Replying here as a forum post, because the text is a bit too long to be posted as a comment to the original DPReview news item .
=======
From an IT security point of view, the image authentication "solutions" Nikon and Canon tried to proffer a decade or so ago were quite inane, because the digital signing key was shipped in an external software package — e.g. a camera firmware update — whose contents could be extracted and examined by hackers to locate said cryptogtaphic secrets.
Sony is a huge company that used e.g. to sell Unix workstations, has its own research laboratories — including e.g. the Sony Computer Science Laboratory, — manufactures a variety of professional broadcast and studio equipment, including systems that create the encrypted digital media files recorded on optical media like DVDs, Blu-Ray discs etc.
Sony also manufactures smartphones running the Android operating system.
Smartphones make extensive use of cryptography: NFC chips commonly used in Android smartphones and iPhones typically contain a "secure element" (SE), a specialized processor that is completely separate from the smartphone's main CPU.
The SE receives requests from the smartphone's main CPU e.g. to sign / encrypt / decrypt data, using cryptographic secrets (signing keys and encryption keys) that are held in the SE's on-chip tamper-proof non-volatile memory, thus completely segregated from the smartphone's main memory, and inaccessible to programs — including malware — running on the (fundamentally untrustworthy) main CPU.
Furthermore, the ARM processor architecture is in widespread use e.g. on smartphones, and can be augmented with ARM's TrustZone technology, creating a "secure enclave", a processor within the processor that is securely compartmentalized, and has its own non-volatile memory to store cryptographic secrets and dedicated circuits / hardware accelerators to execute cryptographic operations like signing and encryption.
A smartphone thus doesn't necessarily need e.g. a NFC chip with an embedded SE to provide hardware-based security / compartmentalization for its cryptographic secrets: an ARM processor with a TrustZone / secure enclave-type addition might suffice.
Anyway, it's likely, given the businesses in which Sony operates and the technologies it develops, that Sony has quite a few people among its staff who know a thing or two about cryptography solutions, including hardware-based ones.
Hundreds of millions of inexpensive chips are already in use in credit cards issued by the likes of VISA/MC/AMEX that have, in addition to the primitive magnetic strip, electrical contacts. These "chip" cards all contain well-protected cryptographic secrets, that allows the cryptographic computation circuits on the card to authenticate / sign a payment transaction if requested by the point-of-sale terminal in which the credit card is inserted.
Hundreds of millions of inexpensive chips are already in use in contactless payment cards and contactless public transit — e.g. subway, buses, trains — fare cards. Every contactless payment operation is authenticated / signed by the card's built-in, well-protected secure cryptographic processor and cryptographic secrets (signing and encryption keys)
Hundreds of millions of inexpensive chips are already in use in mobile phone SIM cards. Whenever a mobile phone tries to connect to a mobile network, the mobile network sends a cryptographic challenge to be solved by the SIM card, using the SIM card's built-in, well-protected secure cryptographic processor and cryptographic secrets (signing and encryption keys). The mobile phone network thus can ascertain that the SIM card is a valid one that it — or its roaming partners — has issued.
So, digital signing / cryptographic authentication using inexpensive, secure, hardware-embedded cryptographic processors and secrets is already in widespread use all over the world.
iFixit's teardown of a (now rather ancient) Sony A7R2 camera
https://www.ifixit.com/Teardown/Sony+a7R+II+Teardown/45597
shows that it has a small, detached ARM processor, manufactured by Fujitsu, presumably to run some supervisory tasks like detecting and reacting to button presses, command dial rotations, managing battery charging etc.
https://guide-images.cdn.ifixit.com/igi/D4IbOZ4A1YGXbgKA.full
It's not unthinkable that the latest Sony A7 mark IV, released not that long ago, might also have a small, stand-alone ARM chip somewhere on its printed circuit board.
It's also not unthinkable that small, inexpensive ARM processors are now available with e.g. ARM's TrustZone technology and thus provide a secure implementation of cryptographic algorithms and secrets.
Sony might thus have configured the manufacturing chain of the new Sony A7IV so that it records, in a Sony-internal database, each A7IV's serial number and the individual cryptographic secret (e.g. symmetric encryption key) that was installed in the factory in said camera.
This database is conceptually similar to the one a mobile phone SIM card manufacturer creates: each SIM card has a unique ID and contains a unique symmetric encryption key. The mobile phone network can thus send a cryptographic challenge (a piece of data to be encrypted) to the SIM card, and only a genuine SIM card can compute the proper encrypted result expected by the network for that particular SIM card ID.
If Sony's image data authentication solution is symmetric key-based, then, one would need to send to Sony the A7IV's serial number, the hash of the image data, as well as its encrypted value. A server managed by Sony would then be able to answer whether the encrypted hash has the value that would be expected for the A7IV of the given serial number.
If Sony's image data authentication solution is public key-based, using.e.g X.509v3 certificates, then, one doesn't need to communicate with a Sony server each time one needs to verify the authenticity of the image data.
The picture file would presumably contain each A7IV's unique digital certificate, signed by Sony's Camera Certification Authority, vouching for the association between a particular A7IV's serial number and a particular public key.
One could then use a hypothetical, Sony-supplied image authentication software to verify a picture file's authenticity. Said software would check that the A7IV's individual certificate, associating the camera's serial number to a public key is a valid one, by using Sony's CA certificate. The software can then reliably verify the mathematical consistency of the image data's digital signature with the public key contained in that particular A7IV's X.509v3 certificate.
We don't know yet if Sony's authentication solution is based on private, symmetric keys (like mobile phone SIM cards) or on a public key infrastructure e.g. with a X.509v3 certificate chain.
At any rate, there are already hundreds of millions of inexpensive smart cards — e.g. EMV credit cards — that have the ability to perform the computations required e.g. for RSA encryption, so it's not unthinkable that a microscopic area of silicon e.g. on an ARM processor present in a modern camera like the Sony A7IV might have been dedicated to cryptographic functions, be they based on symmetric key or public key principles.
It's also possible, given that the Sony A7IV has NFC capabilities, that it includes a NFC chip which, like the hundreds of miilions of NFC chips produced for smartphones, has an embedded SE. Said SE would provide a secure environment in which to store cryptographic secrets and perform cryptographic operations like encryption and signing.
