Paper 2009/306

Authentic Time-Stamps for Archival Storage

Alina Oprea and Kevin D. Bowers

Abstract

We study the problem of authenticating the content and creation time of documents generated by an organization and retained in archival storage. Recent regulations (e.g., the Sarbanes-Oxley act and the Securities and Exchange Commission rule) mandate secure retention of important business records for several years. We provide a mechanism to authenticate bulk repositories of archived documents. In our approach, a space efficient local data structure encapsulates a full document repository in a short (e.g., 32-byte) digest. Periodically registered with a trusted party, these commitments enable compact proofs of both document creation time and content integrity. The data structure, an append-only persistent authenticated dictionary, allows for efficient proofs of existence and non-existence, improving on state-of-the-art techniques. We give a rigorous security analysis of our solution and confirm through an experimental evaluation with the Enron email corpus its feasibility in practice.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Published elsewhere. This is the full version of the paper appearing in the 14th European Symposium on Research in Computer Security (ESORICS) 2009.
Keywords
time-stampingcompliance storageauthenticated data structures
Contact author(s)
aoprea @ rsa com
History
2009-07-01: received
Short URL
https://ia.cr/2009/306
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2009/306,
      author = {Alina Oprea and Kevin D.  Bowers},
      title = {Authentic Time-Stamps for Archival Storage},
      howpublished = {Cryptology {ePrint} Archive, Paper 2009/306},
      year = {2009},
      url = {https://eprint.iacr.org/2009/306}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.