Cryptology ePrint Archive: Report 2009/306

Authentic Time-Stamps for Archival Storage

Alina Oprea and Kevin D. Bowers

Abstract: We study the problem of authenticating the content and creation time of documents generated by an organization and retained in archival storage. Recent regulations (e.g., the Sarbanes-Oxley act and the Securities and Exchange Commission rule) mandate secure retention of important business records for several years. We provide a mechanism to authenticate bulk repositories of archived documents. In our approach, a space efficient local data structure encapsulates a full document repository in a short (e.g., 32-byte) digest. Periodically registered with a trusted party, these commitments enable compact proofs of both document creation time and content integrity. The data structure, an append-only persistent authenticated dictionary, allows for efficient proofs of existence and non-existence, improving on state-of-the-art techniques. We give a rigorous security analysis of our solution and confirm through an experimental evaluation with the Enron email corpus its feasibility in practice.

Category / Keywords: cryptographic protocols / time-stamping, compliance storage, authenticated data structures

Publication Info: This is the full version of the paper appearing in the 14th European Symposium on Research in Computer Security (ESORICS) 2009.

Date: received 25 Jun 2009

Contact author: aoprea at rsa com

Available format(s): PDF | BibTeX Citation

Version: 20090701:095243 (All versions of this report)

Discussion forum: Show discussion | Start new discussion


[ Cryptology ePrint archive ]