JP2011142425A - Video and sound recording apparatus, and data processing method - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To solve the problem wherein mass operations are necessary to detect the alteration of a series of orders, etc., of photographed video and sound to make processing slow. <P>SOLUTION: The video and sound recording apparatus generates: generating photographed video and sound; metadata accompanying the video and sound; and an authentication code for verifying the alteration of the video and/or the metadata. The apparatus is equipped with: an internal storing part for recording context being an operation result derived in a hash operation halfway process of a first stage to be used during calculating the authentication code by a second stage hash operation; and a nonvolatile storage medium for storing an authentication code acquired by performing a second stage hash operation of the video and sound and/or the metadata accompanying the video and sound, and the context. <P>COPYRIGHT: (C)2011,JPO&INPIT

Description

  The present invention relates to a video / audio recording apparatus and a data processing method.

  In recent years, semiconductor memories such as SD memory cards, memory sticks, and compact flash (registered trademark) have become widespread as nonvolatile storage media capable of reading and writing digital data. Video and audio recording apparatuses that process data using these semiconductor memories are diverse, including electrical appliances such as personal computers, audio equipment, video equipment, mobile phones, and digital cameras. A nonvolatile storage medium that is detachable and excellent in portability, such as a semiconductor memory, is particularly useful as a bridge medium that handles data exchange between video and audio recording apparatuses. For this reason, a single nonvolatile storage medium is often attached to a plurality of video / audio recording apparatuses.

  Digitized video data and photo data taken with a digital camera, digital video camera, surveillance camera, or driving recorder can utilize the metadata stored separately by the playback device, or the video taken with the surveillance camera. Metadata such as incidental information and speed information recorded by a driving recorder is provided as incidental information when an incident occurs. Therefore, the authenticity of the stored video data and the accompanying metadata is extremely important.

Conventionally, a file system has been introduced as a mechanism for sharing data among a plurality of video / audio recording apparatuses, and data exchange is generally performed on the file system. While the file system can be used for general purposes, it can be freely tampered with, deleted from, or added to other data intentionally from a computer or the like. For this reason, several techniques as disclosed in Patent Documents 1 to 4 have been devised as techniques for detecting falsification of digital data of photographs and moving images.

  According to Patent Document 1, a hash value is generated for each field using a secret key selected for each N field at the time of recording image data, and a hash value is calculated for each field by the same processing procedure as at the time of recording when determining whether or not tampering has occurred. A method for determining the presence or absence of tampering by generating and comparing the above is disclosed. According to Patent Document 2, the first verification device uses the hash value and the first verification data to verify whether the image data has been altered. If not modified, the first verification device generates second verification data of the image data. The second verification apparatus discloses a method for verifying whether image data has been altered using the image data and the second verification data. According to Patent Document 3, a method of providing an electronic authentication code using public key encryption based on a device ID is disclosed. According to Patent Document 4, a method of performing falsification detection using a digital watermark is disclosed.

  In any method, one or more electronic authentication codes are added to an image file or a moving image file by using a hash, public key encryption, common key encryption, digital watermarking method from a part or all of digital data of image data / moving image data. The reproduction device or verification device compares the electronic authentication code with the original digital data to determine whether or not tampering has occurred.

JP 2005-310038 A JP 2003-198543 A JP 2000-56681 A JP 2000-152148 A

  The methods shown in the prior art documents can detect alteration of images or moving image data and metadata associated with the data of each image or moving image file. However, when a part of video / audio content or metadata is deleted from a video / audio set composed of a plurality of files in a series of shooting actions, or when the order of the contents is changed, it cannot be detected. To detect the deletion of a part of video / audio content or a file storing metadata from a video / audio set composed of multiple files, a hash function (with all metadata and content as original data) A method of generating an authentication code using a message compression function) and comparing the authentication codes can be considered.

  An HMAC-SHA-1 algorithm is taken as an example of an authentication code for verifying whether the metadata and content have been tampered with or deleted. First, SHA-1, which is a hash function (message compression function) used in HMAC-SHA-1, will be described with reference to FIG. The SHA-1 function is a function for generating a digest 1120 of several tens of bytes from a message 1100 that is long data.

  The message is divided in units of 64 bytes. If the end block is less than 64 bytes as a result of division, padding is performed with a value of 0. (Step S1101)

  The initial vector 1110 having the same length as the digest 1120 and the block 1 are input, and calculation is performed with a compression function that is an aggregate of stirring functions. The result of the calculation and the block 2 are input, and the calculation is performed again with the compression function. This is repeated up to block m, and the final calculation result is digest 1120 (step S1102).

  Hereinafter, the processing in step S1102 will be referred to as SHA-1 compression processing. It is difficult to obtain two messages having the same digest by passing through a multistage stirring function.

  Next, an authentication code generation method will be described with reference to FIG. In the HMAC-SHA-1 algorithm, a value obtained by exclusive ORing a 64-byte common encryption key and two 64-byte constant values ipad and opad held in common with the video / audio recording apparatus 100 that performs falsification detection use. The ipad is composed of 64 0x36. The opad is composed of 64 0x5c. In addition, the constant value of ipad / opad may be another value as an example. Here, a value obtained by exclusive-ORing ipad and the encryption key is i-key-pad 511, and a value obtained by exclusive-ORing opad and the encryption key is o-key-pad 530.

  As the original data for generating the authentication code, i-key-pad 511 and the content and metadata to be tampered with are connected as message 510. The message 510 is divided for each block length, and when the concatenated data end block length is not reached, padding data 512 that is set to all 0 is added to the message 510. The concatenated message 510 performs the SHA-1 compression process using the initial vector as the SHA-1 specified initial vector 520 which is a fixed value of 20 bytes specified in the definition of SHA-1 (step S501).

  As a result of performing the SHA-1 compression processing, 540 20-byte digests are generated. The o-key-pad 530, the digest 540, and the padding data 550 are concatenated, and the initial vector is processed as the same value as the SHA-1 prescribed initial vector 520 with respect to the message 555 in the second stage (step S502).

  A 20-byte digest obtained as a result of processing by the SHA-1 algorithm is set as an authentication code 560.

  In the case of the authentication code generation method shown in FIG. 5, it is necessary to redo the calculation for all content metadata every time content and associated metadata are added. In addition, when trying to detect tampering with an image or captured metadata for a captured photo set, the authentication code may be updated because the non-volatile storage medium may be updated by another device when the power is turned on. It is necessary to carry out verification and retain the falsified state if falsification is confirmed. However, when detecting whether or not tampering has occurred at the time of activation, it is necessary to re-calculate all contents and compare with the authentication code in the nonvolatile storage medium. For this reason, the calculation time becomes enormous at the time of start-up or imaging, and the realistic power-on time cannot be maintained as the number of shots increases.

  Therefore, an object of the present invention is to omit an unnecessary authentication code calculation at the time of imaging and to omit an unnecessary verification calculation at the time of power-on. Therefore, it is an object to provide a video / audio recording apparatus and a data processing method for shortening an interval from power-on to imaging and an interval from imaging to the next imaging.

  The video / audio recording apparatus of the present application generates video / audio that has been shot, metadata accompanying the video / audio, and an authentication code for verifying the alteration of the video and / or the metadata. An internal storage unit for recording a context, which is a calculation result derived in the middle of a first-stage hash calculation used when calculating the authentication code by a two-stage hash calculation, and the video / audio And / or a non-volatile storage medium that stores metadata associated with the video and audio and an authentication code obtained by performing a second-stage hash operation in the context. To do.

  Here, by providing the context, the authentication code can be updated at high speed during imaging. Furthermore, the verification code can be verified at high speed in a normal system that has not been tampered with when the power is turned on.

  In the video / audio recording apparatus, upon power-on or initialization, a second authentication code is calculated based on the context recorded in the internal storage unit, and the authentication code stored in the nonvolatile storage medium and the first If the comparison operation unit compares the two authentication codes and the comparison result is the same, a new one is created based on the context regardless of whether or not the individual video data and metadata, their order, etc. are falsified. And a controller that calculates an authentication code including the video and / or the metadata.

  In this case, by comparing the second authentication code calculated from the context and the authentication code stored in the non-volatile storage medium, all the content metadata is stored in the authentication code verification process of the recording medium at power-on. Since there is no need to use and calculate, the verification code can be verified at high speed.

  In the video / audio recording apparatus, the two-stage hash calculation uses an HMAC algorithm. In this case, the amount of calculation can be reduced by using the HMAC algorithm.

  The SHA-1 algorithm may be used for the hash calculation. In this case, by using the SHA-1 algorithm, the safety is higher than the hash algorithms such as MD4 and MD5, and the amount of calculation can be reduced as compared with the hash algorithms such as SHA-224 and SHA-256.

  Furthermore, the video / audio recording apparatus divides all the video / audio and / or the metadata to be falsified detection targets into a certain block unit, and a value obtained by hashing the blocks excluding the final block; The final block may be composed of a part including the video / audio and / or metadata information.

  Further, the implementation form is not limited to the video / audio recording apparatus described above, and the above contents can also be realized as a data processing method using hardware of the video / audio recording apparatus.

  According to the present invention, tampering detection can be performed for a plurality of photo / movie sets, and an authentication code for tampering detection can be generated in a short time during imaging, which is unnecessary even when the power is turned on. It is possible to omit a valid verification operation. Therefore, there is an advantage that the interval from power-on to imaging is shortened.

External view in this example Block diagram in this embodiment Flow chart from power-on to power-off in this embodiment Configuration diagram of nonvolatile memory device in this embodiment Diagram showing data processing method for generating authentication code from content metadata (A) The figure which showed the first half of the data processing method of an authentication code verification part, (b) The figure which showed the idea of the data processing method of an authentication code verification part, (c) The figure which comprised padding data and comprised the block (D) The figure which showed the example of a message used by data processing The figure which showed the data processing method of the memory card initialization processing in the certification code verification section The figure which showed the data processing method which produces | generates a 2nd authentication code and context from all the metadata and content in an authentication code verification part The figure which showed the data processing method of the certification code calculation section Diagram explaining the context Diagram explaining the SHA-1 algorithm

(Embodiment 1)
<1.1: Nonvolatile storage system>
Hereinafter, an embodiment of the present invention will be described in detail with reference to the drawings. First, the video / audio management system according to the present embodiment will be described. FIG. 1 is a diagram illustrating an example of a video / audio management system. The video / audio management system includes a video / audio recording apparatus 100 and a nonvolatile storage medium 300.

  The video / audio recording apparatus 100 records the captured video / audio along with the accompanying metadata on the connected nonvolatile storage medium 300. The video / audio recording apparatus 100 is, for example, a digital camera, a digital video camera, a surveillance camera, a drive recorder, or the like. In the example of FIG. 1, the audio / video recording apparatus 100 is a digital camera, and the nonvolatile storage medium 300 is a memory card, which constitutes the main components of the nonvolatile storage medium system. In addition, FIG. 1 is an example and this invention is not limited to these. Here, the video / audio recording apparatus 100 records the video / audio data (hereinafter, content) and the accompanying information (hereinafter, metadata) in the nonvolatile storage medium 300.

  The video / audio recording apparatus 100 includes an imaging unit 120, a display unit 140, a user input unit 130, and a slot 110.

<1.2: Video / Audio Recording Device 100>
(1.2.1: Configuration of video / audio recording apparatus 100)
FIG. 2 shows a configuration example of the video / audio recording apparatus 100 which is a digital camera. The video / audio recording apparatus 100 includes a slot 110, an imaging unit 120, a user input unit 130, a display unit 140, a data processing unit 150, an encryption key holding unit 160, a nonvolatile internal storage 170, and an input / output processing unit 190.

The slot 110 is a part of an interface to which an external nonvolatile storage medium 300 is attached.
The input / output processing unit 190 is a part of an interface that exchanges information such as commands and data to the nonvolatile storage medium 300 attached to the slot 110.

  The data processing unit 150 is a part that processes data stored in or stored from the nonvolatile storage medium 300 connected to the slot 110. For example, when the data stored in the nonvolatile storage medium 300 connected to the slot 110 is photo data or video data, the photo data and video data captured by the imaging unit 120 and metadata associated with the content are input. Operations such as writing to the nonvolatile storage medium 300 via the output processing unit 190 are controlled. The data processing unit 150 performs data processing other than those described above (for example, reproduction of read data and writing back after editing) and functions for controlling the entire video / audio recording apparatus 100 (power control, clock control, etc.) You may control.

  The data processing unit 150 uses the HMAC-SHA-1 algorithm to verify whether the relationship between the content, metadata, and the authentication code is correct, and the authentication code generation unit 151 that calculates the authentication code for the content, metadata. An authentication code verification unit 152 is included. In the present embodiment, the description will be made using HMAC-SHA-1, but other algorithms may be used depending on the processing capacity of the computer system, the storage capacity, the security concept for decryption, and the like.

  When generating / verifying an authentication code for video data, the encryption key holding unit 160 stores an encryption key that is used at the time of each calculation and is secret information shared with other video / audio playback devices using the authentication code. .

The user input unit 130 is a part that receives input from the user.
The display unit 140 is a part that notifies the user of the processing result of the data processing unit 150, the progress of each process, and the like.
The imaging unit 120 receives a digital video signal received from an image sensor that converts light into an electrical video signal using an element such as a CCD (Charge Coupled Device) or a CMOS (Complementary Metal Oxide Semiconductor). 150.

The non-volatile storage medium 300 stores digital data. The nonvolatile storage medium 300 includes a metadata storage area 310, a content storage area 320, and an authentication code storage area 330 that stores an authentication code that is data for detecting tampering with the metadata and the content.
A typical example of the nonvolatile storage medium 300 is a memory card using a NAND flash memory or the like, but the present embodiment is not limited to this. Other nonvolatile semiconductor memories such as EEPROM, FeRAM, and MRAM can also be used. Furthermore, this embodiment may use not only a semiconductor memory but also a recording medium such as an HDD or an optical disk.

  The non-volatile internal storage 170 in the video / audio recording apparatus 100 has a non-volatile storage area that is not removable from the video / audio recording apparatus 100 and cannot be input / output from other than the video / audio recording apparatus 100, and holds a context. A holding area 171 is provided. Here, the context will be described with reference to FIG.

  In FIG. 10, when the number of blocks of the message 510 is m and the blocks 1 to m are allocated from the first block, m−1 blocks from the block 1 to the block m−1 excluding the last block m are assigned. Thus, the first digest 1010 is obtained by performing the SHA-1 compression processing (step S1001) using the SHA-1 prescribed initial vector 520 as the initial vector. Further, the remainder of the block m excluding the padding portion is assumed to be a remainder 1020. A value composed of the first digest 1010 and the remainder 1020 is a context 1030. By using the information of the context 1030, when content and metadata are added, it becomes possible to generate a new authentication code only with the context 1030, the content, and metadata.

(1.2.2: Configuration of nonvolatile storage medium 300)
FIG. 4 is a diagram simulating the configuration in the nonvolatile storage medium 300. In order to manage the nonvolatile storage medium 300, a FAT file system is used. The content storage area 320, the metadata storage area 310, and the authentication code storage area 330 all exist on the file system. In the present embodiment, the content storage area 320 records in accordance with the DCF standard under the / DCIM folder in order to store the captured content. The metadata storage area 310 indicates a folder below the / PRIVATE / PANAMETA folder and stores metadata for content. The authentication code storage area 330 is / PRIVATE / PANAMETA / HMAC. Equivalent to DAT. HMAC. DAT is a 20-byte file and is equivalent to an authentication code.

(1.2.3: Data processing method in the data processing unit 150)
Next, a flow from power-on to power-off in the data processing unit 150 will be described using the flowchart of FIG.

  Step S301: After the power is turned on, the authentication code verification unit 152 performs verification using the context recorded in the nonvolatile internal storage 170 and the authentication code recorded in the authentication code storage area 330 of the nonvolatile storage medium 300. It is determined whether to use the context as it is according to the verification result of the authentication code, to recalculate from the metadata and content stored in the nonvolatile storage medium 300, to detect falsification and to set a random number, and to step S302 move on. Details of the authentication code verification unit 152 that performs the determination will be described in “1.2.4 Data processing method in the authentication code verification unit 152” to be described later. Various initialization processes such as initialization of the operating system, file system, and lens operation are also performed after the power is turned on, but the description is omitted because it is not related to the present embodiment.

  Step S302: The user uses the user input unit 130 to wait for an instruction from the user, such as whether to turn off the power or perform shooting. When the user inputs an instruction, the process proceeds to step S303.

  Step S303: If the instruction input in step S302 is a shooting request, the process proceeds to step S306. In the case of other instructions, the process proceeds to step S306.

  Step S304: If the instruction input in step S302 is power off, after performing various end processes, the video / audio recording apparatus 100 is turned off and the process ends. In the case of other instructions, the process proceeds to step S305.

  Step S305: If the instruction input in step S302 is an instruction other than a shooting request or power-off, for example, reproduction or deletion of captured content, setting of a shooting method, the instruction is executed, and the process returns to step S302.

  Step S306: The content received by the image sensor of the imaging unit 120 is stored in the content storage area 320 via the input / output processing unit 190, and metadata associated with the content such as date, exposure, and shutter speed is stored in the metadata storage area 310. And proceed to step S307.

  Step S307: In this authentication code generation process, the authentication code is recalculated with the content and metadata added, stored in the authentication code storage area 330, and the process returns to step S302. Details of the authentication code generation process will be described in (1.2.7: Data processing method in authentication code generation unit 151).

(1.2.4: Data processing method of authentication code verification unit 152)
Next, a data processing method of the authentication code verification unit 152 will be described with reference to FIGS. 6 (a) to 6 (d).

The authentication code verification unit 152 is intended to detect the following six states and perform appropriate processing.
State 1) Since the non-volatile storage medium 300 attached to the video / audio recording apparatus 100 is replaced with another non-volatile storage medium while the power of the video / audio recording apparatus 100 is cut off, the context is cleared, Recalculate context from content metadata.
State 2) Since the content metadata is correctly added or deleted by another machine, the context is cleared and the context is recalculated from the content metadata.
State 3) Since the content / metadata has been falsified by another machine, the falsification detection state is maintained.
State 4) Since the authentication code has been falsified (either the content code or the metadata has been falsified with the authentication code), the falsification detection state is maintained.
State 5) Since there is no authentication code, all recorded content metadata is not used as unreliable data.
State 6) While the power is shut off, none of the content, metadata, and authentication code has been tampered with, and the nonvolatile storage medium 300 has not been replaced.

  The processing flow of the authentication code verification unit 152 that detects the six states and performs appropriate processing will be described below step by step.

  Step S601: The authentication code 650 is taken out from the authentication code storage area 330 of the nonvolatile storage medium 300. If it cannot be extracted, the authentication code 650 is not yet in the non-volatile storage medium or has been deleted by the user, and the non-volatile storage medium 300 has no content metadata, or the content metadata is trusted. Since the data is not to be processed (state 5), the process proceeds to step S602. If it can be taken out, the process proceeds to step S603.

  Step S602: In the memory card initialization process, the initial value of the authentication code is stored in the authentication code storage area 330, the initial value of the context is stored in the context holding area 171, and the process ends. Details of the memory card initialization process will be described in (1.2.5: Memory card initialization method of authentication code verification unit 152).

  Step S603: A context is extracted from the context holding area 171. For the extracted context, that is, the first digest 651 and the remainder 652, the remainder 652 is padded with a portion that is not sufficient for the block length with zero as shown in FIG. . After the holding, the process proceeds to step S604.

  Step S604: The block 653 is processed by the SHA-1 algorithm using the first digest 651 as an initial vector. A 20-byte digest 654 generated as a result of the processing is held in the temporary storage area 180. After the holding, the process proceeds to step S605.

  Step S605: As shown in FIG. 6D, a message 656 obtained by concatenating padding data 550 composed of an o-key-pad 530, a digest 654, and a 44-byte value 0 is input, and an SHA-1 prescribed initial vector 520 is set. SHA-1 compression processing is performed as an initial vector, and the authentication code 655 is held in the temporary storage area 180. After the holding, the process proceeds to step S606.

  Step S606: The authentication code 650 extracted in step S601 is compared with the authentication code 655 calculated in step S605. If they match, the content / metadata has been falsified (state 3), or none of the content, metadata, or authentication code has been falsified while the power is shut off, and the nonvolatile storage medium 300 is replaced. Is not performed (state 6). If it is determined that the state 3 or the state 6 is satisfied, the process is terminated. That is, since neither the context stored in the context holding area 171 nor the authentication code stored in the authentication code storage area 330 of the nonvolatile storage medium 300 is changed, the falsified state is held in the state 3 and the normal state is also in the state 6 Is held. If not, the process proceeds to step S607.

  Step S607: A second authentication code 855 and a context 853 are generated from all the metadata and contents stored in the nonvolatile storage medium 300, and the process proceeds to Step S608. A method of generating the second authentication code 855 from all metadata and content will be described separately in (1.2.6: Method of generating authentication code from all metadata and content in authentication code verification unit 152).

  Step S608: The authentication code 650 extracted in step S601 is compared with the calculated second authentication code 855. If they match, the process proceeds to step S609. If not, the process proceeds to step S610.

  Step S609: If they match in the comparison in Step S608, it means that the non-volatile storage medium 300 has been replaced (State 1), or that content metadata has been correctly added or deleted on another machine (State 2) means. Therefore, the context 853 calculated in step S607 is stored in the context holding area 171 as a new context, and the process ends.

Step S610: If they do not match, it means that the authentication code has been tampered with (state 4), so an appropriate random number value different from the context 657 is stored in the context holding area 171 and the process ends.
When the authentication code verification unit 152 is normal (state 6), that is, in a state where the nonvolatile storage medium 300 is not inserted / removed and has not been tampered with, all of the contents and metadata are used by using the context. Therefore, it is not necessary to recalculate the authentication code, so that it is possible to greatly shorten the startup time.

(1.2.5: Memory card initialization method of authentication code verification unit 152)
Next, details of the memory card initialization process of the authentication code verification unit 152 will be described with reference to FIG.

  Step S701: At the time of memory card initialization, neither metadata nor content exists. For this reason, the original message for generating the authentication code is only the i-key-pad 511 having a length equivalent to the block length. Therefore, the i-key-pad 511 is processed by the SHA-1 algorithm using the SHA-1 prescribed initial vector 520 as the initial vector, and the initial value 750 of the first digest is generated. After the generation, the process proceeds to step S702.

  Step S702: In the initial state, since i-key-pad 511 is equivalent to the block length, the remaining length is zero. A context 752 composed of the first digest 750 and the remainder 751 having a length of 0 is stored in the context holding area 171 and the process proceeds to step S703.

  Step S703: The initial vector is set as the SHA-1 prescribed initial vector 520 for the message 754 obtained by concatenating the o-key-pad 530 and the first digest 750 generated in step S701 and the padding 550 composed of 44 bytes of zero data. , The SHA-1 compression process is performed, and an initial authentication code 753 is generated.

  Step S704: The generated authentication code 753 is stored in the authentication code area 330.

  As described above, the initial value of the authentication code is set in the non-volatile storage medium 300 and the initial value of the context is set in the video / audio recording apparatus 100 in a state where there is no content or metadata to be tampered with.

(1.2.6: Method for generating authentication code from all metadata and content in authentication code verification unit 152)
Next, a method of generating the second authentication code 855 and the context 853 from all metadata and contents will be described with reference to FIG.

  Step S801: As the original data for generating the authentication code, the i-key-pad 511 and all contents and metadata to be tampered with are connected as the message 850. When the message 850 is divided into blocks and the data end block length is less than the concatenated data end block length, padding data 512 all set to 0 is added to the message 850. Assume that the total number of blocks generated here is m, and that blocks 1 to m are in order from the first block. SHA-1 compression processing is performed on block 1 to block m−1 using the initial vector as the SHA-1 prescribed initial vector 520, and a first digest 851 is obtained. After performing the SHA-1 compression process, the process proceeds to step S802.

  Step S802: The context 853 configured by the first digest 851 generated in step S801 and the remainder 852 obtained by removing the padding portion from the final block m is stored in the temporary storage area 180. The context stored in the temporary storage area 180 is stored in the context holding area 171 when the condition in step S609 is reached. Next, the process proceeds to step S803.

  Step S803: SHA-1 compression processing is performed on the block m using the first digest 851 as an initial vector to generate a digest 854, and the process proceeds to Step S804.

  Step S804: For the message obtained by concatenating the o-key-pad 530, the digest 854 generated in Step S803 and the padding 550 composed of 44 bytes of zero data, the initial vector is set as the SHA-1 prescribed initial vector 520 and the SHA- One compression process is performed, and a second authentication code 855 is generated. Next, the process proceeds to step S805.

  Step S805: The generated second authentication code 855 is stored in the temporary storage area 180. The authentication code stored in the temporary storage area 180 is used as a comparison target in step S608.

(1.2.7: Data processing method of authentication code generation unit 151)
A data processing method of the authentication code generation unit 151 when new shooting is performed and metadata and content are added will be described with reference to FIG.

  When new shooting is performed, content n + 1 and metadata n + 1 that are metadata associated with the shot content and the content data are newly generated and stored in the nonvolatile storage medium 300.

  Step S901: The first digest 950 and the remainder 951 are extracted from the context holding area 171, and the process proceeds to Step S902.

  Step S902: The message 953 obtained by combining the extracted remainder 951, the metadata n + 1, the content n + 1, and the padding data in which the portion less than the block length is padded with zeros is divided into m block groups of 64 byte units. After the division, the process proceeds to step S903.

  Step S903: Using the first digest 950 extracted in Step S901 as an initial vector, SHA-1 compression processing is performed on the blocks 1 to m-1 except the last block in the block group, and Step S904 is performed. Proceed to

  Step S904: An updated context 955 composed of a first digest 953 whose digest obtained as a result of performing Step S903 is updated and a new remainder 954 obtained by removing padding data from the final block is used as a context holding area 171. To store. After storing, the process proceeds to step S905.

  Step S905: The SHA-1 compression process is performed on the block m using the first digest as an initial vector, and a digest 957 is obtained. After implementation, the process proceeds to step S906.

  Step S906: SHA-1 compression processing is performed on the message 956 obtained by combining the o-key-pad 530, the digest 957 obtained in Step S905, and the padding data 550 with the initial vector as the SHA-1 specified initial vector 520. To obtain an updated authentication code 960. After obtaining the authentication code, the process proceeds to step S907.

  Step S907: The updated authentication code 960 obtained in step S906 is stored in the authentication code storage area 330, and the process ends.

  As shown in this data processing method, it is not necessary to perform calculations using all content metadata by calculating the authentication code using the context in the previous shooting state, so the authentication code can be updated at high speed It is.

<1.3: Effects of the embodiment>
As described above, the video / audio recording apparatus 100 according to the present embodiment has two stages at the time of the previous shooting when updating / verifying the authentication code for detecting falsification of the content / metadata recorded in the nonvolatile storage medium 300. It is possible to update / verify at high speed by using a context that is an operation result derived in the middle of the first stage hash operation used in the calculation by the hash operation.

<2: Modification>
Although the present invention has been described based on the above embodiment, it is needless to say that the present invention is not limited to the above embodiment. Various modifications can be made without departing from the spirit of the present invention. The following cases are also included in the present invention.

(1) In the above embodiment, the structure built on the FAT file system has been described as the structure in the nonvolatile storage medium 300. However, it is also effective to use other file systems such as UDF and NTFS. The content, metadata, and authentication code may be arranged directly in the logical address space of the nonvolatile storage medium 300, not on the file system.

  (2) In the above embodiment, both content and metadata are targeted for falsification detection, but only content or metadata may be targeted. When only content is targeted, metadata is not subject to falsification detection. Conversely, when only metadata is targeted, the content is not subject to falsification detection.

  (3) In the above embodiment, the memory card is used as the non-volatile storage medium 300. However, other storage media such as an optical disk or HDD that can maintain the storage even when the power is cut off may be used.

  (4) In the above embodiment, the video / audio recording apparatus 100 has been described as a digital camera. However, as long as the apparatus records video and / or audio, a mobile phone, a digital video camera, an IC recorder, a surveillance camera, a driving Anything such as a recorder may be used.

  (5) In the above-described embodiment, as the context, all the video and audio and / or metadata that are subject to falsification detection are divided into fixed blocks, and a value obtained by hashing the blocks excluding the final block, and the final It is assumed that the block is composed of a remainder that is a part including the video / audio and / or metadata information, but in the middle of the first stage hash calculation used for calculation by the stage hash calculation. Any calculation result may be used. For example, if the authentication code that is the result of the second stage hash operation is also stored in the context as the context, the capacity required for the nonvolatile internal storage 170 increases. However, in the authentication code verification unit 152, Since the process of calculating the authentication code from the first digest can be omitted, it is possible to further increase the speed.

  (6) As a method for connecting the video / audio recording device 100 and the nonvolatile storage medium 300, the nonvolatile recording device 300 can be attached / detached, and the slot 110 and the input / output unit connected to the slot 110 and controlling input / output to / from the nonvolatile storage medium 300 As described with reference to FIG. 190, even if the nonvolatile storage medium 300 is not removable from the video / audio recording apparatus 100, the video / audio storage apparatus 100 and an external device such as a personal computer or PDA are connected to a wired cable such as a USB or wirelessly. It is also effective when a non-volatile storage medium can be operated from the external device by connecting via wireless such as LAN / Bluetooth.

  INDUSTRIAL APPLICABILITY The present invention is useful in applications that require tampering detection in a video / audio recording apparatus using a nonvolatile storage medium such as a semiconductor memory card.

  It is particularly useful in applications such as a digital camera for the police to take evidence photographs, a camera for electronic delivery of construction photographs, an in-vehicle driving recorder, and a surveillance camera. It is also useful for applications in which a television or a photo confirms falsification detection of photos and metadata taken by a digital camera, and in the case of illegal data, it is not reproduced to prevent unauthorized operation.

DESCRIPTION OF SYMBOLS 100 Video / audio recording device 110 Slot 120 Image pick-up part 130 User input part 140 Display part 150 Data processing part 151 Authentication code generation part 152 Authentication code verification part 160 Encryption key holding | maintenance part 170 Non-volatile internal storage 171 Context holding | maintenance area | region 190 Input / output processing unit 300 Non-volatile storage medium 310 Metadata storage area 320 Content storage area 330 Authentication code storage area

Claims (10)

A video / audio recording apparatus that generates a captured video / audio, metadata accompanying the video / audio, and an authentication code for verifying falsification of the video and / or the metadata,
An internal storage unit that records a context that is a calculation result derived in the middle of a first-stage hash calculation used when calculating the authentication code by a two-stage hash calculation;
A non-volatile storage medium for storing the video / audio and / or metadata accompanying the video / audio and an authentication code obtained by performing a second-stage hash operation in the context;
A video / audio recording apparatus comprising: When the video / audio recording apparatus is powered on or initialized, a second authentication code is calculated based on the context recorded in the internal storage unit, and the authentication code stored in the nonvolatile storage medium and the second A comparison operation unit that compares the authentication code of
If the comparison results are the same, regardless of whether or not the individual video data and metadata, their order, and the like have been tampered with, an authentication code including the new video and / or the metadata based on the context A control unit for calculating
The video / audio recording apparatus according to claim 1, further comprising:   The video / audio recording apparatus according to claim 1, wherein the two-stage hash calculation uses an HMAC algorithm.   The video / audio recording apparatus according to claim 1, wherein the hash calculation uses a SHA-1 algorithm.   The context includes a value obtained by dividing all of the video / audio and / or the metadata to be tampered detection target into a certain block unit and performing a hash operation on a block excluding the final block, and the video / audio of the final block. 5. The video / audio recording apparatus according to claim 1, wherein the video / audio recording apparatus includes a portion including the metadata information. A data processing method for generating captured video and audio, metadata associated with the video and audio, and an authentication code for verifying falsification of the video and / or the metadata,
A step of recording in the internal storage unit a context that is a calculation result generated in the middle of a first-stage hash calculation for use in calculating the authentication code by a two-stage hash calculation;
Storing the video and audio and / or metadata accompanying the video and audio and an authentication code obtained by performing a second-stage hash operation in the context in a nonvolatile storage medium;
A data processing method characterized by comprising: At power-on or initialization, the second authentication code is calculated based on the context recorded in the internal storage unit, and the authentication code stored in the non-volatile storage medium is compared with the second authentication code Comparing to and
If the comparison results are the same, regardless of whether or not the individual video data and metadata, their order, and the like have been tampered with, an authentication code including the new video and / or the metadata based on the context Calculating steps,
The data processing method according to claim 6, further comprising:   The data processing method according to claim 6, wherein the two-stage hash operation uses an HMAC algorithm.   The data processing method according to claim 6, wherein the hash calculation uses a SHA-1 algorithm.   The context includes a value obtained by dividing all of the video / audio and / or the metadata to be tampered detection target into a certain block unit and performing a hash operation on a block excluding the final block, and the video / audio of the final block. 10. The data processing method according to claim 6, wherein the data processing method includes a portion including the metadata information.

Images