Privacy-preserving evidence in ALPR applications

US 9,779,284 B2
Filed: 12/17/2013
Issued: 10/03/2017
Est. Priority Date: 12/17/2013
Status: Active Grant

First Claim

Patent Images

1. A method for preserving privacy of evidence comprising:

receiving an encrypted first image which has been generated by encrypting a first image with a symmetric cryptographic key that is generated by encrypting, with a one way function, first information extracted from the first image and first metadata associated with the first image and signing the encrypted first information and first metadata with a shared key, wherein the first metadata comprises a first time;

establishing a link between a second image and the first image comprising comparing a first visual signature computed based on the first image with a second visual signature computed based on the second image, each of the first and second visual signatures being a statistical representation of pixels of the respective image;

when the visual signatures are found to match, receiving the first metadata;

extracting second information from the second image;

reconstructing the symmetric cryptographic key that was used to encrypt the first image based on the second information extracted from the second image and the first metadata, by encrypting, with the one way function, the second information and the first metadata and signing the encrypted second information and first metadata with the shared key, the reconstructed symmetric cryptographic key permitting the first encrypted image to be decrypted to regenerate the first image,wherein at least one of the establishing a link between a second image and the first image and the reconstructing of the symmetric cryptographic key is performed with a processor.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method for preserving privacy of evidence are provided. In the method, an encrypted first image is generated by encrypting a first image acquired at a first location with a symmetric cryptographic key that is based on first information such as a license plate number extracted from the first image and first metadata associated with the first image, such as a time at which the first image was acquired. When a link is established between a second image and the first image, for example, through visual signature matching, the symmetric cryptographic key can be reconstructed, without having access to the first image, but based instead on the first metadata and information extracted from the second image. The reconstructed symmetric cryptographic key can then be used for decryption of the encrypted image to establish evidence that the license plate number was indeed extracted from the first image.

54 Citations

17 Claims

1. A method for preserving privacy of evidence comprising:
- receiving an encrypted first image which has been generated by encrypting a first image with a symmetric cryptographic key that is generated by encrypting, with a one way function, first information extracted from the first image and first metadata associated with the first image and signing the encrypted first information and first metadata with a shared key, wherein the first metadata comprises a first time;
  
  establishing a link between a second image and the first image comprising comparing a first visual signature computed based on the first image with a second visual signature computed based on the second image, each of the first and second visual signatures being a statistical representation of pixels of the respective image;
  
  when the visual signatures are found to match, receiving the first metadata;
  
  extracting second information from the second image;
  
  reconstructing the symmetric cryptographic key that was used to encrypt the first image based on the second information extracted from the second image and the first metadata, by encrypting, with the one way function, the second information and the first metadata and signing the encrypted second information and first metadata with the shared key, the reconstructed symmetric cryptographic key permitting the first encrypted image to be decrypted to regenerate the first image,wherein at least one of the establishing a link between a second image and the first image and the reconstructing of the symmetric cryptographic key is performed with a processor.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 16)
- - 2. The method of claim 1, further comprising determining whether a condition is met based on the metadata associated with the first image and metadata assocated with the second image.
  - 3. The method of claim 2, wherein the reconstructing of the symmetric cryptographic key is performed only when the condition is met.
  - 4. The method of claim 1, wherein the information extracted from the first image comprises a first identifier and the information extracted from the second image comprises a second identifier, the reconstructing of the symmetric cryptographic key establishing that the first identifier matches the second identifier.
  - 5. The method of claim 1, wherein the reconstruction of the symmetric cryptographic key comprises hashing the first metadata and the second information.
  - 6. The method of claim 5, further comprising encrypting the hashed first metadata and second information with a shared key.
  - 7. The method of claim 1, further comprising generating the shared key at a first location and at a second location and wherein the symmetric cryptographic key is generated at the first location with the shared private key and the reconstruction of the symmetric cryptographic key is performed at the second location with the shared key.
  - 8. The method of claim 7, wherein the shared key is generated by exchanging a public key of each of first and second key pairs and combining each of the public keys with a private key of the other of the key pairs.
  - 9. The method of claim 1, wherein the first image and symmetric cryptographic key are generated at a first location and the reconstruction is performed at a second location, and wherein the first image and the symmetric cryptographic key generated at the first location are not made available to the second location.
  - 10. The method of claim 1, further comprising outputting an evidence package which includes at least one of:
    - the first image;
      
      the second image;
      
      the first information;
      
      the second information;
      
      the first metadata;
      
      second metadata associated with the second image, the second metadata comprising a second time, later than the first time; and
      
      a signature produced by hashing at least two of;
      
      the first image,the first information,the first metadata, anda first location identifier identifying a location at which the first image was captured.
  - 11. The method of claim 1, further comprising publishing an encryption signature establishing the existence of the first image, extracted first information, and first metadata.
  - 12. The method of claim 1, wherein the second image is associated with second metadata which comprises a second time, later than the first time.
  - 16. The method of claim 1, wherein the first image is an image captured of a vehicle at a first time and wherein the second image is an image captured of a vehicle at a second time.

13. A system comprising:
- memory which receives;
  
  an encrypted first image which has been generated by encryptinga first image with a symmetric cryptographic key that is generated by encrypting, with a one way function, first identifier information extracted from the first image and first metadata associated with the first image and signing the encrypted first information and first metadata with a shared key,the first metadata, anda first visual signature which has been extracted from the first image, the first visual signature being a statistical representation of pixels of the first image;
  
  a signature matching component which compares the first visual signature with a second visual signature extracted from a second image to establish a link between the second image and the first image, the second visual signature being a statistical representation of pixels of the second image;
  
  an identifier recognition component which extracts second identifier information from the second image;
  
  a cryptographic key reconstruction component for reconstructing the symmetric cryptographic key that was used to encrypt the first image based on the second identifier information extracted from the second image and the first metadata, by encrypting, with the one way function, the second information and the first metadata and signing the encrypted second information and first metadata with the shared key, the reconstructed symmetric cryptographic key permitting the first encrypted image to be decrypted to regenerate the first image; and
  
  at least one processor which implements the signature matching component,identifier recognition component, and cryptographic key reconstruction component.
- View Dependent Claims (14, 15)
- - 14. The system of claim 13, further comprising a condition computation component which determines whether a condition is met based on the metadata associated with the first image and metadata associated with the second image.
  - 15. The system of claim 13, further comprising a first computer system, at a first location, which generates the symmetric cryptographic key and encrypted first image, and a second computer system at a second location, which includes the cryptographic key reconstruction component.

17. A computer program product comprising a non-transitory memory storing instructions, which when implemented by a computer processor, perform a method for preserving privacy of evidence comprising:
- receiving an encrypted first image which has been generated by encrypting a first image with a symmetric cryptographic key that is generated by encrypting, with a one way function, first information extracted from the first image and first metadata associated with the first image and signing the encrypted first information and first metadata with a shared key, wherein the first metadata comprises a first time;
  
  establishing a link between a second image and the first image comprising comparing a first visual signature computed based on the first image with a second visual signature computed based on the second image, each of the first and second visual signatures being a statistical representation of pixels of the respective image;
  
  when the visual signatures are found to match, receiving the first metadata;
  
  extracting second information from the second image; and
  
  reconstructing the symmetric cryptographic key that was used to encrypt the first image based on the second information extracted from the second image and the first metadata, by encrypting, with the one way function, the second information and the first metadata and signing the encrypted second information and first metadata with the shared key, the reconstructed symmetric cryptographic key permitting the first encrypted image to be decrypted to regenerate the first image.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Conduent Business Services, LLC (Conduent, Inc.)
Original Assignee
Conduent Business Services, LLC (Conduent, Inc.)
Inventors
Meunier, Jean-Luc, Estehghari, Saghar, Poirier, Herve
Primary Examiner(s)
Wang, Harris C

Application Number

US14/108,477
Publication Number

US 20150172056A1
Time in Patent Office

1,386 Days
Field of Search

380 28
US Class Current
CPC Class Codes

G06V 20/80   Recognising image objects c...

G06V 20/95   Pattern authentication; Mar...

G06V 40/33   based only on signature ima...

G08G 1/0175   by photographing vehicles, ...

G08G 1/04   using optical or ultrasonic...

G08G 1/054   photographing overspeeding ...

H04L 9/0866   involving user or device id...

H04L 9/0872   using geo-location informat...

H04L 9/3247   involving digital signatures

Privacy-preserving evidence in ALPR applications

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

54 Citations

17 Claims

Specification

Solutions

Use Cases

Quick Links

Privacy-preserving evidence in ALPR applications

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

54 Citations

17 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links