Beyond RFC 3161: The Failures of Legacy Timestamping and a Solution
Digital timestamping is critical to important processes in finance, health care, law, and other fields. RFC 3161 has emerged as the most used standard for creating digital timestamps.
RFC 3161 uses traditional Private Key Infrastructure (PKI). A user creates trusted timestamps by sending a data fingerprint to a trusted server, which sends back a digitally signed payload of the data fingerprint and the time. The signed payload can later be used as a receipt to show which server issued a signed timestamp for the original data fingerprint.
While RFC 3161 is suitable for some applications, it has significant limitations that make it too complex and inappropriate for some important use cases.
Due to the recent maturation and improvements in usability, blockchain-based timestamping using modern blockchain architecture has emerged as a viable alternative with several critical advantages over RFC 3161.
This article explores the limitations of RFC 3161 and the corresponding advantages of blockchain-based solutions, highlighting key benefits such as validation of sets of timestamps, eliminating the need to manage and store receipts, and security. Real-world examples illustrate the limitations and failures of RFC 3161 that blockchain-based timestamps address.
Set Validation
One limitation of digital certificates is that their digital signatures leave no trace. It’s impossible to know how many signatures a particular certificate has made in its history. For example, if a university were to issue diplomas by digitally signing PDFs, there would be a significant ongoing risk that the university’s certificate could be misappropriated and used to create countless illegitimate diplomas.
Blockchains are computationally rich and provide assurances impossible with legacy certificate-based approaches. For example, with blockchain-based timestamps, it’s possible to see
- How many timestamps were made by a particular user (defined as a public key)
- Which timestamps were made for a given document or collection of documents
- Which timestamps were not made
A university issuing blockchain-based stamps could check the number of signatures issued vs. the number of diplomas awarded and know immediately if any extras were created. This is a form of cryptographic double-entry bookkeeping.
Consider a scientist who timestamped 10,000 experimental results using RFC 3161. Later, they presented only 9,000 of these results, omitting the ones that did not support their hypothesis. With a typical RFC-3161 TSA, there is no way to detect the absence of the missing results.
Alternatively, a company predicting market trends might use RFC 3161 timestamps to stamp multiple predictions and later only reveal the successful ones, misleading stakeholders about forecasting accuracy despite cryptographically accurate RFC-3161 timestamps.
Blockchain-based stamps eliminate this problem by providing visibility into sets of timestamps. The user of blockchain-based timestamps can cryptographically validate whether all the timestamped information associated with a given set is being presented, preventing the selective presentation of timestamped information.
Managing of Receipts
RFC3161 timestamps require the storage and management of digital receipts to validate timestamps. If the receipt is lost or corrupted, an RFC3161 cannot be validated. This is a headache for developers and system administrators who must store and manage this receipt infrastructure, often across various system environments. Often, receipts are lost or damaged when files are moved.
Blockchains are rich distributed ledgers with storage provided by thousands of distributed nodes. Blockchains can store timestamp receipts internally via this storage, eliminating the need for users to maintain this information locally. All one needs to validate a timestamp with blockchain-based timestamps is the original file.
Because timestamp metadata is stored separately from the file itself, users can move and manipulate their files without worrying about losing their trusted timestamps. This separation simplifies data handling and enhances system flexibility, allowing easier data management and verification processes.
Timestamp Security
Security is the foundation of any trusted timestamping system, and blockchain-based stamps significantly outperform RFC 3161 on this dimension.
A Timestamping Authority (TSA) in the RFC 3161 system operates as a centralized entity, making it a single point of failure. Security breaches in TSAs or any intermediary certificate authorities (CAs) may go undetected for months, years, or forever. Once a breach is discovered, all past timestamps issued by a TSA become non-validatable because a compromised TSA could issue seemingly valid timestamps from the distant past (or future). And since a breach can go undetected, timestamp users can never know with certainty that the timestamps they see are authentic.
Security incidents with certificate authorities are not infrequent. For example, in 2011, DigiNotar, a Dutch certificate authority, was fully compromised, allowing attackers to issue fraudulent certificates, including to TSAs. The breach went undetected for months, during which many fake certificates were issued.
The options for organizations whose security needs exceed that of a commercial certificate authority are unappealing. They can either manage the cost and complexity of using multiple TSAs or try to build a more secure option internally.
Blockchains provide a superior alternative that even actors with nation-state level security needs can rely upon for trusted timestamping. The leading blockchains like Polygon and Arbitrum, which we use to store vBase stamps and related state, secure billions of dollars in value. Moreover, the cryptographic hashes that link each block in a blockchain create a transparent and auditable history. Any attempt to alter the history of timestamps would be immediately detected, unlike with a TSA.
Long-Term Validation
The security guarantees of blockchain-based timestamps become stronger with time. Thanks to the way newer blocks build on top of older ones, older blockchain-based timestamps are even more secure than recent ones (though anything over 1 hour provides robust security guarantees). Thus, blockchain-based timestamps made many years ago are very reliable.
With a TSA, the opposite is true. Old RFC3161 timestamps are inherently suspect. This is because if a TSA’s x509 certificate becomes compromised at any point (even after expiration), all timestamps previously signed with this certificate become invalid. As a result, maintaining trusted long-term timestamps with TSAs is complex, often requiring re-signing of old data and TSA redundancy.
Conclusion
Blockchain-based timestamps represent a significant improvement on TSA timestamps across several critical dimensions. Relative to RFC 3161 timestamps, modern blockchain-based timestamps offer four key advantages:
- The ability to create and validate sets of stamps rather than just individual stamps
- Enhanced security and resilience
- Eliminating the need to store timestamp receipts
- Reliable long-term validation
Want to learn more about how to use blockchain-based timestamps to solve challenges in your business? Feel free to contact us, check out our docs, or start stamping your data.
Recent Posts
A compromised BorgBackup client allows undetectable tampering with past backups. vBase offers a simple solution.
Many traders use brokerage statements to create a verifiable track record. Unfortunately they are not credible for this purpose. A better alternative exists.
RFC-3161 timestamps often fall short in a number of important use cases. We examine the problems and a solution.