Cryptology ePrint Archive: Report 2021/1429

Reviewing ISO/IEC Standard for Time-stamping Services

Long Meng and Liqun Chen

Abstract: Time-stamping services are used to prove that a data item existed at a given point in time. This proof is represented by a time stamp token that is created by a time-stamping authority. ISO/IEC 18014 specifies time-stamping services and requires them holding the following two properties: (1) The data being time-stamped is not disclosed to the time-stamping authority, hash values of the data are provided to the authority instead. (2) A time-stamp token can be renewed, as a result the validity duration of a time-stamp token is not restricted by the lifetimes of underlying algorithms or policies. In this paper, we review this standard and discover several issues: Due to inconsistent writing or information missing, a time-stamping service, following the standard specification, may not be able to achieve these designed properties. We provide a solution to each issue.

Category / Keywords: Time-stamping, Time-stamping standards, Data nondisclosure, Data integrity, Long-term security

Original Publication (in the same form): IEEE Communications Standards Magazine • September 2021
DOI:
10.1109/MCOMSTD.011.2000083

Date: received 24 Oct 2021

Contact author: lm00810 at surrey ac uk

Available format(s): PDF | BibTeX Citation

Version: 20211026:065532 (All versions of this report)

Short URL: ia.cr/2021/1429


[ Cryptology ePrint archive ]