watermarking sucks (Re: stego for the censored II)

Sun Feb 11 09:07:17 PST 2001

I think a watermark is more likely to be keyed.  Without the key
it's a bit harder to be sure to remove the watermark without affecting
the quality of the image.  With the key you can tell which parts of
the message to remove. 

In addition watermarking has to mean a mark tied to the identity
of the downloader, otherwise a simple presentation serves to
demonstrate it is the same work.  Ideally the watermark should
include a signature by the downloader, otherwise the watermarker
can forge watermarks and frame random people for unauthorised
redistribution.  I'd guess most of them don't bother with obtaining
signatures from downloaders due to the sparse independent PKI
(there is limited point the watermarker acting as a CA in it's
own PKI, as it can forge certificates and identities in it's
own controlled CA).  Though not equitable the systems relying
on the watermarker not to cheat is probably not too much of a
problem from the point of view of the watermarker because 
courts will just decide in favor of the trustworthiness of the
media cartel when it is case of one persons word against the
cartel. 

Of course the whole concept of watermarking is broken at all
levels, copying can not be prevented as the content can typically
be reencoded and lose the watermark, quality is in heavy contention
with the ease with which the watermark can be removed.  Even 
if it is keyed.  And ultimately content can plausibly deniably
be stolen and all it takes is one copy.

Adam

On Sun, Feb 11, 2001 at 05:28:07PM +0200, Sampo Syreeni wrote:
> 
> On Sat, 10 Feb 2001, Steve Schear wrote:
> 
> >Not entirely true.  If watermarking become ubiquitous then their presence
> >is no longer suspicious.  If the marks contain encrypted content then
> >almost no one will know or care as they are passed and published and only
> >the intended recipients will receive the messages.
> 
> If stego is meant to be used between individuals, it's unlikely that a
> watermark would be present in the content naturally - after all, the marks
> are meant for CRM applications and individuals rarely take such good care
> of their private communications. And as for watermarks on commercial
> content, anyone caring about the presence of hidden communications can
> obtain a licence so that the watermarks can be completely detected. If the
> eavestropper is capable of full detection (not just statistical guesses),
> commercial watermarks fail to provide a meaningful hidden channel. (I.e.
> one would expect databases of valid marks to be available to an adversary
> of means.)
> 
> In fact, many of the meaningful adversaries can perform a removal attack on
> commercial watermarks, since the licences are available to corporations and
> governments and, in the absence of workable asymmetric watermarks,
> detection equals capability to remove. This means that one cannot
> necessarily even use an existing watermark to hide another carrying your
> message.
> 
> I think covert communication has very different needs from CRM. E.g.
> requiring non-detectability means that you have to model the channel
> statistics very closely, leading to a low bandwidth covert channel. CRM
> does not suffer from this, since a watermark only needs to be perceptually
> insignificant.
> 
> Sampo Syreeni <decoy at iki.fi>, aka decoy, student/math/Helsinki university
> 