gzz-commits
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Gzz-commits] manuscripts/bookburnings techreport.rst

From: Benja Fallenstein
Subject: [Gzz-commits] manuscripts/bookburnings techreport.rst
Date: Wed, 16 Jul 2003 15:45:14 -0400 
CVSROOT:        /cvsroot/gzz
Module name:    manuscripts
Branch:         
Changes by:     Benja Fallenstein <address@hidden>      03/07/16 15:45:13

Modified files:
        bookburnings   : techreport.rst 

Log message:
        more

CVSWeb URLs:
http://savannah.gnu.org/cgi-bin/viewcvs/gzz/manuscripts/bookburnings/techreport.rst.diff?tr1=1.3&tr2=1.4&r1=text&r2=text

Patches:
Index: manuscripts/bookburnings/techreport.rst
diff -u manuscripts/bookburnings/techreport.rst:1.3 
manuscripts/bookburnings/techreport.rst:1.4
--- manuscripts/bookburnings/techreport.rst:1.3 Wed Jul 16 15:06:42 2003
+++ manuscripts/bookburnings/techreport.rst     Wed Jul 16 15:45:12 2003
@@ -7,7 +7,7 @@
 
 :Author:       Benja Fallenstein <address@hidden>
 :Created:      2003-07-13
-:Modified:     $Date: 2003/07/16 19:06:42 $
+:Modified:     $Date: 2003/07/16 19:45:12 $
 
 (the beginning of a summary of the stuff I developed
 while thinking about Storm pointers; need to publish
@@ -113,6 +113,46 @@
 
 An "A said that B said that C said..." approach
 ===============================================
+
+We start the exposition of our system with a simplistic
+approach based on a Trusted Third Party (TTP), an
+actor trusted by all participants in the system.
+
+To sign a message, the signer contacts the TTP,
+authenticates themselves, and submits the message
+to be signed.
+
+To verify a message, the verifier contacts the TTP,
+submitting the message and alleged signer; the TTP
+tells the verifier whether the signer has submitted
+this message or not.
+
+Clearly, this system isn't very attractive in
+practice; not only can the TTP declare arbitrary
+messages signed by arbitrary signers, it can also
+"change its mind" and claim a message not signed
+that it claimed to be signed at an earlier time.
+
+To make it harder for the TTP to "change its mind,"
+we improve the above system as follows:
+
+- The TTP issues certificates on (signer,message)
+  pairs, stating that a given signer submitted
+  a given message. (Normally, a hash of the message
+  is included in the certificate instead of
+  the actual message itself.)
+- Each certificate includes a cryptographic hash
+  of the previous issued certificate.
+- At any time, the TTP publishes the hash of the
+  most recently issued certificate.
+
+A certificate is valid if it is connected
+to the most recent certificate through an unbroken
+chain of hash links.
+
+
+
+
 
 - Key intuition: each signer picks an *envoy*,
   a service provider. The signer has signed something
reply via email to
[Prev in Thread] Current Thread [Next in Thread]