The certification process makes use of recognised cryptographic algorithms. All the algorithms used in this device are recommended by the National Institute of Standards and Technology (NIST) of the United States of America for use in cryptographic equipment.
The data stream is certified in small segments. This allows the user of the system to limit the amount of information stored to the essential elements if required.
The certification process takes place in two steps:
1. The data stream is broken up into three-minute segments before being certified. Each segment is hashed - a process that creates an electronic ‘fingerprint’ of the data. This allows the detection of any alteration to the data. The SHA-1 algorithm is used for this purpose.
2. The hash of the data is then certified with a 1024 bit RSA secret key. When the recording sequence is complete the RSA secret exponent is deleted. This makes it impossible for anyone (even the system operator) to alter the certificates.
RSA
is a Public Key cryptographic algorithm. Public key cryptography has the unique
property that one key (the secret key) is used to sign information while a
second (different) key is used to check the signature. Each secret key has a
unique corresponding public key. It is infeasible for someone who knows the
public key to compute the secret key, provided a large enough key size is used.
The data segment and its certificate and the RSA public key are stored together
for later retrieval. This RSA public key is used thereafter to validate the
certificates of each short three-minute data segment. The RSA public key is sent
to the owner of the system by means of a RSA Certificate Hierarchy. This
mechanism guarantees that the system operator can prove that this RSA public key
is the correct corresponding public key to the now deleted secret key that was
used to certify the recording.
This validation process proves conclusively that the recording has not been altered in any way. This validation makes the certified information ideal in situations where a high degree of certitude is required, such as in a court of law or other statutory process.
There are additional novel yet simple features in the device that make it very easy to show in a non-technical court of law that the audio certificates or more senior certificates cannot be faked. Issues such as protecting any Evidence (Recordings) already gather from any form of compromise (technical or legal) should the device be lost during an investigation even if the device is analysed by an unfriendly technical laboratory have been addressed.
In order protect previous recordings the System Operator has the ability to update certain RSA keys in the Recorder. This needs to be done is a controlled manner so that the System Operator can prove when keys were updated. In order to do this the database is protects by a USB security token.
More information on the cryptographic architecture is available on the signing of a suitable mutual NDA agreement. It must be stressed that the security of the system resides entirely in the keys. The system uses standard cryptography and does not rely on a secret algorithm or ‘trick’ for it’s integrity. The reason for the NDA is to limit exposure of information to competitors.