Add section on distributed trust

chapters/01_introduction.tex

 \section{Introduction}\label{section::introduction}
 
 \subsection{Trusted time-stamping}
+
 The simplest approach to digital time-stamping relies on a trusted third party (TTP).
 If Alice wants to time-stamp a document and prove the document's existence at the time-stamp's time to Bob at some later time, she can ask a time-stamp authority (TSA) to cryptographically sign a secure hash of her document together with the current time.
 Bob accepts the TSA's signature as proof of the document's existence at the specified time. (cite Haber1991Timestamp) 
@@ -13,7 +14,33 @@ This trust in a single authority can be problematic in practice.
 Even if we could assume complete impartiality of the TSA with regard to Alice and Bob, what happens if the party responsible for running the TSA wants to time-stamp a document of their own?
 Clearly, to ensure impartiality, another TSA would need to be used.
 But now what if neither of our TSAs can be assumed to be impartial with regard to yet another party who wants to time-stamp a document?
-Manually keeping track of which TSA can be trusted under which circumstances quickly becomes impractical
+Manually keeping track of which TSA can be trusted under which circumstances quickly becomes impractical.
 The notion of distributed trust will simplify matters considerably. 
 
 \subsection{Distributed trust}
+
+\subsubsection{Publication and witnesses}
+
+Trusted time-stamping requires complete trust in the time-stamp authority.
+This does not mean, however, that the TSA is actually \emph{trustworthy}.
+We can decrease the amount of trust that we need to put in any single party by distributing trust across multiple parties.
+
+In the context of time-stamping, we can achieve this by requiring the TSA to \emph{publish} its time-stamps to a large number of \emph{witnesses}.
+The publication can be implemented in many different ways, which we will take a look at in more detail later.
+For now, the reader may imagine that the TSA publishes its time-stamps in a newspaper.
+The time-stamping company \emph{Surety} actually employed this method of publication in practice. (Citation needed)
+
+Witnesses keep records of the time-stamps issued by the TSA.
+They do not accept time-stamps issued too far in the past.
+Staying with the example of time-stamps published in a newspaper, the newspaper archives of public libraries can act as witnesses.
+To prevent backdating attacks, a library only archives a newspaper which it receives on the printed date of publication.
+
+When a client wants to verify the validity of a time-stamp, they can now ask a selection of witnesses for confirmation.
+Using our example of newspaper archives, a client visits a handful of library archives and confirms that the time-stamp in question is actually printed in the archived newspapers of that date.
+Clients only accept time-stamps for which they find a sufficient number of witnesses.
+
+Using such a publication scheme, a malicious TSA can no longer carry out a backdating attack all by itself.
+Instead, it would require the active cooperation of a sufficiently large number of witnesses in order to convince a client of the validity of a backdated time-stamp.
+The client's trust is thus \emph{distributed} over the TSA, the publication process and the witnesses.
+
+\subsubsection{Quantifying distributed trust}