Reply
 
Thread Tools Display Modes
  #1   Report Post  
Posted to rec.audio.pro
dE|_ dE|_ is offline
external usenet poster
 
Posts: 23
Default Encryption *As Recorded* can anyone give me a clue?

Can anyone give me a lead for this;

As the audio comes in to drive, the stream itself needs to be encrypted to
be made tamper-proof, not just read-only. If anyone does as much as change a
meta value or cut a sample, it must ring alarm bells. (It's a
security/evidence thing)

I'm not getting far on google with this, have you been here before?

--
dE|_


  #2   Report Post  
Posted to rec.audio.pro
Scott Dorsey Scott Dorsey is offline
external usenet poster
 
Posts: 16,853
Default Encryption *As Recorded* can anyone give me a clue?

dE|_ wrote:
Can anyone give me a lead for this;

As the audio comes in to drive, the stream itself needs to be encrypted to
be made tamper-proof, not just read-only. If anyone does as much as change a
meta value or cut a sample, it must ring alarm bells. (It's a
security/evidence thing)

I'm not getting far on google with this, have you been here before?


There's really no completely tamperproof solution. Checksums are a reasonable
notion, but may not stand up in court. Ask an evidence attorney.
--scott
--
"C'est un Nagra. C'est suisse, et tres, tres precis."
  #3   Report Post  
Posted to rec.audio.pro
John Williamson John Williamson is offline
external usenet poster
 
Posts: 1,753
Default Encryption *As Recorded* can anyone give me a clue?

Scott Dorsey wrote:
dE|_ wrote:
Can anyone give me a lead for this;

As the audio comes in to drive, the stream itself needs to be encrypted to
be made tamper-proof, not just read-only. If anyone does as much as change a
meta value or cut a sample, it must ring alarm bells. (It's a
security/evidence thing)

I'm not getting far on google with this, have you been here before?


There's really no completely tamperproof solution. Checksums are a reasonable
notion, but may not stand up in court. Ask an evidence attorney.

Might a pair of analogue security copies, made on a verified machine in
parallel with the digital working copy, then immediately placed in a
sealed package, stand up in court?

It worked in the opposite direction on the Watergate tapes, and the
British police use a similar system for both audio and video records of
interviews.

--
Tciao for Now!

John.
  #4   Report Post  
Posted to rec.audio.pro
dE|_ dE|_ is offline
external usenet poster
 
Posts: 23
Default Encryption *As Recorded* can anyone give me a clue?


"Scott Dorsey" wrote:
Can anyone give me a lead for this;

As the audio comes in to drive, the stream itself needs to be encrypted to
be made tamper-proof, not just read-only. If anyone does as much as change
a
meta value or cut a sample, it must ring alarm bells. (It's a
security/evidence thing)

I'm not getting far on google with this, have you been here before?


There's really no completely tamperproof solution. Checksums are a
reasonable
notion, but may not stand up in court. Ask an evidence attorney.


Thanks for that. Until a friend suggested stream encryption, which I don't
really understand, my initial thought was to run a constant stream of tiny
signature blibs into all recordings. A bit old fashioned.

--
dE|_


  #5   Report Post  
Posted to rec.audio.pro
dE|_ dE|_ is offline
external usenet poster
 
Posts: 23
Default Encryption *As Recorded* can anyone give me a clue?


"John Williamson" wrote:
Can anyone give me a lead for this;

As the audio comes in to drive, the stream itself needs to be encrypted
to be made tamper-proof, not just read-only. If anyone does as much as
change a meta value or cut a sample, it must ring alarm bells. (It's a
security/evidence thing)

I'm not getting far on google with this, have you been here before?


There's really no completely tamperproof solution. Checksums are a
reasonable
notion, but may not stand up in court. Ask an evidence attorney.

Might a pair of analogue security copies, made on a verified machine in
parallel with the digital working copy, then immediately placed in a
sealed package, stand up in court?

It worked in the opposite direction on the Watergate tapes, and the
British police use a similar system for both audio and video records of
interviews.


Good point, back to solid analogue. I'll put that on the paper for when we
talk and I think my best tool is going to bring the attorney along.

--
dE|_




  #6   Report Post  
Posted to rec.audio.pro
Scott Dorsey Scott Dorsey is offline
external usenet poster
 
Posts: 16,853
Default Encryption *As Recorded* can anyone give me a clue?

dE|_ wrote:
"Scott Dorsey" wrote:
Can anyone give me a lead for this;

As the audio comes in to drive, the stream itself needs to be encrypted to
be made tamper-proof, not just read-only. If anyone does as much as change
a
meta value or cut a sample, it must ring alarm bells. (It's a
security/evidence thing)

I'm not getting far on google with this, have you been here before?


There's really no completely tamperproof solution. Checksums are a
reasonable
notion, but may not stand up in court. Ask an evidence attorney.


Thanks for that. Until a friend suggested stream encryption, which I don't
really understand, my initial thought was to run a constant stream of tiny
signature blibs into all recordings. A bit old fashioned.


That's called watermarking. There are some ways it can be used to prove
source, but it's not effective against proving lack of tampering.
--scott

--
"C'est un Nagra. C'est suisse, et tres, tres precis."
  #7   Report Post  
Posted to rec.audio.pro
dE|_ dE|_ is offline
external usenet poster
 
Posts: 23
Default Encryption *As Recorded* can anyone give me a clue?


"Scott Dorsey" wrote:
Can anyone give me a lead for this;

As the audio comes in to drive, the stream itself needs to be encrypted
to
be made tamper-proof, not just read-only. If anyone does as much as
change
a
meta value or cut a sample, it must ring alarm bells. (It's a
security/evidence thing)

I'm not getting far on google with this, have you been here before?

There's really no completely tamperproof solution. Checksums are a
reasonable
notion, but may not stand up in court. Ask an evidence attorney.


Thanks for that. Until a friend suggested stream encryption, which I don't
really understand, my initial thought was to run a constant stream of tiny
signature blibs into all recordings. A bit old fashioned.


That's called watermarking. There are some ways it can be used to prove
source, but it's not effective against proving lack of tampering.


A more cut/fade tamper resistant method of watermarking might be to record
through a slow flanger. Any interruptions would stick out like a sore thumb
then surely? I still like John's idea of parallel analogue tapes, these can
be compared to the flanging & checksummed digital media and be used in
court.

?

--
dE|_


  #8   Report Post  
Posted to rec.audio.pro
Richard Crowley Richard Crowley is offline
external usenet poster
 
Posts: 4,172
Default Encryption *As Recorded* can anyone give me a clue?

"dE|_" wrote ...
A more cut/fade tamper resistant method of watermarking might be to record
through a slow flanger. Any interruptions would stick out like a sore
thumb then surely? I still like John's idea of parallel analogue tapes,
these can be compared to the flanging & checksummed digital media and be
used in court.


Mechanical (not magnetic) recordings like those old dictation machine loops
were once considered pretty tamper-proof. But not practical these days. I
would consider running a flash recorder and immediately handing the SD card
(or whatever) to the attorney to seal as evidence before leaving the room.

I'm confident that spending some quality time with Google would reveal
what are considered legally acceptable forms of recording these days.
Seems quite likely that any DIY, home-made scheme would never be
deemed admissible.


  #9   Report Post  
Posted to rec.audio.pro
Les Cargill[_2_] Les Cargill[_2_] is offline
external usenet poster
 
Posts: 355
Default Encryption *As Recorded* can anyone give me a clue?

dE|_ wrote:
Can anyone give me a lead for this;

As the audio comes in to drive, the stream itself needs to be encrypted to
be made tamper-proof, not just read-only. If anyone does as much as change a
meta value or cut a sample, it must ring alarm bells. (It's a
security/evidence thing)

I'm not getting far on google with this, have you been here before?

--
dE|_



Ironkey USB sticks are alleged to be secure. Ask them if they offer a
harddisk equivalent. I really think that a secure escrow is a better
strategy...

--
Les Cargill
  #10   Report Post  
Posted to rec.audio.pro
Mark Mark is offline
external usenet poster
 
Posts: 966
Default Encryption *As Recorded* can anyone give me a clue?

On Oct 30, 7:55*pm, Les Cargill wrote:
dE|_ wrote:
Can anyone give me a lead for this;


As the audio comes in to drive, the stream itself needs to be encrypted to
be made tamper-proof, not just read-only. If anyone does as much as change a
meta value or cut a sample, it must ring alarm bells. (It's a
security/evidence thing)


I'm not getting far on google with this, have you been here before?


--
dE|_


Ironkey USB sticks are alleged to be secure. Ask them if they offer a
harddisk equivalent. I really think that a secure escrow is a better
strategy...

--
Les Cargill


record the interview on video with a TV set on in the background with
the national 7PM network news on the TV...

Mark



  #11   Report Post  
Posted to rec.audio.pro
Richard Crowley Richard Crowley is offline
external usenet poster
 
Posts: 4,172
Default Encryption *As Recorded* can anyone give me a clue?

"dE|_" wrote ...
Can anyone give me a lead for this; As the audio comes in to drive, the
stream itself needs to be encrypted to be made tamper-proof,


Encryption does NOT imply "tamper-proof".

not just read-only. If anyone does as much as change a meta value or cut a
sample, it must ring alarm bells. (It's a security/evidence thing)


You don't need encryption to detect changes. A simple (or
complex if you wish) checksum will do that.

I'm not getting far on google with this, have you been here before?


You are going in with a faulty assumption. Google is probably
confirming that it isn't a viable solution.


  #12   Report Post  
Posted to rec.audio.pro
soundhaspriority soundhaspriority is offline
external usenet poster
 
Posts: 809
Default Encryption *As Recorded* can anyone give me a clue?



"dE|_" wrote in message
...
Can anyone give me a lead for this;

As the audio comes in to drive, the stream itself needs to be encrypted to
be made tamper-proof, not just read-only. If anyone does as much as change
a meta value or cut a sample, it must ring alarm bells. (It's a
security/evidence thing)

I'm not getting far on google with this, have you been here before?

--
dE|_

The courts are not leading edge as far as technology is concerned. It is
established by lengthy precedent. Even if something like this did exist, it
would just instigate a battle of expert witnesses. By contrast, certain
forms of technology are admissible, having become part of common law. An
example of this is the taking of depositions via video conferencing.
Attorneys from both sides must be present, and the operator of the equipment
must be approved by the court.

In an actual trial, even words in the courtroom are not admissible unless
they have been taken down by an official court reporter. The reporter has a
little audio recorder, but only for his own use, to double check. He
frequently interrupts to ask for clarification of words just spoken. What he
takes down then becomes the official transcript of the trial. The trial
recordings are never used.

So, as you can see, admissible evidence is not an issue of technology. It
has been established over many centuries. It varies according to the type of
evidence. If the evidence is testimony, but, say, collected from a crime
scene, the issue would be to establish a chain of custody of the evidence
encompassing the time it was collected, the storage of the evidence under
lock and key (and who possessed the key), and who accessed it before it was
presented to the court.

Bob Morein
(310) 237-6511



  #13   Report Post  
Posted to rec.audio.pro
Peter Larsen[_3_] Peter Larsen[_3_] is offline
external usenet poster
 
Posts: 2,295
Default Encryption *As Recorded* can anyone give me a clue?

Richard Crowley wrote:

"dE|_" wrote ...
Can anyone give me a lead for this; As the audio comes in to drive,
the stream itself needs to be encrypted to be made tamper-proof,


Encryption does NOT imply "tamper-proof".


More like acccess-proof if not authorized.

I use instant ftp-upload of security cam images on a site, I support since
it is better that the images of the burglars are somewhere else than at the
site burgled. It is simple and it is cheap. Some of the time I think that
the largest risk with encryption is loss of authorized access if something
goes really wrong ...

not just read-only. If anyone does as much as change a meta value or
cut a sample, it must ring alarm bells. (It's a security/evidence
thing)


You don't need encryption to detect changes. A simple (or
complex if you wish) checksum will do that.


I would have thought that windows auditing - and if relevant file system
encryption - had deccent mileage, it would then be about protecting the
event-log from tampering. And of course from preventing physical acess to
the media. FTP upload to a suitable location has the neatness of putting it
directly on physical media inside a presumed reasonably safe server-center.

I'm not getting far on google with this, have you been here before?


You are going in with a faulty assumption. Google is probably
confirming that it isn't a viable solution.


Quite possibly rather "not quite the problem" as pr. your suggestion.
Anyway, one probably should ask an audio forensics consultant about
acceptable strategies, they're the ones in the know.

Kind regards

Peter Larsen



  #14   Report Post  
Posted to rec.audio.pro
dE|_ dE|_ is offline
external usenet poster
 
Posts: 23
Default Encryption *As Recorded* can anyone give me a clue?


"Peter Larsen" say:

Richard Crowley wrote:

"dE|_" wrote ...
Can anyone give me a lead for this; As the audio comes in to drive,
the stream itself needs to be encrypted to be made tamper-proof,


Encryption does NOT imply "tamper-proof".


More like acccess-proof if not authorized.

I use instant ftp-upload of security cam images on a site, I support since
it is better that the images of the burglars are somewhere else than at
the site burgled. It is simple and it is cheap. Some of the time I think
that the largest risk with encryption is loss of authorized access if
something goes really wrong ...

not just read-only. If anyone does as much as change a meta value or
cut a sample, it must ring alarm bells. (It's a security/evidence
thing)


You don't need encryption to detect changes. A simple (or
complex if you wish) checksum will do that.


I would have thought that windows auditing - and if relevant file system
encryption - had deccent mileage, it would then be about protecting the
event-log from tampering. And of course from preventing physical acess to
the media. FTP upload to a suitable location has the neatness of putting
it directly on physical media inside a presumed reasonably safe
server-center.


Live internet streaming to a supreme 3rd Party, only they have access to the
server. Now there's an idea.

Trouble with this one is it's not just for planned interviews, it's 24/7
recording of all radio communication. There'd have to be some kind of
over-writing method after a couple of days or you'd run out of disk space
pretty quick.

--
dE|_


  #15   Report Post  
Posted to rec.audio.pro
dE|_ dE|_ is offline
external usenet poster
 
Posts: 23
Default Encryption *As Recorded* can anyone give me a clue?


"DougD" wrote:

Live internet streaming to a supreme 3rd Party, only they have access to
the
server. Now there's an idea.

Trouble with this one is it's not just for planned interviews, it's 24/7
recording of all radio communication. There'd have to be some kind of
over-writing method after a couple of days or you'd run out of disk space
pretty quick.


There's a company up here in Canada called HaiVision. They market
video/audio streaming and compression systems geared towards
secured govt. applications, universities, hospitals, as well as plain
old set top boxes. One of the methods that they provide for their
secured streaming is not only encryption, but also that until a secure
user makes a request for the data, there is no perm. play app on
the playback machine. The playback app is sent as part of the data
stream, and has encoding/decrypt info that is encoded particular to
that one event, and the particular decoder app. As soon as playback
has stopped, the application wipes itself and since there is no local
caching on the play machine, no chance to manipulate the data.
I'm only covering the basics, and probably am not giving a very
accurate overview, so I'd go read their info yourself.. They do seem
to have gotten the blessings of the USG for secure video conferencing,
so they at least have their foot in the door on that. They also have an
office/plant in Chicago. It does seem to be a pretty good method of
providing secure streams, and it does have real time logging of users,
what was watched and by "whom", and as well multiple paths as to
how data is distributed and even what levels of compression can be
applied or not depending on client needs or bandwith limits, on a
user by user basis. We are getting their encoding hardware put in
here in Victoria as part of our underwater Neptune research system,
where they will be encoding both SD and HD streams of the live
HD underwater video to go over our edu nets within the province
and country.
And of course, this is not an endorsment, and I have no association
with this company..


A new codec with each stream, that's cool. Whether that would be applicable
here I'm not sure, but I'll keep it in mind.

--
dE|_




  #16   Report Post  
Posted to rec.audio.pro
DougD DougD is offline
external usenet poster
 
Posts: 28
Default Encryption *As Recorded* can anyone give me a clue?

In article , "dE|_" wrote:

Live internet streaming to a supreme 3rd Party, only they have access to the
server. Now there's an idea.

Trouble with this one is it's not just for planned interviews, it's 24/7
recording of all radio communication. There'd have to be some kind of
over-writing method after a couple of days or you'd run out of disk space
pretty quick.


There's a company up here in Canada called HaiVision. They market
video/audio streaming and compression systems geared towards
secured govt. applications, universities, hospitals, as well as plain
old set top boxes. One of the methods that they provide for their
secured streaming is not only encryption, but also that until a secure
user makes a request for the data, there is no perm. play app on
the playback machine. The playback app is sent as part of the data
stream, and has encoding/decrypt info that is encoded particular to
that one event, and the particular decoder app. As soon as playback
has stopped, the application wipes itself and since there is no local
caching on the play machine, no chance to manipulate the data.
I'm only covering the basics, and probably am not giving a very
accurate overview, so I'd go read their info yourself.. They do seem
to have gotten the blessings of the USG for secure video conferencing,
so they at least have their foot in the door on that. They also have an
office/plant in Chicago. It does seem to be a pretty good method of
providing secure streams, and it does have real time logging of users,
what was watched and by "whom", and as well multiple paths as to
how data is distributed and even what levels of compression can be
applied or not depending on client needs or bandwith limits, on a
user by user basis. We are getting their encoding hardware put in
here in Victoria as part of our underwater Neptune research system,
where they will be encoding both SD and HD streams of the live
HD underwater video to go over our edu nets within the province
and country.
And of course, this is not an endorsment, and I have no association
with this company..

d.
  #17   Report Post  
Posted to rec.audio.pro
hank alrich hank alrich is offline
external usenet poster
 
Posts: 4,736
Default Encryption *As Recorded* can anyone give me a clue?

dE|_ wrote:

Live internet streaming to a supreme 3rd Party, only they have access to the
server. Now there's an idea.

Trouble with this one is it's not just for planned interviews, it's 24/7
recording of all radio communication. There'd have to be some kind of
over-writing method after a couple of days or you'd run out of disk space
pretty quick.


How many channels of radio to be tracked?

--
ha
shut up and play your guitar
  #18   Report Post  
Posted to rec.audio.pro
dE|_ dE|_ is offline
external usenet poster
 
Posts: 23
Default Encryption *As Recorded* can anyone give me a clue?


"hank alrich" wrote in message
...
dE|_ wrote:

Live internet streaming to a supreme 3rd Party, only they have access to
the
server. Now there's an idea.

Trouble with this one is it's not just for planned interviews, it's 24/7
recording of all radio communication. There'd have to be some kind of
over-writing method after a couple of days or you'd run out of disk space
pretty quick.


How many channels of radio to be tracked?


Dunno, not got the job yet. Check this out, I reckon this will be the
recording medium of choice;
http://www.cedaraudio.com/products/c.../forensic.html
This can record 8 simultaneous.

I've emailed them a query as to whether this can be set to 24/7 'standby'
and have network recording triggered by the start of radio transmission.

--
dE|_


  #19   Report Post  
Posted to rec.audio.pro
Scott Dorsey Scott Dorsey is offline
external usenet poster
 
Posts: 16,853
Default Encryption *As Recorded* can anyone give me a clue?

hank alrich wrote:
dE|_ wrote:

Live internet streaming to a supreme 3rd Party, only they have access to the
server. Now there's an idea.

Trouble with this one is it's not just for planned interviews, it's 24/7
recording of all radio communication. There'd have to be some kind of
over-writing method after a couple of days or you'd run out of disk space
pretty quick.


How many channels of radio to be tracked?


The radio or other verification signal HAS to be mixed in with the main
track, so there's no way it can be separated out.

Turns out AC power line hum is actually pretty good for this, because the
hum frequency changes slightly but measurably, and there are existing
databases of the frequency error.
--scott

--
"C'est un Nagra. C'est suisse, et tres, tres precis."
  #20   Report Post  
Posted to rec.audio.pro
Anahata Anahata is offline
external usenet poster
 
Posts: 378
Default Encryption *As Recorded* can anyone give me a clue?

On Sat, 31 Oct 2009 15:26:13 +0000, dE|_ wrote:

Dunno, not got the job yet. Check this out, I reckon this will be the
recording medium of choice;
http://www.cedaraudio.com/products/c.../forensic.html This can
record 8 simultaneous.


The application of Cedar equipment to surveillance and forensic work is
typically for stuff recorded with mics in suboptimal concealed positions
where noise removal is needed to make recorded speech intelligible. It
doesn't seem to have any tamper-proofing features, which is what I
thought you wanted.

They make a selling point of ease of editing and manipulation of the
recorded audio - surely the exact opposite of what you want.

--
Anahata
-+- http://www.treewind.co.uk
Home: 01638 720444 Mob: 07976 263827


  #21   Report Post  
Posted to rec.audio.pro
dE|_ dE|_ is offline
external usenet poster
 
Posts: 23
Default Encryption *As Recorded* can anyone give me a clue?


"Anahata" wrote in message
o.uk...
On Sat, 31 Oct 2009 15:26:13 +0000, dE|_ wrote:

Dunno, not got the job yet. Check this out, I reckon this will be the
recording medium of choice;
http://www.cedaraudio.com/products/c.../forensic.html This can
record 8 simultaneous.


The application of Cedar equipment to surveillance and forensic work is
typically for stuff recorded with mics in suboptimal concealed positions
where noise removal is needed to make recorded speech intelligible. It
doesn't seem to have any tamper-proofing features, which is what I
thought you wanted.

They make a selling point of ease of editing and manipulation of the
recorded audio - surely the exact opposite of what you want.


I have been given a good lead to tamper-proofing equipment now, with a
better keyword to search for, but the ultimate line of thought was to ftp
copies of the radio recordings straight to a 3rd party secure database as
recorded.

Doing more research today.

--
dE|_


  #22   Report Post  
Posted to rec.audio.pro
Swanny[_2_] Swanny[_2_] is offline
external usenet poster
 
Posts: 26
Default Encryption *As Recorded* can anyone give me a clue?

dE|_ wrote:
Can anyone give me a lead for this;

As the audio comes in to drive, the stream itself needs to be encrypted to
be made tamper-proof, not just read-only. If anyone does as much as change a
meta value or cut a sample, it must ring alarm bells. (It's a
security/evidence thing)

I'm not getting far on google with this, have you been here before?

--
dE|_



The stream itself does not require encryption, unless privacy is required.
Instead, blocks of audio (or the entire recording) have a hash (eg
SHA-256) created from it and then the hash is encrypted to prevent
tampering.
It is the hash (encrypted digital signature of the recording) which
provides a 'fingerprint' of the recording.
The trick is the manangement of the encryption keys, since whoever
possesses the means to decrypt the hash could conceivably create a new
one to sign a new, tampered, audio file.
  #23   Report Post  
Posted to rec.audio.pro
Sean Conolly Sean Conolly is offline
external usenet poster
 
Posts: 638
Default Encryption *As Recorded* can anyone give me a clue?

"Richard Crowley" wrote in message
...
"dE|_" wrote ...
Can anyone give me a lead for this; As the audio comes in to drive, the
stream itself needs to be encrypted to be made tamper-proof,


Encryption does NOT imply "tamper-proof".


Depends on the encryption used. PPK encryption is used to both protect the
data from both unauthorized viewing and from tampering. There are two keys
used - data encoded with either key can only be decoded with the other key.
If you can decode the data with the public (i.e. distributed) key you are
assured that the data has not been tampered with since it was last encoded
using the private key.

The data then becomes as secure as the private key used at the source end.
If it is truly secured then you can trust that the data was encoded at the
source.

Sean


  #24   Report Post  
Posted to rec.audio.pro
Richard Crowley Richard Crowley is offline
external usenet poster
 
Posts: 4,172
Default Encryption *As Recorded* can anyone give me a clue?

"Sean Conolly" wrote ...
The data then becomes as secure as the private key used


Do you know what the letters "NSA" stand for? :-)


  #25   Report Post  
Posted to rec.audio.pro
Arkansan Raider Arkansan Raider is offline
external usenet poster
 
Posts: 668
Default Encryption *As Recorded* can anyone give me a clue?

Richard Crowley wrote:
"Sean Conolly" wrote ...
The data then becomes as secure as the private key used


Do you know what the letters "NSA" stand for? :-)



No Such Agency.

g


---Jeff


  #26   Report Post  
Posted to rec.audio.pro
dE|_ dE|_ is offline
external usenet poster
 
Posts: 23
Default Encryption *As Recorded* can anyone give me a clue?


"Richard Crowley" wrote in message
. ..
"Sean Conolly" wrote ...
The data then becomes as secure as the private key used


Do you know what the letters "NSA" stand for? :-)


Numpty Space Association?


  #27   Report Post  
Posted to rec.audio.pro
dE|_ dE|_ is offline
external usenet poster
 
Posts: 23
Default Encryption *As Recorded* can anyone give me a clue?


"Sean Conolly" wrote in message
...
"dE|_" wrote ...
Can anyone give me a lead for this; As the audio comes in to drive, the
stream itself needs to be encrypted to be made tamper-proof,


Encryption does NOT imply "tamper-proof".


Depends on the encryption used. PPK encryption is used to both protect the
data from both unauthorized viewing and from tampering. There are two keys
used - data encoded with either key can only be decoded with the other
key. If you can decode the data with the public (i.e. distributed) key you
are assured that the data has not been tampered with since it was last
encoded using the private key.

The data then becomes as secure as the private key used at the source end.
If it is truly secured then you can trust that the data was encoded at the
source.


That's one for me to look into. If the public decryption key is held by the
courts then that has a similar effect as my current plan. I am assuming that
the first encryption key will still allow playback but not editing?

The staff still need to have access to playback, which then pulls up that
old doubt of whether the audio has just been played back analogue to another
editor, tampered with, then played back again into the secure recorder. That
is the ultimate wall to climb. Don't get me wrong I'm not not trying to pull
your efforts apart I'm just playing lawyer's advocate ;-)

--
dE|_


  #28   Report Post  
Posted to rec.audio.pro
John Williamson John Williamson is offline
external usenet poster
 
Posts: 1,753
Default Encryption *As Recorded* can anyone give me a clue?

dE|_ wrote:
"Sean Conolly" wrote in message
...
"dE|_" wrote ...
Can anyone give me a lead for this; As the audio comes in to drive, the
stream itself needs to be encrypted to be made tamper-proof,
Encryption does NOT imply "tamper-proof".

Depends on the encryption used. PPK encryption is used to both protect the
data from both unauthorized viewing and from tampering. There are two keys
used - data encoded with either key can only be decoded with the other
key. If you can decode the data with the public (i.e. distributed) key you
are assured that the data has not been tampered with since it was last
encoded using the private key.

The data then becomes as secure as the private key used at the source end.
If it is truly secured then you can trust that the data was encoded at the
source.


That's one for me to look into. If the public decryption key is held by the
courts then that has a similar effect as my current plan. I am assuming that
the first encryption key will still allow playback but not editing?

The staff still need to have access to playback, which then pulls up that
old doubt of whether the audio has just been played back analogue to another
editor, tampered with, then played back again into the secure recorder. That
is the ultimate wall to climb. Don't get me wrong I'm not not trying to pull
your efforts apart I'm just playing lawyer's advocate ;-)

Split the streams, with one branch going to a secure server for later
use in court, the other to an accessible server for routine monitoring.

I'm assuming the playback for the staff doesn't need to be secure,
although it'll not be too hard to arrange a duplicate secure stream
using a different pair of keys.

It's possible to find a way round *any* scheme, though, if the incentive
is high enough.

--
Tciao for Now!

John.
  #29   Report Post  
Posted to rec.audio.pro
Swanny[_2_] Swanny[_2_] is offline
external usenet poster
 
Posts: 26
Default Encryption *As Recorded* can anyone give me a clue?

dE|_ wrote:
"Sean Conolly" wrote in message
...
"dE|_" wrote ...
Can anyone give me a lead for this; As the audio comes in to drive, the
stream itself needs to be encrypted to be made tamper-proof,
Encryption does NOT imply "tamper-proof".

Depends on the encryption used. PPK encryption is used to both protect the
data from both unauthorized viewing and from tampering. There are two keys
used - data encoded with either key can only be decoded with the other
key. If you can decode the data with the public (i.e. distributed) key you
are assured that the data has not been tampered with since it was last
encoded using the private key.

The data then becomes as secure as the private key used at the source end.
If it is truly secured then you can trust that the data was encoded at the
source.


That's one for me to look into. If the public decryption key is held by the
courts then that has a similar effect as my current plan. I am assuming that
the first encryption key will still allow playback but not editing?

The staff still need to have access to playback, which then pulls up that
old doubt of whether the audio has just been played back analogue to another
editor, tampered with, then played back again into the secure recorder. That
is the ultimate wall to climb. Don't get me wrong I'm not not trying to pull
your efforts apart I'm just playing lawyer's advocate ;-)

--
dE|_



Unless there's a privacy issue, you don't need to encrypt the audio. It
just needs to be signed, using a hash and encryption so that the
signature can be verified and authenticated. Once the signature can be
authenticated then it can be matched against the signature of the audio
to determine whether it has been tampered or not.
  #30   Report Post  
Posted to rec.audio.pro
Sean Conolly Sean Conolly is offline
external usenet poster
 
Posts: 638
Default Encryption *As Recorded* can anyone give me a clue?

"Richard Crowley" wrote in message
. ..
"Sean Conolly" wrote ...
The data then becomes as secure as the private key used


Do you know what the letters "NSA" stand for? :-)


My mother was a mathmatician for them back in the 60's, coincidentally :-)

We don't care if the NSA can crack keys - it just needs to be beyond the
means of anyone with a motive. Try cracking a 4096 bit key on your home PC.

Sean




  #31   Report Post  
Posted to rec.audio.pro
Sean Conolly Sean Conolly is offline
external usenet poster
 
Posts: 638
Default Encryption *As Recorded* can anyone give me a clue?

"Swanny" wrote in message
...
Unless there's a privacy issue, you don't need to encrypt the audio. It
just needs to be signed, using a hash and encryption so that the
signature can be verified and authenticated. Once the signature can be
authenticated then it can be matched against the signature of the audio
to determine whether it has been tampered or not.


Personally, I think there's merit to have the encrypted because it becomes
completely unusable if modifed. Then it's not an issue of whether the audio
can be trusted, if there's audio at all it can be trusted.

Plus (thinking as a developer here) I'd probably do this in packets, with
each packet having at least a sequence number and timestamp. Enrypt the
whole packet to hide the underlying data structure making it that much
harder to tanper with. If nothing is exposed it's much harder to crack.

Sean


  #32   Report Post  
Posted to rec.audio.pro
dE|_ dE|_ is offline
external usenet poster
 
Posts: 23
Default Encryption *As Recorded* can anyone give me a clue?


"Sean Conolly" wrote in message
...
"Swanny" wrote in message
...
Unless there's a privacy issue, you don't need to encrypt the audio. It
just needs to be signed, using a hash and encryption so that the
signature can be verified and authenticated. Once the signature can be
authenticated then it can be matched against the signature of the audio
to determine whether it has been tampered or not.


Personally, I think there's merit to have the encrypted because it becomes
completely unusable if modifed. Then it's not an issue of whether the
audio can be trusted, if there's audio at all it can be trusted.

Plus (thinking as a developer here) I'd probably do this in packets, with
each packet having at least a sequence number and timestamp. Enrypt the
whole packet to hide the underlying data structure making it that much
harder to tanper with. If nothing is exposed it's much harder to crack.


I'm going to go with 3 simultaneous copies of recordings.
1. Goes PPK fully encrypted to court Archive via VPN
2. Gets saved local as .TRC file by Cedar machine, available for all to ref.
3. Gets archived local as PPK fully encrypted, secure server with access to
head of office only to check date stamping etc.

--
dE|_


Reply
Thread Tools
Display Modes

Posting Rules

Smilies are On
[IMG] code is On
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Data-encryption and audio / multimedia computers Paul Kotheimer Pro Audio 12 March 26th 08 06:47 PM
security encryption software for mac shoudoue Tech 0 March 5th 08 09:44 AM
I haven't a clue... Charles B. Summers Car Audio 2 February 8th 05 08:55 PM
no clue what i'm doing...mp3 player question mike Car Audio 1 October 12th 04 12:13 AM
Roland Finally Gets a Clue [email protected] Pro Audio 0 July 9th 04 11:18 PM


All times are GMT +1. The time now is 07:49 AM.

Powered by: vBulletin
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Copyright ©2004-2024 AudioBanter.com.
The comments are property of their posters.
 

About Us

"It's about Audio and hi-fi"