SSS-PRNU: Privacy-Preserving PRNU Based Camera Attribution using Shamir Secret Sharing

Photo Response Non-Uniformity(PRNU) noise has proven to be very effective tool in camera based forensics. It helps to match a photo to the device that clicked it. In today's scenario, where millions and millions of images are uploaded every hour, it is very easy to compute this unique PRNU pattern from a couple of shared images on social profiles. This endangers the privacy of the camera owner and becomes a cause of major concern for the privacy-aware society. We propose SSS-PRNU scheme that facilitates the forensic investigators to carry out their crime investigation without breaching the privacy of the people. Thus, maintaining a balance between the two. To preserve privacy, extraction of camera fingerprint and PRNU noise for a suspicious image is computed in a trusted execution environment such as ARM TrustZone. After extraction, the sensitive information of camera fingerprint and PRNU noise is distributed into multiple obfuscated shares using Shamir secret sharing(SSS) scheme. These shares are information-theoretically secure and leak no information of underlying content. The encrypted information is distributed to multiple third-part servers where correlation is computed on a share basis between the camera fingerprint and the PRNU noise. These partial correlation values are combined together to obtain the final correlation value that becomes the basis for a match decision. Transforming the computation of the correlation value in the encrypted domain and making it well suited for a distributed environment is the main contribution of the paper. Experiment results validate the feasibility of the proposed scheme that provides a secure framework for PRNU based source camera attribution. The security analysis and evaluation of computational and storage overheads are performed to analysis the practical feasibility of the scheme.