I think that "impossible to detect" is not something realistic if camera manufacturers are willing to start adding encryption signatures to their cameras outputs and are willing to vouch for them.
I realize this would still allow fakes to be presented by governments in all likelihood, but not everyone.
Who posts raw output from cameras anywhere? This doesn't seem useful outside some niche use-cases (like security camera footage). At a minimum just about every recording is going to be re-compressed for streaming.
Synthid and the like survive compression and decent quality rerecording.
Synthid is a watermark which indicates the video is AI-generated, not a digital signature indicating it's real. Completely different use case and threat model.
I'm not aware of any secure digital signature schemes that don't require the thing they signed to be bit-for-bit identical to pass verification. There are perceptual hashing algorithms that could theoretically be used to build such a scheme, but such hashes are not second preimage resistant, so someone could create a modified video that still passes signature verification.
I bet the cameras' companies will start automatically uploading the real footage to their servers for attestation, and allow the camera owners to get those links, so people will just add that link on YouTube or whatever and say "See, its real, Sony vouches for it", heck maybe they will make their buyers to sign up with YouTube and do it for them.
Perhaps that could work in certain situations, but you don't even necessarily need digital signatures for that. A link to a reputable news site claiming they've verified the footage as real would be good enough in like 95% of cases, people just don't bother to check.
You'd also need close to 100% adoption for this to be effective, otherwise people will just assume the fakes were recorded with one of the cameras that doesn't have that feature, or that they didn't bother to upload the raw footage anywhere.
How on top of security do you think all the camera manufacturers are going to be? That is, how long until people can sign videos that were not, in fact, shot with their camera?
Proving that you were able to upload something that is not real would go viral so it's very attractive to people to share such findings, meaning it would not last long, then they fix it and that's it, specially because they can require you to upgrade your camera's firmware if you want to keep using their attestation service.
Depends on what kind of compromise occurs. Hardware level key loss isn't easy, if possible at all to fix.
Only if you're paying them
Attention is valuable these days, so making people go to their websites for people to check if something is real is good for them, its people they can try to sell more cameras (or phones) and all that.
They can attest pictures of my hairy pendulous ballsack.
Joking and all but sexting would benefit from this technology, if it can vouch about the time, GPS location and email address of the owner then the receiver can have some certainty about the pic (if the sender decides to share such attestation link/info, of course)
I don't think it needs do be raw output. I'm pretty sure that signatures can exist within image and sound outputs that are reproducible when changing to other formats.
Yeah I’m not sure this makes sense when images are getting their third ifunny watermark.
Leica started doing this a few years ago in response to the first wave of AI images[0]. Other, bigger manufacturers (Nikon, Canon, Sony as well I believe) have also joined, though with less fanfare. Adobe is in the loop.
As someone with a passing interest in infosec and cryptography, I'm sceptical of the long-term viability of this kind of product; it only takes one person successfully extracting a signing key to undermine the entire project.
Yes, you're correct about private keys getting exposed, but it's better than nothing. I suspect though, even after key exposure there may be a way to make new private keys so that compromised keys have a known point when they are compromised, which makes public how much skepticism we should all have about authenticity.
I just think there is a world of difference between "certainty" and "plausibility" when it comes to videos on the internet. Yes, state actors might circumvent it, and skepticism should remain, but there is a world of difference between North Korea trying to convince me of some political scandal, and Pepsi Co trying to convince me that someone I trust loves Pepsi.
Cameras have a very long lifespan. People will still be using those cameras 20 years after the keys for their model get leaked.
And they will also get firmware updates.
I currently use a 2008 Fujifilm camera and a 2018 Sony. The Fujifilm doesn’t even have a firmware update mechanism, and the Sony camera doesn’t get updated anymore. These devices are rarely connected to the internet and never go obsolete so they get used until they break.
There might be a specialised line of cameras for forensics that signs the output and has lidar to detect when the camera is pointed at a screen, but the average person won’t have a camera with this kind of crypto. It would just be too easy for hackers to extract the keys from.
You still ultimately have the analogue hole here - pull the camera apart, splice your own hardware somewhere between the sensor and the thing that adds the signatures (or in front of the sensor).
Or just straight up point the camera at a computer monitor, without even trying to hide it. Most of the security camera footage online is already uploaded this way.
I intentionally didn't say that because I feel like people might dismiss that with "oh but you can tell the difference with sufficient analysis etc" whereas literally sending data directly through the same path as the real sensor would be potentially less detectable (or more, if the sensor itself has some kind of noticeable fingerprint)
Pointing the camera at a screen could potentially evade that.
Right, but my point is that a video of a screen should be less believable than the source video insofar as verifying legitimacy.
I feel it wouldn't be too difficult to get a social-media video to look convincing enough even with just a regular camera and monitor, at least after compression (if end users aren't served raw footage directly, and instead trust the attestation of the site).
Right, my point is that this should default to "untrustworthy." The idea is that a camera would at the very least include a timestamp and camera type in the signature. That signature should usually be reproducible when being filmed by another camera (these signatures can be part of the physical image). This should mean that a cameras filming screens would have multiple ways to show the images are not legitimate (as something as simple of shadows not matching time of day could show the video is illegitimate).
What you're describing is a watermark, not a signature
What I'm describing is a hidden watermark that contains a signature.
A signature over what?
https://en.wikipedia.org/wiki/Digital_signature
I'm familiar with the concept. A digital signature signs a message. What message are you signing?
If I were creating a verification system, I'd include a Timestamp, camera used, and UUID. If I were selling products to news teams, I'd likely include fields that the firm wanted included like name of company, and if applicable, gps location.
What if you can't tell it's a video of a screen?
wouldn't that just encourage monopolistic behavior and lockdown of these devices?
they're already locked down as-is.
Why do we keep on seeing that elementary misconception? Cryptographic verification != reality of the underlying data fed to it! Plus vouching for hardware that is in consumer hands? There is the gaping analog hole of 'recording' arbitrary data streams. All that system would do is make it easier to deanonmyize speech.