SDMI copyright technology easily hacked

On Monday, a group of researchers from Princeton University, Rice University, and Xerox Palo Alto Research Centre announced that they broke four test watermarking technologies the creators hoped would make music identifiable.

Watermarking allows serial numbers to be embedded in music files and, while inaudible, it can also notify so-called "secure" players when certain music has been illegally copied.

But the success of the nine researchers called into question whether the Secure Digital Music Initiative team -- the group charged with securing the music industry's future -- can ever create a watermarking technology capable of surviving a tech-savvy pirate's attack.

The way in which the SDMI is trying to protect music is not feasible with today's watermarking technology," said Edward Felten, an associate professor of computer science at Princeton University and the adviser for the interorganisational team. "Producing a [secure] watermarking scheme, when the potential pirate [already] understands the watermarking algorithm, is very difficult."

Following an SDMI public challenge on 15 September, Felten and his team joined hundreds of others attempting to break the security technologies embedded in six different songs.

The challenge ended on 7 October, and four days later the independent organisation collecting submissions delivered 447 potential hacks to the SDMI testing committee.

While the results have been kept secret, last week Salon.com reported that all six of the screening technologies -- four based on watermarking and two based on other methods -- have fallen to attackers. The SDMI team denied the reports, stressing that it's still too early to be certain.

Currently, a six-member panel is analysing the 447 potential work-arounds for the technologies. The official verdict on each of the technologies is not expected until the end of the month. But the latest announcement by the nine researchers seems to indicate that at least four of the six copy-protection technologies have been broken.

In each case, the researchers analysed the song, created a special filter to erase the watermark, and then sent the song to an "oracle" -- a special program set up by the SDMI to analyse the music and notify the researchers whether the modified file was accepted, rejected, or invalid. The four songs from which the researchers stripped the watermarks passed the oracle test.

But two other hurdles must be overcome to satisfy the SDMI: erasing the watermark cannot take a middle-of-the-road PC too much time, and the action can't destroy the quality of the music.

Take me to Part II: Audio quality not affected

To have your say online click on the TalkBack button and go to the ZDNet News forum.

Let the editors know what you think in the Mailroon. And read what others have said.