Giovanni Frequently Asked Questions (FAQ)

Why was Giovanni first directed at music?

We believe that the market for audio is characterized by far higher reproduction quality standards and turnover of product than any other commercial media market. It is also the first successful market for digitized media. Some offhand examples: the low cost and low barrier to entry for musicians, the predominance of expensive, high-fidelity audio equipment, the vastness of broadcast opportunities, and the passive nature of the media.

Establishing a watermark technology for audio could provide a demanding benchmark for the level of quality that can be established because of the highly demanding nature of the human ear. Any flaws will be obvious to the discriminating listener. As interactive visual media, the brain is more likely to compensate for watermark visibility than for the more difficult inaudibility standard for music watermarks.

What is a Giovanni digital watermark?

Giovanni is a genuine digital watermark system. This patented system provides a means for creators of multimedia content to protect their copyrights on computer networks, or other digital media such as compact discs, as well as track content that is electronically distributed.

Giovanni can be simply differentiated from other digital watermark systems by its use of “keys” in the watermark process. These keys are a “separate entity” from the actual encode and decode process, the watermark encoding algorithm. Essentially, Giovanni allows copyrights holders to create encoded messages, break them up into single bits and plant them in random locations in a signal. Those bits are locatable only by the same key that was used to place the bits of the watermark payload.

What is the general principle behind Giovanni digital watermarks?

All digital samples have a built-in allowance for error, since they are only approximations of an analog signal. Even if the digital data is badly damaged, it is still often recognizable when played or viewed. Because digital recordings, which consist of digital samples, are imprecise, slight changes can be made to the samples without affecting human perception.

The standard of perception differentiates between the quality of various media and substantiates the commercial value of all content. For this reason, perceptual models are inherently superior in watermarking systems to provide for marketable security. Interestingly enough, “lossy” compression is invaluable in designing the best watermark encoding algorithms.

Perhaps best described as a means for binding a “digital signature” to a recorded music digital signal, in a manner which ensures that attempts at erasure cause audible damage to the song, secure Blue Spike watermarks can be used to tamperproof individual instances of a digital copy of any media content.

Any suspect copy can be checked with the appropriately generated “key,” or keys, in the case of multiple rights that were used to embed the signature at the time of purchase. If the information cannot be securely embedded, it is likely that any sacrifice of the signal’s quality should be avoided. Essentially, watermarking is strictly a security technology; the embedded digital watermark information has intrinsic value independent of the audio signal itself.

Where the consumer’s listening experience is not affected by the inaudible tag, the rights holder is able to differentiate between authentic and pirated instances of the song. A watermarking key is basically a string of cryptographically generated binary digits, or “bits.” The key is also a map of how the watermark has been embedded into the target signal.

This simple improvement over traditional cryptography is the dramatic difference between digital watermarks and strict digital signature or related encryption technologies. If the key is needed for third party authentication, even by consumers, we use commonly used mathematical tricks to split the key into a key pair. These tricks were discovered in the 1970s and form the basis of public key cryptography.

For watermarking, encoding and encryption is handled by the key, not just encryption. The private key is used to encode the digital watermark into the music. The public key is used to decode the digital watermark from the music without revealing the private key. The consumer can even authenticate a copy of a song themselves with their public key, just like a purchase receipt.

Is a Giovanni watermark a form of "digital signature" or "digital fingerprint"?

Yes. In their own way, Giovanni watermarks are really both a digital signature and a digital fingerprint. In a similar manner to encryption, Giovanni can use digital signatures. The process of embedding a watermark into a digital sample stream, is not a digital signature calculation as is executed in public key cryptographic systems. The information encoded by Giovanni is digitally signed, however, to certify the validity of the information when it is extracted. In so-called assymetric, or public-key cryptography, a file encoded with the “private” key of a user’s key pair can only be decoded with a correlative “public” key. That scheme gives correspondents assurance of information’s origin. The concept is known as non-repudiation. [See Giovanni in Action for an explanation of the signing sequence.]

This aspect of Giovanni’s proprietary security differentiates itself from other watermarking schemes in that attempts at watermark erasure cause a digital signature check to fail, thus tampering of the watermarked content is evident. Simple digital signature checks will make it possible for independent third parties to validate the authenticity of the watermarked content before allowing further electronic distribution. Giovanni keys may also be used, in some applications, to check watermark message authenticity, but not to read the watermark message.

Other proposed “digital watermark” schemes are similar to digital signatures in that the watermark signal to be distributed is a composite of two signals. Much the same way jigsaw puzzle pieces fit together, but the location of the fit is the “watermark,” or more precisely, the signature. Some systems call this a “fingerprint.” The added noise is signed… The signature is continuous throughout the entire length of the content, for instance a three minute song. This technology puts emphasis on “authentication” of the content, such as signing a credit card receipt to authenticate the purchaser.

Further, these systems require comparisons of the original copies in the same manner that people authenticate their credit card purchases with a signature. If the signature is not complete, as in cases where the content may be clipped, the authentication is difficult at best or impossible. Once again, the creation of keys in the Giovanni process is unique in “tamperproofing” content by limiting access to the watermarks to those with authorized keys, and allowing for independent digital signature checks of the watermark to ensure its authenticity.

Consider the following analogy: If the signature on a credit card purchase is not “acceptable” to the merchant, other forms of identification are usually requested. If a Giovanni watermark signature check fails, the provider has a way to inform the content creator and access a copy that can be authenticated. It is the layered approach of credit card processing that offers security and the less obvious need for independent third party verification. We believe this is essential for the secure exchange of media content.

The point of the signature comparisons is that signatures are a single continuously integrated number, or message, over a single large area of the carrier signal. The meaning of “watermark”, as we have intended, is “a continuous integration of many repetitions of an informational message over arbitrary carrier signal areas”, which does not require a “difference comparison” with masters or unwatermarked copies. Weaknesses of other approaches is documented elsewhere and watermark testing software is similarly available for your consideration.

What types of data can be watermarked by Giovanni?

Any data consisting of digitized samples, such as digital audio, video, and still images.

What types of data "cannot" be watermarked by Giovanni?

In general, any data that has zero tolerance for error, such as software in executable form, cannot currently be watermarked. Any additional information added to these kinds of data objects would cause users trouble. CPUs require that exact instructions be fed to them in order to process the data properly.

An alternative method for watermarking such data has been patented by the founder of Blue Spike. This process is designed to provide for watermarking security in software products. This implementation has further ramifications of watermarking a piece of content with its player hidden in the content itself. Under such a scheme, more open, secured exchange of media content may actually be pursued without the need for distribution of proprietary players. We are actively determining the suitability of this approach for market introduction. The approach focuses on the issue of software’s “functional value” instead of the “aesthetic value” used to guide content-based watermarking.

Do I need the original unwatermarked data to extract a Giovanni watermark from a copy?

No. Unlike most other proposed digital watermark systems, all the information resides in the watermarked copy. As long as one has the Giovanni software, the encoding keys, and the copy, the watermark can be extracted. Because Giovanni is a key-based system, each copy of content watermarked with Giovanni can theoretically be encoded with a separate key. Further, each watermark message in a single media content copy may be governed by separate keys!

Under this premise, alternative proposals that maintain a centralized database or predefine the actual location of watermarks are, essentially, “single-key” implementations. A single breach of the security of the single key is devastating to copyright owners (More damaging: the pirate may not disclose the breach.). The common misunderstanding is the distinction between a “random number”, and a “ciphered random key”.

In the real world, this begs the question: “What if all the apartments in New York City had the same locks?” The multi-key, multi-layer design premise is the basis for our belief that both the security and quality of the watermarked content must be controlled by the user, not predefined by third parties. In much the same manner that different artists master content in different ways, different users will want to watermark content differently. These same users will want alternative ways to archive both their content and their keys.

What is the smallest chunk of data that can hold a complete watermark?

For audio, probably a few seconds, depending on the signal.

Our audio CODEC (“COde/DECode”, late 1997), developed for industry deployment and commercial use, encodes at close to 200 bits per second in stereo, 100 bits per layer per channel. The five layers, divided by channel, allow for over 1000 bits per second encoding rates. Our commercial versions are far less robust in terms of bits per second but have very high survivability against common manipulations or downsampling. As well, both copy control watermarking mechanisms and cryptographic or forensic watermarking mechanisms have been developed to perform separate but relevant authentication of the content for use in consumer electronics devices and other hardware (late 1998-99). Bits are encoded as high as -8 dB, at the most perceptually significant portions of the signal. The transforms and conversions performed to establish the CODEC parameters are discussed below: Can Giovanni digital watermarks survive analog conversion?

For still images, the image should be at least 100 x 100 pixels. Our still image CODEC (late 1997-98), was developed to survive JPEG compression, cropping, scaling and other common image manipulations, while still affording users total control over decoding with the keys used in encoding. Cropping and scaling have inverse relationships relating to survival of a digital watermark, so some tricks are used to accomplish survival. Our approach is the first available system to survive the StirMark application used to test the robustness of still image watermark technologies.

Unlike all other implementations, with the understanding that many images have limited “watermark message” payloads, or the space available to hide a watermark message, much of the security of the Giovanni still image product is based on well-known security parameters evident in public-key cryptosystems. In essence, Giovanni watermarking keys may be made “key pairs” as with popular public key software products such as PGP. This affords users the ability to validate the encoding key pairs even if the watermark is not successfully decoded. This is primarily a decision to be made on perceived transmission security of the image.

The “image industry” has yet to formalize an independent evaluation of various existing commercial products and proposed solutions, so it is difficult to generalize about market expectations at this time. Much intense scrutiny has yielded many applications which will successfully remove or render unreadable current still image watermarks. Some of this work can be found in the Digital Watermark Research area. Buyer beware.

Can Giovanni watermarks be removed once they have been encoded?

Yes, completely – but only with an authorized key.

This simple concept is the differentiating feature between Giovanni and all other watermark systems. It is also the basis of the related intellectual property. Without a key, removal will damage the content that held the watermark, since the watermark is randomly embedded in the “perceptually significant” areas of the content. Further, even if attempts are made to erase the watermarks, digital signatures are included with the watermark message making tampering plainly evident with a “signature” check. The important consideration for content owners is the ability to authenticate content with the key and the watermarked media alone, making it unnecessary to authenticate with the original unwatermarked media. Content owners can then insist that copies of their content need to be authenticated with an authorized key in advance of any subsequent redistribution.

The incorporation of digital signatures makes Giovanni a cryptographically secure digital watermark system. This feature cannot be overemphasized in a future environment requiring the authentication, non-repudiation and tamperproofing of each and every instance of copyrighted material.

The following analogy is increasingly popular in describing the digital watermark technology:

Imagine the proverbial “needle in a haystack”. This particular analogy has a twist. Instead of one needle, there are thousands. The haystack is a digitized media work and each of the thousands of needles is a separate copy of the watermark. The publisher of the content has a map, which we call a “key”, which tells him where to find each needle.

If the pirates want to be sure they don’t get caught, they need to find and remove all the needles from the haystack. Just one needle is sufficient to sink the pirates. Unlike the publisher, the pirates lack the map, or key. They are faced with a choice: spend the rest of their natural lives looking for all the needles, or burn the haystack to be sure all the needles are destroyed (The last twist to this story is that each needle cannot be removed or replaced without the knowledge of the Giovanni key holder, who is able to check the validity of the “needles” with digital signature authenticity checks).

Can Giovanni digital watermarks survive analog conversion?

Yes. We differentiate between our audio and still image products. Audio has industry-based testing standards, as shown below; still images are generally required to survive at least JPEG compression (for at least a 75 quality setting) as well as the ability to decode from a scanned image. Survival against the existing software products which test robustness is an obvious benchmark.

The following conversions have been tested with the Giovanni audio CODEC as parameters for survivability. The parameters were decided by the MUSE Embedded Signalling Request for Proposals under the direction of the International Federation of the Phonographic Industry (IFPI), the Recording Industry Association of America (RIAA), the six major label companies (Warner, Sony, Universal/MCA, Polygram, BMG, Capitol EMI) and Telstar (representing the interests of the independent label companies). Additional tampering has been conducted to test against common conversions done at radio stations which can inadvertently erase less robust watermarks. The demonstration version of the Giovanni audio watermarking application does NOT necessarily survive all of the tests below. The version which does is NOT publicly available at this time. Additional improvements and testing for the 4C Tests have shown dramatic advantages to Giovanni versus other schemes.

The Secure Digital Music Initiative (SDMI) is another consortium seeking uniformity for security of music copyrights.

  • two successive D/A and A/D conversions
  • steady-state time compression and time expansion of 10 percent
  • data reduction coding techniques such as:
    • MPEG (all versions)
    • adaptive transform coding (ATRAC)
    • adaptive subband coding
    • Digital Audio Broadcasting (DAB)
    • Dolby AC2 and AC3 systems
    • multiband non-linear amplitude compression, such as applied to broadcast systems
    • applying additive or multiplicative noise
    • applying a second Embedded Signal, using the same system, to a single program fragment
    • frequency response distortion corresponding to normal analogue frequency response controls such as bass, mid and treble controls, with maximum variation of 15 dB with respect to the original signal
  • applying group-delay distortions according to:
    • frequency (kHz) .5 1 2 4 8
    • group delay
    • robustness (ms) 6.4 4.4 2.4 2.6 3.6
    • applying frequency notches with possible frequency hopping

Can Giovanni watermarks prevent someone from making a copy?

No. This is a fundamental problem encountered in the digital world – the “copy problem”. Although many “secure” and “trusted systems” approaches are proposed, even at the hardware level, such systems can always be circumvented by those who understand the system. Instead of trying to stop the process of making copies, Giovanni watermarks are the only available system that makes it possible to securely assign responsibility for individual copies. People will be less likely to make and distribute unlicensed copies if they know that such copies can be traced back to them. If a publisher obtains an illegal copy, they can identify the culprit, or check the authenticity of the copy and destroy it.

Trusted systems, such as those proposed by InterTrust, IBM (under their InfoMarket program), or WAVE Systems, are unlikely to give the copyright holder control over copyrights, as the security is left to a third party. Moreover, “escrow” or control over the content is similarly given to third parties.

What information can be put into a watermark?

Anything a publisher deems useful can be encoded. (The limits are the size of the target media and the size of the data to be encoded.) Publishers can maintain current databases which can automatically be fed into the watermark stream when content is being watermarked. Publishers are thus encouraged to continue to differentiate their strength in proprietary database structure and access, Giovanni will compliment these strengths, seamlessly.

Our advice, is that watermark information relate closely to distribution channels of the content to be watermarked and subsequently distributed. It is this particular area in which content owners and sellers can use Giovanni to better direct their own target marketing campaigns.

Why doesn't Giovanni simply encode an identification serial number?

The use of single serial number would seem to have the advantage that it keeps the size of the watermark small. While other proposed schemes do seek to encode only an author’s serial number into the content, we see pitfalls in using this model alone.

Either the author must maintain their own database, which associates meaningful records with that serial number, or they must entrust management of that database to someone else. In either case, lose the database, and lose your authorship claim. If every author maintained their own database of serial numbers and records, there would be no objectivity in the reading of a watermark. Disputes would have to be settled and entirely reliant on the author for the interpretation of “some number” which they claim to have extracted from a copy of a picture, song or video.

Another reason behind a number of these proposals is also the simple fact that there is very little space for watermark information versus Giovanni. The more actively involved the third party is in archiving or escrowing rights and watermark information, the less control is ultimately placed into the hands of the content creator. We believe that ultimately active registration and diligence in copyright enforcement is invaluable; however, Giovanni offers a potentially more efficient means to establish priority by additionally registering the authentic watermark keys as one would a copyright. Giovanni’s central design premise is that: “the only person you can completely trust, is you!”

Giovanni takes a much more robust approach by encoding complete information which can be extracted directly from the watermark itself and read by a person in an unambiguous, undeniable manner. It is text! By using watermarks of a human readable format, and using encryption and digital signatures to sign and protect the information from discovery or alteration without the keys, Giovanni provides the most secure solution. In short, we believe there is more trust in an extracted watermark which reads something like “Copyright 1969”, “My Company, Inc. distributed this on June 8,1998”, “This copy belongs to Scott Moskowitz, account #ABC123″ (note: representing three separate messages watermarked with three separate keys), is superior to one that says”134ad92ce90a” and requires the author, a biased party, to speak for it. Note that without digital signatures or similar cryptographic security, people may easily over-encode a message with their own serial number and resolving priority or ownership becomes tenuous at best.

A separate but related issue, is the more direct amount of control smaller artists and publishers can individually exert over their content through the use of understandable text. First, it makes unnecessary the creation of a centralized database that has the indirect effect of putting control in the hands of a third party. Second, because humans are political and social animals, the more real-world the system, the more likely its widespread adoption.

Last, the integrity of watermarks must be checked to validate sensitive watermark messages. Only Giovanni digitally signs information prior to integrating it with the content signal. Without such authentication, removal or replacement of watermark information is trivial. For sites which test still image watermarks see StirMark.