Trusted timestamping is the process of securely keeping track of the creation and modification time of a document. Security here means that no one—not even the owner of the document—should be able to change it once it has been recorded provided that the timestamper's integrity is never compromised. The administrative aspect involves setting up a publicly available, trusted timestamp management infrastructure to collect, process and renew timestamps.

History

The idea of timestamping information is centuries old. For example, when

Robert Hooke Robert Hooke FRS (; 18 July 16353 March 1703) was an English polymath active as a scientist, natural philosopher and architect, who is credited to be one of two scientists to discover microorganisms in 1665 using a compound microscope that ...

discovered

Hooke's law In physics, Hooke's law is an empirical law which states that the force () needed to extend or compress a spring (device), spring by some distance () Proportionality (mathematics)#Direct_proportionality, scales linearly with respect to that ...

in 1660, he did not want to publish it yet, but wanted to be able to claim priority. So he published the

anagram An anagram is a word or phrase formed by rearranging the letters of a different word or phrase, typically using all the original letters exactly once. For example, the word ''anagram'' itself can be rearranged into ''nag a ram'', also the word ...

''ceiiinosssttuv'' and later published the translation ''ut tensio sic vis'' (Latin for "as is the extension, so is the force"). Similarly,

Galileo Galileo di Vincenzo Bonaiuti de' Galilei (15 February 1564 – 8 January 1642) was an Italian astronomer, physicist and engineer, sometimes described as a polymath. Commonly referred to as Galileo, his name was pronounced (, ). He was ...

first published his discovery of the phases of Venus in the anagram form.

Sir Isaac Newton Sir Isaac Newton (25 December 1642 – 20 March 1726/27) was an English mathematician, physicist, astronomer, alchemist, theologian, and author (described in his time as a "natural philosopher"), widely recognised as one of the great ...

, in responding to questions from

Leibniz Gottfried Wilhelm (von) Leibniz . ( – 14 November 1716) was a German polymath active as a mathematician, philosopher, scientist and diplomat. He is one of the most prominent figures in both the history of philosophy and the history of mathema ...

in a letter in 1677, concealed the details of his "fluxional technique" with an anagram: :''The foundations of these operations is evident enough, in fact; but because I cannot proceed with the explanation of it now, I have preferred to conceal it thus: 6accdae13eff7i3l9n4o4qrr4s8t12ux. On this foundation I have also tried to simplify the theories which concern the squaring of curves, and I have arrived at certain general Theorems.'' Trusted digital timestamping has first been discussed in literature by Stuart Haber and

W. Scott Stornetta Wakefield Scott Stornetta (born June 1959) is an American physicist and scientific researcher. His 1991 paper "How to Time-Stamp a Digital Document”, co-authored with Stuart Haber, won the 1992 Discover Award for Computer Software and is cons ...

Classification

There are many timestamping schemes with different security goals: *

PKI PKI may refer to: * Partai Komunis Indonesia, the Communist Party of Indonesia * Peter Kiewit Institute The Peter Kiewit Institute is a facility in Omaha, Nebraska, United States which houses academic programs from the University of Nebraska� ...

-based – timestamp token is protected using PKI

digital signature A digital signature is a mathematical scheme for verifying the authenticity of digital messages or documents. A valid digital signature, where the prerequisites are satisfied, gives a recipient very high confidence that the message was created b ...

. * Linking-based schemes – timestamp is generated in such a way that it is related to other timestamps. * Distributed schemes – timestamp is generated in cooperation of multiple parties. * Transient key scheme – variant of PKI with short-living signing keys. * MAC – simple secret key based scheme, found in

ANSI ASC X9.95 Standard The ANSI X9.95 standard for trusted timestamps expands on the widely used {{IETF RFC, 3161 - Internet X.509 Public Key Infrastructure Time-Stamp Protocol by adding data-level security requirements that can ensure data integrity against a reliable ...

. * Database – document hashes are stored in trusted archive; there is online lookup service for verification. * Hybrid schemes – the linked and signed method is prevailing, see X9.95. Coverage in standards: For systematic classification and evaluation of timestamping schemes see works by Masashi Une.

Trusted (digital) timestamping

According to the RFC 3161 standard, a trusted timestamp is a

timestamp A timestamp is a sequence of characters or encoded information identifying when a certain event occurred, usually giving date and time of day, sometimes accurate to a small fraction of a second. Timestamps do not have to be based on some absolut ...

issued by a

Trusted Third Party In cryptography, a trusted third party (TTP) is an entity which facilitates interactions between two parties who both trust the third party; the Third Party reviews all critical transaction communications between the parties, based on the ease of c ...

(TTP) acting as a Time Stamping Authority (TSA). It is used to prove the existence of certain data before a certain point (e.g. contracts, research data, medical records, ...) without the possibility that the owner can backdate the timestamps. Multiple TSAs can be used to increase reliability and reduce vulnerability. The newer

for trusted timestamps augments the RFC 3161 standard with data-level security requirements to ensure

data integrity Data integrity is the maintenance of, and the assurance of, data accuracy and consistency over its entire Information Lifecycle Management, life-cycle and is a critical aspect to the design, implementation, and usage of any system that stores, proc ...

against a reliable time source that is provable to any third party. This standard has been applied to authenticating digitally signed data for regulatory compliance, financial transactions, and legal evidence.

Creating a timestamp

The technique is based on

digital signatures A digital signature is a mathematical scheme for verifying the authenticity of digital messages or documents. A valid digital signature, where the prerequisites are satisfied, gives a recipient very high confidence that the message was created b ...

and

hash functions A hash function is any function that can be used to map data of arbitrary size to fixed-size values. The values returned by a hash function are called ''hash values'', ''hash codes'', ''digests'', or simply ''hashes''. The values are usually ...

. First a hash is calculated from the data. A hash is a sort of digital fingerprint of the original data: a string of bits that is practically impossible to duplicate with any other set of data. If the original data is changed then this will result in a completely different hash. This hash is sent to the TSA. The TSA concatenates a timestamp to the hash and calculates the hash of this concatenation. This hash is in turn digitally signed with the

private key Public-key cryptography, or asymmetric cryptography, is the field of cryptographic systems that use pairs of related keys. Each key pair consists of a public key and a corresponding private key. Key pairs are generated with cryptographic alg ...

of the TSA. This signed hash + the timestamp is sent back to the requester of the timestamp who stores these with the original data (see diagram). Since the original data cannot be calculated from the hash (because the

hash function A hash function is any function that can be used to map data of arbitrary size to fixed-size values. The values returned by a hash function are called ''hash values'', ''hash codes'', ''digests'', or simply ''hashes''. The values are usually u ...

is a

one way function In computer science, a one-way function is a function that is easy to compute on every input, but hard to invert given the image of a random input. Here, "easy" and "hard" are to be understood in the sense of computational complexity theory, sp ...

), the TSA never gets to see the original data, which allows the use of this method for confidential data.

Checking the timestamp

Anyone trusting the timestamper can then verify that the document was ''not'' created ''after'' the date that the timestamper vouches. It can also no longer be repudiated that the requester of the timestamp was in possession of the original data at the time given by the timestamp. To prove this (see diagram) the hash of the original data is calculated, the timestamp given by the TSA is appended to it and the hash of the result of this concatenation is calculated, call this hash A. Then the

of the TSA needs to be validated. This is done by decrypting the digital signature using public key of TSA, producing hash B. Hash A is then compared with hash B inside the signed TSA message to confirm they are equal, proving that the timestamp and message is unaltered and was issued by the TSA. If not, then either the timestamp was altered or the timestamp was not issued by the TSA.

Decentralized timestamping on the blockchain

With the advent of cryptocurrencies like

bitcoin Bitcoin ( abbreviation: BTC; sign: ₿) is a decentralized digital currency that can be transferred on the peer-to-peer bitcoin network. Bitcoin transactions are verified by network nodes through cryptography and recorded in a public distr ...

, it has become possible to get some level of secure timestamp accuracy in a decentralized and tamper-proof manner. Digital data can be hashed and the hash can be incorporated into a transaction stored in the

blockchain A blockchain is a type of distributed ledger technology (DLT) that consists of growing lists of records, called ''blocks'', that are securely linked together using cryptography. Each block contains a cryptographic hash of the previous block, a ...

, which serves as evidence of the time at which that data existed. For

proof of work Proof of work (PoW) is a form of Cryptography, cryptographic proof (truth), proof in which one party (the ''prover'') proves to others (the ''verifiers'') that a certain amount of a specific computational effort has been expended. Verifiers can s ...

blockchains, the security derives from the tremendous amount of computational effort performed after the hash was submitted to the blockchain. Tampering with the timestamp would require more computational resources than the rest of the network combined, and cannot be done unnoticed in an actively defended blockchain. However, the design and implementation of Bitcoin in particular makes its timestamps vulnerable to some degree of manipulation, allowing timestamps up to two hours in the future, and accepting new blocks with timestamps earlier than the previous block. The decentralized timestamping approach using the blockchain has also found applications in other areas, such as in dashboard cameras, to secure the integrity of video files at the time of their recording, or to prove priority for creative content and ideas shared on social media platforms.C. Breitinger, B. Gipp. 2017
"VirtualPatent – Enabling the Traceability of Ideas Shared Online using Decentralized Trusted Timestamping"
in Proceedings of the 15th International Symposium of Information Science, Berlin, 2017.

References

External links

* Internet X.509 Public Key Infrastructure Time-Stamp Protocol (TSP) * {{IETF RFC, 3628, link=no Policy Requirements for Time-Stamping Authorities (TSAs)
Decentralized Trusted Timestamping (DTT) using the Crypto Currency Bitcoin

ANSI ASC X9.95 Standard for Trusted Time Stamps

ETSI TS 101 861 V1.4.1
Electronic Signatures and Infrastructures (ESI); Time stamping profile
ETSI TS 102 023 V1.2.2
Electronic Signatures and Infrastructures (ESI); Policy requirements for time-stamping authorities
Analysis of a Secure Time Stamp Device
(2001) SANS Institute
Implementation of TSP Protocol
CMSC 681 Project Report, Youyong Zou Time Authentication methods