Security Firm Claims Win Over Hackers In SDMI Challenge
If copyright-protection schemes being tested
by the recording industry turn out to be as obscure as the judging
of an open challenge to those who might defeat the technology,
digital music could be safe from hackers for some time to come.
For nearly two weeks, the industry-backed Secure Digital Music
Initiative (SDMI) has been fending off reports that at least some
of 447 attempts made by would-be hackers were successful in
circumventing the six security technologies served up for the open
challenge.
The SDMI says it has yet to fully analyze all 447 attacks, but
digital-rights technology company Verance Corp. of San Diego,
Calif., says it can now claim victory in the "Hack SDMI Challenge"
for its audio watermarking method, which it labels Digital DNA.
In an official statement issued by Verance Tuesday, the company
said: "Verance has received a preliminary report from the SDMI
testing committee. Of 153 attacks submitted against Verance's
watermarking technology, none met all of the criteria for a
successful attack."
That would be news to a team of researchers from two US
universities and Xerox's Palo Alto Research Center (PARC), who
earlier this week announced that they had successfully bested all
four of the watermarking methods that were part of the challenge.
The two remaining security technologies that were part of the
challenge involved encryption methods.
In documents posted online, the team from Princeton University,
Rice University and Xerox's PARC said they were apparently
successful in taming the four watermarking schemes. However, the
SDMI's official response to that claim was to repeat its warning
that the evaluation of the 447 submissions was continuing.
The Princeton/Rice/PARC team said its claim of success was based
largely on the results received from an automated "oracle"
available to challenge participants via an SDMI Web site. That
oracle examined "cracked" digital music files to determine whether
the secreted watermarks had been successfully removed.
The SDMI has said that the final determination of whether a
security technology has been successfully cracked will be based on
a number of factors, including the quality of the recordings after
the removal of the watermarks or cracking of encryption - an
evaluation that will be made with the help of human ears. In
addition, the SDMI has said it requires the security hacks to be
repeatable by crackers with a reasonable arsenal of computing
power.
The SDMI announced that the "repeatability tests" for apparently
successful hacks began Oct. 23. However, Verance said that attacks
on its watermarking technology will not be part of those tests
because those hacks were deemed to be unsuccessful in the first
place.
"It is unknown how other technologies fared in the Hack SDMI
Challenge," the Verance statement said.
Verance can be found online at: http://www.verance.com/.
SDMI is at: http://www.sdmi.org/.
