Secure names for bit-strings

  title={Secure names for bit-strings},
  author={Stuart Haber and W. Scott Stornetta},
  booktitle={Conference on Computer and Communications Security},
The increasing use of digital documents, and the need to refer to them conveniently and unambiguously, raise an important question: can one “name” a digital document in a way that conveniently enables users to find it, and at the same time enables a user in possession of a document to be sure that it is indeed the one that is referred to by the name? One crucial piece of a complete solution to this problem would be a method that provides a cryptographically verifiable label for any bit-string… 

Figures from this paper

Bit Coin

  • G. Annapoorani
  • Computer Science
    International Journal for Research in Applied Science and Engineering Technology
  • 2019
: A simply distributed variant of electronic money would enable online installments to be sent straightforwardly starting with one gathering then onto the next without experiencing a budgetary

New linking schemes for digital time-stamping

It is shown that the size of a time-certi cate of a document X in the scheme presented in [3] is bounded by 4 log2N where k is the output size of the hash function and N is the number of time-stamps issued.

Message authentication by integrity with public corroboration

This work proposes a simple, practical means by which data origin assurances for message authentication are based on corroboration, for example by cross-checking with information made available by a known source or at a specified location.

Can We Construct Unbounded Time-Stamping Schemes from Collision-Free Hash Functions?

It is shown that there exist no black-box reductions of unbounded time-stamping schemes to collision-free hash functions, and an oracle is proposed that is probably suitable for such a separation and strong evidence is given in support of that.

Bitcoin: A Peer-to-Peer Electronic Cash System

This work proposes a solution to the double-spending problem using a peer-to-peer network, where the network timestamps transactions by hashing them into an ongoing chain of hash-based proof-of-work, forming a record that cannot be changed without redoing the proof- of-work.

On Provably Secure Time-Stamping Schemes

It is observed that if the variety of possible shapes of hash-chains is polynomial, then the time-stamping scheme becomes provably secure, assuming that the underlying hash function is collision-resistant, and it is shown that conventional black-box techniques are unable to prove that chain-resistance follows from collision-Resistance.

Optimally Tight Security Proofs for Hash-Then-Publish Time-Stamping

This paper achieves a notably smaller loss of power 1.5, which is the first one efficient enough to allow meaningful security guarantees to be given for a globalscale time-stamping service based on 256 bit hash functions, which considerably increases the efficiency of possible practical solutions.

Do Broken Hash Functions Affect the Security of Time-Stamping Schemes?

It is shown by using explicit separation techniques that neither collision-resistance nor 2nd preimage resistance is necessary for secure time-stamping, and that server side hash functions can even be not one-way.

Non-interactive Timestamping in the Bounded-Storage Model

This paper shows that non-interactive timestamping is possible in the bounded-storage model, i.e., if the adversary has bounded storage, and a long random string is broadcast to all players, and an explicit construction that is secure against all bounded storage adversaries that run in polynomial time is given.

Cryptographic protocol design

  • S. Laur
  • Computer Science, Mathematics
  • 2008
This work investigates the security of interactive computations and discusses how to formalise various security goals, such as inputprivacy, output-consistency and complete security, and how to choose a security goal that is appropriate for a specific setting.



Collision Free Hash Functions and Public Key Signature Schemes

The ability of a hash function to improve security and speed of a signature scheme is discussed: for example, it can combine the RSA-system with a collision free hash function based on factoring to get a scheme which is more efficient and much more secure.

The MD5 Message-Digest Algorithm

The MD4 message digest algorithm takes an input message of arbitrary length and produces an output 128-bit "fingerprint" or "message digest", in such a way that it is (hopefully) computationally

The Security of Cipher Block Chaining

This work provides its first formal justification, showing the following general lemma: that cipher block chaining a pseudorandom function gives a Pseudo-Cipher Block Chaining function.

Improving the Efficiency and Reliability of Digital Time-Stamping

Two schemes for digital time-stamping which rely on Cryptographic hash functions, which can be used both to report events succinctly, and to cause events based on documents without revealing their contents are proposed.

Trusted distribution of software over the Internet

  • A. Rubin
  • Computer Science
    Proceedings of the Symposium on Network and Distributed System Security
  • 1995
Bellcore's Trusted Software Integrity (Betsi) System, an implementation of the design, is presented and a detailed design is provided.

One-Way Group Actions

One-way group actions provides a unified theory for all the known bit commitment schemes that offer unconditional protection for the originator of the commitments, and for many of those that offer her statistical protection.

RIPEMD-160: A Strengthened Version of RIPEMD

A new version of RIPEMD with a 160-bit result is proposed, as well as a plug-in substitute for RIPEMd with a 128- bit result, and the software performance of several MD4-based algorithms is compared.

The use of encryption to ensure the integrity of reusable software components

  • James W. Moore
  • Computer Science
    Proceedings of 1994 3rd International Conference on Software Reuse
  • 1994
This paper proposes a method for providing the assurance of the origin of candidate components and to assure that they have not been modified by third parties through the application of modern encryption techniques.

One-way functions and pseudorandom generators

  • L. Levin
  • Computer Science, Mathematics
    STOC '85
  • 1985
A weaker assumption about one-way functions is suggested, which is not only sufficient, but also necessary for the existence of pseudorandom generators.

Cryptanalysis of MD5 Compress

An attack on the compress function of MD5 is reported, which is based on similar methods as previous attacks on RIPEMD, MD4 and the 256-bit extension of MD4 (see [4], [5]).