Stamp and Extend – Instant But Undeniable Timestamping Based on Lazy Trees
We present a Stamp&Extend time-stamping scheme based on linking via modified creation of Schnorr signatures. The scheme is based on lazy construction of a tree of signatures.
Stamp&Extend returns a timestamp immediately after the request, unlike the schemes based on the concept of timestamping rounds. Despite the fact that all timestamps are linearly linked, verification of a timestamp requires a logarithmic number of steps with respect to the chain length. An extra feature of the scheme is that any attempt to forge a timestamp by the Time Stamping Authority (TSA) results in revealing its secret key, providing an undeniable cryptographic evidence of misbehavior of TSA.
Breaking Stamp&Extend requires not only breaking Schnorr signatures, but to some extend also breaking Pedersen commitments.
Keywordstimestamping undeniability forgery evidence Schnorr signature
Unable to display preview. Download preview PDF.
- 1.European Commision: Proposal for a regulation of the European Parliament and of the Council on electronic identification and trust services for electronic transactions in the internal market (June 4, 2012)Google Scholar
- 2.European Parliament and of the European Council: Directive 1999/93/ec of the European Parliament and of the Council of 13 December 1999 on a Community framework for electronic signatures. Official Journal of the European Communities L(13) (January 1, 2000)Google Scholar
- 3.Benaloh, J.C., de Mare, M.: Effcient broadcast time-stamping. Technical Report TR-MCS-91-1, Clarkson University Department of Mathematics and Computer Science (1991)Google Scholar
- 5.Benaloh, J.C., de Mare, M.: One-Way Accumulators: A Decentralized Alternative to Digital Signatures (Extended Abstract). In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 274–285. Springer, Heidelberg (1994)Google Scholar
- 7.Le, D.P., Bonnecaze, A., Gabillon, A.: Signtiming scheme based on aggregate signature. In: ISI, pp. 145–149. IEEE (2008)Google Scholar
- 18.BSI: Elliptic Curve Cryptography. Technische Richtlinie TR-03111 v2.0 (June 28, 2012)Google Scholar
- 19.Schnorr, C.: Method for identyfying subscribers and for generating and veryfing electronic signatures in a data exchange system. U.S. Patent 4,995,082 (1991)Google Scholar
- 20.Pedersen, T.P.: Non-interactive and Information-Theoretic Secure Verifiable Secret Sharing. In: Feigenbaum, J. (ed.) CRYPTO 1991. LNCS, vol. 576, pp. 129–140. Springer, Heidelberg (1992)Google Scholar