A cryptographic system used by Canon to ensure that digital images haven’t been altered is flawed and can’t be fixed, according to a Russian security company that specializes in encryption.
Mid- to high-end Canon digital cameras have a feature called Original Decision Data
(ODD), which is a digital signature that can be verified to see if a photo has been retouched or if data such as timestamps or GPS coordinates have been changed. The Associated Press news wire uses the system, which can also be used to verify photos used as evidence.
But the digital signature can be forged due to design flaws in Canon’s system, according to Dmitry Sklyarov, an IT security analyst with Elcomsoft, which specializes in password recover systems. Sklyarov was due to give a presentation on the flaws at the Confidence IT security event in Prague on Tuesday afternoon — via redwolf.newsvine.com
RSS – Posts