Forging Canon Original Decision Data

March 30, 2011 (at 11:30 a.m.) in Attacks & Research

Many Canon DSLR cameras (and all mid- and high-end models) can generate authenticity information for images taken with it. This information (called “Original Decision Data”) can be later used to detect if the picture is authentic, was it altered, retouched, edited or otherwise forged. It also protects image metadata, most important being GPS timestamp and coordinates.

Original Decision Data is widely used by e.g. news agencies to ensure that photos they get from their sources are genuine and can be relied upon.

The talk will deliver results of in-depth security analysis of Canon’s Original Decision Data feature and show that it is quite possible to break it.

We will start by giving detailed description of how authenticity data is generated and verified, identifying (obvious and not-so-obvious) design and implementation pitfalls. Next, a live demo will be given showing how easy it is to forge authenticity data and make fake image verify as if it were genuine. Finally, we will share some thoughts on how to improve the system and make it more resilient to forging.

Dmitry Sklyarov

Dmitry Sklyarov is a Head of Reverse Engineering Department at Positive Technologies. Former Security Researcher at Elcomsoft and a lecturer at Moscow State Technical University. He did a research on the security of eBooks and on the authentication of digital photos. Recent research projects involved smartphone forensics.