Paper 2021/1429

Reviewing ISO/IEC Standard for Time-stamping Services

Long Meng and Liqun Chen


Time-stamping services are used to prove that a data item existed at a given point in time. This proof is represented by a time stamp token that is created by a time-stamping authority. ISO/IEC 18014 specifies time-stamping services and requires them holding the following two properties: (1) The data being time-stamped is not disclosed to the time-stamping authority, hash values of the data are provided to the authority instead. (2) A time-stamp token can be renewed, as a result the validity duration of a time-stamp token is not restricted by the lifetimes of underlying algorithms or policies. In this paper, we review this standard and discover several issues: Due to inconsistent writing or information missing, a time-stamping service, following the standard specification, may not be able to achieve these designed properties. We provide a solution to each issue.

Available format(s)
Publication info
Published elsewhere. IEEE Communications Standards Magazine • September 2021
Time-stampingTime-stamping standardsData nondisclosureData integrityLong-term security
Contact author(s)
lm00810 @ surrey ac uk
2021-10-26: received
Short URL
Creative Commons Attribution


      author = {Long Meng and Liqun Chen},
      title = {Reviewing {ISO}/{IEC} Standard for Time-stamping Services},
      howpublished = {Cryptology ePrint Archive, Paper 2021/1429},
      year = {2021},
      doi = {10.1109/MCOMSTD.011.2000083},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.