Hi
Probably not part of HB but I was wondering if there was a tool / method that would allow to cryptographically sign a movie - ie. once the conversion is done, compute a hash of the video stream and and a per user signature, the result being stored in the container metadata.
Is this a pipe dream ?
I have a business case where I need to be able to possibly prove that the video stream was not tampered in any way (hash) and maybe even have it authentified (signature). How would you go about it ?
Cryptographically sign of movie ?
Re: Cryptographically sign of movie ?
If you hash it and send the other party the video and the hash, they can verify they have the same video you had.
Re: Cryptographically sign of movie ?
Indeed.
But is there a standard way to embed the hash into the video container ?
Also doesn't address the crypto issue (ideally I'd like to let anyone get the video and manage to check that I was the one who did it). I think there are some efforts in that direction in photography but that's as far as I managed to get informations on the topic.
Re: Cryptographically sign of movie ?
No. The moment you touch the file, the hash changes. You need to generate the hash before you can embed.
Re: Cryptographically sign of movie ?
I would have thought of a hash of the video stream itself, NOT the whole file.
I understand (ok, probably over simplified) a video file is a header (with many embedded metadata) and a video stream - that's the part I'd like to validate. I'd guess that Matroska could support this (maybe I should head to their forum .
I understand (ok, probably over simplified) a video file is a header (with many embedded metadata) and a video stream - that's the part I'd like to validate. I'd guess that Matroska could support this (maybe I should head to their forum .
Re: Cryptographically sign of movie ?
Technically, i guess you could but it's awkward solution. To be honest, it's much easier just hashing or using something like PGP to sign the full file.
Re: Cryptographically sign of movie ?
No.
You could publicize the hash, or sign the video and publicize the signature if you want to prove you did the generation of the hash/signature.
Re: Cryptographically sign of movie ?
hmm, why do you say so ?
Assuming (a big if, granted) that there would be a standardised "signature" tag in the container it would be relatively trivial for both the encoder and decoder to check the integrity of the video stream.
Say you have a DVR recording video surveillance. You could easily have it produce tamper proof videos. I'm sure third party solutions exist along those lines, was wondering if it was in the public domain. Clearly not (yet ?).
Re: Cryptographically sign of movie ?
You could shove it in some tag that is long enough. But it would be your own nonstandard thing without broad support.