Hi, Canon provides a so called Data Verification Kit which allegedly allows to detect whether a digital image has been tampered with since it has been taken with a digital camera.
I found the announcement at http://www.dpreview.com/news/0401/04012903canondvke2.asp They say: How it works The kit consists of a dedicated SM (secure mobile) card reader/writer and verification software. When the appropriate function (Personal Function 31) on the EOS-1D Mark II or EOS-1Ds is activated, a code based on the image contents is generated and appended to the image. When the image is viewed, the data verification software determines the code for the image and compares it with the attached code. If the image contents have been manipulated in any way, the codes will not match and the image cannot be verified as the original. So some kind of hash code or digital signature is generated. Does anybody know details about this? I never heard that there are digital mass market cameras which could generate digital signatures. But if the signature is generated inside the SM card only, why should the PC where the image was modified be unable to write the modified image the same way as a digital camera writes an unmodified one? (And, btw., how do they detect that the picture was taken at a real scene and is not a repro of a modified and printed picture?) I guess the secure mobile card generates some signature and they presume that the attacker would not have access to the memory card. This would start to protect the image not from the moment it had been taken, but from the moment when it was copied from the card to other media. And it would require to trust the photographer. Is there a technical description of those secure mobile cards available? I didn't find any details, just marketing blabla. regards Hadmut --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]