On Provably Secure Time-Stamping Schemes

  • Ahto Buldas
  • Märt Saarepera
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3329)


It is almost a folklore-knowledge that hash-based time-stamping schemes are secure if the underlying hash function is collision-resistant but still no rigorous proofs have been published. We try to establish such proof and conclude that the existing security conditions are improper because they ignore precomputations by adversaries.After analyzing a simplistic patent filing scenario, we suggest a new security condition for time-stamping schemes that leads to a new security property of hash functions – chain-resistance. We observe that if the variety of possible shapes of hash-chains is polynomial (and the verification procedure is suitably improved), then the time-stamping scheme becomes provably secure, assuming that the underlying hash function is collision-resistant. Finally, we show that in some sense, the restrictions in the security definition are necessary – conventional black-box techniques are unable to prove that chain-resistance follows from collision-resistance.

Copyright information

© Springer-Verlag Berlin Heidelberg 2004

Authors and Affiliations

  • Ahto Buldas
    • 1
    • 2
    • 3
  • Märt Saarepera
    • 4
  1. 1.University of TartuTartuEstonia
  2. 2.CyberneticaTallinnEstonia
  3. 3.Tallinn University of TechnologyTallinnEstonia
  4. 4.Independent researcher 

Personalised recommendations