[HN Gopher] Sony Unlocks In-Camera Forgery-Proof Technology ___________________________________________________________________ Sony Unlocks In-Camera Forgery-Proof Technology Author : night-rider Score : 20 points Date : 2022-08-14 21:23 UTC (1 hours ago) (HTM) web link (www.sony.eu) (TXT) w3m dump (www.sony.eu) | josephcsible wrote: | What's stopping me from sending fake data to the signing chip | along the same route that the image sensor uses to send real data | to it? | thaumasiotes wrote: | Because, it's forgery-proof. Didn't you read the headline? | karamanolev wrote: | They either built some smarts into the sensor, where it's | physically impossible to trick it or you can just pretend to be | a sensor capturing whatever you want. I assume with enough | desire, you can built a pixel-for-pixel matching LCD to | illuminate each sensor photocell as desired and capture | arbitrary light the physical way. But as another commenter | pointed out "it's forgery-proof" ;) | aaaaaaaaaaab wrote: | You can't do that, because it's Not Allowed(tm). | Rackedup wrote: | What if you take a picture of a modified picture? | jack_pp wrote: | I like this, if we can fool humans with VR goggles then surely | we can fool the camera by using a sufficiently detailed print | or a high resolution display | CharlesW wrote: | A more effective version of this would capture a 3D depth map | with the 2D image. | ChrisLomont wrote: | You'll never remove aliasing artifacts. | TeeMassive wrote: | Not all fake images are images taken from cameras (e.g. CGI, | AI) | TeeMassive wrote: | Then you have a signed picture of a modified picture which | can't be altered further. Cryptographic signatures only ensures | data integrity and authenticity _after_ the cryptographic | signature was made. | dudeinjapan wrote: | > This technology is particularly applicable for passports and ID | verification | | What if you take a picture of a fake passport? | karamanolev wrote: | The goal is to prove that you took an image of something that | existed in the state it was photographed in. If you take a | picture of a fake passport, you are "proving" this passport | existed and looked like it did on the picture. So ... mission | accomplished? | | If they do it competently (or if it can be done) is a separate | matter. | rafale wrote: | Unless you take a picture of a picture. | karamanolev wrote: | Then you're proving the picture you just photographed | existed and looked like it did. Where are you going with | this? | | The utility of knowing a photograph was captured as-is | should be know, as should be the ways to physically | manipulate things so you capture what you want. IMO the | question here should be if 1) this is the best solution for | those use cases and 2) if this is implemented in a | technically competent way. | Aaargh20318 wrote: | I think the use case would be to take a photograph of a person | to be used on a passport, not to take a photograph of a | passport. | | Optical validation of a passport from a photograph is | impossible, and unnecessary. If you need to remotely validate a | passport there are already secure ways of doing that using the | NFC chip embedded in most passports. | q-big wrote: | > > This technology is particularly applicable for passports | and ID verification | | > What if you take a picture of a fake passport? | | This technology blocks 50 % of the possibilities of | counterfeiting (before or after taking the picture); this is an | infinite amount better than the 0 % that other camera vendors | deliver. | | ;-) | Animats wrote: | Does each camera have its own signing key? If not, "signed by | some camera" isn't that interesting. | | Is there a public certificate registry? | karamanolev wrote: | Google-backed Android devices have a certificate chain where | each device has its own certificate, but there's also a root of | trust. So you can sign things identifying the specific device, | but you can also just verify it was signed by a Google-backed | Android device. They might have done something similar. | Otherwise, a Sony-wide secret key is still interesting, in some | sense, if done competently (which I doubt). | hengheng wrote: | Would be nice to see this on their xperia smartphones. They've | been copying the Alpha look and feel for a while, and I've been | wanting to see signed photos on phones for a while. | Retr0id wrote: | I've been looking forward to it too, extracting the signing | keys sounds like a lot of fun. | zxcvbn4038 wrote: | Marketing hype, if I have physical access to the camera then I | can get the key and sign anything. It might require specialized | tools or training but it is nowhere near impossible. If I am a | sovereign entity I can just compel someone to give me the key. I | wouldn't make any life changing decisions about anyone based | solely on the presence of a signature. | ChrisLomont wrote: | It would be extremely hard for almost anyone to do so, and they | can use signatures with per camera tokens as well as global | ones. That way compromising one camera doesn't compromise all. | | And there is a lot more stuff they can do to prevent such naive | attacks. | | By your simple reasoning, all iphones would be cracked, yet | even the USA govt hasn't been able to crack into them. | | And what they propose is vastly better than doing nothing. | TeeMassive wrote: | It will be very hard to extract those keys while hiding | evidence of tempering. Yes that leaves the threat of state | actors, but they will probably have they keys anyway and still | the technology will be good 99.99% of the time which means good | enough for most intent and purposes. | russellbeattie wrote: | Sony's marketing department and execs should know better than | over promise like this. The camera can and will be hacked, | guaranteed. Like PlayStation security, it may take a while, but | it'll be done. And that's only if they haven't overlooked any | obvious flaws. We all know if you have physical access to the | hardware, it'll happen. | | Anyways, ignore the hyperbole. It's just a press release by | inexperienced marketers. | CoastalCoder wrote: | It seems reasonable for Sony to stake a bounty on this. | xchaotic wrote: | What's is the supposed business case for sharing raw, unmodified | 42Mpix photos? And if they are still modified later on, and | perhaps re-signed, that's where I would attack. | karamanolev wrote: | I would assume they can sign both RAWs and JPEGs. I can imagine | a hardened coprocessor that can sign things coming from the | sensor and image processor, so you get signed RAW and/or JPEG | and you can't extract the private keys. Any modification later | on means it's no longer signed. Unless I'm missing something, | this is pretty good until someone extracts or leaks the private | keys. Maybe they came up with something much smarter :) | TeeMassive wrote: | If they did things correctly (and I assume a company like Sony | did) then each camera will have its own signed certificates | attributed to it. Yes you can sign fake pictures, but the | signature won't be from the same camera, which is a pretty good | mitigation against this. | CharlesW wrote: | > _What's is the supposed business case for sharing raw, | unmodified 42Mpix photos?_ | | TFA (TFPR?) answers this. | | "This technology is particularly applicable for passports and | ID verification but goes further in tackling image manipulation | in the media, medical and law enforcement fields. For the | insurance and construction sectors, this technology will offer | a secure foundation for inspection and recording of damage." | | > _And if they are still modified later on, and perhaps re- | signed, that's where I would attack._ | | Even so, the existence of an original capture makes post- | capture attacks useless. An effective attack will modify the | image before it's signed. | kelnos wrote: | Presumably this relies on some sort of private signing key being | stored securely on the camera somewhere. Do we really trust | Sony's abilities to make it impossible to read out that key? | ChrisLomont wrote: | Have all iphones been broken by state actors? It sure seems not | given the resources they pay yo try and crack cases. | | Why would sony cameras not leverage knowledge gained from | iphone security features? ___________________________________________________________________ (page generated 2022-08-14 23:00 UTC)