The danger of current video surveillance

We currently have surveillance cameras installed everywhere in cities, in buildings, in vehicles... and they are very useful when there are assaults or other crimes, both to find the guilty and to exonerate the innocent; unfortunately, the security of these cameras is often very poor..

For example, on a website like, you can view a large number of real-time surveillance cameras in free access; video streams whose most crunchy passages will quickly end up on social networks.

This is due to multiple factors: empty or simplistic initial passwords on the cameras, security flaws in the management interfaces, unprotected video streams transmitted via Internet...

In early 2022, even the Ukrainian police patrol cars had their "dashboard cameras" open to the public, with the dramatic consequences that this could have had.


Solution : the Videotestimony

System code name: Witness Angel NVR (for Network Video Recorder)

To address this major problem of confidentiality, at least as far as the common areas of buildings or private roads are concerned, we have developed the concept of "videotaping".

What is the major innovation of this system? It is that it records in "write-only" mode, which means that it immediately encrypts the video with several digital locks, whose keys are distributed among several people called "key keepers". They can be, for example, co-owners members of the union council, the guard of the building, and members of the Syndic; and it is advised to have at least 4 different ones.

As a result, the only way to decipher a recording is for a sufficient number of these key keepers to provide their chords, and their keys.

Thus we have the means to obtain evidence in case of burglary, assault, vandalism, or others; but also the guarantee that the recordings will not be exploited without the knowledge of the co-owners - either by a hacker or by an indelicate technician.



Build and configure your VideoTestimony

A video recorder is composed of both a hardware kit (camera and recorder box), and "NVR" software.

We have created a series of tutorials, in the video above but also as blog posts, to guide you in setting up the system.

You can get the Witness Angel NVR software from the page of releases on Github.

You will find on this Github page the pre-installed disk image for Raspberry Pi microcomputers.

You can also download there, in the "Assets" tab, versions for computers. Note that these are preview versions, so they may still have significant incompatibilities. The Macosx version is currently being prepared.

To create your group of Key Guardians, you will have to use, in addition, the Witness Angel Authenticator application.


Guided visit of the NVR software

1 - Recording controller

This is the homepage of the network video recorder, which allows you to start and stop recording.

This application is an "interface" which communicates with another application - launched in the background - the "service"; this last application will manage the recording itself, and continue to run even when the NVR interface is closed.

In the main section we see the status of the important parameters of our system: camera address, summary of selected key guards, recording and archiving options...

If one of these parameters is invalid ("KO"), then the recording cannot be started until the problem is solved.

At the bottom of the screen there is a preview thumbnail: a low quality image extracted from the last recorded video clip.

Finally, in the top bar, the icons allow you to respectively :

  • restart the system status check
  • reset the registration service (in case of a bug)
  • change the interface language
  • access the program settings

2 - Program settings

In this settings page, you will have to set the address of the network camera (or more precisely, of its RTSP video stream), and choose how many key guardians will have to give their authorization before a decryption is possible.

Beware of legal aspects, for example the maximum retention period of the recordings is often constrained by the law!

3 - Management of Key Guardians

In order to encrypt the records, we need the public keys of several "authenticators", which are the digital identities of the Key Guardians.

This page allows you to import these authenticators into the NVR and then select which ones to use for future recordings.

The authenticators can be imported automatically from the connected USB keys; in this case, you can choose to import also the private keys (protected by a passphrase), which will be used only in case of decryption procedure.

One can also import a public authenticator from the WitnessAngel web gateway, by entering its unique identifier. In this case, only the public keys will be imported, and the decryption procedure will need an exchange of authorizations by Internet.

Note that it is possible to complete, afterwards, an import of public keys with the private keys of the same Key Guard.

4 - Management of encrypted containers

Once a video clip has been recorded and encrypted, it is stored in a secure container; and all containers are summarized here.

You can then later select one or more containers to start a decryption procedure.

5 - Decryption procedure

The decryption operation is by far the most complex of all, as it requires gathering the targeted containers, all the Key Guardians referenced by these containers, and more precisely the public keys of each Key Guardian that were actually used for encryption.The private keys corresponding to these public keys will be used for decryption.

If some of these private keys have been imported locally, their owner can give access to them by entering his secret phrase in the interface. Otherwise, you have to use the remote authorization system, which will allow each Key Guard, via its "Authenticator" application, to give access to the desired keys.

The goal is to get a sufficient number of authorizations so that the decryption will succeed.

If a decryption has already been attempted (on any of the containers), its report can be accessed once again from here.

6 - Submission of authorization request

This page allows to send "authorization requests" to selected Key Guardians, so that they selectively allow access to some containers.

This process must of course be completed by external communication with Key Guardians, for them to understand, and agree with, the need for a decryption operation.

7 - Listing of authorizations requests

This page summarizes, for each container, the authorization requests submitted to each Key Guardian, and their status.

Once a request has been accepted or rejected, its status can't change anymore; but it's still possible to issue new requests for the same containers and Key Guardians.

8 - Decryption report

This page summarizes, for each container, potential errors or warnings emitted during this (complex) operation.

It can happen that some Key Guardians, or some keys, cannot be found; or that secret phrases have been lost. But this does not necessarily prevent decryption, because thanks to the "shared secret" system of the containers, it is enough that a sufficient number of private keys (the "threshold" was was defined in the application settings during the recording) are accessible for the container to be revealed.

If the operation is successful, the decrypted video clips are exported to the mentioned folder. If errors or warnings have appeared, they are also exported, in text format, to this folder.