Rev,
You have just hit on some of the biggest fears of people within the justice system, be it criminal or civil, which is the ability of anyone to manufacture evidence that cannot be discerned from real evidence. It's a real concern among judges and lawyers that in many situations, the advance of digital technology is putting the entire world of evidence in jeopardy. No one uses film anymore, and digital photos are so easily manipulated that the value of photo evidence is starting to come into question. Same for digital video. You mention fingerprints. Digital images of fingerprints are all the rage, and just as much a concern. And don't get me started on all of the digital record keeping.
I know that teh trend around here is to fear the .gov using technology in this way, but it goes way beyond that. Alter digital x-rays in a malpractice suit to get money from a doctor. insurance company creates a set of digital photos or a digital video to use to deny your claim. A candidate for office uses alterred digital photos or records to destroy the image of an opponent. Piss off a neighbor, and suddenly he's got photos of you growing weed in your backyard, which he turns over to the PD, resulting in a search warrant that finds the weed he planted there.
It is truly endless, and frightening. How does a court ensure that the evidence being offered is authentic, given the level of technology we have no, much less that which is just around the corner?
You're not going to like this answer. Really can't, when it comes to anything digital. Oh, there's plenty you can do to make it better. Maybe even within "reasonable doubt", too. With escrowed hashes and strong crypto trusts (it's a PKI thing, like chain of custody but with crypto). I wouldn't lay down money on it.
All of the examples you mentioned are entirely possible, and have been done already. I could certainly generate all of those. With a bit of a hand, I could automate the process so YOU could do all of that as well by point and click.
Respectfully, you legal guys don't know the tech. And the tech people don't know the law. You'd need to overhaul a lot of legal procedures, and there's exactly nothing solid to replace them. So, legal folks will try to pretend the situation doesn't exist, and apply outdated laws/procedures to digital situations. This was my job for quite some time, actually. Applying outdated Cold War laws to the modern society and technology. And it'll work at least 80% of the time. Course, that remaining 20% or less could be innocent folks going to jail on crimes they didn't commit.
Ironically, the best methods for authentication come along with the best methods for encryption. If a camera generates an appropriately constructed hash digest of the image, then encrypts that digest and imbeds it steganographically into the LSB of the image, there would be no way to remove it (if done appropriately), and it would provide a cryptographically secure way of ensuring the image is unaltered, as any modification would render the original hash unrecoverable.
Ah, implementation hack. Sure the hash is cryptographically secure. But where are ya storing it? Unless it's an off-site and well secured escrow, you can mess with it by overwriting. Remember, encrypted data should look almost indistinguishable from random data. So even if you don't want to generate a new hash (which would be trivial), overwrite random sectors of the picture and your secure hash is now just random junk that proves nothing.
Quantum encryption is absolutely unbreakable. In a theoretical world. For the real world, I can give ya pictures of
working kit that can intercept it without any evidence of interception. Mathematical perfection rarely gets implemented so cleanly in the world, as we both well know.
