A coalition of cryptography and watermarking researchers from Princeton University, Xerox PARC and Rice University claims to have successfully defeated a music protection system proposed by the Secure Digital Music Initiative (SDMI).
Led by Edward Felten, a computer science professor at Princeton, nine graduate students, professors and researchers pooled their efforts to come up with what they believe are hacks that will pass all three of SDMI's "tests" of a successful hack. The researchers say that they have also come up with more than one way to remove the watermarks that are supposed to protect the four SDMI-supplied music files.
The team initially submitted the hacks to SDMI as part of the "Hack SDMI" contest. According to one researcher, the hacks have already passed SDMI's automated "oracle" test -- a procedure that examines the hacked file to see if the watermark has been totally removed. As for the audio quality and repeatability tests, which SDMI representatives have repeatedly said would be the determining factor for a truly "successful" hack, the researchers say they have good reason to believe that their efforts will pass these tests as well.
As Scott Craver, a Princeton grad student and coauthor of the book "Information Hiding Techniques," explains: "We have attacks that quantitatively don't damage the music files' audio quality more than the watermarking schemes themselves," based on measurement techniques that the team developed. He adds, "The real question in terms of quality degradation is whether the sound quality is good enough for the common pirate. If you subject a music file to a modification whose quality degradation would bother a recording engineer but would not bother most of the people who download MP3s, that would be a problem."
The group also posits that its work could easily be repeated, and that it would be a cinch for an enterprising coder to turn one or more of its watermark-removal techniques into a downloadable program that would let any MP3 pirate "press a button to commit piracy."
The group decided to participate in the SDMI challenge as a research endeavor, and initially submitted its hacks to the contest; but it pulled out during Phase 2 of the challenge (which is currently taking place). "We wanted to get a bunch of people combining our collective knowledge about how to analyze security systems, and wanted to participate in SDMI as long as it had scientific value," explains Craver. In Phase 2 of the contest, however, SDMI is supplying only one watermarked music file, with no oracle or nonwatermarked file for comparison, and participants get only one chance to remove the watermark. This, says Craver, wasn't a valuable way to conduct research: "Once it got to the point where all we were doing was participating in a contest, then we were no longer interested." As a primarily academic group, the group wasn't interested in the cash prize.
Instead, the coalition is taking its research public. Professor Felten has posted a FAQ about the group's efforts on his Web site, and will post the extensive documentation within the next two weeks. The group is taking the risk that SDMI authorities could try to prevent it from publishing its work -- participants in the contest were supposed to be sworn to secrecy -- but Craver believes that by forgoing the prize they may not be required to sign any nondisclosure agreements.
The group doesn't believe watermarks are useless -- but merely inadequate for this kind of project. As Craver puts it, "We are not out to get the recording industry; if our results can help anyone develop a better security system, we're happy."