[LINK] A Tool to Verify Digital Records

Kim Holburn kim at holburn.net
Wed Jan 28 09:07:29 AEDT 2009

I may be wrong in that I haven't read the details of how they actually  
plan do this and they might be talking about something different but  
some of the main problems I see with this are:

If we are talking about archiving documents, sound, movies then a  
change in a bit in a compressed archive can render the archive  
unreadable.  Changing a bit in a signed digital archive will render  
both the document unreadable and the signature invalid.  The digital  
hash while a good start is too sensitive in this case.  Changing  
document formats while maintaining hashes just does not seem possible.

If the document is (maliciously) altered the alterers can provide a  
new hash for the altered work.  Who will know the hash has been  
tampered with?  A digital hash or signature even when read by humans  
is not memorable in any way.  Who's to know if it has been changed.   
Unless the hash is somehow an integral part of the document itself a  
stand-alone hash or signature won't really be of much use.

Even if all this was overcome then better would be to provide a series  
of hashes so that parts of the document could be verified as well as  
the whole so that if the document was changed it would be possible to  
work out which parts had been changed.

As they mentioned recently important hashes like MD5 and SHA-1 have  
been "cracked".

How can you go back and retrofit a new hash into possibly millions of  
documents if an old hash has been cracked and still be sure the  
documents haven't been altered?


On 2009/Jan/27, at 6:00 PM, stephen at melbpc.org.au wrote:

> A Tool to Verify Digital Records, Even as Technology Shifts
> By JOHN MARKOFF  Published: January 26, 2009
> http://www.nytimes.com/2009/01/27/science/27arch.html?_r=1
> On Tuesday a group of researchers at the University of Washington are
> releasing the initial component of a public system to provide
> authentication for an archive of video interviews with the prosecutors
> for the Rwandan genocide. The group will also release the first  
> portion
> of the Rwandan archive.
> This system is intended to be available for future use in digitally
> preserving and authenticating first-hand accounts of war crimes,
> atrocities and genocide.
> Such tools are of vital importance because it has become possible to
> alter digital text, video and audio in ways that are virtually
> undetectable to the unaided human eye and ear.
> The researchers said history was filled with incidents of doctoring,
> deleting or denying written records.
> Now, they say, the authenticity of digital documents like videos,
> transcripts of personal accounts and court records can be indisputably
> proved for the first time.
> Designing digital systems that can preserve information for many
> generations is one of the most vexing engineering challenges.
> The researchers’ solution is to create a publicly available digital
> fingerprint, known as a cryptographic hash mark, that will make it
> possible for anyone to determine that the documents are authentic and
> have not been tampered with.
> The concept of a digital hash was pioneered at I.B.M. by Hans Peter  
> Luhn
> in the early 1950s.
> The University of Washington researchers are the first to try to  
> simplify
> the application for nontechnical users and to try to offer a complete
> system that would preserve information across generations.
> Both because of the rapid pace of innovation and the tendency of
> computers to wear out in months or years, the likelihood that digital
> files will be readable over long periods of time is far less certain  
> even
> than the survival of paper documents.
> Computer processors are quickly replaced by incompatible models,  
> software
> programs are developed with new data formats, and digital storage  
> media,
> whether digital tape, magnetic disk or solid state memory chips, are  
> all
> too ephemeral.
> Several technologists are already grappling with the evanescent  
> nature of
> digital records.
> Danny Hillis, a computer scientist, helped found the Long Now  
> project in
> 1996, warning about the possibility of a “digital dark age.”
> Mr. Hillis has argued that before the rise of digital information  
> people
> valued paper documents and cared for them. Since then, there has been
> progressively less attention paid to the preservation of  
> information. Now
> information is routinely stored on media that may last for only  
> several
> years.
> To that end, another computer scientist, Brewster Kahle, founded the
> Internet Archive in 1996 in an effort to preserve a complete record of
> the World Wide Web and other digital documents.
> Similarly, in 2000 librarians at Stanford University created LOCKSS,  
> or
> Lots of Copies Keep Stuff Safe, to preserve journals in the digital  
> age,
> by spreading digital copies of documents through an international
> community of libraries via the Internet.
> However, Ms. Friedman distinguishes her design work from those who  
> have
> focused on the simple preservation of digitized materials.
> Instead, she said she was trying to design complete digital systems  
> that
> would play a role in strengthening social institutions over time by
> creating a digital historical record that offered continuity across
> multiple life spans.
> “Building a clock is iconic,” she said. “What is really different is  
> that
> we are trying to solve socially significant, real-world problems.”
> Because problems like genocide, H.I.V. and AIDS, famine, deforestation
> and global warming will not be solved in a single human lifetime, she
> argues that information systems designed to ensure continuity across  
> many
> generations are a necessity.
> To ground the group’s research in a real-world situation, the  
> researchers
> began by building an archive of video interviews with the judges,
> prosecutors and other members of the International Criminal Tribunal  
> for
> Rwanda.
> The goal was to design a system that would ensure that the information
> was secure for more than a century.
> Last fall Ms. Friedman traveled with a group of legal experts and
> cinematographers to Arusha, Tanzania, where the tribunal is based,  
> and to
> Kigali, Rwanda, to conduct video interviews.
> After capturing five gigabytes of video in 49 interviews, the group  
> began
> to work on a system that would make it possible for viewers to prove  
> for
> themselves that the videos had not been tampered with or altered  
> even if
> they did not have access to powerful computing equipment or a high- 
> speed
> Internet connection.
> Despite the fact that there are commercial applications that make it
> possible to prove the time at which a document was created and verify
> that it has not been altered, the researchers wanted to develop a  
> system
> that was freely available and would stand a chance of surviving  
> repeated
> technology shifts.
> At the heart of the system is an algorithm that is used to compute a  
> 128-
> character number known as a cryptographic hash from the digital
> information in a particular document. Even the smallest change in the
> original document will result in a new hash value.
> In recent years researchers have begun to find weaknesses in current  
> hash
> algorithms, and so last November the National Institute of Standards  
> and
> Technology began a competition to create stronger hashing  
> technologies.
> The University of Washington researchers now use a modern hash  
> algorithm
> called SHA-2, but they have designed the system so that it can be  
> easily
> replaced with a more advanced algorithm.
> Their system will be distributed as part of a CD known as a “live CD,”
> making it possible to compute or verify the hash just by inserting the
> disk in a computer. The disk will also include software components  
> that
> will make it possible to view documents and videos that may not be
> accessible by future software.
> The problem is complex, said Michael Lesk, a professor in the  
> department
> of library and information science at Rutgers University, because not
> only must you be able to prove that the information has not changed in
> its original format, but you must also be able to prove that once the
> format is altered, the original digital hash is still valid.
> The Long Now Foundation is developing a software tool to easily  
> convert
> documents between digital formats, said Stewart Brand, a co-founder of
> the project. “The idea is to be able to change anything into anything
> else,” he said.
> A version of this article appeared in print on January 27, 2009
> --
> However there appear some doubters 'Canonical Hashes over video? Be
> skeptical' http://financialcryptography.com/mt/archives/001143.html
> Cheers people
> Stephen Loosley
> Victoria, Australia
> _______________________________________________
> Link mailing list
> Link at mailman.anu.edu.au
> http://mailman.anu.edu.au/mailman/listinfo/link

Kim Holburn
IT Network & Security Consultant
Ph: +39 06 855 4294  M: +39 3494957443
mailto:kim at holburn.net  aim://kimholburn
skype://kholburn - PGP Public Key on request

More information about the Link mailing list