Time Stamp Server version 5.0 includes a security update for support of 4,096 bit RSA keys. The U.S. National Institute of Standards and Technology (NIST) recommends using at least 2,048 bit RSA keys for signatures protecting data from year 2010, and 3,072 bit keys beyond year 2030.[1] With this latest version of Time Stamp Server organizations are well-prepared to meet and even exceed these recommendations. Thales Time Stamp Server customers with existing hardware can upgrade to version 5.0.
"Organizations increasingly use public key operations such as digital signing to enhance the security of new and existing business processes handling sensitive information", says Franck Greverie, Vice President, Managing Director for the information systems security activities of Thales. "Cryptography plays an integral role in establishing the authenticity and integrity of electronic documents and Thales Time Stamp Server provides a powerful solution without the need to implement a full public key infrastructure (PKI). Whether protecting archive documents, lottery tickets or legal submissions, time stamping provides a trusted time-based reference that is a natural complement to any electronic signature, just as it is in any paper based system."
Time Stamp Server is a network-attached, turn-key appliance that combines the ability to act as a tamper-resistant source of trusted time with a high speed and equally secure digital signing engine. Together these capabilities enable organizations to sign documents or other electronic files such as application software in a standards-based way and that enables complete verification long after the original signing certificate and credentials have expired or been revoked. Unlike software-based systems, in which administrators can easily manipulate time, Time Stamp Server keeps accurate time that can be synchronized to external trusted sources and protects time stamping keys with a secure hardware-based security environment validated to FIPS 140-2 Level 3 and Common Criteria EAL 4+.
Time Stamp Server supports the Microsoft Authenticode protocol, the code signing standard for Windows platforms, allowing software developers to utilize secure digital signatures and auditable time stamping functionality as part of the software publishing process. Time Stamp Server is fundamental to an Authenticode implementation, removing the traditional reliance on the host computer's system clock which is vulnerable to tampering.
Time Stamp Server can be tightly integrated with any deployment of Adobe Acrobat and Adobe LiveCycle Manager, enhancing the security of the native signing capabilities for Adobe PDF files and coupling this with trusted time stamps. Not only does this overcome the inherent risks associated with software-based digital signing processes but also provides an auditable and trusted record of date and time without relying on system clocks within host operating systems that can be easily abused.
Thales time stamp solutions have been deployed to solve problems as diverse as securing the digital archive of the British Library, securing the national digital infrastructure for the Royal Federation of Belgian Notaries and providing auditable proof of when a lottery ticket is purchased in order to prevent fraud. Time Stamp Server is utilized extensively to support the SAFE (Signatures and Authentication For Everyone) standard for the BioPharma industry and fully complies with the FDA's 21 CFR Part 11 Regulation.
Time Stamp Server can provide time stamps that are highly accurate to Universal Coordinated Time (UTC). A mutually authenticated link to the Thales Time Source Master Clock calibrates the appliance with a time attestation certificate. Time Stamp Server is the world's only secure time stamping appliance that can provide a secure and auditable chain of trust back to independent, national atomic clocks to maximize confidence and trust.
Notes to editor
Thales is one of the world leaders in the provision of Information and Communication Systems Security solutions for government, defence, critical infrastructure operators, enterprises and the finance industry. Thales's unique position in the market is due to its end-to-end security offering spanning the entire value chain in the security domain. The comprehensive offering includes architecture design, security and encryption product development, evaluation and certification preparation and through-life management services.
Thales has forty years of unrivalled track record in protecting information from Sensitive But Unclassified up to Top Secret and a comprehensive portfolio of security products and services, which includes network security products, application security products and secured telephony products.
[1] NIST Special Publication 800-57, "Recommendation for Key Management - Part 1: General (Revised)", http://csrc.nist.gov/..., p. 66.