Paper 2021/1411

Analysis of Client-side Security for Long-term Time-stamping Services

Long Meng and Liqun Chen


Time-stamping services produce time-stamp tokens as evidence to prove that digital data existed at given points in time. Time-stamp tokens contain verifiable cryptographic bindings between data and time, which are produced using cryptographic algorithms. In the ANSI, ISO/IEC and IETF standards for time-stamping services, cryptographic algorithms are addressed in two aspects: (i) Client-side hash functions used to hash data into digests for nondisclosure. (ii) Server-side algorithms used to bind the time and digests of data. These algorithms are associated with limited lifespans due to their operational life cycles and increasing computational powers of attackers. After the algorithms are compromised, time-stamp tokens using the algorithms are no longer trusted. The ANSI and ISO/IEC standards provide renewal mechanisms for time-stamp tokens. However, the renewal mechanisms for client-side hash functions are specified ambiguously, that may lead to the failure of implementations. Besides, in existing papers, the security analyses of long-term time-stamping schemes only cover the server-side renewal, and the client-side renewal is missing. In this paper, we analyse the necessity of client-side renewal, and propose a comprehensive long-term time-stamping scheme that addresses both client-side renewal and server-side renewal mechanisms. After that, we formally analyse and evaluate the client-side security of our proposed scheme.

Available format(s)
Publication info
Published elsewhere. ACNS 2021: Applied Cryptography and Network Security
Time-StampingLong-term securityHash functionsapplied cryptography
Contact author(s)
lm00810 @ surrey ac uk
2021-10-24: received
Short URL
Creative Commons Attribution


      author = {Long Meng and Liqun Chen},
      title = {Analysis of Client-side Security for Long-term Time-stamping Services},
      howpublished = {Cryptology ePrint Archive, Paper 2021/1411},
      year = {2021},
      doi = {10.1007/978-3-030-78372-3_2},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.