VeriData - A Technology Overview

In simple terms, Signum Technologies' innovative VeriData data validation technology is designed to guarantee the integrity of digital data from the point of acquisition right through to final end use.

VeriData ensures that if a data file which has been validated by the VeriData process is subsequently modified in any way, that modification will be detectable and highlighted by the VeriData detector software.

VeriData is designed for use where visual or audio records are captured as digital data and which may be required to stand up to judicial or ethical scrutiny. Applications for VeriData embrace scenes-of-crime recording, law-enforcement, accident investigation, surveillance, security monitoring, smart-card systems, document management, medical imaging, scientific research and critical component testing.

The sophisticated VeriData algorithm has been specifically designed for incorporation into software programs, typically used in secure imaging workstations, or alternatively, embedded into hardware devices, such as digital cameras.

In either application, digital image, video or sound records are safeguarded by being encoded with a unique and highly secure signature which prevents the VeriData validation from being undone by an unauthorised party.

For users who need the highest level of data authentication, an enhanced version of VeriData, called VeriData Plus, will also allow users to embed encoded provenance information such as date, time, location, serial number, etc. into their digital records.

Validation

A data file that is to be protected has to undergo an initial process of validation. This validation involves an elaborately calculated but indiscernible set of alterations to the elements of data. The basis of the method is the simple checksum process. However, it is implemented in a manner that makes it virtually impossible to unravel unless the unique validation signature is available.

The digital data is divided up into convenient subsections, a series of small rectangles being the simplest subdivision for images with an equivalent one-dimensional dissection being appropriate for audio data. A person wishing to validate the data has a unique alphanumeric signature. This signature is used to divide each of the subdividing rectangles into sets of elements, every element belonging to at least one set. The large number of ways in which this is possible provides one element of the security process. There are, for instance, billions of ways of choosing 10 elements from 100, so the probability of correctly selecting the correct sets by chance is negligible.

Each of the subsets of the dividing subsections is allocated a checksum which is also derived from the user's signature. Each of the subsets is then amended slightly so that a checksum condition is satisfied. The method of selecting the elements and the checksum is such that although every element is implicated in a checksum process only a small number, typically ten per cent, are modified, and that modification is by the smallest measurable amount in the digital data.

Detection

The detection process is the reverse of the validation process. The detection process examines the data, selects the appropriate sets of elements and finds the relevant checksums. If any of these fail, the region in which the failure occurred will become apparent to the detector. This process can only be carried out if the detector is aware of the signature used in the validation process.

Because the method is intended as an absolute guarantor of integrity none of the usual data modifications are allowable such as compression which would result in failure of the checksum process.

In the event that two parties to a validation process lack mutual trust, each of the two can provide a signature to the processor which will then calculate a combined key. It will then be impossible to carry out the detection process without the consent of both parties in supplying their signatures.

Applications Using Compressed Data

As VeriData is designed to highlight the smallest of changes made to validated raster image data, it follows that subjecting the image data to a lossy compression scheme such as JPEG will result in the whole image being identified as having undergone modification. For this reason, maximum value from VeriData is obtained when used with a raw data format e.g. TIFF.

In practice, this means that an uncompressed and unprocessed master copy of the raw validated images should always be archived if subsequently the image is to be converted to JPEG format to facilitate transmission or use across a network. In this way the validated master will always be available allowing a comparison to be made to determine the authenticity and/or provenance of an image so provided.

A special variant of VeriData is planned for use with compression schemes such as JPEG, MPEG, Wavelets and Fractals.

OEM/Developer Support

Signum Technologies are able to provide VeriData technology as a range of specialist software tools to digital camera manufacturers, application developers and image processing system vendors - details of these VeriData software development kits (SDKs) are available upon request.

For evaluation and trial use, a VeriData technology demonstrator is now available. Designed to be used in conjunction with Adobe Photoshop, it is available in both Macintosh and PC versions - please contact us for further details.

For further information please see our user applications and products pages.