The whole point of good cryptography is that the algorithm can be widely known without the system being compromised. I'd have to look at their implementation, but this is probably a fairly standard digital signature system. Basically, the camera takes a hash of the image and encrypts it with a private key. Anyone can decrypt the hash with the published public key and compare it to a hash of the file they received. If the two are identical, it's evidence the image hasn't been tampered with.
Public key crypto and hash algorithms are all well publicized and have been thoroughly tested. It's possible they'll be cracked eventually- we've gone through a whole series of hashing algorithms as old ones were cracked- but for the purposes of verifying news photographs that's not a huge problem. The biggest risk is of faking pictures of current events, and news photographers can always get new cameras or updated firmware that replaces vulnerable algorithms with up-to-date ones.
This won't completely eliminate the possibility of fake photographs. There are two obvious methods. The low-tech approach is to print the fake image and take a photograph of it. You would have to print it at high enough resolution to hide any printing artifacts- you don't want someone seeing the dots from your printer in the final photo- but it's not that hard. Another method is to extract the private key from the camera and use it to sign your fakes. Either one will only allow you to fake photos from a camera you control, since the keys will be specific to the individual camera.
The part that's at all new for this application is where to store the digital signature. It's not a hard problem- the logical place to store it is the EXIF header- but it would require agreement between the camera manufacturers about how to standardize it. There's probably some trick just because you probably want to sign the metadata in the EXIF as well as the image data, and adding the signature to the EXIF changes it from the signed version. Even that should be solvable by stripping the signature from the EXIF before taking the hash.