Whereas the embedding distortion, the payload, and the robustness of digital watermarking schemes are well understood, the notion of security is still not completely well defined. The approach proposed in the last five years is too theoretical and solely considers the embedding process, which is half of the watermarking scheme. This paper proposes a new measure of watermarking security, called the effective key length, which captures the difficulty for the adversary to get access to the watermarking channel. This new methodology is applied here to additive spread spectrum schemes where theoretical and practical computations of the effective key length are proposed. Experimental protocols using either Monte Carlo simulations, region approximation, or rare event probability estimator allow good evaluation of this quantity. For improved spread spectrum (ISS), our analysis exhibits setups where 1) the robustness and the security of the scheme are superior to spread spectrum and 2) estimating the secret keys from the observations only is not the best way to break the scheme. Moreover, a comparison with correlation aware spread spectrum (CASS) shows that ISS offers a better security than CASS for a given robustness.