Abstract
Time-stamping services produce time-stamp tokens as evidences to prove that digital data existed at given points in time. Time-stamp tokens contain verifiable cryptographic bindings between data and time, which are produced using cryptographic algorithms. In the ANSI, ISO/IEC and IETF standards for time-stamping services, cryptographic algorithms are addressed in two aspects: (i) Client-side hash functions used to hash data into digests for nondisclosure. (ii) Server-side algorithms used to bind the time and digests of data. These algorithms are associated with limited lifespans due to their operational life cycles and increasing computational powers of attackers. After the algorithms are compromised, time-stamp tokens using the algorithms are no longer trusted. The ANSI and ISO/IEC standards provide renewal mechanisms for time-stamp tokens. However, the renewal mechanisms for client-side hash functions are specified ambiguously, that may lead to the failure of implementations. Besides, in existing papers, the security analyses of long-term time-stamping schemes only cover the server-side renewal, and the client-side renewal is missing. In this paper, we analyse the necessity of client-side renewal, and propose a comprehensive long-term time-stamping scheme that addresses both client-side renewal and server-side renewal mechanisms. After that, we formally analyse and evaluate the client-side security of our proposed scheme.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
American National Standard Institute (ANSI). ANSI X9.95-2016 - Trusted Timestamp Management and Security (2016)
Adams, C., Cain, P., Pinkas, D., Zuccherato, R.: RFC 3161: Internet X. 509 Public Key Infrastructure Time-Stamp Protocol (TSP) (2001)
ISO/IEC 18014–1:2008. Information technology - Security techniques - Time-stamping services - part 1: Framework. Standard (2008)
ISO/IEC 18014–2:2009. Information technology - Security techniques - Time-stamping services - part 2: Mechanisms producing independent tokens. Standard (2009)
ISO/IEC 18014–3:2009. Information technology - Security techniques - Time-stamping services - part 3: Mechanisms producing linked tokens. Standard (2009)
ISO/IEC 18014–4:2015. Information technology - Security techniques - Time-stamping services - part 4: Traceability of time sources. Standard (2015)
Lenstra, A.K.: Key length. Contribution to the handbook of information security (2004)
Shor, P.W.: Polynomial-time algorithms for prime factorization and discrete logarithms on a quantum computer. SIAM Rev. 41(2), 303–332 (1999)
Grover, A.K.: A fast quantum mechanical algorithm for database search. In: Proceedings, 28th Annual ACM Symposium on the Theory of Computing, pp. 212–219 (1996)
Geihs, M., Demirel, D., Buchmann, J.: A security analysis of techniques for long-term integrity protection. In: 2016 14th Annual Conference on Privacy, Security and Trust (PST), pp. 449–456. IEEE (2016)
Buldas, A., Geihs, M., Buchmann, J.: Long-term secure time-stamping using preimage-aware hash functions. In: Okamoto, T., Yu, Y., Au, M.H., Li, Y. (eds.) ProvSec 2017. LNCS, vol. 10592, pp. 251–260. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-68637-0_15
Haber, S., Stornetta, W.S.: How to time-stamp a digital document. In: Menezes, A.J., Vanstone, S.A. (eds.) CRYPTO 1990. LNCS, vol. 537, pp. 437–455. Springer, Heidelberg (1991). https://doi.org/10.1007/3-540-38424-3_32
Bayer, D., Haber, S., Stornetta, W.S.: Improving the efficiency and reliability of digital time-stamping. In: Capocelli, R., Vaccaro, U. (eds.) Sequences II, pp. 329–334. Springer, New York (1993). https://doi.org/10.1007/978-1-4613-9323-8_24
National Institute of Standards and Technology (NIST). Recommendation for Digital Signature Timeliness. Standard (2009)
Pope, N., Santesson, S.: RFC 5816: Esscertidv2 update for RFC 3161 (2010)
Pinkas, D., Pope, N., Ross, J.: CMS Advanced Electronic Signatures (CAdES). IETF Request for Comments, 5126 (2008)
Centner, M.: XML Advanced Electronic Signatures (XAdES) (2003)
Haber, S., Kamat, P.: A content integrity service for long-term digital archives. In: Archiving Conference, volume 2006, pp. 159–164. Society for Imaging Science and Technology (2006)
Gondrom, T., Brandner, R., Pordesch, U.: Evidence Record Syntax (ERS). Request For Comments-RFC, 4998 (2007)
Blazic, A.J., Saljic, S., Gondrom, T. Extensible Markup Language Evidence Record Syntax (XMLERS). Technical Report, IETF RFC 6283 (2011). http://www.ietf.org/rfc/rfc6283.txt
Lekkas, D., Gritzalis, D.: Cumulative notarization for long-term preservation of digital signatures. Comput. Secur. 23(5), 413–424 (2004)
Vigil, M., Cabarcas, D., Buchmann, J., Huang, J.: Assessing trust in the long-term protection of documents. In: 2013 IEEE Symposium on Computers and Communications (ISCC), pp. 000185–000191. IEEE (2013)
Geihs, M.: Long-Term Protection of Integrity and Confidentiality-Security Foundations and System Constructions. Ph.D. thesis, Technische Universität (2018)
Canetti, R., Cheung, L., Kaynar, D.K., Lynch, N.A., Pereira, O.: Modeling computational security in long-lived systems, version 2. IACR Cryptology ePrint Archive, p. 492 (2008)
Schwenk, J.: Modelling time for authenticated key exchange protocols. In: Kutyłowski, M., Vaidya, J. (eds.) ESORICS 2014. LNCS, vol. 8713, pp. 277–294. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-11212-1_16
Buldas, A., Laur, S.: Knowledge-binding commitments with applications in time-stamping. In: Okamoto, T., Wang, X. (eds.) PKC 2007. LNCS, vol. 4450, pp. 150–165. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-71677-8_11
Dodis, Y., Ristenpart, T., Shrimpton, T.: Salvaging Merkle-Damgård for practical applications. In: Joux, A. (ed.) EUROCRYPT 2009. LNCS, vol. 5479, pp. 371–388. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-01001-9_22
Buldas, A., Saarepera, M.: On provably secure time-stamping schemes. In: Lee, P.J. (ed.) ASIACRYPT 2004. LNCS, vol. 3329, pp. 500–514. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-540-30539-2_35
Buldas, A., Laur, S.: Do broken hash functions affect the security of time-stamping schemes? In: Zhou, J., Yung, M., Bao, F. (eds.) ACNS 2006. LNCS, vol. 3989, pp. 50–65. Springer, Heidelberg (2006). https://doi.org/10.1007/11767480_4
Buldas, A., Jürgenson, A.: Does secure time-stamping imply collision-free hash functions? In: Susilo, W., Liu, J.K., Mu, Y. (eds.) ProvSec 2007. LNCS, vol. 4784, pp. 138–150. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-75670-5_9
Buldas, A., Niitsoo, M.: Can we construct unbounded time-stamping schemes from collision-free hash functions? In: Baek, J., Bao, F., Chen, K., Lai, X. (eds.) ProvSec 2008. LNCS, vol. 5324, pp. 254–267. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-88733-1_18
ISO/IEC 10118 (all parts). Information technology - Security techniques - Hash functions. Standard
Katz, J., Lindell, Y.: Introduction to Modern Cryptography. CRC Press, Boca Raton (2014)
Vanstone, S.A., Menezes, A.J., van Oorschot, P.C.: Handbook of Applied Cryptography. CRC Press, Boca Raton (1996)
Merkle, R.C.: A certified digital signature. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 218–238. Springer, New York (1990). https://doi.org/10.1007/0-387-34805-0_21
Acknowledgements
This work is supported by the European Union’s Horizon 2020 research and innovation program under grant agreement No. 779391 (FutureTPM) and grant agreement No. 952697 (ASSURED).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 Springer Nature Switzerland AG
About this paper
Cite this paper
Meng, L., Chen, L. (2021). Analysis of Client-Side Security for Long-Term Time-Stamping Services. In: Sako, K., Tippenhauer, N.O. (eds) Applied Cryptography and Network Security. ACNS 2021. Lecture Notes in Computer Science(), vol 12726. Springer, Cham. https://doi.org/10.1007/978-3-030-78372-3_2
Download citation
DOI: https://doi.org/10.1007/978-3-030-78372-3_2
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-78371-6
Online ISBN: 978-3-030-78372-3
eBook Packages: Computer ScienceComputer Science (R0)