|
ANSI ASC X9.95 Standard
The ANSI X9.95 standard for trusted timestamps expands on the widely used {{IETF RFC, 3161 - Internet X.509 Public Key Infrastructure Time-Stamp Protocol by adding data-level security requirements that can ensure data integrity against a reliable time source that is provable to any third party. Applicable to both unsigned and digitally signed data, this newer standard has been used by financial institutions and regulatory bodies to create trustworthy timestamps that cannot be altered without detection and to sustain an evidentiary trail of authenticity. Timestamps based on the X9.95 standard can be used to provide: * authenticity: trusted, non-refutable time when data was digitally signed * integrity: protection of the timestamp from tampering without detection * timeliness: proof that the time of the digital signature was in fact the actual time * an evidentiary trail of authenticity for legal sufficiency A superset of the IETF's RFC 3161 protocol, the X9.95 standard includes ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Trusted Timestamping
Trusted timestamping is the process of securely keeping track of the creation and modification time of a document. Security here means that no one—not even the owner of the document—should be able to change it once it has been recorded provided that the timestamper's integrity is never compromised. The administrative aspect involves setting up a publicly available, trusted timestamp management infrastructure to collect, process and renew timestamps. History The idea of timestamping information is centuries old. For example, when Robert Hooke discovered Hooke's law in 1660, he did not want to publish it yet, but wanted to be able to claim priority. So he published the anagram ''ceiiinosssttuv'' and later published the translation ''ut tensio sic vis'' (Latin for "as is the extension, so is the force"). Similarly, Galileo first published his discovery of the phases of Venus in the anagram form. Sir Isaac Newton, in responding to questions from Leibniz in a letter in 167 ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Bureau International Des Poids Et Mesures
The International Bureau of Weights and Measures (french: Bureau international des poids et mesures, BIPM) is an intergovernmental organisation, through which its 59 member-states act together on measurement standards in four areas: chemistry, ionising radiation, physical metrology, and coordinated universal time. It is based in Saint-Cloud, Paris, France. The organisation has been referred to as IBWM (from its name in English) in older literature. Structure The BIPM is supervised by the International Committee for Weights and Measures (french: Comité international des poids et mesures, CIPM), a committee of eighteen members that meet normally in two sessions per year, which is in turn overseen by the General Conference on Weights and Measures (french: Conférence générale des poids et mesures, CGPM) that meets in Paris usually once every four years, consisting of delegates of the governments of the Member States and observers from the Associates of the CGPM. These organs ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
ISO 18014
ISO/IEC 18014 ''Information technology — Security techniques — Time-stamping services'' is an international standard that specifies time-stamping techniques. It comprises four parts: * ''Part 1: Framework'' * ''Part 2: Mechanisms producing independent tokens'' * ''Part 3: Mechanisms producing linked tokens'' * ''Part 4: Traceability of time sources'' Part 1: Framework In this first part of ISO/IEC 18014, several things are explained and developed: * The identification of the objectives of a time authority. * The description of a general model on which time stamping services are based. * The definition of time stamping services. * The definition of the basic protocols of time stamping. * The specifications of the protocols between the involved entities. Key words: audit, non-repudiation, security, time-stamp Part 2: Mechanisms producing independent tokens A time-stamping service provides evidence that a data item existed before a certain point in time. Time-stamp s ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
RSA (algorithm)
RSA (Rivest–Shamir–Adleman) is a public-key cryptosystem that is widely used for secure data transmission. It is also one of the oldest. The acronym "RSA" comes from the surnames of Ron Rivest, Adi Shamir and Leonard Adleman, who publicly described the algorithm in 1977. An equivalent system was developed secretly in 1973 at Government Communications Headquarters (GCHQ) (the British signals intelligence agency) by the English mathematician Clifford Cocks. That system was declassified in 1997. In a public-key cryptosystem, the encryption key is public and distinct from the decryption key, which is kept secret (private). An RSA user creates and publishes a public key based on two large prime numbers, along with an auxiliary value. The prime numbers are kept secret. Messages can be encrypted by anyone, via the public key, but can only be decoded by someone who knows the prime numbers. The security of RSA relies on the practical difficulty of factoring the produ ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Private Key
Public-key cryptography, or asymmetric cryptography, is the field of cryptographic systems that use pairs of related keys. Each key pair consists of a public key and a corresponding private key. Key pairs are generated with cryptographic algorithms based on mathematical problems termed one-way functions. Security of public-key cryptography depends on keeping the private key secret; the public key can be openly distributed without compromising security. In a public-key encryption system, anyone with a public key can encrypt a message, yielding a ciphertext, but only those who know the corresponding private key can decrypt the ciphertext to obtain the original message. For example, a journalist can publish the public key of an encryption key pair on a web site so that sources can send secret messages to the news organization in ciphertext. Only the journalist who knows the corresponding private key can decrypt the ciphertexts to obtain the sources' messages—an eavesdro ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Cryptographic Hash Function
A cryptographic hash function (CHF) is a hash algorithm (a map of an arbitrary binary string to a binary string with fixed size of n bits) that has special properties desirable for cryptography: * the probability of a particular n-bit output result ( hash value) for a random input string ("message") is 2^ (like for any good hash), so the hash value can be used as a representative of the message; * finding an input string that matches a given hash value (a ''pre-image'') is unfeasible, unless the value is selected from a known pre-calculated dictionary ("rainbow table"). The ''resistance'' to such search is quantified as security strength, a cryptographic hash with n bits of hash value is expected to have a ''preimage resistance'' strength of n bits. A ''second preimage'' resistance strength, with the same expectations, refers to a similar problem of finding a second message that matches the given hash value when one message is already known; * finding any pair of different me ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Network Time Protocol
The Network Time Protocol (NTP) is a networking protocol for clock synchronization between computer systems over packet-switched, variable- latency data networks. In operation since before 1985, NTP is one of the oldest Internet protocols in current use. NTP was designed by David L. Mills of the University of Delaware. NTP is intended to synchronize all participating computers to within a few milliseconds of Coordinated Universal Time (UTC). It uses the intersection algorithm, a modified version of Marzullo's algorithm, to select accurate time servers and is designed to mitigate the effects of variable network latency. NTP can usually maintain time to within tens of milliseconds over the public Internet, and can achieve better than one millisecond accuracy in local area networks under ideal conditions. Asymmetric routes and network congestion can cause errors of 100 ms or more. The protocol is usually described in terms of a client–server model, but can as eas ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
NIST
The National Institute of Standards and Technology (NIST) is an agency of the United States Department of Commerce whose mission is to promote American innovation and industrial competitiveness. NIST's activities are organized into physical science laboratory programs that include nanoscale science and technology, engineering, information technology, neutron research, material measurement, and physical measurement. From 1901 to 1988, the agency was named the National Bureau of Standards. History Background The Articles of Confederation, ratified by the colonies in 1781, provided: The United States in Congress assembled shall also have the sole and exclusive right and power of regulating the alloy and value of coin struck by their own authority, or by that of the respective states—fixing the standards of weights and measures throughout the United States. Article 1, section 8, of the Constitution of the United States, ratified in 1789, granted these powers to the new Congr ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Data Integrity
Data integrity is the maintenance of, and the assurance of, data accuracy and consistency over its entire life-cycle and is a critical aspect to the design, implementation, and usage of any system that stores, processes, or retrieves data. The term is broad in scope and may have widely different meanings depending on the specific context even under the same general umbrella of computing. It is at times used as a proxy term for data quality, while data validation is a prerequisite for data integrity. Data integrity is the opposite of data corruption. The overall intent of any data integrity technique is the same: ensure data is recorded exactly as intended (such as a database correctly rejecting mutually exclusive possibilities). Moreover, upon later retrieval, ensure the data is the same as when it was originally recorded. In short, data integrity aims to prevent unintentional changes to information. Data integrity is not to be confused with data security, the discipline of protect ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
