from Hacker News

Ask HN: Can cryptographic time-stamping protect our history from deepfakes?

by axelsvensson on 9/12/22, 9:20 PM with 4 comments

As the rate and quality of AI-generated content keeps increasing, it seems inevitable that it will become easier to create fake content and harder to verify/refute it.

I keep thinking that "someone" could use cryptographic time-stamping as one line of defense. As a philanthropic effort, it seems relatively easy, cheap and valuable to do so. I imagine a web archive could save a stream of hashes not seen before, occasionally compile a merkle root and publish it in several places where time of publication is common knowledge.

Is this being done, else why not? It seems like an opportunity too good to pass on.

  • by muzani on 9/13/22, 2:08 AM

    I worked on a product that did something like this. Basically you'd take a photo with the app, it hashed some data on the photo along with some other personal data, uploaded that photo. Server checks the hash, and if matching, posted the verification in the blockchain.

    This prevents tampering. But what about deepfakes?

    First, we didn't verify photos from gallery. That's where most of your deepfakes would come from.

    Second, you had to take a photo from the app. You can't put an AI filter on the camera, because the app itself directly accesses the Android camera API. I think one possibility would be to hack this API to put the deepfake filter, but I don't know any way to do this yet.

    The consequence here is you can still have deepfakes, but you'll probably see more of these verification apps. Probably suited for CCTVs, dash cams, news cameras. Maybe we'll see it baked into hardware and operating systems in the future?

  • by Someone on 9/12/22, 10:24 PM

    I don’t see how that would prevent deep-fakes from being made for past events.

    Cryptographic time-stamping can show that a set of images existed at some time, but not that no other images existed at that time.

    So, unless you manage to time-stamp most images in the world, there will be a huge set of images without provenance.

    The creator of fake content will just add to that set.

  • by axelsvensson on 9/12/22, 10:04 PM

    This can also be done anonymously for private files, as a feature of backup systems. That way, you could get the ability to prove to anyone that a certain piece of content was created before that timestamp. It would cost a minimal storage overhead, and the cost of time-stamping can actually decrease with more users.