Trusted Camera - Offline Version
The diagram shows an "offline" version of the camera - no external connection is required. This
would be the case in many applications - journalism, data gathering, scene-of-crime photography etc.
The manufacturer maintains a secure facility where pairs of public and private keys are generated.
The public keys are stored in a safe place and also published on the Web. The private keys are
embedded in the camera hardware, ideally in a microchip such as a field-programmable gate array or
programmable device with copy protection, so that it is not trivial to read the key back.
Operation is as follows:
To verify the authenticity of the image, the public key may be retrieved from the manufacturer's
website using the serial number of the camera. Public keys themselves may be digitally signed by the
manufacturer as a guarantee against tampering on the public website.
- A digital image is taken using a CCD or similar device.
- An MD5 checksum is made of the image object.
- The output of a tamper-proof counter is appended to the checksum. The counter may incorporate
clock (that is not settable by any method, such as user controls or battery removal).
- Optional metadata, such as a user-generated title, frame number, or GPS location, may be also appended.
- The checksum and metadata are digitally signed with the camera's private key.
- The signed checksum and metadata are appended to the image object.
- The image is saved to memory.
The signature on the image object may then be verified using the public key.
Since any cropping or scaling of the image will invalidate the signature, it may be useful
if the camera encodes and signs several resolutions simultaneously, for instance a full-size image
plus a thumbnail.
For still images, operation is relatively simple. A signed checksum exists for each image, and
may be identified by, for instance, filename (img001.jpg, img.001.sig, img002.jpg, img.002.sig....).
The signature object may also include a reference to the image by name or frame number.
For video, the issue is more complex. Each frame, or selected frames, may have a checksum, several of
which may be combined under one signature. For a video sequence stored as e.g. an MPEG file, there
is then a corresponding signature file which refers back to frame numbers within the MPEG data.
- A sufficiently determined attacker with physical access to the camera may extract the private key.
It may then be possible to clone the key and generate falsified images with altered counter settings,
and possibly to restore the camera to normal operation. However, the counter would indicate any
duplicate images. It might be simpler to steal the camera, take photographs, then restore it.
In military and espionage applications, chips have been fitted with explosive or acid layers to
deter physical examination.
While the private key and signing mechanism may be integrated into one device with the
camera operating system, the imaging device, usually a CCD, would probably be separate.
It may be possible to inject a fraudulent or time-delayed image into the camera instead of
the signal from the CCD.
The image may be trivially falsified by pointing the camera at a printed photograph or
Back to Main Page