Using a KEM[1] to create a sealed_box[2] type construct would allow for privacy even in a situation where the camera hardware is physically seized. You could also use ML-KEM (aka Kyber), McEliece-KEM and ECDH or RSA-KEM together to provide post quantum resistance.
The traditional symmetric approach (which also has post quantum resistance) in such systems requires the camera hardware to possess the long-lived symmetric key which can be extracted after seizure. Using a ratcheting mechanism (hashing the key every t time) can help - but have no self healing and be vulnerable to recovery from persistent storage (past keys may not be securely erased).
The traditional symmetric approach (which also has post quantum resistance) in such systems requires the camera hardware to possess the long-lived symmetric key which can be extracted after seizure. Using a ratcheting mechanism (hashing the key every t time) can help - but have no self healing and be vulnerable to recovery from persistent storage (past keys may not be securely erased).
[1] <https://en.wikipedia.org/wiki/Key_encapsulation_mechanism>
[2] <https://libsodium.gitbook.io/doc/public-key_cryptography/sea...>