Carimbos do Tempo Autenticados para a Preservação por Longo Prazo de Assinaturas Digitais
Abstract
Digital signatures are usually employed as the digital counterpart of handwritten signatures, allowing the authentication of electronic documents. These signatures, however, may quickly lose its validity, creating a preservation challenge for those documents that must be kept for a longer period of time. In this paper, we improve the efficiency and reliability of the usual approach for this problem, through a new time-stamp scheme. Such time-stamps carries a Certificate of Authenticity, with reduces its storage and validation costs, while protecting the signature even in the presence of an adversary able to compromise the Time Stamping Authority's private key or its signature scheme.References
C. Adams, P. Cain, D. Pinkas, and R. Zuccherato. Internet X.509 Public Key Infrastructure Time-Stamp Protocol (TSP). RFC 3161 (Proposed Standard), August 2001. Updated by RFC 5816.
R. Anderson. Invited lecture. In Fourth Annual Conference on Computer and Communications Security, ACM, 1997.
A. Ansper, A. Buldas, M. Roos, and J. Willemson. Efficient long-term validation of digital signatures. In Public Key Cryptography, pages 402–415. Springer, 2001.
E. Barker, W. Barker, W. Burr, W. Polk, and M. Smid. Nist sp800-57: Recommendation for key management–part 1: General (revised). Technical report, NIST, 2007.
E. Barker and A. Roginsky. Draft nist sp800-131: Recommendation for the transitioning of cryptographic algorithms and key sizes. Technical report, NIST, jan 2010.
D. Bayer, S. Haber, and W.S. Stornetta. Improving the efficiency and reliability of digital time-stamping. Sequences II: Methods in Communication, Security, and Computer Science, pages 329–334, 1993.
K. Blibech and A. Gabillon. A new timestamping scheme based on skip lists. Computational Science and Its Applications-ICCSA 2006, pages 395–405, 2006.
D. Chaum and S. Roijakkers. Unconditionally-secure digital signatures. Advances in CryptologyCRYPT0’90, pages 206–214, 1991.
D. Cooper, S. Santesson, S. Farrell, S. Boeyen, R. Housley, and W. Polk. Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile. RFC 5280 (Proposed Standard), May 2008.
R.F. Custodio, M.A.G. Vigil, J. Romani, F.C. Pereira, and J. da Silva Fraga. Optimized Certificates–A New Proposal for Efficient Electronic Document Signature Validation. In Public Key Infrastructure: 5th European PKI Workshop: Theory and Practice, EuroPKI 2008 Trondheim, Norway, June 16-17, 2008, Proceedings, page 49. Springer-Verlag New York Inc, 2008.
European Telecommunications Standards Institute. Electronic Signatures and Infrastructures (ESI); Algorithms and Parameters for Secure Electronic Signatures; Part 1: Hash functions and asymmetric algorithms, Nov 2007.
European Telecommunications Standards Institute. Electronic Signatures and Infrastructures (ESI); CMS Advanced electronic Signatures (CAdES), Nov 2009.
European Telecommunications Standards Institute. Electronic Signatures and Infrastructures (ESI); XML Advanced electronic Signatures (XAdES), Jun 2009.
T. Gondrom, R. Brandner, and U. Pordesch. Evidence Record Syntax (ERS). RFC 4998 (Proposed Standard), August 2007.
S. Haber and W. Stornetta. How to time-stamp a digital document. Advances in Cryptology-CRYPT0’90, pages 437–455, 1991.
M.K. Just. On the temporal authentication of digital data. PhD thesis, Carleton University, 1998.
D. Lekkas and D. Gritzalis. Cumulative notarization for long-term preservation of digital signatures. Computers & Security, 23(5):413–424, 2004.
H. Massias and J.J. Quisquater. Time and cryptography. US-patent n, 5:12, 1997.
R.C. Merkle. Protocols for public key cryptosystems. 1980.
D. Pinkas, N. Pope, and J. Ross. Policy Requirements for Time-Stamping Authorities (TSAs). RFC 3628 (Informational), November 2003.
G.J. Popek and C.S. Kline. Encryption and secure computer networks. ACM Computing Surveys (CSUR), 11(4):331–356, 1979.
B. Preneel. The First 30 Years of Cryptographic Hash Functions and the NIST SHA-3 Competition. Topics in Cryptology-CT-RSA 2010, pages 1–14, 2010.
Michael Szydlo. Merkle tree traversal in log space and time. In In Eurocrypt 2004, LNCS, pages 541–554. Springer-Verlag, 2004.
M. A. G. VIGIL, N. SILVA, R. MORAES, and R. F. CUSTODIO. Infra-estrutura de chaves públicas otimizada: Uma icp de suporte a assinaturas eficientes para documentos eletrônicos. In Simpósio Brasileiro em Segurança da Informação e de Sistemas Computacionais, pages 129–142, 2009.
R. Anderson. Invited lecture. In Fourth Annual Conference on Computer and Communications Security, ACM, 1997.
A. Ansper, A. Buldas, M. Roos, and J. Willemson. Efficient long-term validation of digital signatures. In Public Key Cryptography, pages 402–415. Springer, 2001.
E. Barker, W. Barker, W. Burr, W. Polk, and M. Smid. Nist sp800-57: Recommendation for key management–part 1: General (revised). Technical report, NIST, 2007.
E. Barker and A. Roginsky. Draft nist sp800-131: Recommendation for the transitioning of cryptographic algorithms and key sizes. Technical report, NIST, jan 2010.
D. Bayer, S. Haber, and W.S. Stornetta. Improving the efficiency and reliability of digital time-stamping. Sequences II: Methods in Communication, Security, and Computer Science, pages 329–334, 1993.
K. Blibech and A. Gabillon. A new timestamping scheme based on skip lists. Computational Science and Its Applications-ICCSA 2006, pages 395–405, 2006.
D. Chaum and S. Roijakkers. Unconditionally-secure digital signatures. Advances in CryptologyCRYPT0’90, pages 206–214, 1991.
D. Cooper, S. Santesson, S. Farrell, S. Boeyen, R. Housley, and W. Polk. Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile. RFC 5280 (Proposed Standard), May 2008.
R.F. Custodio, M.A.G. Vigil, J. Romani, F.C. Pereira, and J. da Silva Fraga. Optimized Certificates–A New Proposal for Efficient Electronic Document Signature Validation. In Public Key Infrastructure: 5th European PKI Workshop: Theory and Practice, EuroPKI 2008 Trondheim, Norway, June 16-17, 2008, Proceedings, page 49. Springer-Verlag New York Inc, 2008.
European Telecommunications Standards Institute. Electronic Signatures and Infrastructures (ESI); Algorithms and Parameters for Secure Electronic Signatures; Part 1: Hash functions and asymmetric algorithms, Nov 2007.
European Telecommunications Standards Institute. Electronic Signatures and Infrastructures (ESI); CMS Advanced electronic Signatures (CAdES), Nov 2009.
European Telecommunications Standards Institute. Electronic Signatures and Infrastructures (ESI); XML Advanced electronic Signatures (XAdES), Jun 2009.
T. Gondrom, R. Brandner, and U. Pordesch. Evidence Record Syntax (ERS). RFC 4998 (Proposed Standard), August 2007.
S. Haber and W. Stornetta. How to time-stamp a digital document. Advances in Cryptology-CRYPT0’90, pages 437–455, 1991.
M.K. Just. On the temporal authentication of digital data. PhD thesis, Carleton University, 1998.
D. Lekkas and D. Gritzalis. Cumulative notarization for long-term preservation of digital signatures. Computers & Security, 23(5):413–424, 2004.
H. Massias and J.J. Quisquater. Time and cryptography. US-patent n, 5:12, 1997.
R.C. Merkle. Protocols for public key cryptosystems. 1980.
D. Pinkas, N. Pope, and J. Ross. Policy Requirements for Time-Stamping Authorities (TSAs). RFC 3628 (Informational), November 2003.
G.J. Popek and C.S. Kline. Encryption and secure computer networks. ACM Computing Surveys (CSUR), 11(4):331–356, 1979.
B. Preneel. The First 30 Years of Cryptographic Hash Functions and the NIST SHA-3 Competition. Topics in Cryptology-CT-RSA 2010, pages 1–14, 2010.
Michael Szydlo. Merkle tree traversal in log space and time. In In Eurocrypt 2004, LNCS, pages 541–554. Springer-Verlag, 2004.
M. A. G. VIGIL, N. SILVA, R. MORAES, and R. F. CUSTODIO. Infra-estrutura de chaves públicas otimizada: Uma icp de suporte a assinaturas eficientes para documentos eletrônicos. In Simpósio Brasileiro em Segurança da Informação e de Sistemas Computacionais, pages 129–142, 2009.
Published
2011-11-06
How to Cite
SILVA, Nelson da; RAMOS, Thiago Acórdi; CUSTÓDIO, Ricardo Felipe.
Carimbos do Tempo Autenticados para a Preservação por Longo Prazo de Assinaturas Digitais. In: BRAZILIAN SYMPOSIUM ON CYBERSECURITY (SBSEG), 11. , 2011, Brasília.
Anais [...].
Porto Alegre: Sociedade Brasileira de Computação,
2011
.
p. 57-70.
DOI: https://doi.org/10.5753/sbseg.2011.20563.
