On Universal Composable Security of Time-Stamping Protocols

Authors:
Toshihiko Matsuo;Shin'ichiro Matsuo
Affiliations:
NTT DATA Corporation;NTT DATA Corporation
Venue:
Proceedings of the 2005 conference on Applied Public Key Infrastructure: 4th International Workshop: IWAP 2005
Year:
2005

Citing 5
Cited 1

Time-Stamping with Binary Linking Schemes

CRYPTO '98 Proceedings of the 18th Annual International Cryptology Conference on Advances in Cryptology
Universally Composable Notions of Key Exchange and Secure Channels

EUROCRYPT '02 Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques: Advances in Cryptology
Optimally Efficient Accountable Time-Stamping

PKC '00 Proceedings of the Third International Workshop on Practice and Theory in Public Key Cryptography: Public Key Cryptography
Universally Composable Security: A New Paradigm for Cryptographic Protocols

FOCS '01 Proceedings of the 42nd IEEE symposium on Foundations of Computer Science
Universally Composable Signature, Certification, and Authentication

CSFW '04 Proceedings of the 17th IEEE workshop on Computer Security Foundations

A survey of the problems of time-stamping or why it is necessary to have another time-stamping scheme

SE'07 Proceedings of the 25th conference on IASTED International Multi-Conference: Software Engineering

Quantified Score

Hi-index	0.00

Visualization

Abstract

Time-stamping protocols, which assure that a document was existed at a certain time, are applied to some useful and practical applications such as electronic patent applications and so on. There are two major time-stamping protocols, the simple protocol and the linking protocol. In the former, a time-stamp authority issues a time-stamp token that is the digital signature of the concatenated value of a hashed message and the present time. In the latter, the time-stamp authority issues a time-stamp token that is the hash value of the concatenated value of a hashed message and the previous hash value. Although security requirements and analysis for above time-stamping protocols has been discussed, there are no strict cryptographic security notions for them. In this paper, we reconsider the security requirements for time-stamping protocols and define security notions for them, in a universally composable security sense, which was proposed by Canetti. We also show that these notions can be achieved using combinations of a secure key exchange protocol, a secure symmetric encryption scheme, and a secure digital signature scheme.