[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
trusted time stampin
To: [email protected]
********** Original To: [email protected]
* CARBON * was By: WEIDAI
* COPY * posted: On: ESKIMO
********** Conf: 0009 - Email
-----------------------------------------------------------------------
-----BEGIN PGP SIGNED MESSAGE-----
[email protected] wrote:
> The hard part is time stamper reliability, i.e., how does the world
> (and the courts) know that the time stamper(s) did not simply reset
> his clock and thus fake the times?
Another problem is security. Establishing a time stamping service can
make you a good target for subversion.
> 1. Publish a one-way hash of the text to be stamped in a very public
> place, e.g., one's latest bestselling novel or the "New York Times."
> This is similar to the crypto methods used by scientists through the
> ages to prove ownership. H & S call this a "widely witnessed event,"
> the idea being that millions of copies of archived issued of the NYT
> (or the novel!) would have to be retrieved and reprinted in order to
> change at a later date the text. Economically impractical.
Publishing a one-way hash of the text eliminates the role of the trusted
time stamper. Alice can simply sign the text herself
and then publish the hash right away (in a Usenet newsgroup for
example).
Trusted time stampers of course are trusted. It means they have
reputations for being secure and reliable, and reputation is worth
more to them than any possible benifit they can gain from abusing that
trust. Of course, this may not work out in reality, but the theory
sounds good to me.
A way to convince the public that your time stamp is valid without
publishing it at the time of the time stamp or absolute trust (on the
public's part) on the time stampers is to use a large number of time
stamping services. This way, they must all have colluded or been
subverted in order to forge your time stamp. Therefore, the time stamp
has a high probability of being valid.
cc: CYPHERPUNKS MAILING LIST in 0009 on ESKIMO
-----BEGIN PGP SIGNATURE-----
Version: 2.3a
iQCVAgUBLlUSnjl0sXKgdnV5AQFrkwQAopVBwQaFB5YkpKPkWfsOwA2xsTp4vNmZ
SIfJDbhdEM2T2xRbGi9QEofADeIoISgVtN6hkhgeQnk5eyvI3EFL8K+ocqc5rYAQ
mQAEsTY9sEvZ2CzQr8grayuvhSnnWRmQKSTsfELctWzZciqlDpHbhI++7G1c9hI+
1zFEE/2HPoQ=
=VtUy
-----END PGP SIGNATURE-----
PGP Public Key available