1 Introduction
Preface blog:
The 2022 paper " ZK-IMG: Attested Images via Zero-Knowledge Proofs to Fight Disinformation " by Daniel Kang et al. provides a simple deep fake image example:
the core part of the trust infrastructure is the use of certified cameras, The private key is stored in the camera, and the image is digitally signed with the private key. The public key verifies which camera the image was taken from. In a few cases, the original image needs to be modified to remove any sensitive information -- such as blurring license plates or editing people in the image. For this there is a set of trusted core images and one or more transition images. And can keep the original image confidential.
How to verify that another image is a modified version while preserving the privacy of the original image? To do this, zk-img hashes the original image and the transformed image and uses zk-Snark to prove that this was calculated correctly. If the hash value of the original image is H 1 H_1H1, while the hash of the modified image is H 2 H_2H2, then only H 2 H_2 is disclosedH2。
There is the original hash and signature from the authenticated camera, as the original image ( H 1 H_1H1), but can be produced with edited versions and their hashes ( H 2 H_2H2) related zk-Snarks. The creator of the image can then attest to the original image (via the camera's signature) and the modified image (using zk-Snark). H 2 H_2 can be changed if desiredH2and zk-Snark to a blockchain or trusted timestamping system to prove when the image was created. Overall, the ZK-IMG paper research team has implemented zk Snarks through the Halo2 library.
As shown in FIG:
- Bob has an authenticated camera with a private key inside the camera.
- When taking a photo, the camera will use this private key to sign the photo to prove the photo's origin.
- The public key can be used to verify the signature and track which camera took the photo. The hash value of this original photo is H 1 H_1H1。
- Convert the photo to generate a new photo, and the new photo corresponds to the new hash value H 2 H_2H2, and post the new photo.
- Use zk-Snark to prove the transformation between the original photo and the new photo. The original photo can never be made public if desired.
The authors of the ZK-IMG paper state:
- The calculation overhead of the key generation and proof part is high, but the verification process is very fast, only 5.84ms to 10.1ms.
- The proof size is relatively small, ranging from 7048 bytes to 14592 bytes.
The comparison between ZK-IMG and PhotoProof is:
- PhotoProof verifies signatures and hashes outside of zk-Snarks, requiring public intermediate images.
- Ignoring the key generation overhead, PhotoProof takes 306 seconds to prove and 500ms to verify a 128x128 image transformation; while ZK-IMG only needs 2.74 seconds to prove (including key generation overhead) and 5.3ms to verify—a speed increase of 112 times respectively and 94 times.
For more ZKP knowledge and applications, please refer to:
References
[1] Prof Bill Buchanan OBE December 2022 Blog zk-IMG … Fighting Disinformation