[shenberg]

The data wouldn't get much bigger - a 2048-bit RSA key requires the output to be at least a 256-byte block, roughly 3 times as much data as the current watermark has, not some insane amount of data. The watermark is repeated many many times in the image anyway, so it seems like the trade-off could be made between less copies of the watermark and more data in it.

[makomk]

Current speculation is that most of the 88 bytes of data in the existing watermark is an error-correcting code that hasn't been reverse-engineered yet, so in practice it has less actual non-redundant data than that.