#KEYMASTER: The Evolution of Timestamping: From Classical to Post-Quantum Security

In this #KEYMASTER episode, David Hook, VP of Software Engineering for Bouncy Castle, and Sven Rajala, International PKI Man of Mystery, explore the evolution of digital timestamping, how it works, why it is critical, and how it is adapting to a post-quantum cryptography (PQC) future. Starting with the fundamentals of classical timestamping using cryptographic hashes and digital signatures, David explains the standards backing timestamping (such as RFC 3161), and how trust is established.

The discussion dives into future-proofing timestamps against quantum threats by migrating from classical algorithms like RSA and ECDSA to post-quantum alternatives such as ML-DSA and SLH-DSA. David unpacks the concept of evidence records (see RFC 4998), archive timestamp chains, and the role of Merkle trees in efficiently timestamping groups of documents. He highlights strategies like timestamp renewal and hash tree renewal to ensure long-term verifiability, even as cryptographic primitives become obsolete.

Watch video on YouTube

Timestamping is more than just proving a document existed at a point in time, it is about ensuring that proof remains valid for decades to come. As we shift toward a post-quantum era, evolving timestamping protocols with mechanisms like evidence records and archive timestamps becomes essential. This conversation showcases the foresight of existing RFCs and the importance of continuing to evolve digital trust infrastructure alongside cryptographic advancements.

Learn more about the evolution of timestamping:

• Internet X.509 Public Key Infrastructure Time-Stamp Protocol (TSP), IETF: RFC 3161
• Evidence Record Syntax (ERS), IETF: RFC 4998
• Extensible Markup Language Evidence Record Syntax (XMLERS), IETF: RFC 6283