1993-09-06 - Re: Trusted timestamps

Header Data

From: tcmay@netcom.com (Timothy C. May)
To: MIKEINGLE@delphi.com (Mike Ingle)
Message Hash: 52254065707f8e5cd6a212ec7078a3bb9df12f8acce7fedc8e7d13b6ba94389a
Message ID: <9309060613.AA18943@netcom5.netcom.com>
Reply To: <01H2LZYT94GA935IO5@delphi.com>
UTC Datetime: 1993-09-06 06:17:07 UTC
Raw Date: Sun, 5 Sep 93 23:17:07 PDT

Raw message

From: tcmay@netcom.com (Timothy C. May)
Date: Sun, 5 Sep 93 23:17:07 PDT
To: MIKEINGLE@delphi.com (Mike Ingle)
Subject: Re: Trusted timestamps
In-Reply-To: <01H2LZYT94GA935IO5@delphi.com>
Message-ID: <9309060613.AA18943@netcom5.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


Mike Ingle writes:

> There are a lot of additions being talked about for the remailers, and
> timestamping is another which could be put in. With commercial PGP coming
> out, people may soon be doing "real business" using PGP. In this case,
> timestamps can be a problem. A simple example: you sign an electronic

New ideas for "Mom and Pop Timestapping Services" are useful to
discuss, but be aware that several papers on exactly this kind of
digital timestamping have been presented at conferences, mostly by Stu
Haber and Scott Stornetta of Bellcore.

Their system involves a hash of some document which is then published
in an effectively unchangeable place: the pages of the "New York
Times," Sunday edition, form a pretty good "widely witnessed event,"
to use their terminology.

A digital contract timestamped (to the "granularity" of the publishing
schedule, clearly) could not easily be disavowed.

There are some other details. To reduce storage/publishing
requirements, a binary tree of other documents can all be hashed
together, so that only a single number need be published.

Anyone trying to alter a contract, or to claim the given contract was
not in fact timestamped when it was, would have to produce the same
hash value with a different input...this can be made intractable with
a good hash function.

The hash function hides the content of course, so privacy is
maintained.

Bellcore is offering a commercial service to do this. An Internet
service might be exciting (the distribution of NetNews to many
thousands of sites, for archiving on CD-ROMs, tapes, etc., is a lot
like the "widely witnessed event" of publishing in the "New York
Times").

Alternatives to Bellcore may run afoul of patents, though.

-Tim May


-- 
..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,  
tcmay@netcom.com       | anonymous networks, digital pseudonyms, zero
408-688-5409           | knowledge, reputations, information markets, 
W.A.S.T.E.: Aptos, CA  | black markets, collapse of governments.
Higher Power: 2^756839 | Public Key: PGP and MailSafe available.
Note: I put time and money into writing this posting. I hope you enjoy it.





Thread