Karim D. Ghantous
Well-known member
People have been faking, and manipulating, photos since photography began. The famous Cottingley Fairies photos were 100% authentic photographs. So are a lot of UFO photos, both honest and dishonest. Hoaxes don’t require image manipulation.
https://www.bbc.com/news/uk-england-leeds-55187973
But, nonetheless, we will have to come up with methods to prove that a photograph came out of a camera. The reasons are obvious. And I have some ideas about how to do this. But first, some background.
Photography is becoming more redundant
CGI is photo realistic, and has been for some time. It has, predictably, replaced photography in the commercial realm, for some applications.
Digital is cheaper than film, but CGI is cheaper than digital. Some people think that progress should have stopped before mirrorless systems and 4K RAW - never mind 8K at 120fps in a camera the size of a Hasselblad 501C. These same people refused to see the inevitable death of Adobe Flash, and the takeover of smartphones. Progress marches on.
Then, almost overnight, came generative AI algorithms which could generate photorealistic images from whole cloth. It’s a kind of blitzkrieg of tech - we barely had time to appreciate the disruptive power of this stuff.
So, we have in front of us manipulated photos, CGI, and algorithmically generated imagery. It’s all fine, as long as nobody pretends. But how do you prevent people from pretending, if they decide to pretend? How can you authenticate a camera generated image?
Cameras don’t create data, unlike the other three methods mentioned above. They collect data. Photography is the objective, mechanical, visual recording of the world. So it will always be useful and necessary. Science uses visual models to illustrate phenomena, and it uses models to simulate nature. But it needs photographs (and other capture methods) to observe nature.
You could hypothetically generate an entire wedding album in CGI or AI. You could also hire a sketch artist to interpret the wedding in that way, too. Heck, you could hire a musician to write a sonata about it. But an interpretation of a natural event is not the same as recording it. So, here too, photography is tremendously useful, if not necessary.
Existing methods of authentication
There already exists methods of image authentication. One method is very simple: a visual check. Retouching is the most obvious form of manipulation. Retouching is not the same kind of manipulation as compositing, as you are not removing or adding fundamental elements to the scene. It look terrible, and it's verboten in documentary or wildlife photography. But it isn’t really misleading.
A more objective method is called Error Level Analysis, or ELA. A brief explanation:
https://fotoforensics.com/faq.php?show=General&c=guidelines#toc_e_analysis_2
You can use ELA with fairly consistent results, although it’s not a guarantee. Recently, Jarred Land posted two images of a cat: one is the camera original, the other used Adobe generative fill. I took screenshots and put them through ELA on fotoforensics.com. You can’t visually tell which is the image with generative content. But you can with ELA. Yes, it even works with screenshots. Jarred has deleted those images from his account, but you can download the screenshots and try this exercise for yourself:
https://postimg.cc/gallery/0NrvXZ5
How to solve the authentication problem
And now we come to the image authentication problem. Can we find a way to prove that an image was generated inside a camera? Can a photograph self-authenticate? Yes and yes - but with some heavy caveats.
But, we don’t need to go this far yet. We have methods to notarise photographs which can be very unsophisticated. You can lodge an image with a copyright office. You can take it to a notary public. You can post it on social media. Notarisation doesn’t guarantee authenticity, and it doesn’t guarantee the absence of staging (e.g. the fairy photo). But it’s much, much better than nothing.
Then we can go a step further, and generate an SHA string from a photograph and print it on a public blockchain. This does not guarantee authenticity, but once again, notarisation is extremely helpful. Especially if anyone can verify the image.
Don’t know what SHA is? Go to this web page, and type in some characters:
https://academo.org/demos/SHA-256-hash-generator/
You’ll get an SHA string each time you change the input. For example, just typing in the name ‘Shakespeare’ will give you the string, e64a72d0a3643b36bc78ad0274c90c76a597e6508666c4d60afbf2bbd13ea94a. Try changing ‘Shakespeare’ to ‘Shakespaere’ and you’ll get the string, bf3c9594f2caaea85fa001c91be4e4e613c626079579a8b8a141fb48dc9b832c.
The latter string is very different to the former. Only 4 of the 64 characters are the same. If you change so much as one bit in one colour channel of one pixel in a photograph, the hashes from the original photo and the altered one will not match.
Even the tiniest, tiniest change in the input will change the string. And there’s no way to reverse this process. The SHA string is like a digital ‘fingerprint’ of the input data.
You could have a system where your images are stored on servers in the Library of Congress (for example). News media don’t store the photos locally, they always link to the Library servers. To encourage the use of this system, if it can work, is to eliminate automatic copyright. That way, people will be incentivised to lodge their photos with the Library.
Self-authenticating files
You could also ‘mine’ a photograph to get an SHA string that starts with a given number of zeros. You do this by adding a small bit of data to the image file, called a ‘nonce’. For a quick, visual explanation of how nonces work, have a look at this clip:
https://youtu.be/_160oMzblY8?t=149
This will take a lot of computing power. And a lot of time. So, all you have to do is to mine your photo, and publish it with a nonce. The nonce can be part of the metadata. The viewer can then run that file through an SHA calculator, and if the result is a hash that begins with a certain number of zeros, then the file has just authenticated itself.
The problem is that any file can be authenticated like this. Even a fake. But, that doesn't matter too much. You just have to have a head start over the public. If someone wants to create fake image out of whole cloth, that’s a different question. But this method will prevent manipulated versions of your image passing off as real, even if for just 24 hours.
There is also the possibility of using public key cryptography to authenticate or notarise your photos. For example, your camera has hardware that always encrypts the files using PKC. The files - RAW and compressed versions - are encrypted with a VGA preview which is not encrypted. When this file is viewed in a Web browser, the browser automatically seeks a private key from a server (or even a blockchain). Then you can view the higher resolution file.
The problem is finding a way to decrypt the file without anyone knowing what the private key is. Perhaps zero-knowledge proofs can help here, but that’s beyond my understanding.
Another method is to use steganography. For example, every least significant bit of the green pixels in a new image is used to store the SHA string of the previous photo. So each time you take a new photo, you are creating a chain of files which are intrinsically linked.
Perhaps it's worth thinking about cameras generating three or even four versions of the same photo. The RAW file, the full-sized compressed file, a UHD version and an HD version. This will be necessary to keep an unbroken chain of SHA strings, or files encrypted with PKC, if you decide to use those methods. Cropping can be taken care of by the appropriate HTML tags at publication.
Quick and dirty methods
I am not too sure about the capability of generative imaging or image compositing. We know that digital photos can look almost exactly like film photos, with the appropriate LUTs or profiles. But can a forgery imitate poor image fidelity?
For example, take an old iPhone and examine how poor the image fidelity is. Maybe if we take photos with old zoom compacts from 2010, for example, they will be hard to fake on account of their poorer image quality. Then again, Baselight is powerful software...
Giving access to the high resolution files could also be a way to ensure some kind of authenticity. This won’t work against CGI imagery, but it can possibly work against generative imagery.
Recapitulation
Notarisation and authentication are different problems. Notarisation is the easy problem to solve. It just requires industry standards that are easy to implement and to use. Just like with network security, a combination of methods is the best solution.
Authentication will require special camera hardware. This will require that photographers purchase new cameras. As with notarisation, a combination of methods will be used to ensure that an image was created only by the photographic process, with no post-processing.
In the same way that this technology evolved very quickly, solutions to image authentication will probably also evolve very quickly. Some solutions will come to a complete surprise to me and to most people who read this post.
https://www.bbc.com/news/uk-england-leeds-55187973
But, nonetheless, we will have to come up with methods to prove that a photograph came out of a camera. The reasons are obvious. And I have some ideas about how to do this. But first, some background.
Photography is becoming more redundant
CGI is photo realistic, and has been for some time. It has, predictably, replaced photography in the commercial realm, for some applications.
Digital is cheaper than film, but CGI is cheaper than digital. Some people think that progress should have stopped before mirrorless systems and 4K RAW - never mind 8K at 120fps in a camera the size of a Hasselblad 501C. These same people refused to see the inevitable death of Adobe Flash, and the takeover of smartphones. Progress marches on.
Then, almost overnight, came generative AI algorithms which could generate photorealistic images from whole cloth. It’s a kind of blitzkrieg of tech - we barely had time to appreciate the disruptive power of this stuff.
So, we have in front of us manipulated photos, CGI, and algorithmically generated imagery. It’s all fine, as long as nobody pretends. But how do you prevent people from pretending, if they decide to pretend? How can you authenticate a camera generated image?
Cameras don’t create data, unlike the other three methods mentioned above. They collect data. Photography is the objective, mechanical, visual recording of the world. So it will always be useful and necessary. Science uses visual models to illustrate phenomena, and it uses models to simulate nature. But it needs photographs (and other capture methods) to observe nature.
You could hypothetically generate an entire wedding album in CGI or AI. You could also hire a sketch artist to interpret the wedding in that way, too. Heck, you could hire a musician to write a sonata about it. But an interpretation of a natural event is not the same as recording it. So, here too, photography is tremendously useful, if not necessary.
Existing methods of authentication
There already exists methods of image authentication. One method is very simple: a visual check. Retouching is the most obvious form of manipulation. Retouching is not the same kind of manipulation as compositing, as you are not removing or adding fundamental elements to the scene. It look terrible, and it's verboten in documentary or wildlife photography. But it isn’t really misleading.
A more objective method is called Error Level Analysis, or ELA. A brief explanation:
https://fotoforensics.com/faq.php?show=General&c=guidelines#toc_e_analysis_2
You can use ELA with fairly consistent results, although it’s not a guarantee. Recently, Jarred Land posted two images of a cat: one is the camera original, the other used Adobe generative fill. I took screenshots and put them through ELA on fotoforensics.com. You can’t visually tell which is the image with generative content. But you can with ELA. Yes, it even works with screenshots. Jarred has deleted those images from his account, but you can download the screenshots and try this exercise for yourself:
https://postimg.cc/gallery/0NrvXZ5
How to solve the authentication problem
And now we come to the image authentication problem. Can we find a way to prove that an image was generated inside a camera? Can a photograph self-authenticate? Yes and yes - but with some heavy caveats.
But, we don’t need to go this far yet. We have methods to notarise photographs which can be very unsophisticated. You can lodge an image with a copyright office. You can take it to a notary public. You can post it on social media. Notarisation doesn’t guarantee authenticity, and it doesn’t guarantee the absence of staging (e.g. the fairy photo). But it’s much, much better than nothing.
Then we can go a step further, and generate an SHA string from a photograph and print it on a public blockchain. This does not guarantee authenticity, but once again, notarisation is extremely helpful. Especially if anyone can verify the image.
Don’t know what SHA is? Go to this web page, and type in some characters:
https://academo.org/demos/SHA-256-hash-generator/
You’ll get an SHA string each time you change the input. For example, just typing in the name ‘Shakespeare’ will give you the string, e64a72d0a3643b36bc78ad0274c90c76a597e6508666c4d60afbf2bbd13ea94a. Try changing ‘Shakespeare’ to ‘Shakespaere’ and you’ll get the string, bf3c9594f2caaea85fa001c91be4e4e613c626079579a8b8a141fb48dc9b832c.
The latter string is very different to the former. Only 4 of the 64 characters are the same. If you change so much as one bit in one colour channel of one pixel in a photograph, the hashes from the original photo and the altered one will not match.
Even the tiniest, tiniest change in the input will change the string. And there’s no way to reverse this process. The SHA string is like a digital ‘fingerprint’ of the input data.
You could have a system where your images are stored on servers in the Library of Congress (for example). News media don’t store the photos locally, they always link to the Library servers. To encourage the use of this system, if it can work, is to eliminate automatic copyright. That way, people will be incentivised to lodge their photos with the Library.
Self-authenticating files
You could also ‘mine’ a photograph to get an SHA string that starts with a given number of zeros. You do this by adding a small bit of data to the image file, called a ‘nonce’. For a quick, visual explanation of how nonces work, have a look at this clip:
https://youtu.be/_160oMzblY8?t=149
This will take a lot of computing power. And a lot of time. So, all you have to do is to mine your photo, and publish it with a nonce. The nonce can be part of the metadata. The viewer can then run that file through an SHA calculator, and if the result is a hash that begins with a certain number of zeros, then the file has just authenticated itself.
The problem is that any file can be authenticated like this. Even a fake. But, that doesn't matter too much. You just have to have a head start over the public. If someone wants to create fake image out of whole cloth, that’s a different question. But this method will prevent manipulated versions of your image passing off as real, even if for just 24 hours.
There is also the possibility of using public key cryptography to authenticate or notarise your photos. For example, your camera has hardware that always encrypts the files using PKC. The files - RAW and compressed versions - are encrypted with a VGA preview which is not encrypted. When this file is viewed in a Web browser, the browser automatically seeks a private key from a server (or even a blockchain). Then you can view the higher resolution file.
The problem is finding a way to decrypt the file without anyone knowing what the private key is. Perhaps zero-knowledge proofs can help here, but that’s beyond my understanding.
Another method is to use steganography. For example, every least significant bit of the green pixels in a new image is used to store the SHA string of the previous photo. So each time you take a new photo, you are creating a chain of files which are intrinsically linked.
Perhaps it's worth thinking about cameras generating three or even four versions of the same photo. The RAW file, the full-sized compressed file, a UHD version and an HD version. This will be necessary to keep an unbroken chain of SHA strings, or files encrypted with PKC, if you decide to use those methods. Cropping can be taken care of by the appropriate HTML tags at publication.
Quick and dirty methods
I am not too sure about the capability of generative imaging or image compositing. We know that digital photos can look almost exactly like film photos, with the appropriate LUTs or profiles. But can a forgery imitate poor image fidelity?
For example, take an old iPhone and examine how poor the image fidelity is. Maybe if we take photos with old zoom compacts from 2010, for example, they will be hard to fake on account of their poorer image quality. Then again, Baselight is powerful software...
Giving access to the high resolution files could also be a way to ensure some kind of authenticity. This won’t work against CGI imagery, but it can possibly work against generative imagery.
Recapitulation
Notarisation and authentication are different problems. Notarisation is the easy problem to solve. It just requires industry standards that are easy to implement and to use. Just like with network security, a combination of methods is the best solution.
Authentication will require special camera hardware. This will require that photographers purchase new cameras. As with notarisation, a combination of methods will be used to ensure that an image was created only by the photographic process, with no post-processing.
In the same way that this technology evolved very quickly, solutions to image authentication will probably also evolve very quickly. Some solutions will come to a complete surprise to me and to most people who read this post.
