Canon image originality verification proven useless
Posted on 30 November 2010.
Bookmark and Share
ElcomSoft discovered vulnerability in Canon's Original Data Security System, a validation system to guarantee authenticity of digital images captured with supported Canon cameras.

The vulnerability opens the possibility to produce images that will be positively validated by Canon's own Original Data Security Kit (OSK-E3) regardless of whether or not the images are, in fact, genuine.


The Original Data Security system was intended to ensure that images, taken with a compatible Canon camera, are unaltered in any way and contain the original valid GPS data. The system was designed to prove image originality as well as time and place of the capture.

The intent of the system was to protect the integrity of images shot as evidence. According to Canon official announcement, the credibility of photographic evidence is directly linked to its legitimacy when making legal decisions. The Canon data security system is being used by world leading news agencies including Associated Press as effective means to ensure that each agency’s photo manipulation policies are enforced.

After performing analysis of Canon hardware, ElcomSoft researchers were able to extract secret keys used to calculate authentication data from Canon EOS digital cameras, and use the keys for adding authenticity signatures to a set of manipulated digital images.

The images signed with an extracted key come validated as being original and authentic by Canon's Original Data Security Kit (OSK-E3).

The vulnerability exists in all Canon cameras manufactured to this day and having the security feature.

All current cameras are susceptible, including the entire range of consumer cameras (e.g. Digital Rebel XS, also known as EOS 1000D in Europe and Kiss F in Japan), semi-pro and professional series, including the latest EOS-1D Mark IV.

ElcomSoft is not releasing any technical detail. However, the company made Canon aware about the vulnerability by notifying the vendor as well as CERT Coordination Center as a trusted third-party.

Here are some images produced by ElcomSoft that successfully pass authenticity verification:







Spotlight

Attackers use reflection techniques for larger DDoS attacks

Posted on 17 April 2014.  |  Instead of using a network of zombie computers, newer DDoS toolkits abuse Internet protocols that are available on open or vulnerable servers and devices. This approach can lead to the Internet becoming a ready-to-use botnet for malicious actors.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Apr 18th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //