What is Time Stamping?

Whenever a piece of information or an event is recorded, it is timestamped. For example, a picture taken, video recorded, shared tweet, or any social media post. Timestamps are valuable for tracking when the information was created or modified. It is more effective in legal scenarios.

Suppose an organization signs a copyright contract with a distributor. The distributor violates the rules and argues that the event happened before the signed contract. In such cases, the organization can prove the facts if they have a timestamp of the contract signature. However, timestamps solely based on time clocks are vulnerable. Hackers can easily hack the system clocks to compromise the information.

Timestamping Authority (TSA), a trusted third party, generates trusted timestamps using secure FIPS-compliant hardware to avoid data manipulation. RFC 3161 – RFC 5035 and Microsoft Authenticode are two major protocols usually followed by TSAs for time stamping.

The client application creates a hash and sends it to the TSA for time stamping. Once the hash is submitted, any changes made to the code must be communicated to the TSA. The TSA combines the hash of data and the trusted time stamp using the PKI technology to create a timestamp token. The client attaches the timestamp token to the document or code signature.

Trusted timestamps ensure non-repudiation and Long-Term Validation (LTV) of the signature. LTV is applicable when users want to download a developer's software and confirm the validity of a signature even after it is revoked or expired. The user machine will validate the signature based on the time it was digitally signed rather than the current time of his system and allow him to download the software but without the latest updates. The developer can re-issue the code signing certificate.