IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [timestamp]

For questions relating to physical or digital timestamps, usually as part of a cryptographic protocol, logging, or auditing requirement. Please use the tag [time] for questions relating to system clocks.

Timestamps are used to denote the date and time at which an event occurred, typically as meta-data.

Their application to security ranges from modification times on files, to use of timestamps in cryptographic protocols to prevent replay attacks.

96 questions
1
vote
0 answers

Error while Verifying OpenSSL Timestamp Response

Good morning. I'm having a weird issue while verifying a response from a TSA (TimeStamping Authority). I'm using the TimeStamping Service from the ERMIS Gateway (Hellenic Public Administration). I use openssl to generate a TS Query. After that, with…
kerk12
  • 11
  • 1
1
vote
1 answer

Do any third party time stamping signature services exist?

I'm wondering if there exists any trusted third-party service that I can submit a file, or just a signature of a file, and get back a signature of that file signed with the timestamp of when it was signed. Does any such service exist? I'm not…
Jacob Brown
  • 255
  • 2
  • 7
1
vote
1 answer

Use of ESSCertIDv2 in a RFC 3161 Timestamp

A qualified trust service provider under eIDAS uses ESSCertIDv2 for their time stamp tokens, but ESSCertIDv2 was not present in the RFC 3161 specification, it was added later in RFC 5816. RFC 3161 in 2.4.2 requires ESSCertID: The certificate…
Victor
  • 373
  • 1
  • 10
1
vote
2 answers

How to timestamp a document without electronic signature under eIDAS

I need to timestamp a file to prove data integrity, not authorship. I will use a RFC3161 qualified timestamping service. From the EU Regulation Section 6, Article 41, I understand that I can use a timestamp without an electronic signature*, as they…
Victor
  • 373
  • 1
  • 10
1
vote
1 answer

Adding custom embedded Precertificate SCTs into the certificate?

It it possible to insert a list of ct certificate timestamps in the my own certificate created in by internal CA using openssl configuration file. I didnt find any information about ASN.1 sequence describing how to insert SCTs extension into…
Marko Farkas
  • 11
  • 1
1
vote
1 answer

How to prove that something happened before some time in a distributed way?

To prove that something happened after some time in a distributed way, just refer to something publicly know just before. Is that right? (Though I wonder how to make the time granularity smaller.) What about to prove that something happened before…
Schezuk
  • 131
  • 4
1
vote
1 answer

Why timestamping chain is better than "code signature" chain?

Timestamping is recommended as the way to prolong signature validity after its certificate expiration date. One just need to add new timestamp signature before previous timestamp is expired. But what's the purpose of introducing special kind of…
SerG
  • 115
  • 5
1
vote
1 answer

Timestamp vs Replay attack

1) A → B : username, timestamp, h(password) 2) A → B : username, h(password), h(timestamp) Can above two formula prevent from suffering replay attack? I think 1 is immune from replay attack but i am not sure about second one. Can any one help me?
Ricky
  • 135
  • 3
  • 10
1
vote
1 answer

Can setting the date on your iPhone to the epoch really brick it?

So, I've started seeing warnings that there is a troll/hoax saying that people should set the date on their phone to 1st January 1970 to get a retro logo to display. The warnings say that this will end up bricking your phone, and even a reset of the…
HorusKol
  • 139
  • 7
1
vote
1 answer

Generation of a shared nonce that cannot be pre computed

Is there any system out there currently, which can generate a nonce, which all nodes on a distributed network can agree and calculate the same nonce at the same time, but one an attacker cannot pre compute, for example a week in advance, and would…
Rich
  • 11
  • 1
1
vote
1 answer

How can I put in relation http timestamp with country time zone of the IP?

I have a series of packets within a PCAP files, among them I'm getting packet with HTTP protocol. starting from IP address I get the timestamp in GMT format and the time zone, for example: Source IP: 95.172.94.24 http.date: "Sun, 14 Jun 2015…
CDominik
  • 157
  • 2
  • 6
0
votes
1 answer

Verification code generation and expiration

I am trying to implement an application that includes registration, In order to register to the system the user shall enter his organization ID number let's say. To verify the user identity, a verification code will be sent to the phone number…
Lamya
  • 103
  • 8
0
votes
1 answer

Concatenating timestamp to data before encrypting it - is this a commonly used technique?

I have a web app that communicates with a backend server, and the users of the web app are organisations that each have a single login for the entire organisation. The app is meant to be used for example on TV's in the cafeteria to display todays…
Magnus
  • 213
  • 1
  • 5
0
votes
0 answers

Using Openssl for Package signing with timestamp

We started with openssl dgst to sign and verify packages successfully. Then we thought we should do a timestamped signatures. That's when the process is bit unclear. We used the openssl ts commands to independently produce and verify signatures with…
Progress P
  • 1
0
votes
1 answer

How hard to hack are S3 Last-Modified timestamps?

Context: There are many reasons for wanting a very trustworthy timestamp on a document, as discussed in many other questions here such as this one I wrote in 2010. E.g., in an election auditing context, one thing we're interested in is a cheap,…
nealmcb
  • 20,544
  • 6
  • 69
  • 116
1 2 3 4
5
6 7