Security Researchers Found Collision Attack Vulnerability in Apple’s Child Abuse image scanning system

Researchers discovered a collision attack vulnerability in iOS’s built-in hash function algorithm, which has aroused new attention to Apple’s CSAM scanning system, but Apple said that this discovery did not threaten the integrity of the system.

The vulnerability affects a hashing algorithm called NeuralHash, which allows Apple to check whether a picture exactly matches a known child abuse image without owning any pictures or collecting any non-matching picture information. On Tuesday, a GitHub user named Asuhariet Ygvar released a rebuilt Python version of NeuralHash code, which he claimed to have reverse-developed this version from the previous iOS version.

The GitHub post also includes instructions on how to extract NeuralMatch files from the current macOS or iOS build. The resulting algorithm is a general version of NeuralHash, not a specific algorithm that will be used after the proposed CSAM system is deployed, but it still gives an overall concept of the advantages and disadvantages of the algorithm.

Early tests have shown that it can tolerate image size and compression, but cannot tolerate cropping or rotation. Asuhariet Ygvar shared the new code on Reddit, hoping that this will help the outside world better understand the NeuralHash algorithm and know its potential problems before it is enabled on all iOS devices.

Soon thereafter, a user named Cory Cornelius discovered a collision attack vulnerability in the algorithm, which could generate two pictures with the same hash value. This is an important finding because Apple says that the additional protection measures of its CSAM system will prevent it from being used illegally.

On August 5th, Apple introduced a new system to block child abuse images on iOS devices. Under the new system, iOS will check locally stored files based on the hash values ​​of child abuse images generated and maintained by the National Center for Missing and Exploited Children (NCMEC).

The system includes many privacy protection measures, limits the scanning range to iCloud photos, and sets a threshold to find up to 30 matches before generating an alert. However, privacy advocates are still worried about the impact of scanning locally stored files, and new findings have heightened concerns about the possible use of the system.

Apple said that in view of the known limitations of the perceptual hash algorithm, its CSAM scanning system has been constructed with collision attacks in mind. The company emphasized a secondary server-side hashing algorithm independent of NeuralHash, the details of which were not disclosed. If a picture of a NeuralHash collision attack is marked by the system, it will be sent to the secondary server for detection, and it will be determined as a false positive before manual review.

Leave a Comment