How can I guarantee non-modification of data with signatures?

Use trusted timestamps

Have one more trusted external company timestamp and sign a hash of your content for you. There are several companies that do this for money.

  • See: Trusted Timestamping (wiki page)
  • Globalsign has a nice diagram (and they also sell that service)

You can then create a chain. Where each link of the chain links to its predecessor and each link is also signed.


For the sake of a complete answer considering some major advances on the topic since the question was initially answered, I will provide an alternative one.

The answer is still "trusted timestamps", but the mechanism is quite different.

Ask yourself, where might you find a source of public, transparent, chronological events that is both immutable and leverages the benefits of a distributed consensus mechanism (resistant to tampering by a controlling individual) - yes, you're correct - the Bitcoin blockchain.

Since this question was originally answered an plethora of proof-of-existence services have come to the fore. Notable examples are Open Timestamps, Stampery and Proof of Existence.

Here is an excerpt from the OpenTimestamps website which describes the service:

A timestamp proves that some data existed prior to some point in time. OpenTimestamps defines a set of operations for creating provable timestamps and later independently verifying them. At the time of writing timestamping on the Bitcoin blockchain is supported, the format is flexible enough to support a variety of methods.

So, how do these provide trusted timestamping functionality? Well it's quite simple actually, a hash is calculated over the target data just like with "legacy" trusted timestamps but he hash is then incorporated into a Bitcoin transaction which is subsequently incorporated into the Bitcoin blockchain accompanied by the timestamp of that Bitcoin block.

Proof of existence of the source data can therefore be tied back to the creation time of the block by any entity with the source data. The proof is can be trusted for as long as the Bitcoin blockchain incentive and distributed trust mechanisms hold true and beyond.

All of these services have their various benefits and draw backs and I won't say which is better since the fundamental functionality is the same, but Open Timestamps has two additional things going for it:

  1. It's free (well at this point you can sign things without actually having to pay the Bitcoin associated with the transaction). This is possible since the service make use of Merkle Trees to aggregate many hashes into a single Bitcoin transaction.
  2. It's been independently researched and peer reviewed in the context of digital forensics (which would be great for when the issue at hand ends up in court and the timestamp validity is questioned). Here (Applying distributed ledger technology to digital evidence integrity) is the paper in question. Note how is highlights that the service is extremely reliable with zero false positives or false negatives, but due to factors such as Bitcoin network performance, these timestamps are not suited for time sensitive operations (where the minutes and seconds matter)