Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
This document is protected by copyright. No part of the document may be reproduced in any
form by any means without prior written authorization of Cryptomathic.
This document is provided “as is” without warranty of any kind.
Cryptomathic may make improvements and/or changes in the product described in this
document at any time. The document is not part of the documentation for a specific version or
release of the product, but will be updated periodically.
www.cryptomathic.com
Date: 2004-05-12
Doc. title: Cryptomathic TSA Technical White Paper
Doc. version: 1.1
2
Cryptomathic TSA Technical White Paper
Table of Contents
1 Introduction.............................................................................................4
1.1 Contact Information .................................................................................................. 4
1.2 Terminology.............................................................................................................. 4
1.3 References ............................................................................................................... 4
2 Introduction to Time Stamping..............................................................5
2.1 Digital Notary Services ............................................................................................. 5
2.2 Digital Signatures and Non-Repudiation .................................................................. 5
2.2.1 Digital Signatures with Time Stamps ................................................................................................... 6
2.2.2 Code Signing ....................................................................................................................................... 7
3
Cryptomathic TSA Technical White Paper
1 Introduction
This document provides an introduction to Cryptomathic Time Stamping Authority
(below, CTSA). It includes an introduction to time stamping in general and describes
the overall domain and architecture of CTSA with particular focus on security design.
The intended audience is IT-security managers, solution architects and security
experts who are interested in time stamping and consider using CTSA. The reader is
assumed to be familiar with the basic concepts of a Public Key Infrastructure.
1.2 Terminology
Term Meaning
CA Certification Authority
CTSA Cryptomathic Time Stamping Authority
HSM Hardware Security Module
NTP Network Time Protocol
SCR Smart Card Reader
SNTP Simple Network Time Protocol
TSA Time Stamping Authority
1.3 References
[1] C. Adams, P. Cain, D. Pinkas, R. Zuccherato: Internet X.509 Public Key
Infrastructure – Time Stamp Protocol (TSP), RFC 3161, August 2001.
[2] D.L. Mills: Network Time Protocol (Version 3) — Specification,
Implementation and Analysis, RFC 1305, March 1992.
[3] D.L. Mills: Simple Network Time Protocol (SNTP) Version 4 — for IPv4,
IPv6 and OSI, RFC 2030, October 1996.
4
Cryptomathic TSA Technical White Paper
Notary Archive
time stamp
on data
Figure 1: A notary provides time stamping – and possibly also archiving – services.
In short, electronic time stamping is applicable for all purposes where traditional
notary services apply in the non-digital world. The need for such services is, however,
much more pertinent in the digital world, as electronic documents are easier to forge
and backdate than traditional paper-based ones.
5
Cryptomathic TSA Technical White Paper
Figure 2: As B cannot prove that the signature was made before the
certificate was revoked, the court may decide to accept A’s claim.
Thus, for the recipient of a digital signature the challenge is to prove that the signature
was generated at a time, when the signers certificate was valid. As illustrated in
Figure 3 below, the required proof is obtained by having the document and signature
time stamped by a Time Stamping Authority.
6
Cryptomathic TSA Technical White Paper
Figure 3: A time stamp on the signed message proves that A’s key was still valid,
when the signature was made. As a result, A does not have a case.
Thus, in a Public Key Infrastructure, the TSA takes on the role of a trusted third party
to provide true non-repudiation.
CA TSA
7
Cryptomathic TSA Technical White Paper
signature is bound to the certificate. This means that when the certificate expires, the
code is no longer considered trustworthy, and the publisher is forced to re-sign the
code with a new certified key.
By applying a time stamp at the time of signing, the publisher can assure that the code
will be trusted also after the certificate expires.
2.3 Standards
The relevant standards for implementation of a TSA are:
• Internet X.509 Public Key Infrastructure Time-Stamp Protocol, RFC 3161
• Network Time Protocol (Version 3), RFC 1305
• Simple Network Time Protocol (Version 4), RFC 2030
Time-Stamp Protocol
The RFC 3161 Time Stamp Protocol (TSP), see [1], defines the TSA’s role in a
Public Key Infrastructure and sets the requirements for the TSA service. It specifies
the formats of time stamp requests and responses and describes transport protocols.
8
Cryptomathic TSA Technical White Paper
3 Domain Description
Cryptomathic Time Stamping Authority implements a TSA, which can be used for
providing non-repudiation and notary services. The TSA is responsible for issuing
time stamp tokens that can prove the existence of data at a particular point in time.
Cryptomathic Time Stamping Authority complies with the RFC 3161 time stamp
protocol.
3.2 Certificates
Two types of certificates are relevant in connection with the CTSA system: TSA
certificates and CA certificates.
TSA Certificates
A TSA certificate is a certificate on a key used in CTSA for signing time stamps.
CTSA can have several TSA certificates but only one active certificate at a time.
Generating a new TSA certificate involves generation of a key pair and creation of a
self-signed certificate. Self-signed certificates can be used for signing time stamps,
but it is also possible to use a certificate issued by an external CA. In the latter case, a
certificate request on the TSA public key is exported from CTSA and the resulting
certificate is subsequently imported.
CA Certificates
CA certificates can be imported into the CTSA system. Normally, one would want to
import the certificate (or certificate chain) of a CA that has certified a TSA key, but in
principle, any certificate can be imported into the system. The certificates may be
included in time stamps issued by the TSA in cases where a requesting entity has
specified a desire for this. In such cases, the active TSA certificate, i.e. the certificate
9
Cryptomathic TSA Technical White Paper
on the active key, is always included in the time stamp token. It can be configured
which CA certificates, if any, to include.
3.3 Policies
All time stamps issued by the TSA are issued under a specific policy, which describes
the possible use and limitations of the time stamp. CTSA may issue time stamps
under different policies depending on the requirements of the requester. In each case,
the policy under which a time stamp was issued will be specified in the time stamp
token.
When an entity requests a time stamp, it may be specified under which policy the time
stamp should be issued. If no policy is specified, the time stamp will be issued under
the default policy. Therefore, one of the policies created in the system must be set as
the default policy. If the specified policy is not supported by CTSA, no time stamp
will be issued.
10
Cryptomathic TSA Technical White Paper
4 System Architecture
The Cryptomathic Time Stamping Authority server resides in a secure room and is
administered via the two types of administration clients (secure and remote client, see
paragraph 4.2).
Secure Room
Time
Source CTSA Service HSM
Remote SCR
administration
client
Secure SCR SCR
Database administration
Server client SCR
Time stamp
client
Database Server
The CTSA system stores all data in the database. The only exceptions are the keys of
the HSM, the system administrator log and the trace log.
Time Source
CTSA supports accessing external time sources using the NTP protocol to ensure
correct time stamps. The frequency with which the external time source is queried is
configured from the CTSA administration client: It may be done every time a time
stamp is issued, or it may be done at a frequency specified in seconds.
11
Cryptomathic TSA Technical White Paper
12
Cryptomathic TSA Technical White Paper
5 Security Design
Cryptomathic Time Stamping Authority has been designed to meet a number of
requirements with regard to security. The measures taken to meet these requirements
are presented in the following.
The Operator
The Operators are responsible for the daily monitoring and maintenance of the
system.
The Auditor
The Auditors are responsible for managing the CTSA audit log.
13
Cryptomathic TSA Technical White Paper
After verifying the authenticity of the administrator consenting the command, the
CTSA server determines his role. This enables the server to determine whether the
privileges required for this command are met.
TSA Keys
The TSA keys are the keys used by CTSA for signing time stamps.
A TSA key is an asymmetric key pair consisting of a public key used for verifying
signatures on time stamps issued by CTSA, and a private key used for the actual time
stamp signing. Several TSA key pairs can exist in the system at the same time,
however only one key pair can be active at a time (see also paragraph 3.2).
14
Cryptomathic TSA Technical White Paper
Each administrator has one key stored on a smart card. The smart cart must be
inserted and a password must be entered each time an administrator wishes to log on
to a client (see also the description of user authentication in paragraph 5.1.2).
15