Timestamping is based on two simple steps:
In the Internet exist an unmanageable number of articles and software programs. To certify all that data a demonstrable creation date would result in monthly trains stuffed with DVDs.
By creating hash values this amount of data gets reduced to a small fraction of the original bulk, but (as long as the original file is still available somewhere in the Internet) it's existence will still be certified.
Cryptographic hash values identify an exact sequence of bytes by a much shorter value with these properties:
Cryptographic algorithms become compromised from time to time or vulnerable to brute force attacks due to faster computers. But there are plenty of different hash algorithms, that are believed to be so secure, that all existing computers on earth (this is in 2006) would need over 1.000 years to break only a single hash-value :)
Some countries have a Trusted Timestamping Authority, which can digitally sign your Hash-Values. They also include the date within their signature, so that there is evidence when they signed the value, and thus since when your hash-value existed.
Another, more conventional method is, to just print and publish the hash-value in some magazine.
No, this is not necessary. We will use the technique called 'Endless Logfile', where the hash-values of all files of today will be put into a single file, and only that file's hash-value will be published. Additionally to all hashes from today, we'll include the hash-value from the day before. So a chain of hashed files will be created. By publishing the hash value of only the latest file, ALL prior created hash-files, and thus of all hash-values, and thus of all files that originally where timestamped, will be certified to that date.
No, trust is not needed.
Everybody is able to verify the certification himself. See 'Verify a timestamp'.
The necessary steps involve:
→ if all compared hash-values are equal, than your original file evidently existed at the date when the magazine was printed
Each PTB includes the Hash-Value of its preceding PTB:
Illustration: ------------------------ ------------------------ PTB-123 PTB-124 30-SEP-2006 06:00 30-SEP-2006 07:00 ------------------------ ------------------------ PTB-122: 643254E ------> PTB-123: 1234567 file1.bz2: 79343FD | file5.bz2: 59743FF file2.bz2: 12343FD | file6.bz2: 39743F3 file3.bz2: 45743FD | file7.bz2: 79743FD file4.bz2: 39743FD | file8.bz2: 79743FI ======================== | ======================== Hash over PTB-123: | Hash over PTB-124: 1234567 >----------------- 5432176 >----> to be first entry in PTB-125 ------------------------ ------------------------
The hash-values (as here displayed as e.g. 643254E) are of course a little longer, a full view is here: Public_Timestamp#latest_PTB_for_new_publications
Let's say, we create new Hash-Files every hour, then we would have for 30-SEP-2006 ff e.g. the following HASH-FILE hashes:
PTB-123 30-SEP-2006 06:00 1234567 PTB-124 30-SEP-2006 07:00 5432176 PTB-125 30-SEP-2006 08:00 78EAD46 PTB-126 30-SEP-2006 09:00 8AEC980 ... PTB-143 01-OCT-2006 03:00 356EADE ... PTB-168 02-OCT-2006 09:00 10124CC
According to above Hash-File creation, magazines could e.g. publish like this:
Mag1 prints "PTB-123 1234567" and claims to be published on 01-OCT-2006 Mag2 prints "PTB-123 1234567" and claims to be published on 05-OCT-2006 Mag3 prints "PTB-125 78EAD46" and claims to be published on 03-OCT-2006 Mag1 prints "PTB-143 356EADE" and claims to be published on 02-OCT-2006
So what date is verified for file1.bz2, which hash was included in PTB-123:
So we see, this method is not “Timestamping trusted to one second, but trusted to few days”.