Key takeaways on timestamp tokens
- A timestamp token reliably associates a date and time with a data item in order to prove its existence and integrity at a given point in time.
- Evidency’s timestamping solution is based on recognised cryptographic algorithms and secure components to generate verifiable tokens.
- The technical core of the token relies on a cryptographic hash (e.g. SHA-256), which guarantees data integrity without ever including the original data itself.
- A token compliant with RFC 3161 incorporates standardised metadata (policy, hash value, serial number, UTC timestamp, accuracy) together with a signature from the timestamping authority.
- Independent verification of the token makes it possible to confirm both the absence of any alteration to the data and the accuracy of the timestamp, thereby conferring a high level of legal and technical evidential weight.
What is a timestamping token? Technical overview
The timestamping service makes it possible to associate reliable date and time information with a data item, thereby providing proof of the existence of that data at a specific point in time.
Evidency’s electronic timestamping solution relies on recognised cryptographic algorithms and secure components to generate verifiable timestamp tokens, certifying both the existence and the integrity of the data at a given date and time.
To understand timestamping tokens, it is important to explore their key components and how they contribute to the reliability and integrity of the timestamping process. In the following sections, we will delve into the components of a timestamp token, including the cryptographic hash and the timestamp itself.
By understanding these technical aspects, we can grasp the significance of timestamping tokens and how they enable businesses and individuals to establish trust in their digital records. Furthermore, we will explore the verification process that ensures the authenticity and integrity of timestamped data, providing a robust mechanism for legal and technical applications.
What are the components of a timestamping token?
A timestamping token consists of several key elements, each contributing to its reliability and integrity.
Let’s examine these components in detail:
Cryptographic Hash
The cryptographic hash function is a fundamental component of a timestamping token. It generates a unique and irreversible hash value for the original data. The hash function, such as SHA-256 (Secure Hash Algorithm 256-bit), takes the input data and produces a fixed-size output called the hash digest. Even a slight change in the input data, no matter how small, will result in a significantly different hash. This property makes it virtually impossible to tamper with the Timestamping token without detection. The cryptographic hash ensures the integrity of the data associated with the timestamp token.
Timestamp
The timestamp represents the precise moment when the timestamp token is created. It serves as a reference point for verifying the data’s existence at a specific time. The timestamp is typically recorded in Coordinated Universal Time (UTC) format, which provides a standardised global time reference. By including the timestamp in the token, Evidency’s Timestamping solution captures the exact time when the data is timestamped, adding a temporal dimension to the authentication process. The timestamp helps establish the chronological order of events and provides essential context when verifying the authenticity and integrity of the data.
Metadata
A timestamp token compliant with RFC 3161 is a standardised cryptographic structure used to attest to the existence of a data item at a specific point in time. It encapsulates a set of metadata necessary for independent verification and for its evidential value.
The token includes, in particular, the following attributes:
- Timestamping policy
The identifier (OID) of the timestamping policy applied by the Timestamping Authority (TSA), defining the applicable rules and the associated level of trust. - Hash of the timestamped data
This includes the hashing algorithm used and the cryptographic hash of the data. The original data itself is never included in the token. - Token serial number
A unique identifier assigned by the TSA, ensuring uniqueness, traceability and, where applicable, the management of token revocation. - Date and time of generation
The date and time, expressed in UTC, corresponding to the moment at which the timestamp token was generated by the TSA. - Timestamp accuracy
Indicates the level of temporal accuracy declared by the TSA, expressed in seconds, milliseconds or microseconds.
In addition to this metadata, the timestamp token also contains the cryptographic elements required for its verification, including the electronic signature applied to the token, the signature algorithms used, and the TSA certificate or certificates.
Timestamping tokens are essential for legal and technical applications, providing a robust mechanism for ensuring the authenticity and integrity of digital data. Evidency’s reliable timestamping solution, built on industry best practices and cryptographic standards, empowers businesses and individuals to trust their digital records, transactions, and intellectual property by leveraging the power of timestamp tokens.
How do you verify timestamping tokens?
Once a timestamp token is generated, it can be independently verified to ensure the integrity and authenticity of the associated data. Evidency’s timestamping solution provides a user-friendly verification process, allowing individuals and organisations to validate the timestamp token with ease.
To verify a timestamp token, the original data is hashed again using the same cryptographic algorithm. The resulting hash is then compared to the hash stored in the token. If the two hashes match, it confirms that the data has not been tampered with since the timestamp token was created.
Furthermore, the timestamp within the token is compared to a trusted time source, ensuring the accuracy of the recorded time. By combining these checks, Evidency’s timestamping solution provides robust evidence of the data’s integrity and existence at a specific moment.
Conclusion
Timestamping tokens play a vital role in ensuring data integrity and authenticity in the digital world. With Evidency’s timestamping solution, businesses and individuals can rely on secure and verifiable data authentication.
By relying on recognised cryptographic algorithms and verification mechanisms, timestamp tokens provide reliable proof of the existence of data at a specific point in time, thereby supporting legal and technical uses across a range of sectors.
Disclaimer
The opinions, presentations, figures and estimates set forth on the website including in the blog are for informational purposes only and should not be construed as legal advice. For legal advice you should contact a legal professional in your jurisdiction.
The use of any content on this website, including in this blog, for any commercial purposes, including resale, is prohibited, unless permission is first obtained from Evidency. Request for permission should state the purpose and the extent of the reproduction. For non-commercial purposes, all material in this publication may be freely quoted or reprinted, but acknowledgement is required, together with a link to this website.
