The National Academies Press

Currently Skimming:

5 Record Integrity and Authenticity
Pages 59-70

The Chapter Skim interface presents what we've algorithmically identified as the most significant single chunk of text within every page in the chapter.
Select key terms on the right to highlight them within pages of the chapter.

From page 59... ... Increased experience with personal computers has made the public aware of how easily digital documents can be altered undetectably. The committee firmly believes that within the decade, both the public and the courts will have little confidence in digital records that lack the best assurances that technology can provide. Read the entire page →
From page 60... ... Those approaches are presented as examples of the level of care that must be applied; it is not claimed that they are the only possible approaches. DIGITAL ASSURANCE TOOLS AND PRINCIPLES Digital assurances for records are based fundamentally on maintaining multiple, geographically and administratively separated copies and on using cryptographic techniques to provide integrity checking and secure transmission of records to and from the archive. Read the entire page →
From page 61... ... Their value is limited by their validity window: the time-to-compromise of the secret signing key, the time-to-compromise of the signature algorithm, and the time-to-obsolescence of the public key infrastructure -- whichever is shorter. For example, if a private key used to form digital signatures for records becomes compromised as of a certain date, any records verified with the public key corresponding to that private key after that date are suspect. Read the entire page →
From page 62... ... Many current Web browsers that use SSL either omit or deemphasize this step, with the consequence that their supposedly secure channel may not be secure at all. Long-term record assurance depends on measures other than digital signatures or secure channels. Read the entire page →
From page 63... ... Designing digital assurances into an electronic records archive is similar to designing security measures. First, the cryptographic techniques must be chosen carefully, and the Read the entire page →
From page 64... ... The published list is then simply a correspondence between record identifiers and hash digests. Techniques for combining hash values can be used to reflect the integrity of a huge archive using a single hash digest, which is more practical to publish than a very large number of individual hashes. Read the entire page →
From page 65... ... Stored with each of the million witness values is the following linking information: the list of 20 sibling hash values (each one accompanied by a bit indicating whether it is the right or the left sibling) along the path from the leaf up to the published hash value. Read the entire page →
From page 66... ... If a cryptographic algorithm were to be compromised, hash values computed using that algorithm would not provide assurances of integrity. The following provisions are, therefore, essential for long-term archival preservation: � Archive systems should be designed to accommodate replacement of cryptographic functions and to allow records to be reprocessed to attach revised digital assurances. Read the entire page →
From page 67... ... Another possibility is to submit c1 as a request to the new time-stamping system, but that would be vulnerable to the later occurrence of a devastating attack on the hash function used in the computation of c1, as follows: if an adversary could find another record r with the same hash value as r (a hash collision) , then the renewal system could be used to backdate r to the original time. Read the entire page →
From page 68... ... . In any case, the new form of the record will not contain the same bits as those in the original, and as a result neither the authentication nor the integrity checking associated with the original record will apply to the new form. Read the entire page →
From page 69... ... Promoting Digital Assurance Throughout the Federal Government The preceding arguments clearly call for digital assurances to be applied to records throughout their life, not just starting at the time they are ingested by NARA. However, digital Read the entire page →
From page 70... ... These techniques require software to create and maintain digital signatures and the like, but also operational measures to issue and manage cryptographic keys, and operational measures to ensure that the records-management system itself is not compromised. The Records Management Redesign initiative, currently underway, provides an opportunity to inaugurate and promote the use of digital assurance techniques for government records. Read the entire page →

From page 59...

... Increased experience with personal computers has made the public aware of how easily digital documents can be altered undetectably. The committee firmly believes that within the decade, both the public and the courts will have little confidence in digital records that lack the best assurances that technology can provide.

Read the entire page →

From page 60...

... Those approaches are presented as examples of the level of care that must be applied; it is not claimed that they are the only possible approaches. DIGITAL ASSURANCE TOOLS AND PRINCIPLES Digital assurances for records are based fundamentally on maintaining multiple, geographically and administratively separated copies and on using cryptographic techniques to provide integrity checking and secure transmission of records to and from the archive.

Read the entire page →

From page 61...

... Their value is limited by their validity window: the time-to-compromise of the secret signing key, the time-to-compromise of the signature algorithm, and the time-to-obsolescence of the public key infrastructure -- whichever is shorter. For example, if a private key used to form digital signatures for records becomes compromised as of a certain date, any records verified with the public key corresponding to that private key after that date are suspect.

Read the entire page →

From page 62...

... Many current Web browsers that use SSL either omit or deemphasize this step, with the consequence that their supposedly secure channel may not be secure at all. Long-term record assurance depends on measures other than digital signatures or secure channels.

Read the entire page →

From page 63...

... Designing digital assurances into an electronic records archive is similar to designing security measures. First, the cryptographic techniques must be chosen carefully, and the

Read the entire page →

From page 64...

... The published list is then simply a correspondence between record identifiers and hash digests. Techniques for combining hash values can be used to reflect the integrity of a huge archive using a single hash digest, which is more practical to publish than a very large number of individual hashes.

Read the entire page →

From page 65...

... Stored with each of the million witness values is the following linking information: the list of 20 sibling hash values (each one accompanied by a bit indicating whether it is the right or the left sibling) along the path from the leaf up to the published hash value.

Read the entire page →

From page 66...

... If a cryptographic algorithm were to be compromised, hash values computed using that algorithm would not provide assurances of integrity. The following provisions are, therefore, essential for long-term archival preservation: � Archive systems should be designed to accommodate replacement of cryptographic functions and to allow records to be reprocessed to attach revised digital assurances.

Read the entire page →

From page 67...

... Another possibility is to submit c1 as a request to the new time-stamping system, but that would be vulnerable to the later occurrence of a devastating attack on the hash function used in the computation of c1, as follows: if an adversary could find another record r with the same hash value as r (a hash collision) , then the renewal system could be used to backdate r to the original time.

Read the entire page →

From page 68...

... . In any case, the new form of the record will not contain the same bits as those in the original, and as a result neither the authentication nor the integrity checking associated with the original record will apply to the new form.

Read the entire page →

From page 69...

... Promoting Digital Assurance Throughout the Federal Government The preceding arguments clearly call for digital assurances to be applied to records throughout their life, not just starting at the time they are ingested by NARA. However, digital

Read the entire page →

From page 70...

... These techniques require software to create and maintain digital signatures and the like, but also operational measures to issue and manage cryptographic keys, and operational measures to ensure that the records-management system itself is not compromised. The Records Management Redesign initiative, currently underway, provides an opportunity to inaugurate and promote the use of digital assurance techniques for government records.

Read the entire page →

← Previous Chapter Skim

Next Chapter Skim →

This material may be derived from roughly machine-read images, and so is provided only to facilitate research.
More information on Chapter Skim is available.

5 Record Integrity and Authenticity Pages 59-70

5 Record Integrity and Authenticity
Pages 59-70