Nikon Image Authentication System Vulnerability

It is hard to underestimate the importance of photographic evidence in today's world. Political, legal and business users rely on images captured with modern digital cameras to base important decisions. The credibility of such evidence thus becomes vital.

The Impact of Fake Photographic Evidence

Some of that evidence has been proven to be a fake. Manipulated images have been used to make false political statements in more than once case. ElcomSoft has published a brief abstract on some of the world's most famous fakes that made impact on public opinion, resulted in terminated careers and loss of reputation.

Digital Image Authentication

Major manufacturers of photographic equipment including Canon and Nikon introduced image authentication systems aimed to streamline the validation of image originality and guarantee that the image appears exactly as captured. A secure digital signature is calculated for each capture immediately after a shot.

The Flaw in Nikon's Implementation

Nikon's implementation of image authentication has a major design weakness. ElcomSoft researchers discovered a flaw in the way the secure image signing key is being handled in camera. The vulnerability allowed the researchers to actually extract the original signing key from a Nikon camera. This, in turn, made it possible to produce manipulated images with a fully valid authentication signature. By using the signing key, ElcomSoft has prepared a set of hoax images that successfully pass validation with Nikon Image Authentication Software.

ElcomSoft is providing more information on image authentication background and technical implementation in the «Nikon Image Authentication System: Compromised» blog entry

Nikon's Response

ElcomSoft made the issue known to Nikon and CERT as a trusted third party. At the time of this writing, ElcomSoft received no response from Nikon.

Affected Cameras

All past and current digital SLR cameras manufactured by Nikon and supporting Image Authentication are affected, including Nikon D3X, D3, D700, D300S, D300, D2Xs, D2X, D2Hs, and D200 digital SLRs.

As a result, any photographic evidence submitted that was captured with an affected camera (as well as any future camera using the same signing key) should not be automatically taken as genuine just because it passes validation with Nikon Image Authentication Software.

Read about the vulnerability in the press:

• - SlashDot - "Nikon's Image Authentication Insecure"
• - The Register - "Nikon image authentication system cracked"
• - Help Net Security - "Researchers crack Nikon image authentication system"
• - PCWorld - "Nikon's Image Authentication Algorithm Cracked"
• - The H Security - "Signed Nikon images can be forged"
• - MSNBC - "Nikon image software vulnerable to photo fakers"
• - TFOT - "Nikon Image Camera Authentication System Broken"
• - CNet Australia - "Nikon camera encryption cracked"
• - CrunchGear - "Both Nikon And Canon's Image Authentication Systems Busted"
• - Engadget - "Nikon Image Authentication Software validates Photoshop phonies"
• - SecurityNews Daily - "Photo Forgery: Nikon Image Validation System Cracked"
• - Akihabra News - "Nikon's Image authentication system cracked"
• - MacVideo - "Nikon's image authentication algorithm cracked"
• - FierceCIO TechWatch - "Nikon image verification system cracked"
• - Imaging Resource - "Exploit found in Nikon Image Authentication, claims ElcomSof"
• - Rob Galbraith - "Nikon Image Authentication system compromised, says IT security firm"

• - Golem.de - "Nikons Foto-Validierungssystem geknackt"
• - Heise Online - "Signierte Nikon-Bilder falschbar"
• - Magnus - "Nikon Authentifizierungssoftware – Foto-Echtheitsprüfung ausgehebelt"
• - FutureZone.at - "Foto von totem Osama bin Laden gefälscht"
• - NZZ Onlnie - "Russen als Erste auf dem Mond. Fotoverifikationssystem geknackt"

• - Punto Informatico - "Nikon, crackata l'autenticazione"
• - IT News - "Nikon: L'Algoritmo d'autencazione cede agli hacker"
• - pPhoto - "Bucato Nikon Image Authentication System"
• - Digital.IT - "Nikon, violato il sistema di autenticazione delle immagini"
• - Macity - "Craccato il sistema di autenticazione delle immagini di Nikon"
• - Tom's Hardware - "Nikon, bucato il sistema di protezione delle immagini"
• - Jack Tech - "Non ci si può più fidare neppure delle foto"

• - FERRA - "Nikon признала фото Beatles в Бобруйске подлинным"
• - РИА Новости - "Защищенная цифровая подпись фото Nikon взломана экспертами ElcomSoft"
• - Открытые Системы - "«ЭлкомСофт» взломала алгоритм аутентификации снимков Nikon"
• - Mobi.ru - "Система проверки аутентичности фотографий Nikon взломана"
• - CyberSecurity - "В программном обеспечении фотокамер Nikon найдена серьезная уязвимость"
• - Overclockers.ru - "Российская компания Elcomsoft выявила уязвимость в системах валидации снимков Nikon и Canon"
• - Евгений Козловский - "Где посадки? или В Бобруйск!"

Sample Images

ElcomSoft has extracted a valid image signing key and used it to sign a set of forged photographs. The following images, while being obvious hoaxes, will be successfully validated as genuine when verified with Nikon Image Authentication Software.

Click on any image for larger [digitally signed] copy.

Russian blogger #1 became addicted to apples

An illustration to unreleased Beatles album

Game Over. No kidding

Gentlemen prefer blondes