Verifying Provenance of Digital Media: Why the C2PA Specifications Fall Short
For users, platforms, and policymakers relying on C2PA for verifying digital media authenticity, the analysis reveals critical security flaws that undermine trust in high-stakes applications.
The paper presents the first comprehensive security analysis of the C2PA provenance system, finding that its specifications fail to achieve claimed security goals and key additional goals, potentially misleading users if deployed prematurely.
The rapid rise of generative AI has made it easy to create convincing fake media at scale. In response, an industrial coalition has developed the Coalition for Content Provenance and Authenticity (C2PA), a system intended to provide verifiable provenance for digital content. Our research team conducted the first comprehensive, independent security analysis of C2PA. Our study includes the first formal-methods analysis of C2PA's core protocols. We find that the current C2PA specifications fail to achieve their claimed security goals. Furthermore, they also fail to achieve key additional goals, which all such provenance systems require for trustworthy deployment. As a result, C2PA may mislead users, platforms, and policymakers if relied upon prematurely. C2PA is a promising idea, but it should not yet be relied upon for high-stakes uses such as financial disclosures, journalism, or legal evidence.