Trust nobody: privacy-preserving proofs for edited photos with your laptop
发表信息
作者
- Pierpaolo Della Monica
- Ivan Visconti
- Andrea Vitaletti
- Marco Zecchini
笔记
The Internet has plenty of images that are transformations (e.g., resize, blur) of confidential original images. Several scenarios (e.g., selling images over the Internet, fighting disinformation, detecting deep fakes) would highly benefit from systems allowing to verify that an image is the result of a transformation applied to a confidential authentic image. In this paper, we focus on systems for proving and verifying the correctness of transformations of authentic images guaranteeing: 1) confidentiality (i.e., the original image remains private), 2) efficient proof generation (i.e., the proof certifying the correctness of the transformation can be computed with a common laptop) even for high-resolution images, 3) authenticity (i.e., only the advertised transformations have been applied) and 4) fast detection of fraud proofs. Our contribution consists of new definitions modelling confidentiality and adaptive adversaries, techniques to speed up the prover of a ZK-snark, an efficient construction relying on ad-hoc signatures and hashes, and a less efficient construction that works according to signatures and hashes included in the C2PA specifications. Experimental results confirm the viability of our approach, allowing to compute an authentic transformation of a high-resolution image on a common computer. Prior results instead either require expensive computing resources or provide unsatisfying confidentiality.
互联网上充斥着大量由机密原始图像经过变换(如调整大小、模糊处理)后的图像。在多种场景下(如在线销售图片、打击虚假信息、检测深度伪造内容),若能验证某图像确实源自对机密真实图像的变换处理,将极大提升系统效能。本文聚焦于构建一套既能证明又能验证图像变换正确性的系统,确保:1)机密性(原始图像保持私密);2)高效生成证明(即使处理高分辨率图像,普通笔记本电脑也能完成验证计算);3)真实性(仅执行声明过的变换操作);4)快速识别欺诈性证明。我们的创新包括:建立模拟机密性与自适应攻击者的新定义框架,优化ZK-snark证明生成效率的技术,基于定制签名与哈希的高效构建方案,以及符合C2PA规范但效率稍逊的标准签名哈希方案。实验证实,该方法可在普通计算机上实现对高分辨率图像的真实变换验证,而现有方案要么需昂贵计算资源,要么无法充分保障机密性。