Wednesday, August 10, 2005

Integrity Under Attack

Crime footage or fake?
On Matt's Cipher Text blog, you can read about a speeding motorist, getting off the hook because MD5, used to secure the camera images, has a weakness. According to the defense, MD5 was discredited. How far will they take this in court?

These days, most imaging is done digitally. Most times, there isn't even encryption or signing near to it. How can we trust the video surveillance camera of a hold-up? Or pictures, taken on a stake-out? How do you catch the hooligans, you filmed on football riots (I know, hooligans are unknown to Americans ;-) One could always discuss the value of the evidence.

It's an old problem, tampering photographs and other stuff. Since digital multimedia has entered the playground, it's easy to create false stuff. Everyone can forge a file or e-mail, although digital photographs are harder to tamper with. We're advancing to a world where everything is digital, and nothing can be trusted any more, unless you have solid systems to protect integrity. That's were cryptography comes in handy...if it's accepted by law.

Does this means that, in the future, integrity, evidence and thrust will depend on strong encryption. And who will have access to strong, by law accepted, encryption? Who shall define which integrity systems are accepted by law? Politicians? The Judge? NSA?

I hope we don't go to a future where the criminals get away with everything, and the man in the street can't sue the state, because not having the required integrity check or hash algorithm for the evidence. Read the ruling of the Australian court on speed cameras.

Lots of question to solve...

No comments: