The White House wants to 'cryptographically verify' videos of Joe Biden so viewers don't mistake them for AI deepfakes - eviltoast

The White House wants to ‘cryptographically verify’ videos of Joe Biden so viewers don’t mistake them for AI deepfakes::Biden’s AI advisor Ben Buchanan said a method of clearly verifying White House releases is “in the works.”

  • cynar@lemmy.world
    link
    fedilink
    English
    arrow-up
    18
    arrow-down
    2
    ·
    11 months ago

    It needs to be more general. A video should have multiple signatures. Each signature relies on the signer’s reputation, which works both ways. It won’t help those who don’t care about their reputation, but will for those that do.

    A photographer who passes off a fake photo as real will have their reputation hit, if they are caught out. The paper that published it will also take a hit. It’s therefore in the paper’s interest to figure out how trustworthy the supplier is.

    I believe canon recently announced a camera that cryptographically signs photographs, at the point of creation. At that point, the photographer can prove the camera, the editor can prove the photographer, the paper can prove the editor, and the reader can prove the newspaper. If done right, the final viewer can also prove the whole chain, semi-independently. It won’t be perfect (far from it) but might be the best will get. Each party wants to protect their reputation, and so has a vested interest in catching fraud.

    For this to work, we need a reliable way to sign images multiple times, as well as (optionally) encode an edit history into it. We also need a quick way to match cryptographic keys to a public key.

    An option to upload a time stamped key to a trusted 3rd party would also be of significant benefit. Ironically, Blockchain might actually be a good use for this. In case a trusted 3rd can’t be established.

    • JasSmith@sh.itjust.works
      link
      fedilink
      English
      arrow-up
      6
      ·
      11 months ago

      Great points and I agree. I also think the signature needs to be built into the stream in a continuous fashion so that snippets can still be authenticated.

      • cynar@lemmy.world
        link
        fedilink
        English
        arrow-up
        3
        ·
        11 months ago

        Agreed. Embed a per-frame signature it into every key frame when encoding. Also include the video file time-stamp. This will mean any clip longer than around 1 second will include at least 1 signed frame.

        • Natanael@slrpnk.net
          link
          fedilink
          English
          arrow-up
          1
          ·
          11 months ago

          Merkle tree hashes exists for this purpose

          Note that videos uses “keyframes” so you can’t extract arbitrary frames in isolation, you need to pull multiple if the frame you’re snapshotting isn’t a keyframe itself

    • General_Effort@lemmy.world
      link
      fedilink
      English
      arrow-up
      5
      ·
      11 months ago

      I don’t think that’s practical or particularly desirable.

      Today, when you buy something, EG a phone, the brand guarantees the quality of the product, and the seller guarantees the logistics chain (that it’s unused, not stolen, not faked, not damaged in transport, …). The typical buyer does not care about the parts used, the assembly factory, etc.

      When a news source publishes media, they vouch for it. That’s what they are paid for (as it were). If the final viewer is expected to check the chain, they are asked to do the job of skilled professionals for free. Do-your-own-research rarely works out, even for well-educated people. Besides, in important cases, the whole chain will not be public to protect sources.

      • cynar@lemmy.world
        link
        fedilink
        English
        arrow-up
        5
        ·
        11 months ago

        It wouldn’t be intended for day to day use. It’s intended as a audit trail/chain of custody. Think of it more akin to a git history. As a user, you generally don’t care, however it can be excellent for retrospective analysis, when someone/something does screw up.

        You would obviously be able to strip it out, but having it as a default would be helpful with openness.

    • LarmyOfLone@lemm.ee
      link
      fedilink
      English
      arrow-up
      3
      ·
      11 months ago

      I’ve thought about this too but I’m not sure this would work. First you could hack the firmware of a cryptographically signed camera. I already read something about a camera like this that was hacked and the private key leaked. You could have an individual key for each camera and then revoke it maybe.

      But you could also photograph a monitor or something like that, like a specifically altered camera lens.

      Ultimately you’d probably need something like quantum entangled photon encoding to prove that the photons captured by the sensor were real photons and not fake photons. Like capturing a light field or capturing a spectrum of photons. Not sure if that is even remotely possible but it sounds cool haha.

    • Natanael@slrpnk.net
      link
      fedilink
      English
      arrow-up
      1
      ·
      11 months ago

      Look up transparency logs for that last part, it’s already used for TLS certificates