Cryptology ePrint Archive: Report 2013/834
Keyless Signatures' Infrastructure: How to Build Global Distributed Hash-Trees
Ahto Buldas and Andres Kroonmaa and Risto Laanoja
Abstract: Keyless Signatures Infrastructure (KSI) is a globally distributed system for providing time-stamping and server-supported digital signature services. Global per-second hash trees are created and their root hash values published.
We discuss some service quality issues that arise in practical implementation of the service and present solutions for avoiding single points of failure and guaranteeing a service with reasonable and stable delay. Guardtime AS has been operating a KSI Infrastructure for 5 years. We summarize how the KSI Infrastructure is built, and the lessons learned during the operational period of the service.
Category / Keywords: applications / distributed system, applications of hash functions, public-key infrastructure, high availability
Original Publication (with major differences): Hanne Riis Nielson, Dieter Gollmann (Eds.): Secure IT Systems - 18th Nordic Conference, NordSec 2013, Ilulissat, Greenland, October 18-21, 2013, Proceedings. Springer 2013 Lecture Notes in Computer Science ISBN 978-3-642-41487-9
Date: received 9 Dec 2013, last revised 15 Dec 2013
Contact author: ristik at gmail com
Available format(s): PDF | BibTeX Citation
Version: 20131216:190753 (All versions of this report)
Short URL: ia.cr/2013/834
Discussion forum: Show discussion | Start new discussion
[ Cryptology ePrint archive ]