Verifying A Timestamp
When verification is needed, the verifier uses the RSA public key for the purported interval to decrypt the timestamp token. If the original digital hash inside the token matches a hash generated on the spot, then the verifier has verified:
- The hash in the time stamp token matches the data
- The TSAs cryptographic binding
- The requestor's digital signature
These three verifications provide non-repudiable evidence of who signed the data (authentication), when it was signed (timeliness) and what data was signed (integrity). Since public keys are used to decrypt the tokens, this evidence can be provided to any third party. The American National Standard X9.95-2005 Trusted Time Stamps was developed based on RFC 3161 protocol and the ISO/IEC 18014 standards yet extends its analysis and offerings. The X9.95 standard can be applied to authenticating digitally signed data for financial transactions, regulatory compliance, and legal evidence.
Read more about this topic: ANSI ASC X9.95 Standard