[502] in Intrusion Detection Systems
Re: Timestamping
daemon@ATHENA.MIT.EDU (Paul Danckaert)
Sat Jan 27 14:25:18 1996
Date: Fri, 26 Jan 1996 13:32:41 -0500 (EST)
From: Paul Danckaert <pauld@umbc.edu>
To: ids@uow.edu.au
In-Reply-To: <199601171716.RAA21255@iridium.clubi.ie>
Reply-To: ids@uow.edu.au
On Wed, 17 Jan 1996, Alex French wrote:
> This is a little off the point, but does anyone know any secure
> time-stamping systems for e-mail on a UNIX system?
There is also a service that will time-stamp email for you. The URL is:
http://www.itconsult.co.uk/stamper.htm
And here is a short description:
---------------------------------------------------------------------------
PGP Digital Timestamping Service
stamper@itconsult.co.uk
Introduction
About a year ago I was looking for an automatic digital timestamping
service which could be used
to corroborate the date at which I had signed a document with PGP. At
that point I could only find
one commercial service and that used proprietary software.
I therefore resolved to setup such a service which would be free of
charge to users. I wanted to use
PGP as the signing software and provide the service by Internet email,
which is by far the most
common form of connection to the Internet. The service will sign any text
that it receives. In
addition it provides "pgp" and "binary" modes in which it will sign any
file that it receives in PGP
ASCII armoured form.
Using The Service In Text Mode
The service operates by simply signing the body of any email message it
receives and returning the
signed document (with ASCII armour) to the sender.
It is as simple as sending an email to stamper@itconsult.co.uk and
receiving the PGP signed
version back.
Using The Service In PGP Mode
In order to use the service in this mode, the subject of the message sent
to Stamper should contain
the string "pgp" (without the quotes).
In this mode Stamper will sign any PGP document it receives. This is the
recommended usage of
the system, by sending a detached signature for what you wish to have
stamped as follows:-
pgp -sba yourfile.xyz -o yourfile.asc
and send this to Stamper. A "compound signature" will be received back
which will show both
signatures and which can be checked against yourfile.xyz.
PGP mode can also be used on any PGP file which has been ASCII armoured.
Having removed the
armour, the assumption is made that the file was prepared by PGP. If it
was not, a bad signature
may be returned.
Using The Service In Binary Mode
In order to use the service in this mode, the subject of the message sent
to Stamper should contain
the string "binary" (without the quotes).
In this mode Stamper will sign any binary file it receives. This is done
by applying ASCII armour
to the file as follows:-
pgp -a yourfile.xyz -o yourfile.asc
and sending this to Stamper.
The only difference between this and PGP mode, is that Stamper will
assume that the underlying
file has NOT been produced by PGP.
Trusting Stamper
It would be very easy for me to try and say what a reliable and
trustworthy sort of a fellow I am
and that you can naturally assume that Stamper will provide accurate
timestamps which will never
be backdated. This would not be good enough!!
Every signature made by Stamper will have a unique serial number. This
number automatically
increments by one every time a document is signed. Stamper also stamps
summaries of its own
signatures from the previous day.
Each signature will be retained by Stamper and may be inspected by
anyone. The only details
which will be disclosed will be the detached signature (not what is
returned to the user), its serial
number and the time & date it was made. Specifically the original text
received and the email
address of the sender will NOT be disclosed.
Thus the combination of the serial number being in chronological order
coupled with publishing
the signatures should provide sufficient certainty that timestamps have
not been back (or forward)
dated.
Stamper will generate two types of daily files: an updated log showing
the last signature serial
number made on each day (called SIGYYYY.TXT), and a zip file of all the
detached signatures
made on that day (called YYYYMMDD.ASC). In these cases YYYY, MM & DD
represent the components
of a date. These files may be requested from the list server
list@itconsult.co.uk by sending it a
message containing the line "GET STAMPER-FILES filename" (without the
quotes) in the
BODY of the message. Multiple files may be requested on separate lines in
the body of the same
message tolist@itconsult.co.uk.
The daily zip files will have been signed by Stamper (complete with
serial number, as normal) and
will have ASCII armour. Note that you will require zip file processing
software in order to extract
the individual signatures. Other formats may be considered if there is
sufficient demand.
In order to enhance the trustworthiness of the service, the detached
signatures of the daily zip files
will be published weekly in the Usenet group alt.security.pgp for the
week ending the previous
Saturday. They will also be sent by email to users who request this by
sending a message to
list@itconsult.co.uk with "JOIN STAMPER-ANNOUNCE" (without the quotes) in
the BODY of the
message.
These weekly messages will also be available from STAMPER-FILES named
WKYYYYMMN.TXT,
where YYYY & MM are the year and month and N is the number of the
Saturday in the month.
