The codes from the OP are just flashes of light in the environment. The attacker could read the codes and overlay them onto another video, without needing to decrypt them. That's just a standard replay attack.
If you flag a reused code in 2 different videos, how do you tell which video is real?
Well, the code wouldn't be representative of the new frame, right?
For example, you encrypt the hash of the frame itself (+ metadata: frame number, timestamp, etc.) with a pkey. My client decrypts the hash, computes the hash and compares it.
The problem might present itself when compressing the video but the tagging step can be done after compression. That would also prevent resharing.
The light source could be connected to a clock and the flashes represent the encryption of the time using a private key, verifiable using a public key.
It's a lot of complexity, so probably only worthwhile for high value targets like government press conference rooms, etc.
That still doesn't help, because the flashes are independent of the content of the video. To illustrate:
You could easily copy those flashes of light into your next comment if you wanted, without reversing the hash.From the paper:
“ rather than encoding a specific message, this watermark encodes an image of the unmanipulated scene as it would appear lit only by the coded illumination”
They are including scene data, presumably cryptographically signed, in the watermark, which allows for a consistency check that is not easily faked.
That's just saying that the coded image will only be apparent in the areas of the image lit by the light. Which is obvious, that's how a flashlight works too. They're not signing the actual pixels or anything. They've increased the difficulty to that of 3D-mapping the scene and transferring the lighting: not trivial, but still two long-studied problem spaces.
Hmm yeah fair point. I'm not sure you can do it without some control over the observer device then... will we have "authenticated cameras" soon, with crypto in secure elements? Feels like we'll have to go there to have any trust in video.
Not soon, we've had them for a long time. Here's one time one of those systems was hacked... 15 years ago. https://www.elcomsoft.com/news/428.html
It turns out if you give an adversary physical access to hardware containing a private key, and they are motivated enough to extract it, it's pretty hard to stop them.
I suppose the verification algorithm would need to also include a checksum that is basically a hash of the frame’s pixels. So not impossible to fake but also not practical to do so.