[Cryptography] [FORGED] Crptographic ticket tape (fake news)

Natanael natanael.l at gmail.com
Tue Jun 4 07:21:07 EDT 2019

Den tis 4 juni 2019 08:17Peter Gutmann <pgut001 at cs.auckland.ac.nz> skrev:

> Danny Muizebelt <dannym at packetloss.at> writes:
> >In securing original footage from tampering would a ticker tape in the
> >background be viable? The tape would be timestamps encrypted with the
> >producer's private key.
> There has been endless work done on tamperproof (meaning within certain
> cryptographic assumptions) logging, if you want to secure surveillance
> footage
> you'd be far better using any of those schemes than trying something like
> this.

To build on this, the much more productive approach is to apply
cryptographic signatures to the full image frames in the video stream.

Any timestamps can then be added on top of that via a variety of digital
timestamping services (the above mentioned logging systems usually work in
a similar way to these). But keep in mind that they only prove "this data
existed at this date", nothing else.
(You can also timestamp first, and sign the video with verified timestamp

To prevent a reconstruction of the video which lacks the digital signatures
is nearly impossible. Digital watermarking schemes meant to prevent edits
tends to get broken. Even a perfect embedding scheme can be defeated by
something as simple as recording a reenactment (or maybe even using machine
learning to "repaint" the frames automatically?).

But if we just assume we want unmanipulated videos to be easy to verify,
and we assume we can't just put a signature in file metadata:

You could do something like hashing the top bits of each pixel value and
embedding the signature of them in the bottom bits. Or use a fuzzy hash
function over the frame and embed the signature with water marking
techniques. Or just make every 30th frame a data frame holding a signature
of the collection of hashes for the previous visual frames. Some fuzzy
hashing mechanisms can also handle cropping and rescaling (resizing) of the
video and still allow verification of that the video is visually the same.

There's an endless number of ways to embed cryptographic data in this way
to detect alterations that substantially changes the frame contents.

But all of these methods requires trust in the key holder / signer. Because
pixels are just too easy to edit.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20190604/0aff0e35/attachment.html>

More information about the cryptography mailing list