[Cryptography] Photojournalists & filmmakers want cameras, to be encrypted
Joshua Marpet
joshua.marpet at guardedrisk.com
Wed Dec 21 11:57:05 EST 2016
A fascinating point about the perception of encryption vs. the reality of
encryption. Can we break this discussion down a bit?
What I mean is, if still and video footage has issues, what are the issues,
and what are some solutions to those issues? A knee-jerk jump to
"Encryption Magic will SAVE THE DAY!!" might not be the right answer. :)
Forgive the levity.
Issues:
1. Unauthorized editing of video or stills
2. Pressure, ranging to duress, to delete stills or video
3. Pressure, ranging to duress, to view stills or video
4. Unauthorized recording of information - Example - I don't want precise
location tags on a pic, to protect a source, but the camera does so without
my consent or knowledge.
5. Verifiably "correct" stills or video - I know this content has not been
altered. (Different from #1, unauthorized editing, in that #1 is more about
access control, and this is more about forensic verifiability)
So, I am probably missing a few. Please feel free to add.
My initial thoughts, and again, please feel free to point and laugh.
2 and 3 are solved with remote storage, to a "safe" place, of the stills or
video. Take it off the camera, fast.
4 is only solved if you open source the camera software and firmware, and
that's probably not going to happen.
1 and 5 can be solved by hashing frames, and interlocking sequences of
frames. Hash Frame 1,2,3,4,5. Hash Frames 1-5, and 5-9, and 9-14. I can
then tell you if any single frame has been altered, and if anybody has
tried to add anything to the stream.
I'm possibly being naive, but I don't see encryption (past hashing) as
needed. tell me where I'm wrong?
On Tue, Dec 20, 2016 at 10:14 AM, Peter Todd <pete at petertodd.org> wrote:
> On Mon, Dec 19, 2016 at 10:30:50PM +0000, Ben Laurie wrote:
> > > But public key encryption provides another option: encrypt the pix
> with someone's *public key*; the *private key* is unknown to the
> photographer.
> > >
> > > So far as the photographer is concerned, the pix storage is a black
> hole, which can only be entered by means of the private key.
> > >
> > > Yes, the storage can be destroyed (if it can be found); thus, it would
> be better to transmit it in real time -- e.g., ACLU's "Mobile Justice" app
> for recording police activities.
> > >
> > > (I don't know if ACLU's "Mobile Justice" app encrypts or not, nor
> whether it uses PKI if it does encrypt.)
> >
> > I guess your one comfort in enhanced interrogation will be that
> > there's no way to make it stop.
>
> Don't get too dramatic; there's lots of countries where rule of law is
> sufficiently respected that the consequences of being unable to decrypt are
> tolerable, while the consequences of being *able* to decrypt are
> unacceptable.
>
> For starters, most western democracies fall into that category.
>
> --
> https://petertodd.org 'peter'[:-1]@petertodd.org
>
> _______________________________________________
> The cryptography mailing list
> cryptography at metzdowd.com
> http://www.metzdowd.com/mailman/listinfo/cryptography
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20161221/85fa92cd/attachment.html>
More information about the cryptography
mailing list