PhotoProof: Cryptographic Image Authentication for Any Set of Permissible Transformations

Since the invention of the camera, photos have been used to document reality and to supply proof of events. Yet today it is easy to fabricate realistic images depicting events that never happened. Thus, dozens of papers strive to develop methods for authenticating images. While some commercial cameras already attach digital signatures to photographs, the images often undergo subsequent transformations (cropping, rotation, compression, and so forth), which do not detract from their authenticity, but do change the image data and thus invalidate the signature. Existing methods address this by signing derived image properties that are invariant to some set of transformations. However, these are limited in the supported transformations, and often offer weak security guarantees. We present PhotoProof, a novel approach to image authentication based on cryptographic proofs. It can be configured, according to application requirements, to allow any permissible set of (efficiently computable) transformations. Starting with a signed image, our scheme attaches, to each legitimately derived image, a succinct proof of computational integrity attesting that the transformation was permissible. Anyone can verify these proofs, and generate updated proofs when applying further permissible transformations. Moreover, the proofs are zero-knowledge so that, for example, an authenticated cropped image reveals nothing about the cropped-out regions. PhotoProof is based on Proof-Carrying Data (PCD), a cryptographic primitive for secure execution of distributed computations. We describe the new construction, prove its security, and demonstrate a working prototype supporting a variety of permissible transformations.

[1]  Xinpeng Zhang,et al.  Robust Hashing for Image Authentication Using Zernike Moments and Local Features , 2013, IEEE Transactions on Information Forensics and Security.

[2]  Oded Goldreich,et al.  Collision-Free Hashing from Lattice Problems , 1996, Electron. Colloquium Comput. Complex..

[3]  Eli Ben-Sasson,et al.  Zerocash: Decentralized Anonymous Payments from Bitcoin , 2014, 2014 IEEE Symposium on Security and Privacy.

[4]  Craig Gentry,et al.  Pinocchio: Nearly Practical Verifiable Computation , 2013, IEEE Symposium on Security and Privacy.

[5]  Alan W. Paeth,et al.  A fast algorithm for general raster rotation , 1986 .

[6]  Jens Groth,et al.  Short Pairing-Based Non-interactive Zero-Knowledge Arguments , 2010, ASIACRYPT.

[7]  Shih-Fu Chang,et al.  Semifragile watermarking for authenticating JPEG visual content , 2000, Electronic Imaging.

[8]  Ramarathnam Venkatesan,et al.  Robust image hashing , 2000, Proceedings 2000 International Conference on Image Processing (Cat. No.00CH37101).

[9]  Nir Bitansky,et al.  From extractable collision resistance to succinct non-interactive arguments of knowledge, and back again , 2012, ITCS '12.

[10]  Hany Farid,et al.  Digital image authentication from thumbnails , 2010, Electronic Imaging.

[11]  Silvio Micali,et al.  Computationally Sound Proofs , 2000, SIAM J. Comput..

[12]  Hany Farid,et al.  Exposing Digital Forgeries in Complex Lighting Environments , 2007, IEEE Transactions on Information Forensics and Security.

[13]  Eli Ben-Sasson,et al.  Succinct Non-Interactive Arguments for a von Neumann Architecture , 2013, IACR Cryptol. ePrint Arch..

[14]  Manuel Menezes de Oliveira Neto,et al.  Humans are easily fooled by digital images , 2017, Comput. Graph..

[15]  H. Farid,et al.  Image forgery detection , 2009, IEEE Signal Processing Magazine.

[16]  Dario Fiore,et al.  On the (In)Security of SNARKs in the Presence of Oracles , 2016, TCC.

[17]  Zhi-Qiang Liu,et al.  Region-Level Image Authentication Using Bayesian Structural Content Abstraction , 2008, IEEE Transactions on Image Processing.

[18]  Zuocheng Ren,et al.  Efficient RAM and control flow in verifiable outsourced computation , 2015, NDSS.

[19]  Gary Friedman,et al.  The trustworthy digital camera: restoring credibility to the photographic image , 1993 .

[20]  Nir Bitansky,et al.  Succinct Non-Interactive Arguments via Linear Interactive Proofs , 2013, Journal of Cryptology.

[21]  Sagar Chouksey,et al.  Image Authentication Using Distributed Source Coding , 2012 .

[22]  Miklós Ajtai,et al.  Generating Hard Instances of Lattice Problems , 1996, Electron. Colloquium Comput. Complex..

[23]  Proof-carrying data : Secure computation on untrusted platforms , 2022 .

[24]  Eran Tromer,et al.  Cluster Computing in Zero Knowledge , 2015, EUROCRYPT.

[25]  Craig Gentry,et al.  Quadratic Span Programs and Succinct NIZKs without PCPs , 2013, IACR Cryptol. ePrint Arch..

[26]  Helger Lipmaa,et al.  Progression-Free Sets and Sublinear Pairing-Based Non-Interactive Zero-Knowledge Arguments , 2012, TCC.

[27]  Jiri Fridrich,et al.  Robust hash functions for digital watermarking , 2000, Proceedings International Conference on Information Technology: Coding and Computing (Cat. No.PR00540).

[28]  Wei Su,et al.  Robust Lossless Image Data Hiding Designed for Semi-Fragile Image Authentication , 2008, IEEE Transactions on Circuits and Systems for Video Technology.

[29]  Silvio Micali,et al.  A Digital Signature Scheme Secure Against Adaptive Chosen-Message Attacks , 1988, SIAM J. Comput..

[30]  Eli Ben-Sasson,et al.  Scalable Zero Knowledge Via Cycles of Elliptic Curves , 2014, Algorithmica.

[31]  Geng Guangzhi,et al.  Content Based Image Hashing Robust to Geometric Transformations , 2009, 2009 Second International Symposium on Electronic Commerce and Security.

[32]  Miroslav Goljan,et al.  Digital camera identification from sensor pattern noise , 2006, IEEE Transactions on Information Forensics and Security.

[33]  Chang-Tsun Li,et al.  Semi-fragile watermarking scheme for authentication of JPEG images , 2004, International Conference on Information Technology: Coding and Computing, 2004. Proceedings. ITCC 2004..

[34]  Emin Gün Sirer,et al.  Logical attestation: an authorization architecture for trustworthy computing , 2011, SOSP.

[35]  Bruce Schneier,et al.  An authenticated camera , 1996, Proceedings 12th Annual Computer Security Applications Conference.

[36]  Emin Gün Sirer,et al.  Nexus authorization logic (NAL): Design rationale and applications , 2011, TSEC.

[37]  Fred B. Schneider,et al.  Authorization and trust in software systems , 2012 .

[38]  Eli Ben-Sasson,et al.  SNARKs for C: Verifying Program Executions Succinctly and in Zero Knowledge , 2013, CRYPTO.

[39]  Ton Kalker,et al.  A robust image fingerprinting system using the Radon transform , 2004, Signal Process. Image Commun..

[40]  Michael Backes,et al.  ADSNARK: Nearly Practical and Privacy-Preserving Proofs on Authenticated Data , 2015, 2015 IEEE Symposium on Security and Privacy.

[41]  Rui Sun,et al.  A SVD- and quantization based semi-fragile watermarking technique for image authentication , 2002, 6th International Conference on Signal Processing, 2002..

[42]  Lynne S. McNeill,et al.  Newslore: Contemporary Folklore on the Internet , 2012 .

[43]  Nir Bitansky,et al.  Recursive composition and bootstrapping for SNARKS and proof-carrying data , 2013, STOC '13.

[44]  Eran Tromer,et al.  Proof-Carrying Data and Hearsay Arguments from Signature Cards , 2010, ICS.

[45]  Shih-Fu Chang,et al.  A robust image authentication method distinguishing JPEG compression from malicious manipulation , 2001, IEEE Trans. Circuits Syst. Video Technol..

[46]  Shih-Fu Chang,et al.  A robust content based digital signature for image authentication , 1996, Proceedings of 3rd IEEE International Conference on Image Processing.

[47]  Russ Housley,et al.  Internet X.509 Public Key Infrastructure Certificate and CRL Profile , 1999, RFC.