tamper proofing audio

[Arne Wörner]

--- Jacob Meuser <jakemsr at jakemsr.com> wrote:
> On Wed, Jun 22, 2005 at 02:12:20PM +0930, Tim Aslat wrote:
> > Hi All,
> > 
> > can anyone tell me if it's possible to tamper-proof an
> > audio recording in such a way that it can still be
> > played on a normal audio CD player?
> > 
> Simply verifying the files with checksums (multiple
> algorithms to lessen the possibility of "collision
> attacks") is insufficient?
>
I say, how could we hinder an attacker to simply recompute the
checksum after modifying the audio recording?

gnupg (ports/security) would provide a signature, that is coupled
with a passphrase.

Since I do not like passphrases, because they can be found out
quite easily (the trick with just asking for the passphrase
sometimes still works, too), I would say that you need a
physically safe computer somewhere (with tall muscled guards and
pump-guns) - on this computer you could store the signatures or
-even better- the whole audio recording (I just remember that you
do not have a network connection...)...

Another idea would be, that you produce the check-sum/signature
for the recording and then the computer asks the lawyer/person to
read the checksum to the computer - then the computer adds that
check-sum recording to the to-be-signed recording, so that the
attacker would have at least the problem of simulating the voice
of the lawyer/person, which might be quite impossible...

-Arne
P. S.: It remembers me a little bit on the silly lawyer in the TV
series "The Simpsons", who used to change the video/audio last
will of his clients by simply using his own voice... *giggle*


		
__________________________________ 
Yahoo! Mail Mobile 
Take Yahoo! Mail with you! Check email on your mobile phone. 
http://mobile.yahoo.com/learn/mail