davidwr's Journal: Should journalist's cameras be able to "digitally sign" photos?

[If this hits the Slashdot Firehose, my apologies, it is not intended as a submission. Please don't vote it up or down, just let it scroll off the screen over time.]

In this day and age where fake pictures and videos are so good that anyone can cast serious doubt on a real picture or video by calling it "fake," should cameras include the option to create a "digital signature" or similar authentication?

If I were a journalist or even a citizen-journalist, I'd want to have a time-stamped, possibly location-stamped digital signature on every photo, video, and audio-recording I made in the course of my work.

I'd want to get these signatures or at least a "signature of today's signatures" published in a non-repudiate-able way ASAP, so if I later publish my photo I or my employer could quickly prove it was authentic.

If the image is likely to be cropped before publication, well, that can be handled too, by having the camera also store "standard crops" of every photo along with their respective signatures. A standard crop might be something like "divide the image into 5-10 strips on the narrow dimension and similar-sized evenly-spaced strips on the wider dimension, then treat each 2x2 rectangle as a "standard crop," saving it and its digital signature in addition to the main image.

For video, where the final published product is likely to be a snippet, still/screen-shot, or even a crop, do something similar with a still frame a few times a second. For the audio track, save overlapping staggered two-second snippets and sign each of them. This would be in addition to the signature on the whole video.

The important thing is that the signatures can be published in a non-repudiate-able way within minutes or hours of the photo or video being taken, even before a decision to publish the photo or not is ever made. This way I or my employer can prove a photo or at least the "standard crops" of it and "standard snippets of audio" in it have not been altered since the time the signature was published. For most photos where the motivation or ability to create a fake didn't exist at the time the photo or video was taken, this should deter anyone from screaming "fake, fake" since they know everyone else will know the photo, video, or audio is legit.

There are some obvious costs and other risks:

* This is a lot of work and will take a lot of energy, especially if it is done in real-time or very-near-real-time. At best this will drain the battery. There could also be thermal issues and issues with media that can't be written to fast or with many concurrent writes. This problem will take care of itself as technology improves.

* Assuming the camera's private key isn't in something like Apple's secure enclave, this will require a way to change and manage private keys. If the key is "baked in" to the device, it may reduce the resale value of a camera, since the new buyer's photos will have the same signature as previous users' photos. This may be a non-issue if the camera is used by its original owner until it is obsolete.

* This technology can be abused by authoritarian regimes by requiring it in all cameras. What else is new.

* If it becomes standard in smartphones, it can be abused by advertisers and others. Again, what else is new.

* If it becomes standard in cameras and "on by default," people who turn it off may be considered "suspicious" or "paranoid." Again, what else is new.