150 top filmmakers ask major camera manufactures to include standard encryption

William Gayde

William Gayde

Posts: 382   +5
Staff

Documentary filmmakers and photojournalists often work on hostile assignments where the footage they capture could put them in serious jeopardy. A group of 150 of these filmmakers have collectively signed an open letter to the world's leading camera manufacturers including Nikon, Sony, Canon, Olympus, and Fuji urging them to include encryption in their products.

The letter also available online through the Freedom of the Press Foundation

Encryption has become increasingly prevalent in everyday technology. Operating systems like Windows, Mac, Linux, Android, and iOS all allow data to be encrypted by default. Messaging apps like WhatsApp and iMessage use end-to-end encryption as well. Features like this are significantly lacking from the camera market, however. Currently no major brand offers encryption on their still photo and video cameras.

The feature, as proposed by documentary filmmakers, would encrypt image data as it is captured to ensure that only those with the correct credentials can view or offload the media.

The group of filmmakers includes numerous Academy Award winners and nominees, most notably Laura Poitras who first interviewed NSA whistleblower Edward Snowden in a Hong Kong hotel room. Attacks on photojournalists are common and their cameras often contain sensitive evidence. There is currently no way to protect this footage from the eyes of border guards, thieves, or other intelligence agents. Once the footage is uploaded off the camera it is easy to secure, but until then it is vulnerable to anyone.

The hope of the letter is to drive the industry to include encryption in nearly all cameras on the market. It won't come quickly unfortunately as there are numerous financial and technical challenges. High resolution cameras write vast amounts of data and encryption can be a slow process depending on the algorithm. Camera manufacturers definitely have some catching up to do in the security field, but there is a growing need for this so expect it in the not too distant future.

Lead photo credit: Flickr/fotograzio

Permalink to story.

https://www.techspot.com/news/67410-150-top-filmmakers-ask-major-camera-manufactures-include.html

 
It's a nice idea, but unless these media are streaming their footage somewhere, the camera can be just as easily taken and destroyed. Not sure how encryption is really going to help against hard-core individuals ....
 
It'll have to be AES encryption as this (I think) is the fastest encryption available. No to mention flash memory used will have to be premium, even more so than now. Wrong or?
 
Uncle Al said:
It's a nice idea, but unless these media are streaming their footage somewhere, the camera can be just as easily taken and destroyed. Not sure how encryption is really going to help against hard-core individuals ....
Click to expand...

The photojournalist would actually probably be happy with that outcome, depending on what they were photographing exactly. They aren't afraid of losing data - encryption only increases the odds of losing a file, compared to raw data - they are afraid of being caught with data that gets them arrested, tried, jailed, or just straight-up executed.

One method I can camera companies doing is employing a kind of steganography method with their files. Just write every file inside of all the others. Make it look like there is just one big junk file on card. It probably wouldn't hold up to an in-depth investigation, but would probably be enough to fool the average police officer or border guard. And it would be something that could be sent out via firmware update to existing camera bodies.

Any in-depth encryption will likely require an increase in RAM on the camera body, a dedicated processor (since the one on cameras today is optimized just to process images), and a switch of some kind to turn encryption off (rapid shooting) and back on ('safe' shooting)
 
  • Like
Reactions: J spot
And you're in such a country, and the man standing there with the knife as you're roped to a chair says, 'give us the encryption password or we're going to play a little game', and you do ... what?

You better hope that photo is carefully hidden so no-one suspects it is there. Uploaded to the web and then deleted from the camera might work.
 
Journalists are afraid that "evil" states will take their images... Even the best encryption will be easily cracked by any state.... It's a nice idea, but impossible to actually do...
 
ChrisH1 said:
And you're in such a country, and the man standing there with the knife as you're roped to a chair says, 'give us the encryption password or we're going to play a little game', and you do ... what?

You better hope that photo is carefully hidden so no-one suspects it is there. Uploaded to the web and then deleted from the camera might work.
Click to expand...
And if you give him that password, that knife doesn't go away - that knife actually gets used. But if you keep the password, there is still a slim outside chance you do get out alive.

And not every location has wireless broadband internet, and even if it did, I still wouldn't do that. I would rather have an encrypted air-gapped camera, than an unencrypted camera that has no on-board storage and stores everything online. You open yourself up to man-in-the-middle attacks or just having the account compromised entirely.
 
Squid Surprise said:
Journalists are afraid that "evil" states will take their images... Even the best encryption will be easily cracked by any state.... It's a nice idea, but impossible to actually do...
Click to expand...
The best encryption cannot be cracked. You can force the key or password out of somebody by force - but you cannot brute force by means of software to decrypt.
 
petert said:
The best encryption cannot be cracked. You can force the key or password out of somebody by force - but you cannot brute force by means of software to decrypt.
Click to expand...
Really.... I beg to differ.... even the best encryption can be brute forced.... even RSA which uses million digit numbers can be brute forced given enough time and processing power.... If a nation such as the USA or China, etc, want to decrypt your images, they will...
 
petert said:
The best encryption cannot be cracked. You can force the key or password out of somebody by force - but you cannot brute force by means of software to decrypt.
Click to expand...
Squid Surprise said:
Really.... I beg to differ.... even the best encryption can be brute forced.... even RSA which uses million digit numbers can be brute forced given enough time and processing power.... If a nation such as the USA or China, etc, want to decrypt your images, they will...
Click to expand...
Frankly, you're both right and wrong.

Any encryption can be cracked, but it is far from a simple thing to do - even with the full weight of an organization like the NSA, FSB, or Chinese Secret Service behind it.

All encryptions are based on an assumption of the processing power available to an adversary. You make an educated guess about the number of cycles a second they are capable of, and then choose an encryption method that would still take them longer than is practical for them to crack based on that number. This assumes that the encryption you're using isn't broken - you shouldn't be selecting an encryption with known flaws to begin with and you should re-encrypt with a new algorithm when the one you are using is eventually broken.

If you are incorrect about your adversary's capabilities, then you're encryption will be brute-forced. If you selected a flawed method, then it will be opened as if it wasn't even encrypted at all. If you're encryption is not-yet-broken, and you correctly assumed (or over-estimated) your opponents capabilities, then it will take hundreds, thousands, or even millions of years to break your encryption via brute force. There are even some methods that claim that the heat death of the universe will occur before they are brute forced - in reality, someone will find a way to break it long before hand.
 
mbrowne5061 said:
Frankly, you're both right and wrong.

Any encryption can be cracked, but it is far from a simple thing to do - even with the full weight of an organization like the NSA, FSB, or Chinese Secret Service behind it.

All encryptions are based on an assumption of the processing power available to an adversary. You make an educated guess about the number of cycles a second they are capable of, and then choose an encryption method that would still take them longer than is practical for them to crack based on that number. This assumes that the encryption you're using isn't broken - you shouldn't be selecting an encryption with known flaws to begin with and you should re-encrypt with a new algorithm when the one you are using is eventually broken.

If you are incorrect about your adversary's capabilities, then you're encryption will be brute-forced. If you selected a flawed method, then it will be opened as if it wasn't even encrypted at all. If you're encryption is not-yet-broken, and you correctly assumed (or over-estimated) your opponents capabilities, then it will take hundreds, thousands, or even millions of years to break your encryption via brute force. There are even some methods that claim that the heat death of the universe will occur before they are brute forced - in reality, someone will find a way to break it long before hand.
Click to expand...
Your first line and last line don't agree with each other....I understand that in theory certain encryption methods are "unbreakable" - but in reality, they ALL get cracked... And since it's nation-states we are talking about here, it is inevitable that they will be cracked.
 
Squid Surprise said:
Your first line and last line don't agree with each other....I understand that in theory certain encryption methods are "unbreakable" - but in reality, they ALL get cracked... And since it's nation-states we are talking about here, it is inevitable that they will be cracked.
Click to expand...

Just because they all eventually get cracked doesn't mean they all get cracked in your life-time; RSA and AES have stood the test of time. Unless you live in the DPRK with their 3-generational punishment system, whatever secrets you had encrypted should be of little concern to you.
 
mbrowne5061 said:
Just because they all eventually get cracked doesn't mean they all get cracked in your life-time; RSA and AES have stood the test of time. Unless you live in the DPRK with their 3-generational punishment system, whatever secrets you had encrypted should be of little concern to you.
Click to expand...
But journalists are worried about "evil nation states" stealing their images... They have access to far greater computing power than the average person or business... Even RSA is no match for a bank of NSA supercomputers.... Once again, there is NO encryption that is safe - great idea, but non-doable
 
Squid Surprise said:
But journalists are worried about "evil nation states" stealing their images... They have access to far greater computing power than the average person or business... Even RSA is no match for a bank of NSA supercomputers.... Once again, there is NO encryption that is safe - great idea, but non-doable
Click to expand...
You need to actually read up on what it takes to beat RSA and AES.

RSA-1024 (note: RSA-2048 is exponentially tougher) has 10^302 distinct prime number combinations available for its use. The entire observable universe has 10^80 atoms in it. Even if you could use every single atom as a traditional computer, and each of these CPUs had a 100% efficient 1KHz clock, it would take 5.29*10^211 years to brute force an RSA-1024 encryption. Never mind the energy requirements. While it is now possible to break RSA with reasoned academic approaches, it is still rather extremely resource intensive for what you gain in return (almost to the point of still being impractical). RSA, because it is slow, has always been used just to transfer 'handshakes' and other authentication information. Best hope you can have from breaking an RSA encryption is you get access to one-half of another set of encryption keys, and are still left without access to information you're looking for. In layman's terms:
RSA is still considered secure enough for use with sensitive govt. systems as a way to verify and encrypt login credentials.

There are no known academic weaknesses for AES-256, and there are publically facing teams trying all the time to find one. Brute force is the only option. AES-256 would take a billion high-end GPUs 9.17e50 years to brute force and require continuous access to 150GW of power - or approximately 300 Natural Gas power plants dedicated just to running this hypothetical encryption-busting cluster. Never mind the setup or maintenance costs. In a 'real-world' brute force attack, you would use exponentially more GPUs - think in the scale of tens-of-trillions of GPUs - and require exponentially more electrical power to match, so that encryptions can be broken in a 'reasonable' amount of time. Any adversary that could afford to dedicate this much energy, computational time, and physical resources to brute-forcing any single encryption on-demand must already have such an advantage over its opponents that any information it might glean from the broken encryption would be nothing more than a passing curiosity. Such a nation would already be beyond reproach. AES is still considered secure against even the most determined govt. attackers, which is why the DOD and NSA use it in their own systems. It is also significantly faster than RSA, making it practical for encrypting large volumes.

Nevermind that your entire argument is 'the encryption might not be 100% safe - even though engineers and scientists are constantly looking for weaknesses. So it is better I just store this data in its raw form'. That is like saying 'This helmet might have an engineering design flaw or material defect - despite rigorous testing. Better to just skip it'.
 
mbrowne5061 said:
You need to actually read up on what it takes to beat RSA and AES.

RSA-1024 (note: RSA-2048 is exponentially tougher) has 10^302 distinct prime number combinations available for its use. The entire observable universe has 10^80 atoms in it. Even if you could use every single atom as a traditional computer, and each of these CPUs had a 100% efficient 1KHz clock, it would take 5.29*10^211 years to brute force an RSA-1024 encryption. Never mind the energy requirements. While it is now possible to break RSA with reasoned academic approaches, it is still rather extremely resource intensive for what you gain in return (almost to the point of still being impractical). RSA, because it is slow, has always been used just to transfer 'handshakes' and other authentication information. Best hope you can have from breaking an RSA encryption is you get access to one-half of another set of encryption keys, and are still left without access to information you're looking for. In layman's terms:
RSA is still considered secure enough for use with sensitive govt. systems as a way to verify and encrypt login credentials.

There are no known academic weaknesses for AES-256, and there are publically facing teams trying all the time to find one. Brute force is the only option. AES-256 would take a billion high-end GPUs 9.17e50 years to brute force and require continuous access to 150GW of power - or approximately 300 Natural Gas power plants dedicated just to running this hypothetical encryption-busting cluster. Never mind the setup or maintenance costs. In a 'real-world' brute force attack, you would use exponentially more GPUs - think in the scale of tens-of-trillions of GPUs - and require exponentially more electrical power to match, so that encryptions can be broken in a 'reasonable' amount of time. Any adversary that could afford to dedicate this much energy, computational time, and physical resources to brute-forcing any single encryption on-demand must already have such an advantage over its opponents that any information it might glean from the broken encryption would be nothing more than a passing curiosity. Such a nation would already be beyond reproach. AES is still considered secure against even the most determined govt. attackers, which is why the DOD and NSA use it in their own systems. It is also significantly faster than RSA, making it practical for encrypting large volumes.

Nevermind that your entire argument is 'the encryption might not be 100% safe - even though engineers and scientists are constantly looking for weaknesses. So it is better I just store this data in its raw form'. That is like saying 'This helmet might have an engineering design flaw or material defect - despite rigorous testing. Better to just skip it'.
Click to expand...
Not the point... any encryption used to hide an image can (and WILL) be broken by a nation-state...when you encrypt something at the commercial level, you are simply protecting it from the average person but only inconveniencing the "big boys"...
 
Squid Surprise said:
Not the point... any encryption used to hide an image can (and WILL) be broken by a nation-state...when you encrypt something at the commercial level, you are simply protecting it from the average person but only inconveniencing the "big boys"...
Click to expand...
...AES can encrypt images, and the content within an encryption has no bearing on the strength of the encryption. AES is a pretty standard encryption that can be utilized by anyone without costing them a penny. In all likelihood, AES is what the photographers who signed this letter are hoping for and what camera manufacturers are likely to use on new models (assuming them deploy it at all).

You can go ahead and continue to tell yourself that not encrypting is better than encrypting, simply because the NSA might at some point break in... if they ever care enough about you to try - which they won't, unless you were photographing something a little more important than yet another regional skirmish or genocide. But know that AES with a sufficiently long enough key (128-bit or higher) cannot yet be broken, either by brute force or through an intelligent attack, not by the NSA or any other group. It just is not mathematically possible. It either requires that someone came up with a mathematics proof that defeats AES, and somehow managed to keep it a secret while still being able to use it, or literally more resources than is available to any one group of people. But saying that the 'big boys' have some magical key to open any encryption, a magical key that not one single independent computer scientist or even Snowden has discovered or talked about, is like claiming our nations are waging a secret nuclear war against one another, dropping bombs all the time. So many systems use AES that if it were broken tomorrow - with no equivalent replacement standard out there - the digital world would come to a screeching halt.

In fact, if encryption is so useless against national spying, why are nations trying to force computer scientists and engineers to build in backdoors to their encryption deployments? I'll give you a hint: it is because no one has a way to break these encryptions, so they need it to be deliberately weakened from the get-go.
 
mbrowne5061 said:
...AES can encrypt images, and the content within an encryption has no bearing on the strength of the encryption. AES is a pretty standard encryption that can be utilized by anyone without costing them a penny. In all likelihood, AES is what the photographers who signed this letter are hoping for and what camera manufacturers are likely to use on new models (assuming them deploy it at all).

You can go ahead and continue to tell yourself that not encrypting is better than encrypting, simply because the NSA might at some point break in... if they ever care enough about you to try - which they won't, unless you were photographing something a little more important than yet another regional skirmish or genocide. But know that AES with a sufficiently long enough key (128-bit or higher) cannot yet be broken, either by brute force or through an intelligent attack, not by the NSA or any other group. It just is not mathematically possible. It either requires that someone came up with a mathematics proof that defeats AES, and somehow managed to keep it a secret while still being able to use it, or literally more resources than is available to any one group of people. But saying that the 'big boys' have some magical key to open any encryption, a magical key that not one single independent computer scientist or even Snowden has discovered or talked about, is like claiming our nations are waging a secret nuclear war against one another, dropping bombs all the time. So many systems use AES that if it were broken tomorrow - with no equivalent replacement standard out there - the digital world would come to a screeching halt.

In fact, if encryption is so useless against national spying, why are nations trying to force computer scientists and engineers to build in backdoors to their encryption deployments? I'll give you a hint: it is because no one has a way to break these encryptions, so they need it to be deliberately weakened from the get-go.
Click to expand...
I never said that "not encrypting is better than encrypting"... what I'm trying to say is that the specific rationale for why these people want encryption on their cameras won't help them.... Governments want encryptions weakened because they are MASS-Decrypting, and obviously that won't work if the encryption is strong. For any specific case - like a seized camera from a potential spy/terrorist - cracking the encryption won't take too long... but even a few minutes saved makes a HUGE difference if you're attempting to crack millions of devices (or more) at a time...
 
You must log in or register to reply here.

Similar threads

A
Japanese camera makers will employ digital signatures to differentiate real photos from...
Replies
4
Views
260
PurpaFur
PurpaFur
Shawn Knight
Video Game Hall of Fame nominees this year include Myst, Metroid, and Asteroids
Replies
10
Views
162
ZedRM
ZedRM
D
Samsung's 200MP periscope telephoto camera expected to bring whopping 200x digital zoom...
Replies
14
Views
444
PurpaFur
PurpaFur

Latest posts

Back