1. Keyless Signature Infrastructure
KSI Motivation:
- Complexities and cost of management for PKI Keys.
Service Provided by KSI:
- Data Integrity
- Time of Signature
- Verification of the origin.
Summary of the KSI:
Alice
Cloud Storage Alice Transfer her data
to Cloud
(ex. Joyent)
Guardtime Service An hash value is generated
GT per second and transferred to
GT service
Calender Database GT sign the has value and
publish it in the calender db.
Publication in public A summary of hash values in
newspaper the calender is published per
month month duration.
Fig: KSI workflow.

2. To check the integrity of data, Alice need to:
i. Keep track of last hash value. & before next update of the data, she will check if stored
hash value matches with the current hash value.
Attack Models:
1. Simultaneous update Attack:
Alice can detect corruption if made at time t3 but not at time t4 which
happened simultaneously with her own update.
h3 h4 Hash values over Time
h1 h2
Data over Time
Time
t3 t4
t1 t2
Attempt to Change by attacker
Alice changes her own data
 This data alteration can be changed by analyzing tamper-proof log data. In this case, only KSI
cannot provide data integrity. The risk becomes high when data is changed very frequently.
 KSI can potentially detect integrity violation, when Alice hardly changes her own data.
2. Known Signature Attack:
 The adversary can change the data & generate corresponding root hash value and
attack/persuade the print media to print the forged publication value.
o Thus, besides trusting Cloud provider and Guardtime, Alice also needs to trust the print
media.
Why do we need keyless Signature?
- If PKI is costly to manage key, can we make PKI key management more efficient?

3. Week Points of PSI:
- High computational cost for generating Hash value per second from large volume of Data (GB
Range).