Sohaib Saleem and Pericle Perazzo , University of Pisa, Italy

As AI-generated synthetic media, such as deepfake images, proliferate, verifying the authenticity of digital images has become a significant challenge. Traditional digital signature techniques become invalid if images are cropped; therefore, special croppable signatures have been proposed in the literature. However, both traditional and croppable signatures remain valid only as long as their associated public key certificate remains valid. This could be problematic for authenticated images, as they often circulate over the Internet for long periods of time, beyond the expiration of their public key certificates. Re-signing each image with a new key requires re distributing all affected images, and this may be impractical for large-scale systems. To address this issue, we propose an image authentication system with croppability and post-expiration va lidity features, using BLS (Boneh–Lynn–Shacham) short signatures, the Ethereum blockchain as a decentralized trusted timestamping service, and IPFS (InterPlanetary File System) as a decent railed storage solution. Additionally, we employ two methods: a baseline method, in which the web server hosting the images does not pay any transaction fees, and an optimized method, which produces very little traffic on the web browser. Experimental evaluations are conducted in Pakistan and Italy under real Wi-Fi and simulated 4G cellular connections using Linux traffic control (tc) to demonstrate the system’s performance. Results showed that, in the baseline method, the network traffic overhead and communication delay increase linearly with the image size. Meanwhile, the optimized method achieves constant-time performance for retrieval and verification.

Imageauthentication, BLS signatures, blockchain, decentralized timestamping, IPFS.