Title: Decentralized Trusted Timestamping Whitepaper (Proof of Origination) Post by: scs-ab on January 26, 2017, 01:47:07 PM We, Supercomputing Systems AG, would like to announce our whitepaper describing a way to provide trusted timestamping based on blockchain technology.
Blog (english) https://www.scs.ch/blog/en/2017/01/blockchain-technology-for-industry-4-0-applications/ (https://www.scs.ch/blog/en/2017/01/blockchain-technology-for-industry-4-0-applications/) Blog (german): https://www.scs.ch/blog/2017/01/blockchain-technologie-in-industrie-4-0-anwendungen/ (https://www.scs.ch/blog/2017/01/blockchain-technologie-in-industrie-4-0-anwendungen/) Whitepaper (english): https://www.scs.ch/blog/wp-content/uploads/2017/01/trusted-sensor-whitepaper.pdf (https://www.scs.ch/blog/wp-content/uploads/2017/01/trusted-sensor-whitepaper.pdf) Abstract This whitepaper describes a concept to add trusted timestamps to sensor data based on a public blockchain. This allows to prove that (sensor) data has been captured at a specific point in time. Such a proof includes existence at certain time as well as prior inexistence, with a time precision of minutes. While it has previously been possible to prove that data existed before a certain point in time [3], this paper contributes a way to also prove that data only existed after a certain point in time. Such a proof of inexistence requires a trusted hardware platform. Introduction Trusting the timestamps and the integrity of sensor data can be a crucial requirement, i.e. for using surveillance camera footage as evidence in court. Thanks to Trusted Platform Modules [7], it is possible to provide trusted origin and immutability of sensor data as long as one can be sure that the hardware is not physically accessible to the adversary. However, timestamps remain difficult to verify as common time sources like GPS, GLONASS, Galileo and NTP can be spoofed. Blockchain technology such as Bitcoin [8] can be used to provide a "proof-of-existence” [3]: A document’s hash can be stored in the blockchain as a payload to a transaction. This way one can later prove the existence of the hashed document before the corresponding transaction was included in a block on the blockchain. This proof relies on the immutability of a public blockchain and on the fact that it is very unlikely to know the hash of a document without knowing the document itself. In the following section, a method will be introduced to complement proof-of-existence with a proof of prior inexistence. Proof of Origination Proving the time of origination requires the proof of prior inexistence. While it is impossible to generally prove inexistence of something, we will assume the following in the case of sensors measuring physical quantities: * the sensor is trusted hardware * the software and and firmware are open source and can be verified by means of reproducible builds [1] * the adversary has no physical access to the sensor hardware and has no possibility to influence the physical quantities being measured. Assuming the above, we can take advantage of the fact that the hash of the highest block in a public blockchain can’t be known prior to that block having been mined. But the hash is publicly known and trusted ever after (or for as long as the blockchain is trusted). If we now enrich our sensor data frame with that hash before signing it using the Trusted Platform Module (TPM) [7], we have proven prior inexistence. If we then add the hash of our signed frame to a transaction on the same blockchain, we get a proof of origination (PoO). The combination of the two proofs results in a trusted time range of origination. Figure 1 (please see pdf) shows a block diagram for such a platform. The precision of this time range depends on the block time of the chosen blockchain. In the best case, the precision is the time between two blocks. This would be around 10 min in the case of Bitcoin or 1min in the case of Ethereum [4] but could be as low as 10s [6][5]. In order to be sure that the sensor data has really been handeled as described (and has not i.e. been buffered to delay the timestamp), it is necessary to open source both software and firmware and to have reproducible builds [1] running on the data acquisition hardware. This might need to be extended by using Trusted Execution Environments [2]. The security concept for the data acquisition platform is beyond the scope of this document however. About supercomputing Systems AG Supercomputing Systems AG is an engineering company in the fields of high performance computing systems, communication systems, algorithm development and big data solutions. Engineering expertise ranges from software design and development (enterprise solutions as well as embedded software), electronics development, design of distributed systems, to highend measurement technology. SCS AG has 24 years of experience as an engineering company in different markets such as high performance computing, energy, public transportation, industrial application, automotive. The company has over 95 engineers in the fields of electrical engineering, software engineering, physics and data analysis. Based on its experience Supercomputing Systems AG offers engineering services in this fastgrowing field of blockchain technology. References [1] Reproducible builds. https://reproducible-builds.org/. [2] Trusted execution environment specification. http://globalplatform.org/specificationsdevice.asp. [3] M. Araoz and E. Ordano. http://www.proofofexistence.com, 2013. [4] V. Buterin. Ethereum whitepaper, https://github.com/ethereum/wiki/wiki/White-Paper, 2013. [5] V. Buterin. Toward 12s block times. https://blog.ethereum.org/2014/07/11/ toward-a-12-second-block-time/, 2014. [6] V. Buterin. On slow and fast block times. https://blog.ethereum.org/2015/09/14/on-slow-and-fast-block-times/ , 2015. [7] T. C. Group. https://trustedcomputinggroup.org/tpm-main-specification/ , 2011. [8] S. Nakamoto. Bitcoin: A peer-to-peer electronic cash system. https://bitcoin.org/bitcoin.pdf, 2008. Title: Re: Decentralized Trusted Timestamping Whitepaper (Proof of Origination) Post by: franky1 on January 26, 2017, 04:30:21 PM not fool proof.
say i wanted to break into a place with security surveillance tonight. i prepare the event by recording footage from months prior of no events/break ins at the location that will get hit. and then on the night. i swap the tapes. now the footage of months ago(no hit) gets timestamped with tonights timestamp and everyone now trusts the footage they are watching tomorrow after the break in, was from tonight. now you have no proof i was there.. as the timestamped and blockchain hash immutability shows i wasnt at the scene of the crime at the time. i then do the same for my alibi by months prior going somewhere miles away from the intended location. do normal things to get recorded(say a restaurant or streetcam) and then take the tape, hold onto it.. then get someone to swap it out tonight so it too gets timestamped with tonights lock now i also have timestamped and blockchain locked proof i was somewhere else at the time of the crime Title: Re: Decentralized Trusted Timestamping Whitepaper (Proof of Origination) Post by: scs-ab on January 26, 2017, 05:42:45 PM not fool proof. say i wanted to break into a place with security surveillance tonight. i prepare the event by recording footage from months prior of no events/break ins at the location that will get hit. and then on the night. i swap the tapes. now the footage of months ago(no hit) gets timestamped with tonights timestamp and everyone now trusts the footage they are watching tomorrow after the break in, was from tonight. [...] In our proposal, the entire camera is a trusted platform (sketched in Figure 1). There are no tapes to be switched between the camera sensor and the trusted timestamping. If you would like to "switch tapes", you would have to
In the paper we assume Quote * the adversary has no physical access to the sensor hardware and has no possibility to influence the physical quantities being measured. We can of course discuss whether this is a sound assumption. However, those attacks are declared to be beyond the scope of this paper. Title: Re: Decentralized Trusted Timestamping Whitepaper (Proof of Origination) Post by: franky1 on January 26, 2017, 05:57:29 PM though there are many ways to fool something. using time stamps to prove something of the past, there is actual limit to its effectiveness.
your scenario has to be more reliant of an entity having no access to the source material. meaning the requirement of needing a timestamp becomes less required anyway, and more of just a secondary gesture of assurance, rather then a primary proof of origin. i think your security system scenario needs to be replaced with other creative scenario, because i can already think of several methods to get around the security system scenario. think up a new scenario that concentrates on, 'when all else fails' and nothing can be trusted. that your 'proof of origination' can be the proof without trust, without other requirements to be needed.. and be the sole safety feature that still makes the evidence valid. (in short remove the if's and but's) Title: Re: Decentralized Trusted Timestamping Whitepaper (Proof of Origination) Post by: scs-ab on January 26, 2017, 06:57:54 PM though there are many ways to fool something. using time stamps to prove something of the past, there is actual limit to its effectiveness. Not sure what you mean. We prove more than timestamps. The TPM also proves the origin of the data and makes it immutable by signing the data with its hardware-locked private key.your scenario has to be more reliant of an entity having no access to the source material. meaning the requirement of needing a timestamp becomes less required anyway, and more of just a secondary gesture of assurance, rather then a primary proof of origin. I don't get what you mean.i think your security system scenario needs to be replaced with other creative scenario, because i can already think of several methods to get around the security system scenario. I'm interested. Please elaborate on those attacks!think up a new scenario that concentrates on, 'when all else fails' and nothing can be trusted. that your 'proof of origination' can be the proof without trust, without other requirements to be needed.. and be the sole safety feature that still makes the evidence valid. (in short remove the if's and but's) I doubt there is a solution to the security problem that doesn't come with if's or but's. All one can do is make an attack more expensive.Title: Re: Decentralized Trusted Timestamping Whitepaper (Proof of Origination) Post by: franky1 on January 26, 2017, 07:41:39 PM think up a new scenario that concentrates on, 'when all else fails' and nothing can be trusted. that your 'proof of origination' can be the proof without trust, without other requirements to be needed.. and be the sole safety feature that still makes the evidence valid. (in short remove the if's and but's) I doubt there is a solution to the security problem that doesn't come with if's or but's. All one can do is make an attack more expensive.how can you have a proof of origination.. if it is not 100% proof, because it requires X/Y/Z if's and buts to be met before you can treat it as proof. its only proof when there is no way to 'if or but' the evidence. take the security video scenario. instead of ifs or buts of needing the video to be securely stored in a vault that even staff cant access.. imagine it like it doesnt matter if there are 5000 different copies of a video. or if 100 members of staff can get to the video.. a proof of origin would be the way to know exactly which copy is the original no matter how the original was handled, physically stored, etc Title: Re: Decentralized Trusted Timestamping Whitepaper (Proof of Origination) Post by: scs-ab on January 27, 2017, 08:53:38 AM how can you have a proof of origination.. if it is not 100% proof, because it requires X/Y/Z if's and buts to be met before you can treat it as proof. Point taken. I agree that our proof can't be 100% rock solid under any condition. But I want to state that something like 100% only exists in theory (like math). Even cryptography by itself can't reach a security of 100%. Its all probabilistic. But I agree that it might be easier to spoof our concept than it is to spoof a bitcoin transaction.its only proof when there is no way to 'if or but' the evidence. Maybe we should call it "evidence of origination"? Still: I think our contribution has the potential to increase the level of trust in sensor data (origin and origination time) with respect to prior technology. imagine it like it doesnt matter if there are 5000 different copies of a video. or if 100 members of staff can get to the video.. a proof of origin would be the way to know exactly which copy is the original no matter how the original was handled, physically stored, etc To know which one is the original is not the point and I don't think "proof of origin" would be the right wording for this. That would be some kind of copy protection. You would need to prove uniqueness.Title: Re: Decentralized Trusted Timestamping Whitepaper (Proof of Origination) Post by: franky1 on January 27, 2017, 12:17:35 PM how can you have a proof of origination.. if it is not 100% proof, because it requires X/Y/Z if's and buts to be met before you can treat it as proof. Point taken. I agree that our proof can't be 100% rock solid under any condition. But I want to state that something like 100% only exists in theory (like math). Even cryptography by itself can't reach a security of 100%. Its all probabilistic. But I agree that it might be easier to spoof our concept than it is to spoof a bitcoin transaction.its only proof when there is no way to 'if or but' the evidence. Maybe we should call it "evidence of origination"? Still: I think our contribution has the potential to increase the level of trust in sensor data (origin and origination time) with respect to prior technology. imagine it like it doesnt matter if there are 5000 different copies of a video. or if 100 members of staff can get to the video.. a proof of origin would be the way to know exactly which copy is the original no matter how the original was handled, physically stored, etc To know which one is the original is not the point and I don't think "proof of origin" would be the right wording for this. That would be some kind of copy protection. You would need to prove uniqueness.all im saying is just envision a different scenario than the security video.. say one which doesnt involve as much if's or maybe's then you will show your evidence of origin may have some real utility take julian assange's use of the blockchain as proof of life, as a for instance Title: Re: Decentralized Trusted Timestamping Whitepaper (Proof of Origination) Post by: digaran on January 27, 2017, 01:45:39 PM I think you watched "Person of interest" and took it serious :) I have some ideas about something but I can't file a patent or register my invention it's rather in a theory phase anyways but I wanted to know if I could somehow use the blockchain to timestamp an encrypted version of my idea and in the future I could provide a private key to extract the data and decrypt it to prove I'm right, but who will accept such data? legally I mean.
Title: Re: Decentralized Trusted Timestamping Whitepaper (Proof of Origination) Post by: franky1 on January 27, 2017, 02:23:23 PM I think you watched "Person of interest" and took it serious :) I have some ideas about something but I can't file a patent or register my invention it's rather in a theory phase anyways but I wanted to know if I could somehow use the blockchain to timestamp an encrypted version of my idea and in the future I could provide a private key to extract the data and decrypt it to prove I'm right, but who will accept such data? legally I mean. putting the whole document on the blockchain is alot of bloat. not advised because you are limited to how many bytes per output. so it ends up as having lots of outputs to get the whole document encluded.. but even satoshi in 2009 converted a short message to hash that he then put into an 'OP_return' output. https://blockchain.info/tx/4a5e1e4baab89f3a32518a88c31bc87f618f76673e2cc77ab2127b7afdeda33b?show_adv=true "��EThe Times 03/Jan/2009 Chancellor on brink of second bailout for banks " as you can see by this website that translates the hash back to ascii http://coinsecrets.org/ other examples are https://blockchain.info/tx/819b7e8999e101db63f0e68fca91afcabf53ea7a74872bbd0d020df18ad2178b?show_adv=true 'j<hellow Idid send you ,adn are you fine,I love you fromJapan' people either write a short message or add a url or a files hash (metadata) this has been possible since day one, but not advised to get everyone to use bitcoin as a message store. and especially not advised to do multiple outputs to store whole documents though this is what people have termed 'proof of existence' years ago, to show that data/idea/concept existed at a certain date by adding a reference to the data into bitcoins blockchain. Title: Re: Decentralized Trusted Timestamping Whitepaper (Proof of Origination) Post by: scs-ab on February 02, 2017, 08:51:56 AM I think you watched "Person of interest" and took it serious :) No, but thanks for the hint ;-)I have some ideas about something but I can't file a patent or register my invention it's rather in a theory phase anyways but I wanted to know if I could somehow use the blockchain to timestamp an encrypted version of my idea and in the future I could provide a private key to extract the data and decrypt it to prove I'm right [...] You're Spot-on. With the exception that we indeed could've attempted a patent. But that wouldn't suit our buisness case very well. All we need is "freedom to operate".but who will accept such data? legally I mean. Let's wait and see.Title: Re: Decentralized Trusted Timestamping Whitepaper (Proof of Origination) Post by: Xester on February 02, 2017, 10:29:34 AM Technology is made by man and man can also break the technology he made. This simply means that there are no fool proof technology. The only way that the community can reach the state of fool proof rule is if all person becomes honest. But nevertheless your technology is good and I hope it will be successful and useful in the future. But always keep in mind that the system has always its flaw so you just need to upgrade always so invaders may not enter the system.
|