Cloudflare integrates Content Credentials, a digital signature system that can detect fake images, into Cloudflare Images
On February 3, 2025, Cloudflare announced that it has integrated
Preserving content provenance by integrating Content Credentials into Cloudflare Images
https://blog.cloudflare.com/preserve-content-credentials-with-cloudflare-images/
Content Credentials are like an 'ingredient label' for digital content. They are secure metadata that anyone can attach to their own work, providing information about the creator and context about how it was created and edited. In 2019, Adobe founded
At the time of writing, many media organizations around the world, including the BBC, The New York Times, and Dow Jones, have joined the Content Authenticity Initiative. However, even if news organizations used cameras and editing flows that were compliant with C2PA , a technology that certifies the provenance of content, these authentication details were frequently removed when images were transformed by CDNs .
However, with Cloudflare Images' integration of Content Credentials, content authentication can now be preserved even when images from remote sources are transformed. This means that even if you use Cloudflare Images to resize an image or change its file format, content authentication is preserved and you can use
Generally, if you are using a C2PA compliant camera, you can attach content authentication information to your photos, such as the camera model, original image size, aperture setting, etc. Below is an example of metadata that can be stored on a photo.
[code]{
'jumbf': {
'c2pa.manifest': {
'claim_generator': 'Nikon Z9 Firmware v1.2',
'assertions': [
{
'label': 'c2pa.actions',
'data': {
'actions': [
{
'action': 'c2pa.captured',
'when': '2025-01-10T12:00:00Z',
'softwareAgent': 'Nikon Z9',
'parameters': {
'captureDevice': 'NIKON Z9',
'serialNumber': '7DX12345',
'exposure': '1/250',
'aperture': 'f/2.8',
'iso': 100,
'focalLength': '70mm'
}
}
]
}
}
],
'signature_info': {
'issuer': 'Nikon',
'time': '2025-01-10T12:00:00Z',
'cert_fingerprint': '01234567890abcdef'
},
'claim_metadata': {
'claim_id': 'nikon_z9_123'
}
}
}
}[/code]
If you have enabled the 'Preserve Content Authentication' setting in Cloudflare, the above metadata will be preserved in Cloudflare Images.
If you then resize your images using Cloudflare Images, the changes will be noted in the metadata.
[code]{
'jumbf': {
// Original Nikon manifest
'c2pa.manifest.nikon': {
/*unchanged*/
},
// New Cloudflare manifest
'c2pa.manifest.cloudflare': {
'claim_generator': 'Cloudflare Images',
'assertions': [
{
'label': 'c2pa.actions',
'data': {
'actions': [
{
'action': 'c2pa.resized',
'when': '2025-01-10T12:05:00Z',
'softwareAgent': 'Cloudflare Images',
'parameters': {
'originalDimensions': {
'width': 8256,
'height': 5504
},
'newDimensions': {
'width': 800,
'height': 533
}
}
}
]
}
}
],
'signature_info': {
'issuer': 'Cloudflare, Inc',
'time': '2025-01-10T12:05:00Z',
'cert_fingerprint': 'fedcba9876543210'
},
'claim_metadata': {
'claim_id': 'cf_resize_123',
'parent_claim_id': 'nikon_z9_123'
}
}
}
}[/code]
At the same time, any edits made to the content are signed with a private key to ensure authenticity, and if any of these content credentials and signatures fail to validate, it means the metadata has been tampered with.
'Content creators and publishers can now seamlessly retain the entire chain of provenance across the Cloudflare network - how an image was created, who created it, and any subsequent edits,' Cloudflare said.
Related Posts:
in Software, Posted by log1r_ut