This is for restricting use, not proving authenticity of the videos recording. Anyone can spin up keys and sign videos, so in a legal battle it would be worthless.
Comment on Anon predicts the future
Taleya@aussie.zone 4 days agoMate, digital cinema uses this encryption /decryption method for KDMs.
The keys are tied into multiple physical hardware ids, many of which (such as player/.projector ) are also married cryptographically. Any deviation along a massive chain and you get no content.
Those playback keys are produced from DKDMs that are insanely tightly controlled. The DKDM production itself even more so.
And that’s just to play a movie. This is proven tech, decades old. You’re not gonna break it with premiere.
Valmond@lemmy.world 4 days ago
Taleya@aussie.zone 3 days ago
The technology would be extremely wasy to adapt, with the certs being tied to the original recording equipment hardware. Given i don’t see a $60 ip cam having a dolphin board it would probably be relegated to much higer end equipment, but any modification with a new key would break the chain of veracity
Valmond@lemmy.world 3 days ago
This is blatantly not true, it would be extremely simple to circumvent. How do you “tie” the cert to a specific hardware without trusting manufacturers? You just can’t, it’s like putting a padlock on a pizzabox.
Taleya@aussie.zone 3 days ago
I literally explained earlier how this exact technology is used in digital cinema dude c’mon.
Rossphorus@lemmy.world 3 days ago
As with everything, trust is required eventually. It’s more about reducing the amount of trust required than removing it entirely. It’s the same with HTTPS - website certificates only work if you trust the root certificate authorities, for example. Root manufacturer keys may only be certified if they have passed some level of trust with the root authority/authorities. Proving that trust is well-founded is more a physical issue than an algorithmic one. As it is with root CAs it may involve physical cybersecurity audits, etc.
tweeks@feddit.nl 4 days ago
But how would one simple member of the audience easily determine if this whole chain of events is valid, when they don’t even get how it works or what to look out for?
You’d have to have a public key of trusted sources that people automatically check with their browser, but all the steps in between need to be trusted too. I can imagine it is too much of a hassle for most.
But then again, that has always been the case for most.
Taleya@aussie.zone 4 days ago
…what audience?
tweeks@feddit.nl 3 days ago
I mean the viewers of the video.
Rossphorus@lemmy.world 3 days ago
This is just standard public key cryptography, we already do this for website certificates. Your browser puts a little lock icon next to the URL if it’s legit, or provides you with a big, full-page warning if something’s wrong with the cert.
tweeks@feddit.nl 3 days ago
I know, but as a physical, mobile object as a camera is involved I imagine it’s much more vulnerable to man-in-the-middle attacks than today’s TLS certificates for sites. There are more moving parts / physical steps and the camera is probably not always online.
But in essence you are right, operating the camera the same way as a server should be possible of course. We need some basic trusted authorities that are as trusted as we have for our current TLS certificates.
What it will prove, is whether the video is actually of a specific camera certificate. Not who owns the camera, if it has been swapped or if the video footage is real.