Analyst finds flaws in Canon image verification system

A system used to digitally sign Canon photos for use as evidence has major flaws, according to a Russian company

A cryptographic system used by Canon to ensure that digital images haven't been altered is flawed and can't be fixed, according to a Russian security company that specializes in encryption.

Mid- to high-end Canon digital cameras have a feature called "Original Decision Data" (ODD), which is a digital signature that can be verified to see if a photo has been retouched or if data such as timestamps or GPS coordinates have been changed. The Associated Press news wire uses the system, which can also be used to verify photos used as evidence.

But the digital signature can be forged due to design flaws in Canon's system, according to Dmitry Sklyarov, an IT security analyst with Elcomsoft, which specializes in password recover systems. Sklyarov was due to give a presentation on the flaws at the Confidence IT security event in Prague on Tuesday afternoon.

Elcomsoft has published photos -- including one with an astronaut planting the flag of the Soviet Union on the moon -- that, if checked using a smart card and special software from Canon, confirm that the photo has not been tampered with.

Elcomsoft shared a copy of Sklyarov's presentation, which hasn't been released publicly, with IDG News Service. In it, he describes how one component, the Hash-based Message Authentication Code (HMAC), which is used to calculate the ODD, can be extracted from the memory of several different Canon camera models.

In Canon's second version of its ODD system, the HMAC code is 256 bits. The code is the same for all cameras of the same model. Knowing the HMAC code for one particular model allows the ODD to be forged for any camera within that model range, Sklyarov wrote.

The problem is that the HMAC sits in the camera's RAM in a de-obfuscated form and can be extracted, according to Sklyarov. It is also possible to extract the HMAC from the camera's Flash ROM and manually de-obfuscate it. Canon also released a third version of ODD, which Sklyarov was also able to break and forge the ODD. Elcomsoft has written a program that can analyze a camera's processor and firmware.

The problem is a design flaw and can't be fixed, according to Elcomsoft. Sklyarov said he was able to extract the HMAC keys for the following models: EOS 20D, EOS 5D, EOS 30D, EOS 40D, EOS 450D, EOS 1000D, EOS 50D, EOS 5D Mark II, EOS 500D and EOS 7D.

With future models, Sklyarov wrote that Canon could implement an HMAC calculation in a cryptoprocessor that does not expose it. Also, Canon should prevent its cameras from running non-Canon code to avoid the use of software tools by an attacker.

Elcomsoft made several attempts about three months ago to notify Canon of the problem with no response, said Katerina Korolkova, an Elcomsoft spokeswoman. A senior manager in Canon's technical department finally acknowledged receipt of the issue.

"We have provided them all of our technical findings," she said.

Elcomsoft told Canon it planned to release details of the problem, and the company has also notified the U.S. Computer Emergency Response Team, Korolkova said. Elcomsoft plans to release Sklyarov's full presentation on its website in about two weeks.

The design flaws could allow defense attorneys to challenge photographic evidence as details of the flaws are revealed and possibly applied.

"If defense teams raise concerns about the veracity of images or of any evidence, then the court would hear legal argument on the issue and make their decision," according to a spokeswoman for the U.K.'s Crown Prosecution Service.

Canon officials were not immediately available for comment on Tuesday.

Tags securityCanonElcomsoftencryptiondata protectionfraud

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Jeremy Kirk

IDG News Service

Comments

Comments are now closed.

Latest News Articles

Most Popular Articles

Follow Us

GGG Evaluation Team

Kathy Cassidy

STYLISTIC Q702

First impression on unpacking the Q702 test unit was the solid feel and clean, minimalist styling.

Anthony Grifoni

STYLISTIC Q572

For work use, Microsoft Word and Excel programs pre-installed on the device are adequate for preparing short documents.

Steph Mundell

LIFEBOOK UH574

The Fujitsu LifeBook UH574 allowed for great mobility without being obnoxiously heavy or clunky. Its twelve hours of battery life did not disappoint.

Andrew Mitsi

STYLISTIC Q702

The screen was particularly good. It is bright and visible from most angles, however heat is an issue, particularly around the Windows button on the front, and on the back where the battery housing is located.

Simon Harriott

STYLISTIC Q702

My first impression after unboxing the Q702 is that it is a nice looking unit. Styling is somewhat minimalist but very effective. The tablet part, once detached, has a nice weight, and no buttons or switches are located in awkward or intrusive positions.

Resources

Best Deals on GoodGearGuide

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?