Overview
The proliferation of fake audio-visual content, such as deepfakes and manipulated images, poses significant risks to society by undermining trust in media and exacerbating misinformation. Coalition for Content Provenance and Authenticity (C2PA) authored specification, founded by Microsoft and Adobe, is currently being positioned by the Content Authenticity Initiative (CAI) as becoming the international standard for assessing the provenance and authenticity of audio-visual documents. However, despite its potential, the C2PA specification contains existing vulnerabilities [1,2,3,4,5,6,7] that could be exploited by malicious actors to bypass its security measures and pass fake content as authentic.
The objective of our project is twofold: To employ formal-method analysis to verify that the C2PA specification can indeed provide the provenance guarantees it is intended to provide; and to provide solutions to remediate any vulnerabilities that we would find during our analysis. To achieve that objective, we will develop a formal model of the C2PA specification and use that model to assess whether C2PA specification would indeed be able to provide a mechanism for the producers and custodians of any given content to assert, in a verifiable manner, that any information that has been disclosed about the creation of a given content, and actions taken since its creation, are indeed authentic.
Intellectual Merit
Although prior works [1,2,3,4,5,6,7] have informed us about potential issues with C2PA, none of those attempts have applied formal methods for modeling the C2PA specification for verification. The advantage of employing formal methods is to identify structural weaknesses of a protocol prior to its implementation and deployment, allowing the maintainers of that protocol to mitigate cascading vulnerabilities before these would be implemented and deployed.
Our team has the expertise and capability to develop the formal model of C2PA specification to verify that C2PA assumptions hold. We have formally modeled and verified several security specifications, including the Secure Remote Password 3 (SRP-3) standard, the FIDO Universal Authentication Framework (UAF), and Transport Layer Security (TLS). The methods we intend to employ for modeling the C2PA specification are well known, trusted and established for verifying security protocols.
Broader Impacts
By formally modeling C2PA specification to identify potential vulnerabilities, our project will help CAI to mitigate weaknesses in the C2PA specification and its downstream implementations, or even before these vulnerabilities would become exploitable in an implementation.
Our public reporting about the research that would result from the formal-models based verification of C2PA specification and our mitigations, could strengthen public trust in C2PA and encourage the entities who currently lack confidence in the C2PA specification, to reconsider employing C2PA implementations for verifying the provenance of digital media: provided that the issues identify during our project are indeed addressed and fixed by CAI and C2PA.
Identifying and addressing the vulnerabilities within the C2PA specification could have a profound positive impact on society, particularly in the fight against misinformation and the preservation of trust in digital media. As C2PA is being adopted by a diverse coalition of stakeholders, including major media organizations like the BBC, image repositories such as Getty Images, and AI companies like OpenAI, ensuring the integrity of its security measures becomes essential. A more robust and reliable C2PA specification would help prevent malicious actors from passing off fake content as authentic, thereby strengthening the credibility of the media consumed by the public.
In case the vulnerabilities of the C2PA specification that we find would be ignored or downplayed by C2PA, then the general public, law enforcement, judicial system and others would at least have the knowledge to not trust the authenticity and provenance of such media that, although bearing C2PA signature, could have been falsified.
Participants
If you would like to learn more about our working group, please reach out to: pasa-workgroup@umbc.edu.