Renata Vaderna (Independent Researcher), Dušan Nikolić (University of Novi Sad), Patrick Zielinski (New York University), David Greisen (Open Law Library), BJ Ard (University of Wisconsin–Madison), Justin Cappos (New York University)
The digital age has caused more and more services to be accessible online. A key exception to this has been access to the law, which remains published on paper or aging online platforms. Jurisdictions that have adopted digital law platforms often face difficulties with ensuring the security of their law online.
In this paper, we introduce TAF, a system designed to secure legal repositories against unauthorized changes, and ensure the integrity of the law. Unlike prior archival or update frameworks, it is the first system that is designed for a threat model where an attacker fully controls the hosting repository. It also binds each signed repository state to publisher-defined legal dates, enabling verifiable as-of-date retrieval. First, TAF enables a repository of legal documents to remain accessible and authenticatable, no matter how long has passed since its publication. Second, TAF enables the independent verification of changes to a legal repository by anyone with read access to the repository. Third, TAF remains usable by users without a technical background or knowledge of cybersecurity.
TAF builds on the software-update guarantees of TUF, the version-control structure of Git, and a strong notion of time, where time is treated as signed data bound to specific repository states. TAF transforms the entire evolution of legal documents into an authenticatable, timestamped sequence of states, ensuring that every version, past or present, can be cryptographically verified. This property is not provided by Git or TUF alone.
We demonstrate that TAF is secure, scalable and performant, analyzing its behavior in various attack scenarios and its performance on large legal repositories, as well as ease of use. As a testament to TAF's security properties and performance, TAF is in production use by 14 jurisdictions in the US, including the City of Baltimore, the State of Maryland and Washington, D.C.