EDS video stream
I want to talk about how I came up with an electronic digital signature (EDS) video stream.
The idea came to me after Churov’s phrase about “cinema, filmed in apartments”. A few years ago, the idea of surveillance video was presented. Say, if you install video cameras at polling stations, the elections will immediately become fair and transparent ... In reality, it turned out strictly in the way of Chernomyrdin - “they wanted the best, but it turned out, as always.” People watched as PEC officers threw bundles of ballots in the ballot boxes, were outraged, and then it turned out that “you cannot sew online to business,” requests to the repository, where official videos of what was happening at the polling stations were supposed to be stored, were in vain , because “suddenly” it turned out that these records could not be obtained due to technical failures, and the “unofficial” copies refused to recognize.
In the upcoming elections on March 18, the situation is further complicated by the fact that the storage period for video recordings has been officially reduced from one year to three months. My opinion is that this was done specifically to make the elections indisputable - the results of the elections will not be able to be challenged even if there are flagrant violations committed during the elections. While the application is being considered at the electoral commission, in the prosecutor’s office, in the court of first instance, etc., three months will pass quickly and unnoticed, and 3 months after the elections, primary documents (ballots collected from polling stations in TIKs) are destroyed irrevocably, after Nothing can be proved or disproved. I know what I am talking about - I myself participated in the elections as an observer at the polling station and as a trustee of a candidate for deputy.
What to do? I have been looking for a solution for a long time and finally found it - an electronic digital signature of the video stream! I have not even met such a question in any book or article on applied cryptography, although I have read many of them. The problem is that usually a document of a certain size is protected with a digital signature.
For those who do not know what EDS is, a small explanation. There is such a topic - public key cryptography. Unlike symmetric cryptography, where the same key is used to encrypt and decrypt information, two keys are used here, which form a pair - public and secret. What is encrypted on the secret key can be decrypted using the public key, and, conversely, what is encrypted on the public key can be decrypted using a pair of secret key to it. For example, one person wants to send another message. He encrypts it using the recipient’s public key and is confident that no one except the addressee who has the corresponding private key can decrypt and read it. But in order to convince the addressee that the sender is the author of the message, he can take the message, encrypt it with his secret key, and transmit the result along with the letter. The addressee can take the sender's public key, decipher the application with it, compare it with the letter and verify two things at the same time - first, that the letter was not modified and reached the addressee unchanged, and second, that it was sent by the sender, which was the corresponding secret key. This is an electronic digital signature. I am simplifying this, in fact there are a lot of nuances there. For example, it is not the message itself that is encrypted on the private key, but the value of the cryptographic hash function of the message.
The hash function is calculated from a document of any size, but defined, and we have a video stream in the general case of indefinite length. Accordingly, each individual frame can be signed, but then each specific frame will be protected from modification, but the sequence of frames will not be protected - you can edit the video - cut something or rearrange the sequence of frames or replace one frame with another ... You can cut the video stream into fragments a certain size, say, 15 minutes - then in this fragment not only all frames will be protected from modification, but also a sequence of frames, but that if the event of interest fell on the border Vuh fragments? You can sign all 24 hours of broadcasting at once - but the resulting video file will be huge, it will be inconvenient to work with it.
The solution I came up with turned out to be surprisingly simple and obvious - sign frame by frame, but when calculating the signature, it is necessary to include the hash in the calculation not only from the current frame, but also from the previous one. Thus, we protect not only every frame from modification, but also a sequence of frames. As a result, we can make sure that we are shown not “movies filmed in apartments”, but a video stream signed by the key of the electoral commission, while we can save any episode we are interested in, and in this fragment all the properties of the digital signature are saved - we can easily check that each frame was not changed, and the sequence of frames also did not change, while maintaining confirmation that this video was signed by the secret key of the electoral commission, i.e. the electoral commission will not be able to give up its signature.
Obviously, this solution allows for expansion of the application - you can include an audio track or data from a GNSS receiver (global navigation satellite system) about the date, time and place of shooting in the EDS calculation. It is also obvious that this decision is suitable not only for observing the elections, but also in all other cases where the video recording is carried out - in DVRs, when carrying out procedural actions or operational activities. Moreover, in my opinion, such a video, supplied with EDS and geodata obtained from a GNSS receiver, becomes more evidential than a notarized certificate.
I did not want to patent this idea, so I described it in the form of an article, shared it and, as the author of the idea, transferred it to the public domain for unlimited use.
The idea came to me after Churov’s phrase about “cinema, filmed in apartments”. A few years ago, the idea of surveillance video was presented. Say, if you install video cameras at polling stations, the elections will immediately become fair and transparent ... In reality, it turned out strictly in the way of Chernomyrdin - “they wanted the best, but it turned out, as always.” People watched as PEC officers threw bundles of ballots in the ballot boxes, were outraged, and then it turned out that “you cannot sew online to business,” requests to the repository, where official videos of what was happening at the polling stations were supposed to be stored, were in vain , because “suddenly” it turned out that these records could not be obtained due to technical failures, and the “unofficial” copies refused to recognize.
In the upcoming elections on March 18, the situation is further complicated by the fact that the storage period for video recordings has been officially reduced from one year to three months. My opinion is that this was done specifically to make the elections indisputable - the results of the elections will not be able to be challenged even if there are flagrant violations committed during the elections. While the application is being considered at the electoral commission, in the prosecutor’s office, in the court of first instance, etc., three months will pass quickly and unnoticed, and 3 months after the elections, primary documents (ballots collected from polling stations in TIKs) are destroyed irrevocably, after Nothing can be proved or disproved. I know what I am talking about - I myself participated in the elections as an observer at the polling station and as a trustee of a candidate for deputy.
What to do? I have been looking for a solution for a long time and finally found it - an electronic digital signature of the video stream! I have not even met such a question in any book or article on applied cryptography, although I have read many of them. The problem is that usually a document of a certain size is protected with a digital signature.
For those who do not know what EDS is, a small explanation. There is such a topic - public key cryptography. Unlike symmetric cryptography, where the same key is used to encrypt and decrypt information, two keys are used here, which form a pair - public and secret. What is encrypted on the secret key can be decrypted using the public key, and, conversely, what is encrypted on the public key can be decrypted using a pair of secret key to it. For example, one person wants to send another message. He encrypts it using the recipient’s public key and is confident that no one except the addressee who has the corresponding private key can decrypt and read it. But in order to convince the addressee that the sender is the author of the message, he can take the message, encrypt it with his secret key, and transmit the result along with the letter. The addressee can take the sender's public key, decipher the application with it, compare it with the letter and verify two things at the same time - first, that the letter was not modified and reached the addressee unchanged, and second, that it was sent by the sender, which was the corresponding secret key. This is an electronic digital signature. I am simplifying this, in fact there are a lot of nuances there. For example, it is not the message itself that is encrypted on the private key, but the value of the cryptographic hash function of the message.
The hash function is calculated from a document of any size, but defined, and we have a video stream in the general case of indefinite length. Accordingly, each individual frame can be signed, but then each specific frame will be protected from modification, but the sequence of frames will not be protected - you can edit the video - cut something or rearrange the sequence of frames or replace one frame with another ... You can cut the video stream into fragments a certain size, say, 15 minutes - then in this fragment not only all frames will be protected from modification, but also a sequence of frames, but that if the event of interest fell on the border Vuh fragments? You can sign all 24 hours of broadcasting at once - but the resulting video file will be huge, it will be inconvenient to work with it.
The solution I came up with turned out to be surprisingly simple and obvious - sign frame by frame, but when calculating the signature, it is necessary to include the hash in the calculation not only from the current frame, but also from the previous one. Thus, we protect not only every frame from modification, but also a sequence of frames. As a result, we can make sure that we are shown not “movies filmed in apartments”, but a video stream signed by the key of the electoral commission, while we can save any episode we are interested in, and in this fragment all the properties of the digital signature are saved - we can easily check that each frame was not changed, and the sequence of frames also did not change, while maintaining confirmation that this video was signed by the secret key of the electoral commission, i.e. the electoral commission will not be able to give up its signature.
Obviously, this solution allows for expansion of the application - you can include an audio track or data from a GNSS receiver (global navigation satellite system) about the date, time and place of shooting in the EDS calculation. It is also obvious that this decision is suitable not only for observing the elections, but also in all other cases where the video recording is carried out - in DVRs, when carrying out procedural actions or operational activities. Moreover, in my opinion, such a video, supplied with EDS and geodata obtained from a GNSS receiver, becomes more evidential than a notarized certificate.
I did not want to patent this idea, so I described it in the form of an article, shared it and, as the author of the idea, transferred it to the public domain for unlimited use.
Source: https://habr.com/ru/post/409625/