[LINK] A Tool to Verify Digital Records

Tom Koltai tomk at unwired.com.au
Wed Jan 28 16:38:16 AEDT 2009 

Could I suggest that http://en.wikipedia.org/wiki/Steganography
Might suggest an alternative - especially if you use the colour
representations based on a 256 million palette base e.g.: on frame 113
Pixel 2,3;6,7;Frame 14569 Pixel 1,1 1006,718 etc ad nauseum until the
entire copyright was implanted. By matching ITU 600.1 MPEG (to ensure
you only encrypt the (key) frames that will stay, any subsequent
compression system will retain the copyright message regardless of the
compression codec used.
I do have a problem if the compression is a reduction in screen size as
well e.g.: on2 VP7 via flash onto an Iphone.
Then there could be a small loss of "bits" However repeating the message
20 or thirty times as a form of redundancy would usually ensure that in
90 minute movie, there could be several hundred "copyright keys".
Not easy to overcome - in fact without a frame by frame recolour - I
cant think of any way to do it.

Tom

> -----Original Message-----
> From: link-bounces at mailman1.anu.edu.au 
> [mailto:link-bounces at mailman1.anu.edu.au] On Behalf Of Kim Holburn
> Sent: Wednesday, 28 January 2009 9:07 AM
> To: Link List
> Subject: Re: [LINK] A Tool to Verify Digital Records
> 
> 
> I may be wrong in that I haven't read the details of how they 
> actually plan do this and they might be talking about 
> something different but some of the main problems I see with this are:
> 
> If we are talking about archiving documents, sound, movies 
> then a change in a bit in a compressed archive can render the 
> archive unreadable.  Changing a bit in a signed digital 
> archive will render both the document unreadable and the 
> signature invalid.  The digital hash while a good start is 
> too sensitive in this case.  Changing document formats while 
> maintaining hashes just does not seem possible.
> 
> If the document is (maliciously) altered the alterers can 
> provide a new hash for the altered work.  Who will know the 
> hash has been tampered with?  A digital hash or signature 
> even when read by humans is not memorable in any way.  Who's 
> to know if it has been changed. Unless the hash is somehow an 
> integral part of the document itself a stand-alone hash or 
> signature won't really be of much use.
> 
> Even if all this was overcome then better would be to provide 
> a series of hashes so that parts of the document could be 
> verified as well as the whole so that if the document was 
> changed it would be possible to work out which parts had been changed.
> 
> As they mentioned recently important hashes like MD5 and 
> SHA-1 have been "cracked". 
> http://en.epochtimes.com/news/7-1-11/50336.html
> 
> How can you go back and retrofit a new hash into possibly 
> millions of documents if an old hash has been cracked and 
> still be sure the documents haven't been altered?
> 
> Kim
> 
> On 2009/Jan/27, at 6:00 PM, stephen at melbpc.org.au wrote:
> 
> > A Tool to Verify Digital Records, Even as Technology Shifts
> >
> > By JOHN MARKOFF  Published: January 26, 2009 
> > http://www.nytimes.com/2009/01/27/science/27arch.html?_r=1
> >
> >
> > On Tuesday a group of researchers at the University of 
> Washington are 
> > releasing the initial component of a public system to provide 
> > authentication for an archive of video interviews with the 
> prosecutors 
> > for the Rwandan genocide. The group will also release the first 
> > portion of the Rwandan archive.
> >
> > This system is intended to be available for future use in digitally 
> > preserving and authenticating first-hand accounts of war crimes, 
> > atrocities and genocide.
> >
> > Such tools are of vital importance because it has become 
> possible to 
> > alter digital text, video and audio in ways that are virtually 
> > undetectable to the unaided human eye and ear.
> >
> > The researchers said history was filled with incidents of 
> doctoring, 
> > deleting or denying written records.
> >
> > Now, they say, the authenticity of digital documents like videos, 
> > transcripts of personal accounts and court records can be 
> indisputably 
> > proved for the first time.
> >
> > Designing digital systems that can preserve information for many 
> > generations is one of the most vexing engineering challenges.
> >
> > The researchers' solution is to create a publicly available digital 
> > fingerprint, known as a cryptographic hash mark, that will make it 
> > possible for anyone to determine that the documents are 
> authentic and 
> > have not been tampered with.
> >
> > The concept of a digital hash was pioneered at I.B.M. by Hans Peter 
> > Luhn in the early 1950s.
> >
> > The University of Washington researchers are the first to try to 
> > simplify the application for nontechnical users and to try 
> to offer a 
> > complete system that would preserve information across generations.
> >
> > Both because of the rapid pace of innovation and the tendency of 
> > computers to wear out in months or years, the likelihood 
> that digital 
> > files will be readable over long periods of time is far 
> less certain 
> > even than the survival of paper documents.
> >
> > Computer processors are quickly replaced by incompatible models, 
> > software programs are developed with new data formats, and digital 
> > storage media,
> > whether digital tape, magnetic disk or solid state memory chips, are
> > all
> > too ephemeral.
> >
> > Several technologists are already grappling with the 
> evanescent nature 
> > of digital records.
> >
> > Danny Hillis, a computer scientist, helped found the Long 
> Now project 
> > in 1996, warning about the possibility of a "digital dark age."
> >
> > Mr. Hillis has argued that before the rise of digital information 
> > people valued paper documents and cared for them. Since then, there 
> > has been progressively less attention paid to the preservation of
> > information. Now
> > information is routinely stored on media that may last for only
> > several
> > years.
> >
> > To that end, another computer scientist, Brewster Kahle, 
> founded the 
> > Internet Archive in 1996 in an effort to preserve a 
> complete record of 
> > the World Wide Web and other digital documents.
> >
> > Similarly, in 2000 librarians at Stanford University 
> created LOCKSS, 
> > or Lots of Copies Keep Stuff Safe, to preserve journals in 
> the digital
> > age,
> > by spreading digital copies of documents through an international
> > community of libraries via the Internet.
> >
> > However, Ms. Friedman distinguishes her design work from those who 
> > have focused on the simple preservation of digitized materials.
> >
> > Instead, she said she was trying to design complete digital systems 
> > that would play a role in strengthening social institutions 
> over time 
> > by creating a digital historical record that offered 
> continuity across
> > multiple life spans.
> >
> > "Building a clock is iconic," she said. "What is really different is
> > that
> > we are trying to solve socially significant, real-world problems."
> >
> > Because problems like genocide, H.I.V. and AIDS, famine, 
> deforestation 
> > and global warming will not be solved in a single human 
> lifetime, she 
> > argues that information systems designed to ensure 
> continuity across 
> > many generations are a necessity.
> >
> > To ground the group's research in a real-world situation, the 
> > researchers began by building an archive of video 
> interviews with the 
> > judges, prosecutors and other members of the International Criminal 
> > Tribunal for
> > Rwanda.
> >
> > The goal was to design a system that would ensure that the 
> information 
> > was secure for more than a century.
> >
> > Last fall Ms. Friedman traveled with a group of legal experts and 
> > cinematographers to Arusha, Tanzania, where the tribunal is 
> based, and 
> > to Kigali, Rwanda, to conduct video interviews.
> >
> > After capturing five gigabytes of video in 49 interviews, the group 
> > began to work on a system that would make it possible for 
> viewers to 
> > prove for
> > themselves that the videos had not been tampered with or altered
> > even if
> > they did not have access to powerful computing equipment or a high-
> > speed
> > Internet connection.
> >
> > Despite the fact that there are commercial applications 
> that make it 
> > possible to prove the time at which a document was created 
> and verify 
> > that it has not been altered, the researchers wanted to develop a 
> > system that was freely available and would stand a chance 
> of surviving
> > repeated
> > technology shifts.
> >
> > At the heart of the system is an algorithm that is used to compute a
> > 128-
> > character number known as a cryptographic hash from the digital 
> > information in a particular document. Even the smallest 
> change in the 
> > original document will result in a new hash value.
> >
> > In recent years researchers have begun to find weaknesses 
> in current 
> > hash algorithms, and so last November the National Institute of 
> > Standards and
> > Technology began a competition to create stronger hashing
> > technologies.
> >
> > The University of Washington researchers now use a modern hash 
> > algorithm called SHA-2, but they have designed the system 
> so that it 
> > can be easily
> > replaced with a more advanced algorithm.
> >
> > Their system will be distributed as part of a CD known as a 
> "live CD," 
> > making it possible to compute or verify the hash just by 
> inserting the 
> > disk in a computer. The disk will also include software components 
> > that will make it possible to view documents and videos 
> that may not 
> > be accessible by future software.
> >
> > The problem is complex, said Michael Lesk, a professor in the 
> > department of library and information science at Rutgers 
> University, 
> > because not only must you be able to prove that the information has 
> > not changed in its original format, but you must also be 
> able to prove 
> > that once the format is altered, the original digital hash is still 
> > valid.
> >
> > The Long Now Foundation is developing a software tool to easily 
> > convert documents between digital formats, said Stewart Brand, a 
> > co-founder of the project. "The idea is to be able to 
> change anything 
> > into anything else," he said.
> >
> > A version of this article appeared in print on January 27, 2009
> > --
> >
> > However there appear some doubters 'Canonical Hashes over video? Be 
> > skeptical' http://financialcryptography.com/mt/archives/001143.html
> >
> > Cheers people
> > Stephen Loosley
> > Victoria, Australia _______________________________________________
> > Link mailing list
> > Link at mailman.anu.edu.au
> > http://mailman.anu.edu.au/mailman/listinfo/link
> 
> --
> Kim Holburn
> IT Network & Security Consultant
> Ph: +39 06 855 4294  M: +39 3494957443
> mailto:kim at holburn.net  aim://kimholburn
> skype://kholburn - PGP Public Key on request
> 
> 
> 
> 
> 
> 
> 
> _______________________________________________
> Link mailing list
> Link at mailman.anu.edu.au 
> http://mailman.anu.edu.au/mailman/listinfo/lin> k
> 
> 
> 
> _______________________________________
> No viruses found 
> in this incoming message
> Scanned by iolo AntiVirus 1.5.6.4
> http://www.iolo.com
> 
> 
> 
> 
> 
> E-mail message checked by Spyware Doctor (6.0.0.386)
> Database version: 5.11630 
> http://www.pctools.com/en/spyware-doctor-> antivirus/
> 





E-mail message checked by Spyware Doctor (6.0.0.386)
Database version: 5.11630
http://www.pctools.com/en/spyware-doctor-antivirus/

More information about the Link mailing list