The university's
Applied Physics Laboratory has opened the door to using
reliable digital video as evidence in court by developing a
system that identifies an attempt to alter digital video
evidence.
"It's not too hard to make changes to digital video,"
said Tom Duerr, APL's project manager, "but our system
quickly and conclusively detects any alterations made to
the original tape." For the past two years, Duerr has led
development of the project for the United States Postal
Inspection Service.
Nick Beser, lead engineer for the project, said,
"We're satisfied that our system can accurately detect
tampering, and now we're building a working prototype that
can be attached to a camcorder. Our authenticator provides
proof of tampering when the human eye can't detect it," he
said. "You might theorize that a change has been made, but
this system takes the theory out of that determination."
The U.S. Postal Inspection Service, the federal law
enforcement agency that safeguards the U.S. Postal Service
and ensures the integrity of the mail, uses video
surveillance and cutting-edge technology as investigative
tools in many of its cases. "We are looking forward to
field testing the prototype developed by APL," said Dennis
Jones, assistant postal inspector in charge of the agency's
Forensic and Technical Services Division. "Being able to
present a certifiable digital recording in court in support
of our investigative efforts will minimize court challenges
over the admissibility of such evidence. This system could
reinforce the public's confidence in the work of law
enforcement professionals."
The authentication system computes secure
computer-generated digital signatures for information
recorded by a standard off-the-shelf digital video
camcorder. While recording, compressed digital video is
simultaneously written to digital tape in the camcorder and
broadcast from the camera into the Digital Video
Authenticator (currently a laptop PC). There the video is
separated into individual frames, and three digital
signatures are generated per frame--one each for video,
audio and camcorder/DVA control data--at the camcorder
frame rate.
Public-key cryptography is used to create unique
signatures for each frame. The "keys" are actually
parameters from mathematical algorithms embedded in the
system. Duerr said, "The keys, signature and original data
are mathematically related in such a way that if any one of
the three is modified, the fact that a change took place
will be revealed in the verification process."
One key, called a "private" key, is used to generate
the signatures and is destroyed when the recording is
complete. The second, a "public" key, is used for
verification. To provide additional accountability, a
second set of keys is generated that identifies the postal
inspector who made the recording. This set of keys is
embedded in a secure physical token that the inspector
inserts into the system to activate the taping session. The
token also signs the Digital Video Authenticator's public
key, ensuring that the public key released with the video
signatures was created by the inspector and can be
trusted.
The signatures that are generated for the recording
make it easy to recognize tampering. If a frame has been
added, it won't have a signature and will be instantly
detected. If an original frame is altered, the signature
won't match the new data, and the frame will fail
verification. The method is so perceptive that tampering
with even a single bit (an eighth of a byte) of a
120,000-byte video frame is enough to trigger an alert.
After an event is recorded, the signatures and the signed
public key are transferred to a removable storage device
and secured along with the original tape in case the
authenticity of a tape is challenged.
When finished, the Digital Video Authenticator is
expected to be within the size and cost range of
consumer-grade digital camcorders. It will be attached to,
rather than embedded in, a video camera, which allows it to
be transferred to different cameras when current ones
become obsolete. Comparison of signatures with recorded
video and analysis of the results will be accomplished in
separate software that will run on a desktop PC.
Prototype development will include peer review by
other researchers and potential users and is expected to be
completed by 2005. In addition to Postal Inspection Service
use, the system could serve state and local law enforcement
needs and possibly corporate and other business venues.