Originstamp: a Blockchain-Backed System for Decentralized Trusted Timestamping
Total Page:16
File Type:pdf, Size:1020Kb
See discussions, stats, and author profiles for this publication at: https://www.researchgate.net/publication/329249467 OriginStamp: A blockchain-backed system for decentralized trusted timestamping Article in it - Information Technology · November 2018 DOI: 10.1515/itit-2018-0020 CITATIONS READS 5 603 4 authors, including: Thomas Hepp Alexander Schoenhals Universität Konstanz University of Konstanz 11 PUBLICATIONS 50 CITATIONS 7 PUBLICATIONS 35 CITATIONS SEE PROFILE SEE PROFILE Bela Gipp Bergische Universität Wuppertal 138 PUBLICATIONS 2,266 CITATIONS SEE PROFILE Some of the authors of this publication are also working on these related projects: Blockchain / Bitcoin Research View project Semantic Similarity and Plagiarism Detection View project All content following this page was uploaded by Thomas Hepp on 05 March 2019. The user has requested enhancement of the downloaded file. it – Information Technology 2018; 60(5-6): 273–281 Thomas Hepp*, Alexander Schoenhals, Christopher Gondek, and Bela Gipp OriginStamp: A blockchain-backed system for decentralized trusted timestamping https://doi.org/10.1515/itit-2018-0020 ally sufficient. In the event of copyright infringement, the Received August 14, 2018; accepted November 12, 2018 existence of a document must be proven beyond doubt Abstract: Currently, timestamps are certified by central for the author to receive his or her attribution. Times- tamping plays an important role in different business pro- timestamping authorities, which have disadvantages of cesses, e. g., copyright of intellectual property or in future centralization. The concept of the decentralized trusted patent litigation to prove who had an idea first. Images timestamping (DTT) was developed by Gipp et al. to and videos are often not recognized in courts as evidence address these drawbacks. The paper provides insights of the possibility of manipulation [9]. Therefore, a method into the architecture and implementation of a decentral- is required to timestamp digital content. In the past, cen- ized timestamp service taking the integration of multiple tral services were used for this purpose. The users have to blockchain types into account. Furthermore, the compo- trust this central instance and are therefore directly depen- nents are introduced and the versatile application scenar- dent on their security to be protected against manipula- ios are presented. A future direction of research is the eval- tion. The blockchain as part of the peer-to-peer electronic uation of blockchain technology and their suitability for cash system by Nakamoto was introduced in 2008 [19] and timestamping. is regarded as a tamper-proof, decentralized data struc- Keywords: Decentralized Trusted Timestamping, Block- ture. The characteristics of blockchain technology are per- chain Technology, Blockchain Systems, Distributed Ledger fectly suited to address this challenge. The following pa- Technology per deals with the technical solution of this problem. How can the blockchain technology be integrated into an ap- ACM CCS: Security and privacy Security services plication to generate and verify timestamps of any digital Privacy-preserving protocols content? → → In Section 2 the current state of the art is examined, which methods are available for timestamping and what the strengths and weaknesses of these techniques are. The 1 Introduction approach for timestamping on the Bitcoin blockchain is proposed in Section 3. Moreover, the components which The proof of existence is more important than ever before. are essential for the timestamping are explained in detail. This is about the proof that content exists at a certain point Our technical solution is presented in Section 4. There we in time. On the one hand, more and more processes are be- describe the individual modules and their interaction in ing digitized, accelerating our businesses and life. On the more detail. At the end of this work in Section 5, we present other hand, the progressive digitization increases the pos- the conclusions of our solution and give an outlook on fu- sibility of manipulation. The race between encryption and ture research. decryption technologies is gaining momentum [17]. More and more complex encryption methods are being devel- oped, which suspects try to circumvent. To change the au- 2 Background thor of a decrypted document, just a few clicks are usu- The idea of verifiable timestamps in the digital world isnot *Corresponding author: Thomas Hepp, Universität Konstanz, Information Science Group, D-78464 Konstanz, Germany, e-mail: new. Before the digital era, even post stamps were used as [email protected], ORCID: timestamps to prove the existence of documents. To pro- http://orcid.org/0000-0002-7671-0602 tect a novel discovery, inventors in the 18th century sent Alexander Schoenhals, University of Konstanz, Information Science letters to themselves and collected them in a safe. Group, D-78464 Konstanz, Germany, e-mail: Traditional methods, such as public notaries, are not [email protected] Christopher Gondek, Bela Gipp, Universität Konstanz, Information applicable for the increasing digitization of the everyday Science Group, D-78464 Konstanz, Germany, e-mails: life. The most important aspect is the rapidly increasing [email protected], [email protected] amount of digital content. Brought to you by | Stockholm University Library Authenticated Download Date | 12/4/18 12:41 PM 274 | T. Hepp et al., OriginStamp: A blockchain-backed system for (DTT) 2.1 Traditional timestamping can serve as a decentralized trusted timestamping (DTT) ledger [10]. The main idea is that a unique fingerprint of The authentication of a document is traditionally carried a document is inserted into the cryptocurrency underly- out by a central institution, e. g., public notaries. So it was ing blockchain. The fingerprint is, in this case, an SHA-256 obvious that the first electronic approaches followed this checksum based on the definition of RFC 6234 [14]. In gen- single party paradigm. As early as the 1980s, so-called eral, blockchain technology allows a network of several e-notary concepts were presented and introduced [18]. computers (nodes) to agree at regular intervals on the true They took advantage of cryptographic mechanisms and state of a distributed ledger, i. e., all nodes are connected in were thus able to provide secure mailing systems, two- a decentralized way. Such ledgers can list any digital data, way channels or even secure user files. Digital timestamps e. g., transaction records, credentials or even fragments of were managed in the 1990s by single party trust service programming code. To briefly describe the functionality of providers (TSP) for the first time, e. g., Belsign. The imple- the blockchain which is founding almost all cryptocurren- mentations were mostly based on the timestamp scheme cies, we will use an example of a single transaction. Trans- which Haber and Stornetta had published [12]. The princi- actions are broadcast to all nodes, and once a node re- pal approach was even then based on one-way hash func- ceives a transaction message, it will work this transaction tions, i. e., secure hash algorithms, which were used to de- into a block. A block is a data structure storing all trans- termine fingerprints (checksum) of digital documents. To actions received during its creation. Each block consists of ensure the integrity of those signatures, the most impor- four parts [2]: Block size, Block header, Transaction counter tant functional unit is the time stamping authority (TSA). and Transactions. The block header contains an aggregate TSAs ensure the existence of certain documents at a cer- of the hashed transactions, the previous block’s hash, and tain point in time. Even if multiple TSAs are used to in- a Unix epoch timestamp. The work of a node is to validate crease reliability and reduce vulnerability — the trust ser- a transaction. As soon as a miner calculates a proof, the vice provider as a single party can’t avoid the manipula- collected transactions are integrated into the block, and tion of information completely. Therefore, the use of these the block is propagated to the entire network. The other timestamps presupposes confidence in the issuing author- nodes then check the block for correctness. The block that ity. However, there are some different timestamping tech- is validated first is accepted by the network and linked to niques, most of them use checksums calculated by hash the chain. The validation is based on a predefined consen- functions and store them in central servers one have to sus. In the case of Bitcoin blockchain, this is the “proof of trust. In the past, efforts have also been made to research work” consensus. The blockchain protocol grants incen- on decentralized solutions to reduce fraud. tives for successful calculation of proof tasks. The mecha- Various papers of distributed timestamping systems nism to enforce consensus is accepting the longest chain have been published. Takura, Ono, and Naito describe a since it took the most resources to compute and was thus technique in which a digital signature and a secret key are accepted by the majority of nodes. created by a TSA. The issued encrypted timestamp is then As a result, the tamper-proof characteristics of a stored partially on distributed servers [23]. By distribut- blockchain are predestined for tracking and versioning ing the storage, manipulation is decreased [5]. Nonethe- of digital data and its copyright — additionally, this also less, the required trust in the TSA as unique issuer is indis- lead to a trustworthy network. Summarized, involving pensable. A further approach to eliminate a fraudulent au- blockchain technology into DTT by Gipp et al. led to fol- thority is the use of multiple issuers. Whereas the issuers lowing benefits: are also requesters at the same time. It is mandatory that 1. decentralized, cryptographic integrity validation of few of these have to be trustworthy regarding designated the timestamping process; TSA specified in RFC 3161 [1]. Even Haber and Stornetta de- 2. high incentives for computing nodes to contribute to scribed this decentralized scheme.