[Cryptography] Photojournalists & filmmakers want cameras, to be encrypted

Phillip Hallam-Baker phill at hallambaker.com
Tue Dec 27 12:35:10 EST 2016


​Most pro DSLRs have some sort of image authentication built in. None that
have been examined have turned out to be competent. The tell is usually the
need to buy special apparatus to verify the signatures. That means they are
doing some sort of idiot HMAC scheme with a shared key across every device.
​
The fact that you can get a sensor without any security controls in limits
what yuou can hope to achieve in trustworthy hardware. Any sequence of bits
that you generate with your trustworthy camera, I can generate by splicing
a hardware emulator for the sensor onto the trustworthy DSP.

The only way you could get to a trustworthy device would be if you can put
the image authentication on the chip. And that is a huge problem for all
sort of reasons.


Absent custom VLSI for this purpose, the best you can hope for is:

Confidentiality: Encrypt on the device to a public encryption key. Images
can only be decrypted using the corresponding decryption key. For added
security, decryption may be controlled further by splitting the decryption
key so that participants can only decrypt with the participation of a
recryption service.

Integrity: Hash the image as it is recorded to storage medium and enroll
the hash in a linked log (aka blockchain) as soon as possible after the
photograph is taken. A photograph of the JFK assassination known to have
been taken before 19:00 UTC on 22 November 1963 is a lot more trustworthy
than one that was only found last week. This interaction can be achieved
over a very low bandwidth link.

Availability: Upload the image or a downsampled version thereof to a
service. This does require a lot of bandwidth though.

You can go a little further if you use steganography of course. But that is
not remotely practical for a commercial product as the steganography will
be known.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20161227/ef8e8380/attachment.html>


More information about the cryptography mailing list