Enis Golaszewski
Assistant Teaching Professor
Cyber Defense Lab
CSEE Department
UMBC
Neal Krawetz
Hacker Factor Solutions
Fort Collins, Colorado
Joint work with Kaur Kullman, Alan T. Sherman, Sai K. Matukumalli, Roberto Yus, Edward Zieglar, Carson L. Kegley, Michael Barthel, William Bowman, Bharg Barot
12 noon–1pm
Friday, February 20, 2026
Remotely via WebEx: https://umbc.webex.com/meet/sherman
Recording of Talk
Abstract:
Generative AI and advanced editing tools enable malicious actors to create high-quality fake images that can facilitate fraud, attack reputations, and manipulate elections. We analyze the security properties of the design, implementation, and use of the Coalition for Content Provenance and Authenticity (C2PA) digital provenance specifications, Version 2.2. C2PA binds cryptographic assertions of provenance to a digital asset, with the goal of assisting users to judge the asset’s provenance and authenticity. When generating or modifying digital assets, C2PA implementations collect and place provenance data into a manifest of claims, then apply digital signature algorithms and optionally timestamp using a trusted timestamping authority.
Our analysis (1) evaluates the C2PA specification, including its requirements, RFC 3161 timestamps, validation guidelines, trust management, and privacy considerations, (2) identifies challenges and limitations facing users by processing revealing representative examples of C2PA metadata using multiple public validators, (3) assesses the compliance and efficacy of the Google Pixel 10 C2PA implementation, which C2PA currently lists as a conforming product at the maximum assurance level, and (4) performs the first formal-methods analysis of C2PA protocols, and by extension of the RFC 3161 trusted timestamp protocol.
Our investigation uncovers three major weaknesses. First, our formal models show that C2PA claim generators and validators achieve strong agreement on the claim’s assertions, but not on the claim’s trusted timestamp. Consequently, a claim may exist with competing timestamps, enabling an adversary to cast doubt on a claim’s provenance and authenticity. Second, from C2PA’s metadata, including data that we generated using a Pixel 10 camera, we identify multiple issues with the Version 2.2 system: lack of version information on claims, inadequate clarity for identifying an asset’s active claim manifest, inconsistent validation, and inadequate certificate revocation management. Third, we determine that the Pixel 10 complies with the C2PA specification, but the initial Pixel 10 implementation fails to include important metadata (e.g., EXIF metadata) in claims. Through examples, including ones we created using a Pixel 10 camera, we identify limitations and capabilities of C2PA’s approach for helping users determine the authenticity of digital objects.
While C2PA takes some useful steps toward solving an important problem, our work shows that the specifications are not ready for standardization or deployment. Serious structural weaknesses include missing critical information (e.g., version, time, location), inappropriately liberal policies (e.g., validators may ignore malformed fields), and inadequate treatments of timestamps and certificate management (e.g., lists of trusted products and certificates, certificate revocations). The long, complex specifications with several critical optional features confuse validators. Although C2PA achieves its limited goal that assertions of provenance are tamper evident, this goal is insufficient to verify provenance or veracity of digital assets. We suggest ways to strengthen C2PA. The Pixel 10 and Version 2.3 of the specifications implemented some of our suggestions.
About the Speaker:
Dr. Enis Golaszewski (golaszewski@umbc.edu) is a teaching assistant professor of computer science at UMBC in the CSEE Department. He holds weekly workshops in formal-methods analyses of cryptographic protocols using the Cryptographic Protocol Shapes Analyzer (CPSA). His current research projects include analysis of the Coalition for Content Provenance and Authenticity (C2PA) protocol. Golaszewski earned the PhD under Sherman. His dissertation includes the design and development of a tool—ProtoBindGuard—that automatically binds protocol messages to context to prevent protocol-interaction attacks. Golaszewski is a former SFS scholar at UMBC. https://www.csee.umbc.edu/enis-golaszewski/
Dr. Neal Krawetz (dr.krawetz@hackerfactor.com) earned a PhD in computer science from Texas A&M University and bachelors degree in computer and information science from the University of California, Santa Cruz. In 2002, he founded Hacker Factor Solutions (hackerfactor.com), where he specializes in non-traditional computer forensics, online profiling, networking, and computer security. Today, he develops computer forensic software and provides FotoForensics—an online service for digital media photo analysis. Dr. Krawetz has been performing ongoing detailed evaluations of C2PA since it was first introduced in 2021.
Host:
Alan T. Sherman, sherman@umbc.edu
Support for this event was provided in part by the National Science Foundation under SFS grant DGE-1753681.
The UMBC Cyber Defense Lab meets biweekly Fridays 12-1pm. All meetings are open to the public.
Upcoming CDL meetings:
- Mar 6, Sanorita Dey (IS)
- (Mar 20 is during UMBC spring break)
- Mar 27, Alexander Senichev (Physics)
- Apr 10, Tera Reynolds (IS)
- Apr 24, Anderson Frailey (Econ)
- May 8, Chul Hyu Park (Public Policy)