Carleton University
Technical Report TR-97-16
August 1997
TR-97-16: Some Timestamping Protocol Failures
Abstract
Protocol failures are presented for two timestamping schemes. These failures emphasize the importance and difficulty of implementing a secure protocol even though there exist secure underlying algorithms, as well as the importance of clearly defining the goals for a protocol. For the scheme of Benaloh and de Mare (Eurocrypt ’93), it is shown that although an indication of time can be included during the computation of the timestamp, the verification of the timestamp does not allow for the recovery of this temporal measure. For the scheme of Haber and Stornetta (Journal of Cryptology ’91), we demonstrate how a collusion attack between a single user and a timestamping service allows for the backdating of timestamps. This attack is successful despite the claim that the timestamping service need not be trusted. For each of these schemes, we discuss methods for improvement.