In the News - Expert Opinion - Evidence Exchange

Press Releases
In the News
Future View

In the News

Computer evidence processed with AbsoluteProof's underlying technology (MD-5 and SHA-1) has been successfully admitted in civil and criminal cases worldwide. To date, there are no known challenges to AbsoluteProof technology on authentication grounds. In fact, recent case law has upheld the validity of its underlying MD-5 technology.

Taylor v. State

A recent appellate court decision in Texas specifically addressed the validity of the MD-5 process. Appellate courts are important because their rulings stand as binding law in their subject jurisdiction, while providing persuasive authority elsewhere. In Taylor v. State,---S.W.3d---, 2002 WL 31318065 (Tex.App.-Texarkana), the issue was whether the acquisition and verification MD-5 hash readings for authentication purposes constitute hearsay. The court determined that because the acquisition and verification hash readings are generated by a computer analysis independent of any data inputted by a human, the information is not hearsay. As a result the Court rejected the defendant's contention that the drive image was not authentic.

The ruling is significant as it provides that AbsoluteProof processed materials can potentially be authenticated at trial, even if the examiner who created it is unavailable to testify. AbsoluteProof's data integrity service is based upon Surety’s Digital Notary® engine, which provides mathematical, cryptographically verifiable proof of electronic record integrity. It is able to detect the alteration of a single bit in an electronic record or the alteration of the timestamp associated with that electronic record. The AbsoluteProof service uses a process that is fully disclosed to the public while still ensuring the confidentiality of the original record.

Mathematical Basis of AbsoluteProof

Two one-way hashing algorithms (MD-5 and SHA-1) are used in parallel to create a 288-bit hash value for a specific digital record. The hash value is used as a proxy for the digital record in the notary process. The notary process uses the same one-way hashing mechanism to combine hash values from previous records with new hash values to form an unbroken sequence of hash values. The hash values in the chain are then published, so that the process can be said to be "widely witnessed." The computational or algorithmic task of computing a false Notary Record is the task of computing two items:

A digital document of any kind
A computer file in the format of a Notary Record for Surety’s AbsoluteProof service, so that the document and its Notary Record pass the “validation” test of the service (without actually submitting the document to Surety’s “notarization” procedure)

Given the integrity of Surety’s management of its Universal Registry, the algorithmic task of computing a false Notary Record is at least as computationally difficult as the task of computing a collision for Surety’s parallel use of MD-5 and SHA-1 as a 288-bit one-way hash function. The probability of computing such a hash collision is 1 in 10 to the 87th power.

The Universal Registry includes built-in error-detection capabilities, which enable internal auditing of the registry on a regular basis. The Universal Registry is periodically mirrored between different online storage media, and is moved to off-line storage media on a regular basis. Offline media are stored in a secure offsite storage facility. Surety maintains multiple redundant server sites, located at separate geographic locations, and managed by different organizations. Surety also maintains redundant telecommunications links to those sites, providing access to server-class hardware platforms installed at each location. Communications between all software components of the AbsoluteProof system are secured against attack through use of standard secure communications protocols.

Surety and Secure Digital
Photocopier Avoid “Hearsay”

AbsoluteProof generates hash values in a secure, integrated, and automated manner. When incorporated within tools such as Evidence Exchange's Secure Digital Photocopier® (SDP), AbsoluteProof's authentication data is computer generated and automatically documented. Many processes used to generate and record hash values are not integrated and secure, thus requiring the manual recording and documentation of the readings. Under Taylor, this would be inadmissible hearsay if the examiner who generated and recorded the hash values were unavailable at trial. And, even if the examiner was available, he or she would have been using a non-integrated, manual process.

Evidence Exchange has extensive experience using Surety’s AbsoluteProof service and has incorporated the Digital Notary engine into SDP, its own electronic discovery and production product. Although designed specifically for preservation, digital discovery, and production, it is essentially today’s equivalent of a traditional photocopier. Instead of duplicating paper, however, it is used to securely duplicate digital documents of disparate types, such that there is a cryptographically secure link between copy and original. In that way, Surety’s data integrity solution is analogous to the chemical compound DNA that makes each person unique—except instead of dealing with genetics, digital notarization deals with the authentication of digital files.

Evidence Exchange’s SDP process provides a system for digitally notarizing source digital documents of disparate types, including compound documents (e.g., .zip, e-mail, etc.). The SDP system’s preprocessor is capable of extracting and digitally notarizing component documents from compound documents in such a way that individual component documents are both notarized and accessed individually while retaining the relationship between the component document(s) and the compound document. The SDP provides for securely duplicating source digital documents of disparate types, such that there is a cryptographically secure link between copy and original.

If necessary (i.e., for document production purposes), the system produces duplicate renditions of source compound and component documents, in a canonical interchange format, branded with serial numbers that are cryptographically linked to the original. These secured numbers are both sequential with all other copied documents and securely linked with the original itself. They provide verifiable proof against tampering and modification.

For more information, contact Surety at 703.707.9901 or visit www.surety.com.

Michael Prounis is the CEO and Co-Founder of Evidence Exchange, a three year old Electronic Discovery software & service company. He has worked in Legal Information Systems since 1977, having founded Arthur Andersen & Co. S.C.'s initial offering in the area (1982-1989) as well as co-founding Prounis Consulting Group, Inc. (1989-1996), which in 1996 was sold in part to Alco Standard Corporation (1996-1999). His specific experience with Electronic Discovery & Production goes back to 1987. Evidence Exchange is located at 21 Penn Plaza, NY, NY 10001. The phone number is (212) 594-2500 or michael.prounis@evidenceexchange.com.

<<Previous | Table of Contents | Next>>