[Cryptography] Best internet crypto clock

John Denker jsd at av8n.com
Fri Oct 17 21:32:48 EDT 2014


On 10/17/2014 05:17 PM, Tom Mitchell wrote:
> I am with you 

so far so good ....

> except for the "grab NIST beacon" part.  This implies that
> the clock can be set and reset. ?

Resetting the local clock hardware is not necessary, not 
desirable, and not implied by anything that was said.

When you grab the official time from NIST or wherever, 
you should use that to write a calibration certificate, 
which you keep in a file along with all the previous 
calibration certificates.

The local clock hardware continues to be free-running 
and imperturbable.

Using the calibration certificates, you can define a 
/calibration function/ that gives the official time
as a function of the local clock hardware reading.
This function is 
  a) one-to-one,
  b) continuous,
  c) differentiable [except on a set of measure zero, at worst],
  d) very nearly unit slope, and
  e) highly overconstrained.

> This muddies the accuracy and precision
> stuff further.
> If it can be reset based on an external reference then the jury can be told
> that
> the reference is unreliable even if the device is understood...

Because it is overconstrained, you can perform jackknife
resampling and claim that the calibrated time was never
off by more than XYZ milliseconds during the times of
interest.  There is strong evidence in support of this
claim and no evidence against it.

Courts have seen this sort of calibration a gazillion
times, e.g. for the speedometers and radars in police
cars.

If you do it right, the evidence is so overwhelming that
the adversary will not seriously consider challenging it.
A challenge would look like a crackpot move, and would 
just be an admission of weakness and desperation.



More information about the cryptography mailing list