Paper 2021/1429

Reviewing ISO/IEC Standard for Time-stamping Services

Long Meng and Liqun Chen

Abstract

Time-stamping services are used to prove that a data item existed at a given point in time. This proof is represented by a time stamp token that is created by a time-stamping authority. ISO/IEC 18014 specifies time-stamping services and requires them holding the following two properties: (1) The data being time-stamped is not disclosed to the time-stamping authority, hash values of the data are provided to the authority instead. (2) A time-stamp token can be renewed, as a result the validity duration of a time-stamp token is not restricted by the lifetimes of underlying algorithms or policies. In this paper, we review this standard and discover several issues: Due to inconsistent writing or information missing, a time-stamping service, following the standard specification, may not be able to achieve these designed properties. We provide a solution to each issue.

Metadata
Available format(s)
PDF
Publication info
Published elsewhere. IEEE Communications Standards Magazine • September 2021
DOI
10.1109/MCOMSTD.011.2000083
Keywords
Time-stampingTime-stamping standardsData nondisclosureData integrityLong-term security
Contact author(s)
lm00810 @ surrey ac uk
History
2021-10-26: received
Short URL
https://ia.cr/2021/1429
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2021/1429,
      author = {Long Meng and Liqun Chen},
      title = {Reviewing ISO/IEC Standard for Time-stamping Services},
      howpublished = {Cryptology ePrint Archive, Paper 2021/1429},
      year = {2021},
      doi = {10.1109/MCOMSTD.011.2000083},
      note = {\url{https://eprint.iacr.org/2021/1429}},
      url = {https://eprint.iacr.org/2021/1429}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.