### Analysis of Client-side Security for Long-term Time-stamping Services

Long Meng and Liqun Chen

##### Abstract

Time-stamping services produce time-stamp tokens as evidence to prove that digital data existed at given points in time. Time-stamp tokens contain verifiable cryptographic bindings between data and time, which are produced using cryptographic algorithms. In the ANSI, ISO/IEC and IETF standards for time-stamping services, cryptographic algorithms are addressed in two aspects: (i) Client-side hash functions used to hash data into digests for nondisclosure. (ii) Server-side algorithms used to bind the time and digests of data. These algorithms are associated with limited lifespans due to their operational life cycles and increasing computational powers of attackers. After the algorithms are compromised, time-stamp tokens using the algorithms are no longer trusted. The ANSI and ISO/IEC standards provide renewal mechanisms for time-stamp tokens. However, the renewal mechanisms for client-side hash functions are specified ambiguously, that may lead to the failure of implementations. Besides, in existing papers, the security analyses of long-term time-stamping schemes only cover the server-side renewal, and the client-side renewal is missing. In this paper, we analyse the necessity of client-side renewal, and propose a comprehensive long-term time-stamping scheme that addresses both client-side renewal and server-side renewal mechanisms. After that, we formally analyse and evaluate the client-side security of our proposed scheme.

Available format(s)
Category
Applications
Publication info
Published elsewhere. ACNS 2021: Applied Cryptography and Network Security
DOI
10.1007/978-3-030-78372-3_2
Keywords
Time-StampingLong-term securityHash functionsapplied cryptography
Contact author(s)
lm00810 @ surrey ac uk
History
Short URL
https://ia.cr/2021/1411

CC BY

BibTeX

@misc{cryptoeprint:2021/1411,
author = {Long Meng and Liqun Chen},
title = {Analysis of Client-side Security for Long-term Time-stamping Services},
howpublished = {Cryptology ePrint Archive, Paper 2021/1411},
year = {2021},
doi = {10.1007/978-3-030-78372-3_2},
note = {\url{https://eprint.iacr.org/2021/1411}},
url = {https://eprint.iacr.org/2021/1411}
}

Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.