Paper 2008/492

Modeling Computational Security in Long-Lived Systems, Version 2

Ran Canetti, Ling Cheung, Dilsun Kaynar, Nancy Lynch, and Olivier Pereira


For many cryptographic protocols, security relies on the assumption that adversarial entities have limited computational power. This type of security degrades progressively over the lifetime of a protocol. However, some cryptographic services, such as timestamping services or digital archives, are long-lived in nature; they are expected to be secure and operational for a very long time (i.e. super-polynomial). In such cases, security cannot be guaranteed in the traditional sense: a computationally secure protocol may become insecure if the attacker has a super-polynomial number of interactions with the protocol. This paper proposes a new paradigm for the analysis of long-lived security protocols. We allow entities to be active for a potentially unbounded amount of real time, provided they perform only a polynomial amount of work per unit of real time. Moreover, the space used by these entities is allocated dynamically and must be polynomially bounded. We propose a new notion of long-term implementation, which is an adaptation of computational indistinguishability to the long-lived setting. We show that long-term implementation is preserved under polynomial parallel composition and exponential sequential composition. We illustrate the use of this new paradigm by analyzing some security properties of the long-lived timestamping protocol of Haber and Kamat.

Note: This paper revisits the work on long-lived security posted as report 2007/406 (of which an extended abstract appeared at CONCUR 2008), adopting a conditional-probability-based approach.

Available format(s)
Publication info
Published elsewhere. Unknown where it was published
Contact author(s)
olivier pereira @ uclouvain be
2008-11-24: received
Short URL
Creative Commons Attribution


      author = {Ran Canetti and Ling Cheung and Dilsun Kaynar and Nancy Lynch and Olivier Pereira},
      title = {Modeling Computational Security in Long-Lived Systems, Version 2},
      howpublished = {Cryptology ePrint Archive, Paper 2008/492},
      year = {2008},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.