Blockchain in digital preservation

Introduction

Digital records to be found in digital archives were either digitized or born digitally. Digital preservation, as opposed to preservation of analogue materials whereby preservation of a record depends on preservation of its medium, splits the notion of preservation into at least two parts - preservation of the content independently of the medium, and preservation of the physical carrier, i.e. the storage medium. There are authors who argue for a third aspect, as well. Thus, Thibodeau (2002, p. 6, italics in original) states that

every digital object is a physical object, a logical object, and a conceptual object, and its properties at each of those levels can be significantly different. A physical object is simply an inscription of signs on some physical medium. A logical object is an object that is recognized and processed by software. The conceptual object is the object as it is recognized and understood by a person, or in some cases recognized and processed by a computer application capable of executing business transactions.

This should be considered when conversion, e.g. from an obsolete file format to a current one, or migration, e.g. from an obsolete medium to a current one, are performed, aiming to preserve digital records in the ever-changing technological space. However, while performing preservation actions it is important to have in mind that ISO 15489-1 (International Organization for Standardization, 2016) requires every digitally preserved record to have its characteristics of authenticity, reliability, integrity, and usability intact. This chapter adopts the ITrust’s definition according to which trustworthiness of a record refers to its accuracy, reliability, and authenticity (Inter- PARES Trust Terminology Database, n.d.), and makes it an anchoring point in the research focused on long term preservation of digitally signed or sealed records. Those types of records have been chosen because of their specific technical requirements.

Digital signatures, digital seals, certificates, and timestamps

While technically the same, the difference between digital signatures¹ and digital seals is that a digital signature can be associated only with a natural person and the signing key must be under the sole control of the signatory with the aim of signing, while a digital seal can be associated only with a legal person and the signing key must be under the sole control of the process assigning the seal with the aim of ensuring integrity and origin (Cryp- tomathic, n.d.; elDAS, 2014). A digital signature is a code created according to cryptographic principles using the Public Key Infrastructure (PKI) connected to a digital object, which serves as proof that the object has not been tampered with, and in some cases can be used to authenticate the sender’s identity (Mihaljevic, Mihaljevic, & Stancic, 2015). Therefore, a scanned wet signature does not fall under the definition of a digital signature. It is merely an image placed at a certain place in a document which cannot confirm one’s identity because anyone can place it there. However, if the partners in a process agree to trust it and if it becomes a basis for other business actions, it may be used. This chapter does not focus on digitized wet signatures but on advanced digital signatures. According to the elDAS Regulation (2014), an advanced electronic signature (AdES) must meet the following requirements:

a) it is uniquely linked to the signatory; b) it is capable of identifying the signatory; c) it is created using electronic signature creation data that the signatory can, with a high level of confidence, use under his sole control; and d) it is linked to the data signed therewith in such a way that any subsequent change in the data is detectable.

Therefore, such a signature has the qualities of irrevocability or non-repudiation because the signatory cannot deny that (s)he has indeed signed a document.

The PKI system, relying on the combination of public and private keys, provides the components necessary for managing (issuing, verifying, and revoking) public keys and certificates, as well as their storage and preservation. It also provides secure authentication of communication between participants, exchange of encrypted data, information, documents, and records, digital signing and со-signing, and a unique registry of public keys in the form of digital certificates.

Stancic (2018a, p. 9) explains that a digital certificate confirms the connection between a secret key owned by a person and the associated public key. It is a system whereby the identity of the person is stored together with the corresponding public key, and the entire structure is digitally signed by a trusted third party (certification service). A digital certificate is issued for a limited period (usually two to five years) during which the certificate, i.e. its validity, may be revoked. The validity can be verified by checking the digital signature, but there must be a direct trust or a trust chain to the Certification

Authority (CA) certifying the digital certificate. CA issues, manages, keeps, and revokes digital certificates and guarantees their validity. Thus, CA is a trust entity and a third party. The Registration Authority (RA) handles users’ requests to issue digital certificates, registers users, and cooperates with the CA in certificate issuing. The RA ensures the correct physical identification of users, thus ensuring the non-repudiation characteristic of digital signatures. In addition to the RA and CA, there is a Certificate Repository (CR) where public keys, user certificates, and Certificate Revocation List (CRL) are stored. There are two ways of knowing whether a digital certificate is revoked - either to check whether the certificate revocation information has been published on the CRL, or by using the Online Certificate Status Protocol (OCSP), an internet protocol used for obtaining the revocation status of a certificate.

The digital timestamp plays an important role in the context of digital signatures. It represents a digitally signed certificate of a timestamp issuer - Timestamping Authority (TSA) - which confirms the existence of the data, information, document, or record to which the timestamp relates, at the time stated on the timestamp, thus ensuring reliable proof that, for example, a record originated earlier or just before the time indicated in the digital time- stamp, but not after it was issued. Any subsequent changes to the record or timestamp are not allowed and can be easily detected. Therefore, the digital timestamp confirms that the record at hand existed in that form at the time indicated in the timestamp, and that it was not changed after the time indicated in the timestamp. The TSA digitally signs the hash value of the record, along with the time value (coming from a trusted source, e.g. Coordinated Universal Time), thus issuing the digital timestamp, which is subsequently combined with the record and the signatory’s private key to create the digital signature with the indication of the time of signing.

The archival timestamp implements an onion-like approach. The ETSI (2016) standard defines four basic levels of baseline (B) digital signatures enabling interoperability and the lifecycle of records: 1) B-B - basic; 2) B-T - timestamp added to the B-level; 3) B-LT - long term validity verification information added to the T-level; and 4) B-LTA -enabling periodic addition of the archival timestamp to the LT-level (Figure 21.1).