Keyless Signature InfrastructureKSI Motivation: - Complexities and cost of management for PKI Keys.Service Provided by KSI: - Data Integrity - Time of Signature - Verification of the origin.Summary of the KSI: Alice Cloud Storage Alice Transfer her data to Cloud (ex. Joyent) Guardtime Service An hash value is generated GT per second and transferred to GT service Calender Database GT sign the has value and publish it in the calender db. Publication in public A summary of hash values in newspaper the calender is published per month month duration. Fig: KSI workflow.
To check the integrity of data, Alice need to: i. Keep track of last hash value. & before next update of the data, she will check if stored hash value matches with the current hash value.Attack Models: 1. Simultaneous update Attack: Alice can detect corruption if made at time t3 but not at time t4 which happened simultaneously with her own update. h3 h4 Hash values over Time h1 h2 Data over Time Time t3 t4 t1 t2 Attempt to Change by attacker Alice changes her own data This data alteration can be changed by analyzing tamper-proof log data. In this case, only KSI cannot provide data integrity. The risk becomes high when data is changed very frequently. KSI can potentially detect integrity violation, when Alice hardly changes her own data. 2. Known Signature Attack: The adversary can change the data & generate corresponding root hash value and attack/persuade the print media to print the forged publication value. o Thus, besides trusting Cloud provider and Guardtime, Alice also needs to trust the print media.Why do we need keyless Signature? - If PKI is costly to manage key, can we make PKI key management more efficient?
Week Points of PSI: - High computational cost for generating Hash value per second from large volume of Data (GB Range).