Secrets, Key Compromise, Key Life Issues ...

Digital timestamps reliably bind a trusted time value to a electronic document. This is done by cryptographically linking a hash of the document to a time-value obtained from a trusted source, such as NIST.

As in a signature on a paper document, the actual meaning of the signature can vary. For example, the signature might signify the signer's agreement with contractual terms detailed in the signed document. An important characteristic of a digital signature is that it can be verified. When you verify a digital signature, you verify that the document has not changed since it was signed and that the identified party actually signed the document. Stated simply, signatures can reliably provide the "who" component of document authentication.

In PKI-based timestamps (for example, RFC 3161 timestamps), the binding of a time value to a document is accomplished by hashing the document and time value and signing the result with the Time Stamp Authority's (TSA) private key.

This is a simple mechanism, but it has several drawbacks that need to be considered. First, the binding is dependent on the secrecy of the private key. If the key should be compromised, then it would become possible for a third party to forge timestamps. Even if the key is protected, the potential for a compromise can always be used in a legal challenge to question the evidentiary quality of a document sealed with a PKI-based timestamp.

Furthermore, if a TSA key were actually compromised, it would immediately render the timestamps created under that key invalid. This would mean that any investment a company has made in time-stamping documents (possibly over years or decades) would immediately be lost.

A second issue with PKI-based timestamps is key life. TSA keys have a fixed lifetime which is generally reflected in the expiration date of their certificates. Once a certificate in the TSAs certificate chain expires, it may no longer be possible to validate timestamps created under that key. This makes PKI-based timestamps unsuitable for applications where the protected records are relatively long-lived.

Finally, there is nothing in PKI-based timestamps that keeps a TSA from creating a timestamp with an earlier date, in-other-words backdating. Even if a TSA is completely honest in the way timestamps are generated, the potential for backdating can always be used in a legal challenge to question the evidentiary quality of a document sealed with a PKI-based timestamp.

In Surety’s AbsoluteProof timestamps, the binding of a time value to a document is accomplished by hashing the document and time value and linking the results into Surety's hash chain. The integrity of the chain itself is protected (and auditable) through Surety's widely-witnessed process which involves the periodic publication of algorithmically verifiable check values computed over the chain. Because the Surety process does not use secret keys, it is not subject to the key compromise and key life issues faced by PKI-based timestamps. Furthermore, because Surety timestamps are tied to a real-world event--the publication of a hash value in the New York Times--creating backdated timestamps is not possible. As a result, Surety timestamps provide long-term integrity protection and have the evidentiary quality to stand up to any legal challenge.

PKI Timestamps page: Compare Digital Signatures or Secure Hashing to AbsoluteProof.