As a generally superior alternative to government regulation, professional licensing works so well that it does its job largely unnoticed. Example: the building you’re sitting in as you read this is habitable because some architect, structural engineer, contractor and building inspector put their livelihoods on the line by individually attesting that the building is habitable. That’s the reason why buildings rarely fall down, and why they tend not to have secret passageways that don’t show up on their drawings.
Got a political adversary that you want to put on the defensive? Simply have them say something that you know will turn their constituency against them.
VASA-1 will change that.
There is just too much potential trouble that this can cause. It’s a problem that must be addressed.
True digital signatures us AC technology, which has been hiding in plain sight for decades. If you have digitally signed a file of any kind, and so much as a bit is changed after the signing, the signature will fail. The file will reveal itself to have been altered. (Note that true digital signatures are not the same as “electronic signatures.” An “electronic signature” may use AC technology but there is no requirement to connect the signature to the signer. A signature of a fraudster will check out just fine with an “electronic signature.”) Using that very old AC technology, any file can be digitally signed.
Deep fake videos have been around for years, attempting to put words into the mouths of innocent victims or otherwise misrepresent them. Fortunately the results haven’t been too convincing, which is why journalists, legislators, policy people and others have had mixed results in raising public alarm.
The possibilities, as they say, are endless.
That true digital signature, like any digital signature, is by a large number called a “private key” which is mathematically related to another large number called a “public key.” As one might guess, the former is kept secret and never leaves the user’s device, while the latter is like a username and may be disclosed to anyone.
Let’s look at each of those.
This is newer than the others, having been invented by the U.S. National Institute of Standards and Technology – NIST – some eight years ago. The measure of the reliability of an identity claim is established in a labor intensive process of vetting of evidence of identity – EOI. EOI consists of things like showing an Attestation Officer that you can authenticate to an online bank account, plus other online accounts, employee IDs etc., in a process of convincing that Attestation Officer that you are really who you claim to be.
VASA-1 is an AI program that produces an absolutely convincing video record of a real person saying things that they never actually said.
VASA-1 will simply let you mold testimonial reality into whatever you want it to be. Imagine the field day that the trolls and echo chamber disinformation perpetrators are going to have with this!
There is a solution.
So the technology and methodologies for defeating the efforts of those who would distort perceptions by means of deep fakes have been around for years. However, applying these solutions will take a coordinated effort.
An attempt to coordinate that effort has begun. To learn more and to get on their email list, visit https://authentiverse.net/deepfakes/ .
VASA-1 Will Fix That!
- True digital signatures
- PKI digital identity certificates
- Measurable reliability of identity claims
- Professional licensing
- Web representations of digitally signed content
Want to start a war? Have the president of a nation-state announce an invasion.
- True Digital Signatures
On 16 April 2024, Microsoft Research Asia released a paper entitled “VASA-1: Lifelike Audio-Driven Talking Faces Generated in Real Time” (https://arxiv.org/pdf/2404.10667.pdf ) by Sicheng Xu, Guojun Chen, Yu-Xiao Guo, Jiaolong Yang, Chong Li, Zhenyu Zang, Yizhong Zhang, Xin Tong and Baining Guo.
- PKI digital identity certificates
It’s all about individual accountability – a concept that the world seems to have forgot about. If videos were digitally signed by licensed professionals, or at least by a well-identified individual who attests that the video does not contain specified fake elements, then a lot of the problem would be eliminated.
Through the use of web badging technology such as Open Badges any web content, including videos, can show that it is digitally signed by an accountable human being.
- Measurable reliability of identity claims
Now imagine the mischief that VASA-1 will enable.
- Professional licensing
By Wes Kussmaul
Fortunately there is a solution. And like so many real solutions to real problems, this one a) is about bringing authenticity to bear on inauthenticity, and b) the solution isn’t simple.
- Web representations of digitally signed content
Now, in order for the identity claimed in that public big number to be trusted, an authority that is trusted by all concerned parties must digitally sign it. That turns the public big number into a certificate, because that’s what a certificate is – authority attesting to a claim. That’s true whether the certificate exists on paper or on bits.
The solution to this and other problems with digital inauthenticity has been hiding in plain sight for years. The solution consists of five components:
Perhaps a better description than “not simple” would be “not from a place that people tend to look for solutions to current problems in the digital world.” In fact it’s found in the rather distant past.
To see for yourself scroll down to the video at https://arstechnica.com/information-technology/2024/04/microsofts-vasa-1-can-deepfake-a-person-with-one-photo-and-one-audio-track/ .