Long-Term Secure Time-Stamping Using Preimage-Aware Hash Functions

(Short Version)
  • Ahto Buldas
  • Matthias GeihsEmail author
  • Johannes Buchmann
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10592)


The lifetime of commonly used digital signature schemes is limited because their security is based on computational assumptions that potentially break in the future. In 1993, Bayer et al. suggested that the lifetime of a digital signature can be prolonged by time-stamping the signature together with the signed document. Based on this idea, various long-term timestamp schemes have been proposed and standardized that repeatedly renew the protection with new timestamps. In order to minimize the risk of a design failure affecting the security of these schemes, it is indispensable to formally analyze their security. However, many of the proposed schemes have not been subject to a formal security analysis yet. In this paper, we address this issue by formally describing and analyzing a long-term timestamp scheme that uses hash trees for timestamp renewal. Our analysis shows that the security level of the described scheme degrades cubic over time, which suggests that in practice the scheme should be instantiated with a certain security margin.


Long-term security Timestamps Preimage aware hash functions 


  1. 1.
    Bayer, D., Haber, S., Stornetta, W.S.: Improving the efficiency and reliability of digital time-stamping. In: Capocelli, R., De Santis, A., Vaccaro, U. (eds.) Sequences II: Methods in Communication, Security, and Computer Science, pp. 329–334. Springer, New York (1993). doi: 10.1007/978-1-4613-9323-8_24 CrossRefGoogle Scholar
  2. 2.
    Buldas, A., Geihs, M., Buchmann, J.: Long-term secure time-stamping using preimage-aware hash functions. Cryptology ePrint Archive, Report 2017/754 (2017).
  3. 3.
    Buldas, A., Laanoja, R.: Security proofs for hash tree time-stamping using hash functions with small output size. In: Boyd, C., Simpson, L. (eds.) ACISP 2013. LNCS, vol. 7959, pp. 235–250. Springer, Heidelberg (2013). doi: 10.1007/978-3-642-39059-3_16 CrossRefGoogle Scholar
  4. 4.
    Buldas, A., Laur, S.: Knowledge-binding commitments with applications in time-stamping. In: Okamoto, T., Wang, X. (eds.) PKC 2007. LNCS, vol. 4450, pp. 150–165. Springer, Heidelberg (2007). doi: 10.1007/978-3-540-71677-8_11 CrossRefGoogle Scholar
  5. 5.
    Canetti, R., Cheung, L., Kaynar, D., Lynch, N., Pereira, O.: Modeling computational security in long-lived systems. In: van Breugal, F., Chechik, M. (eds.) CONCUR 2008. LNCS, vol. 5201, pp. 114–130. Springer, Heidelberg (2008). doi: 10.1007/978-3-540-85361-9_12 CrossRefGoogle Scholar
  6. 6.
    Dodis, Y., Ristenpart, T., Shrimpton, T.: Salvaging merkle-damgård for practical applications. In: Joux, A. (ed.) EUROCRYPT 2009. LNCS, vol. 5479, pp. 371–388. Springer, Heidelberg (2009). doi: 10.1007/978-3-642-01001-9_22 CrossRefGoogle Scholar
  7. 7.
    Geihs, M., Demirel, D., Buchmann, J.A.: A security analysis of techniques for long-term integrity protection. In: 14th Annual Conference on Privacy, Security and Trust, PST 2016, Auckland, New Zealand, 12–14 December 2016, pp. 449–456 (2016)Google Scholar
  8. 8.
    Haber, S., Stornetta, W.S.: How to time-stamp a digital document. In: Menezes, A.J., Vanstone, S.A. (eds.) CRYPTO 1990. LNCS, vol. 537, pp. 437–455. Springer, Heidelberg (1991). doi: 10.1007/3-540-38424-3_32 CrossRefGoogle Scholar
  9. 9.
    Merkle, R.C.: A Certified Digital Signature. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 218–238. Springer, New York (1990). doi: 10.1007/0-387-34805-0_21 CrossRefGoogle Scholar
  10. 10.
    Rivest, R.L., Shamir, A., Adleman, L.M.: A method for obtaining digital signatures and public-key cryptosystems. Commun. ACM 21(2), 120–126 (1978)MathSciNetCrossRefzbMATHGoogle Scholar
  11. 11.
    Schwenk, J.: Modelling time for authenticated key exchange protocols. In: Kutyłowski, M., Vaidya, J. (eds.) ESORICS 2014. LNCS, vol. 8713, pp. 277–294. Springer, Cham (2014). doi: 10.1007/978-3-319-11212-1_16 Google Scholar

Copyright information

© Springer International Publishing AG 2017

Authors and Affiliations

  • Ahto Buldas
    • 1
    • 2
  • Matthias Geihs
    • 3
    Email author
  • Johannes Buchmann
    • 3
  1. 1.Tallinn University of TechnologyTallinnEstonia
  2. 2.Cybernetica ASTallinnEstonia
  3. 3.Darmstadt University of TechnologyDarmstadtGermany

Personalised recommendations