This is tilting at windmills. If someone has physical possession of a piece of hardware, you should assume that it’s been compromised down to the silicon, no matter what clever tricks they’ve tried to stymie hackers with. Also, the analog hole will always exist. Just generate a deepfake and then take a picture of it.
You have it backwards. This is not too stop fake photos, despite the awful headline. It’s to attempt to provide a chain of custody and attestation. “I trust tom only takes real photos, and I can see this thing came from Tom”
And if the credentials get published to a suitable public timestamped database you can also say “we know this photo existed in this form at this specific time.” One of the examples mentioned in the article is the situation where that hospital got blown up in Gaza and Israel posted video of Hamas launching rockets to try to prove that Hamas did it, and the lack of a reliable timestamp on the video made it somewhat useless. If the video had been taken with something that published certificates within minutes of making it that would have settled the question.
That doesn’t really work. If the private key is leaked, you’re left in a quandary of “Well who knew the private key at this timestamp?” and it becomes a guessing game.
Especially in the scenario you posit. Nation-state actors with deep pockets in the middle of a war will find ways to bend hardware to their will. Blindly trusting a record just because it’s timestamped is foolish.
If all that you’re interested in is the timestamp then you don’t even really need to have a signature at all - just the hash of the image is sufficient to prove when it was taken. The signature is only important if you care about trying to establish who took the picture, which in the case of this hospital explosion is not as important.
That proves it existed at a specific time in the past, not that it didn’t exist before that. What’s stopping a hash of the Mona Lisa on a block chain with today’s date?
It also doesn’t materialize ponies out of nothing. It can’t do everything, but surely you can see that there are a lot of situations where being able to say with confidence that “this picture existed in exactly this form at exactly this date” is a super useful thing?
They would, but each camera’s private key can be extracted from the hardware if you’re motivated enough.
If Alice’s fancy new camera has the private key extracted by Eve without Alice’s knowledge, Eve can send Bob pictures that Bob would then believe are from Alice. If Bob finds out that Alice’s key was compromised, then he has to guess as to whether any photo he got from Alice was actually from Eve. Having a public timestamp for the picture doesn’t help Bob know anything, since Eve might’ve gone and created the timestamp herself without Alice’s knowledge.
Still, unique keys for each camera would lessen the risk of someone leaking a single code that undermines the whole system, as happened with DVDs.
And if an interested party wanted to steal a camera’s private key to fake an image’s provenance they’d need to get physical access to that very camera. Perhaps a state-sponsored group could contrive this (or intervene during manufacturing), but it is a challenge and an even bigger challenge for everyone else.
Physical access means all bets are off, but it’s not required for these attacks. If it’s got a way to communicate with the outside world, it can get hacked remotely. For example here’s an attack that silently took over iphones without the user doing anything. That was used for real to spy on many people, and Apple is pretty good at security. Most devices you own such as cameras with wifi will likely be far worse security-wise.
Unless the evil maid is also capable of time travel there’s no way for them to mess with the timestamps of things once they’ve been published. She could take some pictures with the camera but not tamper with ones that have already been taken.
The evil maid could take a copy of a legitimate image, modify it, publish it, and say that the original image was faked. If there’s a public timestamp of the original image, just say “Oh, hackers published it before I could, but this one is definitely the original”. The map is not the territory, and the blockchain is not what actually happened.
Digital signatures and public signatures via blockchain solve nothing here.
The evil maid could take a copy of a legitimate image, modify it, publish it, and say that the original image was faked.
No she could not, the original image’s timestamp has already been published. The evil maid has no access to the published data.
“Oh, hackers published it before I could, but this one is definitely the original”
And then the evil maid is promptly laughed out of the building by everyone who actually understands how this works. Your evil maid is depending on “trust me, bro” whereas the whole point of this technology is to remove the need for that trust.
original image’s timestamp has already been published
“Oh the incorrect information was published, here’s the correct info”. Again, the map is not the territory.
the whole point of this technology is to remove the need for that trust.
And it utterly fails to achieve that here. You encounter two people that have both published an image they claim is the original one, both with valid signatures. One timestamp is before the other, but the person with the later timestamp claims that the other person hacked their private keys and published a fake before they could publish the real one. The timestamps mean nothing, because it’s entirely possible the claim is true and there’s no laughing anyone out of the building. Who you gonna trust?
You’re trying to apply blockchain inappropriately. The one thing that publishing like this does is prove that someone knew something at that time. You can’t prove that only that person knew something. You can prove that someone had a private key at time X, but you cannot prove that nobody else had it. You can prove that someone had an image with a valid digital signature at time X, but you cannot prove that it is the unaltered original.
“Oh the incorrect information was published, here’s the correct info”. Again, the map is not the territory.
And again, your “attack” relies on the evil maid saying “just trust me bro” and people taking her word on that. The “incorrect information” is provably published before the supposed “correct information” was.
The whole point of building this stuff into the camera is so that the timestamp can be published immediately. Snap the photo and within seconds the timestamp is out there. If the photographer doesn’t have that enabled then he’s not actually using the system as designed, so he shouldn’t be surprised if it doesn’t work right. If he uses it as designed then it will work.
The one thing that publishing like this does is prove that someone knew something at that time. You can’t prove that only that person knew something.
The “incorrect information” is provably published before the supposed “correct information” was.
Rephrased, some information was published before some other information. Sure, that’s provable, but what of it? How do you know which is correct and which isn’t? You’re back to trust.
This is tilting at windmills. If someone has physical possession of a piece of hardware, you should assume that it’s been compromised down to the silicon, no matter what clever tricks they’ve tried to stymie hackers with. Also, the analog hole will always exist. Just generate a deepfake and then take a picture of it.
You have it backwards. This is not too stop fake photos, despite the awful headline. It’s to attempt to provide a chain of custody and attestation. “I trust tom only takes real photos, and I can see this thing came from Tom”
And if the credentials get published to a suitable public timestamped database you can also say “we know this photo existed in this form at this specific time.” One of the examples mentioned in the article is the situation where that hospital got blown up in Gaza and Israel posted video of Hamas launching rockets to try to prove that Hamas did it, and the lack of a reliable timestamp on the video made it somewhat useless. If the video had been taken with something that published certificates within minutes of making it that would have settled the question.
That doesn’t really work. If the private key is leaked, you’re left in a quandary of “Well who knew the private key at this timestamp?” and it becomes a guessing game.
Especially in the scenario you posit. Nation-state actors with deep pockets in the middle of a war will find ways to bend hardware to their will. Blindly trusting a record just because it’s timestamped is foolish.
You’re right, it isn’t perfect so we shouldn’t bother trying. 🙄
In this case yes, because if it’s not perfect, then it’s perfectly useless
Couldn’t I just change the camera date?
We’re talking about a signature that’s published in a public database. The camera’s timestamp doesn’t matter, just the database’s.
If all that you’re interested in is the timestamp then you don’t even really need to have a signature at all - just the hash of the image is sufficient to prove when it was taken. The signature is only important if you care about trying to establish who took the picture, which in the case of this hospital explosion is not as important.
How is a hash of the image supposed to prove anything about when it was created?
You post it publicly somewhere that has a timestamp. A blockchain would be best because it can’t be tampered with.
That proves it existed at a specific time in the past, not that it didn’t exist before that. What’s stopping a hash of the Mona Lisa on a block chain with today’s date?
It also doesn’t materialize ponies out of nothing. It can’t do everything, but surely you can see that there are a lot of situations where being able to say with confidence that “this picture existed in exactly this form at exactly this date” is a super useful thing?
Ah, I thought you were saying the hash proved something on its own. Lots of weird ideas about crypto in this thread.
Maybe each camera has a different public/private key?
They would, but each camera’s private key can be extracted from the hardware if you’re motivated enough.
If Alice’s fancy new camera has the private key extracted by Eve without Alice’s knowledge, Eve can send Bob pictures that Bob would then believe are from Alice. If Bob finds out that Alice’s key was compromised, then he has to guess as to whether any photo he got from Alice was actually from Eve. Having a public timestamp for the picture doesn’t help Bob know anything, since Eve might’ve gone and created the timestamp herself without Alice’s knowledge.
Still, unique keys for each camera would lessen the risk of someone leaking a single code that undermines the whole system, as happened with DVDs.
And if an interested party wanted to steal a camera’s private key to fake an image’s provenance they’d need to get physical access to that very camera. Perhaps a state-sponsored group could contrive this (or intervene during manufacturing), but it is a challenge and an even bigger challenge for everyone else.
Physical access means all bets are off, but it’s not required for these attacks. If it’s got a way to communicate with the outside world, it can get hacked remotely. For example here’s an attack that silently took over iphones without the user doing anything. That was used for real to spy on many people, and Apple is pretty good at security. Most devices you own such as cameras with wifi will likely be far worse security-wise.
And Tom’s camera gets hacked by an evil maid and then where are you? Exactly. This is snake oil.
Unless the evil maid is also capable of time travel there’s no way for them to mess with the timestamps of things once they’ve been published. She could take some pictures with the camera but not tamper with ones that have already been taken.
The evil maid could take a copy of a legitimate image, modify it, publish it, and say that the original image was faked. If there’s a public timestamp of the original image, just say “Oh, hackers published it before I could, but this one is definitely the original”. The map is not the territory, and the blockchain is not what actually happened.
Digital signatures and public signatures via blockchain solve nothing here.
No she could not, the original image’s timestamp has already been published. The evil maid has no access to the published data.
And then the evil maid is promptly laughed out of the building by everyone who actually understands how this works. Your evil maid is depending on “trust me, bro” whereas the whole point of this technology is to remove the need for that trust.
“Oh the incorrect information was published, here’s the correct info”. Again, the map is not the territory.
And it utterly fails to achieve that here. You encounter two people that have both published an image they claim is the original one, both with valid signatures. One timestamp is before the other, but the person with the later timestamp claims that the other person hacked their private keys and published a fake before they could publish the real one. The timestamps mean nothing, because it’s entirely possible the claim is true and there’s no laughing anyone out of the building. Who you gonna trust?
You’re trying to apply blockchain inappropriately. The one thing that publishing like this does is prove that someone knew something at that time. You can’t prove that only that person knew something. You can prove that someone had a private key at time X, but you cannot prove that nobody else had it. You can prove that someone had an image with a valid digital signature at time X, but you cannot prove that it is the unaltered original.
And again, your “attack” relies on the evil maid saying “just trust me bro” and people taking her word on that. The “incorrect information” is provably published before the supposed “correct information” was.
The whole point of building this stuff into the camera is so that the timestamp can be published immediately. Snap the photo and within seconds the timestamp is out there. If the photographer doesn’t have that enabled then he’s not actually using the system as designed, so he shouldn’t be surprised if it doesn’t work right. If he uses it as designed then it will work.
So? That’s not the goal here.
Rephrased, some information was published before some other information. Sure, that’s provable, but what of it? How do you know which is correct and which isn’t? You’re back to trust.