Long-Term Integrity: from Theoretical Concepts to Practice in Estonia

Ahto Buldas

Abstract. We give an overview on the basic theoretical concepts behind long-term integrity. Our main focus is on the long-term verifiability of digital signatures, which has been and still is a challenge. We go through the main techniques how to preserve the verifiability of signed documents considering the threats of key exposure and weakening cryptographic schemes. We summarize the formal cryptographic security notions of digital time-stamping as one of the main tools for supporting long-term verifiability of signatures. We will briefly discuss the suitability of the existing formal security notions in the context of quantum adversaries. Finally, we describe the practices and developments in Estonia in the field of long-term verifiability of digital signatures during the last decades.