Timeline for Proving that a file existed at a time
Current License: CC BY-SA 4.0
23 events
| when toggle format | what | by | license | comment | |
|---|---|---|---|---|---|
| Nov 7, 2023 at 7:58 | answer | added | Severin Schell | timeline score: 0 | |
| Apr 5, 2022 at 13:12 | history | edited | Callaeschrus | CC BY-SA 4.0 | added 54 characters in body |
| Apr 5, 2022 at 7:31 | history | edited | Callaeschrus | CC BY-SA 4.0 | added 202 characters in body |
| Apr 4, 2022 at 22:22 | answer | added | Mike Ounsworth | timeline score: 4 | |
| Apr 4, 2022 at 22:03 | answer | added | geek | timeline score: -1 | |
| Apr 4, 2022 at 21:03 | comment | added | mti2935 | @Callaeschrus If you are referring to the DKIM method that I described above - the provider (e.g. Gmail) puts a timestamp in the message headers, then that (along with other material) is signed using the provider's private key. So, faking the timestamp would require collusion on the part of the provider. If you are referring to the blockchain method that I described above, this is very difficult to fake, because it would require an enormous amount of hashing power (similar to a 51% attack). | |
| Apr 4, 2022 at 18:08 | comment | added | user | @Callaeschrus That is why you need a trusted third party creating the signature (Symantec timestamping or similar services). | |
| Apr 4, 2022 at 17:26 | comment | added | Callaeschrus | @mti2935, isn't it possible to generate a signature with a fake timestamp? | |
| Apr 4, 2022 at 16:55 | comment | added | mti2935 | WRT to suggestion by @schroeder of emailing the file to yourself - this works well if you send the message through a service (e.g. Gmail) that DKIM-signs messages. The signature is over a hash of all of the message content (including attachments) and a timestamp placed on the message by the provider. So, these cannot be altered without breaking the signature, and signature can be verified using provider's public DKIM key, which can be obtained from their DNS. See support.cartika.com/portal/en/kb/articles/… for more info. | |
| Apr 4, 2022 at 16:22 | comment | added | schroeder♦ | A more generic example, like I provided, would avoid getting lost in specific details. | |
| Apr 4, 2022 at 16:20 | comment | added | Callaeschrus | @schroeder, i thought an example would make it clearer what i mean | |
| Apr 4, 2022 at 16:19 | history | edited | Callaeschrus | CC BY-SA 4.0 | deleted 28 characters in body; edited title |
| Apr 4, 2022 at 16:18 | comment | added | schroeder♦ | I still don't know why you are holding on to this Ethereum implementation. I would simply say "put the file and its hash on the blockchain" and bypass the analysis of the minutia of the specific of your side idea. | |
| Apr 4, 2022 at 16:16 | history | edited | Callaeschrus | CC BY-SA 4.0 | deleted 28 characters in body; edited title |
| Apr 4, 2022 at 15:52 | comment | added | schroeder♦ | So, you've set up an XY Problem. If you don't care about your specific implementation, then don't include it. Describe what you want to achieve, your resources, constraints, and context. Who needs the proof? What's an acceptable level of proof? How can this proof be delivered? | |
| Apr 4, 2022 at 15:50 | comment | added | Callaeschrus | @schroeder, yes, sorry, i don't care about cryptocurrency; i just want the proof | |
| Apr 4, 2022 at 15:45 | comment | added | mti2935 | OP, you might want to consider taking a SHA256 hash (not SHA1) of the file, then storing the hash in the op_return field of a bitcoin transaction. Then, you can prove later that the file existed at the point in time when the bitcoin transaction was made, without disclosing the contents of the file. See security.stackexchange.com/questions/220247/… for more info. | |
| Apr 4, 2022 at 15:02 | comment | added | Callaeschrus | @schroeder, i don't understand how your suggestion proves anything. dates in emails can be altered. if there really are simple and free ways of doing what i want, please elaborate. | |
| Apr 4, 2022 at 14:56 | answer | added | foreverska | timeline score: 0 | |
| Apr 4, 2022 at 14:54 | comment | added | schroeder♦ | Do you want proof that a file existed at a certain time, or are you looking for validation of this specific and highly contrived process? Some people just attach the file to an email and send it to themselves. Then they forward the email to whomever wants proof... Why are you focused on ethereum, or cryptocoins, or blockchain? There are very simple and free ways to accomplish your goal. | |
| Apr 4, 2022 at 14:07 | comment | added | user | Timestamping services exist for this reason. Symantec has(had?) a timestamping server that you could use to cryptographically timestamp hashes in order to prove existence of it at that time. | |
| S Apr 4, 2022 at 13:39 | review | First questions | |||
| Apr 4, 2022 at 14:05 | |||||
| S Apr 4, 2022 at 13:39 | history | asked | Callaeschrus | CC BY-SA 4.0 |