Interesting bit of a quote
Jason Holt
jason at lunkwill.org
Sat Jul 15 00:28:31 EDT 2006
On Fri, 14 Jul 2006, Travis H. wrote:
> Absent other protections, one could simply write a new WORM media with
> falsified information.
>
> I can see two ways of dealing with this:
>
> 1) Some kind of physical authenticity, such as signing one's name on
> the media as they are produced (this assumes the signer is not
> corruptible), or applying a frangible difficult-to-duplicate seal of
> some kind (this assumes access controls on the seals).
> 2) Some kind of hash chain covering the contents, combined with
> publication of the hashes somewhere where they cannot be altered (e.g.
> publish hash periodically in a classified ad in a newspaper).
My MS Thesis was on this topic:
http://lunkwill.org/cv/logcrypt_update.pdf
If you store a value with a TTP (say, an auditor), and follow the protocol
honestly, it's impossible to go back later and falsify records. The symmetric
version uses hash chains, and was invented several times before I came along.
-J
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list