in the ANSI/ISO MPEG, ATSC, DVB, and SMPTE standard setting pro-
cess. Dr. Bosi is also a founding member and director of the Digital Media Project,
a non-profit organization that promotes successful development, deployment and
use of Digital Media. Fellow and Past President of the Audio Engineering Society
(AES), Dr. Bosi is a Senior Member of IEEE and a Member of ASA.
ix
x ABOUT THE CONTRIBUTORS
Consulting Professor at Stanford University’s Computer Center for Research
in Music and Acoustics (CCRMA) and also in Stanford’s Electrical Engineer-
ing department, Dr. Bosi holds several patents and publications in the areas of
coding and digital rights management including the textbook “Introduction to
Digital Audio Coding and Standards”, published by Kluwer Academic Publishers.

Leonardo Chiariglione graduated from the Polytechnic of Turin and obtained
his Ph. D. degree from the University of Tokyo.
He has been at the forefront of a number of initiatives that have helped shape
media technology and business as we know them today. Among these the Moving
Pictures Experts Group (MPEG) standards committee which he founded and chairs
and the Digital Media Project of which he was the proponent and is the current
president. Dr. Chiariglione is the recipient of several awards: among these the
IBC John Tucker award, the IEEE Masaru Ibuka Consumer Electronics award and
the Kilby Foundation award. Since January 2004 he is the CEO of CEDEO.net,
a consulting company advising major multinational companies on matters related

to digital media.
Bin B. Zhu has been with Microsoft Research (MSR) Asia as a researcher since
Dec. 2001, where he has been working on content protection and digital rights
management, watermarking, multimedia processing and communications, P2P
networks, encryption algorithms, etc. Before he joined MSR Asia, he worked as a
cofounder and Lead Scientist at Cognicity for more than 4 years. Cognicity was a
pioneer in the field of audio watermarking and music promotion and advertising
enabling technologies. Dr. Zhu is a senior member of IEEE. He has published four
book chapters and more than 40 peer-reviewed journal and conference papers.
He has been awarded 8 US patents with more than 10 pending US patent applica-
tions. Dr. Zhu received his B.S. degree in physics from the University of Science
and Technology of China in 1986, and M.S. and Ph. D. degrees in electrical engi-
neering from the University of Minnesota, Twin Cities in Sept. 1993 and Dec.
1998.
Dajun He received BS degree from Tsinghua University, China in 1991 and
MS degree from Shanghai Jiaotong University, China in 1994, and PhD degree
from National University of Singapore, Singapore in 2005.
From 1994 to 1995, he was a lecturer in Shanghai Jiaotong University, where he
developed the first HDTV simulation system in China. From 1996 to 2001, he was
a senior engineer in AIWA Singapore, in charge of developing audio and visual
consumer products. From 2001 to 2005, he was a scientist inInstituteforInfocomm
Research (I2R) in Singapore. Now, he is a deputy director of engineering in
ABOUT THE CONTRIBUTORS xi
Shanghai Zhangjiang (Group) Co., Ltd., China. His main research interests include
media security, image/video processing and compression.
Qibin Sun is currently leading the Media Semantics Department at the Institute
for Infocomm Research (I2R) in Singapore, conducting research and development
in media (text, audio, image, video) analysis, retrieval and security. He is also the
Head of Delegates of Singapore in ISO/IEC SC29 WG1(JPEG). Dr. Sun actively
participates in professional activities in IEEE ICME, IEEE ISCAS, IEEE ICASSP

and ACM MM, etc. He is the member of Editorial Board in IEEE Multimedia
Magazine, the associate editor in IEEE Transactions on Circuits and Systems
for Video Technology and the member of Editorial Board in LNCS Transac-
tions on Data Hiding and Multimedia Security. & qibin@
2r.a-star.edu.sg
Ahmet M. Eskicioglu received the B.S. degree from the Middle East Technical
University (METU), Ankara, Turkey, and the M.S. and Ph.D. degrees from the
University of Manchester Institute of Science and Technology (UMIST), England.
He was with the Computer Engineering Department, METU from 1983 to 1992,
the Department of Computer Sciences, University of North Texas from 1992 to
1995, and Thomson Multimedia Corporate Research, Indianapolis from 1996
to 2001.
Dr. Eskicioglu is with the Department of Computer and Information Science,
Brooklyn College of the City University of New York. He has actively partici-
pated in the development of several national and international standards for copy
protection and conditional access in the US and Europe. Dr. Eskicioglu’s teach-
ing and research interests include data security, conditional access, digital rights
management, copy protection, digital watermarking, and multimedia applications.
He has been a National Science Foundation panelist, and a guest lecturer at several
universities and research organizations. Dr. Eskicioglu is a Senior Member of the
IEEE.
Ning Liu received the B.E in Electrical Engineering from the Sichuan Univer-
sity, China in 1995, and the M.E in Signal Processing Engineering from the
Tongji University, China in 2001. Since Fall 2002, he has been a Ph.D. student
in the Department of Electrical and Computer Engineering, Stevens Institute of
Technology, Hoboken, NJ, where he works in the MSyNC. His research inter-
ests include quantizer based steganography and stego-games, digital image/video
watermarking, joint source channel coding.
Palak Amin received the B.E. and the M.E. degree both in Computer Engineering
from the Department of Electrical and Computer Engineering, Stevens Institute

xii ABOUT THE CONTRIBUTORS
of Technology, Hoboken, NJ in 2003. He is currently working towards the Ph.D.
degree in Computer Engineering at Stevens Institute of Technology, Hoboken, NJ.
He was with the MedSW-West Lab, Siemens Medical Solutions at Iselin, NJ for
2001–2002. His research interests include multimedia security-digital image/video
watermarking, statistical security, distributed source channel coding (DSCC), and
multiple description coding (MDC)
Aruna Ambalavanan is currently working towards her Ph.D degree in Electrical
Engineering at Stevens Institute of Technology, Hoboken, NJ. She received her
Masters degree in Electrical Engineering from the University of South Florida,
Tampa, FL in 2002 and Bachelors degree in Electrical Engineering from the
University of Madras, India in 2000. Her research interests include Steganalysis,
information forensics and security.
Dr. K.P. Subbalakshmi is an Assistant Professor at the Electrical and Com-
puter Engineering department at Stevens Institute of Technology, where she
co-founded and co-directs the Multimedia Systems, Networking and Communica-
tions (MSyNC) Laboratory. Her research interests lie in the areas of: Information
and Network Security, Wireless and Multimedia Networking and Coding. She
chairs the Special Interest Group on Multimedia Security, IEEE Technical Com-
mittee on Multimedia Communications. She received the Stevens President’s
Research Recognition Award in 2003. She is the Guest Editor of the IEEE Journal
on Selected Areas of Communication, Special Issue on Cross Layer Optimized
Wireless Multimedia Communications.
Anil Jain is a University Distinguished Professor in the Department of Computer
Science & Engineering at Michigan State University. He received his B.Tech.
degree from Indian Institute of Technology, Kanpur and M.S. and Ph.D. degrees
from Ohio State University in 1970 and 1973. His research interests include
statistical pattern recognition and biometric authentication.
He received awards for best papers in 1987 and 1991 from the Pattern Recog-
nition Society. He also received 1996 IEEE Transactions on Neural Networks

Outstanding Paper Award. He is a fellow of AAAS, ACM, IEEE, IAPR and SPIE.
He has received Fulbright, Guggenheim and Humboldt Research Awards. He
received the 2003 IEEE Computer Society Technical Achievement Award.
Holder of six patents in fingerprints, he is the author of a number of books
on biometrics: Handbook of Multibiometric Systems, Springer 2006, Biometric
Systems, Technology, Design and Performance Evaluation, Springer 2005,
Handbook of Face Recognition, Springer 2005, Handbook of Fingerprint Recog-
nition, Springer 2003, BIOMETRICS: Personal Identification in Networked
Society, Kluwer 1999. He is an Associate editor of the IEEE Transactions on
Information Forensics and Security and is currently serving as a member of
ABOUT THE CONTRIBUTORS xiii
The National Academies committees on Whither Biometrics and Improvised
Explosive Devices.
Umut Uludag received the B.Sc. and M.Sc. degrees in Electrical and Electron-
ics Engineering from Bogazici University, Istanbul, Turkey in 1999 and 2001,
respectively. He is currently working toward the Ph.D. degree in the Department
of Computer Science and Engineering, Michigan State University, East Lansing.
He was a researcher in Information Technologies Institute, Marmara Research
Center, from 1999 to 2001. He also spent four summers (2002–2005) with Intel
Corporation, Santa Clara, CA, National Institute of Standards and Technology,
Gaithersburg, MD, Siemens Corporate Research, Princeton, NJ, and Symbol
Technologies, Holtsville, NY.
His research interests include biometrics, pattern recognition, multimedia, digi-
tal security, watermarking, image processing and computer vision. He is a member
of the IEEE and Computer Society.
John Apostolopoulos is a principal research scientist and project manager for
the HP Labs Streaming Media Systems Group. Since 2000, he has also been a
Consulting Assistant Professor of electrical engineering at Stanford University.
He joined HP Labs in 1997 after receiving his B.S., M.S., and Ph.D. degrees
from MIT. In graduate school he worked on the U.S. Digital TV standard, and

received an Emmy Award Certificate for his contributions. He received a best stu-
dent paper award for part of his Ph.D. thesis, the Young Investigator Award (best
paper award) at VCIP 2001 for his work on multiple description video coding
and path diversity for reliable video communication over lossy packet networks,
and in 2003 was named “one of the world’s top 100 young (under 35) innova-
tors in science and technology” (TR100) by Technology Review. His work on
media transcoding in the middle of a network while preserving end-to-end secu-
rity (secure transcoding) has been adopted by the JPEG-2000 Security (JPSEC)
standard. He is currently vice-chair of the IEEE Image and Multidimensional
Digital Signal Processing (IMDSP) technical committee, and he has served as
associate editor of IEEE Transactions on Image Processing and IEEE Signal Pro-
cessing Letters. His research interests include improving the reliability, fidelity,
scalability, and security of media communication over wired and wireless packet
networks.
Susie Wee is the Director of the Mobile and Media Systems Lab (MMSL) in HP
Labs. She is responsible for research programs in multimedia communications
and networking, wireless sensor networks, and next-generation mobile multime-
dia systems. MMSL has activities in the US, Japan, and England, and includes
collaborations with partners around the world. Wee’s research interests broadly
embrace design of mobile streaming media systems, secure scalable streaming
xiv ABOUT THE CONTRIBUTORS
over packet networks, and efficient video delivery to diverse clients over dynamic
networks. In addition to her work at HP Labs, Wee is a consulting assistant pro-
fessor at Stanford University, co-teaching a graduate-level course on digital video
processing. She receivedTechnologyReview’sTop100Young Investigators award
in 2002, served as an associate editor for the IEEE Transactions on Image Pro-
cessing, and is currently serving as an associate editor for the IEEE Transactions
on Circuits, Systems, and Video Technologies. She is currently a co-editor of the
JPEG-2000 Security standard (JPSEC). Wee received her B.S., M.S., and Ph.D.
degrees in electrical engineering from the Massachusetts Institute of Technology

(MIT). &
Jeffrey Lotspiech (BS and MS Electrical Engineering, Massachusetts Institute
of Technology, 1972) has been working in the content protection industry for
over 12 years for IBM, and more recently as a private consultant. He has over
50 patents in this area, including the basic key management schemes used for
both the Content Protection for Recordable Media (CPRM) and Advanced Access
Content System (AACS). He has worked on the detailed specifications for both
systems. He has been a leading proponent of broadcast encryption in general,
and especially as it is applied to content protection of entertainment applications.

Hongxia Jin is a Research Staff Member in IBM Almaden Research Center in
San Jose, California. She obtained her Master and Ph.D degree in Computer
Science from the Johns Hopkins University. Her main research interests are
information security and privacy, content protection, Digital Rights Management,
and software engineering.
Jessica Fridrich holds the position of Associate Professor at the Dept. of Elec-
trical and Computer Engineering at Binghamton University (SUNY). She has
received her PhD in Systems Science from Binghamton University in 1995 and
MS in Applied Mathematics from Czech Technical University in Prague in 1997.
Her main interests are in Steganography, Steganalysis, Digital Watermarking, and
Digital Image Forensic. Dr. Fridrich’s research work has been generously sup-
ported by the US Air Force. Since 1995, she received 17 research grants totaling
over $ 5mil for projects on data embedding and steganalysis that lead to more
than 70 papers and 7 US patents. Dr. Fridrich is a member of IEEE and ACM.

Tian-Tsong Ng received his M.Phil degree in Information Engineering from
Cambridge University in 2001. He is currently pursuing his PhD degree in
Electrical Engineering at the Columbia Univeristy Digital Video and Multimedia
ABOUT THE CONTRIBUTORS xv
Laboratory. His research focuses on passive-blind image forensics. His paper

received the Best Student Paper Award at the 2005 ACM Multimedia Conference.
Shih-Fu Chang is a Professor in the Department of Electrical Engineering of
Columbia University. He leads Columbia University’s Digital Video and Multime-
dia Lab ( conducting research in multimedia
content analysis, video retrieval, multimedia authentication, and video adaptation.
Systems developed by his group have been widely used, including VisualSEEk,
VideoQ, WebSEEk for image/video searching, WebClip for networked video edit-
ing, and Sari for online image authentication. He has initiated major projects in
several domains, including a digital video library in echocardiogram, a content-
adaptive streaming system for sports, and a topic tracking system for multi-source
broadcast news video. Chang’s group has received several best paper or student
paper awards from the IEEE, ACM, and SPIE. He is Editor in Chief of IEEE Sig-
nal Processing Magazine (2006–8); a Distinguished Lecturer of the IEEE Circuits
and Systems Society, 2001–2002; a recipient of a Navy ONR Young Investiga-
tor Award, IBM Faculty Development Award, and NSF CAREER Award; and a
Fellow of IEEE since 2004. He helped as a general co-chair for ACM Multime-
dia Conference 2000 and IEEE ICME 2004. His group has also made significant
contributions to the development of MPEG-7 multimedia description schemes.

Jeffrey A. Bloom has been working in the field of multimedia content security
research since 1998 at Signafy, Inc. and later at NEC Research Institute. He was
jointly responsible for advanced image and video watermarking technologies at
Signafy and participated in the development of the NEC and Galaxy DVD copy
control proposals for the Copy Protection Technical Working Group. Dr. Bloom
then lead watermarking research and development at Sarnoff Corporation where
his team developed digital watermarks specifically targeted at the digital cinema
forensic application before joining Thomson in 2005. He currently manages the
content security research group in Princeton New Jersey.
In addition to his contributions to numerous technical conferences, journals, and
patents, Dr. Bloom is a co-author of Digital Watermarking, the leading text book in

the field. This book is considered the primary source of fundamental watermarking
principles.
Dr. Bloom holds B.S. and M.S. degrees in electrical engineering from Worcester
Polytechnic Institute, and a Ph.D. from the University of California, Davis. He has
expertise in the areas of multimedia content security, signal and image processing,
image and video compression, and human perceptual models. His current research
interests include digital watermarking, digital rights management, and machine
learning.
xvi ABOUT THE CONTRIBUTORS
Xin Wang is the Chief Scientist and Director of DRMArchitectureand Language at
ContentGuard Inc., which is a spin-off companyfrom the Xerox PaloAltoResearch
Center based onthe Digital Rights Management project he initially worked onsince
1996. He has in-depth expertise and extensive experience in developing DRM
technologies, designing DRM systems, and creating novel business and usage
models for multimedia content in the entertainment and enterprise environments.
He holds more than 30 US and international patents in the areas of DRM and
security. He has been one of the key editors of the ContentGuard XrML (eXtensible
rights Markup Language), the MPEG-21 REL (Rights Expression Language), and
the ContentGuard CEL (Contract Expression Language). Over the last six years,
he has been participating and contributing to a number of DRM related standards
groups including MPEG, OeBF, and ISMA.
He is an Adjunct Faculty member of Computer Science at the University South-
ern California, Los Angeles, where he teaches and researches in the areas of
algorithms, security, and parallel and distributed computing. He is also an asso-
ciate editor for the Journal of Computer and System Sciences. He received his B.S.
and M.S degrees from Tsinghua University, Beijing, China, and Ph.D. degree from
the University of Southern California.
Zhongyang Huang received his Master degree in Information Engineering from
Nanyang Technological University (Singapore) in 2001 and Bachelor degree
in Biomedical Engineering from Shanghai Jiaotong University (China) in 1993

respectively. From 1994 to 1999, he worked as a senior engineer for medical
apparatus development in medical image processing area with China-America
Joint Venture KangMing Biomedical Engineering Ltd. in China. Since 2001 he
has been working as a Senior R&D Engineer at Panasonic Singapore Laboratories
in Singapore. During this period, he has been actively involved in the standardiza-
tion activities such as MPEG (MPEG-2/4/7/21), OMA, AVS, ISMA in the field of
Digital Media distributionand management, particularly in theDigital Rights Man-
agement area. He has made some important contributions to these standardization
groups.
Shengmei Shen is currently an R&D Manager of Panasonic Singapore Labora-
tories after she worked as a Senior Staff Engineer for 5 years from 1992 to 1997
in the same company. She has been involved in MPEG1/2/4 standardization and
related product development for 12 years, particularly in Video Coding.
Since 2000 she has participated in MPEG IPMP Standardization and made
important contributions together with her team. She also led a team to work on
DTV, content distribution & management, as well as audio product development.
She received her Bachelor Degree in Electrical Engineering and Master Degree
in adaptive signal processing in North-west Telecommunications Engineering
Institute, in Xi’an (now Xidian University) in 1984 and 1986, respectively.
ABOUT THE CONTRIBUTORS xvii
She worked in the Electrical Engineering Laboratories in the same University
for two years before she went to Japan where she worked for 3 years in the area
of medical signal processing.
Gregory A. Stobbs is a partner in the patent law firm of Harness, Dickey & Pierce
with over 25 years of experience in patent law, specializing in information and
computer software technologies. He is author of two patent law treatises: Software
Patents and Business Method Patents.
This page intentionally left blank
PREFACE
The explosive combination of digital signal processing, computing devices and

digital networks have enabled pervasive digital media distribution that allows
flexible and cost-effective multimedia commerce transactions. The digital natureof
information also allows individuals to access, duplicate or manipulate information
beyond the terms and conditions agreed upon. For instance, widespread piracy
of copyrighted audio or video content using peer-to-peer networking has caused
significant tension between members of the entertainment industry and free-speech
advocates regarding the fair use of digital content. The large-scale acceptance of
digital distribution rests on its ability to provide legitimate services to all competing
stakeholders. This requires secure e-commerce systems that allow convenient
use of digital content while equitably compensating members of the information
distribution/consumption chain. Digital Rights Management (DRM), a critical
component of such secure e-commerce systems, defines a set of tools that manage
the trusted useof digital media contenton electronic devices, ranging from personal
computer, digital video recorder, DVD player, Music player, PDA, to mobile
phones and other embedded devices. Various multimedia security technologies,
such as encryption, watermarking, key managements, etc., have been designed to
achieve this goal. To make DRM systems trustworthy to all players is more than
just a technical issue. A truly effective approach requires solid engineering as well
as a social, business and legal infrastructure. The market for DRM products and
services is burgeoning and the search for the balance has been on-going.
Target Audience
While DRM has been in the spotlight in recent years, there had not been a
single book that addresses all aspects of DRM. In particular, no book had pro-
vided a comprehensive coverage of the technical aspect of DRM. Multimedia
Security Technologies for Digital Rights Management is the first book that was
xix
xx PREFACE
designed to provide an in-depth and comprehensive coverage on the state-of-the-art
multimedia security technologies for the DRM applications.
If you have ever been intrigued by the buzz-word DRM and are interested in finding

out more, if you are a manager or engineer developing a DRM system, if you plan
to offer topic courses or tutorials on multimedia security, if you are curious about
the hacking by a Norwegian teenager of the Content Scrambling System defined
to protect the content of DVDs, if you have been alerted to the on-line music
sharing debates, or if you are concerned about the potential implications of the
recently enacted Digital Millennium Copyright Act in light of the arrest of the
Russian programmer who circumvented Adobe Systems’ eBook Reader DRM,
this book is for you. In particular, this book can be used by graduate or senior
undergraduate students who are starting to research in the field of multimedia
security and digital rights management. It also serves perfectly as a comprehensive
technical reference book on DRM for researchers, system engineers and algorithm
developers.
Content and Organization
Multimedia Security Technologies for Digital Rights Management is one continu-
ous book that has been harmonized to provide the audience with a comprehensive
coverage of the fundamentals and the latest development of multimedia secu-
rity technologies targeted for the DRM applications. It also reflects other
non-technical (i.e., social and legal) aspects of DRM. The contributors include
technology visionary and leading researchers in the field, many of whom are
also active DRM standards contributors, industrial practitioners, and copyright
lawyers.
The book comprises 18 chapters, and divides into four parts: Overview (Part A),
Fundamentals of Multimedia Security (Part B), Advanced topics (Part C), and
Standards and Legal issues (Part D). The first three chapters in Part A contain
background materials and an overview of the DRM system architecture and
deployment issues. Chapters 4 through 8 in Part B describe the fundamental
security techniques for multimedia protection. Chapters 9 through 16 in Part C
introduce the latest development in multimedia security and DRM. Chapters 17
and 18 in Part D discuss the standards and legal aspect of DRM. We elaborate on
the contents of individual chapters in the following.

Chapter 1 introduces the subject of DRM, discusses a number of topics
that identify the importance of rights management technologies, and shares
some insight about the future.
PREFACE xxi
Chapter 2 offers an overview of the general technology structure and capa-
bilities of a DRM system, and presents a flexible, extensible reference model
that may be used to characterize current and emerging DRM systems.
Chapter 3 discusses the importance of interoperability and standardization,
and how media value-chains can change thanks to interoperable DRM speci-
fications which support traditional rights and usages, and illustrates a toolkit
approach to interoperable DRM.
Chapter 4 presents the fundamentals of multimedia encryption, including
cryptographic primitives, application scenarios and design requirements,
and an overview of some typical multimedia encryption schemes.
Chapter 5 presents the fundamentals of multimedia authentication, includ-
ing cryptographic primitives, design requirements of multimedia applica-
tions, and an overview of some popular approaches.
Chapter 6 presents the fundamentals of conditional access systems in cable,
satellite, and terrestrial distribution; digital rights management systems on
the Internet, and the protection in digital home networks.
Chapter 7 provides an overview of the digital watermarking technolo-
gies, including applications, design considerations, tools and mathematical
background, and latest development.
Chapter 8 introduces biometric authentication, and highlights its char-
acteristics as pertained to its application to the digital rights management
problem.
Chapter 9 analyzes the security requirements and architectures for multi-
media distribution and introduces the general concept of format-compliant
content protection to address both content adaptation and end-to-end
security.

Chapter 10 addresses secure scalable streaming and secure transcoding,
and shows that by co-designing the compression, encryption, and packeti-
zation operations, one can enable streaming and mid-network transcoding
to be performed without requiring decryption, i.e., one can simultaneously
provide end-to-end security and mid-network transcoding.
Chapter 11 presents an overview of scalable encryption and multi-access
encryption and key schemes for DRM and other multimedia applications.
xxii PREFACE
Chapter 12 introduces broadcast encryption, a relatively recent develop-
ment in cryptography, and discusses its interesting advantages as a key
management scheme for content protection.
Chapter 13 addresses the practical problem of tracing the users (traitors)
who instrument their devices and illegally resell the pirated copies by
redistributing the content or the decryption keys on the Internet.
Chapter 14 features steganalysis, the counterpart of steganography, that
aims to detect the presence of hidden data.
Chapter 15 reviews an emerging research area - the passive-blind image
forensics, which addresses image forgery detection and image source
identification.
Chapter 16 addresses prevention of unauthorized use of the motion picture
content in digital cinema. Standardization efforts, goals and an example
security system are presented.
Chapter 17 presents an overview of activities of a number of standards
organizationsinvolved in developing DRM standards, such as MPEG, OMA,
Coral, DMP, ISMA, and AACS, and provides a quick-reference list to many
others.
Chapter 18 provides an in-depth discussion and analysis of the Digital
Millennium Copyright Act and its social and technological implications.
With the above introduction, we hope you enjoy reading Multimedia Security
Technologies for Digital Rights Management. We learned a great deal putting this

book together. We thank all the contributors for their enthusiasm and hard work
that make the timely publication of this book possible. We would like to thank
Ian Scott and Thomas J. Riehle for their assistance in proofreading some chapters
and providing editorial suggestions. We are grateful to the assistance from B.
Randall, R. Roumeliotis, R. Adams, L. Koch, B. Lilly and others at Elsevier, Inc.
whose expertise has helped make the editing experience much more enjoyable.
Wenjun Zeng
Heather Yu
Ching-Yung Lin
PART A
OVERVIEW
CHAPTER 1 Introduction—Digital Rights Management
(Scott Moskowitz)
CHAPTER 2 Digital Rights Management Systems
(Marina Bosi, MPEG LA, LLC)
CHAPTER 3 Putting Digital Rights Management in Context
(Leonardo Chiariglione, Digital Media Strategist)