Proof for a creation date
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Fri Dec 2 05:49:38 CET 2016
On Thu 2016-12-01 21:12:50 -0500, Bertram Scharpf wrote:
> I want to make evidence that I created a document _before_ a certain
> point of time.
One approach i've seen recommended is to create a
cryptographically-strong digest of the signed document in question and
then post it to a public, append-only log somewhere.
For example, take the SHA256 digest of the document, pretend that value
is the address of a bitcoin wallet, and throw a little bit of bitcoin
into it (this value will never be recoverable because no one knows the
corresponding secret key). This puts the digest into the blockchain at a
acertain date for anyone to see.
Your subsequent argument is that one of the two possibilities must hold:
(a) you have some ability to perform a collision attack against
(b) the signed document existed at some point before the bitcoin
transaction was publicly logged.
since most people won't believe (a), (b) looks pretty likely.
You could use any other globally-visible log that allows for injection
of a bitstring long enough for a strong digest (32 octets is probably
sufficient), it doesn't have to be the bitcoin blockchain. for example,
if you can get something into a public X.509 certificate, you could post
it to one of the certificate transparency logs.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 832 bytes
Desc: not available
More information about the Gnupg-users