Carimbos do Tempo Autenticados para a Preservação por Longo Prazo de Assinaturas Digitais
Resumo
Assinaturas digitais são comumente usadas como a contraparte digital das assinaturas manuscritas, possibilitando a autenticação de documentos eletrônicos. Tais assinaturas, contudo, podem rapidamente perder sua validade, criando um desafio para a preservação daqueles documentos que precisam ser guardados por um tempo maior. Neste trabalho, aumentamos a eficiência e confiabilidade da abordagem usual para o problema, através de um novo esquema de datação. Esses carimbos carregam um Certificado de Autenticidade, que reduz seus custos de armazenamento e validação, enquanto protege a assinatura mesmo na presença de um adversário capaz de comprometer a chave privada da Autoridade de Carimbo do Tempo ou seu esquema de assinatura.Referências
C. Adams, P. Cain, D. Pinkas, and R. Zuccherato. Internet X.509 Public Key Infrastructure Time-Stamp Protocol (TSP). RFC 3161 (Proposed Standard), August 2001. Updated by RFC 5816.
R. Anderson. Invited lecture. In Fourth Annual Conference on Computer and Communications Security, ACM, 1997.
A. Ansper, A. Buldas, M. Roos, and J. Willemson. Efficient long-term validation of digital signatures. In Public Key Cryptography, pages 402–415. Springer, 2001.
E. Barker, W. Barker, W. Burr, W. Polk, and M. Smid. Nist sp800-57: Recommendation for key management–part 1: General (revised). Technical report, NIST, 2007.
E. Barker and A. Roginsky. Draft nist sp800-131: Recommendation for the transitioning of cryptographic algorithms and key sizes. Technical report, NIST, jan 2010.
D. Bayer, S. Haber, and W.S. Stornetta. Improving the efficiency and reliability of digital time-stamping. Sequences II: Methods in Communication, Security, and Computer Science, pages 329–334, 1993.
K. Blibech and A. Gabillon. A new timestamping scheme based on skip lists. Computational Science and Its Applications-ICCSA 2006, pages 395–405, 2006.
D. Chaum and S. Roijakkers. Unconditionally-secure digital signatures. Advances in CryptologyCRYPT0’90, pages 206–214, 1991.
D. Cooper, S. Santesson, S. Farrell, S. Boeyen, R. Housley, and W. Polk. Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile. RFC 5280 (Proposed Standard), May 2008.
R.F. Custodio, M.A.G. Vigil, J. Romani, F.C. Pereira, and J. da Silva Fraga. Optimized Certificates–A New Proposal for Efficient Electronic Document Signature Validation. In Public Key Infrastructure: 5th European PKI Workshop: Theory and Practice, EuroPKI 2008 Trondheim, Norway, June 16-17, 2008, Proceedings, page 49. Springer-Verlag New York Inc, 2008.
European Telecommunications Standards Institute. Electronic Signatures and Infrastructures (ESI); Algorithms and Parameters for Secure Electronic Signatures; Part 1: Hash functions and asymmetric algorithms, Nov 2007.
European Telecommunications Standards Institute. Electronic Signatures and Infrastructures (ESI); CMS Advanced electronic Signatures (CAdES), Nov 2009.
European Telecommunications Standards Institute. Electronic Signatures and Infrastructures (ESI); XML Advanced electronic Signatures (XAdES), Jun 2009.
T. Gondrom, R. Brandner, and U. Pordesch. Evidence Record Syntax (ERS). RFC 4998 (Proposed Standard), August 2007.
S. Haber and W. Stornetta. How to time-stamp a digital document. Advances in Cryptology-CRYPT0’90, pages 437–455, 1991.
M.K. Just. On the temporal authentication of digital data. PhD thesis, Carleton University, 1998.
D. Lekkas and D. Gritzalis. Cumulative notarization for long-term preservation of digital signatures. Computers & Security, 23(5):413–424, 2004.
H. Massias and J.J. Quisquater. Time and cryptography. US-patent n, 5:12, 1997.
R.C. Merkle. Protocols for public key cryptosystems. 1980.
D. Pinkas, N. Pope, and J. Ross. Policy Requirements for Time-Stamping Authorities (TSAs). RFC 3628 (Informational), November 2003.
G.J. Popek and C.S. Kline. Encryption and secure computer networks. ACM Computing Surveys (CSUR), 11(4):331–356, 1979.
B. Preneel. The First 30 Years of Cryptographic Hash Functions and the NIST SHA-3 Competition. Topics in Cryptology-CT-RSA 2010, pages 1–14, 2010.
Michael Szydlo. Merkle tree traversal in log space and time. In In Eurocrypt 2004, LNCS, pages 541–554. Springer-Verlag, 2004.
M. A. G. VIGIL, N. SILVA, R. MORAES, and R. F. CUSTODIO. Infra-estrutura de chaves públicas otimizada: Uma icp de suporte a assinaturas eficientes para documentos eletrônicos. In Simpósio Brasileiro em Segurança da Informação e de Sistemas Computacionais, pages 129–142, 2009.
R. Anderson. Invited lecture. In Fourth Annual Conference on Computer and Communications Security, ACM, 1997.
A. Ansper, A. Buldas, M. Roos, and J. Willemson. Efficient long-term validation of digital signatures. In Public Key Cryptography, pages 402–415. Springer, 2001.
E. Barker, W. Barker, W. Burr, W. Polk, and M. Smid. Nist sp800-57: Recommendation for key management–part 1: General (revised). Technical report, NIST, 2007.
E. Barker and A. Roginsky. Draft nist sp800-131: Recommendation for the transitioning of cryptographic algorithms and key sizes. Technical report, NIST, jan 2010.
D. Bayer, S. Haber, and W.S. Stornetta. Improving the efficiency and reliability of digital time-stamping. Sequences II: Methods in Communication, Security, and Computer Science, pages 329–334, 1993.
K. Blibech and A. Gabillon. A new timestamping scheme based on skip lists. Computational Science and Its Applications-ICCSA 2006, pages 395–405, 2006.
D. Chaum and S. Roijakkers. Unconditionally-secure digital signatures. Advances in CryptologyCRYPT0’90, pages 206–214, 1991.
D. Cooper, S. Santesson, S. Farrell, S. Boeyen, R. Housley, and W. Polk. Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile. RFC 5280 (Proposed Standard), May 2008.
R.F. Custodio, M.A.G. Vigil, J. Romani, F.C. Pereira, and J. da Silva Fraga. Optimized Certificates–A New Proposal for Efficient Electronic Document Signature Validation. In Public Key Infrastructure: 5th European PKI Workshop: Theory and Practice, EuroPKI 2008 Trondheim, Norway, June 16-17, 2008, Proceedings, page 49. Springer-Verlag New York Inc, 2008.
European Telecommunications Standards Institute. Electronic Signatures and Infrastructures (ESI); Algorithms and Parameters for Secure Electronic Signatures; Part 1: Hash functions and asymmetric algorithms, Nov 2007.
European Telecommunications Standards Institute. Electronic Signatures and Infrastructures (ESI); CMS Advanced electronic Signatures (CAdES), Nov 2009.
European Telecommunications Standards Institute. Electronic Signatures and Infrastructures (ESI); XML Advanced electronic Signatures (XAdES), Jun 2009.
T. Gondrom, R. Brandner, and U. Pordesch. Evidence Record Syntax (ERS). RFC 4998 (Proposed Standard), August 2007.
S. Haber and W. Stornetta. How to time-stamp a digital document. Advances in Cryptology-CRYPT0’90, pages 437–455, 1991.
M.K. Just. On the temporal authentication of digital data. PhD thesis, Carleton University, 1998.
D. Lekkas and D. Gritzalis. Cumulative notarization for long-term preservation of digital signatures. Computers & Security, 23(5):413–424, 2004.
H. Massias and J.J. Quisquater. Time and cryptography. US-patent n, 5:12, 1997.
R.C. Merkle. Protocols for public key cryptosystems. 1980.
D. Pinkas, N. Pope, and J. Ross. Policy Requirements for Time-Stamping Authorities (TSAs). RFC 3628 (Informational), November 2003.
G.J. Popek and C.S. Kline. Encryption and secure computer networks. ACM Computing Surveys (CSUR), 11(4):331–356, 1979.
B. Preneel. The First 30 Years of Cryptographic Hash Functions and the NIST SHA-3 Competition. Topics in Cryptology-CT-RSA 2010, pages 1–14, 2010.
Michael Szydlo. Merkle tree traversal in log space and time. In In Eurocrypt 2004, LNCS, pages 541–554. Springer-Verlag, 2004.
M. A. G. VIGIL, N. SILVA, R. MORAES, and R. F. CUSTODIO. Infra-estrutura de chaves públicas otimizada: Uma icp de suporte a assinaturas eficientes para documentos eletrônicos. In Simpósio Brasileiro em Segurança da Informação e de Sistemas Computacionais, pages 129–142, 2009.
Publicado
06/11/2011
Como Citar
SILVA, Nelson da; RAMOS, Thiago Acórdi; CUSTÓDIO, Ricardo Felipe.
Carimbos do Tempo Autenticados para a Preservação por Longo Prazo de Assinaturas Digitais. In: SIMPÓSIO BRASILEIRO DE SEGURANÇA DA INFORMAÇÃO E DE SISTEMAS COMPUTACIONAIS (SBSEG), 11. , 2011, Brasília.
Anais [...].
Porto Alegre: Sociedade Brasileira de Computação,
2011
.
p. 57-70.
DOI: https://doi.org/10.5753/sbseg.2011.20563.