Adding cryptographic features. - General Discussion and Assistance - CHDK Forum

Adding cryptographic features.

  • 8 Replies
  • 3574 Views
Adding cryptographic features.
« on: 08 / August / 2008, 11:25:59 »
Advertisements
Hello,

I've started adding cryptographic features to CHDK. The goal is to
have your pictures stored in encrypted form on the card so as not to
be (too) worried in case of theft (for example).

So far I have RSA encryption working (with hard-coded key) and the
quite weak RC4 stream cipher. I'd like to be able to plug this
encryption function before the pictures are written to disk.

Some questions:

    - is it possible to get the JPEG image before it is written to the
      disk? It seems to be possible to get the raw, looking at
      core/raw.c.

    - is it possible to rewrite/wipe a file using standard
      fopen/fwrite operations?

Thanks.

*

Offline fudgey

  • *****
  • 1705
  • a570is
Re: Adding cryptographic features.
« Reply #1 on: 09 / August / 2008, 10:20:34 »
    - is it possible to get the JPEG image before it is written to the
      disk? It seems to be possible to get the raw, looking at
      core/raw.c.

Very likely not impossible, but (as far as I know) CHDK doesn't currently touch this part. There has been some closely related discussion recently, try to find the threads for development in RAW compression/EXIF/manipuolation features and ones that mention disabling JPEG writing.

    - is it possible to rewrite/wipe a file using standard
      fopen/fwrite operations?

I don't know, but since we're working with a simple FAT, one could assume that opening an existing file and writing over it (without appending) shouldn't reallocate anything?

Re: Adding cryptographic features.
« Reply #2 on: 11 / August / 2008, 15:24:06 »
Hi fudgey,

Thanks for your reply. I didn't find anything yet in the source suggesting I can disable JPEG writing. I'll keep following trunk evolution.

For FAT writing, yes, it's quite likely the usual operations will allow me to overwrite data on the card. I was wondering if someone did experiments to check that it is the case. I'll assume it's the case for the moment.

It seems the best I can do is have CHDK periodically check for new files on the filesystem and encrypt them as we notice them, overwriting clear data with encrypted data. Not quite as secure as could be, but still a fun project nonetheless.

Laurent.

*

Offline fudgey

  • *****
  • 1705
  • a570is
Re: Adding cryptographic features.
« Reply #3 on: 11 / August / 2008, 16:17:18 »
Thanks for your reply. I didn't find anything yet in the source suggesting I can disable JPEG writing. I'll keep following trunk evolution.

For new exciting stuff you'll want to follow the juciphox branch, but it's in the same svn repo so you probably already knew this. Anyway, what I was referring to wouldn't be in trunk, most of it's just odd bits of thoughts and discoveries here and there in different threads on the forums.

For FAT writing, yes, it's quite likely the usual operations will allow me to overwrite data on the card. I was wondering if someone did experiments to check that it is the case. I'll assume it's the case for the moment.

You can also assume nobody has experimented. :D And please report back whatever you find...  :)

It seems the best I can do is have CHDK periodically check for new files on the filesystem and encrypt them as we notice them, overwriting clear data with encrypted data. Not quite as secure as could be, but still a fun project nonetheless.

A periodical check thing might be dangerous if you press the power button (or the camera decides the batteries are empty) while your code is working, switching from rec to play could even be a problem?

Maybe you should start with a menu command to start the encrypter. This would also partially solve the problem of not being able to review the JPEGs for bad shots to delete in-camera or re-shoot (I'm saying partially, because you obviously don't want to use the Canon delete functionality because it doesn't overwrite).

All in all this is something that would greatly benefit from an in-camera customized photo browser (an old feature request); you could even review the encrypted images by supplying a key.


*

Offline PhyrePhoX

  • *****
  • 2254
  • make RAW not WAR
    • PhyreWorX
Re: Adding cryptographic features.
« Reply #4 on: 13 / August / 2008, 04:35:36 »
nice idea. but what if you encrypt a 2 GB movie? will take a long time, so there definitly is the need to do some "divide e impere" with the watchdog.
and about shutting off the cam during encryption: there seems to be a flag of some kind that revokes the permission to shutdown the cam for example during movie recording - when you record a movie and press the on/off button, the video is stopped gracefully and then saved cleanly and after that the cam shuts down, this sometimes takes a few seconds. maybe we can find this flag, should be helpful not only in this case.

*

Offline fbonomi

  • ****
  • 469
  • A570IS SD1100/Ixus80
    • Francesco Bonomi
Re: Adding cryptographic features.
« Reply #5 on: 13 / August / 2008, 05:53:38 »
Yes, the same flag must be used in long exposures. When the camera is doing noise reduction (i.e. when the display says "BUSY") you can't power off the camera. You press "power" but the camera goes off only when it's finished.

As I do a lot of long exposures, I often would like to be able to stop this, when for example I take a 65" shot and I realize I forgot to set some parameters

Rather than waiting two minutes, sometimes I resorted to opening the battery lid to kill the camera: in this cases the camera makes a countinuos beep to scare you off!!!


*

Offline fudgey

  • *****
  • 1705
  • a570is
Re: Adding cryptographic features.
« Reply #6 on: 13 / August / 2008, 07:05:35 »
Yes, the same flag must be used in long exposures. When the camera is doing noise reduction (i.e. when the display says "BUSY") you can't power off the camera. You press "power" but the camera goes off only when it's finished.

As I do a lot of long exposures, I often would like to be able to stop this, when for example I take a 65" shot and I realize I forgot to set some parameters

Rather than waiting two minutes, sometimes I resorted to opening the battery lid to kill the camera: in this cases the camera makes a countinuos beep to scare you off!!!

Indeed it would be nice to have the ability to stop long exposures. But a forced power-off is probably not a good way to go as then we lose some of the settings that were good and file system corruption wouldn't be impossible either.

A similar thing that I've thought of more than once is that I'd like to have a "flash enable only once" or "slow flash reload" feature, which would prevent maximum speed flash capacitor reload after a flash shot (which makes the LCD go blank and camera become unresponsive for quite a while) or the ability to stop this maximum speed flash reload during the unresponsive period (similarly to this desired long exposure interrupt).

*

Offline PhyrePhoX

  • *****
  • 2254
  • make RAW not WAR
    • PhyreWorX
Re: Adding cryptographic features.
« Reply #7 on: 13 / August / 2008, 07:34:54 »
well this "unresponsiveness" also annoys me when for example i set the camera to timermode, you cannot exit the timer function until the timer finishes (or you take out the battery). also along those lines: the display isnt updated between the shots, so when you do long exposures via script you can only guess the number of shot pictures.


Re: Adding cryptographic features.
« Reply #8 on: 02 / September / 2008, 07:39:45 »
check for new files on the filesystem and encrypt them as we notice them, overwriting clear data with encrypted data. Not quite as secure as could be

This might help if you do a dump of the filesystem, it all depends on how FAT handles the current fragmenation level. But I'm sure that if you open up the flash card and access the memory modules directly you will be able to access the unencrypted data.

This will help keeping curious ppl out, though so will an XOR encryption.

 

Related Topics