Digital Camera Image Verification 255
Polo writes "While reading dpreview, I noticed that among several new products, Canon has announced a Digital Image Verification Kit to prove that an image taken by a particular camera has not been modified. It's disturbing to think about the conditions that would allow digital images to be accepted in a courtroom. I guess one defense would be to figure out how to 'verify' a photo of shark attack..."
It's called MD5 (?) (Score:5, Interesting)
The kit consists of a dedicated SM (secure mobile) card reader/writer and verification software. When the appropriate function (Personal Function 31) on the EOS-1D Mark II or EOS-1Ds is activated, a code based on the image contents is generated and appended to the image. When the image is viewed, the data verification software determines the code for the image and compares it with the attached code. If the image contents have been manipulated in any way, the codes will not match and the image cannot be verified as the original.
So it's basically an MD5 (or equiv hashing method) of the image at the time it's taken? Too bad -- I thought they had a unique idea to verify images that had already been taken.
Two or three questions I suppose:
All in all I suppose it's a neat idea -- hope it actually works before somebody is on trial for his life though...
Not just court rooms (Score:5, Interesting)
2D autocorrelation... (Score:5, Interesting)
By doing an autocorrelation of the image, you can detect parts that have been copied, but the mathematical part is not that easy, particularly if there are uniform noiseless areas (sky).
I can still deal with 1D autocorrelation, but in 2D [uniroma1.it] my maths skills are rusty...
Don't re-invent the wheel (Score:2, Interesting)
You don't have to re-invent the wheel.
Digital Images and ghosts (Score:4, Interesting)
He seems real serious about it too....
Re:It's called MD5 (?) (Score:1, Interesting)
One possibility is that the SM (secure mobile) card reader/writer has an embeded private key.
The generated code would be based on key + contents, rather than just the key.
Wrong audience .... (Score:2, Interesting)
Could there be a way around this? Hmmm (Score:4, Interesting)
The security lies in the key... (Score:3, Interesting)
The kit consists of a dedicated SM (secure mobile) card reader/writer and verification software. When the appropriate function (Personal Function 31) on the EOS-1D Mark II or EOS-1Ds is activated, a code based on the image contents is generated and appended to the image. When the image is viewed, the data verification software determines the code for the image and compares it with the attached code. If the image contents have been manipulated in any way, the codes will not match and the image cannot be verified as the original.
So the upshot is that they use a memory card which has some additional security functionality. This additional functionality can only be accessed by the card reader and the camera.
The the crackers simply need to break that functionality or bypass it. This could be accomplished by breaking the camera's firmware (or the card reader) and changing it, or sitting between the USB reader and the computer (software or hardware wise) and changing the data as it goes along. Alternately it woud not be impossible to modify the camera so it gets the image from a computer instead of an image sensor.
The ultimate, however, would be to break the protocol and keys between the reader and card or camera and card. Hopefully they are using a good encryption algorithm with fully secured sessions and a long key. I'd hate to see this broken in less than a few months time.
-Adam
Re:Courtroom. (Score:4, Interesting)
From this review of the new eos-1d mark ii [imaging-resource.com]:
Re:Canon (Score:3, Interesting)
You completely missed the point of my statement -- in our setting, a small business with several dozen cameras of different models (old models that still worked that were discontinued, needed more functionality, etc) it would be very stupid to have a camera with a propriety battery or memory card. I can swap batteries or CF cards with any camera in our office -- and the CF cards are easily readable on any machine with a $20 reader -- without the need to install drivers and completely OS independent. I can also toss them into our laptops (again without drivers) using PCMCIA adaptors. Name another format that offers all of those advantages.
I would also question the 10% of their charge daily. I used to be quite the digitial photography buff back in the day but nowadays I only use my (personal) digicam every few weeks. I have picked up my digicam (a Casio QV-3500X) after having it sit idle (with the batteries in it no less -- so assume there is a small draw on them to maintain the clock/camera settings) for over two months and proceeded to take 40-50 pictures using the LCD the entire time. My four AA NiMH batts lasted the entire time. With a fully charged set loaded fresh I can take 200+ pictures (again using the LCD the whole time) without problems.
When we use them at the office we typically only wind up recharging them once every three weeks or so -- and we take dozens of pictures daily.
Granted li-ion is a better technology overall (I love my extended run-time li-ion batt for my cell phone) but NiMH still has a place and until they figure out a way to put li-ion technology into standard battery sizes (AA/AAA) I'll stick with my NiMH batts for my digicams/CD-players. In the worst case scenario if my NiMH batts die and I don't have a spare set (like that's ever going to happen) I can always buy AAs at any store in the world and toss them into my product -- try that with your propriety formats that only exist to make the manufacturer more money.
What about SECURE photography? (Score:5, Interesting)
I would love to see the firmware write all photographs to the CompactFlash already encrypted to my public key. Of course, that would mean you'd have to (1) forego viewing the images on the LCD, or (2) require the private key and allow entering some kind of text phrase or biometrical key.
It's not like I engage in some sort of espionage or porn market, but I want to see more publically available data devices support cradle-to-grave security.
Re:Courtroom. (Score:3, Interesting)
Re:won't work (Score:2, Interesting)
As an attorney.. (Score:2, Interesting)
Re:It's called MD5 (?) (Score:5, Interesting)
The weak point is in the 'tamperproof' chip -- research on smart cards [securingjava.com] has shown that virtually any so-called 'tamperproof' security system can be cracked. A court could demand to see one's camera (to ascertain that it had not been altered), but some smartcard attacks (such as those based on timing or power consumption) don't even need to modify the card to get at the key -- some of these attacks might translate to cameras, as well. It would be possible to provide pretty good image verification with this system. But a determined attacker could break it.
Camera fingerprinting (Score:1, Interesting)
My camera has one that's permanently stuck to purple in the same place in every shot. You have to look really closely when that region is bright, but it's always there. There are a few others which are a bit darker but are also always there.
Using this kind of logic and with access to a suspect camera, you could probably establish who shot a picture within a reasonable doubt. I mean, what are the odds of a specific set of LCD anomalies repeating on a different camera?
Re:Camera fingerprinting (Score:3, Interesting)
Re:won't work (Score:3, Interesting)