Paper 2013/834

Keyless Signatures' Infrastructure: How to Build Global Distributed Hash-Trees

Ahto Buldas, Andres Kroonmaa, and Risto Laanoja

Abstract

Keyless Signatures Infrastructure (KSI) is a globally distributed system for providing time-stamping and server-supported digital signature services. Global per-second hash trees are created and their root hash values published. We discuss some service quality issues that arise in practical implementation of the service and present solutions for avoiding single points of failure and guaranteeing a service with reasonable and stable delay. Guardtime AS has been operating a KSI Infrastructure for 5 years. We summarize how the KSI Infrastructure is built, and the lessons learned during the operational period of the service.

Note: Proofreading.

Metadata
Available format(s)
PDF
Category
Applications
Publication info
Published elsewhere. Major revision. Hanne Riis Nielson, Dieter Gollmann (Eds.): Secure IT Systems - 18th Nordic Conference, NordSec 2013, Ilulissat, Greenland, October 18-21, 2013, Proceedings. Springer 2013 Lecture Notes in Computer Science ISBN 978-3-642-41487-9
Keywords
distributed systemapplications of hash functionspublic-key infrastructurehigh availability
Contact author(s)
ristik @ gmail com
History
2013-12-16: received
Short URL
https://ia.cr/2013/834
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2013/834,
      author = {Ahto Buldas and Andres Kroonmaa and Risto Laanoja},
      title = {Keyless Signatures' Infrastructure: How to Build Global Distributed Hash-Trees},
      howpublished = {Cryptology ePrint Archive, Paper 2013/834},
      year = {2013},
      note = {\url{https://eprint.iacr.org/2013/834}},
      url = {https://eprint.iacr.org/2013/834}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.