[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Gzz-commits] manuscripts/bookburnings techreport.rst
|
From: |
Benja Fallenstein |
|
Subject: |
[Gzz-commits] manuscripts/bookburnings techreport.rst |
|
Date: |
Wed, 16 Jul 2003 15:06:43 -0400 |
CVSROOT: /cvsroot/gzz
Module name: manuscripts
Branch:
Changes by: Benja Fallenstein <address@hidden> 03/07/16 15:06:42
Modified files:
bookburnings : techreport.rst
Log message:
bit more
CVSWeb URLs:
http://savannah.gnu.org/cgi-bin/viewcvs/gzz/manuscripts/bookburnings/techreport.rst.diff?tr1=1.2&tr2=1.3&r1=text&r2=text
Patches:
Index: manuscripts/bookburnings/techreport.rst
diff -u manuscripts/bookburnings/techreport.rst:1.2
manuscripts/bookburnings/techreport.rst:1.3
--- manuscripts/bookburnings/techreport.rst:1.2 Wed Jul 16 11:51:58 2003
+++ manuscripts/bookburnings/techreport.rst Wed Jul 16 15:06:42 2003
@@ -7,7 +7,7 @@
:Author: Benja Fallenstein <address@hidden>
:Created: 2003-07-13
-:Modified: $Date: 2003/07/16 15:51:58 $
+:Modified: $Date: 2003/07/16 19:06:42 $
(the beginning of a summary of the stuff I developed
while thinking about Storm pointers; need to publish
@@ -55,23 +55,60 @@
.. Digital signatures for updateable documents
-A simple approach would be to use
-
-- Keys expire and are revoked
-- The usual approach: Certificate Authorities (CAs)
- plus Time Stamping Services (TSSs)
-- For a complete system, also need a
- Key Archival Service (KAS), which stores the
- certificate associated with an identity at
- one time, in order to verify that key K was really
- the certified public key of entity E at time T
-- Together: KASTS design; non-centralized: Prokopius
-- Good TSS mechanisms patented; the need for
- something new
-- We present an alternative design which
- relies on non-patented technology
-- We show that attacks on our system have
- equivalents in a KASTS system
+A simple approach would be to use digital signatures.
+A document could be identified by a cryptographic
+public key; all versions signed by the corresponding
+private key would be considered versions of the
+document.
+
+.. Keys expire and are revoked
+
+However, public key cryptography relies on the
+keeping of secrets-- the private keys. Since there
+is no perfect way of guarding a secret, a key
+may be stolen; then, there must be a way for
+the publisher to 'revoke' the key-- i.e., to
+say that signatures given with this key cannot
+be trusted any longer.
+
+However, if all signatures given with a key
+become invalid, then old versions of a document
+could not be retrieved any longer.
+
+.. The usual approach: Certificate Authorities (CAs)
+ plus Time Stamping Services (TSSs)
+
+The usual solution to this problem is to use
+digital timestamping, which certifies that
+a certain digital document existed at a given time.
+If, using timestamping, we can verify that a signature
+was provided before the corresponding key was revoked,
+the signature continues to be valid even after
+revocation.
+
+Unfortunately, while there are good methods to
+timestamp documents in a secure, trusted way,
+these methods are patented.
+
+In this document, we describe a system
+providing the equivalent of digital signatures
+(verifiable statements of the form: "Authority A
+approved of message B") without relying on
+patented timestamping technology.
+
+..
+ - For a complete system, also need a
+ Key Archival Service (KAS), which stores the
+ certificate associated with an identity at
+ one time, in order to verify that key K was really
+ the certified public key of entity E at time T
+ - Together: KASTS design; non-centralized: Prokopius
+ - Good TSS mechanisms patented; the need for
+ something new
+ - We present an alternative design which
+ relies on non-patented technology
+ - We show that attacks on our system have
+ equivalents in a KASTS system
An "A said that B said that C said..." approach