Transient-key cryptography

Transient-key cryptography is a form of public-key cryptography wherein keypairs are generated and assigned to brief intervals of time instead of to individuals or organizations, and the blocks of cryptographic data are chained through time. In a transient-key system, private keys are used briefly and then destroyed, which is why it is sometimes nicknamed “disposable crypto.” Data encrypted with a private key associated with a specific time interval can be irrefutably linked to that interval, making transient-key cryptography particularly useful for digital trusted timestamping. Transient-key cryptography was invented in 1997 by Dr. Michael Doyle of Eolas, and has been adopted in the ANSI ASC X9.95 Standard for trusted timestamps. Both public-key and transient-key systems can be used to generate digital signatures that assert that a given piece of data has not changed since it was signed. But the similarities end there. In a traditional public key system, the public/private keypair is typically assigned to an individual, server, or organization. Data signed by a private key asserts that the signature came from the indicated source. Keypairs persist for years at a time, so the private component must be carefully guarded against disclosure; in a public-key system, anyone with access to a private key can counterfeit that person's digital signature. In transient-key systems, however, the keypair is assigned to a brief interval of time, not to a particular person or entity. Data signed by a specific private key becomes associated with a specific time and date. A keypair is active only for a few minutes, after which the private key is permanently destroyed. Therefore, unlike public-key systems, transient-key systems do not depend upon the long-term security of the private keys. In a transient-key system, the source of time must be a consistent standard understood by all senders and receivers. Since a local system clock may be changed by a user, it is never used as a source of time.