Can We Construct Unbounded Time-Stamping Schemes from Collision-Free Hash Functions?
It has been known for quite some time that collision-resistance of hash functions does not seem to give any actual security guarantees for unbounded hash-tree time-stamping, where the size of the hash-tree created by the time-stamping service is not explicitly restricted. We focus on the possibility of showing that there exist no black-box reductions of unbounded time-stamping schemes to collision-free hash functions. We propose an oracle that is probably suitable for such a separation and give strong evidence in support of that. However, the existence of a separation still remains open. We introduce the problem and give a construction of the oracle relative to which there seem to be no secure time-stamping schemes but there still exist collision-free hash function families. Although we rule out many useful collision-finding strategies (relative to the oracle) and the conjecture seems quite probable after that, there still remains a possibility that the oracle can be abused by some very smartly constructed wrappers. We also argue why it is probably very hard to give a correct proof for our conjecture.
Unable to display preview. Download preview PDF.
- 2.Buldas, A., Laud, P., Lipmaa, H., Villemson, J.: Time-Stamping with Binary Linking Schemes. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 486–501. Springer, Heidelberg (1998)Google Scholar
- 7.Haber, S., Stornetta, W.-S.: Secure Names for Bit-Strings. In: ACM Conference on Computer and Communications Security, pp. 28–35 (1997)Google Scholar
- 9.Impagliazzo, R., Rudich, S.: Limits on the provable consequences of one-way permutations. In: Proceedings of 21st Annual ACM Symposium on the Theory of Computing, pp. 44–61 (1989)Google Scholar
- 10.Merkle, R.C.: Protocols for public-key cryptosystems. In: Proceedings of the 1980 IEEE Symposium on Security and Privacy, pp. 122–134 (1980)Google Scholar
- 12.Shaltiel, R.: Recent Developments in Explicit Constructions of Extractors. In: Bulletin of the EATCS, vol. 77, pp. 67–95 (2002)Google Scholar
- 13.Reingold, O., Trevisan, L., Vadhan, S.: Notions of reducibility between cryptographic primitives. In: Naor, M. (ed.) TCC 2004. LNCS, vol. 2951, pp. 1–20. Springer, Heidelberg (2004)Google Scholar