Politech mailing list archives

Previous By Date Next
Previous By Thread Next

FC: Update on music industry's SDMI watermarking challenge

From: Declan McCullagh <declan () well com>
Date: Wed, 25 Oct 2000 00:01:39 -0400

*******
Some background:
http://www.eff.org/IP/Audio/SDMI/20000929_eff_hacksdmi_revised_boycott.html
*******


From: sacraver () ivy ee princeton edu (Scott Craver)
Newsgroups: sci.crypt
Subject: SDMI announcement
Date: 23 Oct 2000 16:34:21 GMT
Organization: Princeton University


        Hello,

        If you read Salon or Slashdot, you may have already read
        of this.  Our research group, comprising of crypto-folk
        from Princeton U, Rice U and Xerox have issued a press
        release and faq (http://www.cs.princeton.edu/sip/sdmi/)
        detailing comprehensive success in the 1st round of the
        SDMI challenge.

        Basically, we got positive results from the oracles
        for all four watermarking technologies.  These oracles
        would yield a positive result if music submitted to
        it was modified enough that a watermark could not be
        detected, and if quality was good enough relative to
        64Kbps MP3 compression.  We dont know how they measured
        quality.  But we passed all four oracles, and repeated
        our results as much as we could before the challenge
        deadline was over.

        A full technical writeup is coming soon, as we plan
        on sharing all our findings with the cryptographic and
        steganographic community.  This is part of the reason
        we are not participating in the second phase:  we
        are not interested in the prize money, and at this
        point the challenge is more like a contest, providing
        no real value to us from a scientific perspective.
        Further participation may also restrict our ability
        to publish our results---to be eligible for the prize,
        it appears one must sign a form transferring intellectual
        property rights to the analysis.

        Finally, if you are also a research team who has
        received positive results from SDMI oracles, wed love
        to hear about it.  We are making a list of links to
        others who have received positive results in the first
        round.  Keep in mind that if youre going after the
        money, you might become ineligible if you publicize
        these details.

                                                -Scott

        Heres the official statement, as found at the URL:

---------------------------------------------------------------
Statement Regarding the SDMI Challenge

The Secure Digital Music Initiative (SDMI) is developing a
comprehensive system to prevent music piracy. Central to this
system is watermarking, in which an inaudible message is hidden
in music to provide copyright information to devices like MP3
players and recorders. Devices may then refuse to make copies of
pieces of music, depending on the meaning of the watermark
contained therein.

In September 2000, SDMI issued a public challenge to help them
choose among four proposed watermarking technologies. During the
three-week challenge, researchers could download samples of
watermarked music, and were invited to attempt to remove the
secret copyright watermarks.

During the challenge period, our team of researchers, from
Princeton University, Rice University, and Xerox, successfully
defeated all four of the watermarking challenges, by rendering
the watermarks undetectable without significantly degrading the
audio quality of the samples. Our success on these challenges
was confirmed by SDMIs email server.

We are currently preparing a technical report describing our
findings regarding the four watermarking challenges, and the two
other miscellaneous challenges, in more detail. The
technical report will be available some time in November.

This statement, a Frequently Asked Questions document, the full
technical report (when it is ready), and other related information
can be found on the Web at http://www.cs.princeton.edu/sip/sdmi.

For more information, please contact Edward Felten at
(609) 258-5906 or felten0x40cs0x2Eprinceton0x2Eedu.

Editors note:  replace 0x40 with @ and 0x2E with .

----------------------------------------------------------------

Scott Craver, Patrick McGregor, Min Wu, Bede Liu
Dept. of Electrical Engineering, Princeton University

Adam Stubblefield, Ben Swartzlander, Dan S. Wallach
Dept. of Computer Science, Rice University

Drew Dean
Computer Science Laboratory, Xerox Palo Alto Research Center

Edward W. Felten
Dept. of Computer Science, Princeton University

***********


Date: Tue, 24 Oct 2000 16:14:09 -0700 (PDT)
From: Ray Dillinger <bear () sonic net>
Cc: cypherpunks () cyberpass net
Subject: Re: Watermarking Utopia ...


I think I know what the SDMI "challenge" is really trying to
accomplish.

These people are not trying to seriously test their watermarking
schemes -- those are broken from the getgo because the players will
be in control of (and owned by) their adversaries, and they know it.

Moreover, it should be possible to create a program that can render
any all-instrumental music in a watermark-free form, by simply
recognizing the instrument (from the watermarked sound) and
substituting with the same instrument from a recorded library
of sounds, plus standard filters for modulation and mixing, so
the existence of a watermarked version is almost irrelevant
except in cases of vocal music.

Nor are they trying to impress stockholders with the security of
their stuff.  There is no competition in the watermarking business
yet; as far as stockholders are concerned, you are doing it or you
are not.  Nobody's is "more secure" than anybody else's, hence
effort spent convincing stockholders that the security is an
advantage is a waste of time.

What they are trying to do, I think, is to set up a legal status
indicating that they "did their homework".  That way, when the
crack of their published system happens (and it will) they can more
easily get a favorable judgement from a court and try to legislate
and sue the crack program out of existence.

I know that DeCSS had this happen to it even though the MPAA
didn't really do their homework -- but given what happened with
DeCSS, I don't think the SDMI group could make a really solid
case that the crack was totally unexpected in their case - and
the DeCSS case hinged on expectation.

Security by siccing a herd of lawyers on the incursion may be
ridiculous from a technical standpoint - but it is effective in
restricting what a business enterprise can do, as long as that
business is owned by someone using a True Name who must answer
to the law.

                                Bear







-------------------------------------------------------------------------
POLITECH -- the moderated mailing list of politics and technology
You may redistribute this message freely if it remains intact.
To subscribe, visit http://www.politechbot.com/info/subscribe.html
This message is archived at http://www.politechbot.com/
-------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: