One interesting application can be found in the Markets in Financial Instruments Directive II (MiFID II) which regulates financial markets in the European Union (EU) which requires the following (verbatim):
Operators of trading venues and their members or participants shall establish a system of traceability to UTC. They shall be able to demonstrate traceability to UTC by documenting the system design, functioning and specifications. They shall be able to identify the exact point at which a timestamp is applied and demonstrate that the point within the system where the timestamp is applied remains consistent. They shall conduct a review of the compliance of the traceability system with this Regulation at least once a year.
That is, not only the trading venues should be timestamped, but these timestamps should be verifiable by all the members.
The idea of timestamping has been implicit in science for centuries, with anagram-based instantiations being traced back to Galileo and Newton. A cryptographic timestamping scheme involves a document creator (or client) and a verifier, where the document creator wishes to convince the verifier that a document was at his possession at time T. In typical settings, the aim is to achieve universal verification, where any party can verify the timestamp, but one can also consider the simpler version where only a designated verifier can check the timestamp. Ideally, the protocol aims to protect against both backdating and postdating of a digital document.
A backdating attack would allow an adversary to change the temporal sequence of timestamped documents and thus can be problematic in the application described above.
To see why postdating attacks might be critical as well, we consider the following application scenario. A bank B has issued to Alice an electronic chequebook and wants to ensure that Alice cannot issue post-dated signatures (e.g., to use them as collateral for a loan from another bank C). This cannot be enforced by B by only requiring Alice to insert the signature on the blockchain, as Alice can issue the signature with a future date T, use it with bank C at time T’ < T and only post it on the blockchain at time T. Bank C has no reason not to accept the signature as it knows that it will be considered valid at time T (even if Alice does not post it on the blockchain, the Bank C can do it for Alice).
The Blockchain technology provides a great opportunity to timestamp digital documents due to its immutability and its ability to be extended with new information. Even more interestingly, a blockchain could be used in applications where it is crucial that the timestamps are verifiable by multiple entities (like in the case of MiFID).
One of the outcomes of Priviledge is a formal treatment on how to timestamp digital documents using the Blockchain technology. It considers both postdating and backdating attacks enabling a robust and publicly verifiable timestamping process.
One limitation of using a blockchain for timestamping is that the timestamping process might require some time (e.g., in the Bitcoin blockchain a new block only every 10 minutes). Even if there are faster blockchains, a fully decentralized, robust timestamping service that enables real-time timestamping would still requires further investigations.
Written by Michele Ciampi, University of Edinburgh