LOCKEY: A Novel Approach to Model Authentication and Deepfake Tracking

Authors: Mayank Kumar Singh, Naoya Takahashi, Wei-Hsiang Liao, Yuki Mitsufuji

Published: 2024-09-12 04:28:22+00:00

Comment: Authenticating deep generative models, 5 pages, 5 figures, 2 tables

AI Summary

This paper introduces LOCKEY, a novel system for authenticating generative models and tracking users in white-box scenarios by integrating key-based authentication with watermarking. Users receive a unique key alongside model parameters; a valid key enables expected, watermarked output, while an invalid key triggers degraded output, thereby enforcing authentication and user ID embedding for tracking deepfakes. The approach is demonstrated effectively on audio codecs and vocoders, proving its robustness.

Abstract

This paper presents a novel approach to deter unauthorized deepfakes and enable user tracking in generative models, even when the user has full access to the model parameters, by integrating key-based model authentication with watermarking techniques. Our method involves providing users with model parameters accompanied by a unique, user-specific key. During inference, the model is conditioned upon the key along with the standard input. A valid key results in the expected output, while an invalid key triggers a degraded output, thereby enforcing key-based model authentication. For user tracking, the model embeds the user's unique key as a watermark within the generated content, facilitating the identification of the user's ID. We demonstrate the effectiveness of our approach on two types of models, audio codecs and vocoders, utilizing the SilentCipher watermarking method. Additionally, we assess the robustness of the embedded watermarks against various distortions, validating their reliability in various scenarios.