Timestamping is based on two simple steps:
- Create a Hash-Value of the file that you want to timestamp
- Ensure in some way that you have evidence that this specific Hash-Value exists since the date when you created it.
Why hash values?
In the Internet exist an unmanageable number of articles and software programs. To certify all that data a demonstrable creation date would result in monthly trains stuffed with DVDs.
By creating hash values this amount of data gets reduced to a small fraction of the original bulk, but (as long as the original file is still available somewhere in the Internet) it's existence will still be certified.
What is a hash value?
Cryptographic hash values identify an exact sequence of bytes by a much shorter value with these properties:
- It is impossible to get the original document from the hash value.
- It is very very hard to calculate a 2nd file that produces the same hash value.
How secure is a hash value?
Cryptographic algorithms become compromised from time to time or vulnerable to brute force attacks due to faster computers. But there are plenty of different hash algorithms, that are believed to be so secure, that all existing computers on earth (this is in 2006) would need over 1.000 years to break only a single hash-value :)
How to evidence that the Hash-Value existed at some given date
Some countries have a Trusted Timestamping Authority, which can digitally sign your Hash-Values. They also include the date within their signature, so that there is evidence when they signed the value, and thus since when your hash-value existed.
Another, more conventional method is, to just print and publish the hash-value in some magazine.
Publish ALL Hash-Values ?
No, this is not necessary. We will use the technique called 'Endless Logfile', where the hash-values of all files of today will be put into a single file, and only that file's hash-value will be published. Additionally to all hashes from today, we'll include the hash-value from the day before. So a chain of hashed files will be created. By publishing the hash value of only the latest file, ALL prior created hash-files, and thus of all hash-values, and thus of all files that originally where timestamped, will be certified to that date.
No, trust is not needed.
Everybody is able to verify the certification himself. See 'Verify a timestamp'.
The necessary steps involve:
- Get the original file, of which you want to verify the timestamp
- Download the PTB, that includes the hash of your original-file
- Create the Hash-Values of the original file yourself
- Compare that hash-value to the one in the PTB
- Get a copy of the magazine that printed the hash value of that PTB
- Create the hash-value for the downloaded PTB yourself
- Compare that hash-value to the one in the magazine
-> if all compared hash-values are equal, than your original file evidently existed at the date when the magazine was printed
Each PTB includes the Hash-Value of its preceding PTB:
Illustration: ------------------------ ------------------------ PTB-123 PTB-124 30-SEP-2006 06:00 30-SEP-2006 07:00 ------------------------ ------------------------ PTB-122: 643254E ------> PTB-123: 1234567 file1.bz2: 79343FD | file5.bz2: 59743FF file2.bz2: 12343FD | file6.bz2: 39743F3 file3.bz2: 45743FD | file7.bz2: 79743FD file4.bz2: 39743FD | file8.bz2: 79743FI ======================== | ======================== Hash over PTB-123: | Hash over PTB-124: 1234567 >----------------- 5432176 >----> to be first entry in PTB-125 ------------------------ ------------------------
The hash-values (as here displayed as e.g. 643254E) are of course a little longer, a full view is here: Public_Timestamp#latest_PTB_for_new_publications
Let's say, we create new Hash-Files every hour, then we would have for 30-SEP-2006 ff e.g. the following HASH-FILE hashes:
PTB-123 30-SEP-2006 06:00 1234567 PTB-124 30-SEP-2006 07:00 5432176 PTB-125 30-SEP-2006 08:00 78EAD46 PTB-126 30-SEP-2006 09:00 8AEC980 ... PTB-143 01-OCT-2006 03:00 356EADE ... PTB-168 02-OCT-2006 09:00 10124CC
According to above Hash-File creation, magazines could e.g. publish like this:
Mag1 prints "PTB-123 1234567" and claims to be published on 01-OCT-2006 Mag2 prints "PTB-123 1234567" and claims to be published on 05-OCT-2006 Mag3 prints "PTB-125 78EAD46" and claims to be published on 03-OCT-2006 Mag1 prints "PTB-143 356EADE" and claims to be published on 02-OCT-2006
So what date is verified for file1.bz2, which hash was included in PTB-123:
- if you trust the pub date of Mag1, then it's 01-OCT-2006
- if you don't trust pub date of Mag1, then with Mag3 it's 03-OCT-2006
- if you don't trust the pub date of any of these, but only the combination of all together, then it's 05-OCT-2006
So we see, this method is not "Timestamping trusted to one second, but trusted to few days".