Transient-key cryptography: Difference between revisions

Browse history interactively

← Previous edit

Content deleted Content added

VisualWikitext

Revision as of 14:13, 7 April 2008 edit Kbdankbot (talk \| contribs) 184,258 edits m Robot - move category per CFD 2008 April 1 ← Previous edit		Latest revision as of 05:28, 21 June 2025 edit undo Count Count (talk \| contribs) Extended confirmed users, Pending changes reviewers, Rollbackers 8,983 edits →External links: rm spam links
(57 intermediate revisions by 30 users not shown)
Line 1: '''Transient-key cryptography''' is a form of [[~~Public-key cryptography\|~~public-key cryptography]] wherein [[~~Keypair \|keypairs~~keypair]]s are generated and assigned to brief [[Interval (time)\|intervals]] of time instead of to individuals or organizations, and the blocks of cryptographic data are chained through time. In a transient-key system, [[~~Private_key\|~~private ~~keys~~key]]s are used briefly and then destroyed, which is why it is sometimes nicknamed “disposable crypto.” Data encrypted with a private key associated with a specific time interval can be irrefutably linked to that interval, making transient-key [[cryptography]] particularly useful for [[Trusted timestamping\|digital trusted timestamping]]. Transient-key cryptography was invented in 1997 by Michael Doyle of [[Eolas]], and has been adopted in the [[ANSI ASC X9.95 Standard]] for [[Trusted timestamping\|trusted timestamps]]. ==Public-key vs. transient-key ~~cryptography~~== Both [[Public key \|public-key]] and transient-key systems can be used to generate [[Digital signature\|digital signatures]] that assert that a given piece of data has not changed since it was signed. But the similarities end there. Both [[public key]] and transient-key systems can be used to generate [[digital signature]]s that assert that a given piece of data has not changed since it was signed. But the similarities end there. In a traditional public key system, the public/private keypair is typically assigned to an individual, server, or [[organization]]. Data signed by a private key asserts that the signature came from the indicated source. Keypairs persist for years at a time, so the private component must be carefully guarded against disclosure; in a public-key system, anyone with access to a private key can counterfeit that ~~person’s~~person's digital signature. In transient-key systems, however, the keypair is assigned to a brief interval of time, not to a particular person or entity. Data signed by a specific private key becomes associated with a specific time and date. A keypair is active only for a few minutes, after which the private key is permanently destroyed. Therefore, unlike public-key systems, transient-key systems do not depend upon the long-term security of the private keys. ==Establishing data integrity with transient-key timestamps==▼ In a transient-key system, the source of time must be a consistent standard understood by all senders and receivers. Since a local [[System clock\|system clock]] may be changed by a user, it is never used as a source of time. ▲==Establishing data integrity ~~with transient-key timestamps~~== Instead, data is digitally signed with a time value derived from [[Universal Coordinated Time\|Universal Coordinated Time (UTC)]] accurate to within a millisecond, in accordance with the [[ANSI ASC X9.95 Standard\|ANSI ASC X9.95 standard for Trusted Timestamping]]. In a transient-key system, the source of time must be a consistent standard understood by all senders and receivers. Since a local [[system clock]] may be changed by a user, it is never used as a source of time. Instead, data is digitally signed with a time value derived from [[Universal Coordinated Time\|Universal Coordinated Time (UTC)]] accurate to within a millisecond, in accordance with the [[ANSI ASC X9.95 Standard\|ANSI ASC X9.95 standard for Trusted Timestamping]].{{citation needed\|date=March 2024}} Whenever a time interval in a transient-key system expires, a new public/private keypair is generated, and the private key from the previous interval is used to digitally certify the new public key. The old private key is then destroyed. This "key-chaining" system is the immediate ancestor of the [[Blockchain]] technology in vogue today. [[Image:CreatingNewPrivateKey.png\|thumbnail\|320px\|In a Transient-Key system, private keys expire at regular intervals, sign public keys, and are then destroyed before new private keys are issued for the new interval.]] For the new interval, time values are obtained from a trusted third-party source, and specific moments in time can be [[~~Interpolated\|~~interpolated]] in between received times by using a time-biasing method based on the internal system timer. If a trusted time source cannot be obtained or is not running within specified [[~~Tolerance (~~Engineering) tolerance\|tolerances]], transient private keys are not issued. In that case, the time interval chain is terminated, and a fresh one is begun. The old and new chains are connected through network archives, which enable all servers to continue to verify the [[~~Data integrity\|~~data integrity]] through time of protected data, regardless of how often the chain must be restarted. The start times of the chain and of each interval can be coupled together to form an unbroken sequence of public keys, which can be used for the following: * To irrefutably identify the time at which a set of data was signed. * To identify the exact state of the data at the time it was signed. As an extra security measure, all requests for signatures made during an interval are stored in a [[Data log\|log]] that is [[~~Concatenate\| concatenated~~concatenate]]d and is itself appended to the public key at the start of the next interval. This mechanism makes it impossible to insert new “signed events” into the interval chain after the fact. ==Cross-verification== [[Image:Cross-Certification.png\|~~thumbnail~~thumb\|right\|320px\|A private key is cross-certified using two other transient-key servers.]]▼ Through independently operating servers, '''cross-certification''' can provide third-party proof of the validity of a time interval chain and irrefutable evidence of consensus on the current time. A web of interconnected cross-certifying servers in a distributed environment creates a widely witnessed chain of trust that is as strong as its strongest link. By contrast, entire [[Hierarchy\|hierarchies]] of traditional public key systems can be compromised if a single private key is exposed. ▼ An individual transient key interval chain can be cross-certified with other transient key chains and server instances. Through cross-certification, Server A signs Server B's interval chain, the signed data of which is the interval definition. In effect, the private keys from Server B are used to sign the public keys of Server A. In the diagram, a server instance is cross-certified with two other server instances (blue and orange).▼ ▲Through independently operating servers, '''cross-certification''' can provide third-party proof of the validity of a time interval chain and irrefutable evidence of consensus on the current time. Transient-key cryptographic systems display high [[Byzantine fault tolerance]]. A web of interconnected cross-certifying servers in a distributed environment creates a widely witnessed chain of trust that is as strong as its strongest link. By contrast, entire [[Hierarchy\|hierarchies]] of traditional public key systems can be compromised if a single private key is exposed. ▲[[Image:Cross-Certification.png\|thumbnail\|320px\|A private key is cross-certified using two other transient-key servers.]] Cross-certification requires that the timestamp for the interval agree with the timestamp of the cross-certifying server within acceptable tolerances, which are user-defined and typically a few hundred milliseconds in duration. ▲An individual transient key interval chain can be cross-certified with other transient key chains and server instances. Through cross-certification, Server A signs Server B's interval chain, the signed data of which is the interval definition. In effect, the private keys from Server B are used to sign the public keys of Server A. In the diagram, a server instance is cross-certified with two other server instances (blue and orange). Cross-certification requires that the timestamp for the interval agree with the timestamp of the cross-certifying server within acceptable tolerances, which are user-defined and typically a few hundred milliseconds in duration. ==Network archives== Along with intervals, cross-certifications are stored in a network archive. Within a transient-key network, the [[~~Archive\|~~archive]] is a logical [[~~Database\|~~database]] that can be stored and replicated on any system to enable verification of data that has been timestamped and signed by transient keys. A map of the set of accessible archives is stored within every digital signature created in the system. Whenever cross-certifications are completed at the beginning of an interval, the archive map is updated and published to all servers in the network.{{cn\|date=April 2025}} ==Verification== During an interval, the transient private key is used to sign data concatenated with trusted timestamps and authenticity certificates. To [[File verification\|verify]] the data at a later time, a receiver accesses the [[Persistence (computer science)\|persistent]] public key for the appropriate time interval. The public key applied to the digital signature can be passed through published cryptographic routines to unpack the [[Cryptographic hash function\|hash]] of the original data, which is then compared against a fresh hash of the stored data to verify data integrity. If the signature successfully decrypts using a particular ~~interval’s~~interval's published public key, the receiver can be assured that the signature originated during that time period. If the decrypted and fresh hashes match, the receiver can be assured that the data has not been tampered with since the transient private key created the timestamp and signed the data. Transient key cryptography technology was developed by Dr. Michael D. Doyle of [http://www.eolas.com Eolas Technologies Inc.] and later acquired by and productized by [http://www.proofspace.com ProofSpace, Inc]. It is protected under [http://www.freepatentsonline.com/6381696.html US Patent #6,381,696] and has been included in the [[ANSI ASC X9.95 Standard\|ANSI ASC X9.95 standard for Trusted Timestamping]]. * [http://www.proofspace.com ProofSpace, Inc] has published a more detailed [http://www.proofspace.com/protected_form.php?file=proofmarksystemtech.pdf technical overview document] of transient key cryptography. Transient-key cryptography was invented in 1997 by Michael D. Doyle of Eolas Technologies Inc., while working on the [[Visible Embryo Project]]<ref>{{cite patent \|country=US \|number=6381696 \|title=Method and system for transient key digital time stamps \|gdate=2002-04-30 \|inventor=MD Doyle}}</ref><ref>{{cite patent \|country=US \|number=7047415 \|title=System and method for widely witnessed proof of time \|gdate=2006-05-16 \|invent1=MD Doyle \|invent2=PF Doyle \|invent3=GW Bernsohn \|invent4=JD Roberts }}</ref><ref>{{cite patent \|country=US \|number= 7210035 \|title=System and method for graphical indicia for the certification of records \|gdate=2007-04-24 \|invent1=MD Doyle \|invent2=RG Hamilton \|invent3=MC Perrone \|invent4=PF Doyle}}</ref> and later acquired by and productized by ProofSpace, Inc. It has been adopted as a national standard in the ANSI ASC X9.95 standard for Trusted Timestamping. Transient-key cryptography is the predecessor to [[Forward secrecy]] and formed the foundation of the forward-signature-chaining technology in the [[Bitcoin]] [[blockchain (database)\|blockchain]] system. ~~==External links==~~ * [http://www.freepatentsonline.com/6381696.html US Patent #6,381,696] * [http://www.techstreet.com/cgi-bin/detail?product_id=1327239 ANSI ASC X9.95 Standard for Trusted Time Stamps] * [http://www.proofspace.com/protected_form.php?file=proofmarksystemtech.pdf Technical Overview white paper] ==See also== [[Category:Cryptography]]▼ * [[Certificateless cryptography]] [[Category:Asymmetric-key cryptosystems]]▼ * [[Certificate-based encryption]] [[Category:Banking technology]]▼ ~~[[Category:Authentication methods]]~~ [[Category:Data security]]▼ ==References== {{Crypto navbox \| public-key}}▼ {{reflist}} ▲{{~~Crypto~~Cryptography navbox \| public-key}} ~~{{Link FA\|vi}}~~ ▲[[Category:~~Cryptography~~Blockchains]] ~~[[bn:পাবলিক কী ক্রিপ্টোগ্রাফি]]~~ ▲[[Category:Banking technology]] ~~[[cs:Asymetrická kryptografie]]~~ ▲[[Category:~~Asymmetric~~Public-key ~~cryptosystems~~cryptography]] ~~[[de:Asymmetrisches Kryptosystem]]~~ ▲[[Category:Data security]] ~~[[es:Criptografía asimétrica]]~~ ~~[[eu:Kriptografia asimetriko]]~~ ~~[[fr:Cryptographie asymétrique]]~~ ~~[[ko:공개 열쇠 암호]]~~ ~~[[it:Crittografia asimmetrica]]~~ ~~[[he:מפתח ציבורי]]~~ ~~[[lt:Viešojo rakto kriptografija]]~~ ~~[[hu:Nyílt kulcsú titkosítás]]~~ ~~[[nl:Asymmetrische cryptografie]]~~ ~~[[ja:公開鍵暗号]]~~ ~~[[no:Asymmetrisk kryptering]]~~ ~~[[pl:Kryptografia asymetryczna]]~~ ~~[[pt:Criptografia de chave pública]]~~ ~~[[ru:Криптографическая система с открытым ключом]]~~ ~~[[sv:Asymmetrisk kryptering]]~~ ~~[[vi:Mật mã hóa khóa công khai]]~~ ~~[[tr:Açık anahtarlı şifreleme]]~~ ~~[[uk:Асиметричні алгоритми шифрування]]~~ ~~[[ur:عوامی کنجی تخطیط صفر]]~~ ~~[[zh:公开密钥加密]]~~