### Reviewing ISO/IEC Standard for Time-stamping Services

Long Meng and Liqun Chen

##### Abstract

Time-stamping services are used to prove that a data item existed at a given point in time. This proof is represented by a time stamp token that is created by a time-stamping authority. ISO/IEC 18014 specifies time-stamping services and requires them holding the following two properties: (1) The data being time-stamped is not disclosed to the time-stamping authority, hash values of the data are provided to the authority instead. (2) A time-stamp token can be renewed, as a result the validity duration of a time-stamp token is not restricted by the lifetimes of underlying algorithms or policies. In this paper, we review this standard and discover several issues: Due to inconsistent writing or information missing, a time-stamping service, following the standard specification, may not be able to achieve these designed properties. We provide a solution to each issue.

Available format(s)
Publication info
Published elsewhere. IEEE Communications Standards Magazine • September 2021
DOI
10.1109/MCOMSTD.011.2000083
Keywords
Time-stampingTime-stamping standardsData nondisclosureData integrityLong-term security
Contact author(s)
lm00810 @ surrey ac uk
History
Short URL
https://ia.cr/2021/1429

CC BY

BibTeX

@misc{cryptoeprint:2021/1429,
author = {Long Meng and Liqun Chen},
title = {Reviewing ISO/IEC Standard for Time-stamping Services},
howpublished = {Cryptology ePrint Archive, Paper 2021/1429},
year = {2021},
doi = {10.1109/MCOMSTD.011.2000083},
note = {\url{https://eprint.iacr.org/2021/1429}},
url = {https://eprint.iacr.org/2021/1429}
}

Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.