Author: Amna Qureshi
Programme: Doctoral Programme in Network and Information Technologies
Language: English
Supervisors: Dr David Megías Jiménez and Dr Helena Rifà Pous
Faculty / Institute: Internet Interdisciplinary Institute (IN3)
Subjects: Computer Science
Key words: Privacy, Security, Anonymity, Peer-to-peer networks
Area of knowledge: Network and Information Technologies

Summary

The use of peer-to-peer (P2P) networks for multimedia distribution has spread globally in recent years. This mass popularity is primarily driven by the efficient distribution of content, also giving rise to piracy and copyright infringement and to privacy concerns. An end user (buyer) of a P2P content distribution system does not want to reveal his/her identity during a transaction with a content owner (merchant), whereas the merchant does not want the buyer to further re-distribute the content illegally. Therefore, there is a strong need for content distribution mechanisms over P2P networks that do not pose security and privacy threats to the copyright holders and end users respectively. However, the current systems that have been developed with the purpose of providing copyright and privacy protection to the merchant and end users employ cryptographic mechanisms incurring high computational and communicational burdens which make these systems impractical to distribute large sized files, such as music albums or movies.

In order to develop a framework that could provide an appropriate balance between distributing copyrighted contents on a large-scale and preserving the privacy rights of end users, a review analysis of the existing P2P content distribution systems is conducted with a focus on the design challenges and possible solutions to achieve both copyright protection and user's privacy. The review of current P2P systems satisfying either one or both security and privacy properties shows that most of the systems incur high computational and communicational burdens at the content owner's end and/or at the end user's end. Consequently, to preserve multimedia owners' ownership properties and end users' privacy in an efficient manner, a secure and privacy-aware multimedia content distribution framework is proposed that enables content owners to distribute their large-sized digital contents without fear of copyright violation, at reduced delivery costs, and simultaneously allows end users to receive legal content without fear of privacy breach. Based on this framework, two different asymmetric fingerprinting protocols are proposed for the distribution of fingerprinted content from a merchant to an end user of a P2P system. In the first scheme, homomorphic encryption of selected wavelet coefficients is used for achieving asymmetric fingerprinting. The second solution does not require homomorphic encryption and uses a collection of non-trusted proxy peers for distributing the most relevant part of the content from the merchant to the buyer, applying fragmentation, permutation, and symmetric encryption.

Finally, a detailed security and performance analysis is provided to show that the proposed content distribution framework provides a fine balance between security, privacy, and efficiency. A comparative analysis of the proposed systems shows that the second alternative is more efficient than the first one, as far as both computation time and communicational burden are concerned, but at the price of involving more parties (the proxies) in the protocol. The proposed systems are also compared to other proposals of the literature showing their advantages.