Re: limits of watermarking (Re: First Steganographic Image in the Wild)
Adam Back wrote: Another framework is to have players which will only play content with certified copy marks (no need for them to be visible -- they could be encoded in a logo in the corner of the screen). The copymark is a signed hash of the content and the identity of the purchaser. This could be relatively robust, except that usually there is also a provision for non-certified content -- home movies etc -- and then the copy mark can be removed while still playing by converting the content into the home movie format, which won't and can't be certified. The other obvious weakness in such a scheme is that the player can be modified to ignore the result of the check - rather like defeating dongles, which have yet to exhibit any noticable resistance to crackers. Cheers, Ben. -- http://www.apache-ssl.org/ben.html There is no limit to what a man can do or how far he can go if he doesn't mind who gets the credit. - Robert Woodruff - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: limits of watermarking (Re: First Steganographic Image in the Wild)
In article [EMAIL PROTECTED], Ben Laurie [EMAIL PROTECTED] wrote: b) Even if physical media goes away, individual watermarking blows away multicast - and broadband will just never work without that. It is true that broadband isn't viable if it requires a high-bandwidth from one source to every end user; the stream has to be exploded at some replication points near the viewers. But that replication doesn't have to be done by the routers; it can also happen at a distributed network of servers, which can be intelligent enough to add watermarking at a cost on the same order of the cost to provide SSL. This sort of server-based multicasting is widely deployed today by Akamai and others, and has been far more successful than router-based multicasting. -- Shields. - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: limits of watermarking (Re: First Steganographic Image in the Wild)
Adam Back wrote: In my opinion copymarks are evil and doomed to fail technically. There always need to be playble non-certified content, and current generation watermarks seem easy to remove; and even if some really good job of spread spectrum encoding were done, someone would reverse engineer the players to extract the location parameters and then they too would be removable -- and in the end even if someone did manage to design a robust watermarking scheme respecting Kerchoff's principle, the identity information is weakly authenticated, and subject to identity theft or the content itself could be stolen or plausibly deniably claimed to have been stolen and this only has to happen once for each work. The thing that gets me about all this is that exactly the same argument can be made for all existing media - and, although piracy is rife, no-one is attempting to mark videotapes or CDs, AFAIK. So why all the fuss about more modern digital media? Has no-one noticed all the ripped videotapes, CDs and DVDs? Are we really expected to believe the whole media reproduction industry is ever going to switch over to producing each disc individually, expensively watermarked? So what's the real agenda? And don't tell me its because broadband will eliminate physical media: a) I believe physical media will always have higher bandwidth than broadband - why? Because you have to feed the broadband from somewhere, and archive it somewhere. b) Even if physical media goes away, individual watermarking blows away multicast - and broadband will just never work without that. It seems to me that putting the details of the purchaser in plaintext on the beginning of the file and making it illegal to remove it is as good a protection as you are ever going to get - but that would ruin a whole bunch of business plans, so I guess no expert is going to admit that. In short, the agenda, it seems to me, is the business plans of companies in the watermarking business. No more, no less. I'm amazed the media moguls are willing to waste so much of their time and money on it. Cheers, Ben. -- http://www.apache-ssl.org/ben.html There is no limit to what a man can do or how far he can go if he doesn't mind who gets the credit. - Robert Woodruff - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: limits of watermarking (Re: First Steganographic Image in the Wild)
Ben Laurie wrote: The other obvious weakness in such a scheme is that the player can be modified to ignore the result of the check - rather like defeating dongles, which have yet to exhibit any noticable resistance to crackers. I think though that that weakness is more workablee -- for example playstations can be chipped to work from copies of CDs, however probably the proportion of the market willing to make hardware modifications is sufficiently low that the copying rate is not a significant financial loss to the distributor (especially after adjusting for people who wouldn't have bought the work anyway, which is the group most likely to make the modification (students with low budgets etc)). Things which can be defeated in software or firmware upgrades only are for more fragile, and subject to changing user demographics, more internet aware and connected users, increasing scale of file-sharing networks; whereas devices needing hardware modifications have non-zero reproduction costs, and risk of damaging expensive equipment in the operation. On Wed, Oct 17, 2001 at 10:23:03AM +0100, Ben Laurie wrote: Adam Back wrote: [...why copymarks don't work...] [...] It seems to me that putting the details of the purchaser in plaintext on the beginning of the file and making it illegal to remove it is as good a protection as you are ever going to get - but that would ruin a whole bunch of business plans, so I guess no expert is going to admit that. It may be more to do with attempts to qualify under legal provisions of DMCA to construct something which is (legally) arguable qualifying as a system intended to prevent copying, so they can sue people who by-pass it. Another argument I've heard for making dumb proprietary schemes is that they ened them to be proprietary so they can make onerous conditions part of the licensing agreement, and sue anyone who makes devices or software without licensing their broken technology from them. In effect that it's utterly broken doesn't matter -- that it's claimable as an original work under patent law matters. In short, the agenda, it seems to me, is the business plans of companies in the watermarking business. That too is doubtless part of the problem. IBM's cryptolopes lending credibility by brand recognition to related technologically broken efforts such as InterTrust and other watermark related business plan startups digi-boxes and the like. SDMI was another broken attempt. No more, no less. I'm amazed the media moguls are willing to waste so much of their time and money on it. It could be that the only thing keeping the InterTrust types in business is the patentability and DMCA qualifying legal arguments above. Technologically they are all systemically broken. There may be an element of technological naivete on the part of MPAA RIAA too though, perhaps decision makers were genuinely confused to start with, and crypto-box outfits will have incentives to exaggerage the technological properties of their systems to their customers, the RIAA, DMCA etc. Adam - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: limits of watermarking (Re: First Steganographic Image in the Wild)
Matt Crawford wrote: a) I believe physical media will always have higher bandwidth than broadband - why? Because you have to feed the broadband from somewhere, and archive it somewhere. You can use an expensive physical medium to drive your transmission. If you sell atoms, you have to use a cheap medium. I'll admit that my argument doesn't stand up to severe testing - but I think it is important that in general the receivers of the stream will also want to store it (certainly my almost complete transition to TiVo-ized TV viewing [what little I do] would support that theory :-). Which is what I meant by archive it somewhere, but I see now was far from clear. Cheers, Ben. -- http://www.apache-ssl.org/ben.html There is no limit to what a man can do or how far he can go if he doesn't mind who gets the credit. - Robert Woodruff - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
limits of watermarking (Re: First Steganographic Image in the Wild)
On Tue, Oct 16, 2001 at 11:30:05AM -0700, Greg Broiles wrote: Adam Back wrote: Stego isn't a horseman, and the press drumming up scare stories around stego is ludicrous. We don't need any more stupid cryptography or internet related laws. More stupid laws will not make anyone safer. I agree, but if Congress isn't careful (and they don't seem to be in a careful mood these days), they'll end up outlawing watermarking in digital content, which would do to the DRM (digital rights management) industry what they tried to do to security researchers with the DMCA. Perhaps the RIAA and SDMI folks will now come out in favor of steganography in order to save their businesses. Or maybe they be forced to rewrite their complicated protection schemes to enable stego escrow, so that federal agents can monitor the secrets hidden inside published content, to make sure there aren't any hidden messages in Anthrax albums. So I presume your discussion on the applicability of stego techniques to the detection of unauthorised copying refers to the framework where content is personalised by having something identifying the purchaser encoded in it at time of delivery to the purchaser. Steganography means hiding the existance of a message -- making it hard to distinguish content without a stegotext from content with a stegotext embedded in it. Copymarks are about making it hard for the user to remove the message without massively degrading the quality (*). This means you want some or all of the purchaser identifying information to be hard to locate -- because once it is located it can be removed. But watermarks don't have to be invisible -- just hard to remove without degrading the image quality. This tends to mean spread spectrum techniques, and unpublished parameters of where the signal will be stored so that there is no publicly constructable discriminator, and no black-box discriminators queryable either. However this framework inherently violates Kerchoff's principle. Another framework is to have players which will only play content with certified copy marks (no need for them to be visible -- they could be encoded in a logo in the corner of the screen). The copymark is a signed hash of the content and the identity of the purchaser. This could be relatively robust, except that usually there is also a provision for non-certified content -- home movies etc -- and then the copy mark can be removed while still playing by converting the content into the home movie format, which won't and can't be certified. Just to say that copymarks and steganography are related but different. In my opinion copymarks are evil and doomed to fail technically. There always need to be playble non-certified content, and current generation watermarks seem easy to remove; and even if some really good job of spread spectrum encoding were done, someone would reverse engineer the players to extract the location parameters and then they too would be removable -- and in the end even if someone did manage to design a robust watermarking scheme respecting Kerchoff's principle, the identity information is weakly authenticated, and subject to identity theft or the content itself could be stolen or plausibly deniably claimed to have been stolen and this only has to happen once for each work. All with no comments on the US Congress being careful of course -- they are ham-fisted at the best of times, and they have degraded far beyond their normal state. Adam (*) This in itself is pretty hard -- reportedly stirmark [1] (a small random shearing image transform) gets rid of all evaluated watermarks. [1] Fabien A.P. Petitcolas, Ross J. Anderson, Markus G. Kuhn: Attacks on copyright marking systems Information Hiding, Second International Workshop, IH'98 http://www.cl.cam.ac.uk/~mgk25/stirmark.html - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]