5

What kind of digital / cryptographic signing would make it possible to create a camera that cryptographically signs the photos it takes so that the images can be verified to have been taken with that specific camera?

The motivation is that if the camera is able to implement a trust system, then it would create the ability to trust that photos or videos that it creates have not been subsequently modified.

Some potential variables:

  • Would it be preferred to use a single signing key for all cameras of a specific model, vs. keys for each instance of the camera, and how to limit the ability to extract/steal those keys. I guess this might involve a Trusted Platform Module, but I'm not knowledgeable about hardware security.

  • Out of scope for this question: The trust would be limited by the ability to present false image data to the camera at a stage prior to the signing step, using hardware hacking or simply holding up another image in front of the sensor.

  • Instead of implementing this as hardware, implement it as a smartphone app and take advantage of existing platform security.

Simon Woodside
  • 265
  • 3
  • 10
  • 1
    Did you consider any old RSA/ECC/MAC system, like, isn't it the same as for any other kind of file? You seem to want to do it on-camera, which I'm not sure exists, but that's a separate issue than 'is it possible'. – Luc Jul 04 '19 at 19:19
  • Are you looking to build your own, or modify an existing camera? The latter is almost definitely possible by tweaking the firmware. Building your own is much harder, because of hardware security concerns. Also, is there any reason normal encryption techniques wouldn't work? – Nic Jul 04 '19 at 19:19
  • The problem with the smartphone app is that your security is going to be limited to being able to extract the private key from the software, which is generally pretty trivial. Putting this in the firmware of the camera itself is also possible, and likely potentially more secure, but you're still limited to anyone reverse-engineering the phone, and extracting the private keys from it. – Steve Sether Jul 04 '19 at 20:09
  • 4
    Your comment on what's "out of scope" is a giant weakness that completely overshadows what's in scope then. You're asking us to design a bank vault door for a tent. – Joseph Sible-Reinstate Monica Jul 04 '19 at 20:58
  • Related: a smart LED lighting system that embeds a barcode into the photos of cameras with rolling shutters (like smartphones), called LiShield [CACM paper](https://cacm.acm.org/magazines/2020/2/242333-automating-visual-privacy-protection-using-a-smart-led/fulltext) – Simon Woodside May 12 '20 at 22:53

3 Answers3

6

Both Nikon and Canon have cameras that can digitally sign photos so you might look for technical details on how they do this. At the same time, you want a better system than they implemented as a Russian firm did manage to break both systems (I believe by extracting the signing keys from the firmware).

See https://www.elcomsoft.com/news/428.html and https://blog.elcomsoft.com/2011/04/nikon-image-authentication-system-compromised/

Swashbuckler
  • 2,115
  • 8
  • 9
  • Awesome thanks! And following up on those stories, I found an old [1996 (!) paper from Bruce Schneier](https://www.schneier.com/academic/archives/1996/12/an_authenticated_cam.html) that covers exactly what I'm wondering about. – Simon Woodside Jul 08 '19 at 02:37
4

As @ThoriumBR stated, yes it’s possible …

Like so many things, while the concept is straight forward, the details and intent become complex very quickly.

What are you cryptographically signing and what constitutes modification?

Digital RAW unprocessed data as a function of taking a picture is not itself a picture yet, there is no such thing as an unprocessed picture. Are you signing this?

Resolution and sensor crop is often definable. Are you signing this?

Processing into a picture (jpeg) includes many many in-camera adjustments:

  • White balance
  • sharpness
  • lens correction
  • contrast
  • gamma
  • saturation
  • red eye
  • special effects

Are you signing these?

Is a crop of a signed picture not valid? A rotation?

Is an external filter a valid picture but the equivalent digital filter is not?

In photography the amount of processing differentiates “documentary” verses “art”, but even there the line is fuzzy.

If you're willing to accept all in-camera modifications to produce the jpeg, then a straight forward signature against the JPEG including the embedded EXIF data that identifies the camera and settings could be done. This doesn't address protection of the signing key.

user10216038
  • 7,552
  • 2
  • 16
  • 19
  • RAW data is indeed a picture. It can be displayed by most photo viewers and editors and shows up as a picture. It'll be a bit grainy and, if the viewer is implemented poorly, green-tinted, but the raw sensor data is an image. Not sure what your point there was. Also, any postprocessing that could be done onboard could also be done offboard, as is _very_ common in professional photography, so... why would signing the RAW be a problem again? – Nic Jul 04 '19 at 21:16
  • @Nic Hartley: I didn't say signing the raw was a problem, I was questioning what was intended to be signed, particularly as many cameras and users never deal with raw. Yes, if you squint your eyes and tolerate something that looks like an 1800's failed attempt at color photography you could generously call raw a picture. The point is that it only becomes what most people would consider a picture after processing. – user10216038 Jul 04 '19 at 21:25
  • Good points. Thinking about what you're saying, I guess that there would need to be a reasonable definition of "not modified" which includes in-camera modifications. There might be two useful levels (a) RAW data and (b) everything in your list except special effects. – Simon Woodside Jul 08 '19 at 02:18
2

Yes, it's entirely possible, but it will depend on the manufacturer. They must implement a functionality on the firmware creating a keypair on the camera, e signing every picture taken. The private key would have to be kept on a secure area (a TPM would be perfect).

After that, every picture taken would create a file named DCIM_01234.jpg.sig, containing the signed hash of the picture, and probably a public key of the camera. Anyone intending to verify the authenticity of the camera would just have to verify the signature.

ThoriumBR
  • 50,648
  • 13
  • 127
  • 142