Christian Paquin

Principal Research Software Engineer

Back to the list of Speakers and Sessions

Christian Paquin Principal Research Software Engineer, Microsoft

I’m cryptography and security engineer at Microsoft Research where I aim to bring new research innovations closer to reality. My work focuses lately on privacy-preserving identity, post-quantum cryptography, and content origin and authentication (especially surrounding the work of the C2PA in which I’m a member of the technical working group). Prior to joining Microsoft I was a crypto developer at Zero Knowledge Systems developing a TOR-precursor mixnet and the Chief Security Engineer at Credentica.


Discussion: Human in the Middle Q&A

This is a Q&A session. Moderators will take audience questions both remotely and on-site via sli.do.


Q&A Discussion for the Human in the Middle block.

Talk: Real or fake? Tools to fight online disinformation

Talks will be streamed on YouTube and Twitch for free.


It is quite challenging to verify the origin of online content. In this era of disinformation exacerbated by ever-evolving AI tools, the creation of seemingly authentic fake accounts and content can be quite dangerous, with risks ranging from harming one’s reputation to damaging society as a whole. Fortunately, content provenance technologies are emerging to fight this problem. The Coalition for Content Provenance and Authenticity (C2PA) is the leading effort allowing creators to cryptographically sign their digital assets and record subsequent edits helping consumers to confirm their origin and authenticity while keeping an auditable history of the data transformations. It has been adopted by leading technology providers (Microsoft, Google, Meta), camera manufacturers (Sony, Nikon), image/video editors (Adobe), generative AI companies (OpenAI, Midjourney), and news organizations (BBC, CBC/Radio-Canada, New York Times). C2PA is also at the forefront of the fight against election disinformation, and was one of two technologies mentioned in the recent AI Elections accord signed at the Munich security conference. In this presentation, I’ll describe the C2PA use cases, specifications, and the lifecycle of a protected digital asset (such as images, videos, and audio clips) from their creation, to their modifications and validation. I’ll present open-source tools/SDKs that anyone can use to create and verify protected content or integrate this functionality in their applications and services. I’ll also present the Cross-Platform Origin of Content (XPOC) framework allowing content owners to create authoritative lists of their social media accounts and content, addressing a slightly different provenance problem. I’ll give a demonstration of the open-source tools allowing anyone to self-host and verify XPOC manifests.