Definition: A Trusted Timestamp is a cryptographic function and is used for the process of securely keeping track of the creation and modification of a document.
Trusted Timestamping explained
Timestamps that rely on system clocks (i.e., computer files, digital photography) are often not enough since it’s not difficult to manipulate the date and the time locally on a machine. Therefore, in certain instances, such as the following, Trusted Timestamping would need to be considered:
- In a legal setting, a Will for example, where the testator may alter the document numerous times and the Will may be contested. A Non-Disclosure Agreement (NDA).
- In the Lottery industry - lottery ticket issuance, online betting and electronic payments.
- In the Financial Services industry - stock market trading.
Trusted Timestamping, as defined in RFC 3161, leverages Public Key Infrastructure (PKI) cryptography where the entire security is based on Time Stamping Authorities (TSA’s) who provide time-stamping services to the public. The TSA cryptographically binds the data’s unique hash with the current date and time using Coordinated Universal Time (UTC).
Qualified Timestamps provided by qualified trust service providers ensure benefiting from a high level of security and legal certainty of trust services*. Qualified electronic time stamps enjoy, all over the EU, the presumption of the accuracy of the date and the time it indicates and the integrity of the data to which the date and time are bound.
Timestamps are protected from tampering by combined use of PKI in combination with industry-standard cryptographic hardware.
*The eIDAS Regulation introduces the notions of qualified trust services and qualified trust service provider with a view to indicating requirements and obligations that ensure high-level security of whatever qualified trust services and products are used or provided