Of course it would, the same way encrypting data works.
Encrypt some data in the video itself (ideally every frame changing), unique and can be created only by the holder the private key. Anyone can verify it. Flag reused codes. That's it?
Of course it would, the same way encrypting data works.
Encrypt some data in the video itself (ideally every frame changing), unique and can be created only by the holder the private key. Anyone can verify it. Flag reused codes. That's it?
The codes from the OP are just flashes of light in the environment. The attacker could read the codes and overlay them onto another video, without needing to decrypt them. That's just a standard replay attack.
If you flag a reused code in 2 different videos, how do you tell which video is real?
Well, the code wouldn't be representative of the new frame, right?
For example, you encrypt the hash of the frame itself (+ metadata: frame number, timestamp, etc.) with a pkey. My client decrypts the hash, computes the hash and compares it.
The problem might present itself when compressing the video but the tagging step can be done after compression. That would also prevent resharing.
The light source could be connected to a clock and the flashes represent the encryption of the time using a private key, verifiable using a public key.
It's a lot of complexity, so probably only worthwhile for high value targets like government press conference rooms, etc.
That still doesn't help, because the flashes are independent of the content of the video. To illustrate:
You could easily copy those flashes of light into your next comment if you wanted, without reversing the hash.From the paper:
“ rather than encoding a specific message, this watermark encodes an image of the unmanipulated scene as it would appear lit only by the coded illumination”
They are including scene data, presumably cryptographically signed, in the watermark, which allows for a consistency check that is not easily faked.
That's just saying that the coded image will only be apparent in the areas of the image lit by the light. Which is obvious, that's how a flashlight works too. They're not signing the actual pixels or anything. They've increased the difficulty to that of 3D-mapping the scene and transferring the lighting: not trivial, but still two long-studied problem spaces.
Hmm yeah fair point. I'm not sure you can do it without some control over the observer device then... will we have "authenticated cameras" soon, with crypto in secure elements? Feels like we'll have to go there to have any trust in video.
Not soon, we've had them for a long time. Here's one time one of those systems was hacked... 15 years ago. https://www.elcomsoft.com/news/428.html
It turns out if you give an adversary physical access to hardware containing a private key, and they are motivated enough to extract it, it's pretty hard to stop them.
I suppose the verification algorithm would need to also include a checksum that is basically a hash of the frame’s pixels. So not impossible to fake but also not practical to do so.
I have hitherto not timestamped or cryptographically signed my light sources, but that's something I'll be looking into.
Wonder if you could measure your breathing rate and heartbeat and cryptographically sign the time series data as ground truth. Then post process the video with Eulerian Video Magnification to recover the values and compare.
edit forgot the link: https://people.csail.mit.edu/mrub/vidmag/
Might be interesting if you are a high-value individual. Maybe in the future we will see a secret service member shining a light on the POTUS at all times to ensure that no fake video of the President can be circulated. Maybe with a scheme where they publish the keys used after each day, to build trust and make sure anyone can verify the authenticity of any video containing the President
Or anyone else who cares enough about deepfakes and can afford the effort
I’m not sure I understand. Could someone not take an existing legitimate video, light and all, then manipulate it to e.g. have the president saying something else?
If you don't manipulate the visual part, lip movements wouldn't match up to what's said. If you do manipulate it that now has to respect the super special light. I don't think it'd be impossible, but it'd be far harder than a regular deepfake. And even if you succeed (or someone writes good software that can do it) the white house can still point to the original video to show that the two were presumably taken at the same time, so one of them must be fake.
It'd agree that it's a lot of effort for very marginal gain
I don't think encryption is comparable to a simple duplication of data.