Canon's Image Verification System Cracked- Canon's software uses one or more secret keys (depending on version) to sign the image. The secret key is used on the computer to verify that the image is original and unmodified (image itself, EXIF, other metadata, etc.)
- Canon's cameras do not implement these keys on cryptographically secure & tamper resistant chips.
- Canon's cameras allow for the running of unsigned code.
- The result allows an attacker to retrieve the key(s) from the camera, which allows for images to be self-signed.
The end result?
Well, it won't effect the point in shooter or even home photo enthusiast. But insurance companies and law enforcement agencies who rely on the ODD to verify images as untouched can no longer use this to vouch for the integrity of the images.
Older Canon DSLRs used ODDv1. That's gone.
ODDv2 is gone too - any particular model (e.g. the 30D) will use the exact same key.
ODDv3 (on the newest cameras) can be faked if the attacker has the camera - each camera has a unique key.
Kind of surprising as this is a disaster from a security standpoint. The implementation is horrible from first glance and shows a lack of care on Canon's part.
Anyhow, interesting stuff. Thought I'd share.
