this post was submitted on 11 Feb 2024
642 points (97.9% liked)

Technology

59374 readers
3169 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
 

The White House wants to 'cryptographically verify' videos of Joe Biden so viewers don't mistake them for AI deepfakes::Biden's AI advisor Ben Buchanan said a method of clearly verifying White House releases is "in the works."

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 9 points 9 months ago (8 children)

a shorter, (effectively) unique text string

A note on this. There are other videos that will hash to the same value as a legitimate video. Finding one that is coherent is extraordinarily difficult. Maybe a state actor could do it?

But for practical purposes, it'll do the job. Hell, if a doctored video with the same hash comes out, the White House could just say no, we punished this one, and that alone would be remarkable.

[–] [email protected] 8 points 9 months ago* (last edited 9 months ago) (4 children)

Finding one that is coherent is extraordinarily difficult.

You’d need to find one that was not just coherent, but that looked convincing and differed in a way that was useful to you—and that likely wouldn’t be guaranteed, even theoretically.

[–] [email protected] 0 points 9 months ago (2 children)

Even for a 4096 bit hash (which isn't used afaik, usually only 1024 bit is used (but this could be outdated)), you only need to change 4096 bits on average. Even for a still 1080p image, that's 1920x1080 pixels. If you change the least significant bit of each color channel, you get 6,220,800 bits you can change within anyone noticing. That means on average there are 1,518 identical-looking variations of any image with a given 4096 bit hash, on average. This goes down a lot when you factor in compression: those least significant bits aren't going to stay the same. But using a video brings it up by orders of magnitude: rather than one image, you can tweak colors in every frame The difficulty doesn't come from the existence, it comes because you need to check 2⁵¹² = 10¹⁵⁴ different images to guarantee you'll find a match. Hash functions are designed to take a while to compute, so you'd have to run a supercomputer for an extremely long time to brute force a hash collision

[–] [email protected] 1 points 9 months ago (1 children)

Most hash functions are 256 bit (they're symmetric functions, they don't need more in most cases).

There are arbitrary length functions (called XOF instead of hash) which built similarly (used when you need to generate longer random looking outputs).

Other than that, yeah, math shows you don't need to change more data in the file than the length of the hash function internal state or output length (whichever is less) to create a collision. The reason they're still secure is because it's still extremely difficult to reverse the function or bruteforce 2^256 possible inputs.

[–] [email protected] 1 points 9 months ago

Yeah I was using a high length at first because even if you overestimate, that's still a lot. I did 512 for the second because I don't know a ton about cryptography but that's the largest SHA output

load more comments (1 replies)
load more comments (4 replies)