Watermarking Security: a Survey Luis P´ erez-Freire, Pedro Comesa˜ na, Juan Ram´ on Troncoso-Pastoriza, Fernando P´ erez-Gonz´alez Signal Theory and Communications Department University of Vigo, Vigo 36310, Spain {lpfreire,pcomesan,troncoso,fperez}@gts.tsc.uvigo.es Abstract. Watermarking security has emerged in the last years as as a new subject in the watermarking area. As it brings new challenges to the design of watermarking systems, a good understanding of the problem is fundamental. This paper is intended to clarify the concepts related to watermarking security, provide an exhaustive literature overview, and serve as a starting point for newcomers interested in carrying out research on this topic. 1 Introduction Watermarking security is an emergent topic. A good indicator of the growing interest in this subject is the number of special sessions that have been held in recent conferences [1,2,3,4] and the efforts made in relevant European projects such as Certimark [5] and Ecrypt [6]. Whereas robustness in watermarking has been generally identified with probability of decoding error or resistance against watermark removal, the concept of watermarking security is still somewhat fuzzy. In recent works, it has been agreed that attacks to security have a broader scope than attacks to robustness, since the former are not only concerned with a simple impairment of the communication process, but they also consider the achievement of privileges granted by the secret parameters of the system. The threats that must be faced by a watermarking scheme depend largely on the considered application where it is employed. For instance, there are certain metadata applications [7,8] where the only aim of watermark embedding is to give an “added value” to the asset in consideration, so they are typically not susceptible of being attacked; this characteristic is also shared by other applica- tions, as linking contents to a web or database, or controlling electronic devices (as toys or Personal Video Recorders (PVRs)), where intentional attacks are not expected. On the other hand, applications such as watermarking of medical images, authentication of legal documents, fingerprinting or data monitoring, must face extremely hostile environments where the most harmful attacks are not necessarily those aimed at removing the embedded watermarks. In fact, for those applications somehow related to legal environments, it may be more harm- ful to accept a forged content as legal than rejecting a legal one, or to read the watermark instead of erasing it. These kind of considerations gave rise in the last years to the watermarking security problem. The purpose of this paper is