System and method for verification of digital media
A collaborative system using pseudorandom numbers and digital signatures addresses the challenge of verifying digital media authenticity, ensuring media was created at a specific time and location, thereby enhancing trust in digital media.
Patent Information
- Authority / Receiving Office
- WO · WO
- Patent Type
- Applications
- Current Assignee / Owner
- TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)
- Filing Date
- 2024-12-19
- Publication Date
- 2026-06-25
AI Technical Summary
The lack of reliable methods to verify the authenticity of digitally created media, particularly images and videos, has led to difficulties in distinguishing between genuine and manipulated content, which can be exploited for misinformation and trust issues.
A system involving a communication node, radio base station, and server host collaboratively generate and verify pseudorandom numbers based on random seeds to create digital signatures, ensuring that media creation is tied to a specific time and location, thereby enhancing trust in digital media authenticity.
This approach increases trust in digital media by providing a distributed method that verifies the authenticity of media through pseudorandom numbers, preventing tampering and ensuring that media was created at the claimed time and location.
Smart Images

Figure SE2024051115_25062026_PF_FP_ABST
Abstract
Description
[0001] SYSTEM AND METHOD FOR VERIFICATION OF DIGITAL MEDIA
[0002] TECHNICAL FIELD
[0003] The disclosure relates to a system for creating verifiable digital media. A method for a wireless device, a method for a radio base station, and a method for a server are also disclosed. Further disclosed are a related wireless device, a radio base station, a server host, and associated computer programs and a computer program product.
[0004] BACKGROUND
[0005] Wireless devices are equipped with powerful media collection components for collecting pictures, video, audio, etc. Digital media collected by individuals in an informal manner using wireless devices constitutes a significant portion of the media that is consumed today. This has significantly improved our ability to obtain up to date information about ongoing events around the world. In particular, it has increased the possibility for individuals that just happen to be in a certain spot at a certain time to document events as they unfold.
[0006] Some professional cameras can digitally sign media (image / video data as well as metadata) with a private key (https: / / www.sony.eu / presscentre / news / sony-unlocks- in-camera-forgery-proof-technology, retrieved 2024-12-12). The receiver of the images can verify their authenticity with the corresponding public key. Any form of modification will be detected as the signature will no longer verify the authenticity of the media.
[0007] With the amount of media that is generated every day it can be difficult to know which media portray true situations and which media are misrepresentations or completely manufactured content. Modified images have been difficult to spot for a long time and recent advances in Al have made synthetic content claiming to portray a specific situation extremely easy to manufacture. Content may also be created in one place and time but then be claimed to portray something that happened somewhere else or at some other time.
[0008] The motivation for such content creation ranges from pure entertainment to state funded false flag operations specifically engineered to sway opinions. Independently of the motivation, the lack of ability to easily judge whether certain media has been captured by a physical device or generated by a computer, and whether it indeed was produced when and where it is claimed to be produced, is a major problem for establishing trust in any media.
[0009] The signing systems from some leading camera manufacturers (https: / / blog.elcomsoft.com / 2011 / 04 / nikon-image-authentication-system- compromised / retrieved 2024-12-12) have been completely broken as security experts have shown that the private signing key can be extracted from cameras. This, in turn, make it possible to produce manipulated photos signed with a fully valid authentication signature, e.g., by signing an Al-generated image or manipulating the GPS location of a taken photo. The manipulated photo passes signature validation in the camera manufacturer’s authentication software. It is therefore of interest to develop systems and methods for improving trust in authenticity of digitally created media.
[0010] SUMMARY
[0011] It is an object of the present disclosure to improve trust in authenticity of digitally created media.
[0012] According to a first aspect, there is a system for creating verifiable digital media. The system comprises a communication node for generating a random seed, a radio base station, and a server host. The communication node is configured to transmit, to the radio base station and a server host, a random seed. The server host is configured to store the random seed. The radio base station is configured to transmit a pseudorandom number, where the pseudorandom number is based on at least the random seed, to a wireless device, WD, that possesses a digital media created by the WD. The radio base station is configured to receive, from the WD, a digital signature within a time interval from which the pseudorandom number was received by the WD and the digital signature having been generated by the WD using a private key associated to the WD to sign the digital media and the pseudorandom number. The radio base station is configured to receive metadata related to the time and / or location of the WD when the digital media was created and an identifier of the digital media. The radio base station is configured to transmit, to the server host, the digital signature and the metadata after the receipt of the digital signature and metadata. The server host is configured to store the digital signature and the metadata. Hereby is achieved a collaborative, distributed method which enables increased trust in digital media.
[0013] According to an embodiment of the first aspect, the server host is configured to receive a second seed from a second communication node and generate the pseudorandom number based on at least the first seed and the second seed. Hereby is achieved increased resilience for the seed generation.
[0014] According to an embodiment of the first aspect, the at least one communication node is configured to transmit the random data the random seed is based on to the server host and the server host is configured to store the random data. Hereby is achieved that the seed generation may be verified at a later time.
[0015] According to an embodiment of the first aspect, the radio base station is configured to collect data comprising at least one of a location of the WD, a time at which the digital signature was received, a distance between the radio base station and the WD, an identifier of the WD to the radio base station. The radio base station is further configured to transmit the collected data to the server host. Hereby is achieved increased resilience to WD tampering with the media or signature.
[0016] According to a second aspect, there is a method for creating verifiable digital media. The method is performed by a wireless device. The method comprises creating a digital media. The method comprises receiving, from a radio base station, a pseudorandom number. The method comprises creating a digital signature based on at least the digital media and the pseudorandom number. The method comprises transmitting the digital signature, within a time interval from receiving the pseudorandom number smaller than a threshold value, to the radio base station.
[0017] Hereby is achieved a collaborative, distributed method which enables increased trust in digital media.
[0018] According to a third aspect, there is a method for creating verifiable digital media. The method is performed by a radio base station. The method comprises receiving, from a communication node, a random seed. The method comprises transmitting a pseudorandom number, where the pseudorandom number is based on at least the random seed and an identifier of the network node, to a wireless device. The method comprises receiving, from the wireless device within a time interval from transmitting the pseudorandom number, a digital signature. The method comprises transmitting the digital signature to a server host. Hereby is achieved a collaborative, distributed method which enables increased trust in digital media.
[0019] According to an embodiment of the third aspect, the method comprises the radio base station receiving a second seed from a second communication node and generating the pseudorandom number based on at least the first seed and the second seed. Hereby is achieved increased resilience for the seed generation.
[0020] According to an embodiment of the third aspect, the method comprises the radio base station collecting data comprising at least one of a location of the WD, a time at which the digital signature was received, a distance between the radio base station and the WD, and an identifier of the WD to the radio base station. The method comprises transmitting the collected data to the server host. Hereby is achieved increased resilience to WD tampering with the media or signature.
[0021] According to a fourth aspect, there is a method for providing evidence of trustworthiness of digital media. The method is performed by a server host. The method comprises receiving a request to verify a digital media. The method comprises verifying the digital signature corresponding to the digital media. The method comprises verifying the pseudorandom number. The method comprises responding to the request with the result of the verifications and metadata stored with the digital signature. Hereby is achieved a collaborative, distributed method for obtaining evidence of authenticity of digital media.
[0022] According to an embodiment of the fourth aspect, the request comprises an indication of a digital media to verify and an indication of an identity of a purported creator of the digital media.
[0023] According to an embodiment of the fourth aspect, verifying the digital signature comprises obtaining a public key corresponding to the indication of the identity of the purported creator of the digital media and using the obtained public key to verify the digital signature.
[0024] According to an embodiment of the fourth aspect, verifying the pseudorandom number comprises checking that the pseudorandom number was correctly generated from the random seed stored in the server host and the known algorithm for generating pseudorandom numbers. According to an embodiment of the fourth aspect, the method comprises checking, for each set of timestamps associated to the digital media available in the server host, whether any time interval exceeds a predetermined threshold and transmitting the result of the timestamp checks with the response to the verification request.
[0025] According to a fifth aspect, there is a wireless device configured to create a digital media. The wireless device is configured to receive, from a radio base station, a pseudorandom number. The wireless device is configured to create a digital signature based on at least the digital media and the pseudorandom number. The wireless device is configured to transmit the digital signature, within a time interval from receiving the pseudorandom number smaller than a threshold value, to the radio base station. Hereby is achieved a collaborative, distributed method which enables increased trust in digital media.
[0026] According to a sixth aspect, there is a radio base station. The radio base station is configured to receive, from a communication node, a random seed. The radio base station is configured to transmit a pseudorandom number, where the pseudorandom number is based on at least the random seed and an identifier of the network node, to a wireless device. The radio base station is configured to receive, from the wireless device within a time interval from transmitting the pseudorandom number, a digital signature. The radio base station is configured to transmit the digital signature to a server host. Hereby is achieved a collaborative, distributed method which enables increased trust in digital media.
[0027] According to an embodiment of the sixth aspect, the radio base station is configured to receive a second seed from a second communication node and generating the pseudorandom number based on at least the first seed and the second seed.
[0028] According to an embodiment of the sixth aspect, the radio base station configured to collect data comprising at least one of, a location of the WD, a time at which the digital signature was received, a distance between the radio base station and the WD, and an identifier of the WD to the radio base station. The radio base station is configured to transmit the collected data to the server host.
[0029] According to a seventh aspect, there is a server host. The server host is configured to receive a request to verify a digital media. The server host is configured to verify a digital signature corresponding to the digital media. The server host is configured to verify a pseudorandom number corresponding to the digital signature. The server host is configured to respond to the request with the result of the verifications and metadata stored with the digital signature. Hereby is achieved a collaborative, distributed method for obtaining evidence of authenticity of digital media.
[0030] According to an embodiment of the seventh aspect, the request comprises an indication of a digital media to verify and an indication of an identity of a purported creator of the digital media.
[0031] According to an embodiment of the seventh aspect, verifying the digital signature comprises obtaining a public key corresponding to the indication of the identity of the purported creator of the digital media and using the obtained public key to verify the digital signature.
[0032] According to an embodiment of the seventh aspect, verifying the pseudorandom number comprises checking that the pseudorandom number was correctly generated from the random seed stored in the server host and the known algorithm for generating pseudorandom numbers.
[0033] According to an embodiment of the seventh aspect, the server host is configured to check, for each set of timestamps associated to the digital media available in the server host, whether any time interval exceeds a predetermined threshold and transmit the result of the timestamp checks with the response to the verification request.
[0034] According to an eighth aspect, there is a computer program comprising computer- readable instructions which, when executed by a processor of a wireless device, cause the wireless device to perform a method according to any embodiment of the second aspect.
[0035] According to a ninth aspect, there is a computer program comprising computer- readable instructions which, when executed by a processor of a radio base station, cause the radio base station to perform a method according to any embodiment of the third aspect.
[0036] According to a tenth aspect, there is a computer program comprising computer- readable instructions which, when executed by a processor of a server host, cause the server host to perform a method according to any embodiment of the fourth aspect.
[0037] According to an eleventh aspect, there is a computer program product comprising a non-transient computer readable storage medium on which a computer program according to the eighth, ninth, or tenth aspect is stored.
[0038] BRIEF DESCRIPTION OF THE DRAWINGS
[0039] Fig. 1 is a signaling diagram of a method according to the disclosure.
[0040] Figs. 2a and 2b are flowcharts of a method according to the disclosure performed by a wireless device.
[0041] Fig. 3 is a flowchart of a method according to the disclosure performed by a radio base station.
[0042] Fig. 4 is a flowchart of a method according to the disclosure performed by a server host.
[0043] Fig. 5 is a schematic overview of a system according to the disclosure.
[0044] DETAILED DESORPTION OF THE DRAWINGS
[0045] Fig. 1 is a signaling diagram which includes a system 500 (see also Fig. 5). The system enables the creation of verifiable digital media, where verifiable means media with an associated trustworthiness dependent on the verification of a series of elements associated with the creation of the digital media. The digital media is here one or more media files, e.g. an image file and a video file. The elements associated with the digital media comprise at least one of a random seed, a pseudorandom number, and metadata associated to the digital media and / or device creating the digital media and / or metadata associated to any device of the system 500.
[0046] Fig 1 depicts communications between the system comprising a radio base station 502 (see also Fig. 5), a communication node 501 (see also Fig. 5) for generating a random seed, a server host 503 (see also Fig. 5), and a wireless device, WD, 514 (see also Fig.5). The radio base station is a radio base station in a telecommunication system, which may include a satellite node or a mobile radio base station implemented in an unmanned aerial vehicle. In some embodiments, the radio base station is a webserver using unicast. The WD is, for example, a mobile phone, a laptop, a wearable device, an loT device, or a connected media recording device. The WD captures digital media, which here refers to any form of captured sensor data such as image files, video files, audio files, or other environmental data such as for example temperatures, rainfall, pressure, velocity / speed / acceleration, thermal energy, rotation, motion, chemical levels, humidity, or light.
[0047] The communication node for generating a random seed may be a second radio base station in the telecommunication system, or the communication node for generating a random seed may coincide with the radio base station and the communication portrayed may be internal messages or commands, or the communication node for generating a random seed may be comprised in the core network of the telecommunication network, or the communication node for generating a random seed may be a node specifically for the purpose of generating random seeds. In some embodiments, a node specifically for generating random seeds may be a node exclusively generating random seeds for methods according to the disclosure, or the node specifically for generating random seeds may be a node generating random seeds for additional purposes in the telecommunication network, such as random seeds for use in encryption or encoding schemes.
[0048] The communication node for generating a random seed may be a physical or logical component of the network. In some embodiments, the communication node and / or the radio base station may be Open Radio Access Nodes. In some embodiments, the communication node for generating a random seed and / or the radio access node may be virtual nodes implemented in a distributed manner.
[0049] The system further comprises a server host. The server host may be a physical server host or a virtual server host. The server host comprises and / or has access to a computer-readable memory and a processor. The memory may store computer program code, or may comprise a computer-readable storage medium comprising computer readable instructions which cause the server host to carry out methods according to the disclosure. In particular, the server host may carry out the methods related to verifying / evaluating the trustworthiness of digital media.
[0050] In some embodiments, the memory of the server host comprises a repository for storing digital signatures and / or metadata related to digital signatures according to embodiments of the disclosure. In other embodiments, the server host has access to a repository comprising the stored data. The server host may receive the digital signatures and associated metadata and carry out necessary steps to store the data in the repository.
[0051] Returning to Fig. 1 , the communication node for generating a random seed generates a random seed. The seed may be generated continuously at regular time intervals such as every 10 minutes, every minute, or every 30 seconds, and / or on demand from a radio base station in the telecommunications network. The seed is transmitted 101 to the radio base station and to the server host. The seed may, for example, be transmitted as an HTTP or HTTPS message such as a POST message. The server host stores the seed and the timestamp when the seed was transmitted. In some embodiments, the communication node for generating a random seed further transmits the raw noise from which the seed is extracted. In some embodiments, the noise may be transmitted in batches at regular time intervals, such as every 30 minutes or every 24 hours. The noise from which the random seeds are extracted may for example be atmospheric noise or radioactive decay noise. In some embodiments, the communication node for generating a random seed generates pseudorandom seeds. In some embodiments, random seeds are generated based on entropy provided from entropy sources located on each (or a significant subset of) broadcasting node in a geographical area. This way, the random seed generation is distributed among all broadcasting nodes and cannot be controlled by any operator, country, or other actor.
[0052] The radio base station receives the random seed and uses an algorithm known to at least the radio base station and the server host to generate 102 a pseudorandom number. The algorithm may further take as input for example an identifier of the radio base station, a location of the radio base station (especially in embodiments where the radio base station is mobile), and / or a time when the pseudorandom number is generated.
[0053] In some embodiments, the radio base station may sign the random number before broadcast to increase WD confidence in the reliability of the radio base station.
[0054] The radio base station generates and broadcasts pseudo random numbers and receives signatures from WDs that have signed a piece of media. If the time between transmission of the pseudo random number and the reception of a signature is smaller than T, the radio base station can guarantee that the signing has happened within a distance of cT / 2, where c is the speed of light. I.e. , if a WD is trying to spoof the system by forwarding the random number to another device and use it to sign content there before relaying the digital signature back to the broadcasting node, the distance over which this can occur is limited to a total roundtrip distance of cT. That is, a single way distance of no more than cT / 2.
[0055] For example, if T is 0.5 ms (a common time between two subsequent subframes in 5G traffic), the signing cannot have happened more than 75 km away from the broadcasting node (3*10A8 m / s * 0.5 ms / 2 = 75 km). If instead the time difference is around 33 urn (roughly equal to a common time between symbols in 5G traffic), the signing cannot have occurred more than 5 km away from the broadcasting node. This allows the broadcasting node to claim knowledge about the approximate position where a piece of media was produced.
[0056] The pseudorandom numbers are thus node- and time-specific. The pseudorandom numbers may be broadcast at regular time intervals or the most recent pseudorandom number calculated by the radio case station may be transmitted to a WD on request. The pseudorandom number thus prevents signing a digital media ahead of time. Given that the hardware associated with a certain private key is trusted to be tamper resistant and maintaining high integrity in terms of how the execution of the signing (e.g. performing the signing in a timely manner and not delaying hashes for the sake of spoofing the system), the collected media can be trusted to be collected within a tight time bound given by the time of creation of the pseudo random number and the signature being uploaded to the distributed storage. The WD itself has an even tighter time bound, with the later time being bounded by the time the signature reaches the broadcasting node.
[0057] To ensure that different broadcasting nodes generate unique pseudorandom numbers and new pseudorandom numbers at different times, the pseudorandom numbers are generated according to a predetermined scheme that among other things may be seeded by the current time and a broadcasting node specific ID.
[0058] Random number distribution originating at the broadcasting node and subsequent signature transmission is enough to prevent WDs from spoofing the system. The WD creates 103 a digital media. The digital media may comprise a single file, such as an image, a sound recording, or a video recording, or any other sensor data, or the digital media may comprise multiple files of similar or different types of digital media. In some embodiments, such as when a long audio and / or video file is created, the method may be carried out multiple times during the creation of the digital media, resulting in multiple digital signatures and sets of metadata associated to a single digital media, each providing evidence at a particular snapshot of the creation. The mobile device comprises a media collecting device which is tightly integrated with a cryptographic signer. By way of example, the signature may be generated directly in an image processing unit of a camera of the WD, before the captured media reaches the main central processing unit of the WD. Alternatively, the cryptographic signer may be comprised in a computational unit inaccessible the main central processing unit of the device, and the image processing unit may transmit a hash of the captured media to the cryptographic signer over a channel which is not accessible to the main central processing unit of the WD. In such embodiments, only the final signature is available to the main central processing unit of the device, thereby preventing easy tampering of the signature and / or the captured media by the WD. The created digital media is forwarded to the cryptographic signer which combines the digital media with the pseudorandom number and signs the combined digital media and pseudorandom number using an embedded private key. Tamper resistance is important for two reasons:
[0059] - The private key should be difficult to extract.
[0060] - To prevent injection of media or metadata from any source other than the media capturing device.
[0061] The captured media is stored on the device, while the signature is transmitted back to the broadcasting node and stored by the server host in for example a distributed storage. Forwarding the signature to a distributed storage allows the mobile device to announce and later prove that a particular piece of media was not created later than the time the signature was made public at the storage.
[0062] The signature generating component of the WD may buffer hashes of captured digital media and sign the buffered hashes once a pseudorandom number is received. Batch signing is possible. For example, several video frames can be signed at once. Such embodiments are compatible with less frequent pseudorandom number distribution. As long as the integrity of the signing components can be trusted (i.e. , the signing components will not use the delay to allow media from another device to be injected), such embodiments only loosen the precision (within the range of the extended period) of when a piece of media was captured, but does not lessen the geographic localization as long as the response time between pseudo-random number distribution and upload of signature is maintained. It is possible to introduce a trustworthiness classification associated with each public key which takes into account the amount of buffering time allowed by the associated signature generating component.
[0063] Digital media is often saved in a more compact format than the raw media captured by the media capturing device. For example, images can be captured pixel by pixel by a camera but processed by software into a compressed image format such as Joint Photographic Expert Group, JPEG, or Portable Networks Graphics, PNG, before being stored. Since higher tamper resistance is obtained by integrating the media signing capability into the camera rather than allowing the media to first flow through software (where it can be interchanged for externally captured media), this limits the ability to sign software derived images. Without the original media stored somewhere, the derived image cannot be proved to be derived from the signed original media. In some embodiments, this problem is overcome by offering conditional signing of software derived media (such as compressed image formats). This can be achieved if an additional input into the signature generating block is provided. Digital media fed in through this channel can be conditionally signed based on a properly defined error measure compared to the raw original media. For example, the derived media may be signed if the difference between the derived media and the physically captured digital media falls below some error threshold defined through an error measure such as for example the L0-, L1-, L2-norm, etc. Media derived from signed originals may refer to the original media for authentication, optionally including information about the transformation(s) performed to obtain the derived media.
[0064] The radio base station transmits the pseudorandom number to the WD. The WD creates 105 a digital signature using a private key associated to the WD. In some embodiments, the private key is associated solely to the WD and the WD alone creates a digital signature of the digital media, associated metadata, and the pseudorandom number. The digital signature comprises both the digital media and the pseudorandom number, and the digital media and the pseudorandom number encrypted using the private key. In other embodiments, in particular where the WD is an loT device or otherwise has limited computational power, the digital signature may be created by a linked device, such as a smartphone signing the digital media created by a pair of linked smart glasses, or a controller device signing the digital media created by a smart surveillance camera. Information about the device performing the signing may be included in the metadata associated to the digital signature.
[0065] Similarly, the private key may be a private key used exclusively by / for the WD, or a private key associated to the signing device.
[0066] The wireless device transmits 105 the digital signature along with an identifier of the digital media to the radio base station as a radio message payload. In some embodiments, a full copy of the digital media is used as an identifier of the digital media. In other embodiments, an identity string such as a string generated by applying a hash algorithm to the digital media is used as an identifier of the digital media.
[0067] The delivery of signatures back to the node opens for potential privacy issues since when performed over the air it allows for others to know that someone has captured media. This can be avoided by employing code division multiple access (CDMA) in the uplink with a bandwidth that is wide enough to put the uplink transmission below the noise level. In other embodiments the time frequency resource used is randomized for the uplink channel to make it difficult to distinguish between upload of signature and normal traffic.
[0068] The radio base station receives the digital signature and transmits 107 at least the digital signature and metadata related to when the digital signature was received and / or the location / position of the WD and / or the position of the radio base station to the server host. The digital signature and associated metadata are transmitted using for example HTTP or HTTPS protocol, as for example an HTTPS POST message. The server host stores 108 the signature and the transmitted metadata, optionally together with a timestamp of the server host receiving the signature.
[0069] In a first embodiment of the invention, the system comprises a radio base station
[0070] 502, a communication node 501 for generating a random seed, and a server host
[0071] 503. The radio base station is comprised in a telecommunications network and provides access to a telecommunications network according to a current telecommunications standard such as 4G Long Term Evolution, 5G New Radio, or any future standard as determined by 3rdGeneration Partnership Project, such as 6G, or any other telecommunication standardizing body, such as European Telecommunications Standards institute. A wireless device (WD) 514 creating the digital media is connected to the telecommunications network through the radio base station.
[0072] The communication node for generating a random seed is a node in the telecommunications network which generates one or more random seeds for pseudorandom number generation. The communication node for generating a random seed is run by the operator of the network and generates random seeds for any number of applications. The random reed generator generates one or more random seeds by sampling atmospheric noise and processing the sampled noise to obtain a random seed.
[0073] The communication node for generating a random seed transmits one or more random seeds to the radio base station and to the server host. The radio base station uses the most recently received random seed to generate a pseudorandom number using an algorithm for generating pseudorandom numbers which is known to the verification service provider.
[0074] The server host stores the one or more seeds and corresponding timestamps.
[0075] The radio base station transmits the pseudorandom number to the WD creating the digital media. In the first embodiment, the pseudorandom number is transmitted on receiving a request for a pseudorandom number.
[0076] The WD receives and uses the most recently received pseudorandom number and a private key associated to the WD to create a digital signature of the digital media, associated metadata, and the pseudorandom number. In some embodiments, a full copy of the digital media is used as an identifier of the digital media. In other embodiments, an identity string such as a string generated by applying a hash algorithm to the digital media is used as an identifier of the digital media. The digital signature, along with the identifier of the digital media and the pseudorandom number, is transmitted to the radio base station. The radio base station transmits the digital signature, the identifier of the digital media, and the pseudorandom number, along with additional metadata comprising at least one of a time when the signature was received by the radio base station and an approximate location / position of the wireless device to the repository / server host.
[0077] The server host stores the digital signature, identifier of the digital media, and any associated metadata. Using the stored information, optionally together with the stored information form the random seed generator, data indicating the trustworthiness of the digital media can be obtained.
[0078] In a second embodiment of the invention, the digital media is a photograph taken by a WD and the WD is in the form of a pair of smart glasses. The communication node for generating a random seed is operated by a provider of a verification service and connected to the telecommunications network in the same way as any over-the-top (OTT) service, typically using Hypertext transfer protocol or Hypertext transfer protocol Secure for communication with the telecommunication network. The one or more random seeds are transmitted to the radio base station at a regular time intervals. An application in the radio base station computes pseudorandom numbers based on the received random seed, an identifier of the radio base station, and a timestamp of when the random seed was received. The pseudorandom number is transmitted as soon as it is computed to any listening WDs.
[0079] The smart glasses use the first pseudorandom number received after taking the photograph to create a digital signature of the pseudorandom number, the photograph, and the associated metadata. In some embodiments, a full copy of the digital media is used as an identifier of the digital media. In other embodiments, an identity string such as a string generated by applying a hash algorithm to the digital media is used as an identifier of the digital media. The digital signature, along with the identifier of the digital media and the pseudorandom number are transmitted to the radio base station. The radio base station transmits the digital signature, the identifier of the digital media, and the pseudorandom number, along with additional metadata comprising at least a timestamp of when the digital signature was received and a location of the smart glasses to the server host. The server host stores the digital signature, the identifier of the digital media, and relevant associated metadata in a repository available to the server host, including a timestamp of when the digital signature and associated metadata was received.
[0080] In a third embodiment, an individual wishes to assess the trustworthiness of a video recording and associated metadata. A WD in possession of the individual transmits a request to a verification service provider with access to the server host where the digital signature and metadata related to the video recording is stored. The request includes either an identity-string or a copy of the media to be verified, the metadata to be verified, and the digital signature seen by the client. The verification service accesses the digital signature and metadata related to the video recording and initiates the verification process. The verification service is a computer program hosted by the server host, which at least can resolve the correct media metadata given an identifier of the digital media, verify digital signatures, and compare time stamps.
[0081] First, the digital signature is checked using the public key of the originator. If the digital signature does not verify, the video recording is assumed to have been tampered with and to not be trustworthy.
[0082] If the digital signature verifies, the metadata associated to the video recording is assessed. In the third embodiment, the metadata associated to the video recording is a time when the digital signature was received and an approximate location of the device capturing the recording. Additionally, the pseudorandom number is metadata associated to the videorecording.
[0083] The trustworthiness of the pseudorandom number is assessed using data of the corresponding random seed generator. The verification service determines whether the pseudorandom number was generated using the same seed stored in the server host with the corresponding timestamp. If, for example, the pseudorandom number was generated using an earlier seed, the pseudorandom number is rejected as originating from an untrustworthy radio base station and the video recording may be assumed to not be trustworthy. Next, the timestamps of when the digital signature was received by the network node and when the digital signature was received by the server host are compared. First, if the time elapsed between the time when the pseudorandom number was sent to the WD creating the video record and the time when the digital signature was received by the radio base station exceeds a first threshold set as a function of the frequency at which pseudorandom numbers are transmitted by the radio base station and the distance of the WD from the radio base station, then the videorecording is decided / rejected as untrustworthy.
[0084] Second, if the time elapsed between the radio base station receiving the digital signature and the server host storing the digital signature exceeds a second threshold dependent on the service level between the two nodes and the distance between the two nodes, the video recording is considered untrustworthy on the basis that the radio base station and / or a third party interceptor may have tampered with the file.
[0085] In a final step, the time stamps and the approximate location of the WD are provided to the individual requesting the verification for manual review as to whether the time and location matches the purported time and location of the video recording.
[0086] In a fourth embodiment, a verification process for a photograph is initiated by an individual. The individual uses an application on a smartphone to transmit a verification request for an image to a verification service, where the verification request comprises claimed metadata such as a claimed location and a claimed time. The application provides the individual with detailed information about which verification steps are passed by the photograph and which verification steps are failed by the photograph so that the individual may assess whether the photograph should be trusted or not depending on specific trust levels required by the individual.
[0087] The verification request is received by the verification service, which accesses the server host storing the identifier of the digital media, the digital signature and the metadata corresponding to the photograph. First, the digital signature is verified using the public key associated to the signature. Whether the signature verifies or not is displayed by the application on the individual’s smartphone.
[0088] Next, the metadata associated to the photograph is assessed in several stages. In the fourth embodiment, the metadata comprises the timestamps when the digital signature was received by the radio base station and the server host, the location of the WD, the location and identity of the radio base station which in this embodiment is a moving radio base station in the form of a UAV, stored random noise from the seed generator with corresponding time stamps, and stored one or more random seeds from the seed generator with corresponding time stamps. The random noise has been transmitted and stored in batches of 30 minute intervals, while the seeds are extracted at 30 second intervals for transmission to the radio base station.
[0089] The metadata is assessed starting with the integrity of the one or more seeds. First, the verification process verifies that the random seed was extracted from the correct batch of random noise at the time indicated by the seed generator. Next, the verification process checks whether the random noise was processed correctly into a random seed. Finally, the timestamp at which the random seed was received by the radio base station is checked for correspondence with the time at which the random seed was generated. Failure at any of these three points indicates a non-cooperating seed generator and failure or success is indicated to the individual by the smart phone application.
[0090] Next, the radio base station is checked. The pseudorandom number is checked to ensure that it was generated using the correct seed, at a timestamp within a threshold of when the seed was received, and using a location corresponding to the location where the radio base station was at that time. Additionally, the time at which the WD receives the pseudorandom number is checked to not exceed a threshold relative when the random seed was received by the radio base station. Failure at any of these points indicates a non-cooperating radio base station and failure or success for each is indicated to the individual by the smartphone application.
[0091] Finally, the time stamps relative the WD creating the digital signature and transmitting it to the radio base station are checked, and the timestamps for the WD and the location for the WD are displayed in the app for the individual to check whether they correspond to the purported time and location of the photograph.
[0092] The invention will now be disclosed in more detail with reference to the accompanying drawings.
[0093] Fig. 2a is a flowchart of a method 200a for a WD to create a verifiable digital media. The method may, for example, be implemented as a software application run by the wireless device. The method comprises the WD creating 201 the digital media. The method comprises obtaining 202 a pseudorandom number. The pseudorandom number may be broadcast regularly by a network node, or the software application may request a pseudorandom number when a digital media is created or when the creation of a digital media is initiated (e.g. a video start recording). In the case of a digital media which will be signed multiple times, the software application may request a pseudorandom number several times during the creation process of the digital media.
[0094] The method comprises signing 203 the digital media and the pseudorandom number using a private key associated to the WD. The digital signature comprises the digital media and the pseudorandom number encrypted using the private key, and the digital media and the pseudorandom number not encrypted. In some embodiments, the signing comprises also signing metadata related to the image such as a location / position of the WD, an identifier of the WD, a timestamp of the time when the signature is prepared, etc. In am embodiment, the signing is performed by the media collecting component of the WD, to provide evidence that the content was generated by a physical device and not synthetically generated or manipulated. In other embodiments, the signing is performed by a secondary device.
[0095] The method comprises transmitting 204 the digital signature to the radio base station. The digital signature is transmitted to the radio base station as part of the payload of a radio transmission. The digital signature must be transmitted to the radio base station within a time interval of receiving the pseudorandom number depending on at least the distance between the WD and the radio base station, and a frequency of the broadcasting of pseudorandom numbers. The time interval provides evidence that the digital media was generated close to the time of receiving the pseudorandom number. In particular, the time interval prevents a malicious WD from requesting a pseudorandom number, creating a digital media with a time stamp, and signing the digital media after taking some time to digitally alter the digital media. In some embodiments, the verification service will reject a digital signature received after a time interval after transmitting the pseudorandom number. Rejecting a digital signature may comprise the verification service, on receiving a signature with timestamps indicating it was transmitted outside the time interval from receiving the pseudorandom number, transmitting an indication via the radio base station that the signature is invalid and will not be stored. The WD, on receiving an indication that the signature is invalid, may attempt to generate a new digital media with a new signature.
[0096] Fig. 2b is a flowchart of a method 200b performed by a WD for obtaining evidence on the authenticity of a digital media. The method may be implemented by a software application running on the WD. The method comprises the WD transmitting 205 a verification request to a verification service. The verification request may be transmitted as the payload of a radio message or as the payload of an internet protocol message. The verification request comprises at least a digital media to be verified and an indication of an identity of a purported creator of the digital media.
[0097] The method comprises receiving 206 a verification outcome for the signature. The verification outcome comprises at least an indication of whether the signature is correct and an indication of the timestamps at which the pseudorandom number was transmitted by the radio base station and at which time the digital signature was received.
[0098] The method may further comprise receiving 207 metadata associated to the digital media. The metadata may comprise a time at which the digital media was created according to metadata embedded in the digital media, an approximate location of a device transmitting the digital signature to the radio base station, a set of timestamps associated with the digital signature, indications regarding a trustworthiness of the node for random seed generation
[0099] Based on the data received from the verification service, the WD determines 207 a trustworthiness of the digital media. The trustworthiness of the digital media may be determined based on precise thresholds for each indication, where the thresholds may be determined based on at least a sensitivity of the digital media. Alternatively or in addition, the trustworthiness may be determined heuristically.
[0100] Fig. 3 is a flowchart of a method 300 according to the disclosure. The method is performed by a radio base station. The method comprises the radio base station receiving 301 a random seed. The random seed is received from the communication node for generating random seeds. In some embodiments, the radio base station receives a plurality of random seeds from a plurality of communication nodes. In such embodiments, it is advantageous if the communication nodes generating the random seeds are independent from each other. That is, the communication nodes may belong to different telecommunications operators and / or may be different types of nodes. In some embodiments, at least one seed may be obtained from a communication node associated to the server host implementing the verification service, and the seed may for example be transmitted as OTT data to the radio access node.
[0101] The random seed is used by the radio base station to generate a pseudorandom number. The pseudorandom number is generated deterministically from the random input using any state-of-the-art algorithm for generating pseudorandom numbers. The algorithm is known to both the radio access node and the server host. In some embodiments, the server host informs the radio access node of the specific algorithm to be used to generate the pseudorandom number. The pseudorandom number may be generated using also e.g. an identifier of the radio base station, a time when the pseudorandom number is generated, a location where the radio base station is (in particular in embodiments where the radio base station is e.g. a satellite or implemented in an unmanned aerial vehicle.
[0102] The pseudorandom number is transmitted 302 to the wireless device. In some embodiments, the pseudorandom number is transmitted directly to the wireless device as a part of a payload of a radio message. The pseudorandom number may be transmitted on request, or transmitted at pre-determined time intervals. In some embodiments, the pseudorandom number may be broadcast to all WDs served by the radio base station.
[0103] The radio base station receives 303 a digital signature from the WD. The digital signature is received within a pre-determined time interval from transmitting the pseudorandom number. The pre-determined time interval may be set so that the WD has time to receive the pseudorandom number, generate a digital signature, and transmit the digital signature, but not allowing the WD time to tamper with the digital media or the signature after receiving the pseudorandom number.
[0104] The radio base station transmits 304 the digital signature to the server host. In some embodiments, the digital signature is transmitted along with metadata associated to the WD and known to the radio base station and / or metadata associated to the radio base station and / or metadata associated to the received random seed. In some embodiments, the digital signature and / or metadata are only transmitted if the digital signature is received within the pre-determined time interval.
[0105] Fig. 4 depicts a flowchart of a method 400 according to the disclosure. The method is performed by a server host implementing a verification service. The method comprises the server host receiving 401 a request to verify a digital media. Verifying a digital media comprises providing evidence of the trustworthiness of the digital media. The digital media to be verified was created using some embodiment of the method 200 and the method 400. The request may be received for example as a radio message or an IP message. The request comprises at least an indication of the digital media to be verified and an indication of an identity of a purported creator of the digital media. The indication of the digital media to be verified may comprise a copy of the digital media or an identifier of the digital media sufficient for the verification service to uniquely identify the corresponding signature stored in a repository accessible to the server host. The indication of the identity of the purported creator of the digital media may for example comprise an identifier of a WD used to create the digital media, or the indication may comprise a public key ostensibly used to sign the digital media, or the indication may comprise an identifier of a public key sufficient to enable the verification service to access the public key.
[0106] The method comprises checking 402 a digital signature associated to the digital media. Checking the digital signature comprises obtaining a public key of a publicprivate key pair corresponding to the identity of the purported creator of the digital media. By way of example, the public key may be attached as metadata to the digital media, or the public key may be published and available to the server host. Checking the digital signature comprises obtaining the stored signature corresponding to the digital media to be verified, using the indication of the digital media to be verified in the request. The stored signature comprises the digital media and the pseudorandom number, and the encrypted digital media and pseudorandom number. Checking the digital signature comprises using the retrieved public key to decrypt the stored encrypted part of the signature and comparing it to the unencrypted part of the signature.
[0107] The method comprises checking 403 the corresponding pseudorandom number. Checking the pseudorandom number may comprise for example checking the timestamps associated to the pseudorandom number to verify whether the pseudorandom number was transmitted to the WD creating the digital media within a pre-determined timeframe from receiving the random seed for the node for random seed generation, verifying whether the random seed was generated from the correct random noise, checking whether the pseudorandom number was computed correctly by the radio base station.
[0108] The method comprises transmitting 404 the checked outcomes and any metadata associated to the digital media to the requester. In some embodiments, the verification service provides raw data to the requester for the requester to verify, in some embodiments using a software application. In other embodiments, the verification service performs a subset of the calculations involved in performing the verification. Preferably, in such embodiments, the verification service performs the most resource demanding computations. In other embodiments, the verification service performs all calculations related to providing evidence regarding the trustworthiness of the digital media.
[0109] Fig. 5 is a schematic overview of the four components of a system 500 performing methods according to the disclosure, and an associated WD. The system comprises a node for generating a random seed 501 , a radio base station 502, and a server host 503, the server host implementing a verification service / repository. The node for generating a seed may, in some embodiments, coincide with one of the other nodes. In some embodiments, there are multiple communication nodes for generating a random seed and a pseudorandom number is generated by the radio base station based on random seeds received from a plurality of nodes. In embodiments where the system comprises a plurality of nodes, the system is more robust against malicious entities controlling a seed generator. Preferably, if there are multiple nodes generating seeds, each of the nodes should be controlled by a different owner. The node for generating a random seed comprises a processor 504 and a memory 505. Additionally, the node for generating a random seed comprises a source for random noise 506. The source for random noise may be an integrated sensor for recording, for example, radioactive decay or atmospheric noise. Alternatively, the source for random noise may be an input from an external means for obtaining random noise. The memory may comprise computer readable instructions 507, which, when executed by the processor, cause the node for generating a random seed to generate a random seed based on random noise. The computer readable instructions may further comprise instructions to transmit the random seed to the verification service and the radio base station. The computer readable instructions may additionally comprise instructions to transmit the random noise to the verification service.
[0110] If a significant subset of broadcasting nodes distributed across the world participate in a random number generating procedure that is used to generate seeds for the pseudorandom numbers at each broadcasting node, this prevents individual operators or conglomerates of operators from knowing ahead of time what pseudo random numbers to expect. Thereby preventing operators or powerful actors such as states from signing pre-generated media with a future timestamp.
[0111] The radio base station 502 acts as the access point for a WD seeking to create verifiable digital media. The radio base station may advantageously be a part of the radio access network of a telecommunication network as shown in Fig. 6. The radio base station preforms steps according to methods presented herein both as part of the radio protocol, and as an over-the-top service. Additionally, the radio base station receives random seeds from one or more nodes for generating a random seed and uses the random seeds to compute pseudorandom numbers. The pseudorandom numbers are computed based on an algorithm know to at least the radio base station and the verification service. The radio base station may use additional data to generate the pseudorandom number, such as for example an identifier of the radio base station, a timestamp associated with receiving the random seed or random seeds, a location of the radio base station, or a number otherwise associated to the radio base station. The signature may be received as the payload to a radio message. The received signature may be transmitted to the verification service for storage. Additionally, metadata regarding the WD which is accessible to the radio base station may be appended to the digital signature or transmitted separately to the verification service after the digital signature. The metadata may comprise for example an approximate location of the WD, either at the time the transmission was initiated or location data for some time interval before the transmission of the digital signature was initiated, a timestamp of when the pseudorandom number was broadcast and when the digital signature was received, a distance between the radio base station and the WD, and an identifier of the WD. Additionally, data may be collected which directly or indirectly refers to the position of network nodes involved in the media signing. Such data may consist of coordinates, cell identities, radio measurements, etc. Leverage this metadata to improve trust by diversifying the information sources used to pinpoint the media. Either by including it as signed metadata and / or storing it at a server for later verification
[0112] The server host 503 is a computing device implementing a service for providing evidence of authenticity / trustworthiness of a digital media. The server host stores the digital media and associated signature, information related to the random seeds, and metadata such as timestamps associated to the digital media and the random seeds. Additionally, the server host provides access to the stored data and / or outcomes of tests on the stored data in response to requests to verify digital media. The verification service may be implemented as a software application running on the server host, where the server host may be a virtual server host. The pictured server host can therefore be understood as a logical component of the system rather than a physical component. The logical processing component comprises a processor 511 , where the processing may be distributed over multiple processing units in for example a server farm, or a virtual unit, and a memory component 512, where the memory may be a single, physical computer-readable storage, or a distributed storage such as a cloud storage. The memory may further comprise computer- readable instructions 513 such that the instructions, on execution by the processor, cause the verification service to perform methods according to the disclosure. A distributed storage may be implemented in many ways. For example, a distributed storage may rely on multiple mirroring servers or use a blockchain to further improve the tamper resistance of the distributed storage. The processor and the memory enable the verification service to provide services according to the disclosure.
[0113] The WD 514 connects to the system through the radio base station, and may be connected to transmit and receive radio and / or IP messages. The WD comprises a memory 515, the memory further comprising computer-readable instructions 516 which, on execution by a processor 517 of the WD, cause the WD to perform methods according to the disclosure. Additionally, the WD comprises a media creation unit 518 such as a camera, an audio recording device, a video recording device, or other sensor for recording digital media.
Claims
CLAIMS1 . System (500) for creating verifiable digital media, the system comprising a communication node (501 ) for generating a random seed, a radio base station (502), and a server host (503), wherein: the communication node (501 ) is configured to transmit, to the radio base station and the server host, the random seed; the server host (503) is configured to store the random seed; the radio base station (502) is configured to transmit a pseudorandom number, where the pseudorandom number is based on at least the random seed, to a wireless device, WD, that possesses a digital media created by the WD; the radio base station (502) is configured to receive, from the WD, a digital signature within a time interval from which the pseudorandom number was received by the WD and the digital signature having been generated by the WD using a private key associated to the WD to sign the digital media and the pseudorandom number; and metadata related to the time and / or location of the WD when the digital media was created and an identifier of the digital media; the radio base station (502) is configured to transmit, to the server host, the digital signature and the metadata after the receipt of the digital signature and metadata; and the server host (503) being configured to store the digital signature and the metadata.
2. The system (500) according to claim 1 , wherein the server host is configured to receive a second seed from a second communication node and generate the pseudorandom number based on at least the first seed and the second seed.
3. The system (500) according to claim 1 or 2, wherein the at least one communication node (501 ) is configured to transmit the random data the random seed is based on to the server host; andthe server host storing the random data.
4. The system (500) according to any one of claims 1-3, wherein the radio base station (502) is configured to collect data comprising at least one of: a location of the WD; a time at which the digital signature was received; a distance between the radio base station and the WD; an identifier of the WD to the radio base station; and transmitting the collected data to the server host.
5. A method (200) for creating verifiable digital media, the method performed by a wireless device (514), the method comprising: creating (201 ) a digital media; receiving (202), from a radio base station, a pseudorandom number; creating (203) a digital signature based on at least the digital media and the pseudorandom number; and transmitting (204) the digital signature, within a time interval from receiving the pseudorandom number smaller than a threshold value, to the radio base station.
6. A method (300) for creating verifiable digital media, the method performed by a radio base station, the method comprising: receiving (301 ), from a communication node, a random seed; transmitting (302) a pseudorandom number, where the pseudorandom number is based on at least the random seed and an identifier of the network node, to a wireless device; receiving (303), from the wireless device within a time interval from transmitting the pseudorandom number, a digital signature; and transmitting (304) the digital signature to a server host.
7. The method (300) according to claim 6, comprising the radio base station receiving a second seed from a second communication node and generating the pseudorandom number based on at least the first seed and the second seed.
8. The method (300) according to claim 6 or 7, comprising the radio base station collecting data comprising at least one of: a location of the WD; a time at which the digital signature was received; a distance between the radio base station and the WD; an identifier of the WD to the radio base station; and transmitting the collected data to the server host.
9. A method (400) for providing evidence of trustworthiness of digital media, the method performed by a server host, the method comprising: receiving (401 ) a request to verify a digital media; verifying (402) the digital signature corresponding to the digital media; verifying (403) the pseudorandom number; and responding (404) to the request with the result of the verifications and metadata stored with the digital signature.
10. The method (400) according to claim 10, wherein the request comprises an indication of a digital media to verify and an indication of an identity of a purported creator of the digital media.11 . The method (400) according to claim 9 or 10, wherein verifying (402) the digital signature comprises obtaining a public key corresponding to the indication of the identity of the purported creator of the digital media and using the obtained public key to verify the digital signature.
12. The method (400) according to any one of claims 9-11 , wherein verifying (403) the pseudorandom number comprises checking that the pseudorandom number was correctly generated from the random seed stored in the server host and the known algorithm for generating a pseudorandom number.
13. The method (400) according to any one of claims 9-12, comprising checking, for each set of timestamps associated to the digital media available in the server host, whether any time interval exceeds a predetermined threshold; and transmitting the result of the timestamp checks with the response to the verification request.
14. A wireless device (514) configured to: create (201 ) a digital media; receive (202), from a radio base station, a pseudorandom number; create (203) a digital signature based on at least the digital media and the pseudorandom number; and transmit (204) the digital signature, within a time interval from receiving the pseudorandom number smaller than a threshold value, to the radio base station.
15. A radio base station (502), the radio base station configured to: receive (301 ), from a communication node, a random seed; transmit (302) a pseudorandom number, where the pseudorandom number is based on at least the random seed and an identifier of the network node, to a wireless device; receive (303), from the wireless device within a time interval from transmitting the pseudorandom number, a digital signature; and transmit (304) the digital signature to a server host.
16. The radio base station (502) according to claim 15 configured to receive a second seed from a second communication node and generating the pseudorandom number based on at least the first seed and the second seed.
17. The radio base station (502) according to claim 15 or 16, the radio base station configured to collect data comprising at least one of: a location of the WD; a time at which the digital signature was received;a distance between the radio base station and the WD; an identifier of the WD to the radio base station; and transmit the collected data to the server host.
18. A server host (501 ), the server host configured to: receive (401 ) a request to verify a digital media; verify (402) a digital signature corresponding to the digital media; verify (403) a pseudorandom number corresponding to the digital signature; and respond (404) to the request with the result of the verifications and metadata stored with the digital signature.
19. The server host (501) according to claim 18, wherein the request comprises an indication of a digital media to verify and an indication of an identity of a purported creator of the digital media.
20. The server host (501 ) according to claim 18 or 19, wherein verify (402) the digital signature comprises obtaining a public key corresponding to the indication of the identity of the purported creator of the digital media and using the obtained public key to verify the digital signature.21 . The server host (501 ) according to any one of claims 18-20, wherein verify (403) the pseudorandom number comprises checking that the pseudorandom number was correctly generated from the random seed stored in the server host and the known algorithm for generating a pseudorandom number.
22. The server host (501 ) according to any one of claims 18-21 , configured to check, for each set of timestamps associated to the digital media available in the server host, whether any time interval exceeds a predetermined threshold; and transmit the result of the timestamp checks with the response to the verification request.
23. A computer program (516) comprising computer-readable instructions which, when executed by a processor of a wireless device, cause the wireless device to perform a method according to claim 5.
24. A computer program (509) comprising computer-readable instructions which, when executed by a processor of a radio base station, cause the radio base station to perform a method according to any one of claims 6-8.
25. A computer program (513) comprising computer-readable instructions which, when executed by a processor of a server host, cause the server host to perform a method according to any one of claims 9-13.
26. A computer program product comprising a non-transient computer readable storage medium on which a computer program according to any one of claims 23-25 is stored.