Revisiting the Characteristics of a Good Data Integrity Mechanism
Last week, we read the New York Times article “A Tool to Verify Digital Records, Even as Technology Shifts” (free registration required) with great interest. The article discussed the University of Washington’s release of “the initial component of a public system to provide authentication for an archive of video interviews with the prosecutors and other members of the International Criminal Tribunal for the Rwandan genocide.”
According to the article:
This system is intended to be available for future use in digitally preserving and authenticating first-hand accounts of war crimes, atrocities and genocide.
Such tools are of vital importance because it has become possible to alter digital text, video and audio in ways that are virtually undetectable to the unaided human eye and ear.
The researchers said history was filled with incidents of doctoring, deleting or denying written records. Now, they say, the authenticity of digital documents like videos, transcripts of personal accounts and court records can be indisputably proved for the first time.
On one hand, we were surprised to see the New York Times and John Markoff present authentication technology of this nature as a new thing, since Markoff himself wrote an article on our roots (free registration required) in the Bellcore research laboratories as “digital time-stamping service that relies on cryptographic techniques both to certify the time a document is submitted and to allow future users to verify that it has not been tampered with” in January, 1992.
On the other hand, the article on the University of Washington’s efforts to preserve important digital records across generations is an important one. Not only will the University’s efforts to create a publicly available cryptographic hash mark help secure digital records related to genocide, H.I.V. and AIDS, famine, deforestation and global warming, but the article presents an opportunity to revisit the characteristics of a good data integrity mechanism.
So what are they?
- Hashing alone doesn’t prove that the data has not been tampered with since you can always tamper with the data and recompute the hashes. Trusted timestamps solve this problem by securely binding a time value to the hash so it the hash is changed. Trusted timestamps allow you to prove that data existed at a particular point in time and hasn’t been altered since.
- This application illustrates a key requirement of a data integrity mechanism, namely that it be “independently provable” (i.e., there should be a process that a third party can follow that clearly demonstrates the authenticity of the data). One mechanism that meets this requirement, Surety’s AbsoluteProof timestamps, can be independently validated by computing a series of standard hashes and comparing the result to a reference value published in the New York Times. The fact that the result matches the published reference value proves that the document existed before the publication date and has not been altered since.
- Another key requirement of a data integrity mechanism that it can last at least as long as the life of the data. To be long lasting, the mechanism must not depend on things that can be compromised or that can expire (e.g., cryptographic keys or certificates). Another consideration when using secure hashing is the hashing technology itself has a limited lifetime. Surety’s AbsoluteProof timestamps also exemplify the long lasting requirement. Surety timestamps are based only on secure hashing and the concept of a “widely-witnessed value”. There are no secrets that can be compromised or certificates that can expire. To ensure that timestamps will outlive the hash algorithms initially used to create them, Surety timestamps can be “renewed” with more advanced hash algorithms when they become available. The key to this process is that once renewed, the original date on the timestamp can still be relied upon. Also, this process can be repeatedly applied over time as secure hashing technology advances, permitting data integrity protection that than truly last the lifetime of the data.
- A final requirement is portability. Since such an archive must last for and extremely long time, the proof of data integrity must not depend on the archiving system itself as this will be replaced over time. The advantage of a digital timestamp and integrity mechanism is that it can travel with the data as it is migrated from system to system. Hashes alone are not portable, because once they are exported from a system they can be altered and their association with a particular point in time can be lost.