EP1072149A1 - Authentication and verification within a digital camera architecture - Google Patents

Authentication and verification within a digital camera architecture

Info

Publication number
EP1072149A1
EP1072149A1 EP19990965936 EP99965936A EP1072149A1 EP 1072149 A1 EP1072149 A1 EP 1072149A1 EP 19990965936 EP19990965936 EP 19990965936 EP 99965936 A EP99965936 A EP 99965936A EP 1072149 A1 EP1072149 A1 EP 1072149A1
Authority
EP
Grant status
Application
Patent type
Prior art keywords
photograph
digital
camera
produce
hash digest
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
EP19990965936
Other languages
German (de)
French (fr)
Inventor
Mark Leonard Buer
John Francis Kowalski
Joseph Victor Wallace
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Koninklijke Philips NV
Original Assignee
Koninklijke Philips NV
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N1/00Scanning, transmission or reproduction of documents or the like, e.g. facsimile transmission; Details thereof
    • H04N1/32Circuits or arrangements for control or supervision between transmitter and receiver or between image input and image output device
    • H04N1/32101Display, printing, storage or transmission of additional information, e.g. ID code, date and time or title
    • H04N1/32128Display, printing, storage or transmission of additional information, e.g. ID code, date and time or title attached to the image data, e.g. file header, transmitted message header, information on the same page or in the same computer file as the image
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N2201/00Indexing scheme relating to scanning, transmission or reproduction of documents or the like, and to details thereof
    • H04N2201/32Circuits or arrangements for control or supervision between transmitter and receiver or between image input and image output device
    • H04N2201/3201Display, printing, storage or transmission of additional information, e.g. ID code, date and time or title
    • H04N2201/3204Display, printing, storage or transmission of additional information, e.g. ID code, date and time or title of data relating to a user, sender, addressee, machine or electronic recording medium
    • H04N2201/3205Display, printing, storage or transmission of additional information, e.g. ID code, date and time or title of data relating to a user, sender, addressee, machine or electronic recording medium of identification information, e.g. name or ID code
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N2201/00Indexing scheme relating to scanning, transmission or reproduction of documents or the like, and to details thereof
    • H04N2201/32Circuits or arrangements for control or supervision between transmitter and receiver or between image input and image output device
    • H04N2201/3201Display, printing, storage or transmission of additional information, e.g. ID code, date and time or title
    • H04N2201/3212Display, printing, storage or transmission of additional information, e.g. ID code, date and time or title of data relating to a job, e.g. communication, capture or filing of an image
    • H04N2201/3214Display, printing, storage or transmission of additional information, e.g. ID code, date and time or title of data relating to a job, e.g. communication, capture or filing of an image of a date
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N2201/00Indexing scheme relating to scanning, transmission or reproduction of documents or the like, and to details thereof
    • H04N2201/32Circuits or arrangements for control or supervision between transmitter and receiver or between image input and image output device
    • H04N2201/3201Display, printing, storage or transmission of additional information, e.g. ID code, date and time or title
    • H04N2201/3212Display, printing, storage or transmission of additional information, e.g. ID code, date and time or title of data relating to a job, e.g. communication, capture or filing of an image
    • H04N2201/3215Display, printing, storage or transmission of additional information, e.g. ID code, date and time or title of data relating to a job, e.g. communication, capture or filing of an image of a time or duration
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N2201/00Indexing scheme relating to scanning, transmission or reproduction of documents or the like, and to details thereof
    • H04N2201/32Circuits or arrangements for control or supervision between transmitter and receiver or between image input and image output device
    • H04N2201/3201Display, printing, storage or transmission of additional information, e.g. ID code, date and time or title
    • H04N2201/3225Display, printing, storage or transmission of additional information, e.g. ID code, date and time or title of data relating to an image, a page or a document
    • H04N2201/3233Display, printing, storage or transmission of additional information, e.g. ID code, date and time or title of data relating to an image, a page or a document of authentication information, e.g. digital signature, watermark
    • H04N2201/3236Details of authentication information generation

Abstract

An enhanced digital camera includes a non-volatile memory in which is stored a security value used to produce digital signatures for photographs. A processor within the enhanced digital camera processes a photograph by hashing digital data for the photograph to produce a hash digest. The processor then performs a digital signature function using the security value in order to produce a digital signature for the photograph.

Description

AUTHENTICATION AND VERIFICATION WITHIN A DIGITAL

CAMERA ARCHITECTURE

TECHNICAL FIELD The present invention concerns digital cameras and pertains particularly to authentication and verification within a digital camera architecture.

BACKGROUND As digital cameras become a widely used consumer item, there is a likelihood that photographs taken by digital cameras will increasingly be used for applications such as insurance claims and law enforcement. However, unlike previous photographic cameras, digital photography presents even the novice photographic enthusiast, using a standard personal computer, the means to "doctor" or manipulate photographs without detection. This is because digital cameras allow for photographs to be manipulated, modified and edited without degradation to the quality of the photograph. Consequently detection of such manipulations are not possible. This could present the opportunity for an unscrupulous individual to utilize digital photography to perform insurance fraud or to tamper with evidence used in a court of law.

SUMMARY OF THE INVENTION In accordance with the preferred embodiment of the present invention, an enhanced digital camera includes a non-volatile memory in which is stored a security value used to produce digital signatures for photographs. A processor within the enhanced digital camera processes a photograph by hashing digital data for the photograph to produce a hash digest. The processor then performs a digital signature function on the hash digest using the security value in order to produce a digital signature for the photograph. In the preferred embodiment, the processor hashes a serial number for the camera and a date and time stamp along with the digital data for the photograph to produce the hash digest. The security value is, for example, a unique private key that is part of a private/public key pair. To increase security of the private key the non-volatile memory and the processor are within a secure integrated circuit and the processor generates the private/public key pair. The non-volatile memory is, for example, a one-time programmable memory. The public key is, for example, stored in a third party database and may be accessed (using the serial number for the enhanced digital camera) when it is necessary to authenticate a photograph taken by the enhanced digital camera.

The digital signature is stored with the digital data for the photograph. In order to authenticate the photograph, digital data for the photograph is hashed to produce a computed hash digest. For example, the serial number for the camera and the date and time stamp are hashed along with the digital data for the photograph. The public key for the enhanced digital camera is used to perform a digital signature function on the digital signature for the photograph in order to produce an extracted hash digest. The computed hash digest is compared with the extracted hash digest to determine whether the photograph is authentic and unaltered. The authentication and integrity verification utilized by the enhanced digital camera architecture of the present invention provides the necessary functionality to authenticate photographs and to detect alterations.

BRIEF DESCRIPTION OF THE DRAWINGS

Figure 1 is a simplified block diagram of a digital camera architecture that incorporates authentication and verification in accordance with a preferred embodiment of the present invention.

Figure 2 illustrates an authentication and verification process within a digital camera in accordance with a preferred embodiment of the present invention.

Figure 3 illustrates a detection process used to detect modification of a digital picture and/or digital signature in accordance with a preferred embodiment of the present invention.

DISCLOSURE OF THE INVENTION Figure 1 is a simplified block diagram of the architecture of an enhanced digital camera 10 that incorporates authentication and verification in order to provide the necessary functionality to protect digital photographic data from alterations. Digital camera 10, for example, can operate in an authentication and integrity verification (AIV) mode or in non- AIV mode. In AIV mode, enhanced digital camera 10 architecture authenticates and digitally signs each photograph as a picture is taken. This allows for detection of tampering with the original photograph. A hash function is used to protect the integrity of the original digital image and a digital signature function is used to protect the authenticity of the image. The solution will not prevent tampering, rather it allows for detection of the tampering.

Enhanced digital camera 10 includes the typical functional blocks normally included within a digital camera. For example, enhanced digital camera 10 includes an image processor 11 and a memory module for storing pictures that have been taken.

A secure camera integrated circuit 12 contains other functional blocks of enhanced digital camera 10. These functional blocks are contained in a single integrated circuit, not only to reduce manufacturing cost, but also to provide a necessary level of security that does not allow a private key component to ever be exposed outside secure camera integrated circuit 12.

The functional components included within secure camera integrated circuit 12 are an analog- to-digital (A/D) converter block 21, a digital signal processing block 23, random access memory (RAM) 24, read-only memory (ROM) 25 and a memory module interface 27.

In addition, secure camera integrated circuit 12 includes a one-time programmable (OTP) memory 26. One-time programmable memory 26 is a secure memory that stores the security value of the digital camera. Alternative to a one-time programmable memory, memory 26 could be manufactured from flash memory, programmable read-only memory

(PROM), EEPROM, or any other memory that can permanently and securely store the security value of enhanced digital camera 10.

The security value of enhanced digital camera 10 is, for example, a unique public/private key pair. Alternatively, the security value of the digital camera is any unique security value that can be used to produce a digital signature. For example, microprocessor 23 generates a public/private key pair at the time of manufacture of enhanced digital camera 10. Microprocessor 23 programs the generated public/private key pair into OTP memory 26. The public key component of the public/private key is then sent out of secure camera integrated circuit 12 and enhanced digital camera 10. The public key is then recorded, along with the serial number, for example, by a secure third party (Certificate Authority), for purposes of later authenticating and verifying the integrity of a photograph. For example, the secure third party could be a company that is in the business of issuing digital certificates for individuals and corporations.

Figure 2 illustrates an authentication and verification process that is utilized by enhanced digital camera 10 in accordance with a preferred embodiment of the present invention. When a photograph is snapped, the resulting digital data 31 is stored in RAM 24. A date and time stamp 41, generated by a real-time clock 32, is prepended to digital data 31. Also prepended to digital data 31 is a camera serial number 42 of enhanced digital camera 10. A hash function 34 is used to hash together digital data 31, date and time stamp 41 and camera serial number 42 in order to generate a hash digest 35. A digital signature function 37 digitally signs hash digest 35 with a unique private key 36 to produce a digital signature 44. Unique private key 37 is a private key which is used only for enhanced digital camera 10. Digital signature 44 is appended to digital data 31. The entire structure for the photograph, including data/time stamp 41, camera serial number 42, digital data 31 and digital signature 44, is stored in memory module 13. The stored structure for the photograph allows the photograph to be authenticated. In effect, a digital fingerprint of the photograph has been created as the photograph is taken. This allows any changes to the picture to be detected. The preferred embodiment of the present invention resists attack by those trying to circumvent the protection system. The two most obvious ways to attack the protection system would be to modify the photograph (digital data 31) and return it to memory module 13 or to modify the photograph (digital data 31) and digital signature 44, so the two match, and return the result to memory module 13. Either of these attacks, however, can be protected utilizing the preferred embodiment of the present invention. Figure 3 illustrates a detection process used to detect when the photograph (digital data 31) has been modified and returned to memory module 13 or when the photograph (digital data 31) and digital signature 44 have both been modified and then returned to memory module 13.

A secure database 60 is used to store public keys for enhanced digital cameras. For example, database 60 is a third party database used to archive the camera serial numbers and associated public keys. As show in Figure 3, each of representative entries 61, 62, 63 and 64 includes a camera serial number and an associated public key.

In order to detect whether a digital data 53 within a structure 50 has been modified, a hash function 71 is used to hash together digital data 53, a date and time stamp 51 and a camera serial number 52 in order to generate a computed hash digest 72. Camera serial number 52 is used to access from database 60 a unique public key 73 for the enhanced digital camera. A digital signature function 74 uses unique public key 73 to extract from digital signature 50 an extracted hash digest 75. A compare function 76 compares computed hash digest 72 with extracted hash digest 75 and an output 77 indicates whether there is a match (i.e., the photograph is authentic and unaltered) or there is not a match (i.e., the photograph is not authentic or has been altered).

The detection process in Figure 3 detects both the case where a photograph has been modified and returned to a memory module and the case where a photograph and digital signature have been modified and both returned to memory module 13. Modifying the photograph (but not the signature) and returning it to the memory module would result in a mismatch of the hash value of the new picture and the hash value stored in the signature. Modifying both the photograph and the signature would also result in a mismatch of the computed hash value and the hash value stored in the signature. Even though the hash value stored in the signature was properly computed, unless the hash value is signed with the correct private key, it will be detected as an altered photograph. Thus, someone attempting to sign a photograph with a non-registered public/private key pair could be detected.

While the present invention provides significant protection, there are possible ways an attempt could be made to circumvent the protection system. For example, an attempt could be made to extract the private key from a registered camera via a physical attack. The extracted private key could then be used to sign the hash value of a modified photograph. In the event this type of tampering is suspected, it may be necessary to examine the enhanced digital camera for signs of tampering to determine whether a physical attack has occurred. Also precautions can be taken when designing secure camera IC 12 to assure that the private key would be very difficult to access by an attacker. The strength and integrity of the system is predicated on the ability to store data (i.e., a private key) internal to the camera in a secure manner. The most effective way to do this, as described above, is to utilize a one-time programmable memory that is fully integrated into a single chip architecture in the enhanced digital camera. In this way, it is never necessary for the private key information to be sent outside the secure integrated circuit and increasing the ability to protect the integrity of photographs. Another potential attack on the integrity of the system would be for an attacker to access database 60 in order to insert a bogus public key. Photographs could then be "authenticated" with a bogus private key related to the bogus public key. However, inserting a bogus public key into a secured, third-party database could be difficult to achieve without detection. Databases used for securing digital signatures are typically digitally signed by the third party, adding an additional layer of security. Providing similar safeguards for database 60 would provide significant protection to the embodiments of the present invention.

The foregoing discussion discloses and describes merely exemplary methods and embodiments of the present invention. As will be understood by those familiar with the art, the invention may be embodied in other specific forms without departing from the spirit or essential characteristics thereof. Accordingly, the disclosure of the present invention is intended to be illustrative, but not limiting, of the scope of the invention, which is set forth in the following claims.

Claims

CLAIMS We Claim: 1. A method for protecting a photograph taken by a digital camera comprising the following steps: (a) hashing digital data for the photograph to produce a hash digest; and, (b) performing a digital signature function on the hash digest using a security value in order to produce a digital signature for the photograph.
2. A method as in claim 1 additionally comprising the following step: (c) storing the digital signature with the digital data for the photograph.
3. A method as in claim 1 wherein step (a) includes hashing a serial number for the camera along with the digital data for the photograph to produce the hash digest.
4. A method as in claim 1 wherein step (a) includes hashing a serial number for the camera and a date and time stamp along with the digital data for the photograph to produce the hash digest.
5. A method as in claim 1 wherein in step (b) the security value is a unique private key which is part of a private/public key pair.
6. A method as in claim 1 wherein step (a) and step (b) are both performed within a secure integrated circuit.
7. A method for authenticating a photograph taken by a digital camera comprising the following steps: (a) hashing digital data for the photograph to produce a computed hash digest; (b) accessing a security value for the digital camera; (c) using the security value for the digital camera to perform a digital signature function on a digital signature for the photograph in order to produce an extracted hash digest; and, (d) comparing the computed hash digest with the extracted hash digest to determine whether the photograph is authentic.
8. A method as in claim 7 wherein in step (c) the digital signature is stored with digital data for the photograph.
9. A method as in claim 7 wherein step (a) includes hashing a serial number for the camera along with the digital data for the photograph to produce the computed hash digest.
10. A method as in claim 7 wherein step (a) includes hashing a serial number for the camera and a date and time stamp along with the digital data for the photograph to produce the computed hash digest.
11. A method as in claim 7 wherein in step (b) the security value is a public key which is part of a private/public key pair.
12. An enhanced digital camera, comprising: a non-volatile memory in which is stored a security value used to produce digital signatures for photographs; and, a processor, the processor processing a photograph by hashing digital data for the photograph to produce a hash digest and the processor performing a digital signature function on the hash digest using the security value in order to produce a digital signature for the photograph.
13. An enhanced digital camera as in claim 12 wherein the processor stores the digital signature with the digital data for the photograph.
14. An enhanced digital camera as in claim 12 wherein when the processor hashes the digital data for the photograph, the processor hashes a serial number for the camera along with the digital data for the photograph to produce the hash digest.
15. An enhanced digital camera as in claim 12 wherein when the processor hashes the digital data for the photograph, the processor hashes a serial number for the camera and a date and time stamp along with the digital data for the photograph to produce the hash digest.
16. An enhanced digital camera as in claim 12 wherein the security value is a unique private key which is part of a private/public key pair.
17. An enhanced digital camera as in claim 12 wherein the non- volatile memory and the processor are within a secure integrated circuit.
18. An enhanced digital camera as in claim 12 wherein the non- volatile memory is a one-time programmable memory.
19. An enhanced digital camera as in claim 12 wherein the processor generates the security value.
20. An enhanced digital camera as in claim 12 wherein the security value is a unique private key which is part of a private/public key pair which is generated by the processor.
EP19990965936 1999-02-16 1999-11-30 Authentication and verification within a digital camera architecture Withdrawn EP1072149A1 (en)

Priority Applications (3)

Application Number Priority Date Filing Date Title
US25109399 true 1999-02-16 1999-02-16
US251093 1999-02-16
PCT/US1999/028290 WO2000049797A1 (en) 1999-02-16 1999-11-30 Authentication and verification within a digital camera architecture

Publications (1)

Publication Number Publication Date
EP1072149A1 true true EP1072149A1 (en) 2001-01-31

Family

ID=22950448

Family Applications (1)

Application Number Title Priority Date Filing Date
EP19990965936 Withdrawn EP1072149A1 (en) 1999-02-16 1999-11-30 Authentication and verification within a digital camera architecture

Country Status (3)

Country Link
EP (1) EP1072149A1 (en)
JP (1) JP2002542502A (en)
WO (1) WO2000049797A1 (en)

Families Citing this family (17)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6735253B1 (en) 1997-05-16 2004-05-11 The Trustees Of Columbia University In The City Of New York Methods and architecture for indexing and editing compressed video over the world wide web
US7216232B1 (en) * 1999-04-20 2007-05-08 Nec Corporation Method and device for inserting and authenticating a digital signature in digital data
DE10119647A1 (en) * 2001-04-20 2002-10-24 Transas S R O Digital recording of all types of image and sound data with means for ensuring recorded data is not manipulated by encryption of data after recording and prior to output in a manner analogous to watermarking
US20030065922A1 (en) 2001-09-28 2003-04-03 Fredlund John R. System and method of authenticating a digitally captured image
EP1452012A2 (en) * 2001-10-03 2004-09-01 The Trustees of Columbia University in the City of New York Method and apparatus for watermarking and authenticating data
EP1453292A1 (en) * 2001-11-30 2004-09-01 Swiss Imaging Technologies AG Image data improvement for wirelessly transmitted digital image data
JP2003198540A (en) * 2001-12-28 2003-07-11 Canon Inc Image generator and verification data generating method
GB0317964D0 (en) * 2003-07-31 2003-09-03 Sony Uk Ltd Access control for digital content
GB0317967D0 (en) 2003-07-31 2003-09-03 Sony Uk Ltd Access control for digital content
WO2006096612A3 (en) 2005-03-04 2007-07-05 Univ Columbia System and method for motion estimation and mode decision for low-complexity h.264 decoder
JP4835533B2 (en) * 2007-08-03 2011-12-14 株式会社ニコン The image input device and program
WO2009126785A3 (en) 2008-04-10 2010-01-07 The Trustees Of Columbia University In The City Of New York Systems and methods for image archaeology
GB0812219D0 (en) * 2008-07-04 2008-08-13 Canford Audio Plc Apparatus and method for secure recording of interviews
US8671069B2 (en) 2008-12-22 2014-03-11 The Trustees Of Columbia University, In The City Of New York Rapid image annotation via brain state decoding and visual pattern mining
DE102011122273A1 (en) * 2011-12-23 2013-06-27 Giesecke & Devrient Gmbh Device and method for creating digital images
US9384520B2 (en) 2013-06-21 2016-07-05 Signs & Wonders Unlimited, Llc System and method for encoding and authenticating a digital image
RU2633185C2 (en) * 2014-05-28 2017-10-11 Сергей Валентинович Баушев Method of creating digital photos protected from forgery, and device for its implementation

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5499294A (en) * 1993-11-24 1996-03-12 The United States Of America As Represented By The Administrator Of The National Aeronautics And Space Administration Digital camera with apparatus for authentication of images produced from an image file
US5801856A (en) * 1996-07-24 1998-09-01 Eastman Kodak Company Secure photographic systems
JP3154325B2 (en) * 1996-11-28 2001-04-09 日本アイ・ビー・エム株式会社 System and image authentication system Komu hide authentication information to the image
US5898779A (en) * 1997-04-14 1999-04-27 Eastman Kodak Company Photograhic system with selected area image authentication

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See references of WO0049797A1 *

Also Published As

Publication number Publication date Type
JP2002542502A (en) 2002-12-10 application
WO2000049797A1 (en) 2000-08-24 application

Similar Documents

Publication Publication Date Title
US6845453B2 (en) Multiple factor-based user identification and authentication
US6081893A (en) System for supporting secured log-in of multiple users into a plurality of computers using combined presentation of memorized password and transportable passport record
Rey et al. A survey of watermarking algorithms for image authentication
US6557104B2 (en) Method and apparatus for secure processing of cryptographic keys
US5499294A (en) Digital camera with apparatus for authentication of images produced from an image file
US6536665B1 (en) Method and apparatus for transaction card security utilizing embedded image data
US7222235B1 (en) Image processing system utilizing digital watermarks in predetermined regions
US7131144B2 (en) Methods and apparatus for protecting information
US7111168B2 (en) Digital watermarking systems
Blythe et al. Secure digital camera
US6170058B1 (en) Method and apparatus for cryptographically camouflaged cryptographic key storage, certification and use
US6253324B1 (en) Server verification of requesting clients
US20030041239A1 (en) Systems and methods using cryptography to protect secure computing environments
US20080005578A1 (en) System and method for traceless biometric identification
US6301660B1 (en) Computer system for protecting a file and a method for protecting a file
US20100185864A1 (en) Multi-Dimensional Credentialing Using Veiled Certificates
EP0895148A1 (en) Software rental system and method for renting software
US20070136198A1 (en) Method of facilitating the tracing and/or auditing of operations performed during check image processing
US20050005112A1 (en) Controlling access to a resource by a program using a digital signature
US20040243806A1 (en) Digital watermarking security systems
US20060041754A1 (en) Content distribution site spoofing detection and prevention
EP0676877A2 (en) Method and apparatus for authentication and verification of printed documents using digital signatures and authentication codes
US6185316B1 (en) Self-authentication apparatus and method
US8006299B2 (en) Encryption and authentication systems and methods
US20020078347A1 (en) Method and system for using with confidence certificates issued from certificate authorities

Legal Events

Date Code Title Description
AK Designated contracting states:

Kind code of ref document: A1

Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LI LU MC NL PT SE

17P Request for examination filed

Effective date: 20010226

18W Withdrawn

Withdrawal date: 20020403