Modeling Security Of Long-Term Integrity Solutions

Matthias Geihs
Digital signature schemes are commonly used to ensure integrity of digital information. Unfortunately, the security of such schemes can in general only be guaranteed over a few years. Therefore, various specifications have been made that promise to protect the integrity of digital information over a much longer period of time (i.e, decades or even centuries). To understand which level of security existing specifications for long-term integrity protection offer, it is important to formally analyze their security.

In this talk, we present a novel security model for analyzing the security of long-term integrity schemes. The model allows to estimate for which time period a given scheme provides sufficient protection, depending on properties of the environment in which the scheme is used in. Various existing specifications for long-term integrity protection use timestamps. We present an example construction of a timestamp-based long-term integrity scheme which captures the core functionality of many existing specifications. We analyze the security of that scheme using our model.