Remember getting to work and having to register your arrival time? That procedure is a basic form of timestamping. It seeks to register an event (your arrival at work).
The activity/event is referenced against time data.
What is a Distributed Timestamp Server?
A Distributed Timestamp Server is a decentralised system for timestamping. This type of server is structured and operates differently from the traditional one.
A timestamp server is a handy system. It simply proves “that something existed/occurred at a particular time.” A distributed timestamp server eliminates the risk of multi-point failure by being decentralised.
The Idea of Timestamping
Introducing Signatures
Timestamping is a way of putting a special signature on an object. Signatures can play any role. Usually, they show authenticity.
In the electronic world, there are two forms of signatures. There’s the primary form and there’s the secondary form. Timestamps occur as the latter. However, they are - in some sense - more special.
How public and private key-based signatures are established
Many digital processes make use of a primary signature. This signature is the result of an event or activity. It is established when a private key is applied against an appropriate public key.
Individuals maintain custody of their private keys. On the other hand, online systems use certificates to link an entity to a designated public key. When a recognised entity uses its private key against the right public key, it signs a signature.
This tells the system the right owner is accessing it.
Drawback of signatures that make use of private and public keys
The private and public key-based signature works. It is safe, secure, and reliable. But there’s a tiny weeny problem.
It is that certificates expire (after two or three years, it depends). This expiration renders a public key invalid. In turn, the associated private key becomes useless.
Signing a signature using these keys then becomes impossible.
The above situation creates a problem with verifying documents after a certain time. What is the solution here? Simple. Timestamps.
How Timestamps Resolve Signature Signing Issues
The Time Stamping Authority (TSA) makes timestamping possible. How? By setting and controlling an accurate clock. This allows for taking time records of events without mistake.
But time stamps aren’t just taken randomly.
They are taken at the time when a document’s certificate signature (using keys) is still active. Ideally, when a certificate or key-based signature is signed, a timestamp record (secondary signature) of it is made. This means that the timestamp shows the time an accepted key-based signature took place (for a specific document).
The TSA stores this secondary signature. It comes in handy when a certificate expires. This is because an expired certificate cannot be used in signing a signature.
At that time, the reference to the authenticity of a document becomes the fact that it was signed at some point in the past.
How a Distributed TimeStamp Server Works
A Distributed Timestamp Server aims to remain safe against compromise. Its basic design overcomes the shortcomings found in earlier models. In this section, we discuss how this works.
But before that, we should mention how a regular timestamp server operates. This will help increase your understanding of the decentralised version.
Knowing how a traditional timestamp server works:
Traditional timestamp servers have been around for a long time. They became widespread in the late 90’s. Today, they have undergone several modifications.
This technology works by utilizing a public key infrastructure (PKI).
PKIs comprise a single centralised server. There’s no way to distribute this server. That alone increases the risk to the entire system. A critical attack could shut the whole system down.
Moreover, traditional timestamp server versions support certification. However, these certificates are not signed publicly. The operation is private but the signed results are reported or displayed publicly.
The fact that PKI certificates are signed in private increases the chances of manipulation involved. This adds to the system’s overall potential insecurity.
Now to know how a distributed timestamp server works:
Decentralized timestamp servers are much different from their predecessors. First, they cannot be compromised by single-point attacks. The upside to this is that multi-point attacks are difficult to implement - although not impossible.
The distributed timestamp server utilises input from several nodes/systems. Each of these nodes makes time-based records of events or activities. They then go ahead to share their timestamps with each other.
A node checks the timestamp record it receives from other nodes against its own record. If all looks good, it gives a clear signal. Every node in the server participates in this verification activity.
They must all agree about correctness and accuracy once the timestamp of the timestamp before the record is accepted.
Benefits of Distributed TimeStamp Servers Over Their Traditional Counterparts
Imagine what the benefits of a distributed timestamp server are. Well, you don’t have to struggle with it. This section provides details on the pros of a traditional timestamp server.
Privacy of data:
A distributed timestamp server separates data. It keeps timestamped sources distinct from the timestamp data. This data separation is incredibly useful in managing and securing data.
It prevents leaks and allows for efficient handling.
Lower cost:
Distributed timestamp servers decrease the cost of storing timestamp data. This is because they make use of hashes. A hash is generally easier to store than the actual information.
This functionality makes operating a decentralised serverless costly. They can be run for long periods without operators worrying about storage. Moreover, hashes ensure data integrity.
Digital signatures:
Another incredible advantage of distributed timestamp servers is digital signatures. Digital signatures work well for data with known sizes.
Attack Resilient:
Every system has its weak points and downsides. Considering this, innovation seeks to reduce the cracks.
The newer version of a timestamp server achieves exactly this.
For example, assume that one of many timestamp keys becomes compromised. The DTS can quickly respond and resolve the issue. It does this by key rotation and update - for example.
Key rotation involves having key pairs (private and public) changed regularly. This mitigates the risk of compromise and equally removes weak keys.
New key pairs created in the system are backwards compatible, allowing them to access encrypted or existing data.
Conclusion
Timestamping is a crucial innovation. It finds applications in databases, making data versioning possible. The technology is also useful for authentication. This is a key aspect of security systems.
