Legal systems move slowly (as they should).  Society is still
figuring out how seriously to take cryptographic evidence.  Perhaps
it will take an unusual case to establish the admissibility of this
kind of cryptographic evidence.  Like one where the facts are hotly
contested and the photographer is dead or otherwise unavailable.
I'm not holding my breath.  But it's a cool idea and I do think it
deserves and will some day see its day in the sun.

It might exist someday.  Wait until some circumstance arises where a
defense lawyer has an opportunity to call the photo into question.

Op Tue, 8 Mar 2005 16:01:43 +0000 (UTC) schreef Ben Rosengart
<br+rpdss@panix.com>:

Then the B&H website must be wrong.  And so is amazon:
http://www.amazon.com/exec/obidos/tg/detail/-/B0002XQJFA/002-6192499-9763241?v=glance.

In addition to Canon's EF series of lenses and Speedlites, several
other accessories are designed to work specifically with the EOS 20D.
The Battery Grip BG-E2 adds a vertical shutter release, and is
compatible with up to two of Canon's BP-511/511A/512/514 lithium-ion
battery packs, or alternatively a set of six AA batteries, for greater
convenience when traveling. Canon's Semi Hard Case EH/7-L can
accommodate the EOS 20D with a small zoom lens (EF-S17-85mm f4-5.6 IS
USM included), and the EOS 20D is compatible with Canon's DVK-E2 image
data verification kit to check original image data authenticity,
whenever verification is essential.

and http://www.dpreview.com/news/0408/04081909canon_eos20d.asp

and http://www.canon.ru/products/about.asp?id=1298

?????? EOS 20D ?????????? ? ????????????? ????????????? ?????????? ???
???????? ?????? DVK-E2, ??????? ??????????? ? ?????? ?????????
????????, ? ??????? ? ? ??????????? ?????? ??? ???????? ???????????
?????? ???? ??????? ???????????.

and: http://www.canon.lt/products/about.asp?id=1298

and
http://www.canon.co.uk/about_us/news/consumer_releases/eos20d.asp

and: http://www.canon.com.ph/inpage.asp?mainContent=327

and:
http://consumer.usa.canon.com/ir/controller?act=SNAModelSuppliesAct&fcategoryid=
816&modelid=10464

and finally from canon USA:
Data Verification Kit DVK-E2
9314A001AA

In Stock
Price: $1,100.00    
Like its predecessor, this kit can verify whether or not a photo is an
untouched original. But its use of a Secure Mobile (SM) card reader,
instead of an IC card reader, makes it more compact than the previous
version. Moreover, the versatile DVK-E2 is able to verify images
photographed by the EOS-1Ds as long as they are appended with a data
verification image.
Includes card reader, IC card, Software CD.

Models:
EOS 1D Mark II, EOS 20D, EOS 1DS

end of list and quotes.

But how it works? I don't know, i don't own a 20D yet.

Bart

you can send email to me using
mendelson-at-mendelson-dot-nl
www.mendelson.nl

    It would be simple enough to use a MD5 hash of a combination of
the image and the camera's model number and serial number -- plus a
private key hidden in the camera.  This should suffice for a signature.
(Hmm ... toss in the date too -- so that can be verified as well --
compare the date stored in the image's info fields with that rolled into
the MD5 hash, so a photo taken later could not be substituted.)

    The card could contain its own serial number, too.  I presume
that such are available on flash cards.  They are certainly encoded in
modern SCSI drives, and can be read by the system.

    Of course, something like PGP (or some other
private-key/public-key cipher) would be better (more secure), but that
would require more processing power in the camera -- perhaps taking the
frame rate down to something like one frame per minute. :-)

    O.K.  On a 300 MHz Ultra-SPARC CPU, a md5 hash of a 1.5 MB JPEG
image takes:

    0.06u 0.04s 0:00.17 58.8%

that is --     60 mS of user time,
        40 mS of system time,
    or    0.17 seconds of wall clock time, with the CPU having
            58.8% of the system's resources at the time.

A similarly fast and capable CPU in the camera would take something
closer to the sum of the first two -- or 100 mS (0.1 seconds).

    A PGP signature would take somewhat longer, and a full PGP
encryption of the entire file would take significantly longer -- so it
depends on how much security you need -- and how much you are willing to
accept that the encrypted image may become unrecoverable from a single
bit error near the beginning. :-) I think that the PGP signature would
be the best, with a private key in the camera (or the flash card), and a
public key in the reader for verification.  That way, it would not
matter whether the reader was destroyed, as long as a record of the
public key was available.  And -- there is no real reason to keep the
public key secret, so *anyone* could verify a copy of the image.

    Enjoy,
        DoN.

Practically nobody does, these days. Funding is tightening everywhere,
and the accumulated cost of polaroid shots ishuge, even if you compare
it with the writing off costs of a dedicated outfit for scientific gel
photography costing from $12 000 upwards.

According to Good Laboratory Practice, every gel, also the total
failures, has to be documented. And if the bands are weak, you often
need a couple of shots before you have what you want. Lots of polaroid
shots.

But of course, a 20D vith the DVK-E2 kit would be a lot cheaper still.

Jan Böhme