Skip to main content

Renewing Cryptographic Timestamps

  • Chapter
  • 786 Accesses

Part of the IFIP — The International Federation for Information Processing book series (IFIPAICT,volume 100)


This paper shows that the scheme described in Haber and Stornetta [Haber and Stornetta Jr., 1994] for extending the validity of a cryptographic timestamp for a Time Stamping Service contains security shortcomings. A modification is proposed to rectify the identified shortcomings.


  • timestamping
  • TSA
  • TSS
  • digital signature
  • PKI
  • Security
  • protocol failure

The original version of this chapter was revised: The copyright line was incorrect. This has been corrected. The Erratum to this chapter is available at DOI: 10.1007/978-0-387-35612-9_23


  1. Adams, C., Cain, P., Pinkas, D., and Zuccherato, R. (2001). Internet X.509 Public Key Infrastructure, Time Stamp Protocol (TSP). Internet Engineering Task Force ( IETF ). Request For Comments: 3161.

    Google Scholar 

  2. Bayer, D., Haber, S., and Stornetta, W. S. (1993). Improving the efficiency and reliability of digital time stamping. In Capocelli, R., De Santis, A., and Vaccaro, U., editors, Sequences II: Methods in Communication, Security and Computer Science,pages 329–334. Springer-Verlag.

    Google Scholar 

  3. Buldas, A., Lipmaa, H., and Schoenmakers, B. (2000). Optimally efficient accountable time-stamping. In Zheng, Y. and Imai, H., editors, Public Key Cryptography, volume 1751 of Lecture Notes in Computer Science, pages 293–305, Melbourne, Australia. Springer Verlag.

    Google Scholar 

  4. Haber, S. and Stornetta, W. S. (1991). How to time-stamp a digital document. Journal of Cryptology, 3: 99–111.

    CrossRef  MATH  Google Scholar 

  5. Haber, S. and Stornetta, W. S. (1997). Secure names for bit strings. InProceedings of the 4th ACM Conference on Computer and Communication Security, pages 28–35. ACM.

    Google Scholar 

  6. Haber, S. A. and Stornetta Jr., W. S. (1994). Method of extending the validity of a cryptographic certificate. Bell Communications Research Inc., Livingston, N.J. United States Patent number 5,373, 561.

    Google Scholar 

  7. ISO/IEC (2001). ISO/IEC FCD 18014–1, Information technology — Security techniques — Time-stamping services — Part 1: Framework. International Organization for Standardization, Geneva, Switzerland.

    Google Scholar 

  8. Menezes, A., van Oorshot, P., and Vanstone, S. (1997). Handbook of Applied Cryptography. CRC Press, Boca Raton.

    MATH  Google Scholar 

  9. PKITS (1998). PKITS — Public Key Infrastracture with Time-Stamping Authority. Fabrica Nacional de Moneda y Timbre (FNMT), Madrid, Spain. ETS Project: 23. 192, Architecture of Time-Stamping Service and Scenarios of Use: Services and Features.

    Google Scholar 

  10. Preneel, B., Rompay, B. V., Quisquater, J.-J., Massias, H., and Avila, J. S. (1998). Design of a timestamping system. Technical report, TIMESEC, Katholieke Universiteit Leuven and Université Catholique de Louvain.

    Google Scholar 

Download references

Author information

Authors and Affiliations


Editor information

Editors and Affiliations

Rights and permissions

Reprints and Permissions

Copyright information

© 2002 IFIP International Federation for Information Processing

About this chapter

Cite this chapter

Al-Riyami, S.S., Mitchell, C.J. (2002). Renewing Cryptographic Timestamps. In: Jerman-Blažič, B., Klobučar, T. (eds) Advanced Communications and Multimedia Security. IFIP — The International Federation for Information Processing, vol 100. Springer, Boston, MA.

Download citation

  • DOI:

  • Publisher Name: Springer, Boston, MA

  • Print ISBN: 978-1-4757-4405-7

  • Online ISBN: 978-0-387-35612-9

  • eBook Packages: Springer Book Archive