That’s security by obscurity. Given time, an attacker with physical access to the device will get every bit data from it. And yes, you could mark it as compromised, but then there’s nothing stopping the attacker from just buying another camera and stripping the key from that, too. Since they already know how. And yes, you could revoke all the keys from the entire model range, and come up with a different puzzle for the next camera, but the attacker will just crack that one too.
Hiding the key on the camera in such a way that the camera can access it, but nobody else can is impossible. We simply need to accept that a photograph or a video is no longer evidence.
The idea in your second paragraph is good though, and much easier to implement than your first one.
No, it is not security through obscurity. It’s a message signature algorithm, which are used in cryptography all the time.
You’re falling for the classic paradox of security: it has to work for someone. OF COURSE if you get all of the keys and every detail of the process you can crack it. That’s true of ALL CRYPTOGRAPHY. If someone knows everything including the keys, it’s too late for any ‘secure’ device.
No, it is not security through obscurity. It’s a message signature algorithm, which are used in cryptography all the time.
Yes it is. The scheme is that when you take a picture, the camera signs said picture. The key is stored somewhere in the camera. Hence the secrecy of the key hinges on the the attacker not knowing how the camera accesses the key. Once the attacker knows that, they can get the key from the camera. Therefore, security hinges on the secrecy of the camera design/protocol used by the camera to access the key, in addition to the secrecy of the key. Therefore, it is security by obscurity.
That’s security by obscurity. Given time, an attacker with physical access to the device will get every bit data from it. And yes, you could mark it as compromised, but then there’s nothing stopping the attacker from just buying another camera and stripping the key from that, too. Since they already know how. And yes, you could revoke all the keys from the entire model range, and come up with a different puzzle for the next camera, but the attacker will just crack that one too.
Hiding the key on the camera in such a way that the camera can access it, but nobody else can is impossible. We simply need to accept that a photograph or a video is no longer evidence.
The idea in your second paragraph is good though, and much easier to implement than your first one.
No, it is not security through obscurity. It’s a message signature algorithm, which are used in cryptography all the time.
You’re falling for the classic paradox of security: it has to work for someone. OF COURSE if you get all of the keys and every detail of the process you can crack it. That’s true of ALL CRYPTOGRAPHY. If someone knows everything including the keys, it’s too late for any ‘secure’ device.
Yes it is. The scheme is that when you take a picture, the camera signs said picture. The key is stored somewhere in the camera. Hence the secrecy of the key hinges on the the attacker not knowing how the camera accesses the key. Once the attacker knows that, they can get the key from the camera. Therefore, security hinges on the secrecy of the camera design/protocol used by the camera to access the key, in addition to the secrecy of the key. Therefore, it is security by obscurity.