Encryption system solutions house, CypheRix, has introduced an innovative family of evidential recorders that can be used to record high-level meetings, legal proceedings, disciplinary hearings and interviews of any kind.
Evidence Recorders are small, low-power, audio recording devices which secure the information recorded in a way that irrefutably guarantees it has not been altered. It uses a cryptographic digital certification scheme.
Current versions of the Evidence Recorder Series are for recording audio, and later versions may accept digital still photographs, fingerprints and video. The certification process makes use of recognised cryptographic algorithms recommended by the National Institute of Standards and Technology (NIST).
Overview of the evidential recorders
The data stream is certified in small segments, which allows the user to limit the amount of information stored to the essential elements if required. The certification is in two steps:
1. The data is broken into three-minute segments, each separately certified. Each segment is hashed (using SHA-1 algorithm) - creating an electronic 'fingerprint' of the data. This detects any alteration to the data.
2. The hash of the data is then certified with a 1024-bit RSA secret key. When the recording sequence is complete the RSA secret exponent is deleted, thereby making it impossible for even the system operator to alter the certificates.
RSA is a public key cryptographic system that uses two keys: a secret key to sign information and its corresponding public key to check the signature. It is not feasible to compute the secret key from the public one. The data segment and its certificate and the RSA public key are stored together for later retrieval. This RSA public key is later used to validate the certificates of each short three-minute data segment. The RSA public key is sent to the owner of the system by means of a RSA Certificate Hierarchy which guarantees that the system operator can prove that this RSA public key is the correct corresponding public key to the (now deleted) secret key used to certify the recording.
Such a validation process proves conclusively that the recording was not altered in any way. This is ideal in a law court or anywhere that needs a high degree of certitude.
Production model
The recorder has an internal microphone but can also work with an external microphone. The recorded audio is digitised, compressed and certified. The certified audio information can be copied to a personal computer via the USB 1.1 port. Two AA cells provide at least 16 hours operation.
The audio information and the certificates are stored on an industry standard multimedia card (MMC) or secure digital (SD) card which is removable. The info is stored in DOS format and can be read using a standard MMC/SD reader if desired. The compression algorithm was chosen for quality of recording rather than aggressive memory saving. The algorithm is based on ADPCM and has a recording dynamic range around 60 dB. The frequency range is 20 Hz to 4 kHz. An hour of voice recording requires 16 Mbytes of storage space.
A smartcard chip (without the card) is used for the cryptographic functionality, this for both rapid operation and to guarantee the security of the secret exponent. The MMC/SD used to store the compressed audio and RSA certificates is the readily available type used by digital cameras and similar equipment. A 128 MB MMC holds over eight hours of recording. The size of SD cards is even greater than MMCs with 1 GB versions now available, which allows recordings of more than three days.
The compressed digital audio data is encrypted to prevent unauthorised access. To stop a hostile party purchasing a recorder and gaining access to all recorded conversations there is an extra encryption scheme to ensure that only the intended party can recover the data. This is presently limited to use within the same company or organisation. The encryption algorithm is the AES (Rijndael) using a 128-bit key, in Cipher-Block-Chaining mode.
By deliberate design, and in contrast to other versions of the device there is no capability to play the encrypted audio recording on the device itself. This is to protect a user caught with the device. A separate small interface circuit can be purchased to connect the recorder directly to a telephone line through a small socket. An 'off-hook' signal is used to trigger recordings. The pushbuttons used to start and stop the recording sequences are housed internally in the casing, preventing the user from accidentally disabling the device when concealed. Additionally this device can be supplied in PCB only form.
Future versions
CypheRix is considering several future versions. Each will have the same basic audio certification functionality as the covert version but all desktop versions will allow the playback of the recorded audio. An LCD will allow the user to easily control the selection of which audio track to play.
A Windows 2000-based application has been developed to allow a system operator to configure, control and use Audio Evidence Gatherers.
For more information contact Simon Rix, CypheRix, 011 615 2035, [email protected]
© Technews Publishing (Pty) Ltd | All Rights Reserved
printer friendly version