The device hashes the video (trivial on any CPU capable enough to handle media) and uploads that hash, a simple blockchain network (or some sufficient existing blockchain) ingests it and sets the timestamp, then it’s stored publicly, unencrypted, but set in stone.
Now that I think about it, this would work for any file (like documents) or indeed anything hashable. It’s simply a public ledger of hash + timestamp pairs to prove “a file with this hash existed at this time,” and there’s no need to encrypt any of it.
The blockchain sets the timestamp at the moment it’s added. All the ‘user’ can do is upload a hash.
Other than that, it doesn’t matter. It just a table of hashes + dates, and hash tells you nothing without the associated file. Fake media could be hashed, but if a timestamp can’t ‘verify’ the media in question for a particular situation, then it wouldn’t matter to a court anyway.
I guess one particular attack vector would be orgs flooding the system, unfortunately, and that would be difficult to work around.
If the timestamp can’t ‘prove’ its authenticity (like placing the video chronologically before anyone would know what slop to make), then it’s useless as evidence in court, even if the video is real.
This is sort of thing I’d hoped TPM would be used for, rather than being used to prevent running an alternative OS.
I don’t see what TPM’s needed for.
The device hashes the video (trivial on any CPU capable enough to handle media) and uploads that hash, a simple blockchain network (or some sufficient existing blockchain) ingests it and sets the timestamp, then it’s stored publicly, unencrypted, but set in stone.
Now that I think about it, this would work for any file (like documents) or indeed anything hashable. It’s simply a public ledger of hash + timestamp pairs to prove “a file with this hash existed at this time,” and there’s no need to encrypt any of it.
This sounds like the timestamping servers I’ve used on software builds. There are very few trusted ones and they get quite overloaded.
…and all they really prove is that a file had a certain hash at a certain time.
What ensures that only valid stuff gets pushed in the first place?
The blockchain sets the timestamp at the moment it’s added. All the ‘user’ can do is upload a hash.
Other than that, it doesn’t matter. It just a table of hashes + dates, and hash tells you nothing without the associated file. Fake media could be hashed, but if a timestamp can’t ‘verify’ the media in question for a particular situation, then it wouldn’t matter to a court anyway.
I guess one particular attack vector would be orgs flooding the system, unfortunately, and that would be difficult to work around.
What guarantees that what was uploaded in the first place wasn’t deepfake slop?
Doesn’t matter.
If the timestamp can’t ‘prove’ its authenticity (like placing the video chronologically before anyone would know what slop to make), then it’s useless as evidence in court, even if the video is real.