TY - JOUR
T1 - Non-interactive timestamping in the bounded-storage model
AU - Moran, Tal
AU - Shaltiel, Ronen
AU - Ta-Shma, Amnon
N1 - Funding Information:
Ronen Shaltiel: Some of this work was done while at the Weizmann Institute of Science and supported by the Koshland Scholarship. This research was also supported by Grant No 2004329 from the United States-Israel Binational Science Foundation (BSF) and by ISF grant 686/07.
Funding Information:
Amnon Ta-Shma: Supported by the Binational Science Foundation, by the Israel Science Foundation, and by the EU Integrated Project QAP.
PY - 2009/4
Y1 - 2009/4
N2 - A timestamping scheme is non-interactive if a stamper can stamp a document without communicating with any other player. The only communication done is at validation time. Non-Interactive timestamping has many advantages, such as information theoretic privacy and enhanced robustness. Non-Interactive timestamping, however, is not possible against polynomial-time adversaries that have unbounded storage at their disposal. As a result, no non-interactive timestamping schemes were constructed up to date. In this paper we show that non-interactive timestamping is possible in the bounded-storage model, i.e., if the adversary has bounded storage, and a long random string is broadcast to all players. To the best of our knowledge, this is the first example of a cryptographic task that is possible in the bounded-storage model but is impossible in the "standard cryptographic setting," even when assuming "standard" cryptographic assumptions. We give an explicit construction that is secure against all bounded storage adversaries and a significantly more efficient construction secure against all bounded storage adversaries that run in polynomial time.
AB - A timestamping scheme is non-interactive if a stamper can stamp a document without communicating with any other player. The only communication done is at validation time. Non-Interactive timestamping has many advantages, such as information theoretic privacy and enhanced robustness. Non-Interactive timestamping, however, is not possible against polynomial-time adversaries that have unbounded storage at their disposal. As a result, no non-interactive timestamping schemes were constructed up to date. In this paper we show that non-interactive timestamping is possible in the bounded-storage model, i.e., if the adversary has bounded storage, and a long random string is broadcast to all players. To the best of our knowledge, this is the first example of a cryptographic task that is possible in the bounded-storage model but is impossible in the "standard cryptographic setting," even when assuming "standard" cryptographic assumptions. We give an explicit construction that is secure against all bounded storage adversaries and a significantly more efficient construction secure against all bounded storage adversaries that run in polynomial time.
KW - Bounded-storage model
KW - Randomness extractors
KW - Timestamping
KW - Unbalanced expander graphs
UR - http://www.scopus.com/inward/record.url?scp=64249102400&partnerID=8YFLogxK
U2 - 10.1007/s00145-008-9035-9
DO - 10.1007/s00145-008-9035-9
M3 - ???researchoutput.researchoutputtypes.contributiontojournal.article???
AN - SCOPUS:64249102400
SN - 0933-2790
VL - 22
SP - 189
EP - 226
JO - Journal of Cryptology
JF - Journal of Cryptology
IS - 2
ER -