1. Technical Field
The present invention relates to a system for embedding a digest of an image, and particularly to a digital camera in which the authentication information of a photographed image is added to the image.
2. Prior Art
Recently, the digital camera has been rapidly coming into wide use. The digital camera is used to photograph a scene or the like and store it in a memory card or the like as digital data. The reason for the rapid wide use of the digital camera naturally resides in the reduction of the main unit's price and its excellent portability, but it is more important that the taken photograph can be held as a digital image. Digital data can easily be processed by a computer or the like with respect to its contents, and can easily be distributed through a network or the like. Accordingly, it is expected that the need for the digital camera which can simply provide such digital image will increasingly grow in the future.
On the other hand, since digital data is susceptible to alteration such as combination without any sign, the reliability of a photographed digital image as evidence may raise a problem. Such problem may not be often provided in the photograph taking as a hobby by general users, but it can become significant in the photograph taking for business purpose. For instance, there are cases in which a digital camera is used to provide a record of a construction work, and in which a photographed digital image is sent or received between the owner and the contractor through a network. In these cases, the identity of the contents of the photographed digital image must be detected before the digital image can exhibit the function as photographic evidence. Thus, there are large demands on a digital camera which can add authentication information on the identity of the photographed digital image.
FIG. 1 is a block diagram of the image processing system of the conventional digital camera. A photographed object is converted to an electric analog signal by a CCD 12 through an optical system 11. This signal is processed by a signal processing unit 13, and outputted as image data D which is a digital signal. The generated image data D is inputted to a digest calculating unit 14. The digest calculating unit 14 calculates a hash value H of the data of the whole image. The hash value is a value (digest) uniquely determined by a calculation based on the image data and showing the characteristics of the image. The hash value H as a digest depends on the image contents. An encrypting unit 15 encrypts the hash value H using a secret key SK, and outputs an encrypted hash value H'. This encrypted hash value H' is authentication information, which is attached as a file separate from the image data D.
To determine whether image data is the same as the original image data, in other words, whether the image data has been altered, the following kinds of information are required.
(1) Image data PA1 (2) Authentication information (attached to the image data as a separate file) PA1 (3) Public key PK corresponding to the secret key (separately acquired from a person in authority)
To detect alterations, a hash value H.sub.1 of the image data to be subjected to alteration detection is calculated. Then, a hash value H.sub.2 is identified from the authentication information in the attached file. Since the authentication information is obtained by encrypting the hash value H of the original image D by the secret key SK (hash value H'), the hash value H.sub.2 cannot be identified by the authentication information itself. Thus, the public key PK is acquired from a person in authority who is keeping the public key PK corresponding to the secret key SK, and the authentication information is decoded based on this. Then, the obtained hash value H.sub.2 is compared with the calculated hash value H.sub.1. If the image as the object to be subjected to the alteration detection is the same as the original image D, the values of both must be the same. It is because the hash value as a digest must have a different value if the image contents are different. Accordingly, if the hash values are the same, it is determined that the identity is detected; otherwise it is determined that there has been an alteration.
As described above, in the identification detection in the background art, authentication information is attached separately from image data, and the alteration detection is performed on the assumption that the authentication information is attached when the verification is carried out. Accordingly, in the absence of the authentication information, the verification cannot be made any more. Thus the verifier must pay close attention to the storage and management of the authentication information.