I just saw a program on Discovery Channel about the Big Quake in San Fransicso 1906.

In the program they claimed that it is possible to identify retouched areas of photos using adjustments of HUE.

Obviously this technique was used on scanned photos.

Does anybody know more about this and if it is also possible to identify retouched areas in photos originating from a digicam?

Well generally speaking, unless the person was a real big professional, or the image was very very large, then shrunk down after editing, the main way you can tell is to look for smooth-areas of the images. For example someone cutting and pastnig one part of a picture on another will show clear lines when you start increasing the contrast to bring out the noise and such. Its kind of hard describe but would need some kind of a visual cue. With things like healing brush in photoshop ( which basically tries to clone one area but blends it in with it's new surrounding ), things are a little harder to see right off. I can bet that most stock images are retouched in areas.

Depends on the how good a job was done and what the final output product was.
if the final output was a high compression jpeg, it is much harder then say a TIF image would be. That is why most fake pictures use high-compression settings for saving to jpeg.

The other most likely noticeable features tend to be shadows and scale.

If it was just minor retouching like healing a blimish, or dust spot, then it becomes very difficult if not impossible to detect retouching even when not done by an expert. the more retouching the easier to detect. For film and prints, retouching used inks so the properties of the ink was different from the chemicals used in the paper and it can be easily detected by that property.

This whole issue is why Canon offered the verification kit for their cameras.

I just saw a program on Discovery Channel about the Big Quake in San Fransicso 1908.

That sounds interesting. The Big One in San Francisco was in 1906.

---Bob Gross---

That sounds interesting. The Big One in San Francisco was in 1906.

---Bob Gross---

That's probably why they had to touch up the photos.

That sounds interesting. The Big One in San Francisco was in 1906.

---Bob Gross---

Ooops my mistake, a typo :oops:

Longwatcher, I doubt that digital cameas existed in 1906 ;)

So it was the paper photos that was retouched to hide the amount of destruction.

Then they (present day) used computers to identify the retouched areas.

;) You did ask if digicams retouching can be detected,
And I did mention how easy it would be to detect a film print retouch. I thought I had covered everything.

Also, I don't think they had scanners back then either.

Whenever or the image was taken it can be re-touched by scanning it today. Of course.

I have to agree with LW - shadows/lighting and scale. Tight inspection of an "original" tampered image may show things like edges such as kb244 mentioned, but lighting is one of the more difficult things to fix/edit/tamper.

But there's no doubt that it can be done and done so well that there's no evidence in the image. A digital signature of sorts can be used but I don't yet believe that this is infallible. Things like a one-way hash of the data like an MD5SUM are only a very very very strong indication and is not infallible. (But I have no idea how the verification is done by Canon.)

The verification on the canon on models like the 1D and 1Ds. Uses two memory cards, the SD and the CF. Here is an except from dpreview last year when Canon introduced this prior to PMA 2004.


How it works

The kit consists of a dedicated SM (secure mobile) card reader/writer and verification software. When the appropriate function (Personal Function 31) on the EOS-1D Mark II or EOS-1Ds is activated, a code based on the image contents is generated and appended to the image. When the image is viewed, the data verification software determines the code for the image and compares it with the attached code. If the image contents have been manipulated in any way, the codes will not match and the image cannot be verified as the original.


From http://www.dpreview.com/news/0401/04012903canondvke2.asp

That's probably why they had to touch up the photos.

It must have taken them two years to get the prints back from the lab.

---Bob Gross---

Here is an except from dpreview last year when Canon introduced this prior to PMA 2004.

The details of the "code based on the image contents" is the important part. This could be anything from a simple CRC to a complicated one-way hash which may or may not be encrypted to boot. (Though I highly doubt it's as simple as a CRC and the encryption is fairly moot if the decryption key is built into the verification software.)

But how complicated is the one-way hash, which is what I suspect they're using? MD5 can contain only 32 bits so there's only 32^2 possible combinations. Given that the file format is well-known AND within a given size it probably wouldn't take long for a super-computer to manipulate a tampered image in order to generate the same MD5.

True , course only reason I can see for file encryption built into the camera would be for insurrance, law enforcement (CSI, etc), maybe even medical. Not sure how it plays in a consumer's hands.

;) You did ask if digicams retouching can be detected,
And I did mention how easy it would be to detect a film print retouch. I thought I had covered everything.

You talk about properties of the different kind of inks would tell. Maybe but they did not say in the program that they analysed the paper on which the photo was printed? They analysed a digital scan of the paper photo.

Also, I don't think they had scanners back then either.
I didn't say that.

Maybe my question was not understood. So let me rephrase. If a paper photo has been retouched, then scanned how can You tell what parts of the photo have been retouched?

The details of the "code based on the image contents" is the important part. This could be anything from a simple CRC to a complicated one-way hash which may or may not be encrypted to boot. (Though I highly doubt it's as simple as a CRC and the encryption is fairly moot if the decryption key is built into the verification software.)

But how complicated is the one-way hash, which is what I suspect they're using? MD5 can contain only 32 bits so there's only 32^2 possible combinations. Given that the file format is well-known AND within a given size it probably wouldn't take long for a super-computer to manipulate a tampered image in order to generate the same MD5.

If I were going to tamper with an image, why would I want to manipulate the image so that the MDS (whatever that stands for) matches the original. Wouldn't I want to just generate a new MDS based on the newly manipulated image? :confused:

An MD5 is a one-way hash - kind of an encrypted CRC, but not really - which is a near-unique identifier of the data inside the file.

I had a batch file, generated an MD5 for it, and then edited it changing an "a" to a 'b" - a process which changed a single BIT inside the file.

E:\music\Classical>md5sum 1.bat
84a3592aa3b87185baea378475bb1670 *1.bat
E:\music\Classical>edit 1.bat
E:\music\Classical>md5sum 1.bat
aebd6749cebcc8e0b97661ee14e5f5b2 *1.bat

The MD5s are completely different, and now I know that the file has been tampered with, or somehow altered in some way.

Obviously one needs to now the original and new MD5s in order to compare them. If the MD5 were only stored with the image then it would be a fairly bogus system, so Canon also writes the signature (after some more processing) to another device, an IC card.

http://www.canon.com/technology/detail/software/orignal/

This also points out that they use MAC, something which basically does the same thing as MD5 but in a different way. It is another way to obtain a near-unique identifier.


This is fairly foolproof. In fact tampering with this system is beyond the capabilities of anyone who doesn't own a few supercomputers and a decent amount of time.

Then again, they said the same thing about a lot of encryption stuff. In 1997 someone cracked RSA 40-bit key in 3.5 hours: http://www.ecst.csuchico.edu/~atman/Crypto/misc/rsa40-crack.html

A year later RSA 56-bit DES was cracked through distributed computing - people "loaned" out their PCs to distribute a brute-force attack, a process which took months: http://www.interhack.net/pubs/des-key-crack/

Sooner or later computers will become fast enough to render MD5 or MAC ineffective...

A
Obviously one needs to now the original and new MD5s in order to compare them. If the MD5 were only stored with the image then it would be a fairly bogus system, so Canon also writes the signature (after some more processing) to another device, an IC card.

http://www.canon.com/technology/detail/software/orignal/


But isn't that exactly what Canon does (from what I can gather)?. The image and the verification code are generated in-camera and sent to the "outside" world together. Once that image and code leaves the camera, it's open to all kinds of manipulation. Supposedly, if the new verification code generated from the image doesn't match the original verification code, then the image is bogus. But what if the bogus image had a bogus verification code embedded in it? The verification process will now show that the image is "authentic". Obviously, that's easier said than done because, in order to create a new bogus verification code, you'll need to know the algorithm for generating that code.

As for the IC card, i didn't get the impression that a copy of the original verification code was stored there. I thought that the IC card was used for specifying the "secret" key that the verification program needs to generated the verification code that's to be compared against the original verification code.

But isn't that exactly what Canon does (from what I can gather)?. The image and the verification code are generated in-camera and sent to the "outside" world together.

Re-reading, I have to agree. Which doesn't make much sense as the image and key are stored together.


Again, though, it would take a mighty powerful computer to generate a new image and intentionally have the MAC signature match. It's not impossible, just implausible.


Hmm, checking a dictionary for MAC:
Message Authentication Code (MAC)
A keyed hashing algorithm that uses a symmetric session key to help ensure that a block of data has retained its integrity from the time it was sent until the time it was received. When using this type of algorithm, the receiving application must also possess the session key to recompute the hash value so it can verify that the base data has not changed.
So MAC uses a key... So it's a one-way hash-type using a secret "keyword" in addition to the file information. As long as the key is kept secret it's very close to impossible to crack this.

A file can be manipulated in order to create an identical hash, but not if that hash were then encoded with a secret keyword.