Misconceptions about digital data

An English teacher working in China helped his girlfriend cheat on her assignments and exams. But then she dumped him, and so he told the university. The case is interesting on its own merits, especially because the ex-girlfriend stands to lose her student visa and may end up deported back to China. But what really caught my attention was this terrible misconception about digital data from the article:

“Fred D’Agostino, the Director of Studies, is investigating and I sent him copies of all the work I had done.

“All of this was in the form of forwarded emails which are all dated.” “I also sent him copies of the files I received via MSN messenger during the final exam and the corrected versions that I sent in return.

“Again, all are dated and timed and cannot be altered or modified in any way as this would show on the documents.”

Apparently this man is under the misconception that data cannot be altered, and the news reporter wasn’t technologically knowledgeable enough to know to point out this claim as nonsense.

All digital data is just composed of ones and zeros, and it can all easily be modified. These timestamps that “cannot be altered or modified in any way” actually can very easily be modified through the use of a simple hex editor, though of course there are non-free programs out there specifically for less technically-inclined people who want to “forge” timestamps. The timestamps in Microsoft Word or even filesystems (e.g. what date the file was last modified) are not cryptographically secure, and thus, they are meaningless. They can be edited with impunity, leaving no trace, and are (or should be) ineligible as evidence in any educated court of law.

Now, if these timestamps had been cryptographically secured, that is another thing entirely. One way to do this would be to have a central trusted authority that uses public-key cryptography to sign timestamps. Anyone could submit a file and have the central trusted authority concatenate it with a current timestamp and then sign it with the authority’s private key. Using the public key, anyone could verify that a timestamp was accurate, but because they wouldn’t have access to the private key, they wouldn’t be able to forge a timestamp. This timestamp authentication protocol would work so long as the central authority remained trusted. Of course, the downside is that if the central authority is ever compromised and someone obtains the private key, then all signed timestamps would become worthless, because any arbitrary timestamp could be signed with any document.

I’m sure there’s a better protocol to do this that wouldn’t retroactively destroy the validity of all past timestamps in the event of a compromise, I just can’t think of what it would be right now. But as you can see, any sort of cryptographically secure timestamp verification is much more complex than anything that Microsoft Word or any email systems are doing. I cannot even imagine the extra computing overhead that would be imposed by including cryptographically secure timestamping on every file and every email. Most people would not suffer such a thing for so few benefits.

Comments are closed.