Stamp and Extend – Instant But Undeniable Timestamping Based on Lazy Trees

  • Łukasz Krzywiecki
  • Przemysław Kubiak
  • Mirosław Kutyłowski
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7711)


We present a Stamp&Extend time-stamping scheme based on linking via modified creation of Schnorr signatures. The scheme is based on lazy construction of a tree of signatures.

Stamp&Extend returns a timestamp immediately after the request, unlike the schemes based on the concept of timestamping rounds. Despite the fact that all timestamps are linearly linked, verification of a timestamp requires a logarithmic number of steps with respect to the chain length. An extra feature of the scheme is that any attempt to forge a timestamp by the Time Stamping Authority (TSA) results in revealing its secret key, providing an undeniable cryptographic evidence of misbehavior of TSA.

Breaking Stamp&Extend requires not only breaking Schnorr signatures, but to some extend also breaking Pedersen commitments.


timestamping undeniability forgery evidence Schnorr signature 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    European Commision: Proposal for a regulation of the European Parliament and of the Council on electronic identification and trust services for electronic transactions in the internal market (June 4, 2012)Google Scholar
  2. 2.
    European Parliament and of the European Council: Directive 1999/93/ec of the European Parliament and of the Council of 13 December 1999 on a Community framework for electronic signatures. Official Journal of the European Communities L(13) (January 1, 2000)Google Scholar
  3. 3.
    Benaloh, J.C., de Mare, M.: Effcient broadcast time-stamping. Technical Report TR-MCS-91-1, Clarkson University Department of Mathematics and Computer Science (1991)Google Scholar
  4. 4.
    Haber, S., Stornetta, W.S.: How to time-stamp a digital document. J. Cryptology 3(2), 99–111 (1991)CrossRefGoogle Scholar
  5. 5.
    Benaloh, J.C., de Mare, M.: One-Way Accumulators: A Decentralized Alternative to Digital Signatures (Extended Abstract). In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 274–285. Springer, Heidelberg (1994)Google Scholar
  6. 6.
    Damgård, I., Mikkelsen, G.L.: Efficient, Robust and Constant-Round Distributed RSA Key Generation. In: Micciancio, D. (ed.) TCC 2010. LNCS, vol. 5978, pp. 183–200. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  7. 7.
    Le, D.P., Bonnecaze, A., Gabillon, A.: Signtiming scheme based on aggregate signature. In: ISI, pp. 145–149. IEEE (2008)Google Scholar
  8. 8.
    Buldas, A., Saarepera, M.: On Provably Secure Time-Stamping Schemes. In: Lee, P.J. (ed.) ASIACRYPT 2004. LNCS, vol. 3329, pp. 500–514. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  9. 9.
    Buldas, A., Laud, P., Saarepera, M., Willemson, J.: Universally Composable Time-Stamping Schemes with Audit. In: Zhou, J., López, J., Deng, R.H., Bao, F. (eds.) ISC 2005. LNCS, vol. 3650, pp. 359–373. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  10. 10.
    Buldas, A., Laur, S.: Do Broken Hash Functions Affect the Security of Time-Stamping Schemes? In: Zhou, J., Yung, M., Bao, F. (eds.) ACNS 2006. LNCS, vol. 3989, pp. 50–65. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  11. 11.
    Buldas, A., Niitsoo, M.: Can We Construct Unbounded Time-Stamping Schemes from Collision-Free Hash Functions? In: Baek, J., Bao, F., Chen, K., Lai, X. (eds.) ProvSec 2008. LNCS, vol. 5324, pp. 254–267. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  12. 12.
    Buldas, A., Niitsoo, M.: Optimally Tight Security Proofs for Hash-Then-Publish Time-Stamping. In: Steinfeld, R., Hawkes, P. (eds.) ACISP 2010. LNCS, vol. 6168, pp. 318–335. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  13. 13.
    Lipmaa, H.: On Optimal Hash Tree Traversal for Interval Time-Stamping. In: Chan, A.H., Gligor, V.D. (eds.) ISC 2002. LNCS, vol. 2433, pp. 357–371. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  14. 14.
    Blibech, K., Gabillon, A.: A New Timestamping Scheme Based on Skip Lists. In: Gavrilova, M.L., Gervasi, O., Kumar, V., Tan, C.J.K., Taniar, D., Laganá, A., Mun, Y., Choo, H. (eds.) ICCSA 2006. LNCS, vol. 3982, pp. 395–405. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  15. 15.
    Le, D.-P., Bonnecaze, A., Gabillon, A.: A Secure Round-Based Timestamping Scheme with Absolute Timestamps (Short Paper). In: Sekar, R., Pujari, A.K. (eds.) ICISS 2008. LNCS, vol. 5352, pp. 116–123. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  16. 16.
    Błaśkiewicz, P., Kubiak, P., Kutyłowski, M.: Two-Head Dragon Protocol: Preventing Cloning of Signature Keys - Work in Progress. In: Chen, L., Yung, M. (eds.) INTRUST 2010. LNCS, vol. 6802, pp. 173–188. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  17. 17.
    Schnorr, C.P.: Efficient signature generation by smart cards. J. Cryptology 4(3), 161–174 (1991)MathSciNetzbMATHCrossRefGoogle Scholar
  18. 18.
    BSI: Elliptic Curve Cryptography. Technische Richtlinie TR-03111 v2.0 (June 28, 2012)Google Scholar
  19. 19.
    Schnorr, C.: Method for identyfying subscribers and for generating and veryfing electronic signatures in a data exchange system. U.S. Patent 4,995,082 (1991)Google Scholar
  20. 20.
    Pedersen, T.P.: Non-interactive and Information-Theoretic Secure Verifiable Secret Sharing. In: Feigenbaum, J. (ed.) CRYPTO 1991. LNCS, vol. 576, pp. 129–140. Springer, Heidelberg (1992)Google Scholar
  21. 21.
    Kaliski Jr., B.S.: On Hash Function Firewalls in Signature Schemes. In: Preneel, B. (ed.) CT-RSA 2002. LNCS, vol. 2271, pp. 1–16. Springer, Heidelberg (2002)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2012

Authors and Affiliations

  • Łukasz Krzywiecki
    • 1
  • Przemysław Kubiak
    • 1
  • Mirosław Kutyłowski
    • 1
  1. 1.Faculty of Fundamental Problems of TechnologyWrocław University of TechnologyPoland

Personalised recommendations