Can We Construct Unbounded Time-Stamping Schemes from Collision-Free Hash Functions?

  • Authors:

  • Ahto Buldas;Margus Niitsoo

  • Affiliations:

  • University of Tartu, Tartu, Estonia 50409 and Tallin University of Technology, Tallinn, Estonia 12618 and Cybernetica AS, Tallinn, Estonia 12618;University of Tartu, Tartu, Estonia 50409 and Cybernetica AS, Tallinn, Estonia 12618

  • Venue:
  • ProvSec '08 Proceedings of the 2nd International Conference on Provable Security
  • Year:
  • 2008

Quantified Score

Hi-index 0.00

Visualization

Abstract

It has been known for quite some time that collision-resistance of hash functions does not seem to give any actual security guarantees for unbounded hash-tree time-stamping, where the size of the hash-tree created by the time-stamping service is not explicitly restricted. We focus on the possibility of showing that there exist no black-box reductions of unbounded time-stamping schemes to collision-free hash functions. We propose an oracle that is probably suitable for such a separation and give strong evidence in support of that. However, the existence of a separation still remains open. We introduce the problem and give a construction of the oracle relative to which there seem to be no secure time-stamping schemes but there still exist collision-free hash function families. Although we rule out many useful collision-finding strategies (relative to the oracle) and the conjecture seems quite probable after that, there still remains a possibility that the oracle can be abused by some very smartly constructed wrappers. We also argue why it is probably very hard to give a correct proof for our conjecture.