Video evidence is relatively easy to fix, you just need camera ICs to cryptographically sign their outputs. If the image/video is tampered with (or even re-encoded) the signature won’t match. As the private key is (hopefully!) stored securely in the hardware IC taking the photo/video, any generated images or videos can’t be signed by such a private key.
getting the picture to perfectly replicate the image on the screen without it being noticeable that it’s just a picture of a screen would be so difficult it would probably be easier to modify the camera instead
So whatever way the camera output is being signed, what’s stopping you from signing an altered video with a similar private key and then saying “you can all trust that my video is real because I have the private key for it.”
The doubters will have to concede that the video did indeed come from you because it pairs with your key, but why would anyone trust that the key came from the camera step instead of coming from the editing step?
Mate, digital cinema uses this encryption /decryption method for KDMs.
The keys are tied into multiple physical hardware ids, many of which (such as player/.projector ) are also married cryptographically. Any deviation along a massive chain and you get no content.
Those playback keys are produced from DKDMs that are insanely tightly controlled. The DKDM production itself even more so.
And that’s just to play a movie. This is proven tech, decades old. You’re not gonna break it with premiere.
But how would one simple member of the audience easily determine if this whole chain of events is valid, when they don’t even get how it works or what to look out for?
You’d have to have a public key of trusted sources that people automatically check with their browser, but all the steps in between need to be trusted too. I can imagine it is too much of a hassle for most.
But then again, that has always been the case for most.
This is just standard public key cryptography, we already do this for website certificates. Your browser puts a little lock icon next to the URL if it’s legit, or provides you with a big, full-page warning if something’s wrong with the cert.
This is for restricting use, not proving authenticity of the videos recording. Anyone can spin up keys and sign videos, so in a legal battle it would be worthless.
The technology would be extremely easy to adapt, with the certs being tied to the original recording equipment hardware. Given i don’t see a $60 ip cam having a dolphin board it would probably be relegated to much higer end equipment, but any modification with a new key would break the chain of veracity
This is blatantly not true, it would be extremely simple to circumvent. How do you “tie” the cert to a specific hardware without trusting manufacturers? You just can’t, it’s like putting a padlock on a pizzabox.
As with everything, trust is required eventually. It’s more about reducing the amount of trust required than removing it entirely. It’s the same with HTTPS - website certificates only work if you trust the root certificate authorities, for example.
Root manufacturer keys may only be certified if they have passed some level of trust with the root authority/authorities. Proving that trust is well-founded is more a physical issue than an algorithmic one. As it is with root CAs it may involve physical cybersecurity audits, etc.
Yep, totally fair. It’s kind of crazy actually how we all trust that stuff, and when there’s a breach people just want to expire certificates more often etc.
I bet there is a better way but as long as no one is paying, we’re stuck with this mess. I have programmed stuff with x509 in the medical sector, what a trusty spaghetti mess that was, but when you finally got your cert, you could basically do whatever.
Sorry for the rant 😅 I just want to show people that even if the mathematics behind RSA is fantastic and secure, the human side is always there to break that 🤷🏼♀️.
You can enter the camera as evidence, and prove that it has been used for other footage. Each camera should have a unique key to be effective.
So if you create a new key, it won’t match the one on am existing camera. If you steal the key, then once that’s discovered, the camera should generate a new one.
But if you don’t actually check the physical camera and prove that key for yourself, then it can easily be faked by generating a key that is not coming from the camera and is used for the “proof” video and the fake video.
You, the end user, don’t have access to your camera’s private key. Only the camera IC does. When your phone / SD card first receives the image/video it’s already been signed by the hardware.
Video evidence is relatively easy to fix, you just need camera ICs to cryptographically sign their outputs. If the image/video is tampered with (or even re-encoded) the signature won’t match. As the private key is (hopefully!) stored securely in the hardware IC taking the photo/video, any generated images or videos can’t be signed by such a private key.
Wouldn’t this be as easy to break as to point a camera at a screen playing whatever you want?
Perhaps not with light field cameras. But then you could probably tamper with the hardware somehow.
getting the picture to perfectly replicate the image on the screen without it being noticeable that it’s just a picture of a screen would be so difficult it would probably be easier to modify the camera instead
So whatever way the camera output is being signed, what’s stopping you from signing an altered video with a similar private key and then saying “you can all trust that my video is real because I have the private key for it.”
The doubters will have to concede that the video did indeed come from you because it pairs with your key, but why would anyone trust that the key came from the camera step instead of coming from the editing step?
Mate, digital cinema uses this encryption /decryption method for KDMs.
The keys are tied into multiple physical hardware ids, many of which (such as player/.projector ) are also married cryptographically. Any deviation along a massive chain and you get no content.
Those playback keys are produced from DKDMs that are insanely tightly controlled. The DKDM production itself even more so.
And that’s just to play a movie. This is proven tech, decades old. You’re not gonna break it with premiere.
But how would one simple member of the audience easily determine if this whole chain of events is valid, when they don’t even get how it works or what to look out for?
You’d have to have a public key of trusted sources that people automatically check with their browser, but all the steps in between need to be trusted too. I can imagine it is too much of a hassle for most.
But then again, that has always been the case for most.
This is just standard public key cryptography, we already do this for website certificates. Your browser puts a little lock icon next to the URL if it’s legit, or provides you with a big, full-page warning if something’s wrong with the cert.
…what audience?
This is for restricting use, not proving authenticity of the videos recording. Anyone can spin up keys and sign videos, so in a legal battle it would be worthless.
The technology would be extremely easy to adapt, with the certs being tied to the original recording equipment hardware. Given i don’t see a $60 ip cam having a dolphin board it would probably be relegated to much higer end equipment, but any modification with a new key would break the chain of veracity
This is blatantly not true, it would be extremely simple to circumvent. How do you “tie” the cert to a specific hardware without trusting manufacturers? You just can’t, it’s like putting a padlock on a pizzabox.
As with everything, trust is required eventually. It’s more about reducing the amount of trust required than removing it entirely. It’s the same with HTTPS - website certificates only work if you trust the root certificate authorities, for example. Root manufacturer keys may only be certified if they have passed some level of trust with the root authority/authorities. Proving that trust is well-founded is more a physical issue than an algorithmic one. As it is with root CAs it may involve physical cybersecurity audits, etc.
Yep, totally fair. It’s kind of crazy actually how we all trust that stuff, and when there’s a breach people just want to expire certificates more often etc.
I bet there is a better way but as long as no one is paying, we’re stuck with this mess. I have programmed stuff with x509 in the medical sector, what a trusty spaghetti mess that was, but when you finally got your cert, you could basically do whatever.
Sorry for the rant 😅 I just want to show people that even if the mathematics behind RSA is fantastic and secure, the human side is always there to break that 🤷🏼♀️.
I literally explained earlier how this exact technology is used in digital cinema dude c’mon.
That doesn’t mean it’s useful for forensics, IMO.
Edit: not saying it wont be though, just that it’s not as bullet proof as you’d think, IMO.
You can enter the camera as evidence, and prove that it has been used for other footage. Each camera should have a unique key to be effective.
So if you create a new key, it won’t match the one on am existing camera. If you steal the key, then once that’s discovered, the camera should generate a new one.
But if you don’t actually check the physical camera and prove that key for yourself, then it can easily be faked by generating a key that is not coming from the camera and is used for the “proof” video and the fake video.
Any self-respecting judge would check, and hopefully most journalists would keep records of these things to prove where the footage came from.
deleted by creator
You, the end user, don’t have access to your camera’s private key. Only the camera IC does. When your phone / SD card first receives the image/video it’s already been signed by the hardware.