Declaration of Dan Wallach

in Felten v. RIAA (Aug. 13, 2001)

Grayson Barber (GB 0034)
Grayson Barber, L.L.C.
68 Locust Lane
Princeton, NJ 08540
(609) 921-0391

Frank L. Corrado (FLC 9895)
Rossi, Barry, Corrado & Grassi, P.C.
2700 Pacific Avenue
Wildwood, NJ 08260
(609) 729-1333

(Additional Counsel listed on signature page)
Attorneys for Plaintiffs

IN THE UNITED STATES DISTRICT COURT FOR THE DISTRICT OF NEW JERSEY

I, DAN S. WALLACH, hereby declare:

1. I am one of the Plaintiffs in this action. The facts stated herein are known to me of my own personal knowledge, except for those stated as my information or belief, and as to those, I am informed and believe them to be true. If called upon to testify thereto, I could and would competently do so.

2. I am an assistant professor at Rice University. Attached hereto as Exhibit A is my current curriculum vitae.

3. My fields of research include: mobile code security (e.g., Java security), high-performance secure communication (e.g., fast SSL Web servers), anonymity systems, and bandwidth adaptation systems. I teach classes on general software engineering as well as classes that survey computer security.

4. In addition, I have completed at least one other project investigating the security processes for digital music. This involved examining and writing a paper about the technology and science involved in a system that allowed authentication of a music CD to a music service provider.

Why I chose to Participate in the SDMI Challenge

5. When the SDMI challenge was first announced, in September 2000, Edward Felten mentioned to me he was putting together a team to meet the challenge. I decided I wanted to join in, and I invited two of my students to join me: Ben Swartzlander and Adam Stubblefield.

6. Our original attraction to the challenge was quite simple. We all believed that these copy-restricting technologies could never possibly be secure against attack. We felt this would be an excellent opportunity attack a commercial system to demonstrate that, indeed, the whole class of technologies being proposed for SDMI would never work.

7. I was concerned that the industry selling digital rights management system was essentially selling snake oil. It was our first chance to publicly demonstrate that the science in most of these schemes is not good science. Any security system claiming to be secure must be able to withstand public investigation and peer review. Systems that are not subjected to these standard processes are almost always poor systems that are easily broken. As we expected, this turned out as true for the SDMI Challenge systems as it has been for other systems that have not been publicly tested.

My Participation in the SDMI Challenge

8. When the challenge was released, we quickly understood that four of the challenges ("A", "B", "C", and "F") were based on watermarks and two were otherwise ("D" and "E"). As our Princeton colleagues had more experience with watermarking technologies, we agreed that the Princeton team would focus on the watermark technologies and the Rice team would focus on the non-watermark technologies. Drew Dean also worked with the Rice team.

9. We had already decided that technology E, as specified in the challenge would be meaningless to attack (it had insufficient information to study and much less information than an attacker would have if the technology was genuinely deployed) so we were focusing our efforts instead on technology D. While we had some small insights beforehand, most of our group's work occurred on the final weekend. This is when we discovered, much to our chagrin, that the "oracle" for technology D was broken. The purpose of the SDMI oracle, presented as a service on the hacksdmi.org Web site, was to tell you whether you had successfully defeated one of the challenges. While the oracles for technologies A, B, C, and F appeared to be working properly, the oracle for technology D was faulty. Regardless of the input you gave it, it responded "INVALID", even when the input was files directly from the SDMI challenge (for which it was documented to respond with "ACCEPT").

10. By Saturday evening, we had, without the aid of the oracle, deciphered the bit encoding described in our research paper and failed to discern any correlations between the input (the "table of contents" of an audio CD) and the output (the "authenticator" for which we now understood the bit encoding). Had we had a working oracle, we would have been able to verify our understanding and perhaps have learned more. Instead, we threw in the towel, realizing we weren't going to have a working oracle before the end of the challenge.

11. At the time we did the initial work, we had already decided we were not interested in sharing the $10,000 prize. We had not yet decided on which conference to send our work to and we hadn't even created the first draft of our paper.

12. Likewise, the Rice team was aware of the click-through's limitations on when research could be performed, so we completed all our measurements and experiments before the final SMDI deadline. Only the text of the research paper remained unwritten.

13. After subsequent discussion among the authors, we settled on the Information Hiding Workshop as an appropriate venue for our paper. Watermarking technologies are precisely within the workshop's scope. We completed the paper, submitted it, and had it accepted. At that point, we assumed the story was over.

14. Then, two weeks prior to publication, Professor Felten received the RIAA/SDMI letter. At this point, I notified my department chair and went to the Rice office of the general counsel. I am informed that Rice counsel was thereafter involved in conference calls with the other parties. I was not involved in these calls.

15. On April 19, 2001, Ira Moskowitz, the program chair of the Information Hiding Workshop, informed all parties concerned that:
"As all authors for the IHW2001 know, the program committee can only accept papers and allow presentation/publication of papers in which all permissions have been obtained for publication and which present no legal issues concerning presenting/publishing."
Moskowitz instructed that all parties much reach agreement and said that:
" . . . whenever agreement is reached, I must have proof in either hard or electronic form from all of the Princeton paper authors, or someone authorized to comment for them (the first author Craver is such a person), from RIAA/SDMI, and from Xerox PARC. The agreement must state that there are no problems with the [click-through agreement] and the DMCA, and that there are no proprietary interest problems with Xerox PARC, and that all is legal."

16. An e-mail was sent to all parties on April 24, 2001, from Ross Anderson, a member of the program committee for the Information Hiding Workshop. This e-mail stated:
"You may be interested to hear that, at a program committee meeting held this morning in Pittsburgh, it was decided to reinstate the original program of Information Hiding 2001."

17. The research team was then presented by Verance with a three-page list of twenty- five suggested changes to the paper. We were led to believe that we needed to make a deal made with Verance before SDMI/RIAA would agree not to sue us. Several of the suggested changes were unacceptable, since they would have resulted in a paper that was significantly lacking the scientific rigor required for a paper presented at a refereed scientific conference.

18. In days prior to the scheduled appearance of the paper, the co-authors grew seriously concerned over their exposure to liability of an unknown and potentially frightening size. Likewise, the co-authors were concerned that they might expose their respective institutions as well as the organizers of the Information Hiding Workshop to liability. Because of this, we chose to withdraw the paper from the conference.

19. Subsequently, we submitted a revised version of the paper to the USENIX Security Symposium, for which I am the program chair. Because of the potential conflict of interest, I recused myself, putting Avi Rubin in charge of the review process (my duties as chair go automatically to Rubin, as the USENIX Board Liaison, when I cannot fulfill them).

20. The paper was accepted into the USENIX symposium. It is scheduled to be presented on Wednesday, August 15, 2001.

21. In studying the SDMI technologies, we used the same methods we would when performing any other scientific research. We examined and experimented with the materials we were given, we wrote a paper, and we sought to publish it.

My Fear of Legal Liability

22. I am an assistant professor. I do not have the personal resources to defend myself against a lawsuit such as was threatened by RIAA, let alone pay a damage award. Furthermore, my employer is a university with substantial resources that could potentially be at risk in a lawsuit and I consider it important to protect my employer from this risk.

23. I hope to write other papers in the future concerning copyright protection systems. Successful publication in this area can help me raise grant money, attract students, and win tenure. However, if legal issues with the DMCA continue to occur with this work, it could negatively impact me in all areas of my professional growth.

24. In fact, I continue to be adversely affected by the DMCA. I have already been invited to write an article for an upcoming special issue of "IEEE Computer". The article I would like to write would trace the history of copyright protection measures beginning some thirty years ago and through the SDMI challenge. Some of early work is not in print and would require finding the people who first implemented the measures and those who defeated them. Needless to say, this paper would require a great deal of work. Moreover, because the article would be intended for a scientific audience, it would include details about the systems and ways that they were defeated, including details about the technologies involved in the SDMI challenge. Given the threats made against us and the potential reach of the DMCA, I will not write this paper unless the legal issues surrounding the DMCA are resolved favorably. I cannot afford to devote time to a paper that I may not be able to publish and I surely do not want to run the risk of yet another threat of a lawsuit.

I declare under penalty of perjury that the foregoing is true and correct.

Date: _________________________
Dan S. Wallach

Attorneys for Plaintiffs

Please send any questions or comments to webmaster@eff.org.