Enabling the Long-Term Archival of Signed Documents through Time Stamping

TL;DR

This paper presents a method to build a distributed, trusted timestamping service for long-term archival of signed documents, enabling verification even after key expiration or loss.

Contribution

It introduces a peer-to-peer public key timestamping service called Prokopius that maintains verifiable, distributed snapshots of public keys over time.

Findings

Can timestamp public keys in a 148-node network within a few days

Operates securely even under maximal adversarial damage

Provides a reliable archive for long-term document verification

Abstract

In this paper we describe how to build a trusted reliable distributed service across administrative domains in a peer-to-peer network. The application we use to motivate our work is a public key time stamping service called Prokopius. The service provides a secure, verifiable but distributable stable archive that maintains time stamped snapshots of public keys over time. This in turn allows clients to verify time stamped documents or certificates that rely on formerly trusted public keys that are no longer in service or where the signer no longer exists. We find that such a service can time stamp the snapshots of public keys in a network of 148 nodes at the granularity of a couple of days, even in the worst case where an adversary causes the maximal amount of damage allowable within our fault model.