The original security camera footage is evidence for a trial. However, it is necessary to take into account some aspects to protect the evidence, so that it cannot be replaced or modified.by: Bob Banerjee*
Video authentication is the process of preserving the integrity of the original video so that its presentation in court is admissible, that is, it is considered sufficient evidence to prove that the video is original and has not been altered in any way. Authentication protects people from malicious acts or accidental changes.
Video authentication on analog systems
In a pure analog system video is transmitted from a camera typically over coaxial cable to a receiver, which is usually a VCR VCR and/or through an analog switcher, switch or matrix to an analog monitor. It is worth mentioning that it is possible to intercept the signal of the analog video, and replace it with a fake source, and this is almost impossible to detect.
However, let's assume that the incoming video that was recorded is authentic (not substituted). Once the video is transferred to a tape it is easy to edit it and create a new one, on the other hand it would be practically impossible to detect the change. To minimize this risk, the concept of "Chain of Custody" is used, which ensures that the tape is at all times under the continuous and documented supervision of trusted parties.
This obviously assumes that the parties are actually trustworthy. The "Chain of Custody" is based on the notion of security and assumes that there is no interest in altering the video on the part of these people, but that does not mean that they cannot do it.
Authenticity in the Digital Age
Authenticity in the Digital Age is based on the principles of cryptography, this fact is feasible because video is data, not an analog signal, a string of zeros and ones, which makes it much easier to detect changes. By using some principles of cryptography, we eliminated the possibility that even trusted parties would alter the video, even if they wanted to.
The use of the term "near eliminated" is intentional. Cryptography, referring us to the Roman Empire of Julius Caesar, was based on trust between people and the mission was and continues to be the minimization of the number of people to be trusted. The ideal number is 1.
Points of vulnerability
IP video transmission: Splicing the coaxial cable and stealing a copy of the video or replacing it with a fake one as usually happens in action movies, is much more difficult in IP networks, since these in general have a large number of options to protect the integrity of the data transported either in both the physical and transport layer.
It is important to note that as long as the typical standard security measures already mentioned are in place for the network, there will be no difference between a 10-second video, a confidential e-mail, someone checking your bank account or an online purchase.
There is also the possibility of confirming the integrity of the data. IP networks can determine the identity of the issuer of the information and thus eliminate the possibility of substitution. Therefore, a recorder is capable of recording only known IP cameras and coming from encoders with confirmed MAC addresses.
Bosch Security Systems includes a CRC (Cyclic Redundancy Check) in the information packets as they are transmitted over the network. If the CRC does not conform to what was previously sent, the information is defined as corrupt. There is no indication of how upset it is, or whether it was accidental or intentional, but it determines that it is corrupt – it is not the original and cannot be presented as evidence in court.
IP Video Export
To make use of video recordings from one system it is necessary to export the video to another computer or storage medium. The Bosch File Player "Archive Player" is used to extract parts of already recorded videos and store them on, for example, a disc. It should be noted that as the video clip is saved as a simple piece of data, it can be altered. A simple key to protecting the integrity of this video fragment is inadequate, although it is a good first measure of defense. Digital signatures are those used to detect if the clip was altered.
Conceptually, digital signatures are very easy to understand and at the same time extremely difficult to decipher "crack". Typically a digital signature is a very long number, the value of which is influenced by each bit of data in the video excerpt or clip . The signature is also reproducible, by anyone, which means that the receiver can receive a video fragment, regenerate a digital signature of the same and compare it with the signature delivered in the video fragment sent at first.
If these are the same everything is in order, in case it does not happen it can be concluded that the video has been altered. We have no idea how much has been altered – it can be a couple of bits, seconds or the entire video. However, we know that it has been altered and is inadmissible for filing in court. This system will detect if a frame from the video was deleted, or even if a pixel in a frame changed.
The Bosch Archive Player uses MD5 (Algorithm Encryption Message 5) to generate the digital signatures. This cryptographic encryption function "hashed" using a mathematical algorithm, 128 bits was adopted around the world as an Internet standard (RFC 1321) as it is fast, reliable and does not require any secret keys or keys. It only confirms that exactly what had been sent previously was received.
Here you can see a sample of a 128-bit signature – it evokes the DNA of a fingerprint:
01000100101101000111010001100111001010110100111000101010101010000110001011010010101101001101000101111000101010100101101101001010
The signature is always of the same length regardless of the length of the video clip or the content of it and is completely altered by changing a minimum part. For example, consider the MD5 of this short English text (represented by a 32-digit hexadecimal number and thus allow for easier reading rather than a binary number).
MD5 ("The quick brown fox jumps over the lazy dog") = 9e107d9d372bb6826bd81d3542a419d6
MD5 ("The quick brown fox jumps over the lazy dog.") = e4d909c290d0fb1ca068ffaddf22cbd0
Clearly we get two completely different signatures by altering a small piece of information, a simple ".", and this will happen even if only one pixel has been modified in a frame of the video.
Summary
With VCRs protecting the integrity of the video recorder, everything rested exclusively on trust towards the people who came into contact with the videos obtained. It was also assumed that the video coming from the coaxial cable (i) came from the correct camera (and not from a maliciously replaced one) and (ii) that it was not being masked on its way to the VCR.
With IP video, there is a combination of logical and physical mechanisms that provides much higher levels of data security. IP networks have built-in encryption, and can remove any camera that does not appear in the list of "confirmed MAC addresses".
Bosch applies CRC checks to network frames to confirm that exactly what was previously sent was received and uses passwords to restrict users' access to live and recorded video, which typically varies by schedule and access level to increase security.
Beyond this Bosch adds the digital signature as a 128-bit MD5 cryptographic encryption function from the same remote camera that generates the original signal to the exported videos, this watermark alerts if any video has been modified in the slightest.
*Bob Banerjee is Bosch's product marketing manager.
