WITNESS is a theoretical system that logs number plates in an encrypted database that can later give you a WITNESS statement if it saw a target car or bike at a given time. I could make it for real but I am mostly exploring the idea for fiction.
I had an idea looking for a story: WITNESS.
WITNESS records when and where it has seen a number plate on a car. The result is a huge database that can be queried to answer the question, “did anyone see this car in that area at this given time?” By “anyone” we mean, a WITNESS (number plate recording) box.
Due to the way it is set up, you must specify a day and an area. For each search, the customer is charged thus discouraging fishing expeditions.
If the answer is yes, you get a WITNESS statement – a certificate that affirms the car in question was in the area.
I imagine that private investigators might use it as they close in on their person. Cops might use it to place a car near the scene of a crime, and the accused might use it to place their car far from said crime.
I’ve worked out exactly how this would work. I’ll get to the technical part at the moment. WITNESS sounds like it could be dystopian or a lifesaver for the wrongly accused. I would very much like to hear your opinion on it. If this were real would you feel it was dystopia or a good idea for law and justice?
For the TL;DR: crowd – it is very hard to tamper with the database and harder (and more expensive) to go fishing for information as the search has to be done once for every hour in every box for every day. That’s 24 searches for just one box and one car.
The technical stuff
There are two main technical actors in this model. The central database and the witness boxes.
The WITNESS box
The box itself would be a sealed unit connected to a power supply with a camera sensor capable of identifying number plates.
Inside the WITNESS box, is a simple computer with a restricted storage capacity. This is so it cannot buffer too many number plate images. The exact capacity is relative to how busy the road is that the box watches.
The box also maintains a record of its location. It uses GPS, nearby WiFi hotspots, and nearby cellular towers to confirm that it is where it is supposed to be. A further check is carried out by examining the network route to the central database (traceroute). Some of these techniques are used by Pokemon Go to detect cheating.
The WITNESS process
Once WITNESS snaps a number plate (triggered by a detection) it caches the relevant part of the image to storage. A secondary process steadily works through the images converting them into text.
If WITNESS cannot read the image with confidence it adds the image to a compressed file along with other data needed to add this image back to the central database. This is then encrypted with the central office encryption public key. This way only the central office can decrypt the image. There humans will identify the number plate. After that, the central office server converts the text into a database record in a single packet signed with the identification team’s secret key (more on that in a bit).
At random intervals, WITNESS will send identified images to the central office so its work can be verified. The people who do the work do not know if this is a verify or identify.
If a WITNESS box runs low on space in its image buffer, it can send a signed and encrypted compressed file to a nearby WITNESS box or central office for processing.
Now that WITNESS has a text numberplate, it deletes the image. The text is combined with the WITNESS box’s Unique ID and that day’s secret salt and turned into a one-way hash. Say, SHA3-512. The number plate is now a string of characters that cannot be reversed and can only be created again with all three pieces of information. This is added to the local store along with the date and time the number plate was taken.
Every hour, the records in the local store are put into a data packet which is signed by the WITNESS box’s private key. This is then sent to the central database which can use the WITNESS box’s public key to verify the data packet was not tampered with. This is done using an encrypted connection like the one your bank might use for your Internet banking app.
Key pair cryptography is a real thing. Here’s the overview. And here is the technical/mathematical stuff.
The Central Database
The central database stores the WITNESS data packets by location group and day.
Each incoming packet is verified using the WITNESS box’s public key. If the packet fails the test, the database sends a repeated request to the WITNESS box and notes a possible attack. This attack potential is then monitored by the security team. If enough fails are detected, the packets are placed in the isolation database along with all future packets until the WITNESS box integrity is secured.
The search
To search the database and create a WITNESS statement, the location, day, and number plate must all be entered. For each day, for each number plate, for each WITNESS box, the one-way hash must be created. Then all 24 hourly records must be searched for the hash. This must be repeated for every WITNESS box in the area.
As a result, confirming a car in a location is relatively inexpensive in terms of computing resources but searching broadly becomes quickly prohibitive. That deliberate time-complexity cost is how WITNESS defends against unreasonable surveillance and fishing attempts. Asking, “Was my car near Wilson Road on Thursday” generates a quick yes or no. Asking “Which cars were in Wilson Road on Thursday” means checking every possible number plate. In other words, confirming location is easy but search is nearly impossible.
This is why WITNESS charges per search. The authorities can get all the court orders they want, a broad search is technologically impossible.
BOLO mode
If a Be On the Look Out (BOLO) is issued for a given car (number plate), WITNESS boxes in the area can be given a limited number of numberplates to look out for. The box can check for the given number plates before one-way encryption. They add a flag for the BOLO target to that hour’s packet which can then be verified with a single search of that packet. Once verified, the location can be sent to the police. The report would be an hour or two after the sighting.
Another way to do BOLO would be to have the database perform a search for the number plate each hour after the update. Expensive for the police (each one is a paid search) but I am sure some sort of discount can be worked out.
What could WITNESS stand for?
Let’s take a few shots at this:
- Wide Interconnected Test of Number (plate) Existence Secondary to Sighting
- Wired Internet Tagging of Number (plates) Every Second Street
- Will Itomise Tracking Numbers Entered Securely and Systematically
What do you think?
I am confident that with a significant loan, a grant and/or the right legislation I could make WITNESS right now. None of this is technology that does not exist. There’s nothing stopping its creation. You could save time and money by adding traffic cameras and other car surveillance that already exist. I have my doubts about its viability as a business but as a private/public partnership deal, this is almost too easy to make.
What do you think of WITNESS? Would you like a government to implement it or is it capitalist dystopia?
@lordmatt The main problem being that it only records the car, not the driver, so the evidence is circumstantial at best. It basically falls apart at the first hurdle as evidence of a person's location. The owner of the car may not necessarily been driving it.
Yeah, that is a bit of a weakness. WITNESS can only trestify to the car or bike. That said, for reasonable doubt it could be helpful (which could make it less apealing to governments).