Abstract
To provide the security of digital data, many applications are using cryptographic
algorithms that attackers are infeasible to break since the algorithms
are based on hard mathematical problems. However, any single cryptographic
algorithm has a limited lifespan due to the limited operational life cycle or
increasing computational power of attackers. For many types of digital data,
such as identity information, health records, history archives, etc, the security
of data needs to be maintained for decades or even permanently, which
is much longer than the lifetime of a single cryptographic algorithm. In this
PhD thesis, we aim to study the solution for the long-term security of two
specific applications: time-stamping services and blockchains, so that their
security is not restricted by the lifetime of the underlying cryptographic algorithms.
Overall, this thesis is comprised of five papers. The first three papers focus
on the long-term security of traditional centralized time-stamping services.
In specific, our first work reviews the ISO/IEC standard and discovers several
issues that may lead to the failure of designed properties, and we provide a
solution to each issue. Since the literature, the ISO/IEC, and ANSI standards
only consider the solution of a long-term time-stamping scheme is to renew
server-side algorithms, our second work explores a comprehensive long-term
time-stamping scheme that addresses the renewal of both client-side hash
functions and server-side algorithms. Then we notice that the ISO/IEC and
ANSI standards totally specify five types of server-side algorithms, but only
the long-term time-stamping schemes based on signatures and hash functions
are formally defined and analyzed in the literature. Thus, we fill this gap
by formally and analyze the other three types of long-term time-stamping
schemes based on MACs, archives, and transient keys respectively as our
third paper.
The next two papers study the long-term security topic of a blockchain.
Based on two existing designs of a long-term secure blockchain scheme, we
found that these schemes are not formally analyzed and could be vulnerable
to attacks. As one step further, we provide the first security model and
construction of a long-term blockchain scheme. Finally, motivated by the
decentralized concepts of blockchains, we propose the first long-term timestamping
scheme based on a blockchain, which eliminates the trust assumption
of a time-stamping authority.