Vulnerability Development mailing list archives
Re: hacksdmi?
From: "Everhart, Glenn (FUSA)" <GlennEverhart () FIRSTUSA COM>
Date: Thu, 12 Oct 2000 08:50:46 -0400
Interesting. It is clear that the watermark is adding audible frequencies (note the +1, -1, -1,+1 pattern in diffs) to "watermark". This is not the kind of steganography that will merely and inaudibly change the "hiss"; it is adding something that people will be able to hear. That's not watermarking sound; that's polluting it and detecting the pollution. Thanks; I prefer my Brahms unmixed, if you don't mind, folks. -----Original Message----- From: Jord Sonneveld [mailto:jsonneve () FORCE STWING UPENN EDU] Sent: Wednesday, October 11, 2000 1:55 PM To: VULN-DEV () SECURITYFOCUS COM Subject: Re: hacksdmi? Hi, I was actively persuing this hacksdmi challenge, doing research into audio watermarking etc. I wrote a program that stupidly twiddled the bits in the business part of the wav, to each 16 bit short it randomly added between 1 and 4. That didn't work at all, and the watermark was still recognized. Conversion to mp3 @ 128kb/s and then reconverting it to a .wav was still recognized as being watermarked. As this was one of the requirements for the SDMI algorithm, I didn't really think it would work. And it didn't. I'm sure that mp3 64 kb/s would get rid of the watermark, but would ofcourse greatly degrade the quality of the music. Taking a smarter approach, I wrote a program to do a discrete wavelet transform on blocks of 1024 pcm samples, and then throwing away between 25-50% of the wavelet coefficients. Sadly, the contest closed before I could submit a sample. However, I think that this way might have actually proved successful, as the watermark is usually encoded in parts of the wav that are, for lack of a better term, 'low information'. What I think my method does is that it strips out these 'low information' areas, keeping only the most important parts. What sdmi needs to do, if they are really interested in having people try to defeat the watermark, is publish some form of the watermark verifier that doesn't take 5 hours to run, and doesn't require you to upload a 20mb file each time. As always, please feel free to tell me that I'm full of excrement. Cheers, Jord. On Tue, Oct 10, 2000 at 10:34:09PM -0700, Blue Boar wrote:
Did anyone else download the hacksdmi.org challenges, and take a look at them? I did briefly. The contest is over, and I think they are announcing something tomorrow. The terms of their agreement were more reasonable that I would have thought. You could have the materials... and you really only had to agree to terms if you planned on going after the money. You could release your findings, you'd just forfeit any prize. So, I figure anyone who wanted to play for the money has done so, and since the thing is over, we won't be interfering with any contest by discussing. naturally, I have my own political agenda, but that part is off-topic. OK, onto the fun stuff.. For example, for watermark 1, they give 3 files. samp1a.wav which is an untouched .wav, samp2a.wav is the same file, but with a watermark. samp3a.wav is a different sound file, but with the same watermark. So, take a look at this: Comparing files samp1a.wav and samp2a.wav 00000004: E0 24 0000004E: A8 A7 00000050: 0E 0F 00000056: A4 A5 00000058: 4A 49 0000006E: 71 70 00000074: 93 94 00000080: EB EC 00000086: 5A 59 0000008E: 40 41 00000094: 28 29 00000098: 94 93 000000AA: 2E 2D 000000B0: 8B 8A 000000B2: BC BD 000000BA: 7B 7A Starting at 4E, the watermarked file has some bytes either 1 larger or one smaller than the unmarked file. I.e. the low-order bit has been flipped. Note that it's only on even bytes. That's a bit of a short sample, but I don't want to dump any huge files on anyone. The original challenge was to strip the watermark so that the detector program (not provided) wouldn't be able to spot the watermark, and that some minimum sound quality be maintained. Anyone else fiddled with this? Later, I'll write some code as an experiment to just zero the low-order bit and see what that does to the sound. BB P.S. Yes, the whole premise of "secure music" is fundamentally broken. Yes, the minute someone figures the algorithm, the watermark is gone. Yes, converting it to an MP3 would hopelessly destroy the watermark. Yes, this is copy protection, and we know that can't be made to work. At least one story on this whole thing says that unnamed techies associated with the SDMI initiative pushed for this hacking contest to prove these exact points. Should the SDMI people actually pick some technology to try this, I fully expect we will crack it within a few days of having code in hand.
-- In a display of perverse brilliance, Carl the repairman mistakes a room humidifier for a mid-range computer but manages to tie it into the network anyway. -- The 5th Wave
Current thread:
- Re: hacksdmi?, (continued)
- Re: hacksdmi? Robert Johnson (Oct 13)
- Re: hacksdmi? Robert A. Seace (Oct 13)
- Re: hacksdmi? Blue Boar (Oct 13)
- Re: hacksdmi? Granquist, Lamont (Oct 14)
- Re: hacksdmi? Ben Galehouse (Oct 15)
- Re: hacksdmi? David Knaack (Oct 16)
- Re: hacksdmi? Granquist, Lamont (Oct 14)
- Re: hacksdmi? Jord Sonneveld (Oct 11)
- Re: hacksdmi? aliver vilereal (Oct 12)
- Re: hacksdmi? Ralph Moonen (Oct 12)
- Re: hacksdmi? Steve Mosher (Oct 12)
- Re: hacksdmi? Everhart, Glenn (FUSA) (Oct 12)
- Re: hacksdmi? Brooke, O'neil (EXP) (Oct 16)
- Re: hacksdmi? Bluefish (P.Magnusson) (Oct 19)
- sdmi info Phosgene (Oct 20)
- Re: hacksdmi? Steve Mosher (Oct 20)
- Re: hacksdmi? Joseph Pingenot (Oct 20)
- Re: hacksdmi? Richard Rager (Oct 24)
- Re: hacksdmi? Erhard Schwenk (Oct 24)
- Re: hacksdmi? Ian Stoba (Oct 20)
- Re: hacksdmi? Christian (Oct 24)
- Re: hacksdmi? Bluefish (P.Magnusson) (Oct 24)