Abstract
This paper discusses inherent vulnerabilities of digital watermarking
that affect its mainstream purpose of rights protection. We ask: how
resistant is watermarking to un-informed attacks ?
There are a multitude of application scenarios for watermarking and,
with the advent of modern content distribution networks and
the associated rights assessment issues,
it has recently become a topic of increasing interest.
But how well is watermarking suited for this main
purpose of rights protection ?
Existing watermarking techniques are vulnerable to attacks
threatening their overall viability. Most of these attacks
have the final goal of removing the watermarking information
while preserving the actual value of the watermarked Work.
In this paper we identify an inherent trade-off between two
important properties of watermarking algorithms: being "convincing enough"
in court} while at the same time surviving a set of attacks,
for a broad class of watermarking algorithms. We show that there
exist inherent limitations in protecting rights over digital
Works. In the attempt to become as convincing as possible
(e.g. in a court of law, low rate of false positives),
watermarking applications become more fragile to attacks aimed
at removing the watermark while preserving the value of the Work.
They are thus necessarily characterized by a significant (e.g. in
some cases 35%+) non-zero probability of being successfully
attacked without any knowledge about their algorithmic details.
We quantify this vulnerability for a class of algorithms and show how a
minimizing "sweet spot" can be found. We then derive a set of
recommendations for watermarking algorithm design.