oh yes, you are probably right (about public/private key instead of md5), but even with a public/private key method you could read the private key hard-coded in the camera (or, most likely, in the card supplied with the kit). what I want to point out is that if you own such a camera and YOU want to manipulate an image and use it for legal purpose, then you still have a chance to do it, the strenght of the public / private pattern is that is hard to find the private key, cause you must have access to the owner's PC. In this case you have it in your camera. Hence probably it's something similiar to the public/private method with some added feature aimed to keep difficult for anyone to broke it. (difficult, not impossible!) Or it could be somethig really different from what we are thinking of, so I should stop blabbing ! ;)
ciao danilo. buon anno. > > That is correct, but by itself md5 would not be very useful in > this kind of application: it is easy to recompute the checksum > after changing something in the image, and write the new > checksum matching the altered image to the new file as well. > It would be enough to discourage non-computer-savvy image > manipulators, but certainly not for legal purposes, IMHO. > For that I'd want some public key cryptography algorithm > with secret key on chip in the camera and public key available > to the software. > > The description in www.canoneos.com does not tell much, > however the fact that the kit includes a dedicated IC card > suggests it is using something more complicated than md5. > > Note that if the thing is implemented properly it could > not be forged any easier even if all details of the > implementation (except the secret key of course) were made > public, and that would increase its trustworthiness > thousandfold in the eyes of people who know about these > things. * **** ******* *********************************************************** * For list instructions, including unsubscribe, see: * http://www.a1.nl/phomepag/markerink/eos_list.htm ***********************************************************
