D. A. Arbatsky
Wikiright is a technology of protection of copyright for products presented
in digital form. It is practically of zero net cost
(for computer users) and it requires usage of technologies and net resources
that already exist. An author of a product protected by wikiright
has an opportunity (if thinks expedient) to make
the audit of the copyright free for all users of the Internet.
In this paper the wikiright technology is described and concrete recommendations
of its usage are given. Also I give
comparison with other, already known, technology of “trusted timestamping”.
It turns out that the wikiright technology is easier to use,
and, after proper development, it has quite a few essential advantages.
How it works
Suppose, you have created some file and you want that in future you would be able
to confirm your copyright for it. Is that file text,
musical, graphical, video or some other
does not matter. Further you need to do the following:
Attach to that file your personal data with indication of your authorship.
If that is a text file you can write them directly to the text.
If the file is a picture, you can, for example,
make a caption just on the picture. If the format of your file does not provide
an opportunity of such a modification, then you need to write a separate text file
with a description and indication of your authorship and join the produced files
packing them in an archive by any archiver. (The latter alternative
is also more preferable in the case when you want to protect your
authorship of several files at once.)
Calculate a collisions resistant
hash function of the obtained file.
(Hash function is just some string containing several dozens of digits and letters,
that corresponds to your file.)
At present, a good variant
seems to be, for example, the hash function SHA-256. The algorithm of its calculation
is well-documented and realized on main computer platforms
in the form of numerous hash calculators.
(If you work in Windows and do not want to independently search for and test
hash calculators, you can try the following two:
Both of them are free and easy to use.
But I am not their developer and do not guarantee anything about them.)
Publish the hash function on any Internet site, that indicates
the precise time of publication. As such a site you can use, for example,
Wikipedia. The advantages of Wikipedia are the following:
The usage of Wikipedia for this purpose seems to be legitimate
at present, because Wikipedia policy does not prohibit (yet) such usage
of the resource. And such usage can be considered as
pointed at the aims of development of Wikipedia, because it supplies
to the Wikipedia community additional verifiable sources of facts.
It remembers the precise time of each data record made.
Its owners have gained some confidence of the Internet community.
The project of Wikipedia seems to be quite long-range.
For publication of hash function in Wikipedia I suggest the following
Go to the
Delete everything written before you and write your hash function.
Go to the page
Find the last record (it is first in the list and it corresponds to your publication)
and go by the link with the date to the page containing your publication.
At that time in the address bar of your browser you will see the permanent
address of your hash function.
Write down the permanent address of your publication.
Carefully organize the storage of the hashed file. This
is especially important: not even one bit in the kept file can be changed. If
even one bit changes, you will not be able to confirm your authorship by
the way described here.
In fact, this is all. If you want to afford an opportunity to check your
authorship to all users of the Internet, then make additional step:
Place somewhere in the Internet the hashed file (for example, on your
web site). And also point out where its hash function was published.
Now any user of the Internet will be able to download your hashed file,
independently calculate its hash function, and after that compare it with
the published. If there is no discrepancy, then that person can
be sure, that you really possessed the hashed file at the moment of
publication of the hash function.
For notation of wikiright I would suggest to use a special symbol:
Ⓦ (symbol U+24cc in Unicode).
This symbol should be placed
near the name of the author and the date of creation of a document, and
it can serve as a hyperlink to the resource describing that particular
case of wikiright.
Naturally the question arises: to what extent the suggested technology
is legal, and will such a proof be accepted in the court of law, if necessary?
If you understand Russian, you can read the discussion of this topic in
the Russian version of this paper.
The discussion is based on the Civil Code of the Russian Federation and
on the Code of Civil Procedure of the Russian Federation.
The conclusion is that wikiright is already
completely legal (in Russia). The fact that this technology is new and
is not (yet) described in legislation separately, does not play
a role of principle.
If wikiright becomes widespread, it seems to be reasonable
to organize specialized sites in the Internet: hash function depositaries.
They could not only collect, store, and provide dated
hash functions, but also these depositaries could control each other. The database
of any such a depositary (or, for example, each part of it corresponding to
one month) can be hashed and certified in other
depositary. In addition, the database of a depositary can be made
available for downloading and saving to an indefinite circle of people.
So, it seems, we can get
unprecedented (in the sense of protectability against falsifications) in history
system of dating of historical documents.
Comparison with trusted timestamping
At present somewhat other computer technology works —
Briefly, it boils down to the following:
In the same way you attach to your file data about authorship, calculate
the hash function and send the hash function to a specialized
Internet timestamping service.
The service attaches to your hash function the record about the time of receiving of the
hash function and signs the resulting digital sequence with its
digital signature. (In other words, it puts on your hash function
its “time stamp”.)
After this the hash function with the time stamp is returned to you.
You organize the storage of the hashed file and also of the hash function
with the time stamp. You may put them in free access in the Internet.
If somebody wants to check the authenticity of your time stamp,
that person makes the following:
Downloads from the site of the timestamping service its public key
(this is some fixed sequence of several hundreds digits and letters,
that belongs to that service; it is unique for that service and
is not connected with a concrete hash function).
Using that public key and using a special program checks
the authenticity of the time stamp.
Checks the identity of the hash function in the time stamp and
the hash function of the original file.
In comparison with trusted timestamping wikiright has substantial advantages:
Wikiright is more simple and more intuitive. For the people not familiar
with cryptography it is easier to master it.
Wikiright allows as a part of the technology usage of
some physically irreversible process. For example, from time to time
the depositary can burn the database with hash functions on a write once CD.
This leads to the result that computer break-in of the depositary does not lead to
too fatal consequences. When a break-in is revealed, an investigation of
the technology of the break-in is performed, the software is patched,
and the database of hash functions is restored from the CD.
But with the technology of timestamping situation is much worse:
as soon as the so called private key of the timestamping service
comes to an intruder, immediately all time stamps, signed with the use of
that key, lose their evidential force. Especially upsetting is the fact
that the stealing of the key can remain unrevealed for indefinitely
The technology of timestamping is essentially based on
trust. And the work of people, who are trusted,
can not be verified (in the frame of this technology).
Such an ideology can be capable (at the best) for protection of
rights of the “regular people”.
But the problem of dating can sometimes concern interests of
whole corporations or states. In such
a situation the technology based on unverifiable trust turns out
invalid in principle. In contrast, wikiright suggests that depositaries
from time to time will certify their databases to each other (and also
allow to download and save their databases to an indefinite
circle of people).
In the conditions of the multipolar world
no center of force (government) will be able
to independently falsify any dating without compromise
of the depositary under its control.
“Authority” of a concrete
depositary will be established not by the “authority”
of the government, that controls it, but just by
the time of unstained work of the depositary.