Return to Level1Techs.com

Is it possible to prove that a file did not change over time? - Is it possible to establish a provable, trusted third party?


#1

This question is mostly because of curiosity. How would you go about solving this problem and which solutions are there that I have not found?:

Let’s say I have created a file and I want to be able to later prove that the file did not change since it’s creation. Also I do want to prove this not only to me but also to another person that I do not know at the time of creating the file and who does not necessarily trust me.

The only thing I could come up with is to create a hash of the file with a time stamp and give it to an ideal, trusted third party. The closest thing to achieve this would probably be to use some kind of Blockchain to distribute trust over many entities.

Is there a better way? How do you get something like a trusted party where you can quantify and prove that it is trustworthy.

Maybe some kind of algorithm that receives an ID, a hash, makes a timestamp and saves it so when you input the ID you get the hash out. However, then you have to prove that the algorithm and storage did not get tampered with. Is such a thing possible? I kind of feel that with asymmetric key cryptography this should be possible.


#2

I’d hash it. it’s the easiest way. Honestly the only way I can think of.


#3

But how can I then prove to a third party that I did not change the file and hashed it again?


#4

allow them to hash the same file.


#5

hash it, upload the hash to github. no need to over-complicate things with blockchain nonsense.


#6

what if I don’t know the person at the point of file creation?


#7

hmmm, …
I have not thought about that. For most practical purposes this is actually a good idea. From a theoretical standpoint now github is the trusted third party. In practice probably good enough.

The reason my question is so strange is that I am curious if there is a mathematically provable way to establish a trusted third party.


#8

No. The root of trust isnt a mathematical problem its a social one, one you can use mathematical tools to verify trust between the who you trust. e.g. PGP/GPG, certificates; and non mathematical tools like chain of custody etc.


#9

Crytographically sign the file with both your public key and the trusted/impartial third-party’s public key.


#10

You could hash it, zip it, and upload it to dropbox, google drive, or really most 3rd party storage solutions.

Those websites show when the file was uploaded. That info is server side so it can’t be tempered with.


#11

How sure are you about this? Can you point me somewhere? The way I framed the question (around trust) it is of course a social problem. I should probably try to formulate it another way and make it something that can be proven or disproven.

Thanks a lot by the way to everyone :slight_smile:


#12

For most practical purposes this would again work (like Edens github solution). I am mostly interested in an ideal theoretical solution :wink:


#13

You will fail. Maths stops at the computer. Have a look at it, it isnt attached to you.

When it comes to trust, ultimately trust is assessed on people. Of course there is the whole computer based trust “is this computer the computer it says it is” sort of thing, but even that at some point has a person at the end in which someone makes the decision to trust with the keys.

The technology will only get you so far. you can put more and more control over something for the things you trust less and less but ultimately you need to trust someone based solely on your judgement and evidence of their character.

in this case github might be sufficient, it runs git so it permanently records your hash commits, you can trust the company fairly well for your particular use case and know they arent likely to try and attempt to change anything of yours.


#14

You can look at things like NIST guidelines (its a horrible waste of your time :smile: ) used by US gov to see that there isnt a one solution fits all and there isnt a technological answer for ultimate trust.

if they cant do it…

I suppose a way in theory to do it would be to record every action and thought of every human on earth (or maybe just those involved) that way youd have the information to enforce trust though technology.


#15

very good point, in the end I would again need to trust the hardware. That is difficult to get into a logical framework.

a lot of stuff to think about.


#16

Well, … challange accepted

:wink:

jokes aside, it is clear then that there is no obvious solution that I missed. Good to know. Sometimes there are these problems you start thinking about and I just was curious.


#17

Instead of trusting people you could place trust in something else.

You’ve no doubt seen movies where a kidnapped person is placed next to a television that is displaying a live broadcast, then both are filmed as proof that the kidnapped person was still alive at the time the broadcast went to air. An even older version is taking a photograph of a person holding up a newspaper in front of them. In the latter case, the date stamp on the masthead provides the trust mechanism. In the former case it’s the live broadcast. Both are out of control of the kidnapper, so both are something that can be trusted by whoever gets the ransom demand.

Depending on how important the file is, and how frequently you need to generate such files, a similar approach could be used. Instead of placing trust in people, place it in space and time.

Take a file and hash it. Print the hash onto a transparency sheet. Stick it to the window of your car. Drive your car through public streets (e.g. areas visited by tourists) or by a public event (e.g. a new year’s eve fireworks display) or a large-scale construction project (e.g. bridge). Take a few minutes of video from inside the car, through the transparency sheet with the hash, of the scene beyond. Bonus points if a laptop is performing text-to-speech on the hash at the same time. Bundle the video with the hash and the file into an archive and store/send that.

Public places/events/constructions are unique in time and space. You cannot “go back in time” and overlay a forgery of a physical/audible hash onto live video of such public spaces without the fake being obvious to even an amateur observer.

The reason why is simple: Each letter of the hash will obscure the public space beyond. The letter G could completely hide a person, for example, or half a car, a pram, or even a skyscraper. To substitute a different letter/hash means you would have to “make up” all of the obscured scenery that has now been revealed. That is computationally impossible without leaving artefacts that an average human eye would quickly and easily detect.

Current — state-of-the-art — algorithms can interpolate frames and dynamically predict and reconstruct backgrounds — but only if the occluded area is relatively small, geometrically simple, and frame deltas are minimal (the scenery isn’t moving very fast). A high resolution camera, filming at a low frame rate (say 1 frame per second), in a moving vehicle, easily undermines the interpolation process and makes artefacts inevitable and obvious.

So, not exactly ‘clickety-click’ easy — but doable… and you don’t need to trust any humans. In essence, all you are doing is recording the hash and a unique point in space and time — that is beyond your control and cannot be recreated — simultaneously. That preserves, validates and dates the hash. The rest is easy.


#18

interesting …
this approach is in a way similar to my first thought with blockchain, only more old school. This way you are distributing trust with all the information of spaces that you visit, similarly it is increasingly difficult to forge the information the more you drive around and verifiable data you pack in.

A very graphic, intuitive way of thinking about the problem. Thinking this way it becomes clear that the most important aspect is actually getting the existence of the hash at a certain time verified. I could still hold the information (hash + time verification) myself as long as it is reasonably hard to forge the verification method (i.e. video footage, blocks, …).

This makes me think … you could only take the time verification part of blockchain and throw away the rest. Essentially you could get as many people/entities as possible “together” (regularly) who mutually verify the existence of their data at the time of the “meeting”.

When I have some time I have to dig up what kind of research has been done on this topic.


#19

Your proposed method still requires trust in people.

This is a bit ridiculous to be honest. Its something someone would come up with for a film because it might look cool and complex. The reality is its unverifiable and flawed.

video isnt kept forever, its not a reliable source for trust of evidence, not to mention the simple impracticality of the size of text that would be required for it to be legible at all. Assuming you could even recover the video, which is unlikely.

hash it and upload it to github, it achieves the same thing except its verifiable and simple and uses a 3rd party regarded as reliable for the technology used.

This isnt something that needs to be complex, the problems basically been solved and used by anyone needing it for years.


#20

You are incorrect. I suggest you read it fully/again. You only need to trust your own eyes.

Video files can be transferred from media to media, with distributed copies for redundancy, along with the codecs required to play them, and thus can survive forever — they can certainly survive a lot longer than Github will… Github is a centralised system with a single point of failure. It relies on a ton of people, protocols, systems and conditions to exist, nor is it particularly secure. No long-term survival prospects there.

Your “simple” idea (which is, in reality, complex, highly-dependent, fragile and relatively insecure) is the one that it is flawed. It’s equivalent to placing trust in something like GeoCities. Fine if you want to be trendy for a short period of time, but useless if you want to preserve trust for a long time, or forever.

It is true that “upload hashes to some random, disinterested, third-party website and let them become the unwitting bearer of trust” is an easy approach — something that can be accomplished completely in code, and which can scale quite well — but just because a viable, short-term solution can be quickly implemented by lazy people doesn’t actually make it better.

In my post I made it clear that the video approach wasn’t appropriate for all situations:

Since the OP did not indicate the importance of the files he is working with, or how frequently they need to be generated/tested, the video approach (being more labour-intensive) was proposed as a possibility for higher-value and infrequently-generated files.

If you want to ensure that tweets, status updates or cat memes haven’t been tampered with, sure, upload hashes to Github. However, you’d have to be verifiably-insane to risk losing trust in a property deed or contract by using the same approach.

As you say: