Abstract
Protocol failures are presented for two timestamping schemes. These failures emphasize the importance and difficulty of implementing a secure protocol even
though there exist secure underlying algorithms. As well, they indicate the importance of clearly defining the goals for a protocol. For the scheme of Benaloh and de Mare (Eurocrypt '93), it is shown that although an indication of time can be included during the computation of the timestamp, the variation of the timestamp does not allow for the recovery of this temporal measure. For the scheme of Haber and Stornetta (Journal of Cryptology '91), we demonstrate how a collusion attack between a single user and a timestamping service allows for the backdating of timestamps. This attack is successful despite the claim that the timestamping service need not be trusted. For each of these schemes we discuss methods for improvement.
though there exist secure underlying algorithms. As well, they indicate the importance of clearly defining the goals for a protocol. For the scheme of Benaloh and de Mare (Eurocrypt '93), it is shown that although an indication of time can be included during the computation of the timestamp, the variation of the timestamp does not allow for the recovery of this temporal measure. For the scheme of Haber and Stornetta (Journal of Cryptology '91), we demonstrate how a collusion attack between a single user and a timestamping service allows for the backdating of timestamps. This attack is successful despite the claim that the timestamping service need not be trusted. For each of these schemes we discuss methods for improvement.
Original language | English |
---|---|
Title of host publication | Proceedings of the Network and Distributed System Security Symposium, NDSS 1998, San Diego, California, USA |
Place of Publication | Reston (Virginia) |
Publisher | The Internet Society |
Number of pages | 8 |
ISBN (Print) | 1891562010 |
Publication status | Published - 1998 |