The use of peer-to-peer (P2P) networks for multimedia distribution has spread out globally in recent years. The mass popularity is primarily driven by cost-effective distribution of content, also giving rise to piracy. An end user (buyer/peer) of a P2P content distribution system does not want to reveal his/her identity during a transaction with a content owner (merchant), whereas the merchant does not want the buyer to further distribute the content illegally.To date, different P2P distribution systems have been proposed that provide copyright and privacy protection at a cost of high computational burden at the merchants and/or at the buyers end and thus, making these systems impractical.In this paper, we propose PSUM, a P2P content distribution system which allows efficient distribution of large-sized multimedia content while preserving the security and privacy of merchants and buyers. The security of PSUM is ensured by using an asymmetric fingerprinting protocol based on collusion-resistant codes. In addition, PSUM enables buyers to obtain digital contents anonymously, but this anonymity can be revoked as soon as he/she is found guilty of copyright violation. The paper presents a thorough performance analysis of PSUM, through different experiments and simulations, and also analyzes several security compromising attacks and countermeasures.Traditional client-server content distribution systems are dependent on a centralized server which is costly in terms of initial infrastructure investment and maintenance. Moreover, the lack of scalability and the high bandwidth requirements are some factors that degrade the client-server system performance. In contrast to client-server systems, P2P technology offers cost efficiency, scalability, less administrative requirements and exposure to a large number of users. These benefits are the attractive features for media companies towards the adoption of P2P systems. BitTorrent (BT) (BitTorrent, 2000) is one of the most popular P2P distribution systems used on the Internet for distributing large amount of data, and it accounts for a significant volume of Internet traffic. For example, Red Hat Inc. uses Preprint submitted to Elsevier the merchant into a small-sized base file and a large-sized supplementary file. The base file contains the most important information and, without it, the supplementary file is unusable. The merchant sends the base file to a buyer in a semi-centralized way and uses a network of peer buyers to distribute the supplementary file.2. The proposed asymmetric fingerprinting protocol based on a state-of-the-art collusion-resistant codes and an existing secure embedding scheme is performed between a merchant, a buyer and a set of P2P proxies in the presence of a third party (monitor). The proposed fingerprinting protocol (Section 3.4.2) provides significantly improved efficiency over that of similar schemes that have been presented in the past, by using the idea of pre-computation-based secure embedding and permutation. In pre-computation-based secure embe...
