EP-4121891-B1 - VISUAL ENROLLMENT OF CAMERAS

EP4121891B1EP 4121891 B1EP4121891 B1EP 4121891B1EP-4121891-B1

Inventors

DIEHL, ERIC

Dates

Publication Date: 20260513
Application Date: 20210407

Claims (15)

A method for visually enrolling a camera (100) using an optical code and a picture file, the method comprising: receiving the picture file (210), the picture file comprising an essence, a signature for the essence and the optical code from the camera, wherein the optical code includes a public key of the camera; verifying (220) the signature of the picture file for the corresponding essence with the public key of the camera; generating (260) a visual challenge, in a form of a second optical code, using a nonce created by a random number generator; transmitting the visual challenge to a user of the camera to capture the visual challenge; receiving the captured visual challenge from the camera; extracting a response from the captured visual challenge; comparing the response to the nonce and verifying a signature of the captured visual challenge using the public key of the camera; converting (230) the optical code received from the camera into a valid certificate; and enrolling (240) the camera and adding the valid certificate to a key store (222).
The method of claim 1, wherein the optical code includes a QR code.
The method of claim 1, wherein converting the optical code into a valid certificate comprises i) verifying that a format of the valid certificate is compliant; ii) verifying that a trusted certification authority signed the valid certificate or iii) verifying that the public key was not revoked.
The method of claim 1, further comprising aborting the enrollment of the camera when the optical code does not include the valid certificate.
The method of claim 1, further comprising: launching a timer to generate a time limit; and aborting the enrollment of the camera when the response is not received from the camera within the time limit.
A signing camera (100), comprising: a capture module (130) to capture an image and convert the image into digital information called the essence; a signing module (140) to receive the digital information, and sign the digital information using a private key of the signing camera to generate a signature, wherein the signing module combines the digital information and the signature into a picture file, the picture file comprising the essence and the signature; and an optical code generator (120) to generate an optical code using a device certificate that includes the public key corresponding to the private key and send the generated optical code to the signing module, wherein the generated optical code is added to the picture file.
The signing camera of claim 6, wherein the optical code is one of i) a QR code; ii) a bar code or iii) a machine-readable optical label.
The signing camera of claim 6, wherein the public key corresponding to the private key is the public key of the camera.
The signing camera of claim 6, further comprising a switch capable of being in a first position or a second position, wherein the switch in the first position enables the digital information from the capture module to pass to the signing module, and wherein the switch in the second position enables the generated optical code to pass to the signing module.
A system (200) to verify a signature of a picture file received from a camera, the system comprising: a signature (220) verifier to receive the picture file, which includes an essence, a signature and an optical code that includes a public key of the camera, from the camera (100), generate a signature of the essence with the public key of the camera, verify whether the signature in the picture file corresponds to the signature of the essence, and generate a result of the verification; an optical code extractor (230) to receive the picture file and extract the optical code including the public key of the camera; and an enrollment module (240) to generate a nonce using a random number generator, generate a visual challenge using the nonce, and transmit the visual challenge to the camera, the enrollment module (240) to enroll the camera when the result of the verification indicates that the signature in the picture file corresponds to the signature of the essence.
The system of claim 10, wherein the optical code includes a certificate.
The system of claim 11, wherein the certificate is valid when a format of the certificate is compliant.
The system of claim 11, wherein the certificate is valid when either i) the certificate is verified as signed by a trusted certification authority or ii) the public key is verified to be not revoked.
The system of claim 11, further comprising a key store to store the certificate and the public key when the result of the verification indicates that the signature in the picture file corresponds to the signature of the essence.
The system of claim 10, further comprising a timer to generate a time limit and enable the enrollment module to abort the enrollment of the camera when the optical code is not received from the optical code extractor within the time limit.

Description

BACKGROUND Field The present disclosure relates to the enrollment of cameras, and more specifically, to the enrollment of cameras using visual challenge and response. Background Cameras may append cryptographic digital signatures to the captured pictures or videos. The objectives for the attachments may include the integrity of the signed information (i.e., any alteration of the picture means the signature is not verified) and the authentication of the issuer (i.e., to prove that the camera that signed the picture could have generated the signature). However, the second objective would be valid only if the entity that verifies the signature can check that the camera claiming the signature actually signed it. In the conventional solution, the camera holds a cryptographic public-private key pair with which the camera signs the picture or video using the private key and publishes the public key. However, in this solution, the verifier still lacks proof that the claiming camera holds the private key corresponding to the public key. The current solutions for providing the proof involve a tethered challenge-response protocol. One solution involves the camera being directly connected to the verifier, for instance, via an https connection. Thus, this solution implies that the camera integrates a full communication stack for the challenge-response protocol and manages a connection profile with the verifier. However, this solution may become cumbersome if there are several verifiers or if a verifier changes its characteristics. Another solution may include connecting the camera to the verifier through a companion application. Thus, the camera may use a USB connection with the companion application acting as a proxy with the verifier. Although this solution may be less complicated, it still involves a tethered protocol. Prior art includes: US 2006/036864 A1, KR 101 113 446 B1, US 2019/089696 A1, and US 2014/108810 A1. Each of these prior art disclsoures describes a prior art device. SUMMARY The present invention is defined by the appended claims. Other features and advantages should be apparent from the present description which illustrates, by way of example, aspects of the disclosure. BRIEF DESCRIPTION OF THE DRAWINGS The details of the present disclosure, both as to its structure and operation, may be gleaned in part by study of the appended drawings, in which like reference numerals refer to like parts, and in which: FIG. 1 is a block diagram of a signing camera in accordance with one implementation of the present disclosure;FIG. 2 is a block diagram of a verifier in accordance with one implementation of the present disclosure;FIG. 3 is a flow diagram of a method for enrolling devices in accordance with one implementation of the present disclosure;FIG. 4 presents an example of a QR code holding a real, PEM-encoded, X509 certificate;FIG. 5A is a representation of a computer system and a user in accordance with an implementation of the present disclosure; andFIG. 5B is a functional block diagram illustrating the computer system hosting an enrollment application in accordance with an implementation of the present disclosure. DETAILED DESCRIPTION As described above, the conventional solutions for providing the proof that the claiming camera holds the private key corresponding to the public key involves cumbersome steps of a tethered challenge-response protocol. Certain implementations of the present disclosure provide for extracting the public key from the visual certificate, generating and sending a visual challenge to the camera, receiving and verifying a visual response to the visual challenge, and verifying the signature of the picture file carrying the visual response using the public key. After reading the below descriptions, it will become apparent how to implement the disclosure in various implementations and applications. Although various implementations of the present disclosure will be described herein, it is understood that these implementations are presented by way of example only, and not limitation. As such, the detailed description of various implementations should not be construed to limit the scope or breadth of the present disclosure. In one implementation, the camera holds a private key and an associated public key. When taking a picture, the camera issues a picture file that has two elements, the essence and the signature. The essence is a digital representation of the picture and the signature is a cryptographic signature of the essence generated using the private key of the camera. On the other side, a verifier includes the means to verify the signature of the picture file for the corresponding essence with the public key of the camera. However, for this implementation, the verifier also needs to verify that the camera possesses the actual private key corresponding to the public key. Thus, for this implementation, the camera also includes an optical code generator that turns any arbitrary text i