In the slow-motion controversy over the gaps in the record of GW’s Texas Air National Guard Duty, the latest wrinkle has been the emergence of some damning documents that some people are concerned might be forgeries. While I’d be delighted to see Bush publicly embarrassed for shirking his military duty, I have to admit that the documents do look suspicious, and if they are forgeries, whoever is responsible is really fucking stupid.
But enough about all that. This got me thinking: today in the electronic world, there are ways to prove that you are the author of a document. But is there a way to prove that you authored the document on a certain date?
Currently, I don’t think there is a verifiable way to do this. But I can imagine a system that would make it possible.
First, we need to review the general ideas behind public-key cryptography (often abbreviated PKI, for “public-key infrastructure”). Traditional cryptography encoded a text using a single key, and both sender and recipient had to have copies of this key. Moving the keys securely was obviously a very serious problem.
PKI solves this. Everybody has two keys: a public key and a private key. The operations of these keys are complementary: a document encrypted with one’s public key can only be decrypted with the private key. So anybody can look up your public key, and secure the document so that only you can read it. Conversely, a document encrypted with one’s private key can only be decrypted with one’s public key. This allows you to “sign” a document electronically: your public key can be considered well-known, and can only be paired to your private key, so if a document can be decrypted by your public key, that’s evidence that it was encrypted with your private key, and either you wrote it or you left your private key lying around for someone to abuse.
Another important concept is the “secure hash.” A secure hash is a relatively short string of gibberish that is generated based on a source text. Each hash is supposed to be unique for each source text. It is trivial to generate the hash from the source text, but effectively impossible to work out what the source text might be based on the hash. Hashes can be used as fingerprints for documents. (Recently, a “collision” was discovered in a hashing algorithm, meaning two source texts resulted in the same hash, but it would still be effectively impossible to work out the source text or texts from any given hash.)
Now, PKI is fine for authenticating authorship, but doesn’t authenticate date of authorship. Not without some help.
PKI relies on key-servers that allow you to look up the public key of other crypto users. Imagine if we set up trusted date-servers to authenticate that a document was actually written when we claim it was written. It might work something like this: An author wishing to attach a verifiable date of authorship to a document sends a hash of that document to a trusted date-server. The date-server appends the current time and date to the hash, encrypts it under its own private key, and sends it back as a “dateprint. The author can then append the dateprint to the original document. If anyone ever doubts that the document was authored on the claimed date, they can decrypt the dateprint using the date-server’s public key; this will give them the claimed date and the document hash. The skeptic then takes a hash of the current document and compares it to the hash contained in the dateprint: if they match, then the current document is identical to the one submitted for dateprinting.