Affiliation: Cybernetica AS
Knowledge-Binding Commitments with Applications in Time-Stamping (Full Version)
We prove in a non-black-box way that every bounded list and set commitment scheme is knowledge-binding. This is a new and rather strong security condition, which makes the security definitions for time-stamping much more natural compared to the previous definitions, which assume unpredictability of adversaries. As a direct consequence, list and set commitment schemes with partial opening property are sufficient for secure time-stamping if the number of elements has an explicit upper bound N. On the other hand, white-box reductions are in a sense strictly weaker than black-box reductions. Therefore, we also extend and generalize the previously known reductions. The corresponding new reductions are Theta(sqrt(N)) times more efficient, which is important for global-scale time-stamping schemes where N is very large.
Universally Composable Time-Stamping Schemes with Audit
We present a universally composable time-stamping scheme based on universal one-way hash functions. The model we use contains an ideal auditing functionality (implementable in the Common Reference String model), the task of which is to check that the rounds' digests are correctly computed. Our scheme uses hash-trees and is just a slight modification of the known schemes of Haber-Stornetta and Benaloh-de Mare, but both the modifications and the audit functionality are crucial for provable security. The scheme turns out to be nearly optimal -- we prove that in every universally composable auditable time-stamping scheme, almost all time stamp requests must be communicated to the auditor.
Accountable Certificate Management using Undeniable Attestations
This paper initiates a study of accountable certificate management methods, necessary to support long-term authenticity of digital documents. Our main contribution is a model for accountable certificate management, where clients receive attestations confirming inclusion/removal of their certificates from the database of valid certificates. We explain why accountability depends on the inability of the third parties to create contradictory attestations. After that we define an undeniable attester as a primitive that provides efficient attestation creation, publishing and verification, so that it is intractable to create contradictory attestations. We introduce authenticated search trees and build an efficient undeniable attester upon them. The proposed system is the first accountable long-term certificate management system. Moreover, authenticated search trees can be used in many security-critical applications instead of the (sorted) hash trees to reduce trust in the authorities, without decrease in efficiency. Therefore, the undeniable attester promises looks like a very useful cryptographic primitive with a wide range of applications.