stereopsis : the nupster story

The Nupster Story

back

Well, it was the week that Napster was supposed to, any minute now, start filtering songs by filename. So I started talking to my friends and saying, "You know, there's an easy way to circumvent this."

So I started hacking, talked to Jeremy about crypto, had Lorna start testing on a wild variety of OSes (and she made a super-cool icon too), while Shawn was (of course) egging me on the whole time.

And, well, four hours later we had this cute little program that would encrypt all your filenames.

And, really, I have to say, we were done two days before the Aimster Pig Encoder was posted, and our stuff was much much cooler than theirs.

But actually, I'm such a wimp about getting sued for billions of dollars, so I didn't post it. (No, I'm still not posting it.)

[screenshot - 5K]

At heart, though, I guess I like talking about cool tech more than anything, and this thing was cool.

I'll just excerpt from our tongue-in-cheek page describing the program:

Nupster is a program for personal cryptography, to help you protect your filenames from the eyes of others.
We believe that filenames you put on your filesystem are in fact your property (not the files' contents, of course, but the filenames themselves.) Therefore, if you claim copyright on these, you're welcome to encrypt them, and other people are prevented from decrypting, per the DMCA.
In this preview release, we've integrated Nupster with "Napster" to encrypt the names of all your .mp3 files. As the program starts, it encrypts all your filenames, and then when you quit (or tell it to), it restores them.
Inspired by some ideas about computing at the edge of the network we've decided to use the huge amount of CPU power on boxes to do something useful: run a very complex cryptographic algorithm.
We have designed our encryption so that it takes about one second per filename to encrypt. We think that you could improve this speed a little bit, but probably not too much.
The system also supports changeable keys. You can think of keys as "channels" -- you can look at other files in your channel but not ones on a different channel.
Right now, there are about 2147483648 different channels on Nupster. Along with the long encryption times, this makes mounting a centralized dictionary attack against the system rather expensive. We expect that the computer cost to effectively filter Nupster exceeds the record industry's annual revenue by several orders of magnitude.
Nupster uses a one-way hash, which we have designed to limit "second-generation" copies. This means, you can search for a song from the original licensee, but you can't easily pass the song on without manually renaming it.
This is actually a very good feature, as it's been considered legal to pass first-generation material to friends and to make various copies of this kind. Our system improves the legal status of Napster by quite a large degree.

Anyway, on the tech side, we did something very simple: we ran SHA-1 a whole lot of times recursively on a tokenized version of the filename. We mixed in random deterministic junk at each stage just in case someone figured out how to invert SHA-1 (not really likely.)

I think the implementation ran SHA-1 about 100,000 times per word, and then spit out each word as a new ASCII token that looked something like a word. You can see this in the screenshot above.

In addition to that, we had a seed value (a long integer) that would effectively make "channels" for different sorts of content or groups of people in the namespace. We considered broadcasting a key for each day, by various scalable schemes (one of the cooler ones including dropping the information in a DNS record with a fast expiration.) In the end, this seed became user-settable.

I guess the nice thing is that with Relatable's technology, none of these attacks or ideas really have teeth anymore, and that way I can post the story.

So, I guess for this week, at least, you can breathe easy that copyright is being protected online.