A Performance Analysis of Long-Term Archiving Techniques

A challenge for digital archives managing long lived data, such as medical records and land registers, is to guarantee long-term authenticity, integrity, and datedness. Although some techniques have been proposed that provide these security goals, most proposals lack a corresponding performance analysis. Thus, in this paper we provide an analytical analysis of the performance of several proposals. Following, to see the impact of different approaches on the runtime, we implemented the most promising schemes and compared them with respect to their required storage space and verification time. Furthermore, the identified computational bottlenecks of the techniques are presented and corresponding improvements are indicated. Finally, we show how to select a long-term archiving scheme and the appropriate key sizes based on trust assumptions and the number of documents to be archived.

[1]  Corporate,et al.  The handbook of information security , 1991 .

[2]  G.E. Moore,et al.  Cramming More Components Onto Integrated Circuits , 1998, Proceedings of the IEEE.

[3]  Carlisle M. Adams,et al.  Internet X.509 Public Key Infrastructure Time-Stamp Protocol (TSP) , 2001, RFC.

[4]  L. Kish End of Moore's law: thermal (noise) death of integration in micro and nano electronics , 2002 .

[5]  Russ Housley,et al.  Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile , 2002, RFC.

[6]  Dimitris Gritzalis,et al.  Cumulative notarization for long-term preservation of digital signatures , 2004, Comput. Secur..

[7]  Stuart Haber,et al.  How to time-stamp a digital document , 1990, Journal of Cryptology.

[8]  C. Walter Kryder's law. , 2005, Scientific American.

[9]  Hossein Bidgoli Handbook of Information Security , 2005 .

[10]  Stuart Haber,et al.  A Content Integrity Service For Long-Term Digital Archives , 2006 .

[11]  Johannes A. Buchmann,et al.  Perspectives for cryptographic long-term security , 2006, CACM.

[12]  Carmela Troncoso,et al.  Improving secure long-term archival of digitally signed documents , 2008, StorageSS '08.

[13]  Detlef Hühnlein,et al.  A Comprehensive Reference Architecture for Trustworthy Long-Term Archiving of Sensitive Data , 2009, 2009 3rd International Conference on New Technologies, Mobility and Security.

[14]  Luís Filipe dos Santos Gonçalves,et al.  XAdES4J: a java library for XAdES signature services , 2010 .

[15]  Tobias Gondrom,et al.  Extensible Markup Language Evidence Record Syntax (XMLERS) , 2011, RFC.

[16]  D. Rosenthal,et al.  The Economics of Long-Term Digital Storage , 2012 .

[17]  Melanie Volkamer,et al.  The Notary Based PKI - A Lightweight PKI for Long-Term Signatures on Documents , 2012, EuroPKI.

[18]  Johannes A. Buchmann,et al.  Introduction to Public Key Infrastructures , 2013, Springer Berlin Heidelberg.

[19]  David K. Chiabi European Telecommunications Standards Institute , 2015 .