Three technologies for imprinting music with indelible electronic identifiers have weathered a hacking challenge issued in September, according to the SDMI.
Nevertheless, researchers from Princeton University, Rice University, and the Xerox Palo Alto Research Center are standing by claims that their team broke all but two of the six technologies tested.
The conflicting reports call into question the effectiveness of future secure-music technology.
"What we were trying to show is that, under real conditions, pirates could break the watermarks," said Edward Felten, professor of computer science for Princeton University and the leader of the interdisciplinary team. All four compromised technologies used watermarks -- tough-to-remove audio codes hidden in the music -- to make the songs identifiable.
"The current state of the watermarking technology is not up to this task," Felten said.
The SDMI -- a 200-member coalition charged with creating secure standards for digital music -- announced its hacking challenge in September, giving researchers and hackers three weeks to find ways to remove secure features of several song samples.
Questions remain
Successful breaks would be rewarded with up to $10,000 in prize money, the SDMI said. By early October, 447 challenges had been submitted.
After a six-member testing committee had sifted through the results, the preliminary results were released.
Of six proposed technologies -- four using watermarks and two using other methods -- one was withdrawn and two others fell to successful attacks, said the SDMI in a release. One of the successful attacks could not be reproduced on other music samples, however, leaving open the possibility that the technology remained secure.
That could mean that two watermarking technologies and two non-watermarking technologies are topping the list as the means to secure next-generation music.
Tests to continue
The two types could also be combined for better security, said Matt Oppenheim, vice president of business and legal affairs for the Recording Industry Association of America. "The non-watermark technologies could work in addition to a watermark technology."
Oppenheim said tests will continue for two more months before the SDMI makes a decision.
"The public-attack testing is just one of the many forms of testing that we are doing," he said.
Princeton's Felten said that any security based on the current crop of watermark technologies will fail.
