How to timestamp a document without electronic signature under eIDAS

Question

I need to timestamp a file to prove data integrity, not authorship. I will use a RFC3161 qualified timestamping service.

From the EU Regulation Section 6, Article 41, I understand that I can use a timestamp without an electronic signature*, as they are use to prove different things.

PAdES, XAdES and CAdES needs a signature (over which a timestamp is applied).

As far as I know, I can't use PAdES/CAdES/XAdES without an electronic signature.

What is the prefered way to timestamp a document under eIDAS without an electronic signature?

*_The RFC 3161 timestamp is signed by the timestamp authority. I am refering to my electronic signature.

Answer 1

Let's start with full disclosure:

I work as a software developer for Disig a.s. - Trust Service Provider from Slovakia - and I'll use our products and services to demonstrate the technology I'll describe in this post. I've written several server-side and client-side products for time-stamping over the years so my perception of legislation/standards/reality may be biased. You've been warned :)

Let's answer your question:

What is the preferred way to timestamp a document under eIDAS without an electronic signature?

IMO the preferred way is to use RFC 3161 based qualified time-stamping service and store the received time-stamp token in ASiC-S container.

Let's look at related legislation:

Regulation (EU) No 910/2014 also known as eIDAS does not define technical details itself but rather says:

1. In Article 27(5) that the Commission may, by means of implementing acts, establish reference numbers of standards for advanced electronic signatures.
2. In Article 37(5) that the Commission may, by means of implementing acts, establish reference numbers of standards for advanced electronic seals.
3. In Article 41(2) that the Commission may, by means of implementing acts, establish reference numbers of standards for the binding of date and time to data and for accurate time sources (IMO this refers to time stamps).

I am not aware of any implementing act directly covering the third Article 41(2) but the first two - Article 27(5) and Article 37(5) - are covered by Commission Implementing Decision (EU) 2015/1506 of 8 September 2015 which IMO indirectly covers also the third because it refers to the following technical standards:

• XAdES Baseline Profile defined by ETSI TS 103 171 v.2.1.1
• CAdES Baseline Profile defined by ETSI TS 103 173 v.2.2.1
• PAdES Baseline Profile defined by ETSI TS 103 172 v.2.2.2
• Associated Signature Container Baseline Profile defined by ETSI TS 103 174 v.2.2.1

First three are signature related but the fourth one defines also ASiC-S and ASiC-E container types that can store RFC 3161 time-stamp tokens along with the timestamped document.

Let's look at practical example:

In the first step I am using open source application TimeStampClient to timestamp plain text file hello.txt with eIDAS compliant qualified time-stamping service:

TimeStampClient produces ASiC-S TST container and saves it as hello.txt.asics. If you change .asics extension to .zip extension you can open this container and explore its contents in almost any reasonably current operating system. Please note that file timestamp.tst stored in META-INF folder is raw time-stamp token received from time-stamping service and you can extract it and use it directly whenever needed (for example when you want to use it or validate it in application that does not support ASiC-S TST).

In the second step I am using validation service zep.disig.sk to verify the validity of timestamp:

As you can see this service supports ASiC-S TST and correctly verifies timestamp validity.

In the third step I am using validation service DSS Demo to verify the validity of timestamp:

As you can see this service supports ASiC-S containers but fails to detect the timestamp. I guess it does not support ASiC-S TST yet.

Answer 2

The usual implementation of eIDAS time-stamps is specified in EN 319 422, which itself is based on RFC 3161.

According to RFC 3161 a time-stamping request only requires a hash value of the data to be time-stamped, so in your case you can simply submit the hash of the document.