This work addresses the challenge of authorship impersonation in content generated by diffusion models by proposing a keyless “proof of authorship” framework. The approach cryptographically binds the random seed used during generation to the creator’s identity via a pseudorandom function, ensuring that only the genuine generator can effectively assert ownership. A probabilistic arbitration mechanism is introduced to evaluate the credibility of such claims. Experimental evaluations on latent diffusion models, including Stable Diffusion 2.1, demonstrate that the proposed scheme provides strong authentication guarantees across diverse adversarial scenarios. Compared to conventional watermarking or timestamp-based methods, this framework substantially enhances the reliability and security of copyright attribution for AI-generated content.

Recent advancements in AI-generated content (AIGC) have introduced new challenges in intellectual property protection and the authentication of generated objects. We focus on scenarios in which an author seeks to assert authorship of an object generated using latent diffusion models (LDMs), in the presence of adversaries who attempt to falsely claim authorship of objects they did not create. While proof-of-ownership has been studied in the context of multimedia content through techniques such as time-stamping and watermarking, these approaches face notable limitations. In contrast to traditional content creation sources (e.g., cameras), the LDM generation process offers greater control to the author. Specifically, the random seed used during generation can be deliberately chosen. By binding the seed to the author's identity using cryptographic pseudorandom functions, the author can assert to be the creator of the object. We refer to this stronger guarantee as proof-of-authorship, since only the creator of the object can legitimately claim the object. This contrasts with proof-of-ownership via time-stamping or watermarking, where any entity could potentially claim ownership of an object by being the first to timestamp or embed the watermark. We propose a proof-of-authorship framework involving a probabilistic adjudicator who quantifies the probability that a claim is false. Furthermore, unlike prior approaches, the proposed framework does not involve any secret. We explore various attack scenarios and analyze design choices using Stable Diffusion 2.1 (SD2.1) as representative case studies.