Actu
Thales announces Time Stamp Server 5.0 delivering enhanced security for digitally signed documents and software
September 2009 by Marc Jacob
Thales announces version 5.0 of Thales Time Stamp Server, allowing customers to time stamp electronic records and application software with an even higher level of security and enabling the integrity of information to be validated long after its initial publication. Time Stamp Server, part of the nCipher product line, is an easily deployed and cost-effective standards-based time stamping appliance that supports a wide range of commercial document and software publishing tools such as Adobe Acrobat and Adobe LiveCycle Manager as well as Microsoft Authenticode and systems supporting Authenticode implementations.
Time Stamp Server version 5.0 includes a security update for support of 4,096 bit RSA keys. The U.S. National Institute of Standards and Technology (NIST) recommends using at least 2,048 bit RSA keys for signatures protecting data from year 2010, and 3,072 bit keys beyond year 2030.[1] With this latest version of Time Stamp Server organizations are well-prepared to meet and even exceed these recommendations. Thales Time Stamp Server customers with existing hardware can upgrade to version 5.0.
Time Stamp Server is a network-attached, turn-key appliance that combines the ability to act as a tamper-resistant source of trusted time with a high speed and equally secure digital signing engine. Together these capabilities enable organizations to sign documents or other electronic files such as application software in a standards-based way and that enables complete verification long after the original signing certificate and credentials have expired or been revoked. Unlike software-based systems, in which administrators can easily manipulate time, Time Stamp Server keeps accurate time that can be synchronized to external trusted sources and protects time stamping keys with a secure hardware-based security environment validated to FIPS 140-2 Level 3 and Common Criteria EAL 4+.
Time Stamp Server supports the Microsoft Authenticode protocol, the code signing standard for Windows platforms, allowing software developers to utilize secure digital signatures and auditable time stamping functionality as part of the software publishing process. Time Stamp Server is fundamental to an Authenticode implementation, removing the traditional reliance on the host computer’s system clock which is vulnerable to tampering.
Time Stamp Server can be tightly integrated with any deployment of Adobe Acrobat and Adobe LiveCycle Manager, enhancing the security of the native signing capabilities for Adobe PDF files and coupling this with trusted time stamps. Not only does this overcome the inherent risks associated with software-based digital signing processes but also provides an auditable and trusted record of date and time without relying on system clocks within host operating systems that can be easily abused.
Thales time stamp solutions have been deployed to solve problems as diverse as securing the digital archive of the British Library, securing the national digital infrastructure for the Royal Federation of Belgian Notaries and providing auditable proof of when a lottery ticket is purchased in order to prevent fraud. Time Stamp Server is utilized extensively to support the SAFE (Signatures and Authentication For Everyone) standard for the BioPharma industry and fully complies with the FDA’s 21 CFR Part 11 Regulation.
Time Stamp Server can provide time stamps that are highly accurate to Universal Coordinated Time (UTC). A mutually authenticated link to the Thales Time Source Master Clock calibrates the appliance with a time attestation certificate. Time Stamp Server is the world’s only secure time stamping appliance that can provide a secure and auditable chain of trust back to independent, national atomic clocks to maximize confidence and trust.
