1 / 14

Archive Time-Stamps-Syntax <draft-brandner-etal-ats-00.txt>

Archive Time-Stamps-Syntax <draft-brandner-etal-ats-00.txt>. Dr. Ulrich Pordesch pordesch@sit.fhg.de. Archive Time Stamping. Archiving Signed Documents. Long-term Problems algorithms get weak, certificates expire verification data no longer available changes of formats and media

fayre
Télécharger la présentation

Archive Time-Stamps-Syntax <draft-brandner-etal-ats-00.txt>

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Archive Time-Stamps-Syntax<draft-brandner-etal-ats-00.txt> Dr. Ulrich Pordesch pordesch@sit.fhg.de

  2. Archive Time Stamping Archiving Signed Documents • Long-term Problems • algorithms get weak, certificates expire • verification data no longer available • changes of formats and media • ArchiSig-Project 2001 - 2003 • requirements, concepts,implementation, evaluation • ATS one of the results

  3. Long-term non-repudiation • Signatures: Proof of integrity and authenticity • Need to archive documents for 30 or more years • Signature and hashalgorithms / parameters can get weak, certificates expire or revoked • Long-term non repudiation prove of existence of signed documents and verification data needed • also very useful for unsigned documents

  4. Requirements practical, effective, privacy protecting and law conformant: • timestamps with digital signatures needed • take weakness of pk- and hash-algorithms into account • minimalize quantity of time-stamps • avoid access to archived data as far as possible • independency of formats of documents or signatures • time-stamp groups of data objects together • no side effects of deletion of documents • optional encryption must preserve evidence value • use existing qualified time-stamp-services and protocols • no new trusted third parties

  5. Electronic Signature Formats (RFC 3126) • Approach • adding (archive) time-stamps as unsigned attributes for each signature • Problems: • a great many time-stamps • need to access data and signatures(document format dependent) • not applicable to encrypted data,non standard signature formats,seperatly stored verification data,unsigned documents • not conformant to german signature law:new signature does not includeall previous signatures • Alternative (second) solution is needed

  6. Approach client • Select data objects (document, ..) • Optional: Encrypt data objects service / archive system • Initial Archive Time-Stamp • Renewal: Time-Stamp Renewal, Hashtree Renewal • Reduce hashtrees, generate Archive Timestamps Element client • Optional: Decrypt data objects • Optional: Integrate as an attribute if wanted • Verify Archive Time-Stamps Element anddocument

  7. Archive Time Stamp Syntax • Syntax and Processing (particularly verification)of an Archive Time Stamp Element • to verify existance of any data objects over an undetermined period of time, useable for signature renewal • optimized (but not restricted to) centralized Archive Time Stamping by Archive Systems or Services • including optional encryption • addendum: integration into signed documents • Not specified here: • Service protocol: possible but not necessary for internal use • Architectures of archive systems

  8. Archive Time-Stamp • Archive Time Stamp • hash-tree (Merkle) • qualif. time-stamp containing digital signature • single time-stamp for many data objects • Initial Stamp • event: after document is archived • collect hash values and build tree,request time-stamp • store archive time-stamp • renew if necesary • Reduction to Enhanced Time-Stamp • necessary hash values for verification +time-stamp • {SEQUENCE of SEQUENCE of OCTET STRINGtime-stamp}

  9. Time-Stamp-Renewal • Event: Any algorithm in time-stamp gets weak(or time-stamp-certificate expires) • Method • hash time-stamp with old hash algorithm • and include it in new archive time-stamp • Properties • no access to data objects • only few (at minimum 1) time-stamp for an whole archive • Reduction: ArchiveTimeStampChain • SEQUENCE of Enhanced Time Stamp

  10. Hashtree-Renewal • Event: Hash-Algorithm of chain gets weak • Method (for each data object) • build Archive Time-Stamp chain • include hash of (hash of chain + hash of data object) in new Archive Time-Stamp • Properties • need to access data objects • but: avoidable by easy to implement redundancy • Reduction: ArchiveTimeStampSequence • SEQUENCE of ArchiveTimeStampChain

  11. Optional Encryption • Caution: Encryption must be unambigious! • Method: • encrypt data object before archiving using CMS-Encryption (Algorithms: RSA, DES-CBC) • normal archive time-stamping • decrypt encrypted data object when got bak • add CMS-cover to Archive-Time-Stamp-Element store content seperately • verification: reconstruct of archive time-stamped data object by decryption of content-encryption key, reencrypt content, insert content

  12. Appendices • Optional Integration • CMS: signed data • Archive Time-Stamps-Element as an unsigned signature attribute for signature • Optional use of Enhanced Time-Stamp • CMS: signed data • Attribute for multiple signature verification

  13. Implementation and Evaluation • Implementation • Patient documentation system • Archivesystem + Archive Time Stamping • Verification tool • Evaluation • Test within hospital • simulation study with lawyers, judges, technical experts

  14. Summary • Syntax + Processing of Archive Time-Stamp Element • optimized for centralized time-stamping • effective for large document volumes • applicable for any data objects and groups of data objects • normally no need to access data • redundancy easy to realize • on base of existing services

More Related