[Cryptography] cryptologic proof-of-life ... was: crypto clock

John Denker jsd at av8n.com
Fri Oct 3 14:43:12 EDT 2014

On 10/01/2014 05:45 AM, Henry Baker wrote:

> In old B/W movies, when a person was kidnapped, the kidnapper sent a
> photo of the person together with a picture of the front page of
> today's newspaper to prove that he had the kidnapped person _on or
> after the date_ of the newspaper.


> one could presumably do the same thing with a crypto hash

I am not ready to presume that.  None of the messages in 
the "Best Internet crypto clock" thread have addressed 
this use-case.

As others have noted, there are any number of ways of 
applying a cryptologic time-stamp to a message (such
as an image of the hostage) ... but none of them offer 
any assurance that the message itself is not deceptive.
Post-dating is only one of innumerable possible deceptions.

Specifically, I could prepare an image of Elvis holding
today's New York Times in one hand and the latest NIST
beacon number plus a bunch of Pick Six lottery numbers 
in the other hand.  Alas this does not prove that Elvis 
is alive.

As a tangentially related matter:  Duress codes have
been part of cryptology for centuries.  Reference:
Excellent book:
   Leo Marks
   _Between Silk and Cyanide_

Proof-of-life falls into a weird intermediate category:
"I'm under duress so you can't trust what I say, except
for my proof-of-life claim."  This is a subset of the
infinitely-tricky "double agent" problem:  you know
your guy has been captured, but you are trying to 
double him, and you think/wish/hope he can tell you
which of his messages are believable and which not.


To answer a question that wasn't asked:  The /opposite/
functionality exists:  It is possible to use crypto to
prove that a certain message was prepared /before/ a
certain date and has not been tampered with since.

I've been using this idea for decades.  As a particularly
simple example:  Write up a description of an invention.
Compute a HMAC.  Send it to your patent attorney, with
instructions to date-stamp it and save it in the files.
This creates zero incremental risk of exposure, but can 
be used later to prove that your invention existed on 
or before the date of the email.

Fancy online services along this line exist.  See e.g.

More information about the cryptography mailing list