Russians on the moon? Canon's image verification system cracked
Source: Elcomsoft
Hacker Dmitry Sklyarov has succeeded in extracting the secret signing key from numerous digital SLR cameras and has used it to sign modified images which Canon's latest OSK-E3 security kit verifies as legitimate. Canon's Original Data Security System is intended to show whether changes have been made to photographs and to verify date and location information.
The system is primarily used for ensuring the integrity of evidence, for reporting accidents and for construction records. The system is also useful for allowing news agencies to determine whether images have been modified. Sklyaro informed Canon of the vulnerability back in September, but has received no response from the camera manufacturer.
See also:
- Canon Original Data Security System Vulnerability, advisory from Elcomsoft.
(crve)