Generalization

It can now be argued that the attack was possible only because of the (approximate) knowledge of the function $\alpha$, and that if a much more complicated function $\alpha$ had been used, the attack would have failed.

This is true. However, we would like to point out the following: as soon as we know $\alpha$, even approximately, our attack works. Consequently, the security of a marking algorithm based on this type of scheme relies not only on the secrecy of the private key (the pattern), but also on the secrecy of the algorithm.

This is a problem for several reasons. First, conceptually, the cryptologic community considers extremely bad practice ``security by obscurity'', that is, an algorithm whose security relies on the secrecy of its design. It has happened many times in the past that the details of an algorithm were divulgated by an unethical person.

Second, even if the secrecy can be maintained, there exists a very important practical issue: if a detector is distributed, either in software or hardware, it can be disassembled and analyzed, and it is considerably easier to protect a small piece of information, such as a key, than to protect the details of a full algorithm.

Consequently, we conjecture that if this system, or a system using the same core technology with a more sophisticated function $\alpha$, is ever deployed, it will rapidly be defeated.