2.6.2. Digital Rights Management (DRM)

DRM systems have been developed to provide the secure delivery of digital content to an authorized receiver with restrictions (e.g., copying, printing or editing) on the usage of the content after delivery. A typical DRM system provides means for protecting content, creating and enforcing rights, identifying users, and monitoring of the content usage. A generic DRM architecture consists of three entities: content provider (responsible for generating the multimedia content, its metadata, and the corresponding content encryption keys, and encrypting the content), license provider (responsible for creating licenses and managing the content encryption keys), and a user (who has rights to access the content downloaded via a local software, called a DRM agent). DRM can be implemented as both software (Apple's FairPlay) and/or hardware (smart cards) solutions.

A DRM system is designed to satisfy the following security requirements:


The core technologies used by DRM to fight piracy include encryption, passwords, watermarking, digital signature and payment systems. Encryption and password technologies are used to control who has access to the content and how it is used. Watermarks and digital signatures are used to protect the authenticity and integrity of the content, the copyright holders, and the users. Digital watermarking complements DRM to ensure that the digital rights of the copyright holders are not violated. Unlike traditional DRM schemes that compress and encrypt single multimedia content into multiple copies with each copy targeted at a specific application, and provide single access-control, modern DRM systems have been proposed to support encryption of scalable code streams with multiple keys to allow multiple accesses. Since a watermark can be used to identify the original content owner, it discourages a user from misrepresenting the content as if it was his/her own as well as unauthorized distribution or sharing it illegally with unauthorized parties.

#### 2.6.3. Digital Watermarking

Unlike multimedia encryption, digital watermarking provides posterior protection when the multimedia content is decrypted by the authorized users. It imperceptibly alters the original content (host signal) by hiding the identification information (watermark) in it. This information can later prove ownership, and verify the authenticity of the carrier signal. A digital watermarking system generally includes two stages: watermark embedding and extracting. In the embedding algorithm, a watermark is embedded into the host signal to produce a watermarked signal, while in the extraction algorithm, the watermark is extracted from the manipulated/modified signal. If the signal was not modified during transmission, then the watermark is still present and it can be extracted. The watermark detection can only verify ownership, whereas watermark extraction can prove ownership. A secret key is used during the embedding and the extraction processes in order to prevent illegal access to the watermark.

Each of these following properties must be taken into consideration when applying a certain watermarking technique [33]:

• Imperceptibility: The perceptual similarity between the original and the watermarked versions of the digital content. The embedded watermark must not introduce distortion, which can cause quality degradation.


Digital watermarking has been widely and successfully applied across a wide range of applications, such as copyright protection, transaction tracking, content authentication, broadcast monitoring, copy control, device control and legacy enhancement. The majority of the watermarking schemes proposed in recent years across the above mentioned range of applications focuses on producing image and video watermarked data, and very few focus on audio content.

#### 2.6.4. Multimedia Fingerprinting

Unlike digital watermarking, which is incapable of tracing back the source of piracy, multimedia fingerprinting (also called transaction tracking) can trace back the identities of the pirates (colluders) upon finding an illegal copy. This traceability is achieved by embedding a unique user-specific information, known as a fingerprint, into different copies of the same content. A multimedia fingerprinting algorithm is a protocol between the content owner and the customer that involves three processes: fingerprint generation, embedding operation, and traceability of pirates from pirated/colluded copies.

A multimedia fingerprinting scheme is expected to address the following constraints [34]:


From the customer's point of view, a traditional fingerprinting protocol between him/her and the content owner is unattractive, because during the embedding procedure, the content owner obtains the identity information of the customer. This enables a malicious content owner to embed the identity information of the customer into any content without the customer's consent, and subsequently, accuse him/her of illegal re-distribution. To eliminate this threat, anonymous fingerprinting protocols were developed based on cryptographic tools (such as homomorphic encryption, secure multiparty computation or zero-knowledge proof protocols). A complete and sound anonymous fingerprinting protocol [35] is expected to provide buyer frameproofness, traceability, collusion resistance, anonymity, non-repudiation, dispute resolution and unlinkability. Recently, a growing number of anonymous and collusion-resistant fingerprinting techniques have been proposed for multimedia content.

#### *2.7. Performance Requirements*

To evaluate the performance of blockchain-based copyright protection applications, several metrics should be taken into consideration. These are defined as follows:


#### **3. State-of-The-Art of Blockchain-Based Content Protection Systems**

Recently, both industry and academia have started to consider preservation of intellectual property rights using blockchain technologies. In the existing research, blockchain is considered to be a transparent and reliable ledger, which is used to solve the problems of copyright protection faced by the content owners and producers, e.g., the rights attribution certificate, data integrity, authenticity, piracy tracing and transparency, among others. In the remainder of this section, a brief overview of existing blockchain-based content protection systems is provided w.r.t. their main attributes and implementation details.

In Reference [36], the authors propose a blockchain-based framework that guarantees copyright compliance of multimedia objects by means of smart contracts. The proposed system uses an off-chain centralized storage solution, data lake, to store the transaction details of all the data added on the blockchain. The information stored on the data lake is encrypted and digitally signed to ensure the privacy and authenticity of the information. The stored data can only be accessed by the authorized users after verification of their digital signatures and access rights by the consent of the majority nodes. Although the decentralized data management framework ensures user data privacy and control, it is a proof-of-concept that has not been implemented and evaluated in the real world.

Peng et al. [37] propose an Ethereum-based digital copyright management system that enables content owners and customers to deal directly without the need of a centralized authority. In the proposed system, digital watermarking, the ElGamal cryptosystem, a perceptual hash function, the smart contract, and IPFS are used. However, the scheme incurs high overhead (memory and CPU time) due to use of ElGamal encryption for encrypting the whole multimedia content.

Chi et al. [38] introduce a secure and reliable blockchain-based real time eBook market system that allows users to publish themselves and receive direct payments from readers without any trusted party involvement. The proposed trading platform uses blockchain for protecting copyright of paid content and securely managing direct payments. It provides eBook ownership verification, data protection and confidentiality, permission to read the purchased ebook, authentication of a legitimate purchaser, non-forgeability and verifiability of both eBook contents and direct payment transactions, and prevention of eBook piracy and illegal distribution. The published encrypted (using Elliptic Curve Cryptography) eBook contents along with the book key are stored in a book repository.

Kishigami et al. [39] proposed a high-definition video copyright management system based on a decentralized blockchain to assist the content creators' demand for an efficient way to manage DRM. In the proposed scheme, the right holders themselves can control the system, which is based on the PoW mechanism. In this technique, the headers of ultra-high resolution video content (i.e., 4K or 8K) are encrypted and decrypted to balance the cryptographic costs associated with encryption/decryption operations. However, the system does not have an incentive mechanism for mining computation power. In addition, it does not provide cross-platform rendering and access policy control of the media file.

Zhao and O'Mahoney [40] proposed BMCProtector, a prototype implementation based on an Ethereum blockchain and smart contract technologies, for effective protection of music copyright and rights of copyright owners. BMCProtector uses the AES algorithm to encrypt the audio file, vector quantization (a watermarking technique) to track ownership of the music file off-chain, and an off-chain access control mechanism (DRM) to control the copyright of music during its distribution and usage. The deployed smart contract is responsible for sharing the copyright parameters of the music owners and automatic royalty payments distribution to the wallet addresses of the different copyright owners. However, BMCProtector provides the proof-of-concept design for a copyright management of audio files only. Moreover, it cannot redprovide copyright redprotection of music files in other formats, e.g., an audio file recorded during playing and then uploaded illegally.

In Reference [41], the Blockchain as a Service (BaaS) model is proposed for building a DRM platform that provides high-level credit and security to the content provider, the service provider, and the customers. The DRM platform provides core content rights information storage in the blockchain for tamper-resistant protection to prevent copyright from being violated or misused. The content consumers can use blockchain-based digital currency for content consumption payment. A cryptocurrency digital rights coin based on multi-signatures is proposed as a payment mechanism on the platform. Dynamic key agreement and session data encryption are used to ensure secure communications and data transfer. This scheme uses many modulo operations that significantly limit the cost-effectiveness of the generating a temporary shared key. Moreover, the scheme is based on the alliance chain, and thus has a centralized authority that prevents direct transactions between the content owner and the customer.

Ma et al. [42] proposed a Ethereum-based scheme, DRMChain, which ensures the correct usage of digital content by the authenticated users, and provides flexible external storage of decentralized digital content using IPFS. DRMchain employs two isolated

blockchain application interfaces (BAI): BAI plain interface that stores the original content with its cipher summary, and BAI cipher interface, which stores the DRM-protected content service, such as content watermark, encryption, license and redviolation tracing, among others. DRMChain provides efficient and secure authentication, privacy protection, multi signature-based conditional traceability, and trusted and high-level credible content protection. However, DRMchain does not prevent the offline spread of the divulged copies. Moreover, the system lacks the diversified copyright management functions, such as copyright transaction. In addition, it lacks an effective punishment and reward mechanism.

Reference [43] proposed a blockchain-based DRM scheme for copyright protection of design works. The proposed system is categorized into two methods: copyright protection and trading. The copyright protection method performs copyright registration, information query and correlation verification, while the trading process encompasses design content protection and a proof-of-delivery method to guarantee fair trade. The enrolled buyer can purchase registered works from the content providers (sellers) through smart contracts. During the content delivery, the content is encrypted with the buyer's public key, and it is then delivered to the buyer through the application. Before receiving the content, the buyer needs to input his/her secret key to the application first, that performs decryption and makes it available to the buyer. However, the proposed scheme does not guarantee the security of the user's secret key submitted to the blockchain application for signing for the delivered content and the content decryption.

In Reference [44], a watermarking-based tamper-proof multimedia blockchain framework is proposed that provides security and integrity to the distributed image. The proposed blockchain model is based on a compressed sensing (CS)-based self-embedding watermarking algorithm in which the unique watermark information consists of a cryptographic hash and an image hash. The cryptographic hash comprises of transaction histories for retrieving the metadata of multimedia content from the multimedia blockchain, while the image hash is used for preserving retrievable original multimedia content.

The cryptographic hash can be used to retrieve the information of multimedia content (e.g., ownership and modification history) that is stored on the multimedia blockchain, and the image hash can be used to identify the tampered regions. The CS samples can be utilized for reconstructing the original image and locating the tampered regions. In the blockchain, a transaction is composed of the transaction information of the image containing transaction ID and the information of CS samples. Upon approval of the transaction by the validating nodes, the image is distributed and is then stored on a media database server. Though storing image verification information on the blockchain is a good strategy, the image is still stored in centralized manner or kept by the owner, which affects the availability of image management.

In Reference [45], an automated penalization of breach (APB) contract is proposed that consists of four main components: a claim-or-refund smart contract, a robust watermarking scheme, an oblivious-transfer scheme and a non-interactive zero knowledge (NIZK) proof for mutually distrusting parties. In this scheme, the sender and the receiver create a claimor-refund transaction on Bitcoin, where an amount is deposited that can be spent at any time with a jointly signed transaction or spent after a period of time by a sender-only signed transaction. At the receiver's end, the received document consists of the receiver's secret key, which is embedded into it with a robust binary watermarking scheme. A two-party computation protocol is jointly performed by the parties to embed and ensure that the receiver's embedded key is retrievable for the sender in case of a content leakage.

Reference [46] proposes a blockchain-based data hiding method for digital video protection, which improves the integrity authentication of confidential data and videos. The proposed method consists of the following three parts: (1) on-chain data protection method that focuses on the integrity check and the security of the video by registering the signature of the video content on the blockchain; (2) off-chain data protection based on a data hiding algorithm that can achieve a good balance between visual distortion, embedding capacity and robustness; and (3) data protection management agreement based

on a smart contract that consists of registration, inquiry and transfer contract models. However, in the proposed scheme, the users need to request data extraction from data hiding servers so as to enable multimedia playback.

In [47], the blockchain technology is used to store the watermark securely and to provide timestamp authentication for multiple watermarks. The proposed system uses the perceptual hash function for calculating a hash value of an image, the blockchain technology for recording metadata related to the copyright information, the QR code for generating a watermark, the digital watermarking algorithm for embedding the copyright information, the cryptographic hash function for calculating the hash values of both original and watermarked images, and the IPFS network for saving, managing and distributing the watermarked image and its related copyright information. The proposed scheme, however, provides the proof-of-concept design for copyright management of digital images only. Moreover, it can be observed that the perceptual hash values of modified/edited images (such as rotated or cropped) considerably differ from those of the original and the original image hash values recorded on the blockchain.

In [48], Fei proposes BDRM, a blockchain-based DRM system with the property of a fine-grained usage control. BDRM utilizes a smart contract to achieve copyright management related operations, such as copyright registration and copyright transactions. Moreover, a novel authorization tree is designed in the blockchain. Each time a user conducts a rights transaction, a usable digital watermark is embedded, and digital content distribution is performed under the encryption domain. The authorization tree is then updated and the transaction is recorded on the blockchain. The content is encrypted with the secret key of the content owner and is stored in the distributed file system (IPFS). However, BDRM is only applicable to copyright registration of a single content owner.

Reference [49] presents Y-DWMS, a digital watermark management system, based on a public smart contract platform to prevent digital rights infringement. The proposed system adopts non-repudiation of smart contracts and non-tampering of blockchain to implement a DRM mechanism that prevents users from sharing encryption keys or their accounts. The smart contract is designed to perform verification of watermarks in the disclosed copy, authentication of the informer's report, traceability of infringement, an act of rewarding informers and punishing infringers, and recovery of losses suffered by the copyright holders. However, Y-DWMS is still in an early stage of development and suffers from some security issues, such as account security and privacy.

Wu et al. [50] proposed a blockchain and smart contract-based data trading system with data tracking and illegal behavior detecting functions. It enables two trading scenarios with privacy protection against any unauthorized party, including the trading platform. An effective fingerprint method is designed to detect the manipulated image, thus protecting data copyright. A data fingerprint generator is designed to generate a fingerprint by concatenating multiple feature vectors extracted from the data. Upon finding an illegally distributed copy, the data fingerprint generator extracts an identifiable vector, which is then compared with the fingerprints recorded in all existing contracts. The generated fingerprint is resistant to minor data modifications, such as cropping, adding noise and changing brightness. However, the system does not satisfy the privacy and security properties of an anonymous fingerprinting protocol in a decentralized environment.

In Reference [51], the authors propose a P2P content distribution system based on the blockchain technology. The proposed system uses collusion-resistant fingerprinting (to provide collusion resistance), homomorphic and symmetric encryption schemes (to ensure content protection and data confidentiality), a perceptual hash function (to provide content authentication), an Ethereum-based smart contract (to execute atomic payment and provide proof-of-delivery) and the IPFS network (to store multimedia content). While the privacy and security properties of an anonymous fingerprinting protocol in a distributed environment are addressed by the proposed system, it is a proof-of-concept that has not been implemented and evaluated in the real world.

In Reference [52], Li proposes a blockchain-based novel fingerprint-related chaotic image encryption scheme that provides authentication, traceability, and resistance against security attacks (e.g., chosen plaintext attack or tampering). In this scheme, the content distributors' fingerprints embedded in the encrypted images are encoded with Tardos's collusion-resistant codes to record multiple fingerprints with fixed length of data and to provide traceability. Before content distribution, the original image is embedded with the signature of the sender and the fingerprints of all system distributors using a reversible watermarking scheme and a chaotic map. This fingerprinted image is then encrypted using Fridrich's structure, which consists of substitution, permutation and diffusion. The fingerprint, the data hiding key, and the encryption key are recorded on the blockchain. At the receiver's end, upon decryption, the fingerprinted image is obtained, and it contains the signature of the sender and all the fingerprints of the superior distributors (merged fingerprint), which can be extracted individually, and then compared with the recorded information on the blockchain for verification. Though the system provides collusion resistance, data integrity, and copyright protection, it does not satisfy all the privacy and security properties of an anonymous fingerprinting protocol in a decentralized environment.

Reference [53] presents a robust blockchain-based copyright protection system (RobustCPS) for audio content. RobustCPS consists of the following three parts: (1) the audio content is segmented into blocks; (2) content-based fingerprint is generated by applying the singular value decomposition (SVD) on each block; and (3) similarity detection is performed through an execution of a smart contract, which determines whether a similar fingerprint exists on the Ethereum blockchain. If a similar fingerprint is found on the blockchain, RobustCPS sends a warning to the copyright shareholder of the corresponding fingerprint so as to prevent copyright violation. In case a similar fingerprint is not found, the generated content-based fingerprint will be recorded on the blockchain. The contentbased fingerprint is resistant to common signal processing attacks and de-synchronization attacks. Though the system is able to protect copyright across multiple online platforms, it does not provide security against collusion attacks. Additionally, it is a proof-of-concept that has not been implemented on the blockchain.

#### *3.1. Comparative Analysis*

This section presents a comparison and a fine-grained analysis of blockchain-based multimedia content protection schemes presented in Section 3 w.r.t. the attributes defined in the taxonomy (Section 2). The analysis is presented in the form of Tables 1 and 2, Figure 2, and an in-depth discussion on the systems' properties. The tables also allow a side-by-side comparison of the systems presented in Section 3.

Table 1 presents the comparison of the schemes w.r.t. types of blockchain, transaction types, data automation, cryptocurrency, consensus protocols, and content protection techniques, while Table 2 compares the performance of these scheme w.r.t. the performance evaluation metrics mentioned in Section 2.7. In Tables 1 and 2, a cell contains "–" when the corresponding attribute is not addressed by the scheme.

**Figure 2.** Analysis of security objectives of multimedia content protection techniques achieved by the analyzed systems.

**Table 1.** Comparison of blockchain-based copyright protection schemes with reference to the taxonomy.






From Tables 1 and 2, we can make the following observations w.r.t. the attributes defined in the taxonomy:

	- **–** Since the majority of the schemes have utilized either Bitcoin or Ethereum for development or testing purposes, the average transaction throughput (3–7 tps for Bitcoin and 15–20 tps for Ethereum) and latency rates (10 min for Bitcoin and 17 s for Ethereum) have been considered. However, only a few schemes [37,39,41, 42,44,46] consider the transaction fees per block per day.
	- **–** Only a few schemes [41,42,45] address scalability by using the Schnorr's multisignature technology, which also improves the privacy of the system and prevents spam attacks to a higher degree. In [49], a quite small number of miners

are pseudo-randomly selected to execute off-chain computationally intensive smart contracts.


It can be observed that the majority of the systems provide data integrity (12 systems) and protection against communication attacks (12 systems). In terms of tamperproofness, we can observe that many systems guarantee tampering resistance (8 systems). This is to be expected since this property is provided by the blockchain technology. It can be observed that fewer schemes address data confidentiality (7 systems), traceability (7 systems), authenticity (6 systems), and conditional access (6 systems). In terms of security against attacks, only a few schemes are robust against common signal processing (7 systems) and collusion/coalition (5 systems) attacks. Considering the quality tolerance objective, we observe that transparency of the copyrighted (watermarked/fingerprinted) content is evaluated by many fewer schemes (2 systems).

**–** Most of the schemes presented in Table 2 are proof-of-concepts and have not been evaluated in a real-world scenario. In only three schemes [38,41,42], the total response time or the computational overhead in generating the copyrighted content is evaluated.

#### **4. Limitations, Open Challenges and Future Research Directions**

This section presents the limitations and research challenges that must often be faced when designing blockchain-based multimedia copyright protection applications. In addition, possible research directions are pointed out to be considered in future works.

#### *4.1. Limitations and Research Challenges of Content Protection Techniques*

The limitations and research challenges of the multimedia content protection techniques presented in Section 2.6 are discussed below:

