Nikon's Image Authentication Insecure

silanea writes "Elcomsoft claims to have broken Nikon's Image Authentication system which — apparently only in theory — ensures that a photograph is authentic and not tampered with through a digital signature. They were able to extract the signing key from a camera and use it to have a modified image pass the software verification, rendering the rather expensive feature mostly marketed to law enforcement all but useless. So far Nikon has not given a statement. Canon's competing system was cracked by the same company last December."

The danger of these systems is they appear secure

[SuperKendall]

This is great news, because now people will be able to cast doubt on images when there is cause to instead of being told "it's not possible it's a fake, it's signed". You know that if someone cracked it publicly someone else (probably many someone else's) have cracked it in private, and have kept around the ability to forge photographs in case of emergency... that ability is now reduced.

Easy to fake

[jdbannon]

Just take a picture of the photo-shopped image with your Nikon camera. Bam! That was sure hard to crack.