Vous êtes sur la page 1sur 22

INTRODUCTION

Definition: A digital signature or e-signature for short (not to be confused with a digital certificate) is an electronic signature that can be utilized to authenticate the identity of the sender of a message or the signer of a document, and certainly to ensure that the original content of the message or document that has been sent is the same or unchanged. Digital signatures are easily transportable, cannot be imitated by someone else, and can be automatically time-stamped. Meaning to say, its very efficient in view of transacting legal matters. The ability to ensure that the original signed message arrived means that the sender cannot easily repudiate it later. A digital signature can be used with any kind of message, transactions and the like, whether it is encrypted or not, simply so that the receiver can be sure of the senders identity and that the message arrived intact. A digital certificate contains the digital signature of the certificate-issuing authority so that anyone can verify that the certificate is real. This indeed is so commonly observed now in internet transactions. Consider two questions that may be asked by a computer user as he or she views a digital document or on-line record: Who is the author of this record - who wrote it, approved it, or consented to it? When was this record created or last modified? In both cases, the question is about exactly this record - exactly this sequence of bits. An answer to the first question tells who and what: Who approved exactly what is in this record? An answer to the second question tells when and what: When exactly did the contents of this record first exist? Both of the above questions have good solutions. A system for answering the first question is called a digital signature scheme. A system for answering the second question is called a digital timestamping scheme.

Any system allowing users to answer these questions must include two procedures. First, there must be a signing procedure with which : (1) the author of a record can ``sign'' the record, or (2) any user can fix a record in time. The result of this procedure is a string of bytes that serves as the signature. Second, there must be a verification procedure by which any user can check a record and its purported signature to make sure it correctly answers (1) who and what? or (2) when and what? about the record in question. The signing procedure of a digital timestamping system often works by mathematically linking the bits of the record to a ``summary number'' that is widely witnessed by and widely available to members of the public - including, of course, users of the system. The computational methods employed ensure that only the record in question can be linked, according to the ``instructions'' contained in its timestamp certificate, to this widely witnessed summary number; this is how the particular record is tied to a particular moment in time. The verification procedure takes a particular record and a putative timestamp certificate for that record and a particular time, and uses this information to validate whether that record was indeed certified at the time claimed by checking it against the widely available summary number for that moment. One nice thing about digital timestamps is that the document being timestamped does not have to be released to anybody to create a timestamp. The originator of the document computes the hash values himself, and sends them in to the timestamping service. The document itself is only needed for verifying the timestamp. This is very useful for many reasons (like protecting something that you might want to patent). Two features of a digital timestamping system are particularly helpful in enhancing the integrity of a digital signature system. First, a timestamping system cannot be compromised by the disclosure of a key. This is because digital timestamping systems do

not rely on keys, or any other secret information, for that matter. Digital timestamp certificates can be renewed so as to remain valid indefinitely. With these features in mind, consider the following situations. It sometimes happens that the connection between a person and his or her public signature key must be revoked. For example, the user's private key may accidentally be compromised, or the key may belong to a job or role in an organization that the person no longer holds. Therefore the person-key connection must have time limits, and the signature verification procedure should check that the record was signed at a time when the signer's public key was indeed in effect. And thus when a user signs a record that may be checked some time later - perhaps after the user's key is no longer in effect - the combination of the record and its signature should be certified with a secure digital timestamping service. There is another situation in which a user's public key may be revoked. Consider the case of the signer of a particularly important document who later wishes to repudiate his signature. By dishonestly reporting the compromise of his private key, so that all his signatures are called into question, the user is able to disavow the signature he regrets. However, if the document in question was digitally timestamped together with its signature (and key-revocation reports are timestamped as well), then the signature cannot be disavowed in this way. This is the recommended procedure, therefore, in order to preserve the non-reputability desired of digital signatures for important documents. The statement that private keys cannot be derived from public keys is an oversimplification of a more complicated situation. In fact, this claim depends on the computational difficulty of certain mathematical problems. As the state of the art advances - both the current state of algorithmic knowledge, as well as the computational speed and memory available in currently available computers - the maintainers of a digital signature system will have to make sure that signers use longer and longer keys. But what is to become of documents that were signed using key lengths that are no longer considered secure? If the signed document is digitally timestamped, then its integrity can be maintained even after a particular key length is no longer considered secure. Of course, digital timestamp certificates also depend for their security on the difficulty of certain computational tasks concerned with hash functions (see Question 2.1.6). (All

practical digital signature systems depend on these functions as well.) The maintainers of a secure digital timestamping service will have to remain abreast of the state of the art in building and in attacking one-way hash functions. Over time, they will need to upgrade their implementation of these functions, as part of the process of renewal . This will allow timestamp certificates to remain valid indefinitely.

HISTORY
The idea of timestamping information is actually centuries old. For example, when Robert Hooke discovered Hooke's law in 1660, he did not want to publish it yet, but wanted to be able to claim priority. So he published the anagram ceiiinosssttuv and later published the translation ut tensio sic vis (Latin for "as is the extension, so is the force"). Similarly, Galileo first published his discovery of the phases of Venus in the anagram form. A modern example is the case of an industrial research organization that may later need to prove, for patent purposes, that they made a particular discovery on a particular date; since magnetic media can be altered easily, this may be a nontrivial issue. One possible solution is for a researcher to compute and record in a hardcopy laboratory notebook a cryptographic hash of the relevant data file. In the future, should there be a need to prove the version of this file retrieved from a backup tape has not been altered, the hash function could be recomputed and compared with the hash value recorded in that paper notebook.

FEATURES
Two features of a digital timestamping system are particularly helpful in enhancing the integrity of a digital signature system:1. First, a timestamping system cannot be compromised by the disclosure of a key. This is because digital timestamping systems do not rely on keys, or 2. any other secret information, for that matter. Digital timestamp certificates can be renewed so as to remain valid indefinitely.

WORKING
A trusted digital timestamp gives you strong legal evidence that the contents of your work existed at a point-in-time and have not changed since that time. The procedures maintain complete privacy of your documents themselves. The result is simple, secure, independent and portable proof of electronic record integrity. By using digital signature technology and audited security our service provides an external witness (a timestamp signature) to the existence of your data, like an electronic or digital notary. We never see your actual data; it is that simple and here is how it works: The trusted TimeStamp process consists of two parts: 1. Software on your computer records the fingerprint of your file. You can use our web application, download our software for free, or use Adobe Acrobat, e-Lock, and more. 2. The Internet links you to the DigiStamp web-based security service. We return to you a signed electronic timestamp certificate that contains your file's fingerprint.

This method of creating a timestamp was published in public standards and laws; how to create a timestamp was not invented by DigiStamp. The digital timestamp was defined as part of the technology called Digital Signatures, or PKI (Public Key Insfrastructure). DigiStamp uses this accepted method and then adds an external audit and certified hardware to create a web-based security service that you can trust and afford. A fingerprint of your computer file is created by our free software When you timestamp a file, your computer creates a unique identifier, or fingerprint, for the file (a SHA Hash). The fingerprint is a unique number calculated from the file's contents. Mathematicians call this a hash function. If the file's contents were to change by even one character, a different number would be calculated. This accepted technique provides a design whereby it is computationally infeasible to find two different messages which produce the same number. Your data remains private in this process: Only the evidence (a document fingerprint) is transmitted to DigiStamp, and we never see your actual document. None of the content of your data can be determined from the fingerprint, so reverse engineering of the fingerprint into the document is not possible. Read more about the SHA hash at wikipedia or the "U.S. Federal Information Processing Standard" here. The Internet links you to DigiStamp for the timestamp DigiStamp is a TimeStamp Authority (TSA). By using the Internet, you electronically send the file's fingerprint to the DigiStamp computer. At the DigiStamp computer, we put the file's fingerprint and the current time into an envelope and add our digital signature. The result is a digital timestamp certificate that is returned and stored in your computer software. The process is safe; your file is never sent across the Internet, only the file's smaller fingerprint.

Your certificates are stored on your computer for easy verification Each certificate can be used later to verify that the contents of your file existed at a pointin-time. The content and the format of a digital timestamp are defined by common standards and therefore can be verifed using a variety of vendor's software. The process is safe, your file is never sent across the Internet. The process is reliable, the timestamp certificate proves that your file and its contents existed at a point-in-time.

Strong Legal Evidence for Authenticating Your Data Simply put, you need proof of what you've done and when you did it. Our service provides strong evidence for both. In fact, we provide uniquely strong evidence. No one can use our service to produce a false timestamp. Even we can't produce false timestamps. If someone offered us a million dollars, we still couldn't produce a false timestamp. Why not? A DigiStamp timestamp offers you three layers of security: 1. An audit trail from two independent authorities proving that our equipment does exactly what we say it does 2. State-of-the-art software that meets the highest established standards 3. Uniquely customized hardware that cannot be tampered with We use secure hardware that's uniquely certified. Our software works within our IBM 4758 Coprocessor, specially customized using an agreement with IBM to do nothing but generate our timestamps with absolute security. The coprocessor is certified at levels 3 and 4 of the rigorous National Institute of Standards and Technology (NIST) using the Security Requirements for Cryptographic Modules. Software-based timestamps are only as sound as the hardware running the program. Software-based solutions leave you vulnerable to charges of manipulating the hardware. An adversary can always claim you paid the system administrator (even the administrator of an outside firm) to set the hardware to generate a false timestamp. No one can set our systems to generate false timestamps No one can hack our equipment, because our 4758 has no external interfaces except the timestamp generator. There's simply no way in. Period. And any attempt to tamper with our equipmenteven by usstops it dead in its tracks. All old data is safe, but no new data can be created. Period. When we install, compile, and initialize our machines, we use two professional auditors: a representative of Computer Forensic Services, Inc. and a representative of @Sec

Information Security Corporation. (The Auditors hold multiple legal and professional certifications.) In a rigorous eight-hour process, these independent professionals witness the initialization and lock-down of the 4758 timestamping machine. The result of our multi-layered process provides you with stronger evidence than a notarized paper trail Notaries can make mistakes, written signatures can be forged, paper trails can be modified after notarization. Our rigorous, fully-automated system provides solid, unalterable evidence of your files' integrity. A DigiStamp timestamp provides a fully-automated chain of evidence. 1. There is an overview of how a timestamp is created and its content here. 2. Below are more details about the Audit Process. DIGISTAMP CREATES A TIMESTAMP ROBOT Machines cant be tempted with money, and they dont care whether they lose their jobs. The same cant be said for programmers, system administrators, and bureaucrats, unfortunately. Thats why we set ourselves the task of creating, in essence, a timestamp robot, a fullyautomated process immune from human frailty. Secure hardware. The backbone of our system is specially-customized hardware. The IBM 4758 Coprocessor is certified at levels 3 and 4 of the rigorous National Institute of Standards and Technology (NIST) using the Security Requirements for Cryptographic Modules In early 1999, under a custom development agreement with IBM, the 4758 was customized to eliminate all external interfaces except the timestamp function. The co-processor has its own unique keys for creating timestamps and auditing its own work. These are created automatically by the co-processor when its installed and initialized, and they cannot be changed or extracted. Everything that happens in the 4758 is logged and signed by the co-processor.

The 4758 has its own internal clock, which cannot be adjusted more than 120 seconds in any twenty-four hour periodand every adjustment is logged by the co-processor. When you send us a request for a timestamp, our system uses the 4758, with its internal clock and keys, to create a timestampa unique hash mark signaturewhich it then sends to you. You store your original file and its timestamp as proof that the contents of your work existed at a point-in-time. In The Electronic Signatures in Global and National Commerce Act (2000), federal law gives electronic signatures, contracts and records the same validity as their handwritten and hard copy counterparts. In the United States, the Uniform Rules of Evidence Code ("UETA"), specify what makes electronic evidence admissible. The fundamental test is a process or system that produces an accurate result. DigiStamps service meets this test. In fact, no one has ever even tried to challenge a DigiStamp timestamp. More details here. Your data remains private in this process. Only the evidence, a SHA fingerprint, is transmitted to DigiStamp and we never see your actual document.

The Birth and Life of an Autonomous Robot When we code, compile, and initialize one of our systems, two external auditors witness the birth ceremony and document the chain of evidence. 1. Computer Forensic Services, Inc auditor: Certified Computer Examiner, International Society of Forensic Computer Examiners. Licensed Private Investigator Private Security Board. Certificate from Dallas Texas Bar Association Electronic Discovery and Digital Evidence.

2. ATSEC Information Security Corporation auditor: Certified Information Systems Security Professional (CISSP). Certified Software Development Professional (CSDP), IEEE Computer Society In an well defined process, the external auditors provide the evidence that the code we put into the 4758 card is of a known source and build, and that the 4758 card has had its external interface disabled, except the unique timestamp functions. Security statements for the Audit ceremony: 1. The IBM 4758 Cryptographic Card is configured and initialized to a specific set of limited functions. Multiple parties witness and document the content of the software, the compilation and the initialization of the 4758 card. 2. An AUDIT key-pair is created inside the 4758. The private key portion of the AUDIT key-pair cannot ever be extracted from the tamper detecting hardware. The timestamp public key certificates are then signed by this AUDIT key to prove that timestamp key is reliably created and contained within this card. 3. The timestamp private key can only be used only to create timestamps. 4. Private keys cannot be export/extracted from the 4758 hardware. 5. The clock in the 4758 hardware cannot be adjusted more than +/- 120 seconds in any 24-hour period. All adjustments are recorded and signed by an audit trail that is internal to the 4758. 6. No person can modify the cards security state without disabling the ability to create timestamps. Attempts to access the private keys or clock in 4758 hardware will reliably destroy the timestamp and AUDIT private keys. When the system initializes, it creates an Audit key, which will henceforth sign and log everything that happens in the co-processor. No one and nothing can change or extract this Audit key. The system will now accept only two kinds of inputs --- clock adjustments (all logged and signed by the Audit Key, automatically) and user requests for timestamps. Try to tamper, and the card stops. Its old work - your existing timestamps - are still valid, but it cant do anything new.

How Digital Signatures works: Assume you were going to send the draft of a certain contract to your lawyer in another town. You want to give your lawyer the assurance that it was unchanged from what you sent and that it is really from you. Here then would be the process: 1. You copy-and-paste the contract (its a short one!) into an e-mail note. 2. Using special software, you obtain a message hash (mathematical summary) of the contract. 3. You then use a private key that you have previously obtained from a public-private key authority to encrypt the hash. 4. The encrypted hash becomes your digital signature of the message. (Note that it will be different each time you send a message.)

ADVANTAGES
1. Performs highly accurate time stamping for PKI-enabled applications, electronic records, and code signingtransforming electronic records into strong evidence. 2. Delivers superior time accuracy and auditability, with time stamps auditable to UTC. 3. Protects the time stamping process and keys through independently certified, tamper-resistant hardware. 4. Integrates easily with business applications to time stamp digitally signed documents (e.g. PDFs), application code, or other electronic records.

DISADVANTAGES
The Disadvantages of using digital signatures involve the primary avenue for any business: money. This is because the business may have to spend more money than usual to work with digital signatures including buying certificates from certification authorities and getting the verification software.

CONCLUSION
Time Stamp Server from Thales e-Security is a turnkey, network-attached appliance that keeps accurate time and creates secure time stamps to record creation time, filing time, or the timing of other events associated with electronic records and applications. By deploying a highly accurate and tamper-resistant time stamping solution, organizations can verify the accuracy of time stamps used for digital records and improve the integrity and auditability of a broad range of critical processes. Ideal for organizations that need electronic document signing with proof of time for legal and compliance purposes, Time Stamp Servers other common applications include financial transactions, lotteries and gaming, security logs, approval workflows, long-term archives, electronic lab books, and code signing. Unlike software-based systems in which administrators can easily manipulate time values, Time Stamp Server protects time stamping keys in independently certified, tamper-resistant hardware. In addition, Time Stamp Server offers superior time accuracy and auditability, delivering secure time traceability to national atomic clocks and Universal Coordinated time (UTC) if required. Time Stamp Server was the first solution of its kind to support Microsoft Authenticode, the code-signing standard for Windows platforms. The products time stamping component is validated to FIPS 140-2 Level 3 and Common Criteria EAL4+. As a conclusion, you must try in using digital or e signature with your internet transactions so that you will experience more convenience in terms of doing various business and money matters. This way you will not worry and go with the hassles and problems of the traditional transactions that use signatures.

FUTURE SCOPE
Anyone trusting the timestamper can then verify that the document was not created after the date that the timestamper vouches. It can also no longer be repudiated that the requester of the timestamp was in possession of the original data at the time given by the timestamp. To prove this the hash of the original data is calculated, the timestamp given by the TSA is appended to it and the hash of the result of this concatenation is calculated, call this hash A. Then the digital signature of the TSA needs to be validated. This can be done by checking that the signed hash provided by the TSA was indeed signed with their private key by digital signature verification. The hash A is compared with the hash B inside the signed TSA message to confirm they are equal, proving that the timestamp and message is unaltered and was issued by the TSA. If not, then either the timestamp was altered or the timestamp was not issued by the TSA.

REFERENCES
http://methodofsolutions.com/2010/07/18/definition-advantages-and-disadvantages-ofdigital-signatures/ http://www.thales-esecurity.com/products-and-services/products-and-services/timestamping-appliances/time-stamp-server http://www.digistamp.com/technical/how-a-digital-time-stamp-works/

CONTENTS
Introduction History Features Working Advantages Disadvantages Conclusion Future Scope References

A
Seminar Report On

DIGITAL TIME STAMPING