[HN Gopher] Sony Unlocks In-Camera Forgery-Proof Technology
___________________________________________________________________
Sony Unlocks In-Camera Forgery-Proof Technology
Author : night-rider
Score : 20 points
Date : 2022-08-14 21:23 UTC (1 hours ago)
(HTM) web link (www.sony.eu)
(TXT) w3m dump (www.sony.eu)
| josephcsible wrote:
| What's stopping me from sending fake data to the signing chip
| along the same route that the image sensor uses to send real data
| to it?
| thaumasiotes wrote:
| Because, it's forgery-proof. Didn't you read the headline?
| karamanolev wrote:
| They either built some smarts into the sensor, where it's
| physically impossible to trick it or you can just pretend to be
| a sensor capturing whatever you want. I assume with enough
| desire, you can built a pixel-for-pixel matching LCD to
| illuminate each sensor photocell as desired and capture
| arbitrary light the physical way. But as another commenter
| pointed out "it's forgery-proof" ;)
| aaaaaaaaaaab wrote:
| You can't do that, because it's Not Allowed(tm).
| Rackedup wrote:
| What if you take a picture of a modified picture?
| jack_pp wrote:
| I like this, if we can fool humans with VR goggles then surely
| we can fool the camera by using a sufficiently detailed print
| or a high resolution display
| CharlesW wrote:
| A more effective version of this would capture a 3D depth map
| with the 2D image.
| ChrisLomont wrote:
| You'll never remove aliasing artifacts.
| TeeMassive wrote:
| Not all fake images are images taken from cameras (e.g. CGI,
| AI)
| TeeMassive wrote:
| Then you have a signed picture of a modified picture which
| can't be altered further. Cryptographic signatures only ensures
| data integrity and authenticity _after_ the cryptographic
| signature was made.
| dudeinjapan wrote:
| > This technology is particularly applicable for passports and ID
| verification
|
| What if you take a picture of a fake passport?
| karamanolev wrote:
| The goal is to prove that you took an image of something that
| existed in the state it was photographed in. If you take a
| picture of a fake passport, you are "proving" this passport
| existed and looked like it did on the picture. So ... mission
| accomplished?
|
| If they do it competently (or if it can be done) is a separate
| matter.
| rafale wrote:
| Unless you take a picture of a picture.
| karamanolev wrote:
| Then you're proving the picture you just photographed
| existed and looked like it did. Where are you going with
| this?
|
| The utility of knowing a photograph was captured as-is
| should be know, as should be the ways to physically
| manipulate things so you capture what you want. IMO the
| question here should be if 1) this is the best solution for
| those use cases and 2) if this is implemented in a
| technically competent way.
| Aaargh20318 wrote:
| I think the use case would be to take a photograph of a person
| to be used on a passport, not to take a photograph of a
| passport.
|
| Optical validation of a passport from a photograph is
| impossible, and unnecessary. If you need to remotely validate a
| passport there are already secure ways of doing that using the
| NFC chip embedded in most passports.
| q-big wrote:
| > > This technology is particularly applicable for passports
| and ID verification
|
| > What if you take a picture of a fake passport?
|
| This technology blocks 50 % of the possibilities of
| counterfeiting (before or after taking the picture); this is an
| infinite amount better than the 0 % that other camera vendors
| deliver.
|
| ;-)
| Animats wrote:
| Does each camera have its own signing key? If not, "signed by
| some camera" isn't that interesting.
|
| Is there a public certificate registry?
| karamanolev wrote:
| Google-backed Android devices have a certificate chain where
| each device has its own certificate, but there's also a root of
| trust. So you can sign things identifying the specific device,
| but you can also just verify it was signed by a Google-backed
| Android device. They might have done something similar.
| Otherwise, a Sony-wide secret key is still interesting, in some
| sense, if done competently (which I doubt).
| hengheng wrote:
| Would be nice to see this on their xperia smartphones. They've
| been copying the Alpha look and feel for a while, and I've been
| wanting to see signed photos on phones for a while.
| Retr0id wrote:
| I've been looking forward to it too, extracting the signing
| keys sounds like a lot of fun.
| zxcvbn4038 wrote:
| Marketing hype, if I have physical access to the camera then I
| can get the key and sign anything. It might require specialized
| tools or training but it is nowhere near impossible. If I am a
| sovereign entity I can just compel someone to give me the key. I
| wouldn't make any life changing decisions about anyone based
| solely on the presence of a signature.
| ChrisLomont wrote:
| It would be extremely hard for almost anyone to do so, and they
| can use signatures with per camera tokens as well as global
| ones. That way compromising one camera doesn't compromise all.
|
| And there is a lot more stuff they can do to prevent such naive
| attacks.
|
| By your simple reasoning, all iphones would be cracked, yet
| even the USA govt hasn't been able to crack into them.
|
| And what they propose is vastly better than doing nothing.
| TeeMassive wrote:
| It will be very hard to extract those keys while hiding
| evidence of tempering. Yes that leaves the threat of state
| actors, but they will probably have they keys anyway and still
| the technology will be good 99.99% of the time which means good
| enough for most intent and purposes.
| russellbeattie wrote:
| Sony's marketing department and execs should know better than
| over promise like this. The camera can and will be hacked,
| guaranteed. Like PlayStation security, it may take a while, but
| it'll be done. And that's only if they haven't overlooked any
| obvious flaws. We all know if you have physical access to the
| hardware, it'll happen.
|
| Anyways, ignore the hyperbole. It's just a press release by
| inexperienced marketers.
| CoastalCoder wrote:
| It seems reasonable for Sony to stake a bounty on this.
| xchaotic wrote:
| What's is the supposed business case for sharing raw, unmodified
| 42Mpix photos? And if they are still modified later on, and
| perhaps re-signed, that's where I would attack.
| karamanolev wrote:
| I would assume they can sign both RAWs and JPEGs. I can imagine
| a hardened coprocessor that can sign things coming from the
| sensor and image processor, so you get signed RAW and/or JPEG
| and you can't extract the private keys. Any modification later
| on means it's no longer signed. Unless I'm missing something,
| this is pretty good until someone extracts or leaks the private
| keys. Maybe they came up with something much smarter :)
| TeeMassive wrote:
| If they did things correctly (and I assume a company like Sony
| did) then each camera will have its own signed certificates
| attributed to it. Yes you can sign fake pictures, but the
| signature won't be from the same camera, which is a pretty good
| mitigation against this.
| CharlesW wrote:
| > _What's is the supposed business case for sharing raw,
| unmodified 42Mpix photos?_
|
| TFA (TFPR?) answers this.
|
| "This technology is particularly applicable for passports and
| ID verification but goes further in tackling image manipulation
| in the media, medical and law enforcement fields. For the
| insurance and construction sectors, this technology will offer
| a secure foundation for inspection and recording of damage."
|
| > _And if they are still modified later on, and perhaps re-
| signed, that's where I would attack._
|
| Even so, the existence of an original capture makes post-
| capture attacks useless. An effective attack will modify the
| image before it's signed.
| kelnos wrote:
| Presumably this relies on some sort of private signing key being
| stored securely on the camera somewhere. Do we really trust
| Sony's abilities to make it impossible to read out that key?
| ChrisLomont wrote:
| Have all iphones been broken by state actors? It sure seems not
| given the resources they pay yo try and crack cases.
|
| Why would sony cameras not leverage knowledge gained from
| iphone security features?
___________________________________________________________________
(page generated 2022-08-14 23:00 UTC)