1. Field of the Invention
The present invention relates to a technique for setting private information in an apparatus.
2. Description of the Related Art
The use of digital cameras has rapidly become widespread in recent years. Images taken with a digital camera can be stored as electronic image data. This not only eliminates the hassle of developing and printing associated with conventional silver halide photography, but also allows for easy storage and retrieval of images without degradation over time, and for data to be sent to remote locations using communication lines. For this reason, digital cameras are used in many business fields.
Take the accident insurance industry, for example, in which images of damaged vehicles are taken and assessments are made based on these images, or the building industry in which images are taken of buildings to check the progress and specifications of work at construction sites. At the Ministry of Land, Infrastructure and Transport, the use of images taken with a digital camera in the recording of civil work sites is already allowed.
However, the disadvantages of digitization have also been pointed out. The use of commercially available application programs such as photo retouching tools enables images to be easily processed and altered on a personal computer. In other words, the ease with which processing and alteration can be performed means that with accident photographs and reports in which images are used as evidence, the reliability of images taken with a digital camera is reduced in comparison to silver halide photographic images.
Although modifying images is not impossible even with silver halide photography, modification is not really viable given that either the costs of performing modification greatly outweigh the benefits obtained by modification, or the results of modifying images are unnatural, thereby providing grounds for adopting silver halide images as evidence. Consequently, the accident insurance and building industries are concerned that this will become a major issue in the future, and a way of overcoming this shortcoming is being sought.
At present, a system that employs encryption technology has been proposed for detecting falsification of image data using digital signature data (U.S. Pat. No. 5,499,294A).
This system is configured with an image generating apparatus (camera) for generating image data, and an image verification apparatus for verifying the integrity of the image data (i.e., that the data has not been modified). The camera executes a prescribed calculation based on private information unique to the camera and digitized image data that has been shot, and generates digital signature data, which is the information identifying the image data (for detecting falsification). The camera then outputs digital signature data and image data. The image verification apparatus verifies the image data by comparing data obtained by performing a prescribed calculation on the image data and data obtained by performing the inverse of the calculation to generate the digital signature data. In the above patent, hash functions (compression functions) and public key encryption are used in generating digital signature data.
A MAC (Message Authentication Code) is also sometimes used instead of digital signature data. MACs are generated using common key encryption, hash functions or the like, and have a faster processing speed than public key encryption. However, since the same common key is used for generating and verifying a MAC, the common key needs to be stringently managed in both the camera and the image verification apparatus.
Image data taken with a camera is usually stored on a small memory card (nonvolatile memory) connected to the camera, these memory cards being configured mainly by flash EEPROM. Measures have been taken to increase memory density using the latest miniaturization technology, with approximately 4 square-centimeter, 2-3 mm high memory cards being produced that have several hundred megabyte storage capacity. Further, memory cards and IC cards now becoming commercially viable have a calculating unit configured with a CPU, a RAM, and a ROM in addition to the flash EEPROM, and implement a security function. By using these calculation functions, data for detecting falsification of image data and the like can be generated in memory cards and IC cards external to the camera.
Consideration is given here to a configuration related to a camera or similar image generating apparatus that detects falsification of data such as image data using digital signature data, a MAC or other verification data, as disclosed in U.S. Pat. No. 5,499,294A. As mentioned above, key data is used in this configuration when generating verification data, although security in terms of preventing falsification cannot be maintained if this key data is leaked. Private information such as key data that calls for private management thus needs to be set in an apparatus such as an image generating apparatus, while ensuring security.
The following are conceivable methods of setting private information while ensuring security.
(1) Encrypt private information, and decrypt the encrypted private information in the apparatus. Note that encrypted private information is decrypted using a decryption key.
(2) Input public information to the apparatus, and generate private information in the apparatus using preset key information.
However, with these methods, private information is compromised if key information in the apparatus is leaked as a result of unauthorized analysis or the like.