[Blabber] Encrypted SD card

Guan Yang guan at hackmanhattan.com
Wed Dec 14 14:20:54 UTC 2016


Wired has an article about how filmmakers want Nikon and Canon to sell encrypted cameras:

https://www.wired.com/2016/12/200-filmmakers-ask-nikon-canon-sell-encrypted-cameras/

It mentions a project that implements this by modifying camera firmware, which is rightly judged to be unreliable. It seems to me that it might be possible to do the same thing with a special SD card, like how people used to add Wi-Fi with eyefi SD cards.

If you pry open an SD card, inside is a circuit board with a NAND flash and a controller chip. Sometimes it is a specialized flash controller, but often it is a regular Cortex-M3 or MIPS core, possibly with some accelerated peripherals for flash and SD communication.

See eg https://www.bunniestudios.com/blog/?p=3554

So it might not be that hard to create a custom SD card (or custom firmware for an existing card) that transparently encrypts files being written using a file-specific key, then encrypts that key using a public-key algorithm. The secret key would not be stored in the SD card or camera, so the photos can only read later using the secret key, in a secure environment.

Possible challenges:

* Cameras also like to read back files that are written. Maybe one would allow read-back while the camera and SD card are powered on, then shed the file-specific symmetric key at power-off or x minutes. After a power cycle, when a file is read back, it would be a special image that just says “this photo has been encrypted”. Or cat pictures.

* If it’s for the application described in the article, the photojournalist users might shoot large RAW or video files and expect the latest fastest SD card standards like UHS-I, which might be more difficult to implement or find suitable microcontrollers for.



More information about the Blabber mailing list