Cumulative notarization for long-term preservation of digital signatures

Dimitris Lekkas, Dimitris Gritzalis
2004 Computers & security  
The long-term preservation of digitally signed documents may be approached and analyzed from various perspectives, i.e. future data readability, signature validity, storage media longevity, etc. The paper focuses on technology and trust issues related to the long-term validation of a digital signature. We exploit the notarization paradigm and propose a mechanism for cumulative data notarization that results in a successive trust transition towards new entities, modern technologies, and
more » ... data. A future relying party will have to trust only the information provided by the last notary, in order to verify the validity of the initial signature, thus eliminating any dependency on ceased entities, obsolete data, and weak old technologies. The proposed framework uses recursive XML elements so that a notarization token structure encapsulates an identical data structure containing a previous notarization token. Extensible Markup Language (XML). the one stored in the CNT. 3. The relying party checks the validity of the last notarization. The verification of the notarization consists of the following basic checks: a. The signature of the last notary is algorithmically correct. b. The notary is trusted to perform the operation, as described in section 2.2 'Assumptions' and it is using current valid technology. c. The certificate of the last notary is validated, by checking its chaining up to a Certification Authority and the CSI for this certificate. d. An additional forgery protection described in section 5.1 exists and is valid. e. The attestation declaration and the optional timestamp included in the token are satisfactory for the relying party. Performing successfully the above steps will lead the relying party to conclude that the initial signature is valid and the initial signer is the one indicated in the 'signerDN' field. A further analysis of the intermediate notarization tokens up to the initial signature can be made for historical reasons only rather than for verification purposes, since it may rely on technology or data that is not trusted any more.
doi:10.1016/j.cose.2004.03.002 fatcat:pglvps7btnfdnbzeqaz2ojyujq