We know perceptual hashing and cryptography have incompatible requirements. Think of an image, the same image with 1 pixel changed, and a very different image. A perceptual hash should say 1 and 2 were related and not 3. Cryptographers call that failing a chosen plaintext attack.
"Hashes using a new and proprietary neural hashing algorithm Apple has developed, and gotten NCMEC to agree to use."
That sounds like we know it’s perceptual but not what kind, and therefore we don’t know the collision characteristics.
We know perceptual hashing and cryptography have incompatible requirements. Think of an image, the same image with 1 pixel changed, and a very different image. A perceptual hash should say 1 and 2 were related and not 3. Cryptographers call that failing a chosen plaintext attack.
1 reply →