IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [timestamp]

For questions relating to physical or digital timestamps, usually as part of a cryptographic protocol, logging, or auditing requirement. Please use the tag [time] for questions relating to system clocks.

Timestamps are used to denote the date and time at which an event occurred, typically as meta-data.

Their application to security ranges from modification times on files, to use of timestamps in cryptographic protocols to prevent replay attacks.

96 questions
5
votes
4 answers

How to sign & timestamp log or zip files?

I think I can easily sign the files however I also need a timestamp from 3rd party vendor. I want to digitally sign + stamp log files including DHCP & mail because of laws here. UPDATE: I found more info about time stamping.…
Nime Cloud
  • 151
  • 1
  • 5
5
votes
1 answer

Any Known countermeasures against clock skew fingerprinting?

I know lots of websites that do clock skew fingerprinting using tcp timestamps. I know how to disable timestamps but i want to know techniques that can be used to counter clock skew fingerprinting. I read somewhere that one can spoof this clock skew…
jack
  • 51
  • 1
5
votes
1 answer

How to put the "trust" into trusted-timestamping

As a part of my thesis, I am about to evaluate different approaches to establish the trust in trusted-timestamping performed by a TSA (see RFC3161 - Trusted Timestamp Protocol). A trustworthy timestamping scheme must provide the following property,…
Maximilian Beckmann
  • 53
  • 3
5
votes
1 answer

Verification of a timestamped PDF

I'm kinda new to the process of timestamping files to provide digital integrity. For testing purposes, i use tsa.safecreative.org for PDF files. Now i've signed a couple PDF files and if i open up the PDF it says the timestamp is valid (as the file…
James Cameron
  • 598
  • 2
  • 11
4
votes
2 answers

How to know when a file was deleted in a NTFS filesystem?

Is it possible to know when a file in a NTFS filesystem was deleted? For example, if you have the file in the recycle bin you have the metadata file that stores when the file was sent to the recycle bin. However, if the file was never in the recycle…
kinunt
  • 2,759
  • 2
  • 23
  • 30
4
votes
2 answers

How can I validate time-sensitive data is coming from a mobile app, and not being forged?

In our application, a user selects answers to questions. Their score is based on the time spent answering each question down to a tenth of a second. The server is responsible for calculating and storing the score, but it obviously cannot record the…
Logan Serman
  • 141
  • 1
4
votes
1 answer

Is there any functional distributed timestamp server available? If not what about this homebrew solution?

Objective A secure Arrow of Time with unpredictable future behaviour to stop attackers or DDoS BotNets from pre-calculating proof-of-work and other gateway protections for P2P/F2F. A distributed solution in so far as there isn't enough free…
LateralFractal
  • 5,143
  • 18
  • 41
4
votes
0 answers

Openssl cms verify signature with timestamp and crl

I've used OpenSSL cms to sign the data and generate a detached signature. As per my requirements, I need to timestamp the signature as well, so that if the certificate expired, verification of signature can be done. The generated timestamp is also…
saurabh
  • 723
  • 1
  • 4
  • 12
4
votes
2 answers

Does x509 have an "issued at" timestamp? Can you tell when an x509 certificate was issued?

The JWT Spec (RFC 7519) has an issued at field ("iat"). Does x509 have any analogous value? I see a Validity field, but nothing else time related.
jtpereyda
  • 1,430
  • 2
  • 16
  • 26
4
votes
1 answer

Issuing TSA (Time Stamping Authority) certificates

What is a practice for issuing TSA (Time Stamping Authority) certificates? I read that TSA certificates should be issued directly from Root CA, but basically TSA certificate is end entity certificate and Root CA should't be issuing certificates for…
user1563721
  • 1,099
  • 11
  • 22
3
votes
2 answers

Does NTP leak local system time?

As I understand the paper An Improved Clock-skew Measurement Technique for Revealing Hidden Services (6/23 = pdf page 3), it implies that a NTP client leaks the system's local time because of TCP sequence numbers. Is this the case or does that paper…
adrelanos
  • 680
  • 7
  • 21
3
votes
5 answers

Password protect an excel file for a period of time?

I'm trying to find a way to password protect an Excel file (.xlsm) beyond the built-in password encryption options. Ideally: Enter the password File works for a week(/other period of time) After a week, file requires password again The file is…
MotS
  • 33
  • 1
  • 3
3
votes
1 answer

How to handle CRLs correctly in long-term electronic signatures?

What is a recommended way of handling CRLs in long-term electronic signatures (specifically the CAdES-A)? The problem I see is in that CRLs are not protected against modification (they are plain text, not signed) and not even mandatory in CAdES-T or…
xarx
  • 143
  • 5
3
votes
3 answers

Is it possible to track someone by sharing a youtube link with timestamp?

Is it possible to track someone by sharing a youtube link with them with a timestamp such as &t=1s if they click on it on their end? I've recently have been told not to use timestamps because of this...
Joel Portillo
  • 39
  • 2
3
votes
0 answers

Verify PKCS#7 (CMS) detached signature with timestamp with OpenSSL

I have a PKCS#7 (i.e., CMS) detached signature of a file that is signed by my signing certificate and then timestamp signed by a TSA that is all generated by an application we wrote. I would like to give a third party the original data file and the…
Hmmmmm
  • 235
  • 2
  • 7
1
2
3 4 5 6 7