I think a watermark is more likely to be keyed. Without the key it's a bit harder to be sure to remove the watermark without affecting the quality of the image. With the key you can tell which parts of the message to remove. In addition watermarking has to mean a mark tied to the identity of the downloader, otherwise a simple presentation serves to demonstrate it is the same work. Ideally the watermark should include a signature by the downloader, otherwise the watermarker can forge watermarks and frame random people for unauthorised redistribution. I'd guess most of them don't bother with obtaining signatures from downloaders due to the sparse independent PKI (there is limited point the watermarker acting as a CA in it's own PKI, as it can forge certificates and identities in it's own controlled CA). Though not equitable the systems relying on the watermarker not to cheat is probably not too much of a problem from the point of view of the watermarker because courts will just decide in favor of the trustworthiness of the media cartel when it is case of one persons word against the cartel. Of course the whole concept of watermarking is broken at all levels, copying can not be prevented as the content can typically be reencoded and lose the watermark, quality is in heavy contention with the ease with which the watermark can be removed. Even if it is keyed. And ultimately content can plausibly deniably be stolen and all it takes is one copy. Adam On Sun, Feb 11, 2001 at 05:28:07PM +0200, Sampo Syreeni wrote:
On Sat, 10 Feb 2001, Steve Schear wrote:
Not entirely true. If watermarking become ubiquitous then their presence is no longer suspicious. If the marks contain encrypted content then almost no one will know or care as they are passed and published and only the intended recipients will receive the messages.
If stego is meant to be used between individuals, it's unlikely that a watermark would be present in the content naturally - after all, the marks are meant for CRM applications and individuals rarely take such good care of their private communications. And as for watermarks on commercial content, anyone caring about the presence of hidden communications can obtain a licence so that the watermarks can be completely detected. If the eavestropper is capable of full detection (not just statistical guesses), commercial watermarks fail to provide a meaningful hidden channel. (I.e. one would expect databases of valid marks to be available to an adversary of means.)
In fact, many of the meaningful adversaries can perform a removal attack on commercial watermarks, since the licences are available to corporations and governments and, in the absence of workable asymmetric watermarks, detection equals capability to remove. This means that one cannot necessarily even use an existing watermark to hide another carrying your message.
I think covert communication has very different needs from CRM. E.g. requiring non-detectability means that you have to model the channel statistics very closely, leading to a low bandwidth covert channel. CRM does not suffer from this, since a watermark only needs to be perceptually insignificant.
Sampo Syreeni <decoy@iki.fi>, aka decoy, student/math/Helsinki university