Technology Comparison
The following compares PKI, KSI and hash-values as candidates for digital signature/timestamping scheme used to authenticate electronic data. PKI and KSI are entirely complementary technologies. Estonia is the birthplace of KSI and also the only country that has achieved widespread adoption of PKI based legally binding digital signatures. In Estonia PKI is used for electronic (legally binding) signatures and KSI is used for large-scale, long-term authentication of electronic data at rest.
| KSI | PKI | Hash Values | |
| Identity | Machine | Human | N/A |
| Validity | Based on the security of the hash function | 3-5 years (operational lifetime of secret key) | Based on the security of the hash function |
| Cost | Virtual Machine + Internet Connectivity | Certificates + auditing + insurance + time-source + security hardware + in-house security expertise + key management ceremonies | None |
| Time | Yes | Yes | N/A |
| Quantum Secure | Yes Hash functions are a key component of post-quantum cryptography | No Via Shor’s algorithm integers can be factorized in polynomial time making RSA subject to attack. Won’t be an issue for the forseeable future though. | Yes Hash functions are a key component of post-quantum cryptography |
Trust Anchors
Note that all assertions are based on security assumptions or “trust anchors”:
KSI (Keyless Signature Infrastructure)
KSI uses hash-linking digital timestamping and hash function based server side signatures to assert signing time, signing entity and data integrity. Without the complexities of key management it is ideally suited for large-scale long-term authentication of electronic data at rest. Assertions are made using formal mathematical methods.
PKI (Public Key Infrastructure)
A combination of PKI based digital signatures and digital timestamps can be used to prove signing entity, signing time and data integrity however the complexities and cost of key management make it very challenging to use as a long-term large-scale authentication scheme for data at rest. The assertions are based on a Certificate/Timestamp Authority acting as a Trust Authority.
Hash-Values
Hash values have limited use to make assertions about data integrity as they are not anchored in time. In other words it is pointless trying to assert data integrity using a hash value as it is possible to modify the data and generate a different hash value prior to making the assertion.