*** Welcome to piglix ***

Linked Timestamping


Linked timestamping is a type of trusted timestamping where issued time-stamps are related to each other.

Linked timestamping creates time-stamp tokens which are dependent on each other, entangled into some authenticated data structure. Later modification of the issued time-stamps would invalidate this structure. The temporal order of issued time-stamps is also protected by this data structure, making backdating of the issued time-stamps impossible, even by the issuing server itself.

The top of the authenticated data structure is generally published in some hard-to-modify and widely witnessed media, like printed newspaper. There are no (long-term) private keys in use, avoiding PKI-related risks.

Suitable candidates for the authenticated data structure include:

The simplest linear hash chain-based time-stamping scheme is illustrated in the following diagram:

The linking-based time-stamping authority (TSA) usually performs the following distinct functions:

Linked timestamping is inherently more secure than the usual, public-key signature based time-stamping. All consequential time-stamps "seal" previously issued ones - hash chain (or other authenticated dictionary in use) could be built only in one way; modifying issued time-stamps is nearly as hard as finding a preimage for the used cryptographic hash function. Continuity of operation is observable by users; periodic publications in widely witnessed media provide extra transparency.

Tampering with absolute time values could be detected by users, whose time-stamps are relatively comparable by system design.

Absence of secret keys increases system trustworthiness. There are no keys to leak and hash algorithms are considered more future-proof than modular arithmetic based algorithms, e.g. RSA.

Linked timestamping scales well - hashing is much faster than public key cryptography. There is no need for specific cryptographic hardware with its limitations.

The common technology for guaranteeing long-term attestation value of the issued time-stamps (and digitally signed data) is periodic over-time-stamping of the time-stamp token. Because of missing key-related risks and of the plausible safety margin of the reasonably chosen hash function this over-time-stamping period of hash-linked token could be an order of magnitude longer than of public-key signed token.


...
Wikipedia

...