News Nikon IAS - Vulnerability


The Image Stimulator
The Netherlands
ElcomSoft Co. Ltd. researched Nikon’s Image Authentication System, a secure suite validating if an image has been altered since capture, and discovered a major vulnerability in the manner the secure image signing key is being handled. In turn, this allowed the company to extract the original signing key from a Nikon camera. The vulnerability, when exploited, makes it possible to produce manipulated images with a fully valid authentication signature. ElcomSoft was able to successfully extract the original image signing key and produce a set of forged images that successfully pass validation with Nikon Image Authentication Software.

ElcomSoft has notified CERT and Nikon about the issue, and prepared a set of digitally manipulated images passing as originals when verified with Nikon’s secure authentication software. Nikon has provided no response nor expressed any interest in the existence of the issue.

Press release: ElcomSoft Discovers Vulnerability in Nikon’s Image Authentication System
A set of forged images that are successfully passing validation
ElcomSoft Corporate Blog: Some Technical Details; World’s Famous Hoax Photos

I received this message today.


Administrator Emeritus
Philly, Pa
You just got the job of...
Official Lay Person Liason for Information Processing and Interpretation.
This appointment comes from the official request of the SC Admins Office care of BB, presented by Shooter.